Configure Ingress

The StackState Helm chart exposes an ingress section in its values. By default ingress is disabled.

We give an example here for how to configure an nginx-ingress controller with TLS encryption enabled. Setting up the controller itself and the certificates is beyond the scope of this document.

To configure the ingress for StackState create a file ingress_values.yaml with contents like below, however replace MY_DOMAIN with your own domain (that is linked with your ingress controller) and set the correct name for the tls-secret. Please consult the documentation of your ingress controller carefully and ensure the correct annotations are set. All of the fields below are optional, for example if no TLS is going to be used that section can be omitted.

enabled: true
annotations: "50m"
- host: stackstate.MY_DOMAIN
- hosts:
- stackstate.MY_DOMAIN
secretName: tls-secret

The one thing standing out in this file is the nginx annotation to increase the allowed proxy-body-size to 50m (larger than any expected request). By default Nginx allows only body sizes of maximum 1m. StackState agents and other data providers can sometimes send much larger requests. Therefore regardless if you're using Nginx or another ingress controller you want make sure that the allowed body size is large enough.

Now include this ingress_values.yaml file when running the helm command to deploy StackState:

helm upgrade \
--install \
--namespace "stackstate" \
--values "ingress_values.yaml" \
--values "values.yaml" \
stackstate \