Setup Postgres Database
Database Setup
Configure the values.yml
Deploy the Gateway
Access it
hoopdev
). Issue the command below:
values.yaml
file.
In the example below a default agent is deployed as a sidecar container.
private
to create the tables of the system.
The command below creates a database and a user with privileges to access the database and the required schema.
POSTGRES_DB_URI=postgres://hoopuser:<passwd>@<db-host>:5432/hoopdb
?sslmode=disable
option in the Postgres connection string in case your database setup doesn’t support TLS.values.yaml (minimal)
values.yaml (full)
config.HOOP_KEY
configuration. This requires creating a key in a DSN format in the API. To use legacy options, use the Helm chart version 1.21.4.deployment.yaml
deployment.yaml
values.yaml (full base configuration)
Deploy the AWS Load Balancer Controller
Ingress Configuration
mainService.annotations
attribute allows adding an annotation mapping. GCP for instance configure aspects of how to configure the load balancer based on this configurationmainService.httpBackendConfig
: It creates the hoopgateway-http
Backend Config resource when this attribute is set. It could be referenced using the annotation beta.cloud.google.com/backend-config
healthCheckType
: The protocol used by probe systems for health checking. The BackendConfig only supports creating health checks using the HTTP, HTTPS, or HTTP2timeoutSec
: The amount of time in seconds that Google Cloud waits for a response to a probe.mainService.grpcBackendConfig
: It creates the hoopgateway-grpc
Backend Config resource when this attribute is set. It could be referenced using the annotation beta.cloud.google.com/backend-config
healthCheckType
: The protocol used by probe systems for health checking. The BackendConfig only supports creating health checks using the HTTP, HTTPS, or HTTP2timeoutSec
: The amount of time in seconds that Google Cloud waits for a response to a probe.image
attribute section.
grpcHost
allows configuring the host to connect when starting the agent.
In case the gateway has TLS configured (TLS_CA
env set), the host must match the certificate SAN.dataMasking
section in your values.yaml
file.
It will deploy the Microsoft Presidio on the same namespace as the Hoop Gateway.
dataMasking
attribute is enabled, it takes control over the following configurations:disktype: ssd
. This means that the pod will get scheduled on a node that has a disktype=ssd
label.
See this documentation for more information.
values.yaml
presidio-analyzer
- The analyzer service that detects PII data in text.presidio-anonymizer
- The anonymizer service that masks PII data in textdisktype: ssd
. This means that the pod will get scheduled on a node that has a disktype=ssd
label.
See this documentation for more information.