Ingress — Trino
The chart exposes trino.ingress. By default the Ingress is disabled (trino.ingress.enabled: false). With LDAP enabled, Trino uses HTTPS on port 8443; the Ingress must forward TLS in a way that is compatible with the controller (often TLS passthrough on NGINX).
Prerequisites
- An Ingress Controller installed (e.g., NGINX).
HTTP (LDAP disabled)
trino:
ingress:
enabled: true
ingressClassName: nginx
annotations: {}
hosts:
- host: trino.<your-domain>
paths:
- path: /
pathType: Prefix
tls: []
HTTPS with LDAP (NGINX passthrough example)
trino:
ingress:
enabled: true
ingressClassName: nginx
annotations:
nginx.ingress.kubernetes.io/ssl-passthrough: "true"
hosts:
- host: trino.<your-domain>
paths:
- path: /
pathType: Prefix
tls:
- hosts:
- trino.<your-domain>
secretName: <tls-secret-name>
Access after configuration
| Mode | Note |
|---|---|
| HTTP | Traffic on the service port (usually 8080) behind the Ingress, as mapped by the controller |
| HTTPS + LDAP | Trino listens on 8443; the client and Ingress must reflect this (passthrough or reencrypt, depending on design) |
Troubleshooting
| Issue | Likely cause | What to check |
|---|---|---|
| Ingress not created | trino.ingress.enabled | true in the values file |
| 502 / TLS with LDAP | No passthrough or wrong backend | Annotations and the service/backend port |
For additional fields of the Ingress object, run helm show values on the version of the tdp-trino chart you installed.