mini-mirror: Add ingress

Currently, services rely on an in-cluster service address in order to
interact with mini-mirror. This change introduces support for cluster
ingress so services or nodes may resolve mini-mirror from outside a
cluster.

Change-Id: I5cc451de3f3e1be7d046bf9ca50b1ad53682d01b
This commit is contained in:
Drew Walters 2019-02-11 22:35:52 +00:00
parent 5fa68b90df
commit ad468883c6
6 changed files with 92 additions and 6 deletions

View File

@ -40,8 +40,8 @@ spec:
- name: mini-mirror-api
{{ tuple $envAll "mini-mirror" | include "helm-toolkit.snippets.image" | indent 10 }}
ports:
- name: http
containerPort: {{ tuple "api" "port" "http" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
- name: api
containerPort: {{ tuple "api" "port" "api" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
{{ if .Values.network.api.node_port.enabled }}
nodePort: {{ .Values.network.api.node_port.port }}
{{ end }}

View File

@ -0,0 +1,21 @@
{{/*
Copyright 2017 The Openstack-Helm Authors.
Copyright 2019, AT&T Intellectual Property
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- if and .Values.manifests.ingress .Values.network.api.ingress.public }}
{{- $ingressOpts := dict "envAll" . "backendServiceType" "api" "backendPort" "api" -}}
{{ $ingressOpts | include "helm-toolkit.manifests.ingress" }}
{{- end }}

View File

@ -0,0 +1,21 @@
{{/*
Copyright 2017-2018 The Openstack-Helm Authors.
Copyright 2019, AT&T Intellectual Property
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- if .Values.manifests.secret_ingress_tls }}
{{- include "helm-toolkit.manifests.secret_ingress_tls" ( dict "envAll" . "backendServiceType" "api" ) }}
{{- end }}

View File

@ -0,0 +1,21 @@
{{/*
Copyright 2017 The Openstack-Helm Authors.
Copyright 2019, AT&T Intellectual Property
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- if and .Values.manifests.service_ingress .Values.network.api.ingress.public }}
{{- $serviceIngressOpts := dict "envAll" . "backendServiceType" "api" -}}
{{ $serviceIngressOpts | include "helm-toolkit.manifests.service_ingress" }}
{{- end }}

View File

@ -20,14 +20,14 @@ limitations under the License.
apiVersion: v1
kind: Service
metadata:
name: {{ tuple "api" "public" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
name: {{ tuple "api" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
spec:
ports:
- name: http
- name: api
{{ if .Values.network.api.node_port.enabled }}
nodePort: {{ .Values.network.api.node_port.port }}
{{ end }}
port: {{ .Values.endpoints.api.port.http.public }}
port: {{ tuple "api" "internal" "api" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
protocol: TCP
targetPort: 80
selector:

View File

@ -110,12 +110,19 @@ endpoints:
public: mini-mirror
host_fqdn_override:
default: null
# NOTE(drewwalters96): this chart supports TLS for fqdn over-ridden
# public endpoints using the following format:
# public:
# host: null
# tls:
# crt: null
# key: null
path:
default: /
scheme:
default: http
port:
http:
api:
default: 8888
public: 80
@ -125,13 +132,29 @@ network:
node_port:
enabled: false
port: 8888
ingress:
public: true
classes:
namespace: "nginx"
cluster: "nginx-cluster"
annotations:
nginx.ingress.kubernetes.io/rewrite-target: /
secrets:
tls:
api:
api:
public: mini-mirror-tls-public
manifests:
configmap_bin: true
configmap_etc: true
deployment_mini_mirror: true
helm_test: true
ingress: true
job_image_repo_sync: true
secret_ingress_tls: true
service_ingress: true
service_mini_mirror: true
conf: