Add extra DNS names to Ingress (helm-toolkit 0.1.1)
The existing helm-toolkit function "helm-toolkit.manifests.ingress" will create namespace-fqdn and cluster-fqdn Ingress objects when the host_fqdn_override parameter is used, but only for a single hostname. This change allows additional FQDNs to be associated with the same Ingress, including the names defined in the list: endpoints.$service.host_fqdn_override.$endpoint.tls.dnsNames For example: endpoints: grafana: host_fqdn_override: public: host: grafana.openstackhelm.example tls: dnsNames: - grafana-alt.openstackhelm.example Will produce the following: spec: tls: - secretName: grafana-tls-public hosts: - grafana.openstackhelm.example - grafana-alt.openstackhelm.example rules: - host: grafana.openstackhelm.example http: # ... - host: grafana-alt.openstackhelm.example http: # ... Change-Id: I9b068f10d25923bf61220112da98d6fbfdf7ef8a
This commit is contained in:
parent
1532958c80
commit
f7ed96c701
@ -15,7 +15,7 @@ apiVersion: v1
|
|||||||
appVersion: v1.0.0
|
appVersion: v1.0.0
|
||||||
description: OpenStack-Helm Helm-Toolkit
|
description: OpenStack-Helm Helm-Toolkit
|
||||||
name: helm-toolkit
|
name: helm-toolkit
|
||||||
version: 0.1.0
|
version: 0.1.1
|
||||||
home: https://docs.openstack.org/openstack-helm
|
home: https://docs.openstack.org/openstack-helm
|
||||||
icon: https://www.openstack.org/themes/openstack/images/project-mascots/OpenStack-Helm/OpenStack_Project_OpenStackHelm_vertical.png
|
icon: https://www.openstack.org/themes/openstack/images/project-mascots/OpenStack-Helm/OpenStack_Project_OpenStackHelm_vertical.png
|
||||||
sources:
|
sources:
|
||||||
|
@ -310,6 +310,134 @@ examples:
|
|||||||
backend:
|
backend:
|
||||||
serviceName: barbican-api
|
serviceName: barbican-api
|
||||||
servicePort: b-api
|
servicePort: b-api
|
||||||
|
# Sample usage for multiple DNS names associated with the same public
|
||||||
|
# endpoint and certificate
|
||||||
|
- values: |
|
||||||
|
endpoints:
|
||||||
|
cluster_domain_suffix: cluster.local
|
||||||
|
grafana:
|
||||||
|
name: grafana
|
||||||
|
hosts:
|
||||||
|
default: grafana-dashboard
|
||||||
|
public: grafana
|
||||||
|
host_fqdn_override:
|
||||||
|
public:
|
||||||
|
host: grafana.openstackhelm.example
|
||||||
|
tls:
|
||||||
|
dnsNames:
|
||||||
|
- grafana-alt.openstackhelm.example
|
||||||
|
crt: "BASE64 ENCODED CERT"
|
||||||
|
key: "BASE64 ENCODED KEY"
|
||||||
|
network:
|
||||||
|
grafana:
|
||||||
|
ingress:
|
||||||
|
classes:
|
||||||
|
namespace: "nginx"
|
||||||
|
cluster: "nginx-cluster"
|
||||||
|
annotations:
|
||||||
|
nginx.ingress.kubernetes.io/rewrite-target: /
|
||||||
|
secrets:
|
||||||
|
tls:
|
||||||
|
grafana:
|
||||||
|
grafana:
|
||||||
|
public: grafana-tls-public
|
||||||
|
usage: |
|
||||||
|
{{- $ingressOpts := dict "envAll" . "backendService" "grafana" "backendServiceType" "grafana" "backendPort" "dashboard" -}}
|
||||||
|
{{ $ingressOpts | include "helm-toolkit.manifests.ingress" }}
|
||||||
|
return: |
|
||||||
|
---
|
||||||
|
apiVersion: extensions/v1beta1
|
||||||
|
kind: Ingress
|
||||||
|
metadata:
|
||||||
|
name: grafana
|
||||||
|
annotations:
|
||||||
|
kubernetes.io/ingress.class: "nginx"
|
||||||
|
nginx.ingress.kubernetes.io/rewrite-target: /
|
||||||
|
|
||||||
|
spec:
|
||||||
|
rules:
|
||||||
|
- host: grafana
|
||||||
|
http:
|
||||||
|
paths:
|
||||||
|
- path: /
|
||||||
|
backend:
|
||||||
|
serviceName: grafana-dashboard
|
||||||
|
servicePort: dashboard
|
||||||
|
- host: grafana.default
|
||||||
|
http:
|
||||||
|
paths:
|
||||||
|
- path: /
|
||||||
|
backend:
|
||||||
|
serviceName: grafana-dashboard
|
||||||
|
servicePort: dashboard
|
||||||
|
- host: grafana.default.svc.cluster.local
|
||||||
|
http:
|
||||||
|
paths:
|
||||||
|
- path: /
|
||||||
|
backend:
|
||||||
|
serviceName: grafana-dashboard
|
||||||
|
servicePort: dashboard
|
||||||
|
---
|
||||||
|
apiVersion: extensions/v1beta1
|
||||||
|
kind: Ingress
|
||||||
|
metadata:
|
||||||
|
name: grafana-namespace-fqdn
|
||||||
|
annotations:
|
||||||
|
kubernetes.io/ingress.class: "nginx"
|
||||||
|
nginx.ingress.kubernetes.io/rewrite-target: /
|
||||||
|
|
||||||
|
spec:
|
||||||
|
tls:
|
||||||
|
- secretName: grafana-tls-public
|
||||||
|
hosts:
|
||||||
|
- grafana.openstackhelm.example
|
||||||
|
- grafana-alt.openstackhelm.example
|
||||||
|
rules:
|
||||||
|
- host: grafana.openstackhelm.example
|
||||||
|
http:
|
||||||
|
paths:
|
||||||
|
- path: /
|
||||||
|
backend:
|
||||||
|
serviceName: grafana-dashboard
|
||||||
|
servicePort: dashboard
|
||||||
|
- host: grafana-alt.openstackhelm.example
|
||||||
|
http:
|
||||||
|
paths:
|
||||||
|
- path: /
|
||||||
|
backend:
|
||||||
|
serviceName: grafana-dashboard
|
||||||
|
servicePort: dashboard
|
||||||
|
---
|
||||||
|
apiVersion: extensions/v1beta1
|
||||||
|
kind: Ingress
|
||||||
|
metadata:
|
||||||
|
name: grafana-cluster-fqdn
|
||||||
|
annotations:
|
||||||
|
kubernetes.io/ingress.class: "nginx-cluster"
|
||||||
|
nginx.ingress.kubernetes.io/rewrite-target: /
|
||||||
|
|
||||||
|
spec:
|
||||||
|
tls:
|
||||||
|
- secretName: grafana-tls-public
|
||||||
|
hosts:
|
||||||
|
- grafana.openstackhelm.example
|
||||||
|
- grafana-alt.openstackhelm.example
|
||||||
|
rules:
|
||||||
|
- host: grafana.openstackhelm.example
|
||||||
|
http:
|
||||||
|
paths:
|
||||||
|
- path: /
|
||||||
|
backend:
|
||||||
|
serviceName: grafana-dashboard
|
||||||
|
servicePort: dashboard
|
||||||
|
- host: grafana-alt.openstackhelm.example
|
||||||
|
http:
|
||||||
|
paths:
|
||||||
|
- path: /
|
||||||
|
backend:
|
||||||
|
serviceName: grafana-dashboard
|
||||||
|
servicePort: dashboard
|
||||||
|
|
||||||
*/}}
|
*/}}
|
||||||
|
|
||||||
{{- define "helm-toolkit.manifests.ingress._host_rules" -}}
|
{{- define "helm-toolkit.manifests.ingress._host_rules" -}}
|
||||||
@ -384,7 +512,7 @@ spec:
|
|||||||
{{- end }}
|
{{- end }}
|
||||||
{{- if not ( hasSuffix ( printf ".%s.svc.%s" $envAll.Release.Namespace $envAll.Values.endpoints.cluster_domain_suffix) $hostNameFull) }}
|
{{- if not ( hasSuffix ( printf ".%s.svc.%s" $envAll.Release.Namespace $envAll.Values.endpoints.cluster_domain_suffix) $hostNameFull) }}
|
||||||
{{- range $key2, $ingressController := tuple "namespace" "cluster" }}
|
{{- range $key2, $ingressController := tuple "namespace" "cluster" }}
|
||||||
{{- $hostNameFullRules := dict "vHost" $hostNameFull "backendName" $backendName "backendPort" $backendPort }}
|
{{- $vHosts := list $hostNameFull }}
|
||||||
---
|
---
|
||||||
apiVersion: extensions/v1beta1
|
apiVersion: extensions/v1beta1
|
||||||
kind: Ingress
|
kind: Ingress
|
||||||
@ -399,19 +527,27 @@ spec:
|
|||||||
{{- $endpointHost := index $host $endpoint }}
|
{{- $endpointHost := index $host $endpoint }}
|
||||||
{{- if kindIs "map" $endpointHost }}
|
{{- if kindIs "map" $endpointHost }}
|
||||||
{{- if hasKey $endpointHost "tls" }}
|
{{- if hasKey $endpointHost "tls" }}
|
||||||
|
{{- range $v := without (index $endpointHost.tls "dnsNames" | default list) $hostNameFull }}
|
||||||
|
{{- $vHosts = append $vHosts $v }}
|
||||||
|
{{- end }}
|
||||||
{{- if and ( not ( empty $endpointHost.tls.key ) ) ( not ( empty $endpointHost.tls.crt ) ) }}
|
{{- if and ( not ( empty $endpointHost.tls.key ) ) ( not ( empty $endpointHost.tls.crt ) ) }}
|
||||||
{{- $secretName := index $envAll.Values.secrets "tls" ( $backendServiceType | replace "-" "_" ) $backendService $endpoint }}
|
{{- $secretName := index $envAll.Values.secrets "tls" ( $backendServiceType | replace "-" "_" ) $backendService $endpoint }}
|
||||||
{{- $_ := required "You need to specify a secret in your values for the endpoint" $secretName }}
|
{{- $_ := required "You need to specify a secret in your values for the endpoint" $secretName }}
|
||||||
tls:
|
tls:
|
||||||
- secretName: {{ $secretName }}
|
- secretName: {{ $secretName }}
|
||||||
hosts:
|
hosts:
|
||||||
- {{ index $hostNameFullRules "vHost" }}
|
{{- range $vHost := $vHosts }}
|
||||||
|
- {{ $vHost }}
|
||||||
|
{{- end }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
rules:
|
rules:
|
||||||
|
{{- range $vHost := $vHosts }}
|
||||||
|
{{- $hostNameFullRules := dict "vHost" $vHost "backendName" $backendName "backendPort" $backendPort }}
|
||||||
{{ $hostNameFullRules | include "helm-toolkit.manifests.ingress._host_rules" | indent 4 }}
|
{{ $hostNameFullRules | include "helm-toolkit.manifests.ingress._host_rules" | indent 4 }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
|
{{- end }}
|
||||||
|
Loading…
Reference in New Issue
Block a user