From c05b98ce0d15ac7a4a0fbe5ff5795adb4024ac6e Mon Sep 17 00:00:00 2001 From: Anthony LC Date: Thu, 30 May 2024 16:35:09 +0200 Subject: [PATCH] =?UTF-8?q?=F0=9F=94=A7(helm)=20create=20ingress=5Fws?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit The ingress was the same for the frontend, the backend and the websocket, but the websocket needs to be handled differently, so we created a new ingress specifically for the websocket. --- src/helm/env.d/dev/values.impress.yaml.gotmpl | 4 ++ .../env.d/preprod/values.impress.yaml.gotmpl | 7 ++ .../production/values.impress.yaml.gotmpl | 7 ++ .../env.d/staging/values.impress.yaml.gotmpl | 7 ++ src/helm/impress/templates/ingress.yaml | 18 ----- src/helm/impress/templates/ingress_ws.yaml | 72 +++++++++++++++++++ src/helm/impress/values.yaml | 23 ++++++ 7 files changed, 120 insertions(+), 18 deletions(-) create mode 100644 src/helm/impress/templates/ingress_ws.yaml diff --git a/src/helm/env.d/dev/values.impress.yaml.gotmpl b/src/helm/env.d/dev/values.impress.yaml.gotmpl index 9fda563e..a80f6908 100644 --- a/src/helm/env.d/dev/values.impress.yaml.gotmpl +++ b/src/helm/env.d/dev/values.impress.yaml.gotmpl @@ -97,6 +97,10 @@ ingress: enabled: true host: impress.127.0.0.1.nip.io +ingressWS: + enabled: true + host: impress.127.0.0.1.nip.io + ingressAdmin: enabled: true host: impress.127.0.0.1.nip.io diff --git a/src/helm/env.d/preprod/values.impress.yaml.gotmpl b/src/helm/env.d/preprod/values.impress.yaml.gotmpl index 59374322..2cc51acc 100644 --- a/src/helm/env.d/preprod/values.impress.yaml.gotmpl +++ b/src/helm/env.d/preprod/values.impress.yaml.gotmpl @@ -130,6 +130,13 @@ ingress: annotations: cert-manager.io/cluster-issuer: letsencrypt-prod +ingressWS: + enabled: true + host: impress-preprod.beta.numerique.gouv.fr + className: nginx + annotations: + cert-manager.io/cluster-issuer: letsencrypt-prod + ingressAdmin: enabled: true host: impress-preprod.beta.numerique.gouv.fr diff --git a/src/helm/env.d/production/values.impress.yaml.gotmpl b/src/helm/env.d/production/values.impress.yaml.gotmpl index e03a9f95..54aa1e3b 100644 --- a/src/helm/env.d/production/values.impress.yaml.gotmpl +++ b/src/helm/env.d/production/values.impress.yaml.gotmpl @@ -130,6 +130,13 @@ ingress: annotations: cert-manager.io/cluster-issuer: letsencrypt +ingressWS: + enabled: true + host: docs.numerique.gouv.fr + className: nginx + annotations: + cert-manager.io/cluster-issuer: letsencrypt + ingressAdmin: enabled: true host: docs.numerique.gouv.fr diff --git a/src/helm/env.d/staging/values.impress.yaml.gotmpl b/src/helm/env.d/staging/values.impress.yaml.gotmpl index 4773963f..e3cc75a5 100644 --- a/src/helm/env.d/staging/values.impress.yaml.gotmpl +++ b/src/helm/env.d/staging/values.impress.yaml.gotmpl @@ -130,6 +130,13 @@ ingress: annotations: cert-manager.io/cluster-issuer: letsencrypt-prod +ingressWS: + enabled: true + host: impress-staging.beta.numerique.gouv.fr + className: nginx + annotations: + cert-manager.io/cluster-issuer: letsencrypt-prod + ingressAdmin: enabled: true host: impress-staging.beta.numerique.gouv.fr diff --git a/src/helm/impress/templates/ingress.yaml b/src/helm/impress/templates/ingress.yaml index 2385e772..aecc5977 100644 --- a/src/helm/impress/templates/ingress.yaml +++ b/src/helm/impress/templates/ingress.yaml @@ -46,24 +46,6 @@ spec: - host: {{ .Values.ingress.host | quote }} http: paths: - - path: /ws - {{- if semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion }} - pathType: ImplementationSpecific - {{- end }} - backend: - service: - name: {{ include "impress.webrtc.fullname" . }} - port: - number: {{ .Values.webrtc.service.port }} - {{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }} - service: - name: {{ include "impress.webrtc.fullname" . }} - port: - number: {{ .Values.webrtc.service.port }} - {{- else }} - serviceName: {{ include "impress.webrtc.fullname" . }} - servicePort: {{ .Values.webrtc.service.port }} - {{- end }} - path: {{ .Values.ingress.path | quote }} {{- if semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion }} pathType: Prefix diff --git a/src/helm/impress/templates/ingress_ws.yaml b/src/helm/impress/templates/ingress_ws.yaml new file mode 100644 index 00000000..138efbc6 --- /dev/null +++ b/src/helm/impress/templates/ingress_ws.yaml @@ -0,0 +1,72 @@ +{{- if .Values.ingressWS.enabled -}} +{{- $fullName := include "impress.fullname" . -}} +{{- if and .Values.ingressWS.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }} + {{- if not (hasKey .Values.ingressWS.annotations "kubernetes.io/ingress.class") }} + {{- $_ := set .Values.ingressWS.annotations "kubernetes.io/ingress.class" .Values.ingressWS.className}} + {{- end }} +{{- end }} +{{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1 +{{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1beta1 +{{- else -}} +apiVersion: extensions/v1beta1 +{{- end }} +kind: Ingress +metadata: + name: {{ $fullName }}-ws + namespace: {{ .Release.Namespace | quote }} + labels: + {{- include "impress.labels" . | nindent 4 }} + {{- with .Values.ingressWS.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + {{- if and .Values.ingressWS.className (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion) }} + ingressClassName: {{ .Values.ingressWS.className }} + {{- end }} + {{- if .Values.ingressWS.tls.enabled }} + tls: + {{- if .Values.ingressWS.host }} + - secretName: {{ $fullName }}-tls + hosts: + - {{ .Values.ingressWS.host | quote }} + {{- end }} + {{- range .Values.ingressWS.tls.additional }} + - hosts: + {{- range .hosts }} + - {{ . | quote }} + {{- end }} + secretName: {{ .secretName }} + {{- end }} + {{- end }} + rules: + {{- if .Values.ingressWS.host }} + - host: {{ .Values.ingressWS.host | quote }} + http: + paths: + - path: {{ .Values.ingressWS.path | quote }} + {{- if semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion }} + pathType: ImplementationSpecific + {{- end }} + backend: + service: + name: {{ include "impress.webrtc.fullname" . }} + port: + number: {{ .Values.webrtc.service.port }} + {{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }} + service: + name: {{ include "impress.webrtc.fullname" . }} + port: + number: {{ .Values.webrtc.service.port }} + {{- else }} + serviceName: {{ include "impress.webrtc.fullname" . }} + servicePort: {{ .Values.webrtc.service.port }} + {{- end }} + {{- with .Values.ingressWS.customBackends }} + {{- toYaml . | nindent 10 }} + {{- end }} + {{- end }} +{{- end }} + diff --git a/src/helm/impress/values.yaml b/src/helm/impress/values.yaml index 458d76a4..60dbbcce 100644 --- a/src/helm/impress/values.yaml +++ b/src/helm/impress/values.yaml @@ -48,6 +48,29 @@ ingress: ## @param ingress.customBackends Add custom backends to ingress customBackends: [] +## @param ingressWS.enabled whether to enable the Ingress or not +## @param ingressWS.className IngressClass to use for the Ingress +## @param ingressWS.host Host for the Ingress +## @param ingressWS.path Path to use for the Ingress +ingressWS: + enabled: false + className: null + host: impress.example.com + path: /ws + ## @param ingress.hosts Additional host to configure for the Ingress + hosts: [] + # - chart-example.local + ## @param ingressWS.tls.enabled Weather to enable TLS for the Ingress + ## @skip ingressWS.tls.additional + ## @extra ingressWS.tls.additional[].secretName Secret name for additional TLS config + ## @extra ingressWS.tls.additional[].hosts[] Hosts for additional TLS config + tls: + enabled: true + additional: [] + + ## @param ingressWS.customBackends Add custom backends to ingress + customBackends: [] + annotations: nginx.ingress.kubernetes.io/enable-websocket: "true" nginx.ingress.kubernetes.io/upstream-hash-by: "$request_uri"