studio/meet
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

♻️(helm) separate PostHog ingress

Browse Source 
Based on feedback from @rouja, I've updated the Helm configuration for PostHog
to use separate ingress resources for each service. Although the documentation
suggests sharing the same ingress, the services have different externalName
values, which conflicts with the use of a vhost in the ingress annotations.
This change ensures proper service redirection by aligning each service with
its own ingress.
This commit is contained in:
lebaudantoine
2024-09-25 10:28:14 +02:00
committed by aleb_the_flash
parent b5244a5ec0
commit e4c7bc0826
7 changed files with 120 additions and 30 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
src/helm/env.d/dev/values.meet.yaml.gotmpl
View File

@@ -102,3 +102,6 @@ posthog:
ingress:
enabled: false
ingressAssets:
enabled: false

8
src/helm/env.d/production/values.meet.yaml.gotmpl
View File

@@ -138,3 +138,11 @@ posthog:
kubernetes.io/ingress.class: nginx
nginx.ingress.kubernetes.io/upstream-vhost: eu.i.posthog.com
nginx.ingress.kubernetes.io/backend-protocol: https
ingressAssets:
enabled: true
host: product.visio.numerique.gouv.fr
annotations:
kubernetes.io/ingress.class: nginx
nginx.ingress.kubernetes.io/upstream-vhost: eu-assets.i.posthog.com
nginx.ingress.kubernetes.io/backend-protocol: https

8
src/helm/env.d/staging/values.meet.yaml.gotmpl
View File

@@ -148,3 +148,11 @@ posthog:
kubernetes.io/ingress.class: nginx
nginx.ingress.kubernetes.io/upstream-vhost: eu.i.posthog.com
nginx.ingress.kubernetes.io/backend-protocol: https
ingressAssets:
enabled: true
host: product.visio-staging.beta.numerique.gouv.fr
annotations:
kubernetes.io/ingress.class: nginx
nginx.ingress.kubernetes.io/upstream-vhost: eu-assets.i.posthog.com
nginx.ingress.kubernetes.io/backend-protocol: https

28
src/helm/meet/templates/ingress_posthog.yaml
View File

@@ -60,20 +60,6 @@ spec:
serviceName: {{ include "meet.posthog.fullname" . }}-proxy
servicePort: {{ .Values.posthog.service.port }}
{{- end }}
- path: {{ .Values.posthog.ingress.pathAssets }}
{{- if semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion }}
pathType: Prefix
{{- end }}
backend:
{{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }}
service:
name: {{ include "meet.posthog.fullname" . }}-assets-proxy
port:
number: {{ .Values.posthog.assetsService.port }}
{{- else }}
serviceName: {{ include "meet.posthog.fullname" . }}
servicePort: {{ .Values.posthog.assetsService.port }}
{{- end }}
{{- end }}
{{- range .Values.posthog.ingress.hosts }}
- host: {{ . | quote }}
@@ -93,20 +79,6 @@ spec:
serviceName: {{ include "meet.posthog.fullname" . }}-proxy
servicePort: {{ $.Values.posthog.service.port }}
{{- end }}
- path: {{ .Values.posthog.ingress.pathAssets }}
{{- if semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion }}
pathType: Prefix
{{- end }}
backend:
{{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }}
service:
name: {{ include "meet.posthog.fullname" . }}-assets-proxy
port:
number: {{ $.Values.posthog.assetsService.service.port }}
{{- else }}
serviceName: {{ include "meet.posthog.fullname" . }}-assets-proxy
servicePort: {{ $.Values.posthog.assetsService.service.port }}
{{- end }}
{{- with $.Values.posthog.assetsService.customBackends }}
{{- toYaml . | nindent 10 }}
{{- end }}

87
src/helm/meet/templates/ingress_posthog_assets.yaml Normal file
View File

@@ -0,0 +1,87 @@
{{- if .Values.posthog.ingressAssets.enabled -}}
{{- $fullName := include "meet.fullname" . -}}
{{- if and .Values.posthog.ingressAssets.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }}
{{- if not (hasKey .Values.posthog.ingressAssets.annotations "kubernetes.io/ingress.class") }}
{{- $_ := set .Values.posthog.ingressAssets.annotations "kubernetes.io/ingress.class" .Values.posthog.ingressAssets.className}}
{{- end }}
{{- end }}
{{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion -}}
apiVersion: networking.k8s.io/v1
{{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}}
apiVersion: networking.k8s.io/v1beta1
{{- else -}}
apiVersion: extensions/v1beta1
{{- end }}
kind: Ingress
metadata:
name: {{ $fullName }}-posthog-assets
namespace: {{ .Release.Namespace | quote }}
labels:
{{- include "meet.labels" . | nindent 4 }}
{{- with .Values.posthog.ingressAssets.annotations }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
spec:
{{- if and .Values.posthog.ingressAssets.className (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion) }}
ingressClassName: {{ .Values.posthog.ingressAssets.className }}
{{- end }}
{{- if .Values.posthog.ingressAssets.tls.enabled }}
tls:
{{- if .Values.posthog.ingressAssets.host }}
- secretName: {{ $fullName }}-posthog-tls
hosts:
- {{ .Values.posthog.ingressAssets.host | quote }}
{{- end }}
{{- range .Values.posthog.ingressAssets.tls.additional }}
- hosts:
{{- range .hosts }}
- {{ . | quote }}
{{- end }}
secretName: {{ .secretName }}
{{- end }}
{{- end }}
rules:
{{- if .Values.posthog.ingressAssets.host }}
- host: {{ .Values.posthog.ingressAssets.host | quote }}
http:
paths:
- path: {{ .Values.posthog.ingressAssets.path }}
{{- if semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion }}
pathType: Prefix
{{- end }}
backend:
{{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }}
service:
name: {{ include "meet.posthog.fullname" . }}-assets-proxy
port:
number: {{ .Values.posthog.assetsService.port }}
{{- else }}
serviceName: {{ include "meet.posthog.fullname" . }}
servicePort: {{ .Values.posthog.assetsService.port }}
{{- end }}
{{- end }}
{{- range .Values.posthog.ingressAssets.hosts }}
- host: {{ . | quote }}
http:
paths:
- path: {{ $.Values.posthog.ingressAssets.path | quote }}
{{- if semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion }}
pathType: Prefix
{{- end }}
backend:
{{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }}
service:
name: {{ include "meet.posthog.fullname" . }}-assets-proxy
port:
number: {{ $.Values.posthog.assetsService.service.port }}
{{- else }}
serviceName: {{ include "meet.posthog.fullname" . }}-assets-proxy
servicePort: {{ $.Values.posthog.assetsService.service.port }}
{{- end }}
{{- with $.Values.posthog.assetsService.customBackends }}
{{- toYaml . | nindent 10 }}
{{- end }}
{{- end }}
{{- end }}

2
src/helm/meet/templates/posthog_assets_svc.yaml
View File

@@ -1,4 +1,4 @@
{{- if .Values.posthog.ingress.enabled -}}
{{- if .Values.posthog.ingressAssets.enabled -}}
{{- $envVars := include "meet.common.env" (list . .Values.posthog) -}}
{{- $fullName := include "meet.posthog.fullname" . -}}
{{- $component := "posthog" -}}

14
src/helm/meet/values.yaml
View File

@@ -273,7 +273,19 @@ posthog:
className: null
host: meet.example.com
path: /
pathAssets: /static
hosts: [ ]
tls:
enabled: true
additional: [ ]
customBackends: [ ]
annotations: {}
ingressAssets:
enabled: false
className: null
host: meet.example.com
path: /static
hosts: [ ]
tls:
enabled: true