From 5cc14f318dd504efff50c978ddd5b5456bb0ba1a Mon Sep 17 00:00:00 2001 From: Pierre Tessier Date: Wed, 3 Nov 2021 11:11:56 -0400 Subject: [PATCH] add stable ingress support (#65) --- charts/secure-tenancy/Chart.yaml | 10 +++-- charts/secure-tenancy/README.md | 14 +++++-- .../templates/ingress-beta.yaml | 41 +++++++++++++++++++ charts/secure-tenancy/templates/ingress.yaml | 18 ++++---- 4 files changed, 66 insertions(+), 17 deletions(-) create mode 100644 charts/secure-tenancy/templates/ingress-beta.yaml diff --git a/charts/secure-tenancy/Chart.yaml b/charts/secure-tenancy/Chart.yaml index fc40e71b..903e68d8 100644 --- a/charts/secure-tenancy/Chart.yaml +++ b/charts/secure-tenancy/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v2 name: secure-tenancy description: Honeycomb Secure Tenancy -version: 0.1.4 -appVersion: 1.9.1 +version: 1.0.0 +appVersion: 1.10.1 keywords: - observability - security @@ -17,5 +17,7 @@ icon: https://www.honeycomb.io/wp-content/themes/honeycomb/assets/img/logo.svg maintainers: - name: puckpuck email: pierre@honeycomb.io - - name: nathanleclaire - email: nathan@honeycomb.io + - name: kentquirk + email: kentquirk@honeycomb.io + - name: reulan + email: michaelsimo@honeycomb.io diff --git a/charts/secure-tenancy/README.md b/charts/secure-tenancy/README.md index 9ab3b7dc..76c0b137 100644 --- a/charts/secure-tenancy/README.md +++ b/charts/secure-tenancy/README.md @@ -107,8 +107,8 @@ The following table lists the configurable parameters of the Honeycomb chart, an | `service.annotations` | Service annotations | `{}` | | `ingress.enabled` | Enable ingress controller resource | `false` | | `ingress.annotations` | Ingress annotations | `{}` | -| `ingress.hosts[0].name` | Hostname to your Secure Tenancy installation | `secure-tenancy.local` | -| `ingress.hosts[0].paths` | Path within the url structure | `[]` | +| `ingress.hosts[0].host` | Hostname to use for ingress | `secure-tenancy.local` | +| `ingress.hosts[0].paths` | Array of path prefixes that will be used with the host | `[/]` | | `ingress.tls` | TLS hosts | `[]` | | `autoscaling.enabled` | Enable autoscaling for Secure Tenancy deployment | `false` | | `autoscaling.minReplicas` | Minimum number of replicas to scale back (should be no less than 2) | `2` | @@ -124,5 +124,13 @@ The following table lists the configurable parameters of the Honeycomb chart, an ## Template Manifest It may be desired to have Helm render Kubernetes manifests but not have them installed. You can use the `helm template` command to accomplish this. -By default the output Kubernetes manifests will contain Helm specific annotations. +By default, the output Kubernetes manifests will contain Helm specific annotations. You can remove these from the output templates by setting a special `omitHelm` parameter to false when generating the templates. + +## Upgrading + +### Upgrading from 0.1.4 or earlier +Support for stable Kubernetes was added. If you are deploying to a cluster that is Kubernetes version 1.19 or greater +this will leverage the stable version for Ingress. With the stable version, each path definition will use +`pathType: Prefix` which means the path itself can not contain any wildcards. If you previously had this set to `/*` or +similar, you will need to update your path to remove the wildcard. diff --git a/charts/secure-tenancy/templates/ingress-beta.yaml b/charts/secure-tenancy/templates/ingress-beta.yaml new file mode 100644 index 00000000..e76ae825 --- /dev/null +++ b/charts/secure-tenancy/templates/ingress-beta.yaml @@ -0,0 +1,41 @@ +{{- if and (.Values.ingress.enabled) (semverCompare "<1.19-0" .Capabilities.KubeVersion.GitVersion) -}} +{{- $fullName := include "secure-tenancy.fullname" . -}} +{{- $svcPort := .Values.service.port -}} +{{- if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1beta1 +{{- else -}} +apiVersion: extensions/v1beta1 +{{- end }} +kind: Ingress +metadata: + name: {{ $fullName }} + labels: + {{- include "secure-tenancy.labels" . | nindent 4 }} + {{- with .Values.ingress.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + {{- if .Values.ingress.tls }} + tls: + {{- range .Values.ingress.tls }} + - hosts: + {{- range .hosts }} + - {{ . | quote }} + {{- end }} + secretName: {{ .secretName }} + {{- end }} + {{- end }} + rules: + {{- range .Values.ingress.hosts }} + - host: {{ .host | quote }} + http: + paths: + {{- range .paths }} + - path: {{ . }} + backend: + serviceName: {{ $fullName }} + servicePort: {{ $svcPort }} + {{- end }} + {{- end }} +{{- end }} diff --git a/charts/secure-tenancy/templates/ingress.yaml b/charts/secure-tenancy/templates/ingress.yaml index a500906f..6716589b 100644 --- a/charts/secure-tenancy/templates/ingress.yaml +++ b/charts/secure-tenancy/templates/ingress.yaml @@ -1,11 +1,6 @@ -{{- if .Values.ingress.enabled -}} +{{- if and (.Values.ingress.enabled) (semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion) -}} {{- $fullName := include "secure-tenancy.fullname" . -}} -{{- $svcPort := .Values.service.port -}} -{{- if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}} -apiVersion: networking.k8s.io/v1beta1 -{{- else -}} -apiVersion: extensions/v1beta1 -{{- end }} +apiVersion: networking.k8s.io/v1 kind: Ingress metadata: name: {{ $fullName }} @@ -33,9 +28,12 @@ spec: paths: {{- range .paths }} - path: {{ . }} + pathType: Prefix backend: - serviceName: {{ $fullName }} - servicePort: {{ $svcPort }} + service: + name: {{ $fullName }} + port: + name: http {{- end }} {{- end }} - {{- end }} +{{- end }}