-
Notifications
You must be signed in to change notification settings - Fork 135
/
Copy pathingress.yaml
76 lines (74 loc) · 3.55 KB
/
ingress.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
{{- if .Values.console.service -}}
{{- if .Values.console.service.ingress -}}
{{- if .Values.console.service.ingress.enabled -}}
{{- if not .Values.console.service.ingress.secretName -}}
---
# The certificate and key for the TLS secret are passed through ingress.tls.crt and ingress.tls.key
# respectively. If the operator does not provide these values at installation time, the TLS secret
# will contain empty values. The standard behaviour for NGINX ingress controller is to provide a
# fake certificate instead. It is useful only for testing and development. It is expected that for
# production use the operator will provide these values.
apiVersion: "v1"
kind: "Secret"
type: kubernetes.io/tls
metadata:
name: "{{ .Release.Name }}-ingress-tls"
labels:
app.kubernetes.io/name: "stratos"
app.kubernetes.io/instance: "{{ .Release.Name }}"
app.kubernetes.io/version: "{{ .Chart.AppVersion }}"
app.kubernetes.io/component: "console-ingress-tls"
helm.sh/chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
data:
tls.crt: {{ .Values.console.service.ingress.tls.crt | default "" | b64enc | quote }}
tls.key: {{ .Values.console.service.ingress.tls.key | default "" | b64enc | quote }}
{{- end }}
---
# Ingress for the Console UI service
apiVersion: "extensions/v1beta1"
kind: "Ingress"
metadata:
name: "{{ .Release.Name }}-ingress"
annotations:
{{- if hasKey .Values.console.service.ingress.annotations "kubernetes.io/ingress.class" | not -}}
{{ $_ := set .Values.console.service.ingress.annotations "kubernetes.io/ingress.class" "nginx" }}
{{- end }}
{{- if hasKey .Values.console.service.ingress.annotations "nginx.ingress.kubernetes.io/secure-backends" | not -}}
{{ $_ := set .Values.console.service.ingress.annotations "nginx.ingress.kubernetes.io/secure-backends" "true" }}
{{- end }}
{{- if hasKey .Values.console.service.ingress.annotations "nginx.ingress.kubernetes.io/backend-protocol" | not -}}
{{ $_ := set .Values.console.service.ingress.annotations "nginx.ingress.kubernetes.io/backend-protocol" "HTTPS" }}
{{- end }}
{{- if hasKey .Values.console.service.ingress.annotations "nginx.ingress.kubernetes.io/ssl-redirect" | not -}}
{{ $_ := set .Values.console.service.ingress.annotations "nginx.ingress.kubernetes.io/ssl-redirect" "false" }}
{{- end }}
{{- if hasKey .Values.console.service.ingress.annotations "nginx.ingress.kubernetes.io/proxy-body-size" | not -}}
{{ $_ := set .Values.console.service.ingress.annotations "nginx.ingress.kubernetes.io/proxy-body-size" "200m" }}
{{- end }}
{{ $_ := set .Values.console.service.ingress.annotations "nginx.org/websocket-services" (print .Release.Name "-ui-ext") }}
{{ toYaml .Values.console.service.ingress.annotations | indent 4 }}
labels:
app.kubernetes.io/name: "stratos"
app.kubernetes.io/component: "console-ingress"
app.kubernetes.io/instance: "{{ .Release.Name }}"
app.kubernetes.io/version: "{{ .Chart.AppVersion }}"
helm.sh/chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
{{- range $key, $value := .Values.console.service.ingress.extraLabels }}
{{ $key }}: {{ $value }}
{{- end }}
spec:
tls:
- secretName: {{ default "{{ .Release.Name }}-ingress-tls" .Values.console.service.ingress.secretName | quote }}
hosts:
- {{ template "ingress.host" . }}
rules:
- host: {{ template "ingress.host" . }}
http:
paths:
- path: "/"
backend:
serviceName: "{{ .Release.Name }}-ui-ext"
servicePort: 443
{{- end }}
{{- end }}
{{- end }}