Allow to generate different types/allow to specify hostnames
Moep90 opened this issue · 0 comments
Moep90 commented
Possbiel sources:
As already mentioned here: Slack#Kapitan
It might be possible to use this: https://github.com/bitnami-labs/kube-libsonnet which already includes several more ingress things
Types of Ingress
k8s-docs for Ingress
- Ingress backed by a single Service
- Simple fanout
- Name based virtual hosting
- TLS
- Load balancing
Ingress host/hostname
Currently the Ingress hostname is set to a wildcard.
In order to change this, please allow the generator to pick up a host.
parameters:
ingresses:
sonarqube-ingress:
host: "foo.bar.com"
paths:
- path: /
[...]
host: "*.foo.com"
paths:
- path: /
[...]apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: ingress-wildcard-host
spec:
rules:
- host: "foo.bar.com"
http:
paths:
- pathType: Prefix
path: "/bar"
backend:
service:
name: service1
port:
number: 80
- host: "*.foo.com"
http:
paths:
- pathType: Prefix
path: "/foo"
backend:
service:
name: service2
port:
number: 80My current Workaround
The Component
#
# Ingress
#
ingress:
rules:
- host: ${target_name}.${domain}
http:
paths:
- pathType: Prefix
path: /
backend:
service:
name: ${target_name}
port:
number: ${gitea:http_port}The Kapitan Compiler info
parameters:
kapitan:
compile:
- output_path: manifests
input_type: jinja2
input_paths:
- templates/jinja/ingress.ymlThe Template without TLS
{% set p = inventory.parameters %}
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: {{ p.target_name }}
namespace: {{ p.namespace }}
labels: {{ p.generators.manifest.default_config.labels }}
annotations: {{ p.generators.manifest.default_config.annotations }}
spec:
rules: {{ p.ingress.rules }}The Result:
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: gitea
namespace: gitea
labels: {'app.kubernetes.io/part-of': 'gitea', 'app.kubernetes.io/managed-by': 'kapitan'}
annotations: {'manifests.kapicorp.com/generated': 'true'}
spec:
rules: [{'host': 'gitea.example.com', 'http': {'paths': [{'pathType': 'Prefix', 'path': '/', 'backend': {'service': {'name': 'gitea', 'port': {'number': 3000}}}}]}}]The Template with TLS
{% set p = inventory.parameters %}
{% if inventory.parameters.ingress is defined %}
{% set i = inventory.parameters.ingress %}
{% set labels = p.generators.manifest.default_config.labels %}
{% set annotations = p.generators.manifest.default_config.annotations %}
{% for ingress in i %}
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: {{ p.target_name }}-{{ loop.index }}
namespace: {{ p.namespace }}
labels: {{ i[ingress].extra.labels }}
annotations: {{ i[ingress].extra.annotations }}
spec:
tls: {{ i[ingress].tls | default("")}}
rules: {{ i[ingress].rules }}
{% endfor %}
{% else %}
---
{% endif %}Kapitan Definition
extra:
certs:
- name: wildcard-example-com
cert: ?{vaultkv:ssl/wildcard-example-com-cert}
key: ?{vaultkv:ssl/wildcard-example-com-key}
ingress:
wikijs:
extra:
labels: []
annotations:
nginx.ingress.kubernetes.io/proxy-body-size: "0"
nginx.ingress.kubernetes.io/proxy-read-timeout: "600"
nginx.ingress.kubernetes.io/proxy-send-timeout: "600"
tls:
- hosts:
- wiki.${domain}
secretName: ${target_name}-tls
rules:
- host: wiki.${domain}
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: wikijs
port:
number: ${wikijs:service:wikijs:http}The Result
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: k8s-wikijs-1
namespace: wikijs
labels: []
annotations: {'nginx.ingress.kubernetes.io/proxy-body-size': '0', 'nginx.ingress.kubernetes.io/proxy-read-timeout': '600', 'nginx.ingress.kubernetes.io/proxy-send-timeout': '600'}
spec:
tls: [{'hosts': ['wiki.example.com'], 'secretName': 'k8s-wikijs-tls'}]
rules: [{'host': 'wiki.example.com', 'http': {'paths': [{'path': '/', 'pathType': 'Prefix', 'backend': {'service': {'name': 'wikijs', 'port': {'number': 3000}}}}]}}]