Skip to content

C
charts
Commit 849f1a05 by Guangbo Chen
Options

added ingress for mariadb, mysql, redis, mongodb and longhorn

parent db61b655
Showing with 697 additions and 36 deletions
charts/mariadb/v3.0.3/questions.yml
......@@ -57,7 +57,7 @@ questions:
label: MariaDB Database
required: true
- variable: service.type
default: "NodePort"
default: "ClusterIP"
description: "MariaDB K8s Service type"
type: enum
options:
......@@ -65,14 +65,16 @@ questions:
- "NodePort"
required: true
label: MariaDB Service Type
- variable: service.nodePort
default: ""
description: "NodePort port number(to set explicitly, choose port between 30000-32767)"
type: int
min: 30000
max: 32767
show_if: "service.type=NodePort"
label: Service NodePort number
show_if: "ingress.enabled=false"
show_subquestion_if: "NodePort"
subquestions:
- variable: service.nodePort
default: ""
description: "NodePort port number(to set explicitly, choose port between 30000-32767)"
type: int
min: 30000
max: 32767
label: Service NodePort number
- variable: persistence.enabled
default: "false"
description: "Enable persistent volume for MariaDB"
......@@ -98,3 +100,16 @@ questions:
type: boolean
required: true
label: Enable Metrics
- variable: ingress.enabled
default: "true"
description: "Expose app using Layer 7 Load Balancer - ingress"
type: boolean
label: Expose app using Layer 7 Load Balancer
show_subquestion_if: true
subquestions:
- variable: ingress.host
default: ""
description: "layer 7 Load Balancer hostname"
type: hostname
required: true
label: Layer 7 Load Balancer Hostname
charts/mariadb/v3.0.3/templates/ingress.yaml 0 → 100644
{{- if .Values.ingress.enabled }}
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: {{ .Release.Name }}-ingress
labels:
app: {{ .Release.Name }}-ingress
annotations:
{{- if .Values.ingress.tls }}
ingress.kubernetes.io/secure-backends: "true"
{{- end }}
{{- range $key, $value := .Values.ingress.annotations }}
{{ $key }}: {{ $value | quote }}
{{- end }}
spec:
rules:
- host: {{ .Values.ingress.host }}
http:
paths:
- path: {{ default "/" .Values.ingress.path }}
backend:
serviceName: {{ template "mariadb.fullname" . }}
servicePort: 3306
{{- if .Values.ingress.tls }}
tls:
- hosts:
- {{ .Values.ingress.host }}
secretName: {{ .Values.ingress.tlsSecret }}
{{- end }}
{{- end }}
charts/mariadb/v3.0.3/templates/tls-secrets.yaml 0 → 100644
{{- if .Values.ingress.enabled }}
{{- range .Values.ingress.secrets }}
apiVersion: v1
kind: Secret
metadata:
name: {{ .Release.Name }}
labels:
app: {{ .Release.Name }}
type: kubernetes.io/tls
data:
tls.crt: {{ .certificate | b64enc }}
tls.key: {{ .key | b64enc }}
---
{{- end }}
{{- end }}
charts/mariadb/v3.0.3/values.yaml
......@@ -108,3 +108,42 @@ securitySettings:
enabled: true
runAsUser: 1001
fsGroup: 1001
ingress:
## Set to true to enable ingress record generation
enabled: false
host: xip.io
## Set this to true in order to enable TLS on the ingress record
## A side effect of this will be that the backend service will be connected at port 443
tls: false
## If TLS is set to true, you must declare what secret will store the key/certificate for TLS
tlsSecret: app.local-tls
## Ingress annotations done as key:value pairs
## If you're using kube-lego, you will want to add:
## kubernetes.io/tls-acme: true
##
## For a full list of possible ingress annotations, please see
## ref: https://github.com/kubernetes/ingress-nginx/blob/master/docs/annotations.md
##
## If tls is set to true, annotation ingress.kubernetes.io/secure-backends: "true" will automatically be set
annotations:
# kubernetes.io/ingress.class: nginx
# kubernetes.io/tls-acme: true
secrets:
## If you're providing your own certificates, please use this to add the certificates as secrets
## key and certificate should start with -----BEGIN CERTIFICATE----- or
## -----BEGIN RSA PRIVATE KEY-----
##
## name should line up with a tlsSecret set further up
## If you're using kube-lego, this is unneeded, as it will create the secret for you if it is not set
##
## It is also possible to create and manage the certificates outside of this helm chart
## Please see README.md for more information
# - name: app.local-tls
# key:
# certificate:
charts/memcached/v2.0.4/questions.yml
......@@ -56,3 +56,16 @@ questions:
- "vv"
- "vvv"
required: true
- variable: ingress.enabled
default: "true"
description: "Expose app using Layer 7 Load Balancer - ingress"
type: boolean
label: Expose app using Layer 7 Load Balancer
show_subquestion_if: true
subquestions:
- variable: ingress.host
default: ""
description: "layer 7 Load Balancer hostname"
type: hostname
required: true
label: Layer 7 Load Balancer Hostname
charts/memcached/v2.0.4/templates/ingress.yaml 0 → 100644
{{- if .Values.ingress.enabled }}
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: {{ .Release.Name }}-ingress
labels:
app: {{ .Release.Name }}-ingress
annotations:
{{- if .Values.ingress.tls }}
ingress.kubernetes.io/secure-backends: "true"
{{- end }}
{{- range $key, $value := .Values.ingress.annotations }}
{{ $key }}: {{ $value | quote }}
{{- end }}
spec:
rules:
- host: {{ .Values.ingress.host }}
http:
paths:
- path: {{ default "/" .Values.ingress.path }}
backend:
serviceName: {{ template "memcached.fullname" . }}
servicePort: 11211
{{- if .Values.ingress.tls }}
tls:
- hosts:
- {{ .Values.ingress.host }}
secretName: {{ .Values.ingress.tlsSecret }}
{{- end }}
{{- end }}
charts/memcached/v2.0.4/templates/tls-secrets.yaml 0 → 100644
{{- if .Values.ingress.enabled }}
{{- range .Values.ingress.secrets }}
apiVersion: v1
kind: Secret
metadata:
name: {{ .Release.Name }}
labels:
app: {{ .Release.Name }}
type: kubernetes.io/tls
data:
tls.crt: {{ .certificate | b64enc }}
tls.key: {{ .key | b64enc }}
---
{{- end }}
{{- end }}
charts/memcached/v2.0.4/values.yaml
......@@ -35,3 +35,44 @@ resources:
requests:
memory: 64Mi
cpu: 50m
ingress:
## Set to true to enable ingress record generation
enabled: false
host: xip.io
## Set this to true in order to enable TLS on the ingress record
## A side effect of this will be that the backend service will be connected at port 443
tls: false
## If TLS is set to true, you must declare what secret will store the key/certificate for TLS
tlsSecret: memcached.local-tls
## Ingress annotations done as key:value pairs
## If you're using kube-lego, you will want to add:
## kubernetes.io/tls-acme: true
##
## For a full list of possible ingress annotations, please see
## ref: https://github.com/kubernetes/ingress-nginx/blob/master/docs/annotations.md
##
## If tls is set to true, annotation ingress.kubernetes.io/secure-backends: "true" will automatically be set
annotations:
# kubernetes.io/ingress.class: nginx
# kubernetes.io/tls-acme: true
secrets:
## If you're providing your own certificates, please use this to add the certificates as secrets
## key and certificate should start with -----BEGIN CERTIFICATE----- or
## -----BEGIN RSA PRIVATE KEY-----
##
## name should line up with a tlsSecret set further up
## If you're using kube-lego, this is unneeded, as it will create the secret for you if it is not set
##
## It is also possible to create and manage the certificates outside of this helm chart
## Please see README.md for more information
# - name: memcached.local-tls
# key:
# certificate:
charts/mongodb/v2.0.1/questions.yml
......@@ -51,17 +51,18 @@ questions:
options:
- "ClusterIP"
- "NodePort"
- "LoadBalancer"
required: true
label: MongoDB Service Type
- variable: service.nodePort
default: ""
description: "NodePort port number(to set explicitly, choose port between 30000-32767)"
type: int
min: 30000
max: 32767
show_if: "service.type=NodePort"
label: Service NodePort number
show_if: "ingress.enabled=false"
show_subquestion_if: "NodePort"
subquestions:
- variable: service.nodePort
default: ""
description: "NodePort port number(to set explicitly, choose port between 30000-32767)"
type: int
min: 30000
max: 32767
label: Service NodePort number
- variable: persistence.enabled
default: "false"
description: "Enable persistent volume for MongoDB"
......@@ -81,3 +82,16 @@ questions:
description: "If undefined or set to null, using the default storageClass. Defaults to null."
type: storageclass
label: Storage Class for MongoDB
- variable: ingress.enabled
default: "true"
description: "Expose app using Layer 7 Load Balancer - ingress"
type: boolean
label: Expose app using Layer 7 Load Balancer
show_subquestion_if: true
subquestions:
- variable: ingress.host
default: ""
description: "layer 7 Load Balancer hostname"
type: hostname
required: true
label: Layer 7 Load Balancer Hostname
charts/mongodb/v2.0.1/templates/ingress.yaml 0 → 100644
{{- if .Values.ingress.enabled }}
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: {{ .Release.Name }}-ingress
labels:
app: {{ .Release.Name }}-ingress
annotations:
{{- if .Values.ingress.tls }}
ingress.kubernetes.io/secure-backends: "true"
{{- end }}
{{- range $key, $value := .Values.ingress.annotations }}
{{ $key }}: {{ $value | quote }}
{{- end }}
spec:
rules:
- host: {{ .Values.ingress.host }}
http:
paths:
- path: {{ default "/" .Values.ingress.path }}
backend:
serviceName: {{ template "mongodb.fullname" . }}
servicePort: 27017
{{- if .Values.ingress.tls }}
tls:
- hosts:
- {{ .Values.ingress.host }}
secretName: {{ .Values.ingress.tlsSecret }}
{{- end }}
{{- end }}
charts/mongodb/v2.0.1/templates/tls-secrets.yaml 0 → 100644
{{- if .Values.ingress.enabled }}
{{- range .Values.ingress.secrets }}
apiVersion: v1
kind: Secret
metadata:
name: {{ .Release.Name }}
labels:
app: {{ .Release.Name }}
type: kubernetes.io/tls
data:
tls.crt: {{ .certificate | b64enc }}
tls.key: {{ .key | b64enc }}
---
{{- end }}
{{- end }}
charts/mongodb/v2.0.1/values.yaml
......@@ -93,3 +93,42 @@ readinessProbe:
timeoutSeconds: 5
failureThreshold: 6
successThreshold: 1
ingress:
## Set to true to enable ingress record generation
enabled: false
host: xip.io
## Set this to true in order to enable TLS on the ingress record
## A side effect of this will be that the backend service will be connected at port 443
tls: false
## If TLS is set to true, you must declare what secret will store the key/certificate for TLS
tlsSecret: app.local-tls
## Ingress annotations done as key:value pairs
## If you're using kube-lego, you will want to add:
## kubernetes.io/tls-acme: true
##
## For a full list of possible ingress annotations, please see
## ref: https://github.com/kubernetes/ingress-nginx/blob/master/docs/annotations.md
##
## If tls is set to true, annotation ingress.kubernetes.io/secure-backends: "true" will automatically be set
annotations:
# kubernetes.io/ingress.class: nginx
# kubernetes.io/tls-acme: true
secrets:
## If you're providing your own certificates, please use this to add the certificates as secrets
## key and certificate should start with -----BEGIN CERTIFICATE----- or
## -----BEGIN RSA PRIVATE KEY-----
##
## name should line up with a tlsSecret set further up
## If you're using kube-lego, this is unneeded, as it will create the secret for you if it is not set
##
## It is also possible to create and manage the certificates outside of this helm chart
## Please see README.md for more information
# - name: app.local-tls
# key:
# certificate:
charts/mysql/v0.3.7/questions.yml
......@@ -62,7 +62,7 @@ questions:
label: MySQL NodePort number
required: true
- variable: service.type
default: "NodePort"
default: "ClusterIP"
description: "MySQL K8s Service type"
type: enum
options:
......@@ -70,11 +70,26 @@ questions:
- "NodePort"
required: true
label: MySQL Service Type
- variable: service.nodePort
default: ""
description: "NodePort port number(to set explicitly, choose port between 30000-32767)"
type: int
min: 30000
max: 32767
show_if: "service.type=NodePort"
label: Service NodePort number
show_if: "ingress.enabled=false"
show_subquestion_if: "NodePort"
subquestions:
- variable: service.nodePort
default: ""
description: "NodePort port number(to set explicitly, choose port between 30000-32767)"
type: int
min: 30000
max: 32767
label: Service NodePort number
- variable: ingress.enabled
default: "true"
description: "Expose app using Layer 7 Load Balancer - ingress"
type: boolean
label: Expose app using Layer 7 Load Balancer
show_subquestion_if: true
subquestions:
- variable: ingress.host
default: ""
description: "layer 7 Load Balancer hostname"
type: hostname
required: true
label: Layer 7 Load Balancer Hostname
charts/mysql/v0.3.7/templates/ingress.yaml 0 → 100644
{{- if .Values.ingress.enabled }}
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: {{ .Release.Name }}-ingress
labels:
app: {{ .Release.Name }}-ingress
annotations:
{{- if .Values.ingress.tls }}
ingress.kubernetes.io/secure-backends: "true"
{{- end }}
{{- range $key, $value := .Values.ingress.annotations }}
{{ $key }}: {{ $value | quote }}
{{- end }}
spec:
rules:
- host: {{ .Values.ingress.host }}
http:
paths:
- path: {{ default "/" .Values.ingress.path }}
backend:
serviceName: {{ template "mysql.fullname" . }}
servicePort: {{ .Values.service.port }}
{{- if .Values.ingress.tls }}
tls:
- hosts:
- {{ .Values.ingress.host }}
secretName: {{ .Values.ingress.tlsSecret }}
{{- end }}
{{- end }}
charts/mysql/v0.3.7/templates/tls-secrets.yaml 0 → 100644
{{- if .Values.ingress.enabled }}
{{- range .Values.ingress.secrets }}
apiVersion: v1
kind: Secret
metadata:
name: {{ .Release.Name }}
labels:
app: {{ .Release.Name }}
type: kubernetes.io/tls
data:
tls.crt: {{ .certificate | b64enc }}
tls.key: {{ .key | b64enc }}
---
{{- end }}
{{- end }}
charts/mysql/v0.3.7/values.yaml
......@@ -83,3 +83,42 @@ service:
type: ClusterIP
port: 3306
# nodePort: 32000
ingress:
## Set to true to enable ingress record generation
enabled: false
host: xip.io
## Set this to true in order to enable TLS on the ingress record
## A side effect of this will be that the backend service will be connected at port 443
tls: false
## If TLS is set to true, you must declare what secret will store the key/certificate for TLS
tlsSecret: app.local-tls
## Ingress annotations done as key:value pairs
## If you're using kube-lego, you will want to add:
## kubernetes.io/tls-acme: true
##
## For a full list of possible ingress annotations, please see
## ref: https://github.com/kubernetes/ingress-nginx/blob/master/docs/annotations.md
##
## If tls is set to true, annotation ingress.kubernetes.io/secure-backends: "true" will automatically be set
annotations:
# kubernetes.io/ingress.class: nginx
# kubernetes.io/tls-acme: true
secrets:
## If you're providing your own certificates, please use this to add the certificates as secrets
## key and certificate should start with -----BEGIN CERTIFICATE----- or
## -----BEGIN RSA PRIVATE KEY-----
##
## name should line up with a tlsSecret set further up
## If you're using kube-lego, this is unneeded, as it will create the secret for you if it is not set
##
## It is also possible to create and manage the certificates outside of this helm chart
## Please see README.md for more information
# - name: app.local-tls
# key:
# certificate:
charts/redis/v3.0.2/questions.yml
......@@ -67,3 +67,54 @@ questions:
description: "If undefined or null, uses the default StorageClass. Defaults to null."
type: storageclass
label: Default Storage Class
- variable: ingress.enabled
default: "true"
description: "Expose app using Layer 7 Load Balancer - ingress"
type: boolean
label: Expose app using Layer 7 Load Balancer
show_subquestion_if: true
subquestions:
- variable: ingress.host
default: ""
description: "layer 7 Load Balancer hostname"
type: hostname
required: true
label: Layer 7 Load Balancer Hostname
- variable: slave.service.type
default: "ClusterIP"
description: "Redis slave service type"
type: enum
options:
- "ClusterIP"
- "NodePort"
required: true
label: Redis Slave Service Type
show_if: "ingress.enabled=false"
show_subquestion_if: "NodePort"
subquestions:
- variable: slave.service.nodePort
default: ""
description: "NodePort port number(to set explicitly, choose port between 30000-32767)"
type: int
min: 30000
max: 32767
label: Redis Slave Service NodePort number
- variable: master.service.type
default: "ClusterIP"
description: "Redis master service type"
type: enum
options:
- "ClusterIP"
- "NodePort"
required: true
label: Redis Master Service Type
show_if: "ingress.enabled=false"
show_subquestion_if: "NodePort"
subquestions:
- variable: master.service.nodePort
default: ""
description: "NodePort port number(to set explicitly, choose port between 30000-32767)"
type: int
min: 30000
max: 32767
label: Redis Master Service NodePort number
charts/redis/v3.0.2/templates/ingress.yaml 0 → 100644
{{- if .Values.ingress.enabled }}
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: {{ .Release.Name }}-master-ingress
labels:
app: {{ .Release.Name }}-master-ingress
annotations:
{{- if .Values.ingress.tls }}
ingress.kubernetes.io/secure-backends: "true"
{{- end }}
{{- range $key, $value := .Values.ingress.annotations }}
{{ $key }}: {{ $value | quote }}
{{- end }}
spec:
rules:
- host: {{ .Values.ingress.host }}
http:
paths:
- path: {{ default "/" .Values.ingress.path }}
backend:
serviceName: {{ template "redis.fullname" . }}-master
servicePort: 6379
{{- if .Values.ingress.tls }}
tls:
- hosts:
- {{ .Values.ingress.host }}
secretName: {{ .Values.ingress.tlsSecret }}
{{- end }}
---
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: {{ .Release.Name }}-slave-ingress
labels:
app: {{ .Release.Name }}-slave-ingress
annotations:
{{- if .Values.ingress.tls }}
ingress.kubernetes.io/secure-backends: "true"
{{- end }}
{{- range $key, $value := .Values.ingress.annotations }}
{{ $key }}: {{ $value | quote }}
{{- end }}
spec:
rules:
- host: {{ .Values.ingress.host }}
http:
paths:
- path: {{ default "/" .Values.ingress.path }}
backend:
serviceName: {{ template "redis.fullname" . }}-slave
servicePort: 6379
{{- if .Values.ingress.tls }}
tls:
- hosts:
- {{ .Values.ingress.host }}
secretName: {{ .Values.ingress.tlsSecret }}
{{- end }}
{{- end }}
charts/redis/v3.0.2/templates/tls-secrets.yaml 0 → 100644
{{- if .Values.ingress.enabled }}
{{- range .Values.ingress.secrets }}
apiVersion: v1
kind: Secret
metadata:
name: {{ .Release.Name }}
labels:
app: {{ .Release.Name }}
type: kubernetes.io/tls
data:
tls.crt: {{ .certificate | b64enc }}
tls.key: {{ .key | b64enc }}
---
{{- end }}
{{- end }}
charts/redis/v3.0.2/values.yaml
......@@ -190,7 +190,7 @@ slave:
## Redis Slave Service type
type: ClusterIP
## Specify the nodePort value for the LoadBalancer and NodePort service types.
## ref: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport
## ref: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeportl
##
# nodePort:
......@@ -248,3 +248,42 @@ slave:
# enabled: true
# fsGroup: 1001
# runAsUser: 1001
ingress:
## Set to true to enable ingress record generation
enabled: false
host: xip.io
## Set this to true in order to enable TLS on the ingress record
## A side effect of this will be that the backend service will be connected at port 443
tls: false
## If TLS is set to true, you must declare what secret will store the key/certificate for TLS
tlsSecret: app.local-tls
## Ingress annotations done as key:value pairs
## If you're using kube-lego, you will want to add:
## kubernetes.io/tls-acme: true
##
## For a full list of possible ingress annotations, please see
## ref: https://github.com/kubernetes/ingress-nginx/blob/master/docs/annotations.md
##
## If tls is set to true, annotation ingress.kubernetes.io/secure-backends: "true" will automatically be set
annotations:
# kubernetes.io/ingress.class: nginx
# kubernetes.io/tls-acme: true
secrets:
## If you're providing your own certificates, please use this to add the certificates as secrets
## key and certificate should start with -----BEGIN CERTIFICATE----- or
## -----BEGIN RSA PRIVATE KEY-----
##
## name should line up with a tlsSecret set further up
## If you're using kube-lego, this is unneeded, as it will create the secret for you if it is not set
##
## It is also possible to create and manage the certificates outside of this helm chart
## Please see README.md for more information
# - name: app.local-tls
# key:
# certificate:
charts/wordpress/v1.0.5/questions.yml
......@@ -165,7 +165,7 @@ questions:
label: NodePort Https Port
- variable: ingress.enabled
default: "true"
description: "Enable ingress controller resource"
description: "Expose app using Layer 7 Load Balancer - ingress"
type: boolean
label: Expose app using Layer 7 Load Balancer
show_subquestion_if: true
......
charts/wordpress/v1.0.5/templates/ingress.yaml
......@@ -3,7 +3,7 @@
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: "{{- printf "%s-%s" .name $.Release.Name | trunc 63 | trimSuffix "-" -}}"
name: "{{ $.Release.Name }}-ingress"
labels:
app: {{ template "fullname" $ }}
chart: "{{ $.Chart.Name }}-{{ $.Chart.Version }}"
......
proposed/longhorn/v0.1.0/questions.yml
......@@ -2,7 +2,7 @@ categories:
- storage
questions:
- variable: service.ui.type
default: "NodePort"
default: "ClusterIP"
description: "Define Longhorn UI service type"
type: enum
options:
......@@ -10,6 +10,7 @@ questions:
- "NodePort"
- "LoadBalancer"
label: Longhorn UI Service
show_if: "ingress.enabled=false"
- variable: service.ui.nodePort
default: ""
description: "NodePort port number(to set explicitly, choose port between 30000-32767)"
......@@ -48,3 +49,16 @@ questions:
description: "For GKE uses `/home/kubernetes/flexvolume/` instead, users can find the correct directory by running `ps aux|grep kubelet` on the host and check the --volume-plugin-dir parameter. If there is none, the default `/usr/libexec/kubernetes/kubelet-plugins/volume/exec/` will be used."
type: string
label: Longhorn Flexvolume Path
- variable: ingress.enabled
default: "true"
description: "Expose app using Layer 7 Load Balancer - ingress"
type: boolean
label: Expose app using Layer 7 Load Balancer
show_subquestion_if: true
subquestions:
- variable: ingress.host
default: ""
description: "layer 7 Load Balancer hostname"
type: hostname
required: true
label: Layer 7 Load Balancer Hostname
proposed/longhorn/v0.1.0/templates/deployment-ui.yaml
......@@ -2,7 +2,7 @@ apiVersion: apps/v1beta1
kind: Deployment
metadata:
labels:
app: {{ .Release.Namespace }}-ui
app: {{ .Release.Name }}-ui
name: longhorn-ui
namespace: {{ .Release.Namespace }}
spec:
......@@ -10,7 +10,7 @@ spec:
template:
metadata:
labels:
app: {{ .Release.Namespace }}-ui
app: {{ .Release.Name }}-ui
spec:
containers:
- name: longhorn-ui
......@@ -26,13 +26,13 @@ kind: Service
apiVersion: v1
metadata:
labels:
app: {{ .Release.Namespace }}-ui
app: {{ .Release.Name }}-ui
name: longhorn-frontend
namespace: {{ .Release.Namespace }}
spec:
type: {{ .Values.service.ui.type }}
selector:
app: {{ .Release.Namespace }}-ui
app: {{ .Release.Name }}-ui
ports:
- name: longhorn-ui
port: 80
......
proposed/longhorn/v0.1.0/templates/ingress.yaml 0 → 100644
{{- if .Values.ingress.enabled }}
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: {{ .Release.Name }}-ingress
labels:
app: {{ .Release.Name }}-ingress
annotations:
{{- if .Values.ingress.tls }}
ingress.kubernetes.io/secure-backends: "true"
{{- end }}
{{- range $key, $value := .Values.ingress.annotations }}
{{ $key }}: {{ $value | quote }}
{{- end }}
spec:
rules:
- host: {{ .Values.ingress.host }}
http:
paths:
- path: {{ default "/" .Values.ingress.path }}
backend:
serviceName: longhorn-frontend
servicePort: 80
{{- if .Values.ingress.tls }}
tls:
- hosts:
- {{ .Values.ingress.host }}
secretName: {{ .Values.ingress.tlsSecret }}
{{- end }}
{{- end }}
proposed/longhorn/v0.1.0/templates/tls-secrets.yaml 0 → 100644
{{- if .Values.ingress.enabled }}
{{- range .Values.ingress.secrets }}
apiVersion: v1
kind: Secret
metadata:
name: {{ .Release.Name }}
labels:
app: {{ .Release.Name }}
type: kubernetes.io/tls
data:
tls.crt: {{ .certificate | b64enc }}
tls.key: {{ .key | b64enc }}
---
{{- end }}
{{- end }}
proposed/longhorn/v0.1.0/values.yaml
......@@ -10,7 +10,7 @@ image:
service:
ui:
type: NodePort
type: ClusterIP
nodePort: ""
manager:
type: ClusterIP
......@@ -33,3 +33,45 @@ resources: {}
# requests:
# cpu: 100m
# memory: 128Mi
#
ingress:
## Set to true to enable ingress record generation
enabled: false
host: xip.io
## Set this to true in order to enable TLS on the ingress record
## A side effect of this will be that the backend service will be connected at port 443
tls: false
## If TLS is set to true, you must declare what secret will store the key/certificate for TLS
tlsSecret: longhorn.local-tls
## Ingress annotations done as key:value pairs
## If you're using kube-lego, you will want to add:
## kubernetes.io/tls-acme: true
##
## For a full list of possible ingress annotations, please see
## ref: https://github.com/kubernetes/ingress-nginx/blob/master/docs/annotations.md
##
## If tls is set to true, annotation ingress.kubernetes.io/secure-backends: "true" will automatically be set
annotations:
# kubernetes.io/ingress.class: nginx
# kubernetes.io/tls-acme: true
secrets:
## If you're providing your own certificates, please use this to add the certificates as secrets
## key and certificate should start with -----BEGIN CERTIFICATE----- or
## -----BEGIN RSA PRIVATE KEY-----
##
## name should line up with a tlsSecret set further up
## If you're using kube-lego, this is unneeded, as it will create the secret for you if it is not set
##
## It is also possible to create and manage the certificates outside of this helm chart
## Please see README.md for more information
# - name: longhorn.local-tls
# key:
# certificate:
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment