added ingress for mariadb, mysql, redis, mongodb and longhorn

charts/mariadb/v3.0.3/questions.yml

@@ -57,7 +57,7 @@ questions:
   label: MariaDB Database
   required: true
 - variable: service.type
-  default: "NodePort"
+  default: "ClusterIP"
   description: "MariaDB K8s Service type"
   type: enum
   options:
@@ -65,14 +65,16 @@ questions:
     - "NodePort"
   required: true
   label: MariaDB Service Type
-- variable: service.nodePort
-  default: ""
-  description: "NodePort port number(to set explicitly, choose port between 30000-32767)"
-  type: int
-  min: 30000
-  max: 32767
-  show_if: "service.type=NodePort"
-  label: Service NodePort number
+  show_if: "ingress.enabled=false"
+  show_subquestion_if: "NodePort"
+  subquestions:
+  - variable: service.nodePort
+    default: ""
+    description: "NodePort port number(to set explicitly, choose port between 30000-32767)"
+    type: int
+    min: 30000
+    max: 32767
+    label: Service NodePort number
 - variable: persistence.enabled
   default: "false"
   description: "Enable persistent volume for MariaDB"
@@ -98,3 +100,16 @@ questions:
   type: boolean
   required: true
   label: Enable Metrics
+- variable: ingress.enabled
+  default: "true"
+  description: "Expose app using Layer 7 Load Balancer - ingress"
+  type: boolean
+  label: Expose app using Layer 7 Load Balancer
+  show_subquestion_if: true
+  subquestions:
+  - variable: ingress.host
+    default: ""
+    description: "layer 7 Load Balancer hostname"
+    type: hostname
+    required: true
+    label: Layer 7 Load Balancer Hostname

charts/mariadb/v3.0.3/templates/ingress.yaml

+{{- if .Values.ingress.enabled }}
+apiVersion: extensions/v1beta1
+kind: Ingress
+metadata:
+  name: {{ .Release.Name }}-ingress
+  labels:
+    app: {{ .Release.Name }}-ingress
+  annotations:
+    {{- if .Values.ingress.tls }}
+    ingress.kubernetes.io/secure-backends: "true"
+    {{- end }}
+    {{- range $key, $value := .Values.ingress.annotations }}
+    {{ $key }}: {{ $value | quote }}
+    {{- end }}
+spec:
+  rules:
+  - host: {{ .Values.ingress.host }}
+    http:
+      paths:
+        - path: {{ default "/" .Values.ingress.path }}
+          backend:
+            serviceName: {{ template "mariadb.fullname" . }}
+            servicePort: 3306
+{{- if .Values.ingress.tls }}
+  tls:
+  - hosts:
+    - {{ .Values.ingress.host }}
+    secretName: {{ .Values.ingress.tlsSecret }}
+{{- end }}
+{{- end }}

charts/mariadb/v3.0.3/templates/tls-secrets.yaml

+{{- if .Values.ingress.enabled }}
+{{- range .Values.ingress.secrets }}
+apiVersion: v1
+kind: Secret
+metadata:
+  name: {{ .Release.Name }}
+  labels:
+    app: {{ .Release.Name }}
+type: kubernetes.io/tls
+data:
+  tls.crt: {{ .certificate | b64enc }}
+  tls.key: {{ .key | b64enc }}
+---
+{{- end }}
+{{- end }}

charts/mariadb/v3.0.3/values.yaml

@@ -108,3 +108,42 @@ securitySettings:
   enabled: true
   runAsUser: 1001
   fsGroup: 1001
+
+ingress:
+  ## Set to true to enable ingress record generation
+  enabled: false
+
+  host: xip.io
+
+  ## Set this to true in order to enable TLS on the ingress record
+  ## A side effect of this will be that the backend service will be connected at port 443
+  tls: false
+
+  ## If TLS is set to true, you must declare what secret will store the key/certificate for TLS
+  tlsSecret: app.local-tls
+
+  ## Ingress annotations done as key:value pairs
+  ## If you're using kube-lego, you will want to add:
+  ## kubernetes.io/tls-acme: true
+  ##
+  ## For a full list of possible ingress annotations, please see
+  ## ref: https://github.com/kubernetes/ingress-nginx/blob/master/docs/annotations.md
+  ##
+  ## If tls is set to true, annotation ingress.kubernetes.io/secure-backends: "true" will automatically be set
+  annotations:
+  #  kubernetes.io/ingress.class: nginx
+  #  kubernetes.io/tls-acme: true
+
+  secrets:
+  ## If you're providing your own certificates, please use this to add the certificates as secrets
+  ## key and certificate should start with -----BEGIN CERTIFICATE----- or
+  ## -----BEGIN RSA PRIVATE KEY-----
+  ##
+  ## name should line up with a tlsSecret set further up
+  ## If you're using kube-lego, this is unneeded, as it will create the secret for you if it is not set
+  ##
+  ## It is also possible to create and manage the certificates outside of this helm chart
+  ## Please see README.md for more information
+  # - name: app.local-tls
+  #   key:
+  #   certificate:

charts/memcached/v2.0.4/questions.yml

@@ -56,3 +56,16 @@ questions:
       - "vv"
       - "vvv"
     required: true
+- variable: ingress.enabled
+  default: "true"
+  description: "Expose app using Layer 7 Load Balancer - ingress"
+  type: boolean
+  label: Expose app using Layer 7 Load Balancer
+  show_subquestion_if: true
+  subquestions:
+  - variable: ingress.host
+    default: ""
+    description: "layer 7 Load Balancer hostname"
+    type: hostname
+    required: true
+    label: Layer 7 Load Balancer Hostname

charts/memcached/v2.0.4/templates/ingress.yaml

+{{- if .Values.ingress.enabled }}
+apiVersion: extensions/v1beta1
+kind: Ingress
+metadata:
+  name: {{ .Release.Name }}-ingress
+  labels:
+    app: {{ .Release.Name }}-ingress
+  annotations:
+    {{- if .Values.ingress.tls }}
+    ingress.kubernetes.io/secure-backends: "true"
+    {{- end }}
+    {{- range $key, $value := .Values.ingress.annotations }}
+    {{ $key }}: {{ $value | quote }}
+    {{- end }}
+spec:
+  rules:
+  - host: {{ .Values.ingress.host }}
+    http:
+      paths:
+        - path: {{ default "/" .Values.ingress.path }}
+          backend:
+            serviceName: {{ template "memcached.fullname" . }}
+            servicePort: 11211
+{{- if .Values.ingress.tls }}
+  tls:
+  - hosts:
+    - {{ .Values.ingress.host }}
+    secretName: {{ .Values.ingress.tlsSecret }}
+{{- end }}
+{{- end }}

charts/memcached/v2.0.4/templates/tls-secrets.yaml

+{{- if .Values.ingress.enabled }}
+{{- range .Values.ingress.secrets }}
+apiVersion: v1
+kind: Secret
+metadata:
+  name: {{ .Release.Name }}
+  labels:
+    app: {{ .Release.Name }}
+type: kubernetes.io/tls
+data:
+  tls.crt: {{ .certificate | b64enc }}
+  tls.key: {{ .key | b64enc }}
+---
+{{- end }}
+{{- end }}

charts/memcached/v2.0.4/values.yaml

@@ -35,3 +35,44 @@ resources:
   requests:
     memory: 64Mi
     cpu: 50m
+
+ingress:
+  ## Set to true to enable ingress record generation
+  enabled: false
+
+
+  host: xip.io
+
+  ## Set this to true in order to enable TLS on the ingress record
+  ## A side effect of this will be that the backend service will be connected at port 443
+  tls: false
+
+  ## If TLS is set to true, you must declare what secret will store the key/certificate for TLS
+  tlsSecret: memcached.local-tls
+
+  ## Ingress annotations done as key:value pairs
+  ## If you're using kube-lego, you will want to add:
+  ## kubernetes.io/tls-acme: true
+  ##
+  ## For a full list of possible ingress annotations, please see
+  ## ref: https://github.com/kubernetes/ingress-nginx/blob/master/docs/annotations.md
+  ##
+  ## If tls is set to true, annotation ingress.kubernetes.io/secure-backends: "true" will automatically be set
+  annotations:
+  #  kubernetes.io/ingress.class: nginx
+  #  kubernetes.io/tls-acme: true
+
+  secrets:
+  ## If you're providing your own certificates, please use this to add the certificates as secrets
+  ## key and certificate should start with -----BEGIN CERTIFICATE----- or
+  ## -----BEGIN RSA PRIVATE KEY-----
+  ##
+  ## name should line up with a tlsSecret set further up
+  ## If you're using kube-lego, this is unneeded, as it will create the secret for you if it is not set
+  ##
+  ## It is also possible to create and manage the certificates outside of this helm chart
+  ## Please see README.md for more information
+  # - name: memcached.local-tls
+  #   key:
+  #   certificate:
+

charts/mongodb/v2.0.1/questions.yml

@@ -51,17 +51,18 @@ questions:
   options:
     - "ClusterIP"
     - "NodePort"
-    - "LoadBalancer"
   required: true
   label: MongoDB Service Type
-- variable: service.nodePort
-  default: ""
-  description: "NodePort port number(to set explicitly, choose port between 30000-32767)"
-  type: int
-  min: 30000
-  max: 32767
-  show_if: "service.type=NodePort"
-  label: Service NodePort number
+  show_if: "ingress.enabled=false"
+  show_subquestion_if: "NodePort"
+  subquestions:
+  - variable: service.nodePort
+    default: ""
+    description: "NodePort port number(to set explicitly, choose port between 30000-32767)"
+    type: int
+    min: 30000
+    max: 32767
+    label: Service NodePort number
 - variable: persistence.enabled
   default: "false"
   description: "Enable persistent volume for MongoDB"
@@ -81,3 +82,16 @@ questions:
     description: "If undefined or set to null, using the default storageClass. Defaults to null."
     type: storageclass
     label: Storage Class for MongoDB
+- variable: ingress.enabled
+  default: "true"
+  description: "Expose app using Layer 7 Load Balancer - ingress"
+  type: boolean
+  label: Expose app using Layer 7 Load Balancer
+  show_subquestion_if: true
+  subquestions:
+  - variable: ingress.host
+    default: ""
+    description: "layer 7 Load Balancer hostname"
+    type: hostname
+    required: true
+    label: Layer 7 Load Balancer Hostname

charts/mongodb/v2.0.1/templates/ingress.yaml

+{{- if .Values.ingress.enabled }}
+apiVersion: extensions/v1beta1
+kind: Ingress
+metadata:
+  name: {{ .Release.Name }}-ingress
+  labels:
+    app: {{ .Release.Name }}-ingress
+  annotations:
+    {{- if .Values.ingress.tls }}
+    ingress.kubernetes.io/secure-backends: "true"
+    {{- end }}
+    {{- range $key, $value := .Values.ingress.annotations }}
+    {{ $key }}: {{ $value | quote }}
+    {{- end }}
+spec:
+  rules:
+  - host: {{ .Values.ingress.host }}
+    http:
+      paths:
+        - path: {{ default "/" .Values.ingress.path }}
+          backend:
+            serviceName: {{ template "mongodb.fullname" . }}
+            servicePort: 27017
+{{- if .Values.ingress.tls }}
+  tls:
+  - hosts:
+    - {{ .Values.ingress.host }}
+    secretName: {{ .Values.ingress.tlsSecret }}
+{{- end }}
+{{- end }}

charts/mongodb/v2.0.1/templates/tls-secrets.yaml

+{{- if .Values.ingress.enabled }}
+{{- range .Values.ingress.secrets }}
+apiVersion: v1
+kind: Secret
+metadata:
+  name: {{ .Release.Name }}
+  labels:
+    app: {{ .Release.Name }}
+type: kubernetes.io/tls
+data:
+  tls.crt: {{ .certificate | b64enc }}
+  tls.key: {{ .key | b64enc }}
+---
+{{- end }}
+{{- end }}

charts/mongodb/v2.0.1/values.yaml

@@ -93,3 +93,42 @@ readinessProbe:
   timeoutSeconds: 5
   failureThreshold: 6
   successThreshold: 1
+
+ingress:
+  ## Set to true to enable ingress record generation
+  enabled: false
+
+  host: xip.io
+
+  ## Set this to true in order to enable TLS on the ingress record
+  ## A side effect of this will be that the backend service will be connected at port 443
+  tls: false
+
+  ## If TLS is set to true, you must declare what secret will store the key/certificate for TLS
+  tlsSecret: app.local-tls
+
+  ## Ingress annotations done as key:value pairs
+  ## If you're using kube-lego, you will want to add:
+  ## kubernetes.io/tls-acme: true
+  ##
+  ## For a full list of possible ingress annotations, please see
+  ## ref: https://github.com/kubernetes/ingress-nginx/blob/master/docs/annotations.md
+  ##
+  ## If tls is set to true, annotation ingress.kubernetes.io/secure-backends: "true" will automatically be set
+  annotations:
+  #  kubernetes.io/ingress.class: nginx
+  #  kubernetes.io/tls-acme: true
+
+  secrets:
+  ## If you're providing your own certificates, please use this to add the certificates as secrets
+  ## key and certificate should start with -----BEGIN CERTIFICATE----- or
+  ## -----BEGIN RSA PRIVATE KEY-----
+  ##
+  ## name should line up with a tlsSecret set further up
+  ## If you're using kube-lego, this is unneeded, as it will create the secret for you if it is not set
+  ##
+  ## It is also possible to create and manage the certificates outside of this helm chart
+  ## Please see README.md for more information
+  # - name: app.local-tls
+  #   key:
+  #   certificate:

charts/mysql/v0.3.7/questions.yml

@@ -62,7 +62,7 @@ questions:
   label: MySQL NodePort number
   required: true
 - variable: service.type
-  default: "NodePort"
+  default: "ClusterIP"
   description: "MySQL K8s Service type"
   type: enum
   options:
@@ -70,11 +70,26 @@ questions:
     - "NodePort"
   required: true
   label: MySQL Service Type
-- variable: service.nodePort
-  default: ""
-  description: "NodePort port number(to set explicitly, choose port between 30000-32767)"
-  type: int
-  min: 30000
-  max: 32767
-  show_if: "service.type=NodePort"
-  label: Service NodePort number
+  show_if: "ingress.enabled=false"
+  show_subquestion_if: "NodePort"
+  subquestions:
+  - variable: service.nodePort
+    default: ""
+    description: "NodePort port number(to set explicitly, choose port between 30000-32767)"
+    type: int
+    min: 30000
+    max: 32767
+    label: Service NodePort number
+- variable: ingress.enabled
+  default: "true"
+  description: "Expose app using Layer 7 Load Balancer - ingress"
+  type: boolean
+  label: Expose app using Layer 7 Load Balancer
+  show_subquestion_if: true
+  subquestions:
+  - variable: ingress.host
+    default: ""
+    description: "layer 7 Load Balancer hostname"
+    type: hostname
+    required: true
+    label: Layer 7 Load Balancer Hostname

charts/mysql/v0.3.7/templates/ingress.yaml

+{{- if .Values.ingress.enabled }}
+apiVersion: extensions/v1beta1
+kind: Ingress
+metadata:
+  name: {{ .Release.Name }}-ingress
+  labels:
+    app: {{ .Release.Name }}-ingress
+  annotations:
+    {{- if .Values.ingress.tls }}
+    ingress.kubernetes.io/secure-backends: "true"
+    {{- end }}
+    {{- range $key, $value := .Values.ingress.annotations }}
+    {{ $key }}: {{ $value | quote }}
+    {{- end }}
+spec:
+  rules:
+  - host: {{ .Values.ingress.host }}
+    http:
+      paths:
+        - path: {{ default "/" .Values.ingress.path }}
+          backend:
+            serviceName: {{ template "mysql.fullname" . }}
+            servicePort: {{ .Values.service.port }}
+{{- if .Values.ingress.tls }}
+  tls:
+  - hosts:
+    - {{ .Values.ingress.host }}
+    secretName: {{ .Values.ingress.tlsSecret }}
+{{- end }}
+{{- end }}

charts/mysql/v0.3.7/templates/tls-secrets.yaml

+{{- if .Values.ingress.enabled }}
+{{- range .Values.ingress.secrets }}
+apiVersion: v1
+kind: Secret
+metadata:
+  name: {{ .Release.Name }}
+  labels:
+    app: {{ .Release.Name }}
+type: kubernetes.io/tls
+data:
+  tls.crt: {{ .certificate | b64enc }}
+  tls.key: {{ .key | b64enc }}
+---
+{{- end }}
+{{- end }}

charts/mysql/v0.3.7/values.yaml

@@ -83,3 +83,42 @@ service:
   type: ClusterIP
   port: 3306
   # nodePort: 32000
+
+ingress:
+  ## Set to true to enable ingress record generation
+  enabled: false
+
+  host: xip.io
+
+  ## Set this to true in order to enable TLS on the ingress record
+  ## A side effect of this will be that the backend service will be connected at port 443
+  tls: false
+
+  ## If TLS is set to true, you must declare what secret will store the key/certificate for TLS
+  tlsSecret: app.local-tls
+
+  ## Ingress annotations done as key:value pairs
+  ## If you're using kube-lego, you will want to add:
+  ## kubernetes.io/tls-acme: true
+  ##
+  ## For a full list of possible ingress annotations, please see
+  ## ref: https://github.com/kubernetes/ingress-nginx/blob/master/docs/annotations.md
+  ##
+  ## If tls is set to true, annotation ingress.kubernetes.io/secure-backends: "true" will automatically be set
+  annotations:
+  #  kubernetes.io/ingress.class: nginx
+  #  kubernetes.io/tls-acme: true
+
+  secrets:
+  ## If you're providing your own certificates, please use this to add the certificates as secrets
+  ## key and certificate should start with -----BEGIN CERTIFICATE----- or
+  ## -----BEGIN RSA PRIVATE KEY-----
+  ##
+  ## name should line up with a tlsSecret set further up
+  ## If you're using kube-lego, this is unneeded, as it will create the secret for you if it is not set
+  ##
+  ## It is also possible to create and manage the certificates outside of this helm chart
+  ## Please see README.md for more information
+  # - name: app.local-tls
+  #   key:
+  #   certificate:

charts/redis/v3.0.2/questions.yml

@@ -67,3 +67,54 @@ questions:
     description: "If undefined or null, uses the default StorageClass. Defaults to null."
     type: storageclass
     label: Default Storage Class
+- variable: ingress.enabled
+  default: "true"
+  description: "Expose app using Layer 7 Load Balancer - ingress"
+  type: boolean
+  label: Expose app using Layer 7 Load Balancer
+  show_subquestion_if: true
+  subquestions:
+  - variable: ingress.host
+    default: ""
+    description: "layer 7 Load Balancer hostname"
+    type: hostname
+    required: true
+    label: Layer 7 Load Balancer Hostname
+- variable: slave.service.type
+  default: "ClusterIP"
+  description: "Redis slave service type"
+  type: enum
+  options:
+    - "ClusterIP"
+    - "NodePort"
+  required: true
+  label: Redis Slave Service Type
+  show_if: "ingress.enabled=false"
+  show_subquestion_if: "NodePort"
+  subquestions:
+  - variable: slave.service.nodePort
+    default: ""
+    description: "NodePort port number(to set explicitly, choose port between 30000-32767)"
+    type: int
+    min: 30000
+    max: 32767
+    label: Redis Slave Service NodePort number
+- variable: master.service.type
+  default: "ClusterIP"
+  description: "Redis master service type"
+  type: enum
+  options:
+    - "ClusterIP"
+    - "NodePort"
+  required: true
+  label: Redis Master Service Type
+  show_if: "ingress.enabled=false"
+  show_subquestion_if: "NodePort"
+  subquestions:
+  - variable: master.service.nodePort
+    default: ""
+    description: "NodePort port number(to set explicitly, choose port between 30000-32767)"
+    type: int
+    min: 30000
+    max: 32767
+    label: Redis Master Service NodePort number

charts/redis/v3.0.2/templates/ingress.yaml

+{{- if .Values.ingress.enabled }}
+apiVersion: extensions/v1beta1
+kind: Ingress
+metadata:
+  name: {{ .Release.Name }}-master-ingress
+  labels:
+    app: {{ .Release.Name }}-master-ingress
+  annotations:
+    {{- if .Values.ingress.tls }}
+    ingress.kubernetes.io/secure-backends: "true"
+    {{- end }}
+    {{- range $key, $value := .Values.ingress.annotations }}
+    {{ $key }}: {{ $value | quote }}
+    {{- end }}
+spec:
+  rules:
+  - host: {{ .Values.ingress.host }}
+    http:
+      paths:
+        - path: {{ default "/" .Values.ingress.path }}
+          backend:
+            serviceName: {{ template "redis.fullname" . }}-master
+            servicePort: 6379
+{{- if .Values.ingress.tls }}
+  tls:
+  - hosts:
+    - {{ .Values.ingress.host }}
+    secretName: {{ .Values.ingress.tlsSecret }}
+{{- end }}
+
+---
+apiVersion: extensions/v1beta1
+kind: Ingress
+metadata:
+  name: {{ .Release.Name }}-slave-ingress
+  labels:
+    app: {{ .Release.Name }}-slave-ingress
+  annotations:
+    {{- if .Values.ingress.tls }}
+    ingress.kubernetes.io/secure-backends: "true"
+    {{- end }}
+    {{- range $key, $value := .Values.ingress.annotations }}
+    {{ $key }}: {{ $value | quote }}
+    {{- end }}
+spec:
+  rules:
+  - host: {{ .Values.ingress.host }}
+    http:
+      paths:
+        - path: {{ default "/" .Values.ingress.path }}
+          backend:
+            serviceName: {{ template "redis.fullname" . }}-slave
+            servicePort: 6379
+{{- if .Values.ingress.tls }}
+  tls:
+  - hosts:
+    - {{ .Values.ingress.host }}
+    secretName: {{ .Values.ingress.tlsSecret }}
+{{- end }}
+{{- end }}

charts/redis/v3.0.2/templates/tls-secrets.yaml

+{{- if .Values.ingress.enabled }}
+{{- range .Values.ingress.secrets }}
+apiVersion: v1
+kind: Secret
+metadata:
+  name: {{ .Release.Name }}
+  labels:
+    app: {{ .Release.Name }}
+type: kubernetes.io/tls
+data:
+  tls.crt: {{ .certificate | b64enc }}
+  tls.key: {{ .key | b64enc }}
+---
+{{- end }}
+{{- end }}

charts/redis/v3.0.2/values.yaml

@@ -190,7 +190,7 @@ slave:
     ##  Redis Slave Service type
     type: ClusterIP
     ## Specify the nodePort value for the LoadBalancer and NodePort service types.
-    ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport
+    ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeportl
     ##
     # nodePort:
 
@@ -248,3 +248,42 @@ slave:
   #   enabled: true
   #   fsGroup: 1001
   #   runAsUser: 1001
+
+ingress:
+  ## Set to true to enable ingress record generation
+  enabled: false
+
+  host: xip.io
+
+  ## Set this to true in order to enable TLS on the ingress record
+  ## A side effect of this will be that the backend service will be connected at port 443
+  tls: false
+
+  ## If TLS is set to true, you must declare what secret will store the key/certificate for TLS
+  tlsSecret: app.local-tls
+
+  ## Ingress annotations done as key:value pairs
+  ## If you're using kube-lego, you will want to add:
+  ## kubernetes.io/tls-acme: true
+  ##
+  ## For a full list of possible ingress annotations, please see
+  ## ref: https://github.com/kubernetes/ingress-nginx/blob/master/docs/annotations.md
+  ##
+  ## If tls is set to true, annotation ingress.kubernetes.io/secure-backends: "true" will automatically be set
+  annotations:
+  #  kubernetes.io/ingress.class: nginx
+  #  kubernetes.io/tls-acme: true
+
+  secrets:
+  ## If you're providing your own certificates, please use this to add the certificates as secrets
+  ## key and certificate should start with -----BEGIN CERTIFICATE----- or
+  ## -----BEGIN RSA PRIVATE KEY-----
+  ##
+  ## name should line up with a tlsSecret set further up
+  ## If you're using kube-lego, this is unneeded, as it will create the secret for you if it is not set
+  ##
+  ## It is also possible to create and manage the certificates outside of this helm chart
+  ## Please see README.md for more information
+  # - name: app.local-tls
+  #   key:
+  #   certificate:

charts/wordpress/v1.0.5/questions.yml

@@ -165,7 +165,7 @@ questions:
     label: NodePort Https Port
 - variable: ingress.enabled
   default: "true"
-  description: "Enable ingress controller resource"
+  description: "Expose app using Layer 7 Load Balancer - ingress"
   type: boolean
   label: Expose app using Layer 7 Load Balancer
   show_subquestion_if: true

charts/wordpress/v1.0.5/templates/ingress.yaml

@@ -3,7 +3,7 @@
 apiVersion: extensions/v1beta1
 kind: Ingress
 metadata:
-  name: "{{- printf "%s-%s" .name $.Release.Name | trunc 63 | trimSuffix "-" -}}"
+  name: "{{ $.Release.Name }}-ingress"
   labels:
     app: {{ template "fullname" $ }}
     chart: "{{ $.Chart.Name }}-{{ $.Chart.Version }}"

proposed/longhorn/v0.1.0/questions.yml

@@ -2,7 +2,7 @@ categories:
 - storage
 questions:
 - variable: service.ui.type
-  default: "NodePort"
+  default: "ClusterIP"
   description: "Define Longhorn UI service type"
   type: enum
   options:
@@ -10,6 +10,7 @@ questions:
     - "NodePort"
     - "LoadBalancer"
   label: Longhorn UI Service
+  show_if: "ingress.enabled=false"
 - variable: service.ui.nodePort
   default: ""
   description: "NodePort port number(to set explicitly, choose port between 30000-32767)"
@@ -48,3 +49,16 @@ questions:
   description: "For GKE uses `/home/kubernetes/flexvolume/` instead, users can find the correct directory by running `ps aux|grep kubelet` on the host and check the --volume-plugin-dir parameter.  If there is none, the default `/usr/libexec/kubernetes/kubelet-plugins/volume/exec/` will be used."
   type: string
   label: Longhorn Flexvolume Path
+- variable: ingress.enabled
+  default: "true"
+  description: "Expose app using Layer 7 Load Balancer - ingress"
+  type: boolean
+  label: Expose app using Layer 7 Load Balancer
+  show_subquestion_if: true
+  subquestions:
+  - variable: ingress.host
+    default: ""
+    description: "layer 7 Load Balancer hostname"
+    type: hostname
+    required: true
+    label: Layer 7 Load Balancer Hostname

proposed/longhorn/v0.1.0/templates/deployment-ui.yaml

@@ -2,7 +2,7 @@ apiVersion: apps/v1beta1
 kind: Deployment
 metadata:
   labels:
-    app: {{ .Release.Namespace }}-ui
+    app: {{ .Release.Name }}-ui
   name: longhorn-ui
   namespace: {{ .Release.Namespace }}
 spec:
@@ -10,7 +10,7 @@ spec:
   template:
     metadata:
       labels:
-        app: {{ .Release.Namespace }}-ui
+        app: {{ .Release.Name }}-ui
     spec:
       containers:
       - name: longhorn-ui
@@ -26,13 +26,13 @@ kind: Service
 apiVersion: v1
 metadata:
   labels:
-    app: {{ .Release.Namespace }}-ui
+    app: {{ .Release.Name }}-ui
   name: longhorn-frontend
   namespace: {{ .Release.Namespace }}
 spec:
   type: {{ .Values.service.ui.type }}
   selector:
-    app: {{ .Release.Namespace }}-ui
+    app: {{ .Release.Name }}-ui
   ports:
   - name: longhorn-ui
     port: 80

proposed/longhorn/v0.1.0/templates/ingress.yaml

+{{- if .Values.ingress.enabled }}
+apiVersion: extensions/v1beta1
+kind: Ingress
+metadata:
+  name: {{ .Release.Name }}-ingress
+  labels:
+    app: {{ .Release.Name }}-ingress
+  annotations:
+    {{- if .Values.ingress.tls }}
+    ingress.kubernetes.io/secure-backends: "true"
+    {{- end }}
+    {{- range $key, $value := .Values.ingress.annotations }}
+    {{ $key }}: {{ $value | quote }}
+    {{- end }}
+spec:
+  rules:
+  - host: {{ .Values.ingress.host }}
+    http:
+      paths:
+        - path: {{ default "/" .Values.ingress.path }}
+          backend:
+            serviceName: longhorn-frontend
+            servicePort: 80
+{{- if .Values.ingress.tls }}
+  tls:
+  - hosts:
+    - {{ .Values.ingress.host }}
+    secretName: {{ .Values.ingress.tlsSecret }}
+{{- end }}
+{{- end }}

proposed/longhorn/v0.1.0/templates/tls-secrets.yaml

+{{- if .Values.ingress.enabled }}
+{{- range .Values.ingress.secrets }}
+apiVersion: v1
+kind: Secret
+metadata:
+  name: {{ .Release.Name }}
+  labels:
+    app: {{ .Release.Name }}
+type: kubernetes.io/tls
+data:
+  tls.crt: {{ .certificate | b64enc }}
+  tls.key: {{ .key | b64enc }}
+---
+{{- end }}
+{{- end }}

proposed/longhorn/v0.1.0/values.yaml

@@ -10,7 +10,7 @@ image:
 
 service:
   ui:
-    type: NodePort
+    type: ClusterIP
     nodePort: ""
   manager:
     type: ClusterIP
@@ -33,3 +33,45 @@ resources: {}
   # requests:
   #  cpu: 100m
   #  memory: 128Mi
+  #
+ 
+ingress:
+  ## Set to true to enable ingress record generation
+  enabled: false
+
+
+  host: xip.io
+
+  ## Set this to true in order to enable TLS on the ingress record
+  ## A side effect of this will be that the backend service will be connected at port 443
+  tls: false
+
+  ## If TLS is set to true, you must declare what secret will store the key/certificate for TLS
+  tlsSecret: longhorn.local-tls
+
+  ## Ingress annotations done as key:value pairs
+  ## If you're using kube-lego, you will want to add:
+  ## kubernetes.io/tls-acme: true
+  ##
+  ## For a full list of possible ingress annotations, please see
+  ## ref: https://github.com/kubernetes/ingress-nginx/blob/master/docs/annotations.md
+  ##
+  ## If tls is set to true, annotation ingress.kubernetes.io/secure-backends: "true" will automatically be set
+  annotations:
+  #  kubernetes.io/ingress.class: nginx
+  #  kubernetes.io/tls-acme: true
+
+  secrets:
+  ## If you're providing your own certificates, please use this to add the certificates as secrets
+  ## key and certificate should start with -----BEGIN CERTIFICATE----- or
+  ## -----BEGIN RSA PRIVATE KEY-----
+  ##
+  ## name should line up with a tlsSecret set further up
+  ## If you're using kube-lego, this is unneeded, as it will create the secret for you if it is not set
+  ##
+  ## It is also possible to create and manage the certificates outside of this helm chart
+  ## Please see README.md for more information
+  # - name: longhorn.local-tls
+  #   key:
+  #   certificate:
+