Skip to content

Commit

Permalink
Merge pull request #445 from junior/helm-ingress-update
Browse files Browse the repository at this point in the history 
Helm ingress update
  • Loading branch information
@junior
junior authored Oct 2, 2024
2 parents 97c79ca + 5531447 commit 70cf46c
Show file tree
Hide file tree
Showing 14 changed files with 77 additions and 67 deletions.
4 changes: 2 additions & 2 deletions deploy/complete/helm-chart/mushop/templates/cluster-issuers.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,7 @@ spec:
solvers:
- http01:
ingress:
class: nginx
ingressClassName: nginx
---
apiVersion: cert-manager.io/v1
kind: ClusterIssuer
Expand All @@ -36,7 +36,7 @@ spec:
solvers:
- http01:
ingress:
class: nginx
ingressClassName: nginx
---
apiVersion: cert-manager.io/v1
kind: ClusterIssuer
Expand Down
4 changes: 2 additions & 2 deletions deploy/complete/helm-chart/mushop/templates/ingress-edge.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,14 +6,14 @@ metadata:
labels:
{{ include "mushop.labels" . | indent 4 }}
annotations:
kubernetes.io/ingress.class: nginx
{{- if .Values.ingress.tls }}
nginx.ingress.kubernetes.io/ssl-redirect: "true"
cert-manager.io/cluster-issuer: {{ include "mushop.fullname" . }}-{{ .Values.ingress.clusterIssuer }}
cert-manager.io/acme-challenge-type: http01
{{- end }}

spec:
ingressClassName: nginx
rules:
{{- if .Values.ingress.hosts }}
{{- range $host := .Values.ingress.hosts }}
Expand Down
4 changes: 2 additions & 2 deletions deploy/complete/helm-chart/mushop/templates/ingress-grafana.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -20,15 +20,15 @@ metadata:
labels:
{{ include "mushop.labels" . | indent 4 }}
annotations:
kubernetes.io/ingress.class: nginx
nginx.ingress.kubernetes.io/rewrite-target: /$2
{{- if .Values.ingress.tls }}
nginx.ingress.kubernetes.io/ssl-redirect: "true"
cert-manager.io/cluster-issuer: {{ include "mushop.fullname" . }}-{{ .Values.ingress.clusterIssuer }}
cert-manager.io/acme-challenge-type: http01
{{- end }}

spec:
ingressClassName: nginx
rules:
{{- if .Values.ingress.hosts }}
{{- range $host := .Values.ingress.hosts }}
Expand Down
12 changes: 6 additions & 6 deletions deploy/complete/helm-chart/setup/requirements.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,31 +1,31 @@
# Copyright (c) 2019-2021 Oracle and/or its affiliates. All rights reserved.
# Copyright (c) 2019-2024 Oracle and/or its affiliates. All rights reserved.
# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl.
#

dependencies:
# Prometheus
- name: prometheus
version: 25.18.0
version: 25.27.0
condition: prometheus.enabled
repository: https://prometheus-community.github.io/helm-charts
# Grafana
- name: grafana
version: 7.3.7
version: 8.5.1
condition: grafana.enabled
repository: https://grafana.github.io/helm-charts
# HPA Metrics
- name: metrics-server
version: 3.12.0
version: 3.12.1
condition: metrics-server.enabled
repository: https://kubernetes-sigs.github.io/metrics-server
# Ingress Controller
- name: ingress-nginx
version: 4.10.0
version: 4.11.2
condition: ingress-nginx.enabled
repository: https://kubernetes.github.io/ingress-nginx
# cert-manager
- name: cert-manager
version: 1.14.4
version: 1.15.3
condition: cert-manager.enabled
repository: https://charts.jetstack.io
# jenkins
Expand Down
8 changes: 6 additions & 2 deletions deploy/complete/helm-chart/setup/values.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -33,12 +33,16 @@ ingress-nginx:
controller:
metrics:
enabled: true
ingressClassResource:
default: true

# https://github.com/jetstack/cert-manager/blob/master/README.md
# https://artifacthub.io/packages/helm/jetstack/cert-manager
cert-manager:
enabled: true
installCRDs: true
crds:
enabled: true
keep: false

# https://github.com/grafana/helm-charts/blob/main/charts/grafana/README.md
# https://artifacthub.io/packages/helm/grafana/grafana
Expand Down Expand Up @@ -136,10 +140,10 @@ jenkins:
apiVersion: networking.k8s.io/v1
metadata:
annotations:
kubernetes.io/ingress.class: nginx
nginx.ingress.kubernetes.io/rewrite-target: /$2
labels: {}
spec:
ingressClassName: nginx
rules:
- http:
paths:
Expand Down
3 changes: 1 addition & 2 deletions deploy/complete/kubernetes/ingress/mushop-dev.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,9 +2,8 @@ apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: mushop-dev
annotations:
kubernetes.io/ingress.class: nginx
spec:
ingressClassName: nginx
rules:
- http:
paths:
Expand Down
4 changes: 2 additions & 2 deletions deploy/complete/kubernetes/ingress/mushop-grafana.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,13 +1,13 @@
apiVersion: networking.k8s.io/v1beta1
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: grafana
annotations:
kubernetes.io/ingress.class: nginx
nginx.ingress.kubernetes.io/ssl-redirect: "true"
cert-manager.io/cluster-issuer: letsencrypt-prod
cert-manager.io/acme-challenge-type: http01
spec:
ingressClassName: nginx
tls:
- secretName: mushop-grafana-tls
hosts:
Expand Down
10 changes: 5 additions & 5 deletions deploy/complete/kubernetes/ingress/mushop-issuer.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
---
apiVersion: cert-manager.io/v1alpha2
apiVersion: cert-manager.io/v1
kind: ClusterIssuer
metadata:
name: letsencrypt-prod
Expand All @@ -15,9 +15,9 @@ spec:
solvers:
- http01:
ingress:
class: nginx
ingressClassName: nginx
---
apiVersion: cert-manager.io/v1alpha2
apiVersion: cert-manager.io/v1
kind: ClusterIssuer
metadata:
name: letsencrypt-staging
Expand All @@ -33,9 +33,9 @@ spec:
solvers:
- http01:
ingress:
class: nginx
ingressClassName: nginx
---
apiVersion: cert-manager.io/v1alpha2
apiVersion: cert-manager.io/v1
kind: ClusterIssuer
metadata:
name: selfsigned
Expand Down
6 changes: 3 additions & 3 deletions deploy/complete/kubernetes/ingress/mushop-prod.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,15 +1,15 @@
apiVersion: networking.k8s.io/v1beta1
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: mushop-prod
annotations:
kubernetes.io/ingress.class: nginx
nginx.ingress.kubernetes.io/ssl-redirect: "true"
cert-manager.io/cluster-issuer: letsencrypt-prod
cert-manager.io/acme-challenge-type: http01
spec:
ingressClassName: nginx
tls:
- secretName: mushop-prod-tls
- secretName: mushop-prod-tls
hosts:
- mushop.ateam.cloud
- insecure.mushop.ateam.cloud
Expand Down
4 changes: 2 additions & 2 deletions deploy/complete/kubernetes/ingress/mushop-test.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,13 +1,13 @@
apiVersion: networking.k8s.io/v1beta1
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: mushop-test
annotations:
kubernetes.io/ingress.class: nginx
nginx.ingress.kubernetes.io/ssl-redirect: "true"
cert-manager.io/cluster-issuer: letsencrypt-prod
cert-manager.io/acme-challenge-type: http01
spec:
ingressClassName: nginx
tls:
- secretName: mushop-test-tls
hosts:
Expand Down
3 changes: 1 addition & 2 deletions deploy/complete/kubernetes/mushop.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,9 +10,8 @@ metadata:
app.kubernetes.io/instance: mushop
app.kubernetes.io/version: "1.0"
app.kubernetes.io/managed-by: Helm
annotations:
kubernetes.io/ingress.class: nginx
spec:
ingressClassName: nginx
rules:
# change this for user-specific ingress
- host: mushop.example.com
Expand Down
2 changes: 1 addition & 1 deletion deploy/complete/terraform/VERSION
View file
Original file line number Diff line number Diff line change
@@ -1 +1 @@
3.2.0
3.3.0
22 changes: 16 additions & 6 deletions deploy/complete/terraform/mushop-utilities.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,7 @@ resource "helm_release" "prometheus" {
name = "prometheus"
repository = local.helm_repository.prometheus
chart = "prometheus"
version = "25.18.0"
version = "25.27.0"
namespace = kubernetes_namespace.cluster_utilities_namespace.id
wait = false

Expand All @@ -37,7 +37,7 @@ resource "helm_release" "grafana" {
name = "mushop-utils-grafana" # mushop-utils included to be backwards compatible to the docs and setup chart install
repository = local.helm_repository.grafana
chart = "grafana"
version = "7.3.7"
version = "8.5.1"
namespace = kubernetes_namespace.cluster_utilities_namespace.id
wait = false

Expand Down Expand Up @@ -97,7 +97,7 @@ resource "helm_release" "metrics_server" {
name = "metrics-server"
repository = local.helm_repository.metrics_server
chart = "metrics-server"
version = "3.12.0"
version = "3.12.1"
namespace = kubernetes_namespace.cluster_utilities_namespace.id
wait = false

Expand All @@ -116,7 +116,7 @@ resource "helm_release" "ingress_nginx" {
name = "mushop-utils-ingress-nginx" # mushop-utils included to be backwards compatible to the docs and setup chart install
repository = local.helm_repository.ingress_nginx
chart = "ingress-nginx"
version = "4.10.0"
version = "4.11.2"
namespace = kubernetes_namespace.cluster_utilities_namespace.id
wait = true

Expand All @@ -140,6 +140,11 @@ resource "helm_release" "ingress_nginx" {
type = "string"
}

set {
name = "controller.ingressClassResource.default"
value = true
}

timeout = 1800 # workaround to wait the node be active for other charts

depends_on = [kubernetes_deployment.cluster_autoscaler_deployment]
Expand All @@ -156,15 +161,20 @@ resource "helm_release" "cert_manager" {
name = "cert-manager"
repository = local.helm_repository.jetstack
chart = "cert-manager"
version = "1.14.4"
version = "1.15.3"
namespace = kubernetes_namespace.cluster_utilities_namespace.id
wait = true # wait to allow the webhook be properly configured

set {
name = "installCRDs"
name = "crds.enabled"
value = true
}

set {
name = "crds.keep"
value = false
}

set {
name = "webhook.timeoutSeconds"
value = "30"
Expand Down
58 changes: 28 additions & 30 deletions src/docs/content/disaster-recovery/setup.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -167,22 +167,21 @@ A TLS secret is used for SSL termination on the ingress controller. To generate
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: mushop
annotations:
kubernetes.io/ingress.class: "nginx"
name: mushop
spec:
tls:
- secretName: tls-secret
rules:
- http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: edge
port:
number: 80
ingressClassName: nginx
tls:
- secretName: tls-secret
rules:
- http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: edge
port:
number: 80
EOF
```
Expand Down Expand Up @@ -301,22 +300,21 @@ oadbConnectionSecret: oadb-connection # Name of connection secret created earlie
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: mushop
annotations:
kubernetes.io/ingress.class: "nginx"
name: mushop
spec:
tls:
- secretName: tls-secret
rules:
- http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: edge
port:
number: 80
ingressClassName: nginx
tls:
- secretName: tls-secret
rules:
- http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: edge
port:
number: 80
EOF
```
Expand Down

0 comments on commit 70cf46c

Please sign in to comment.