Skip to content

Allow to generate different types/allow to specify hostnames #58

New issue
New issue
Open
Open
Allow to generate different types/allow to specify hostnames#58
Assignees
ademariag
Labels
enhancementNew feature or requestgeneratorRelated to generator components
@Moep90

Description

@Moep90
Moep90
opened on Jan 28, 2021

Possbiel sources:
As already mentioned here: Slack#Kapitan
It might be possible to use this: https://github.com/bitnami-labs/kube-libsonnet which already includes several more ingress things

Types of Ingress
k8s-docs for Ingress

  • Ingress backed by a single Service
  • Simple fanout
  • Name based virtual hosting
  • TLS
  • Load balancing

Ingress host/hostname
Currently the Ingress hostname is set to a wildcard.
In order to change this, please allow the generator to pick up a host.

parameters:
  ingresses:
    sonarqube-ingress:
      host: "foo.bar.com"
        paths:
          - path: /
[...]
      host: "*.foo.com"
        paths:
          - path: /
[...]
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: ingress-wildcard-host
spec:
  rules:
  - host: "foo.bar.com"
    http:
      paths:
      - pathType: Prefix
        path: "/bar"
        backend:
          service:
            name: service1
            port:
              number: 80
  - host: "*.foo.com"
    http:
      paths:
      - pathType: Prefix
        path: "/foo"
        backend:
          service:
            name: service2
            port:
              number: 80

My current Workaround

The Component

  #
  # Ingress
  #
  ingress:
    rules:
      - host: ${target_name}.${domain}
        http:
          paths:
            - pathType: Prefix
              path: /
              backend:
                service:
                  name: ${target_name}
                  port:
                    number: ${gitea:http_port}

The Kapitan Compiler info

parameters:
  kapitan:
    compile:
      - output_path: manifests
        input_type: jinja2
        input_paths: 
          - templates/jinja/ingress.yml

The Template without TLS

{% set p = inventory.parameters %}
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: {{ p.target_name }}
  namespace: {{ p.namespace }}
  labels: {{ p.generators.manifest.default_config.labels }}
  annotations: {{ p.generators.manifest.default_config.annotations }}
spec:
  rules: {{ p.ingress.rules }}

The Result:

---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: gitea
  namespace: gitea
  labels: {'app.kubernetes.io/part-of': 'gitea', 'app.kubernetes.io/managed-by': 'kapitan'}
  annotations: {'manifests.kapicorp.com/generated': 'true'}
spec:
  rules: [{'host': 'gitea.example.com', 'http': {'paths': [{'pathType': 'Prefix', 'path': '/', 'backend': {'service': {'name': 'gitea', 'port': {'number': 3000}}}}]}}]

The Template with TLS

{% set p = inventory.parameters %}
{% if inventory.parameters.ingress is defined %}
{% set i = inventory.parameters.ingress %}
{% set labels = p.generators.manifest.default_config.labels %}
{% set annotations = p.generators.manifest.default_config.annotations %}
{% for ingress in i %}
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: {{ p.target_name }}-{{ loop.index }}
  namespace: {{ p.namespace }}
  labels: {{ i[ingress].extra.labels }}
  annotations: {{ i[ingress].extra.annotations }}
spec:
  tls: {{ i[ingress].tls | default("")}}
  rules: {{ i[ingress].rules }}
{% endfor %}
{% else %}
---
{% endif %}

Kapitan Definition

  extra:
    certs:
      - name: wildcard-example-com
        cert: ?{vaultkv:ssl/wildcard-example-com-cert}
        key: ?{vaultkv:ssl/wildcard-example-com-key}

  ingress:
    wikijs:
      extra:
        labels: []
        annotations:
          nginx.ingress.kubernetes.io/proxy-body-size: "0"
          nginx.ingress.kubernetes.io/proxy-read-timeout: "600"
          nginx.ingress.kubernetes.io/proxy-send-timeout: "600"
      tls:
      - hosts:
          - wiki.${domain}
        secretName: ${target_name}-tls
      rules:
        - host: wiki.${domain}
          http:
            paths:
            - path: /
              pathType: Prefix
              backend:
                service:
                  name: wikijs
                  port:
                    number: ${wikijs:service:wikijs:http}

The Result

---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: k8s-wikijs-1
  namespace: wikijs
  labels: []
  annotations: {'nginx.ingress.kubernetes.io/proxy-body-size': '0', 'nginx.ingress.kubernetes.io/proxy-read-timeout': '600', 'nginx.ingress.kubernetes.io/proxy-send-timeout': '600'}
spec:
  tls: [{'hosts': ['wiki.example.com'], 'secretName': 'k8s-wikijs-tls'}]
  rules: [{'host': 'wiki.example.com', 'http': {'paths': [{'path': '/', 'pathType': 'Prefix', 'backend': {'service': {'name': 'wikijs', 'port': {'number': 3000}}}}]}}]

Metadata

Metadata

Assignees

Labels

enhancementNew feature or requestgeneratorRelated to generator components

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions