Skip to content

Commit f6176c2

Browse files
batpadbatpad
committed
add ingress + ssl for tasking manager api
1 parent c72d91c commit f6176c2

File tree

2 files changed

+36
-18
lines changed

2 files changed

+36
-18
lines changed

osm-seed/templates/tasking-manager-api/tasking-manager-api-ingress.yaml

Lines changed: 26 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,26 @@
1+
{{- if and .Values.tmApi.enabled (eq .Values.serviceType "ClusterIP") }}
2+
apiVersion: networking.k8s.io/v1
3+
kind: Ingress
4+
metadata:
5+
name: {{ template "osm-seed.fullname" . }}-ingress-tm-api
6+
annotations:
7+
kubernetes.io/ingress.class: nginx
8+
cert-manager.io/cluster-issuer: letsencrypt-prod-issuer
9+
spec:
10+
tls:
11+
- hosts:
12+
- tm-api.{{ .Values.domain }}
13+
secretName: {{ template "osm-seed.fullname" . }}-secret-tm-api
14+
15+
rules:
16+
- host: tm-api.{{ .Values.domain }}
17+
http:
18+
paths:
19+
- path: /
20+
pathType: Prefix
21+
backend:
22+
service:
23+
name: {{ template "osm-seed.fullname" . }}-tm-api
24+
port:
25+
number: 80
26+
{{- end }}

osm-seed/templates/tasking-manager-api/tasking-manager-api-service.yaml

Lines changed: 10 additions & 18 deletions
Original file line numberDiff line numberDiff line change
@@ -8,34 +8,26 @@ metadata:
88
component: tasking-manager-api-service
99
environment: {{ .Values.environment }}
1010
release: {{ .Release.Name }}
11-
{{- if eq .Values.cloudProvider "aws" }}
1211
annotations:
13-
service.beta.kubernetes.io/aws-load-balancer-connection-idle-timeout: "300"
14-
{{- if .Values.AWS_SSL_ARN }}
12+
{{- if and (eq .Values.serviceType "LoadBalancer") .Values.AWS_SSL_ARN }}
1513
service.beta.kubernetes.io/aws-load-balancer-ssl-cert: {{ .Values.AWS_SSL_ARN }}
1614
service.beta.kubernetes.io/aws-load-balancer-backend-protocol: http
17-
service.beta.kubernetes.io/aws-load-balancer-ssl-ports: https
15+
service.beta.kubernetes.io/aws-load-balancer-ssl-ports: https
16+
{{- end }}
17+
{{- if eq .Values.serviceType "ClusterIP" }}
18+
kubernetes.io/ingress.class: nginx
19+
cert-manager.io/cluster-issuer: letsencrypt-prod-issuer
20+
{{- else }}
21+
fake.annotation: fake
1822
{{- end }}
19-
{{- end }}
2023
spec:
21-
# In case cloudProvider=aws
22-
{{- if eq .Values.cloudProvider "aws" }}
23-
type: LoadBalancer
24-
{{- end }}
25-
# In case cloudProvider=gcp
26-
{{- if eq .Values.cloudProvider "gcp" }}
27-
type: LoadBalancer
28-
{{- end }}
29-
# In case cloudProvider=minikube
30-
{{- if eq .Values.cloudProvider "minikube" }}
31-
type: NodePort
32-
{{- end }}
24+
type: {{ .Values.serviceType }}
3325
ports:
3426
- port: 80
3527
targetPort: http
3628
protocol: TCP
3729
name: http
38-
{{- if .Values.AWS_SSL_ARN }} #FIXME: make generic
30+
{{- if and (eq .Values.serviceType "LoadBalancer") .Values.AWS_SSL_ARN }}
3931
- port: 443
4032
targetPort: http
4133
protocol: TCP

0 commit comments

Comments
 (0)