From 904ce40f5af0159adc34af0f74614363466b023b Mon Sep 17 00:00:00 2001 From: maddadder Date: Thu, 21 Sep 2023 12:19:39 -0700 Subject: [PATCH 01/16] update k8s charts --- deploy/k8s/helm/basket-api/templates/configmap.yaml | 3 ++- deploy/k8s/helm/basket-api/values.yaml | 4 +++- deploy/k8s/helm/catalog-api/values.yaml | 6 +++--- deploy/k8s/helm/identity-api/values.yaml | 2 +- deploy/k8s/helm/inf.yaml | 6 ++++++ deploy/k8s/helm/ordering-api/values.yaml | 4 ++-- deploy/k8s/helm/ordering-backgroundtasks/values.yaml | 4 ++-- deploy/k8s/helm/ordering-signalrhub/values.yaml | 2 +- deploy/k8s/helm/payment-api/values.yaml | 2 +- deploy/k8s/helm/webhooks-api/values.yaml | 4 ++-- 10 files changed, 23 insertions(+), 14 deletions(-) diff --git a/deploy/k8s/helm/basket-api/templates/configmap.yaml b/deploy/k8s/helm/basket-api/templates/configmap.yaml index 8a36f74ace..85ef486f9f 100644 --- a/deploy/k8s/helm/basket-api/templates/configmap.yaml +++ b/deploy/k8s/helm/basket-api/templates/configmap.yaml @@ -14,4 +14,5 @@ data: urls__IdentityUrl: http://{{ .Values.app.svc.identity }} all__EventBusConnection: {{ .Values.inf.eventbus.constr }} all__InstrumentationKey: "{{ .Values.inf.appinsights.key }}" - all__UseAzureServiceBus: "{{ .Values.inf.eventbus.useAzure }}" \ No newline at end of file + all__UseAzureServiceBus: "{{ .Values.inf.eventbus.useAzure }}" + all__Redis: "{{ .Values.inf.redis.basket.constr }}" \ No newline at end of file diff --git a/deploy/k8s/helm/basket-api/values.yaml b/deploy/k8s/helm/basket-api/values.yaml index dcd6aa763b..39c66444dd 100644 --- a/deploy/k8s/helm/basket-api/values.yaml +++ b/deploy/k8s/helm/basket-api/values.yaml @@ -28,7 +28,7 @@ env: configmap: - name: ConnectionString key: basket__ConnectionString - - name: EventBusConnection + - name: ConnectionStrings__EventBus key: all__EventBusConnection - name: ApplicationInsights__InstrumentationKey key: all__InstrumentationKey @@ -36,6 +36,8 @@ env: key: all__UseAzureServiceBus - name: IdentityUrl key: urls__IdentityUrl + - name: ConnectionStrings__Redis + key: all__Redis # values define environment variables with a fixed value (no configmap involved) (name is name of var, and value is its value) values: - name: OrchestratorType diff --git a/deploy/k8s/helm/catalog-api/values.yaml b/deploy/k8s/helm/catalog-api/values.yaml index 0de49b7f6c..0803bb78b0 100644 --- a/deploy/k8s/helm/catalog-api/values.yaml +++ b/deploy/k8s/helm/catalog-api/values.yaml @@ -26,7 +26,7 @@ env: urls: # configmap declares variables which value is taken from the config map defined in template configmap.yaml (name is name of var and key the key in configmap). configmap: - - name: ConnectionString + - name: ConnectionStrings__CatalogDb key: catalog__ConnectionString - name: PicBaseUrl key: catalog__PicBaseUrl @@ -34,14 +34,14 @@ env: key: catalog__AzureStorageEnabled - name: ApplicationInsights__InstrumentationKey key: all__InstrumentationKey - - name: EventBusConnection + - name: ConnectionStrings__EventBus key: all__EventBusConnection - name: AzureServiceBusEnabled key: all__UseAzureServiceBus # values define environment variables with a fixed value (no configmap involved) (name is name of var, and value is its value) values: - name: ASPNETCORE_ENVIRONMENT - value: Development + value: PRODUCTION - name: OrchestratorType value: 'K8S' - name: PORT diff --git a/deploy/k8s/helm/identity-api/values.yaml b/deploy/k8s/helm/identity-api/values.yaml index 92fd57283b..4707ce1cbb 100644 --- a/deploy/k8s/helm/identity-api/values.yaml +++ b/deploy/k8s/helm/identity-api/values.yaml @@ -30,7 +30,7 @@ affinity: {} env: urls: configmap: - - name: ConnectionString + - name: ConnectionStrings__IdentityDb key: identity__ConnectionString - name: DPConnectionString key: identity__keystore diff --git a/deploy/k8s/helm/inf.yaml b/deploy/k8s/helm/inf.yaml index 8ed680d6b1..37fac2c545 100644 --- a/deploy/k8s/helm/inf.yaml +++ b/deploy/k8s/helm/inf.yaml @@ -48,3 +48,9 @@ inf: # login: # User login # pwd: # User pwd +env: + values: + - name: Kestrel__Endpoints__Http__Url + value: http://0.0.0.0:80 + - name: Kestrel__Endpoints__gRPC__Url + value: http://0.0.0.0:81 diff --git a/deploy/k8s/helm/ordering-api/values.yaml b/deploy/k8s/helm/ordering-api/values.yaml index 505ccc3793..6bb92a1f4a 100644 --- a/deploy/k8s/helm/ordering-api/values.yaml +++ b/deploy/k8s/helm/ordering-api/values.yaml @@ -33,11 +33,11 @@ env: urls: # configmap declares variables which value is taken from the config map defined in template configmap.yaml (name is name of var and key the key in configmap). configmap: - - name: ConnectionString + - name: ConnectionStrings__OrderingDb key: ordering__ConnectionString - name: ApplicationInsights__InstrumentationKey key: all__InstrumentationKey - - name: EventBusConnection + - name: ConnectionStrings__EventBus key: all__EventBusConnection - name: AzureServiceBusEnabled key: all__UseAzureServiceBus diff --git a/deploy/k8s/helm/ordering-backgroundtasks/values.yaml b/deploy/k8s/helm/ordering-backgroundtasks/values.yaml index 18abe99a53..71bc163b1f 100644 --- a/deploy/k8s/helm/ordering-backgroundtasks/values.yaml +++ b/deploy/k8s/helm/ordering-backgroundtasks/values.yaml @@ -36,11 +36,11 @@ env: urls: # configmap declares variables which value is taken from the config map defined in template configmap.yaml (name is name of var and key the key in configmap). configmap: - - name: ConnectionString + - name: ConnectionStrings__OrderingDb key: ordering__ConnectionString - name: ApplicationInsights__InstrumentationKey key: all__InstrumentationKey - - name: EventBusConnection + - name: ConnectionStrings__EventBus key: all__EventBusConnection - name: AzureServiceBusEnabled key: all__UseAzureServiceBus diff --git a/deploy/k8s/helm/ordering-signalrhub/values.yaml b/deploy/k8s/helm/ordering-signalrhub/values.yaml index 19099b147c..5dac7b0a6e 100644 --- a/deploy/k8s/helm/ordering-signalrhub/values.yaml +++ b/deploy/k8s/helm/ordering-signalrhub/values.yaml @@ -38,7 +38,7 @@ env: configmap: - name: ApplicationInsights__InstrumentationKey key: all__InstrumentationKey - - name: EventBusConnection + - name: ConnectionStrings__EventBus key: all__EventBusConnection - name: AzureServiceBusEnabled key: all__UseAzureServiceBus diff --git a/deploy/k8s/helm/payment-api/values.yaml b/deploy/k8s/helm/payment-api/values.yaml index 341e4e1a95..4de342f49e 100644 --- a/deploy/k8s/helm/payment-api/values.yaml +++ b/deploy/k8s/helm/payment-api/values.yaml @@ -32,7 +32,7 @@ env: configmap: - name: ApplicationInsights__InstrumentationKey key: all__InstrumentationKey - - name: EventBusConnection + - name: ConnectionStrings__EventBus key: all__EventBusConnection - name: AzureServiceBusEnabled key: all__UseAzureServiceBus diff --git a/deploy/k8s/helm/webhooks-api/values.yaml b/deploy/k8s/helm/webhooks-api/values.yaml index f6b1957e93..50b67c62fe 100644 --- a/deploy/k8s/helm/webhooks-api/values.yaml +++ b/deploy/k8s/helm/webhooks-api/values.yaml @@ -32,11 +32,11 @@ env: urls: # configmap declares variables which value is taken from the config map defined in template configmap.yaml (name is name of var and key the key in configmap). configmap: - - name: ConnectionString + - name: ConnectionStrings__WebHooksDB key: webhooks__ConnectionString - name: ApplicationInsights__InstrumentationKey key: all__InstrumentationKey - - name: EventBusConnection + - name: ConnectionStrings__EventBus key: all__EventBusConnection - name: AzureServiceBusEnabled key: all__UseAzureServiceBus From bb1d9a91247551191098a6ebe0b6ec5a91f4ebbc Mon Sep 17 00:00:00 2001 From: maddadder Date: Thu, 21 Sep 2023 17:37:44 -0700 Subject: [PATCH 02/16] allow nginx ingress; fix character escaping; --- deploy/k8s/helm/deploy-all-mac.ps1 | 6 +++++- deploy/k8s/helm/ingress_values_nginxk8s.yaml | 8 ++++++++ 2 files changed, 13 insertions(+), 1 deletion(-) create mode 100644 deploy/k8s/helm/ingress_values_nginxk8s.yaml diff --git a/deploy/k8s/helm/deploy-all-mac.ps1 b/deploy/k8s/helm/deploy-all-mac.ps1 index 3de7dc6c62..7187087d49 100644 --- a/deploy/k8s/helm/deploy-all-mac.ps1 +++ b/deploy/k8s/helm/deploy-all-mac.ps1 @@ -11,6 +11,7 @@ Param( [parameter(Mandatory=$false)][string]$aksRg="", [parameter(Mandatory=$false)][string]$imageTag="latest", [parameter(Mandatory=$false)][bool]$useLocalk8s=$false, + [parameter(Mandatory=$false)][bool]$useNginxk8s=$false, [parameter(Mandatory=$false)][bool]$useMesh=$false, [parameter(Mandatory=$false)][string][ValidateSet('Always','IfNotPresent','Never', IgnoreCase=$false)]$imagePullPolicy="Always", [parameter(Mandatory=$false)][string][ValidateSet('prod','staging','none','custom', IgnoreCase=$false)]$sslSupport = "none", @@ -23,7 +24,7 @@ function Install-Chart { Param([string]$chart,[string]$initialOptions, [bool]$customRegistry) $options=$initialOptions if ($sslEnabled) { - $options = "$options --set ingress.tls[0].secretName=$tlsSecretName --set ingress.tls[0].hosts=`{$dns`}" + $options = "$options --set ingress.tls[0].secretName=$tlsSecretName --set ingress.tls[0].hosts=``{$dns``}" if ($sslSupport -ne "custom") { $options = "$options --set inf.tls.issuer=$sslIssuer" } @@ -64,6 +65,9 @@ if ($useLocalk8s -eq $true) { $ingressValuesFile="ingress_values_dockerk8s.yaml" $dns="localhost" } +elseif ($useNginxk8s -eq $true){ + $ingressValuesFile="ingress_values_nginxk8s.yaml" +} if ($externalDns -eq "aks") { if ([string]::IsNullOrEmpty($aksName) -or [string]::IsNullOrEmpty($aksRg)) { diff --git a/deploy/k8s/helm/ingress_values_nginxk8s.yaml b/deploy/k8s/helm/ingress_values_nginxk8s.yaml new file mode 100644 index 0000000000..423b5cdaca --- /dev/null +++ b/deploy/k8s/helm/ingress_values_nginxk8s.yaml @@ -0,0 +1,8 @@ +# This file contains common ingress annotations when using AKS with Http Application Routing + +ingress: + annotations: + kubernetes.io/ingress.class: public + ingress.kubernetes.io/ssl-redirect: "false" + nginx.ingress.kubernetes.io/ssl-redirect: "false" + From 4728f41144118233b4d6a820f8f0d50cb9df97da Mon Sep 17 00:00:00 2001 From: maddadder Date: Thu, 21 Sep 2023 17:49:34 -0700 Subject: [PATCH 03/16] allow nginx ingress [windows] --- deploy/k8s/helm/deploy-all.ps1 | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/deploy/k8s/helm/deploy-all.ps1 b/deploy/k8s/helm/deploy-all.ps1 index 213e60fb72..759f367df4 100644 --- a/deploy/k8s/helm/deploy-all.ps1 +++ b/deploy/k8s/helm/deploy-all.ps1 @@ -11,6 +11,7 @@ Param( [parameter(Mandatory=$false)][string]$aksRg="", [parameter(Mandatory=$false)][string]$imageTag="latest", [parameter(Mandatory=$false)][bool]$useLocalk8s=$false, + [parameter(Mandatory=$false)][bool]$useNginxk8s=$false, [parameter(Mandatory=$false)][bool]$useMesh=$false, [parameter(Mandatory=$false)][string][ValidateSet('Always','IfNotPresent','Never', IgnoreCase=$false)]$imagePullPolicy="Always", [parameter(Mandatory=$false)][string][ValidateSet('prod','staging','none','custom', IgnoreCase=$false)]$sslSupport = "none", @@ -63,6 +64,9 @@ if ($useLocalk8s -eq $true) { $ingressValuesFile="ingress_values_dockerk8s.yaml" $dns="localhost" } +elseif ($useNginxk8s -eq $true){ + $ingressValuesFile="ingress_values_nginxk8s.yaml" +} if ($externalDns -eq "aks") { if ([string]::IsNullOrEmpty($aksName) -or [string]::IsNullOrEmpty($aksRg)) { From 267ce066dbafc49650eb6955352a599e97075657 Mon Sep 17 00:00:00 2001 From: maddadder Date: Fri, 22 Sep 2023 10:57:12 -0700 Subject: [PATCH 04/16] more chart updates --- deploy/k8s/helm/basket-api/values.yaml | 2 +- .../helm/identity-api/templates/_names.tpl | 8 ++++++++ .../identity-api/templates/configmap.yaml | 19 ++++++++++--------- deploy/k8s/helm/ingress_values_nginxk8s.yaml | 2 +- deploy/k8s/helm/ordering-api/values.yaml | 2 +- .../k8s/helm/ordering-signalrhub/values.yaml | 2 +- 6 files changed, 22 insertions(+), 13 deletions(-) diff --git a/deploy/k8s/helm/basket-api/values.yaml b/deploy/k8s/helm/basket-api/values.yaml index 39c66444dd..5d60ecc924 100644 --- a/deploy/k8s/helm/basket-api/values.yaml +++ b/deploy/k8s/helm/basket-api/values.yaml @@ -34,7 +34,7 @@ env: key: all__InstrumentationKey - name: AzureServiceBusEnabled key: all__UseAzureServiceBus - - name: IdentityUrl + - name: Identity__Url key: urls__IdentityUrl - name: ConnectionStrings__Redis key: all__Redis diff --git a/deploy/k8s/helm/identity-api/templates/_names.tpl b/deploy/k8s/helm/identity-api/templates/_names.tpl index 39ee485ef3..cd7d68491b 100644 --- a/deploy/k8s/helm/identity-api/templates/_names.tpl +++ b/deploy/k8s/helm/identity-api/templates/_names.tpl @@ -48,4 +48,12 @@ {{- else -}} {{- .Values.image.repository -}} {{- end -}} +{{- end -}} + +{{- define "protocol" -}} +{{- if .Values.inf.tls.enabled -}} +{{- printf "%s" "https" -}} +{{- else -}} +{{- printf "%s" "http" -}} +{{- end -}} {{- end -}} \ No newline at end of file diff --git a/deploy/k8s/helm/identity-api/templates/configmap.yaml b/deploy/k8s/helm/identity-api/templates/configmap.yaml index 923b31a954..de8271b456 100644 --- a/deploy/k8s/helm/identity-api/templates/configmap.yaml +++ b/deploy/k8s/helm/identity-api/templates/configmap.yaml @@ -9,6 +9,7 @@ {{- $xamarincallback := include "url-of" (list "xamarincallback" .) -}} {{- $webhooks_url := include "url-of" (list .Values.app.ingress.entries.webhooks .) -}} {{- $webhooksweb_url := include "url-of" (list .Values.app.ingress.entries.webhooksweb .) -}} +{{- $protocol := include "protocol" . -}} apiVersion: v1 kind: ConfigMap @@ -23,13 +24,13 @@ data: identity__ConnectionString: Server={{ $sqlsrv }};Initial Catalog={{ .Values.inf.sql.identity.db }};User Id={{ .Values.inf.sql.common.user }};Password={{ .Values.inf.sql.common.pwd }};TrustServerCertificate={{ .Values.inf.sql.common.TrustServerCertificate }}; identity__keystore: {{ .Values.inf.redis.keystore.constr }} all__InstrumentationKey: "{{ .Values.inf.appinsights.key }}" - mvc_e: http://{{ $mvc_url }} - spa_e: http://{{ $spa_url }} - basket_e: http://{{ $basket_url }} - ordering_e: http://{{ $ordering_url }} - mobileshoppingagg_e: http://{{ $mobileshoppingagg }} - webshoppingagg_e: http://{{ $webhoppingagg }} - xamarin_callback_e: http://{{ $xamarincallback }} - webhooksapi_e: http://{{ $webhooks_url }} - webhooksweb_e: http://{{ $webhooksweb_url }} + mvc_e: {{ $protocol }}://{{ $mvc_url }} + spa_e: {{ $protocol }}://{{ $spa_url }} + basket_e: {{ $protocol }}://{{ $basket_url }} + ordering_e: {{ $protocol }}://{{ $ordering_url }} + mobileshoppingagg_e: {{ $protocol }}://{{ $mobileshoppingagg }} + webshoppingagg_e: {{ $protocol }}://{{ $webhoppingagg }} + xamarin_callback_e: {{ $protocol }}://{{ $xamarincallback }} + webhooksapi_e: {{ $protocol }}://{{ $webhooks_url }} + webhooksweb_e: {{ $protocol }}://{{ $webhooksweb_url }} enableDevspaces: "{{ .Values.enableDevspaces }}" \ No newline at end of file diff --git a/deploy/k8s/helm/ingress_values_nginxk8s.yaml b/deploy/k8s/helm/ingress_values_nginxk8s.yaml index 423b5cdaca..3f54100e4e 100644 --- a/deploy/k8s/helm/ingress_values_nginxk8s.yaml +++ b/deploy/k8s/helm/ingress_values_nginxk8s.yaml @@ -5,4 +5,4 @@ ingress: kubernetes.io/ingress.class: public ingress.kubernetes.io/ssl-redirect: "false" nginx.ingress.kubernetes.io/ssl-redirect: "false" - + nginx.ingress.kubernetes.io/proxy-buffer-size: "16k" diff --git a/deploy/k8s/helm/ordering-api/values.yaml b/deploy/k8s/helm/ordering-api/values.yaml index 6bb92a1f4a..4425adcc81 100644 --- a/deploy/k8s/helm/ordering-api/values.yaml +++ b/deploy/k8s/helm/ordering-api/values.yaml @@ -41,7 +41,7 @@ env: key: all__EventBusConnection - name: AzureServiceBusEnabled key: all__UseAzureServiceBus - - name: IdentityUrl + - name: Identity__Url key: urls__IdentityUrl # values define environment variables with a fixed value (no configmap involved) (name is name of var, and value is its value) values: diff --git a/deploy/k8s/helm/ordering-signalrhub/values.yaml b/deploy/k8s/helm/ordering-signalrhub/values.yaml index 5dac7b0a6e..c6e47afb14 100644 --- a/deploy/k8s/helm/ordering-signalrhub/values.yaml +++ b/deploy/k8s/helm/ordering-signalrhub/values.yaml @@ -42,7 +42,7 @@ env: key: all__EventBusConnection - name: AzureServiceBusEnabled key: all__UseAzureServiceBus - - name: IdentityUrl + - name: Identity__Url key: urls__IdentityUrl - name: SignalrStoreConnectionString key: signalr__StoreConnectionString From a9b38406a200094fdbacc8f8204ce17b621f4df6 Mon Sep 17 00:00:00 2001 From: maddadder Date: Sat, 23 Sep 2023 11:39:58 -0700 Subject: [PATCH 05/16] use dynamic scheme detection; fix urls --- deploy/k8s/helm/ingress_values_nginxk8s.yaml | 3 ++- deploy/k8s/helm/webshoppingagg/values.yaml | 2 +- src/Services/Services.Common/CommonExtensions.cs | 15 +++++++++++++++ src/Web/WebMVC/Views/Shared/_Layout.cshtml | 9 ++++++++- 4 files changed, 26 insertions(+), 3 deletions(-) diff --git a/deploy/k8s/helm/ingress_values_nginxk8s.yaml b/deploy/k8s/helm/ingress_values_nginxk8s.yaml index 3f54100e4e..19f216b9a8 100644 --- a/deploy/k8s/helm/ingress_values_nginxk8s.yaml +++ b/deploy/k8s/helm/ingress_values_nginxk8s.yaml @@ -5,4 +5,5 @@ ingress: kubernetes.io/ingress.class: public ingress.kubernetes.io/ssl-redirect: "false" nginx.ingress.kubernetes.io/ssl-redirect: "false" - nginx.ingress.kubernetes.io/proxy-buffer-size: "16k" + nginx.ingress.kubernetes.io/proxy-buffer-size: "128k" + nginx.ingress.kubernetes.io/proxy-buffers: "4 256k" diff --git a/deploy/k8s/helm/webshoppingagg/values.yaml b/deploy/k8s/helm/webshoppingagg/values.yaml index b85210afa5..15ceb3c74a 100644 --- a/deploy/k8s/helm/webshoppingagg/values.yaml +++ b/deploy/k8s/helm/webshoppingagg/values.yaml @@ -57,7 +57,7 @@ env: key: internalurls__grpcCatalog - name: urls__grpcOrdering key: internalurls__grpcOrdering - - name: IdentityUrlExternal + - name: Identity__Url key: urls__IdentityUrlExternal # values define environment variables with a fixed value (no configmap involved) (name is name of var, and value is its value) diff --git a/src/Services/Services.Common/CommonExtensions.cs b/src/Services/Services.Common/CommonExtensions.cs index 1d666edd2c..2542914ebc 100644 --- a/src/Services/Services.Common/CommonExtensions.cs +++ b/src/Services/Services.Common/CommonExtensions.cs @@ -48,6 +48,21 @@ public static WebApplicationBuilder AddServiceDefaults(this WebApplicationBuilde public static WebApplication UseServiceDefaults(this WebApplication app) { + // Use dynamic scheme detection + app.Use((context, next) => + { + // Check if the request is over HTTPS or if X-Forwarded-Proto is HTTPS + var isHttps = context.Request.IsHttps || string.Equals(context.Request.Headers["X-Forwarded-Proto"], "https", StringComparison.OrdinalIgnoreCase); + + // Set the request scheme to HTTPS if necessary + if (isHttps) + { + context.Request.Scheme = "https"; + } + + return next(); + }); + if (!app.Environment.IsDevelopment()) { app.UseExceptionHandler("/Home/Error"); diff --git a/src/Web/WebMVC/Views/Shared/_Layout.cshtml b/src/Web/WebMVC/Views/Shared/_Layout.cshtml index 6cb3f43fba..c9e80f29f1 100644 --- a/src/Web/WebMVC/Views/Shared/_Layout.cshtml +++ b/src/Web/WebMVC/Views/Shared/_Layout.cshtml @@ -94,8 +94,14 @@ } async function connect() { + // Get the current URL base path + var baseUrl = "@Url.Content("~/")"; + + // Build the SignalR hub URL based on the current path + const hubUrl = `${baseUrl}hub/notificationhub`; + let connection = new signalR.HubConnectionBuilder() - .withUrl('/hub/notificationhub') + .withUrl(hubUrl) .withAutomaticReconnect() .build(); @@ -111,6 +117,7 @@ }); } + function refreshOrderList() { clearTimeout(timerId); timerId = setTimeout(function () { From 6d309e1a4adf80b583e00ee0fa7349644c12f33f Mon Sep 17 00:00:00 2001 From: maddadder Date: Sat, 23 Sep 2023 12:31:23 -0700 Subject: [PATCH 06/16] change catalog-api chart env back to Development --- deploy/k8s/helm/catalog-api/values.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deploy/k8s/helm/catalog-api/values.yaml b/deploy/k8s/helm/catalog-api/values.yaml index 0803bb78b0..29fc2ca83c 100644 --- a/deploy/k8s/helm/catalog-api/values.yaml +++ b/deploy/k8s/helm/catalog-api/values.yaml @@ -41,7 +41,7 @@ env: # values define environment variables with a fixed value (no configmap involved) (name is name of var, and value is its value) values: - name: ASPNETCORE_ENVIRONMENT - value: PRODUCTION + value: Development - name: OrchestratorType value: 'K8S' - name: PORT From 57ffab23d6a42f16a357b917926c5fbee1b2a163 Mon Sep 17 00:00:00 2001 From: maddadder Date: Sat, 23 Sep 2023 15:22:29 -0700 Subject: [PATCH 07/16] use ForwardedHeaders instead --- .../Services.Common/CommonExtensions.cs | 19 +++++++------------ 1 file changed, 7 insertions(+), 12 deletions(-) diff --git a/src/Services/Services.Common/CommonExtensions.cs b/src/Services/Services.Common/CommonExtensions.cs index 2542914ebc..4718359c95 100644 --- a/src/Services/Services.Common/CommonExtensions.cs +++ b/src/Services/Services.Common/CommonExtensions.cs @@ -5,6 +5,7 @@ using Microsoft.AspNetCore.Diagnostics.HealthChecks; using Microsoft.AspNetCore.Hosting; using Microsoft.AspNetCore.Http; +using Microsoft.AspNetCore.HttpOverrides; using Microsoft.AspNetCore.Routing; using Microsoft.eShopOnContainers.BuildingBlocks.EventBus; using Microsoft.eShopOnContainers.BuildingBlocks.EventBus.Abstractions; @@ -48,20 +49,14 @@ public static WebApplicationBuilder AddServiceDefaults(this WebApplicationBuilde public static WebApplication UseServiceDefaults(this WebApplication app) { - // Use dynamic scheme detection - app.Use((context, next) => + var forwardingOptions = new ForwardedHeadersOptions() { - // Check if the request is over HTTPS or if X-Forwarded-Proto is HTTPS - var isHttps = context.Request.IsHttps || string.Equals(context.Request.Headers["X-Forwarded-Proto"], "https", StringComparison.OrdinalIgnoreCase); - - // Set the request scheme to HTTPS if necessary - if (isHttps) - { - context.Request.Scheme = "https"; - } + ForwardedHeaders = ForwardedHeaders.XForwardedFor | ForwardedHeaders.XForwardedProto + }; + forwardingOptions.KnownNetworks.Clear(); + forwardingOptions.KnownProxies.Clear(); - return next(); - }); + app.UseForwardedHeaders(forwardingOptions); if (!app.Environment.IsDevelopment()) { From 3b322ff1d500839ae4fff901e70942d95cfbf716 Mon Sep 17 00:00:00 2001 From: maddadder Date: Sat, 23 Sep 2023 15:40:34 -0700 Subject: [PATCH 08/16] update bootstrap in prod env to match dev env --- src/Web/WebMVC/Views/Shared/_Layout.cshtml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/Web/WebMVC/Views/Shared/_Layout.cshtml b/src/Web/WebMVC/Views/Shared/_Layout.cshtml index c9e80f29f1..76c3e3532a 100644 --- a/src/Web/WebMVC/Views/Shared/_Layout.cshtml +++ b/src/Web/WebMVC/Views/Shared/_Layout.cshtml @@ -23,7 +23,7 @@ - @@ -77,7 +77,7 @@ asp-fallback-src="~/lib/jquery/jquery.min.js" asp-fallback-test="window.jQuery"> - From f951e17f41a638ab60110164f8ab041a9a63bf63 Mon Sep 17 00:00:00 2001 From: maddadder Date: Sun, 24 Sep 2023 15:08:50 -0700 Subject: [PATCH 09/16] add ingress rule webshoppingagg disabled by default --- .../webshoppingagg/templates/ingress.yaml | 49 +++++++++++++++++++ 1 file changed, 49 insertions(+) create mode 100644 deploy/k8s/helm/webshoppingagg/templates/ingress.yaml diff --git a/deploy/k8s/helm/webshoppingagg/templates/ingress.yaml b/deploy/k8s/helm/webshoppingagg/templates/ingress.yaml new file mode 100644 index 0000000000..1014390047 --- /dev/null +++ b/deploy/k8s/helm/webshoppingagg/templates/ingress.yaml @@ -0,0 +1,49 @@ +{{- if .Values.ingress.enabled -}} +{{- $ingressPath := include "pathBase" . -}} +{{- $serviceName := .Values.app.svc.webshoppingagg -}} +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: {{ template "webshoppingagg.fullname" . }} + labels: + app: {{ template "webshoppingagg.name" . }} + chart: {{ template "webshoppingagg.chart" . }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +{{- with .Values.ingress.annotations }} + annotations: +{{ toYaml . | indent 4 }} +{{- end }} +{{- if and .Values.inf.tls.enabled .Values.inf.tls.issuer }} + cert-manager.io/issuer: {{ .Values.inf.tls.issuer }} +{{- end }} +{{- if .Values.inf.mesh.enabled }} +{{- with .Values.ingress.mesh.annotations }} +{{ toYaml . | indent 4 }} +{{- end }} +{{- end }} +spec: +{{- if .Values.ingress.tls }} + tls: + {{- range .Values.ingress.tls }} + - hosts: + {{- range .hosts }} + - {{ . }} + {{- end }} + secretName: {{ .secretName }} + {{- end }} +{{- end }} + rules: + {{- range .Values.ingress.hosts }} + - host: {{ . }} + http: + paths: + - path: {{ $ingressPath }} + pathType: Prefix + backend: + service: + name: {{ $serviceName }} + port: + number: 80 + {{- end }} +{{- end }} From 802f47e99aa93225426113994957a8924a025fc5 Mon Sep 17 00:00:00 2001 From: maddadder Date: Sun, 24 Sep 2023 20:49:39 -0700 Subject: [PATCH 10/16] add istio option to k8s chart --- .../k8s/helm/apigwms/templates/ingress.yaml | 2 +- .../apigwms/templates/ingresss-istio.yaml | 46 +++++++++++++++++++ .../k8s/helm/apigwws/templates/ingress.yaml | 2 +- .../apigwws/templates/ingresss-istio.yaml | 46 +++++++++++++++++++ deploy/k8s/helm/deploy-all-mac.ps1 | 10 ++-- deploy/k8s/helm/deploy-all.ps1 | 10 ++-- .../helm/identity-api/templates/ingress.yaml | 2 +- .../templates/ingresss-istio.yaml | 42 +++++++++++++++++ deploy/k8s/helm/inf.yaml | 1 + ...ginxk8s.yaml => ingress_values_istio.yaml} | 1 + .../helm/webhooks-api/templates/ingress.yaml | 2 +- .../templates/ingresss-istio.yaml | 42 +++++++++++++++++ .../helm/webhooks-web/templates/ingress.yaml | 2 +- .../templates/ingresss-istio.yaml | 42 +++++++++++++++++ deploy/k8s/helm/webmvc/templates/ingress.yaml | 2 +- .../helm/webmvc/templates/ingresss-istio.yaml | 42 +++++++++++++++++ .../webshoppingagg/templates/ingress.yaml | 2 +- .../templates/ingresss-istio.yaml | 42 +++++++++++++++++ deploy/k8s/helm/webspa/templates/ingress.yaml | 2 +- .../helm/webspa/templates/ingresss-istio.yaml | 42 +++++++++++++++++ .../k8s/helm/webstatus/templates/ingress.yaml | 2 +- .../webstatus/templates/ingresss-istio.yaml | 42 +++++++++++++++++ 22 files changed, 407 insertions(+), 19 deletions(-) create mode 100644 deploy/k8s/helm/apigwms/templates/ingresss-istio.yaml create mode 100644 deploy/k8s/helm/apigwws/templates/ingresss-istio.yaml create mode 100644 deploy/k8s/helm/identity-api/templates/ingresss-istio.yaml rename deploy/k8s/helm/{ingress_values_nginxk8s.yaml => ingress_values_istio.yaml} (89%) create mode 100644 deploy/k8s/helm/webhooks-api/templates/ingresss-istio.yaml create mode 100644 deploy/k8s/helm/webhooks-web/templates/ingresss-istio.yaml create mode 100644 deploy/k8s/helm/webmvc/templates/ingresss-istio.yaml create mode 100644 deploy/k8s/helm/webshoppingagg/templates/ingresss-istio.yaml create mode 100644 deploy/k8s/helm/webspa/templates/ingresss-istio.yaml create mode 100644 deploy/k8s/helm/webstatus/templates/ingresss-istio.yaml diff --git a/deploy/k8s/helm/apigwms/templates/ingress.yaml b/deploy/k8s/helm/apigwms/templates/ingress.yaml index 5282962615..4cb65efdbd 100644 --- a/deploy/k8s/helm/apigwms/templates/ingress.yaml +++ b/deploy/k8s/helm/apigwms/templates/ingress.yaml @@ -1,4 +1,4 @@ -{{- if .Values.ingress.enabled -}} +{{- if and .Values.ingress.enabled (not .Values.inf.k8s.istio) -}} {{- $ingressPath := include "pathBase" . -}} {{- $serviceName := .Values.app.svc.mobileshoppingapigw -}} diff --git a/deploy/k8s/helm/apigwms/templates/ingresss-istio.yaml b/deploy/k8s/helm/apigwms/templates/ingresss-istio.yaml new file mode 100644 index 0000000000..a5bee22ccf --- /dev/null +++ b/deploy/k8s/helm/apigwms/templates/ingresss-istio.yaml @@ -0,0 +1,46 @@ +{{- if .Values.ingress.enabled -}} +{{- if .Values.inf.k8s.istio -}} +{{- $ingressPath := include "pathBase" . -}} +{{- $serviceName := .Values.app.svc.mobileshoppingapigw -}} +apiVersion: networking.istio.io/v1alpha3 +kind: VirtualService +metadata: + name: {{ template "apigwms.fullname" . }} + labels: + app: {{ template "apigwms.name" . }} + chart: {{ template "apigwms.chart" . }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +{{- if and .Values.inf.tls.enabled .Values.inf.tls.issuer }} + annotations: + cert-manager.io/issuer: {{ .Values.inf.tls.issuer }} +{{- end }} +{{- if .Values.inf.mesh.enabled }} +{{- with .Values.ingress.mesh.annotations }} +{{ toYaml . | indent 4 }} +{{- end }} +{{- end }} +spec: + hosts: + {{- range .Values.ingress.hosts }} + - {{ . }} + {{- end }} + gateways: + - {{ .Values.ingress.gatewayName }} + http: + {{- range .Values.ingress.hosts }} + - route: + - destination: + host: {{ $serviceName }} + port: + number: 80 + match: + - uri: + prefix: {{ $ingressPath }}/ + - uri: + prefix: {{ $ingressPath }} + rewrite: + uri: / + {{- end }} +{{- end }} +{{- end }} diff --git a/deploy/k8s/helm/apigwws/templates/ingress.yaml b/deploy/k8s/helm/apigwws/templates/ingress.yaml index 0e937067d8..9043803138 100644 --- a/deploy/k8s/helm/apigwws/templates/ingress.yaml +++ b/deploy/k8s/helm/apigwws/templates/ingress.yaml @@ -1,4 +1,4 @@ -{{- if .Values.ingress.enabled -}} +{{- if and .Values.ingress.enabled (not .Values.inf.k8s.istio) -}} {{- $ingressPath := include "pathBase" . -}} {{- $serviceName := .Values.app.svc.webshoppingapigw -}} apiVersion: networking.k8s.io/v1 diff --git a/deploy/k8s/helm/apigwws/templates/ingresss-istio.yaml b/deploy/k8s/helm/apigwws/templates/ingresss-istio.yaml new file mode 100644 index 0000000000..117a33810b --- /dev/null +++ b/deploy/k8s/helm/apigwws/templates/ingresss-istio.yaml @@ -0,0 +1,46 @@ +{{- if .Values.ingress.enabled -}} +{{- if .Values.inf.k8s.istio -}} +{{- $ingressPath := include "pathBase" . -}} +{{- $serviceName := .Values.app.svc.webshoppingapigw -}} +apiVersion: networking.istio.io/v1alpha3 +kind: VirtualService +metadata: + name: {{ template "apigwws.fullname" . }} + labels: + app: {{ template "apigwws.name" . }} + chart: {{ template "apigwws.chart" . }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +{{- if and .Values.inf.tls.enabled .Values.inf.tls.issuer }} + annotations: + cert-manager.io/issuer: {{ .Values.inf.tls.issuer }} +{{- end }} +{{- if .Values.inf.mesh.enabled }} +{{- with .Values.ingress.mesh.annotations }} +{{ toYaml . | indent 4 }} +{{- end }} +{{- end }} +spec: + hosts: + {{- range .Values.ingress.hosts }} + - {{ . }} + {{- end }} + gateways: + - {{ .Values.ingress.gatewayName }} + http: + {{- range .Values.ingress.hosts }} + - route: + - destination: + host: {{ $serviceName }} + port: + number: 80 + match: + - uri: + prefix: {{ $ingressPath }}/ + - uri: + prefix: {{ $ingressPath }} + rewrite: + uri: / + {{- end }} +{{- end }} +{{- end }} diff --git a/deploy/k8s/helm/deploy-all-mac.ps1 b/deploy/k8s/helm/deploy-all-mac.ps1 index 7187087d49..2cf891edcd 100644 --- a/deploy/k8s/helm/deploy-all-mac.ps1 +++ b/deploy/k8s/helm/deploy-all-mac.ps1 @@ -11,7 +11,7 @@ Param( [parameter(Mandatory=$false)][string]$aksRg="", [parameter(Mandatory=$false)][string]$imageTag="latest", [parameter(Mandatory=$false)][bool]$useLocalk8s=$false, - [parameter(Mandatory=$false)][bool]$useNginxk8s=$false, + [parameter(Mandatory=$false)][bool]$useIstio=$false, [parameter(Mandatory=$false)][bool]$useMesh=$false, [parameter(Mandatory=$false)][string][ValidateSet('Always','IfNotPresent','Never', IgnoreCase=$false)]$imagePullPolicy="Always", [parameter(Mandatory=$false)][string][ValidateSet('prod','staging','none','custom', IgnoreCase=$false)]$sslSupport = "none", @@ -65,8 +65,8 @@ if ($useLocalk8s -eq $true) { $ingressValuesFile="ingress_values_dockerk8s.yaml" $dns="localhost" } -elseif ($useNginxk8s -eq $true){ - $ingressValuesFile="ingress_values_nginxk8s.yaml" +elseif ($useIstio -eq $true){ + $ingressValuesFile="ingress_values_istio.yaml" } if ($externalDns -eq "aks") { @@ -141,14 +141,14 @@ if ($deployCharts) { foreach ($chart in $charts) { if ($chartsToDeploy -eq "*" -or $chartsToDeploy.Contains($chart)) { Write-Host "Installing: $chart" -ForegroundColor Green - Install-Chart $chart "--values app.yaml --values inf.yaml --values $ingressValuesFile --values $ingressMeshAnnotationsFile --set app.name=$appName --set inf.k8s.dns=$dns --set ingress.hosts=``{$dns``} --set image.tag=$imageTag --set image.pullPolicy=$imagePullPolicy --set inf.tls.enabled=$sslEnabled --set inf.mesh.enabled=$useMesh --set inf.k8s.local=$useLocalk8s" $useCustomRegistry + Install-Chart $chart "--values app.yaml --values inf.yaml --values $ingressValuesFile --values $ingressMeshAnnotationsFile --set app.name=$appName --set inf.k8s.dns=$dns --set ingress.hosts=``{$dns``} --set image.tag=$imageTag --set image.pullPolicy=$imagePullPolicy --set inf.tls.enabled=$sslEnabled --set inf.mesh.enabled=$useMesh --set inf.k8s.local=$useLocalk8s --set inf.k8s.istio=$useIstio" $useCustomRegistry } } foreach ($chart in $gateways) { if ($chartsToDeploy -eq "*" -or $chartsToDeploy.Contains($chart)) { Write-Host "Installing Api Gateway Chart: $chart" -ForegroundColor Green - Install-Chart $chart "--values app.yaml --values inf.yaml --values $ingressValuesFile --set app.name=$appName --set inf.k8s.dns=$dns --set image.pullPolicy=$imagePullPolicy --set inf.mesh.enabled=$useMesh --set ingress.hosts=``{$dns``} --set inf.tls.enabled=$sslEnabled" $false + Install-Chart $chart "--values app.yaml --values inf.yaml --values $ingressValuesFile --set app.name=$appName --set inf.k8s.dns=$dns --set image.pullPolicy=$imagePullPolicy --set inf.mesh.enabled=$useMesh --set ingress.hosts=``{$dns``} --set inf.tls.enabled=$sslEnabled --set inf.k8s.local=$useLocalk8s --set inf.k8s.istio=$useIstio" $false } } diff --git a/deploy/k8s/helm/deploy-all.ps1 b/deploy/k8s/helm/deploy-all.ps1 index 759f367df4..0036aa712f 100644 --- a/deploy/k8s/helm/deploy-all.ps1 +++ b/deploy/k8s/helm/deploy-all.ps1 @@ -11,7 +11,7 @@ Param( [parameter(Mandatory=$false)][string]$aksRg="", [parameter(Mandatory=$false)][string]$imageTag="latest", [parameter(Mandatory=$false)][bool]$useLocalk8s=$false, - [parameter(Mandatory=$false)][bool]$useNginxk8s=$false, + [parameter(Mandatory=$false)][bool]$useIstio=$false, [parameter(Mandatory=$false)][bool]$useMesh=$false, [parameter(Mandatory=$false)][string][ValidateSet('Always','IfNotPresent','Never', IgnoreCase=$false)]$imagePullPolicy="Always", [parameter(Mandatory=$false)][string][ValidateSet('prod','staging','none','custom', IgnoreCase=$false)]$sslSupport = "none", @@ -64,8 +64,8 @@ if ($useLocalk8s -eq $true) { $ingressValuesFile="ingress_values_dockerk8s.yaml" $dns="localhost" } -elseif ($useNginxk8s -eq $true){ - $ingressValuesFile="ingress_values_nginxk8s.yaml" +elseif ($useIstio -eq $true){ + $ingressValuesFile="ingress_values_istio.yaml" } if ($externalDns -eq "aks") { @@ -140,14 +140,14 @@ if ($deployCharts) { foreach ($chart in $charts) { if ($chartsToDeploy -eq "*" -or $chartsToDeploy.Contains($chart)) { Write-Host "Installing: $chart" -ForegroundColor Green - Install-Chart $chart "-f app.yaml --values inf.yaml -f $ingressValuesFile -f $ingressMeshAnnotationsFile --set app.name=$appName --set inf.k8s.dns=$dns --set ingress.hosts={$dns} --set image.tag=$imageTag --set image.pullPolicy=$imagePullPolicy --set inf.tls.enabled=$sslEnabled --set inf.mesh.enabled=$useMesh --set inf.k8s.local=$useLocalk8s" $useCustomRegistry + Install-Chart $chart "-f app.yaml --values inf.yaml -f $ingressValuesFile -f $ingressMeshAnnotationsFile --set app.name=$appName --set inf.k8s.dns=$dns --set ingress.hosts={$dns} --set image.tag=$imageTag --set image.pullPolicy=$imagePullPolicy --set inf.tls.enabled=$sslEnabled --set inf.mesh.enabled=$useMesh --set inf.k8s.local=$useLocalk8s --set inf.k8s.istio=$useIstio" $useCustomRegistry } } foreach ($chart in $gateways) { if ($chartsToDeploy -eq "*" -or $chartsToDeploy.Contains($chart)) { Write-Host "Installing Api Gateway Chart: $chart" -ForegroundColor Green - Install-Chart $chart "-f app.yaml -f inf.yaml -f $ingressValuesFile --set app.name=$appName --set inf.k8s.dns=$dns --set image.pullPolicy=$imagePullPolicy --set inf.mesh.enabled=$useMesh --set ingress.hosts={$dns} --set inf.tls.enabled=$sslEnabled" $false + Install-Chart $chart "-f app.yaml -f inf.yaml -f $ingressValuesFile --set app.name=$appName --set inf.k8s.dns=$dns --set image.pullPolicy=$imagePullPolicy --set inf.mesh.enabled=$useMesh --set ingress.hosts={$dns} --set inf.tls.enabled=$sslEnabled --set inf.k8s.local=$useLocalk8s --set inf.k8s.istio=$useIstio" $false } } diff --git a/deploy/k8s/helm/identity-api/templates/ingress.yaml b/deploy/k8s/helm/identity-api/templates/ingress.yaml index 4685926581..ad8c041094 100644 --- a/deploy/k8s/helm/identity-api/templates/ingress.yaml +++ b/deploy/k8s/helm/identity-api/templates/ingress.yaml @@ -1,4 +1,4 @@ -{{- if .Values.ingress.enabled -}} +{{- if and .Values.ingress.enabled (not .Values.inf.k8s.istio) -}} {{- $ingressPath := include "pathBase" . -}} {{- $serviceName := .Values.app.svc.identity }} apiVersion: networking.k8s.io/v1 diff --git a/deploy/k8s/helm/identity-api/templates/ingresss-istio.yaml b/deploy/k8s/helm/identity-api/templates/ingresss-istio.yaml new file mode 100644 index 0000000000..94f7a2dd7d --- /dev/null +++ b/deploy/k8s/helm/identity-api/templates/ingresss-istio.yaml @@ -0,0 +1,42 @@ +{{- if .Values.ingress.enabled -}} +{{- if .Values.inf.k8s.istio -}} +{{- $ingressPath := include "pathBase" . -}} +{{- $serviceName := .Values.app.svc.identity }} +apiVersion: networking.istio.io/v1alpha3 +kind: VirtualService +metadata: + name: {{ template "identity-api.fullname" . }} + labels: + app: {{ template "identity-api.name" . }} + chart: {{ template "identity-api.chart" . }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +{{- if and .Values.inf.tls.enabled .Values.inf.tls.issuer }} + annotations: + cert-manager.io/issuer: {{ .Values.inf.tls.issuer }} +{{- end }} +{{- if .Values.inf.mesh.enabled }} +{{- with .Values.ingress.mesh.annotations }} +{{ toYaml . | indent 4 }} +{{- end }} +{{- end }} +spec: + hosts: + {{- range .Values.ingress.hosts }} + - {{ . }} + {{- end }} + gateways: + - {{ .Values.ingress.gatewayName }} + http: + {{- range .Values.ingress.hosts }} + - route: + - destination: + host: {{ $serviceName }} + port: + number: 80 + match: + - uri: + prefix: {{ $ingressPath }} + {{- end }} +{{- end }} +{{- end }} diff --git a/deploy/k8s/helm/inf.yaml b/deploy/k8s/helm/inf.yaml index 37fac2c545..b6ebeedb38 100644 --- a/deploy/k8s/helm/inf.yaml +++ b/deploy/k8s/helm/inf.yaml @@ -40,6 +40,7 @@ inf: k8s: # inf.k8s defines Kubernetes cluster global config dns: "" # k8s external DNS. This value or ip value MUST BE PROVIDED local: false # True when deploying on "local K8s" provided by Docker Desktop. + istio: false # True when deploying on K8s with istio. misc: # inf.misc contains miscellaneous configuration related to infrastructure useAzureStorage: false # If catalog api uses azure storage or not # registry: # Uncomment "registry" to specify registry secret diff --git a/deploy/k8s/helm/ingress_values_nginxk8s.yaml b/deploy/k8s/helm/ingress_values_istio.yaml similarity index 89% rename from deploy/k8s/helm/ingress_values_nginxk8s.yaml rename to deploy/k8s/helm/ingress_values_istio.yaml index 19f216b9a8..558bfc2bc4 100644 --- a/deploy/k8s/helm/ingress_values_nginxk8s.yaml +++ b/deploy/k8s/helm/ingress_values_istio.yaml @@ -1,6 +1,7 @@ # This file contains common ingress annotations when using AKS with Http Application Routing ingress: + gatewayName: istio-system/default-gateway annotations: kubernetes.io/ingress.class: public ingress.kubernetes.io/ssl-redirect: "false" diff --git a/deploy/k8s/helm/webhooks-api/templates/ingress.yaml b/deploy/k8s/helm/webhooks-api/templates/ingress.yaml index 32effa98e8..1eb52b51bf 100644 --- a/deploy/k8s/helm/webhooks-api/templates/ingress.yaml +++ b/deploy/k8s/helm/webhooks-api/templates/ingress.yaml @@ -1,4 +1,4 @@ -{{- if .Values.ingress.enabled -}} +{{- if and .Values.ingress.enabled (not .Values.inf.k8s.istio) -}} {{- $ingressPath := include "pathBase" . -}} {{- $serviceName := .Values.app.svc.webhooks }} apiVersion: networking.k8s.io/v1 diff --git a/deploy/k8s/helm/webhooks-api/templates/ingresss-istio.yaml b/deploy/k8s/helm/webhooks-api/templates/ingresss-istio.yaml new file mode 100644 index 0000000000..17729b0ec1 --- /dev/null +++ b/deploy/k8s/helm/webhooks-api/templates/ingresss-istio.yaml @@ -0,0 +1,42 @@ +{{- if .Values.ingress.enabled -}} +{{- if .Values.inf.k8s.istio -}} +{{- $ingressPath := include "pathBase" . -}} +{{- $serviceName := .Values.app.svc.webhooks }} +apiVersion: networking.istio.io/v1alpha3 +kind: VirtualService +metadata: + name: {{ template "webhooks-api.fullname" . }} + labels: + app: {{ template "webhooks-api.name" . }} + chart: {{ template "webhooks-api.chart" . }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +{{- if and .Values.inf.tls.enabled .Values.inf.tls.issuer }} + annotations: + cert-manager.io/issuer: {{ .Values.inf.tls.issuer }} +{{- end }} +{{- if .Values.inf.mesh.enabled }} +{{- with .Values.ingress.mesh.annotations }} +{{ toYaml . | indent 4 }} +{{- end }} +{{- end }} +spec: + hosts: + {{- range .Values.ingress.hosts }} + - {{ . }} + {{- end }} + gateways: + - {{ .Values.ingress.gatewayName }} + http: + {{- range .Values.ingress.hosts }} + - route: + - destination: + host: {{ $serviceName }} + port: + number: 80 + match: + - uri: + prefix: {{ $ingressPath }} + {{- end }} +{{- end }} +{{- end }} diff --git a/deploy/k8s/helm/webhooks-web/templates/ingress.yaml b/deploy/k8s/helm/webhooks-web/templates/ingress.yaml index a2644add18..9b3590945a 100644 --- a/deploy/k8s/helm/webhooks-web/templates/ingress.yaml +++ b/deploy/k8s/helm/webhooks-web/templates/ingress.yaml @@ -1,4 +1,4 @@ -{{- if .Values.ingress.enabled -}} +{{- if and .Values.ingress.enabled (not .Values.inf.k8s.istio) -}} {{- $ingressPath := include "pathBase" . -}} {{- $serviceName := $.Values.app.svc.webhooksweb -}} diff --git a/deploy/k8s/helm/webhooks-web/templates/ingresss-istio.yaml b/deploy/k8s/helm/webhooks-web/templates/ingresss-istio.yaml new file mode 100644 index 0000000000..5197dce858 --- /dev/null +++ b/deploy/k8s/helm/webhooks-web/templates/ingresss-istio.yaml @@ -0,0 +1,42 @@ +{{- if .Values.ingress.enabled -}} +{{- if .Values.inf.k8s.istio -}} +{{- $ingressPath := include "pathBase" . -}} +{{- $serviceName := $.Values.app.svc.webhooksweb -}} +apiVersion: networking.istio.io/v1alpha3 +kind: VirtualService +metadata: + name: {{ template "webhooks-web.fullname" . }} + labels: + app: {{ template "webhooks-web.name" . }} + chart: {{ template "webhooks-web.chart" . }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +{{- if and .Values.inf.tls.enabled .Values.inf.tls.issuer }} + annotations: + cert-manager.io/issuer: {{ .Values.inf.tls.issuer }} +{{- end }} +{{- if .Values.inf.mesh.enabled }} +{{- with .Values.ingress.mesh.annotations }} +{{ toYaml . | indent 4 }} +{{- end }} +{{- end }} +spec: + hosts: + {{- range .Values.ingress.hosts }} + - {{ . }} + {{- end }} + gateways: + - {{ .Values.ingress.gatewayName }} + http: + {{- range .Values.ingress.hosts }} + - route: + - destination: + host: {{ $serviceName }} + port: + number: 80 + match: + - uri: + prefix: {{ $ingressPath }} + {{- end }} +{{- end }} +{{- end }} diff --git a/deploy/k8s/helm/webmvc/templates/ingress.yaml b/deploy/k8s/helm/webmvc/templates/ingress.yaml index 2e5b49a890..b0b51f6c32 100644 --- a/deploy/k8s/helm/webmvc/templates/ingress.yaml +++ b/deploy/k8s/helm/webmvc/templates/ingress.yaml @@ -1,4 +1,4 @@ -{{- if .Values.ingress.enabled -}} +{{- if and .Values.ingress.enabled (not .Values.inf.k8s.istio) -}} {{- $ingressPath := include "pathBase" . -}} {{- $serviceName := .Values.app.svc.mvc -}} apiVersion: networking.k8s.io/v1 diff --git a/deploy/k8s/helm/webmvc/templates/ingresss-istio.yaml b/deploy/k8s/helm/webmvc/templates/ingresss-istio.yaml new file mode 100644 index 0000000000..db07823f73 --- /dev/null +++ b/deploy/k8s/helm/webmvc/templates/ingresss-istio.yaml @@ -0,0 +1,42 @@ +{{- if .Values.ingress.enabled -}} +{{- if .Values.inf.k8s.istio -}} +{{- $ingressPath := include "pathBase" . -}} +{{- $serviceName := .Values.app.svc.mvc -}} +apiVersion: networking.istio.io/v1alpha3 +kind: VirtualService +metadata: + name: {{ template "webmvc.fullname" . }} + labels: + app: {{ template "webmvc.name" . }} + chart: {{ template "webmvc.chart" . }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +{{- if and .Values.inf.tls.enabled .Values.inf.tls.issuer }} + annotations: + cert-manager.io/issuer: {{ .Values.inf.tls.issuer }} +{{- end }} +{{- if .Values.inf.mesh.enabled }} +{{- with .Values.ingress.mesh.annotations }} +{{ toYaml . | indent 4 }} +{{- end }} +{{- end }} +spec: + hosts: + {{- range .Values.ingress.hosts }} + - {{ . }} + {{- end }} + gateways: + - {{ .Values.ingress.gatewayName }} + http: + {{- range .Values.ingress.hosts }} + - route: + - destination: + host: {{ $serviceName }} + port: + number: 80 + match: + - uri: + prefix: {{ $ingressPath }} + {{- end }} +{{- end }} +{{- end }} diff --git a/deploy/k8s/helm/webshoppingagg/templates/ingress.yaml b/deploy/k8s/helm/webshoppingagg/templates/ingress.yaml index 1014390047..5e2b4ef78f 100644 --- a/deploy/k8s/helm/webshoppingagg/templates/ingress.yaml +++ b/deploy/k8s/helm/webshoppingagg/templates/ingress.yaml @@ -1,4 +1,4 @@ -{{- if .Values.ingress.enabled -}} +{{- if and .Values.ingress.enabled (not .Values.inf.k8s.istio) -}} {{- $ingressPath := include "pathBase" . -}} {{- $serviceName := .Values.app.svc.webshoppingagg -}} apiVersion: networking.k8s.io/v1 diff --git a/deploy/k8s/helm/webshoppingagg/templates/ingresss-istio.yaml b/deploy/k8s/helm/webshoppingagg/templates/ingresss-istio.yaml new file mode 100644 index 0000000000..497be90715 --- /dev/null +++ b/deploy/k8s/helm/webshoppingagg/templates/ingresss-istio.yaml @@ -0,0 +1,42 @@ +{{- if .Values.ingress.enabled -}} +{{- if .Values.inf.k8s.istio -}} +{{- $ingressPath := include "pathBase" . -}} +{{- $serviceName := .Values.app.svc.webshoppingagg -}} +apiVersion: networking.istio.io/v1alpha3 +kind: VirtualService +metadata: + name: {{ template "webshoppingagg.fullname" . }} + labels: + app: {{ template "webshoppingagg.name" . }} + chart: {{ template "webshoppingagg.chart" . }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +{{- if and .Values.inf.tls.enabled .Values.inf.tls.issuer }} + annotations: + cert-manager.io/issuer: {{ .Values.inf.tls.issuer }} +{{- end }} +{{- if .Values.inf.mesh.enabled }} +{{- with .Values.ingress.mesh.annotations }} +{{ toYaml . | indent 4 }} +{{- end }} +{{- end }} +spec: + hosts: + {{- range .Values.ingress.hosts }} + - {{ . }} + {{- end }} + gateways: + - {{ .Values.ingress.gatewayName }} + http: + {{- range .Values.ingress.hosts }} + - route: + - destination: + host: {{ $serviceName }} + port: + number: 80 + match: + - uri: + prefix: {{ $ingressPath }} + {{- end }} +{{- end }} +{{- end }} diff --git a/deploy/k8s/helm/webspa/templates/ingress.yaml b/deploy/k8s/helm/webspa/templates/ingress.yaml index b684f48985..4c8ce4c1d2 100644 --- a/deploy/k8s/helm/webspa/templates/ingress.yaml +++ b/deploy/k8s/helm/webspa/templates/ingress.yaml @@ -1,4 +1,4 @@ -{{- if .Values.ingress.enabled -}} +{{- if and .Values.ingress.enabled (not .Values.inf.k8s.istio) -}} {{- $ingressPath := include "pathBase" . -}} {{- $serviceName := $.Values.app.svc.spa -}} diff --git a/deploy/k8s/helm/webspa/templates/ingresss-istio.yaml b/deploy/k8s/helm/webspa/templates/ingresss-istio.yaml new file mode 100644 index 0000000000..eb965a6fdb --- /dev/null +++ b/deploy/k8s/helm/webspa/templates/ingresss-istio.yaml @@ -0,0 +1,42 @@ +{{- if .Values.ingress.enabled -}} +{{- if .Values.inf.k8s.istio -}} +{{- $ingressPath := include "pathBase" . -}} +{{- $serviceName := $.Values.app.svc.spa -}} +apiVersion: networking.istio.io/v1alpha3 +kind: VirtualService +metadata: + name: {{ template "webspa.fullname" . }} + labels: + app: {{ template "webspa.name" . }} + chart: {{ template "webspa.chart" . }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +{{- if and .Values.inf.tls.enabled .Values.inf.tls.issuer }} + annotations: + cert-manager.io/issuer: {{ .Values.inf.tls.issuer }} +{{- end }} +{{- if .Values.inf.mesh.enabled }} +{{- with .Values.ingress.mesh.annotations }} +{{ toYaml . | indent 4 }} +{{- end }} +{{- end }} +spec: + hosts: + {{- range .Values.ingress.hosts }} + - {{ . }} + {{- end }} + gateways: + - {{ .Values.ingress.gatewayName }} + http: + {{- range .Values.ingress.hosts }} + - route: + - destination: + host: {{ $serviceName }} + port: + number: 80 + match: + - uri: + prefix: {{ $ingressPath }} + {{- end }} +{{- end }} +{{- end }} diff --git a/deploy/k8s/helm/webstatus/templates/ingress.yaml b/deploy/k8s/helm/webstatus/templates/ingress.yaml index 6ec79d0dd0..e37091a419 100644 --- a/deploy/k8s/helm/webstatus/templates/ingress.yaml +++ b/deploy/k8s/helm/webstatus/templates/ingress.yaml @@ -1,4 +1,4 @@ -{{- if .Values.ingress.enabled -}} +{{- if and .Values.ingress.enabled (not .Values.inf.k8s.istio) -}} {{- $fullName := include "webstatus.fullname" . -}} {{- $ingressPath := include "pathBase" . -}} {{- $serviceName := $.Values.app.svc.status -}} diff --git a/deploy/k8s/helm/webstatus/templates/ingresss-istio.yaml b/deploy/k8s/helm/webstatus/templates/ingresss-istio.yaml new file mode 100644 index 0000000000..c4ef54ba3f --- /dev/null +++ b/deploy/k8s/helm/webstatus/templates/ingresss-istio.yaml @@ -0,0 +1,42 @@ +{{- if .Values.ingress.enabled -}} +{{- if .Values.inf.k8s.istio -}} +{{- $ingressPath := include "pathBase" . -}} +{{- $serviceName := $.Values.app.svc.status -}} +apiVersion: networking.istio.io/v1alpha3 +kind: VirtualService +metadata: + name: {{ template "webstatus.fullname" . }} + labels: + app: {{ template "webstatus.name" . }} + chart: {{ template "webstatus.chart" . }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +{{- if and .Values.inf.tls.enabled .Values.inf.tls.issuer }} + annotations: + cert-manager.io/issuer: {{ .Values.inf.tls.issuer }} +{{- end }} +{{- if .Values.inf.mesh.enabled }} +{{- with .Values.ingress.mesh.annotations }} +{{ toYaml . | indent 4 }} +{{- end }} +{{- end }} +spec: + hosts: + {{- range .Values.ingress.hosts }} + - {{ . }} + {{- end }} + gateways: + - {{ .Values.ingress.gatewayName }} + http: + {{- range .Values.ingress.hosts }} + - route: + - destination: + host: {{ $serviceName }} + port: + number: 80 + match: + - uri: + prefix: {{ $ingressPath }} + {{- end }} +{{- end }} +{{- end }} From e5969077b0c753cbc6a81a993405df80bea880a8 Mon Sep 17 00:00:00 2001 From: maddadder Date: Mon, 25 Sep 2023 13:39:48 -0700 Subject: [PATCH 11/16] Check ConfigurationService readiness in basket --- .../Client/src/modules/basket/basket.component.ts | 14 +++++++++++++- 1 file changed, 13 insertions(+), 1 deletion(-) diff --git a/src/Web/WebSPA/Client/src/modules/basket/basket.component.ts b/src/Web/WebSPA/Client/src/modules/basket/basket.component.ts index 8528b516dd..d857213388 100644 --- a/src/Web/WebSPA/Client/src/modules/basket/basket.component.ts +++ b/src/Web/WebSPA/Client/src/modules/basket/basket.component.ts @@ -7,6 +7,7 @@ import { BasketService } from './basket.service'; import { IBasket } from '../shared/models/basket.model'; import { IBasketItem } from '../shared/models/basketItem.model'; import { BasketWrapperService } from '../shared/services/basket.wrapper.service'; +import { ConfigurationService } from '../shared/services/configuration.service'; @Component({ selector: 'esh-basket .esh-basket .mb-5', @@ -18,9 +19,20 @@ export class BasketComponent implements OnInit { basket: IBasket; totalPrice: number = 0; - constructor(private basketSerive: BasketService, private router: Router, private basketWrapperService: BasketWrapperService) { } + constructor(private configurationService: ConfigurationService, private basketSerive: BasketService, private router: Router, private basketWrapperService: BasketWrapperService) { } ngOnInit() { + if (this.configurationService.isReady) { + this.loadBasketData(); + } else { + // Subscribe to the settingsLoaded$ observable to know when settings are ready + this.configurationService.settingsLoaded$.subscribe(() => { + this.loadBasketData(); + }); + } + } + + private loadBasketData() { this.basketSerive.getBasket().subscribe(basket => { this.basket = basket; this.calculateTotalPrice(); From fb450885eec8f948c1faef25d348db86a0be6344 Mon Sep 17 00:00:00 2001 From: maddadder Date: Mon, 25 Sep 2023 14:04:54 -0700 Subject: [PATCH 12/16] chk ConfigurationService readiness in order detail --- .../orders/orders-detail/orders-detail.component.ts | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/src/Web/WebSPA/Client/src/modules/orders/orders-detail/orders-detail.component.ts b/src/Web/WebSPA/Client/src/modules/orders/orders-detail/orders-detail.component.ts index 1ccae3e245..146bf86be4 100644 --- a/src/Web/WebSPA/Client/src/modules/orders/orders-detail/orders-detail.component.ts +++ b/src/Web/WebSPA/Client/src/modules/orders/orders-detail/orders-detail.component.ts @@ -1,6 +1,7 @@ import { Component, OnInit } from '@angular/core'; import { OrdersService } from '../orders.service'; import { IOrderDetail } from '../../shared/models/order-detail.model'; +import { ConfigurationService } from '../../shared/services/configuration.service'; import { ActivatedRoute } from '@angular/router'; @Component({ @@ -11,12 +12,18 @@ import { ActivatedRoute } from '@angular/router'; export class OrdersDetailComponent implements OnInit { public order: IOrderDetail = {}; - constructor(private service: OrdersService, private route: ActivatedRoute) { } + constructor(private configurationService: ConfigurationService, private service: OrdersService, private route: ActivatedRoute) { } ngOnInit() { this.route.params.subscribe(params => { let id = +params['id']; // (+) converts string 'id' to a number - this.getOrder(id); + if (this.configurationService.isReady) { + this.getOrder(id); + } else { + this.configurationService.settingsLoaded$.subscribe(x => { + this.getOrder(id); + }); + } }); } From 48a5bcb712744b8dbb60322a3e85b1a26fb34e1b Mon Sep 17 00:00:00 2001 From: maddadder Date: Mon, 25 Sep 2023 23:12:41 -0700 Subject: [PATCH 13/16] fix signalr so that orders show up after placing --- src/Services/Ordering/Ordering.SignalrHub/Program.cs | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/src/Services/Ordering/Ordering.SignalrHub/Program.cs b/src/Services/Ordering/Ordering.SignalrHub/Program.cs index 1b0abd0994..2af88a6a7b 100644 --- a/src/Services/Ordering/Ordering.SignalrHub/Program.cs +++ b/src/Services/Ordering/Ordering.SignalrHub/Program.cs @@ -4,12 +4,12 @@ builder.Services.AddSignalR(builder.Configuration); -builder.Services.AddSingleton, OrderStatusChangedToAwaitingValidationIntegrationEventHandler>(); -builder.Services.AddSingleton, OrderStatusChangedToCancelledIntegrationEventHandler>(); -builder.Services.AddSingleton, OrderStatusChangedToPaidIntegrationEventHandler>(); -builder.Services.AddSingleton, OrderStatusChangedToShippedIntegrationEventHandler>(); -builder.Services.AddSingleton, OrderStatusChangedToStockConfirmedIntegrationEventHandler>(); -builder.Services.AddSingleton, OrderStatusChangedToSubmittedIntegrationEventHandler>(); +builder.Services.AddTransient(); +builder.Services.AddTransient(); +builder.Services.AddTransient(); +builder.Services.AddTransient(); +builder.Services.AddTransient(); +builder.Services.AddTransient(); var app = builder.Build(); From 3d2815e551740bd294314584ad4a37210bbac56f Mon Sep 17 00:00:00 2001 From: maddadder Date: Tue, 26 Sep 2023 13:10:02 -0700 Subject: [PATCH 14/16] use IIntegrationEventHandler in signalr project --- .../Ordering/Ordering.SignalrHub/Program.cs | 24 +++++++++---------- 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/src/Services/Ordering/Ordering.SignalrHub/Program.cs b/src/Services/Ordering/Ordering.SignalrHub/Program.cs index 2af88a6a7b..b2cbbc32c0 100644 --- a/src/Services/Ordering/Ordering.SignalrHub/Program.cs +++ b/src/Services/Ordering/Ordering.SignalrHub/Program.cs @@ -4,12 +4,12 @@ builder.Services.AddSignalR(builder.Configuration); -builder.Services.AddTransient(); -builder.Services.AddTransient(); -builder.Services.AddTransient(); -builder.Services.AddTransient(); -builder.Services.AddTransient(); -builder.Services.AddTransient(); +builder.Services.AddTransient, OrderStatusChangedToAwaitingValidationIntegrationEventHandler>(); +builder.Services.AddTransient, OrderStatusChangedToCancelledIntegrationEventHandler>(); +builder.Services.AddTransient, OrderStatusChangedToPaidIntegrationEventHandler>(); +builder.Services.AddTransient, OrderStatusChangedToShippedIntegrationEventHandler>(); +builder.Services.AddTransient, OrderStatusChangedToStockConfirmedIntegrationEventHandler>(); +builder.Services.AddTransient, OrderStatusChangedToSubmittedIntegrationEventHandler>(); var app = builder.Build(); @@ -19,11 +19,11 @@ var eventBus = app.Services.GetRequiredService(); -eventBus.Subscribe(); -eventBus.Subscribe(); -eventBus.Subscribe(); -eventBus.Subscribe(); -eventBus.Subscribe(); -eventBus.Subscribe(); +eventBus.Subscribe>(); +eventBus.Subscribe>(); +eventBus.Subscribe>(); +eventBus.Subscribe>(); +eventBus.Subscribe>(); +eventBus.Subscribe>(); await app.RunAsync(); From c544f78d9cc0a0751d03f4e94bc16a85dca7526a Mon Sep 17 00:00:00 2001 From: maddadder Date: Tue, 26 Sep 2023 17:19:41 -0700 Subject: [PATCH 15/16] make useLinkerd and useIstio mutually exclusive --- .../helm/apigwms/templates/deployment.yaml | 2 +- .../k8s/helm/apigwms/templates/ingress.yaml | 4 ++-- .../apigwms/templates/ingresss-istio.yaml | 8 +++++--- .../helm/apigwws/templates/deployment.yaml | 2 +- .../k8s/helm/apigwws/templates/ingress.yaml | 4 ++-- .../apigwws/templates/ingresss-istio.yaml | 8 +++++--- .../helm/basket-api/templates/deployment.yaml | 2 +- .../catalog-api/templates/deployment.yaml | 2 +- deploy/k8s/helm/deploy-all-mac.ps1 | 16 +++++++++------- deploy/k8s/helm/deploy-all.ps1 | 17 +++++++++-------- .../identity-api/templates/deployment.yaml | 2 +- .../templates/ingress-dockerk8s.yaml | 4 ++-- .../helm/identity-api/templates/ingress.yaml | 4 ++-- .../templates/ingresss-istio.yaml | 8 +++++--- deploy/k8s/helm/inf.yaml | 4 ++-- deploy/k8s/helm/ingress_values_istio.yaml | 19 +++++++++++-------- .../templates/deployment.yaml | 2 +- .../ordering-api/templates/deployment.yaml | 2 +- .../payment-api/templates/deployment.yaml | 2 +- .../webhooks-api/templates/deployment.yaml | 2 +- .../helm/webhooks-api/templates/ingress.yaml | 4 ++-- .../templates/ingresss-istio.yaml | 8 +++++--- .../webhooks-web/templates/deployment.yaml | 2 +- .../helm/webhooks-web/templates/ingress.yaml | 4 ++-- .../templates/ingresss-istio.yaml | 8 +++++--- .../k8s/helm/webmvc/templates/deployment.yaml | 2 +- .../webmvc/templates/ingress-dockerk8s.yaml | 4 ++-- deploy/k8s/helm/webmvc/templates/ingress.yaml | 4 ++-- .../helm/webmvc/templates/ingresss-istio.yaml | 8 +++++--- .../webshoppingagg/templates/deployment.yaml | 2 +- .../webshoppingagg/templates/ingress.yaml | 4 ++-- .../templates/ingresss-istio.yaml | 8 +++++--- .../k8s/helm/webspa/templates/deployment.yaml | 2 +- deploy/k8s/helm/webspa/templates/ingress.yaml | 4 ++-- .../helm/webspa/templates/ingresss-istio.yaml | 8 +++++--- .../helm/webstatus/templates/deployment.yaml | 2 +- .../k8s/helm/webstatus/templates/ingress.yaml | 4 ++-- .../webstatus/templates/ingresss-istio.yaml | 8 +++++--- 38 files changed, 112 insertions(+), 88 deletions(-) diff --git a/deploy/k8s/helm/apigwms/templates/deployment.yaml b/deploy/k8s/helm/apigwms/templates/deployment.yaml index 2fb42f4fbf..11ad032b21 100644 --- a/deploy/k8s/helm/apigwms/templates/deployment.yaml +++ b/deploy/k8s/helm/apigwms/templates/deployment.yaml @@ -22,7 +22,7 @@ spec: labels: app: {{ template "apigwms.name" . }} release: {{ .Release.Name }} - {{ if .Values.inf.mesh.enabled -}} + {{ if .Values.inf.mesh.linkerd -}} annotations: linkerd.io/inject: enabled {{- end }} diff --git a/deploy/k8s/helm/apigwms/templates/ingress.yaml b/deploy/k8s/helm/apigwms/templates/ingress.yaml index 4cb65efdbd..27e0cc5e0f 100644 --- a/deploy/k8s/helm/apigwms/templates/ingress.yaml +++ b/deploy/k8s/helm/apigwms/templates/ingress.yaml @@ -1,4 +1,4 @@ -{{- if and .Values.ingress.enabled (not .Values.inf.k8s.istio) -}} +{{- if and .Values.ingress.enabled (not .Values.inf.mesh.istio) -}} {{- $ingressPath := include "pathBase" . -}} {{- $serviceName := .Values.app.svc.mobileshoppingapigw -}} @@ -18,7 +18,7 @@ metadata: {{- if and .Values.inf.tls.enabled .Values.inf.tls.issuer }} cert-manager.io/issuer: {{ .Values.inf.tls.issuer }} {{- end }} -{{- if .Values.inf.mesh.enabled }} +{{- if .Values.inf.mesh.linkerd }} {{- with .Values.ingress.mesh.annotations }} {{ toYaml . | indent 4 }} {{- end }} diff --git a/deploy/k8s/helm/apigwms/templates/ingresss-istio.yaml b/deploy/k8s/helm/apigwms/templates/ingresss-istio.yaml index a5bee22ccf..29e7a19ec6 100644 --- a/deploy/k8s/helm/apigwms/templates/ingresss-istio.yaml +++ b/deploy/k8s/helm/apigwms/templates/ingresss-istio.yaml @@ -1,5 +1,5 @@ {{- if .Values.ingress.enabled -}} -{{- if .Values.inf.k8s.istio -}} +{{- if .Values.inf.mesh.istio -}} {{- $ingressPath := include "pathBase" . -}} {{- $serviceName := .Values.app.svc.mobileshoppingapigw -}} apiVersion: networking.istio.io/v1alpha3 @@ -15,7 +15,7 @@ metadata: annotations: cert-manager.io/issuer: {{ .Values.inf.tls.issuer }} {{- end }} -{{- if .Values.inf.mesh.enabled }} +{{- if .Values.inf.mesh.istio }} {{- with .Values.ingress.mesh.annotations }} {{ toYaml . | indent 4 }} {{- end }} @@ -26,7 +26,9 @@ spec: - {{ . }} {{- end }} gateways: - - {{ .Values.ingress.gatewayName }} + {{- range .Values.ingress.gateways }} + - {{ . }} + {{- end }} http: {{- range .Values.ingress.hosts }} - route: diff --git a/deploy/k8s/helm/apigwws/templates/deployment.yaml b/deploy/k8s/helm/apigwws/templates/deployment.yaml index 3bbcec274c..7fc1cb8c84 100644 --- a/deploy/k8s/helm/apigwws/templates/deployment.yaml +++ b/deploy/k8s/helm/apigwws/templates/deployment.yaml @@ -21,7 +21,7 @@ spec: labels: app: {{ template "apigwws.name" . }} release: {{ .Release.Name }} - {{ if .Values.inf.mesh.enabled -}} + {{ if .Values.inf.mesh.linkerd -}} annotations: linkerd.io/inject: enabled {{- end }} diff --git a/deploy/k8s/helm/apigwws/templates/ingress.yaml b/deploy/k8s/helm/apigwws/templates/ingress.yaml index 9043803138..e63ecc34ae 100644 --- a/deploy/k8s/helm/apigwws/templates/ingress.yaml +++ b/deploy/k8s/helm/apigwws/templates/ingress.yaml @@ -1,4 +1,4 @@ -{{- if and .Values.ingress.enabled (not .Values.inf.k8s.istio) -}} +{{- if and .Values.ingress.enabled (not .Values.inf.mesh.istio) -}} {{- $ingressPath := include "pathBase" . -}} {{- $serviceName := .Values.app.svc.webshoppingapigw -}} apiVersion: networking.k8s.io/v1 @@ -17,7 +17,7 @@ metadata: {{- if and .Values.inf.tls.enabled .Values.inf.tls.issuer }} cert-manager.io/issuer: {{ .Values.inf.tls.issuer }} {{- end }} -{{- if .Values.inf.mesh.enabled }} +{{- if .Values.inf.mesh.linkerd }} {{- with .Values.ingress.mesh.annotations }} {{ toYaml . | indent 4 }} {{- end }} diff --git a/deploy/k8s/helm/apigwws/templates/ingresss-istio.yaml b/deploy/k8s/helm/apigwws/templates/ingresss-istio.yaml index 117a33810b..a285ad3b48 100644 --- a/deploy/k8s/helm/apigwws/templates/ingresss-istio.yaml +++ b/deploy/k8s/helm/apigwws/templates/ingresss-istio.yaml @@ -1,5 +1,5 @@ {{- if .Values.ingress.enabled -}} -{{- if .Values.inf.k8s.istio -}} +{{- if .Values.inf.mesh.istio -}} {{- $ingressPath := include "pathBase" . -}} {{- $serviceName := .Values.app.svc.webshoppingapigw -}} apiVersion: networking.istio.io/v1alpha3 @@ -15,7 +15,7 @@ metadata: annotations: cert-manager.io/issuer: {{ .Values.inf.tls.issuer }} {{- end }} -{{- if .Values.inf.mesh.enabled }} +{{- if .Values.inf.mesh.istio }} {{- with .Values.ingress.mesh.annotations }} {{ toYaml . | indent 4 }} {{- end }} @@ -26,7 +26,9 @@ spec: - {{ . }} {{- end }} gateways: - - {{ .Values.ingress.gatewayName }} + {{- range .Values.ingress.gateways }} + - {{ . }} + {{- end }} http: {{- range .Values.ingress.hosts }} - route: diff --git a/deploy/k8s/helm/basket-api/templates/deployment.yaml b/deploy/k8s/helm/basket-api/templates/deployment.yaml index b9fd262041..29ef312797 100644 --- a/deploy/k8s/helm/basket-api/templates/deployment.yaml +++ b/deploy/k8s/helm/basket-api/templates/deployment.yaml @@ -21,7 +21,7 @@ spec: labels: app: {{ template "basket-api.name" . }} release: {{ .Release.Name }} - {{ if .Values.inf.mesh.enabled -}} + {{ if .Values.inf.mesh.linkerd -}} annotations: linkerd.io/inject: enabled {{- end }} diff --git a/deploy/k8s/helm/catalog-api/templates/deployment.yaml b/deploy/k8s/helm/catalog-api/templates/deployment.yaml index 266d894076..707417e0f5 100644 --- a/deploy/k8s/helm/catalog-api/templates/deployment.yaml +++ b/deploy/k8s/helm/catalog-api/templates/deployment.yaml @@ -21,7 +21,7 @@ spec: labels: app: {{ template "catalog-api.name" . }} release: {{ .Release.Name }} - {{ if .Values.inf.mesh.enabled -}} + {{ if .Values.inf.mesh.linkerd -}} annotations: linkerd.io/inject: enabled {{- end }} diff --git a/deploy/k8s/helm/deploy-all-mac.ps1 b/deploy/k8s/helm/deploy-all-mac.ps1 index 2cf891edcd..139cb9c3f7 100644 --- a/deploy/k8s/helm/deploy-all-mac.ps1 +++ b/deploy/k8s/helm/deploy-all-mac.ps1 @@ -12,7 +12,8 @@ Param( [parameter(Mandatory=$false)][string]$imageTag="latest", [parameter(Mandatory=$false)][bool]$useLocalk8s=$false, [parameter(Mandatory=$false)][bool]$useIstio=$false, - [parameter(Mandatory=$false)][bool]$useMesh=$false, + [parameter(Mandatory=$false)][string]$istioGatewayName="istio-system/default-gateway", + [parameter(Mandatory=$false)][bool]$useLinkerd=$false, [parameter(Mandatory=$false)][string][ValidateSet('Always','IfNotPresent','Never', IgnoreCase=$false)]$imagePullPolicy="Always", [parameter(Mandatory=$false)][string][ValidateSet('prod','staging','none','custom', IgnoreCase=$false)]$sslSupport = "none", [parameter(Mandatory=$false)][string]$tlsSecretName = "eshop-tls-custom", @@ -65,9 +66,6 @@ if ($useLocalk8s -eq $true) { $ingressValuesFile="ingress_values_dockerk8s.yaml" $dns="localhost" } -elseif ($useIstio -eq $true){ - $ingressValuesFile="ingress_values_istio.yaml" -} if ($externalDns -eq "aks") { if ([string]::IsNullOrEmpty($aksName) -or [string]::IsNullOrEmpty($aksRg)) { @@ -94,6 +92,10 @@ if ([string]::IsNullOrEmpty($dns)) { } } +if ($useIstio -and $useLinkerd) { + Write-Host "You cannot enable both istio and linkerd." -ForegroundColor Red + exit 1 +} if ($useLocalk8s -and $sslEnabled) { Write-Host "SSL can'be enabled on local K8s." -ForegroundColor Red exit 1 @@ -130,7 +132,7 @@ $gateways = ("apigwms", "apigwws") if ($deployInfrastructure) { foreach ($infra in $infras) { Write-Host "Installing infrastructure: $infra" -ForegroundColor Green - helm install "$appName-$infra" --values app.yaml --values inf.yaml --values $ingressValuesFile --set app.name=$appName --set inf.k8s.dns=$dns --set "ingress.hosts={$dns}" $infra + helm install "$appName-$infra" --values app.yaml --values inf.yaml --values $ingressValuesFile --set app.name=$appName --set inf.k8s.dns=$dns --set "ingress.hosts={$dns}" --set "ingress.gateways={$istioGatewayName}" $infra } } else { @@ -141,14 +143,14 @@ if ($deployCharts) { foreach ($chart in $charts) { if ($chartsToDeploy -eq "*" -or $chartsToDeploy.Contains($chart)) { Write-Host "Installing: $chart" -ForegroundColor Green - Install-Chart $chart "--values app.yaml --values inf.yaml --values $ingressValuesFile --values $ingressMeshAnnotationsFile --set app.name=$appName --set inf.k8s.dns=$dns --set ingress.hosts=``{$dns``} --set image.tag=$imageTag --set image.pullPolicy=$imagePullPolicy --set inf.tls.enabled=$sslEnabled --set inf.mesh.enabled=$useMesh --set inf.k8s.local=$useLocalk8s --set inf.k8s.istio=$useIstio" $useCustomRegistry + Install-Chart $chart "--values app.yaml --values inf.yaml --values $ingressValuesFile --values $ingressMeshAnnotationsFile --set app.name=$appName --set inf.k8s.dns=$dns --set ingress.hosts=``{$dns``} --set ingress.gateways=``{$istioGatewayName``} --set image.tag=$imageTag --set image.pullPolicy=$imagePullPolicy --set inf.tls.enabled=$sslEnabled --set inf.mesh.linkerd=$useLinkerd --set inf.k8s.local=$useLocalk8s --set inf.mesh.istio=$useIstio" $useCustomRegistry } } foreach ($chart in $gateways) { if ($chartsToDeploy -eq "*" -or $chartsToDeploy.Contains($chart)) { Write-Host "Installing Api Gateway Chart: $chart" -ForegroundColor Green - Install-Chart $chart "--values app.yaml --values inf.yaml --values $ingressValuesFile --set app.name=$appName --set inf.k8s.dns=$dns --set image.pullPolicy=$imagePullPolicy --set inf.mesh.enabled=$useMesh --set ingress.hosts=``{$dns``} --set inf.tls.enabled=$sslEnabled --set inf.k8s.local=$useLocalk8s --set inf.k8s.istio=$useIstio" $false + Install-Chart $chart "--values app.yaml --values inf.yaml --values $ingressValuesFile --values $ingressMeshAnnotationsFile --set app.name=$appName --set inf.k8s.dns=$dns --set image.pullPolicy=$imagePullPolicy --set inf.mesh.linkerd=$useLinkerd --set ingress.hosts=``{$dns``} --set ingress.gateways=``{$istioGatewayName``} --set inf.tls.enabled=$sslEnabled --set inf.k8s.local=$useLocalk8s --set inf.mesh.istio=$useIstio" $false } } diff --git a/deploy/k8s/helm/deploy-all.ps1 b/deploy/k8s/helm/deploy-all.ps1 index 0036aa712f..d14ab74f4b 100644 --- a/deploy/k8s/helm/deploy-all.ps1 +++ b/deploy/k8s/helm/deploy-all.ps1 @@ -12,7 +12,8 @@ Param( [parameter(Mandatory=$false)][string]$imageTag="latest", [parameter(Mandatory=$false)][bool]$useLocalk8s=$false, [parameter(Mandatory=$false)][bool]$useIstio=$false, - [parameter(Mandatory=$false)][bool]$useMesh=$false, + [parameter(Mandatory=$false)][string]$istioGatewayName="istio-system/default-gateway", + [parameter(Mandatory=$false)][bool]$useLinkerd=$false, [parameter(Mandatory=$false)][string][ValidateSet('Always','IfNotPresent','Never', IgnoreCase=$false)]$imagePullPolicy="Always", [parameter(Mandatory=$false)][string][ValidateSet('prod','staging','none','custom', IgnoreCase=$false)]$sslSupport = "none", [parameter(Mandatory=$false)][string]$tlsSecretName = "eshop-tls-custom", @@ -64,9 +65,6 @@ if ($useLocalk8s -eq $true) { $ingressValuesFile="ingress_values_dockerk8s.yaml" $dns="localhost" } -elseif ($useIstio -eq $true){ - $ingressValuesFile="ingress_values_istio.yaml" -} if ($externalDns -eq "aks") { if ([string]::IsNullOrEmpty($aksName) -or [string]::IsNullOrEmpty($aksRg)) { @@ -93,6 +91,10 @@ if ([string]::IsNullOrEmpty($dns)) { } } +if ($useIstio -and $useLinkerd) { + Write-Host "You cannot enable both istio and linkerd." -ForegroundColor Red + exit 1 +} if ($useLocalk8s -and $sslEnabled) { Write-Host "SSL can'be enabled on local K8s." -ForegroundColor Red exit 1 @@ -129,7 +131,7 @@ $gateways = ("apigwms", "apigwws") if ($deployInfrastructure) { foreach ($infra in $infras) { Write-Host "Installing infrastructure: $infra" -ForegroundColor Green - helm install "$appName-$infra" --values app.yaml --values inf.yaml --values $ingressValuesFile --set app.name=$appName --set inf.k8s.dns=$dns --set "ingress.hosts={$dns}" $infra + helm install "$appName-$infra" --values app.yaml --values inf.yaml --values $ingressValuesFile --set app.name=$appName --set inf.k8s.dns=$dns --set "ingress.hosts={$dns}" --set "ingress.gateways={$istioGatewayName}" $infra } } else { @@ -140,15 +142,14 @@ if ($deployCharts) { foreach ($chart in $charts) { if ($chartsToDeploy -eq "*" -or $chartsToDeploy.Contains($chart)) { Write-Host "Installing: $chart" -ForegroundColor Green - Install-Chart $chart "-f app.yaml --values inf.yaml -f $ingressValuesFile -f $ingressMeshAnnotationsFile --set app.name=$appName --set inf.k8s.dns=$dns --set ingress.hosts={$dns} --set image.tag=$imageTag --set image.pullPolicy=$imagePullPolicy --set inf.tls.enabled=$sslEnabled --set inf.mesh.enabled=$useMesh --set inf.k8s.local=$useLocalk8s --set inf.k8s.istio=$useIstio" $useCustomRegistry + Install-Chart $chart "-f app.yaml --values inf.yaml -f $ingressValuesFile -f $ingressMeshAnnotationsFile --set app.name=$appName --set inf.k8s.dns=$dns --set ingress.hosts={$dns} --set ingress.gateways={$istioGatewayName} --set image.tag=$imageTag --set image.pullPolicy=$imagePullPolicy --set inf.tls.enabled=$sslEnabled --set inf.mesh.linkerd=$useLinkerd --set inf.k8s.local=$useLocalk8s --set inf.mesh.istio=$useIstio" $useCustomRegistry } } foreach ($chart in $gateways) { if ($chartsToDeploy -eq "*" -or $chartsToDeploy.Contains($chart)) { Write-Host "Installing Api Gateway Chart: $chart" -ForegroundColor Green - Install-Chart $chart "-f app.yaml -f inf.yaml -f $ingressValuesFile --set app.name=$appName --set inf.k8s.dns=$dns --set image.pullPolicy=$imagePullPolicy --set inf.mesh.enabled=$useMesh --set ingress.hosts={$dns} --set inf.tls.enabled=$sslEnabled --set inf.k8s.local=$useLocalk8s --set inf.k8s.istio=$useIstio" $false - + Install-Chart $chart "-f app.yaml -f inf.yaml -f $ingressValuesFile -f $ingressMeshAnnotationsFile --set app.name=$appName --set inf.k8s.dns=$dns --set image.pullPolicy=$imagePullPolicy --set inf.mesh.linkerd=$useLinkerd --set ingress.hosts={$dns} --set ingress.gateways={$istioGatewayName} --set inf.tls.enabled=$sslEnabled --set inf.k8s.local=$useLocalk8s --set inf.mesh.istio=$useIstio" $false } } } diff --git a/deploy/k8s/helm/identity-api/templates/deployment.yaml b/deploy/k8s/helm/identity-api/templates/deployment.yaml index f2e7d60781..a33ffeb740 100644 --- a/deploy/k8s/helm/identity-api/templates/deployment.yaml +++ b/deploy/k8s/helm/identity-api/templates/deployment.yaml @@ -21,7 +21,7 @@ spec: labels: app: {{ template "identity-api.name" . }} release: {{ .Release.Name }} - {{ if .Values.inf.mesh.enabled -}} + {{ if .Values.inf.mesh.linkerd -}} annotations: linkerd.io/inject: enabled {{- end }} diff --git a/deploy/k8s/helm/identity-api/templates/ingress-dockerk8s.yaml b/deploy/k8s/helm/identity-api/templates/ingress-dockerk8s.yaml index c8a29400cd..3cdfe59ef2 100644 --- a/deploy/k8s/helm/identity-api/templates/ingress-dockerk8s.yaml +++ b/deploy/k8s/helm/identity-api/templates/ingress-dockerk8s.yaml @@ -1,4 +1,4 @@ -{{- if .Values.ingress.enabled -}} +{{- if and .Values.ingress.enabled (not .Values.inf.mesh.istio) -}} {{- if .Values.inf.k8s.local -}} {{- $ingressPath := include "pathBase" . -}} {{- $serviceName := .Values.app.svc.identity }} @@ -16,7 +16,7 @@ metadata: annotations: {{ toYaml . | indent 4 }} {{- end }} -{{- if .Values.inf.mesh.enabled }} +{{- if .Values.inf.mesh.linkerd }} {{- with .Values.ingress.mesh.annotations }} {{ toYaml . | indent 4 }} {{- end }} diff --git a/deploy/k8s/helm/identity-api/templates/ingress.yaml b/deploy/k8s/helm/identity-api/templates/ingress.yaml index ad8c041094..dd3918b358 100644 --- a/deploy/k8s/helm/identity-api/templates/ingress.yaml +++ b/deploy/k8s/helm/identity-api/templates/ingress.yaml @@ -1,4 +1,4 @@ -{{- if and .Values.ingress.enabled (not .Values.inf.k8s.istio) -}} +{{- if and .Values.ingress.enabled (not .Values.inf.mesh.istio) -}} {{- $ingressPath := include "pathBase" . -}} {{- $serviceName := .Values.app.svc.identity }} apiVersion: networking.k8s.io/v1 @@ -17,7 +17,7 @@ metadata: {{- if and .Values.inf.tls.enabled .Values.inf.tls.issuer }} cert-manager.io/issuer: {{ .Values.inf.tls.issuer }} {{- end }} -{{- if .Values.inf.mesh.enabled }} +{{- if .Values.inf.mesh.linkerd }} {{- with .Values.ingress.mesh.annotations }} {{ toYaml . | indent 4 }} {{- end }} diff --git a/deploy/k8s/helm/identity-api/templates/ingresss-istio.yaml b/deploy/k8s/helm/identity-api/templates/ingresss-istio.yaml index 94f7a2dd7d..c3232af085 100644 --- a/deploy/k8s/helm/identity-api/templates/ingresss-istio.yaml +++ b/deploy/k8s/helm/identity-api/templates/ingresss-istio.yaml @@ -1,5 +1,5 @@ {{- if .Values.ingress.enabled -}} -{{- if .Values.inf.k8s.istio -}} +{{- if .Values.inf.mesh.istio -}} {{- $ingressPath := include "pathBase" . -}} {{- $serviceName := .Values.app.svc.identity }} apiVersion: networking.istio.io/v1alpha3 @@ -15,7 +15,7 @@ metadata: annotations: cert-manager.io/issuer: {{ .Values.inf.tls.issuer }} {{- end }} -{{- if .Values.inf.mesh.enabled }} +{{- if .Values.inf.mesh.istio }} {{- with .Values.ingress.mesh.annotations }} {{ toYaml . | indent 4 }} {{- end }} @@ -26,7 +26,9 @@ spec: - {{ . }} {{- end }} gateways: - - {{ .Values.ingress.gatewayName }} + {{- range .Values.ingress.gateways }} + - {{ . }} + {{- end }} http: {{- range .Values.ingress.hosts }} - route: diff --git a/deploy/k8s/helm/inf.yaml b/deploy/k8s/helm/inf.yaml index b6ebeedb38..78725d0814 100644 --- a/deploy/k8s/helm/inf.yaml +++ b/deploy/k8s/helm/inf.yaml @@ -3,7 +3,8 @@ inf: mesh: - enabled: false # True to enable Linkerd (set by deploy-all.ps1) + linkerd: false # True to enable Linkerd (set by deploy-all.ps1) + istio: false # True to enable Istio (set by deploy-all.ps1) tls: enabled: false # True to enable TLS (set by deploy-all.ps1) issuer: "" # cert-manager issuer to use for retrieving certs (set by deploy-all.ps1) @@ -40,7 +41,6 @@ inf: k8s: # inf.k8s defines Kubernetes cluster global config dns: "" # k8s external DNS. This value or ip value MUST BE PROVIDED local: false # True when deploying on "local K8s" provided by Docker Desktop. - istio: false # True when deploying on K8s with istio. misc: # inf.misc contains miscellaneous configuration related to infrastructure useAzureStorage: false # If catalog api uses azure storage or not # registry: # Uncomment "registry" to specify registry secret diff --git a/deploy/k8s/helm/ingress_values_istio.yaml b/deploy/k8s/helm/ingress_values_istio.yaml index 558bfc2bc4..998ba38f58 100644 --- a/deploy/k8s/helm/ingress_values_istio.yaml +++ b/deploy/k8s/helm/ingress_values_istio.yaml @@ -1,10 +1,13 @@ -# This file contains common ingress annotations when using AKS with Http Application Routing +# This file contains extra annotations to make Istio work. +# ingress.mesh.annotations are inserted into ingress.annotations of the resource being generated, if mesh is deployed +# +# It is designed to work as a placehoder +# +# Check https://istio.io/latest/docs/reference/config/annotations/ for more info +# +# If using your custom file, use -ingressMeshAnnotationsFile parameter in deploy-all.ps1 + ingress: - gatewayName: istio-system/default-gateway - annotations: - kubernetes.io/ingress.class: public - ingress.kubernetes.io/ssl-redirect: "false" - nginx.ingress.kubernetes.io/ssl-redirect: "false" - nginx.ingress.kubernetes.io/proxy-buffer-size: "128k" - nginx.ingress.kubernetes.io/proxy-buffers: "4 256k" + mesh: + annotations: {} \ No newline at end of file diff --git a/deploy/k8s/helm/mobileshoppingagg/templates/deployment.yaml b/deploy/k8s/helm/mobileshoppingagg/templates/deployment.yaml index eb0f4f536b..ad3fd1d518 100644 --- a/deploy/k8s/helm/mobileshoppingagg/templates/deployment.yaml +++ b/deploy/k8s/helm/mobileshoppingagg/templates/deployment.yaml @@ -21,7 +21,7 @@ spec: labels: app: {{ template "mobileshoppingagg.name" . }} release: {{ .Release.Name }} - {{ if .Values.inf.mesh.enabled -}} + {{ if .Values.inf.mesh.linkerd -}} annotations: linkerd.io/inject: enabled {{- end }} diff --git a/deploy/k8s/helm/ordering-api/templates/deployment.yaml b/deploy/k8s/helm/ordering-api/templates/deployment.yaml index 4e25dcbb61..c2f55f03aa 100644 --- a/deploy/k8s/helm/ordering-api/templates/deployment.yaml +++ b/deploy/k8s/helm/ordering-api/templates/deployment.yaml @@ -21,7 +21,7 @@ spec: labels: app: {{ template "ordering-api.name" . }} release: {{ .Release.Name }} - {{ if .Values.inf.mesh.enabled -}} + {{ if .Values.inf.mesh.linkerd -}} annotations: linkerd.io/inject: enabled {{- end }} diff --git a/deploy/k8s/helm/payment-api/templates/deployment.yaml b/deploy/k8s/helm/payment-api/templates/deployment.yaml index df0bbe7d13..36e0e40741 100644 --- a/deploy/k8s/helm/payment-api/templates/deployment.yaml +++ b/deploy/k8s/helm/payment-api/templates/deployment.yaml @@ -21,7 +21,7 @@ spec: labels: app: {{ template "payment-api.name" . }} release: {{ .Release.Name }} - {{ if .Values.inf.mesh.enabled -}} + {{ if .Values.inf.mesh.linkerd -}} annotations: linkerd.io/inject: enabled {{- end }} diff --git a/deploy/k8s/helm/webhooks-api/templates/deployment.yaml b/deploy/k8s/helm/webhooks-api/templates/deployment.yaml index 16aeecd91d..16bf8359b9 100644 --- a/deploy/k8s/helm/webhooks-api/templates/deployment.yaml +++ b/deploy/k8s/helm/webhooks-api/templates/deployment.yaml @@ -21,7 +21,7 @@ spec: labels: app: {{ template "webhooks-api.name" . }} release: {{ .Release.Name }} - {{ if .Values.inf.mesh.enabled -}} + {{ if .Values.inf.mesh.linkerd -}} annotations: linkerd.io/inject: enabled {{- end }} diff --git a/deploy/k8s/helm/webhooks-api/templates/ingress.yaml b/deploy/k8s/helm/webhooks-api/templates/ingress.yaml index 1eb52b51bf..f9596f8621 100644 --- a/deploy/k8s/helm/webhooks-api/templates/ingress.yaml +++ b/deploy/k8s/helm/webhooks-api/templates/ingress.yaml @@ -1,4 +1,4 @@ -{{- if and .Values.ingress.enabled (not .Values.inf.k8s.istio) -}} +{{- if and .Values.ingress.enabled (not .Values.inf.mesh.istio) -}} {{- $ingressPath := include "pathBase" . -}} {{- $serviceName := .Values.app.svc.webhooks }} apiVersion: networking.k8s.io/v1 @@ -17,7 +17,7 @@ metadata: {{- if and .Values.inf.tls.enabled .Values.inf.tls.issuer }} cert-manager.io/issuer: {{ .Values.inf.tls.issuer }} {{- end }} -{{- if .Values.inf.mesh.enabled }} +{{- if .Values.inf.mesh.linkerd }} {{- with .Values.ingress.mesh.annotations }} {{ toYaml . | indent 4 }} {{- end }} diff --git a/deploy/k8s/helm/webhooks-api/templates/ingresss-istio.yaml b/deploy/k8s/helm/webhooks-api/templates/ingresss-istio.yaml index 17729b0ec1..cb2dad4fc0 100644 --- a/deploy/k8s/helm/webhooks-api/templates/ingresss-istio.yaml +++ b/deploy/k8s/helm/webhooks-api/templates/ingresss-istio.yaml @@ -1,5 +1,5 @@ {{- if .Values.ingress.enabled -}} -{{- if .Values.inf.k8s.istio -}} +{{- if .Values.inf.mesh.istio -}} {{- $ingressPath := include "pathBase" . -}} {{- $serviceName := .Values.app.svc.webhooks }} apiVersion: networking.istio.io/v1alpha3 @@ -15,7 +15,7 @@ metadata: annotations: cert-manager.io/issuer: {{ .Values.inf.tls.issuer }} {{- end }} -{{- if .Values.inf.mesh.enabled }} +{{- if .Values.inf.mesh.istio }} {{- with .Values.ingress.mesh.annotations }} {{ toYaml . | indent 4 }} {{- end }} @@ -26,7 +26,9 @@ spec: - {{ . }} {{- end }} gateways: - - {{ .Values.ingress.gatewayName }} + {{- range .Values.ingress.gateways }} + - {{ . }} + {{- end }} http: {{- range .Values.ingress.hosts }} - route: diff --git a/deploy/k8s/helm/webhooks-web/templates/deployment.yaml b/deploy/k8s/helm/webhooks-web/templates/deployment.yaml index 7ee3572f5f..933748e8df 100644 --- a/deploy/k8s/helm/webhooks-web/templates/deployment.yaml +++ b/deploy/k8s/helm/webhooks-web/templates/deployment.yaml @@ -21,7 +21,7 @@ spec: labels: app: {{ template "webhooks-web.name" . }} release: {{ .Release.Name }} - {{ if .Values.inf.mesh.enabled -}} + {{ if .Values.inf.mesh.linkerd -}} annotations: linkerd.io/inject: enabled {{- end }} diff --git a/deploy/k8s/helm/webhooks-web/templates/ingress.yaml b/deploy/k8s/helm/webhooks-web/templates/ingress.yaml index 9b3590945a..9eade7da60 100644 --- a/deploy/k8s/helm/webhooks-web/templates/ingress.yaml +++ b/deploy/k8s/helm/webhooks-web/templates/ingress.yaml @@ -1,4 +1,4 @@ -{{- if and .Values.ingress.enabled (not .Values.inf.k8s.istio) -}} +{{- if and .Values.ingress.enabled (not .Values.inf.mesh.istio) -}} {{- $ingressPath := include "pathBase" . -}} {{- $serviceName := $.Values.app.svc.webhooksweb -}} @@ -18,7 +18,7 @@ metadata: {{- if and .Values.inf.tls.enabled .Values.inf.tls.issuer }} cert-manager.io/issuer: {{ .Values.inf.tls.issuer }} {{- end }} -{{- if .Values.inf.mesh.enabled }} +{{- if .Values.inf.mesh.linkerd }} {{- with .Values.ingress.mesh.annotations }} {{ toYaml . | indent 4 }} {{- end }} diff --git a/deploy/k8s/helm/webhooks-web/templates/ingresss-istio.yaml b/deploy/k8s/helm/webhooks-web/templates/ingresss-istio.yaml index 5197dce858..cc1dc80040 100644 --- a/deploy/k8s/helm/webhooks-web/templates/ingresss-istio.yaml +++ b/deploy/k8s/helm/webhooks-web/templates/ingresss-istio.yaml @@ -1,5 +1,5 @@ {{- if .Values.ingress.enabled -}} -{{- if .Values.inf.k8s.istio -}} +{{- if .Values.inf.mesh.istio -}} {{- $ingressPath := include "pathBase" . -}} {{- $serviceName := $.Values.app.svc.webhooksweb -}} apiVersion: networking.istio.io/v1alpha3 @@ -15,7 +15,7 @@ metadata: annotations: cert-manager.io/issuer: {{ .Values.inf.tls.issuer }} {{- end }} -{{- if .Values.inf.mesh.enabled }} +{{- if .Values.inf.mesh.istio }} {{- with .Values.ingress.mesh.annotations }} {{ toYaml . | indent 4 }} {{- end }} @@ -26,7 +26,9 @@ spec: - {{ . }} {{- end }} gateways: - - {{ .Values.ingress.gatewayName }} + {{- range .Values.ingress.gateways }} + - {{ . }} + {{- end }} http: {{- range .Values.ingress.hosts }} - route: diff --git a/deploy/k8s/helm/webmvc/templates/deployment.yaml b/deploy/k8s/helm/webmvc/templates/deployment.yaml index 2e1162be1a..d5abeb54b6 100644 --- a/deploy/k8s/helm/webmvc/templates/deployment.yaml +++ b/deploy/k8s/helm/webmvc/templates/deployment.yaml @@ -21,7 +21,7 @@ spec: labels: app: {{ template "webmvc.name" . }} release: {{ .Release.Name }} - {{ if .Values.inf.mesh.enabled -}} + {{ if .Values.inf.mesh.linkerd -}} annotations: linkerd.io/inject: enabled {{- end }} diff --git a/deploy/k8s/helm/webmvc/templates/ingress-dockerk8s.yaml b/deploy/k8s/helm/webmvc/templates/ingress-dockerk8s.yaml index 074da7e889..a9d5453bda 100644 --- a/deploy/k8s/helm/webmvc/templates/ingress-dockerk8s.yaml +++ b/deploy/k8s/helm/webmvc/templates/ingress-dockerk8s.yaml @@ -1,4 +1,4 @@ -{{- if .Values.ingress.enabled -}} +{{- if and .Values.ingress.enabled (not .Values.inf.mesh.istio) -}} {{- if .Values.inf.k8s.local -}} {{- $ingressPath := include "pathBase" . -}} {{- $serviceName := .Values.app.svc.mvc }} @@ -16,7 +16,7 @@ metadata: annotations: {{ toYaml . | indent 4 }} {{- end }} -{{- if .Values.inf.mesh.enabled }} +{{- if .Values.inf.mesh.linkerd }} {{- with .Values.ingress.mesh.annotations }} {{ toYaml . | indent 4 }} {{- end }} diff --git a/deploy/k8s/helm/webmvc/templates/ingress.yaml b/deploy/k8s/helm/webmvc/templates/ingress.yaml index b0b51f6c32..763ffd7dad 100644 --- a/deploy/k8s/helm/webmvc/templates/ingress.yaml +++ b/deploy/k8s/helm/webmvc/templates/ingress.yaml @@ -1,4 +1,4 @@ -{{- if and .Values.ingress.enabled (not .Values.inf.k8s.istio) -}} +{{- if and .Values.ingress.enabled (not .Values.inf.mesh.istio) -}} {{- $ingressPath := include "pathBase" . -}} {{- $serviceName := .Values.app.svc.mvc -}} apiVersion: networking.k8s.io/v1 @@ -17,7 +17,7 @@ metadata: {{- if and .Values.inf.tls.enabled .Values.inf.tls.issuer }} cert-manager.io/issuer: {{ .Values.inf.tls.issuer }} {{- end }} -{{- if .Values.inf.mesh.enabled }} +{{- if .Values.inf.mesh.linkerd }} {{- with .Values.ingress.mesh.annotations }} {{ toYaml . | indent 4 }} {{- end }} diff --git a/deploy/k8s/helm/webmvc/templates/ingresss-istio.yaml b/deploy/k8s/helm/webmvc/templates/ingresss-istio.yaml index db07823f73..54edb2a25e 100644 --- a/deploy/k8s/helm/webmvc/templates/ingresss-istio.yaml +++ b/deploy/k8s/helm/webmvc/templates/ingresss-istio.yaml @@ -1,5 +1,5 @@ {{- if .Values.ingress.enabled -}} -{{- if .Values.inf.k8s.istio -}} +{{- if .Values.inf.mesh.istio -}} {{- $ingressPath := include "pathBase" . -}} {{- $serviceName := .Values.app.svc.mvc -}} apiVersion: networking.istio.io/v1alpha3 @@ -15,7 +15,7 @@ metadata: annotations: cert-manager.io/issuer: {{ .Values.inf.tls.issuer }} {{- end }} -{{- if .Values.inf.mesh.enabled }} +{{- if .Values.inf.mesh.istio }} {{- with .Values.ingress.mesh.annotations }} {{ toYaml . | indent 4 }} {{- end }} @@ -26,7 +26,9 @@ spec: - {{ . }} {{- end }} gateways: - - {{ .Values.ingress.gatewayName }} + {{- range .Values.ingress.gateways }} + - {{ . }} + {{- end }} http: {{- range .Values.ingress.hosts }} - route: diff --git a/deploy/k8s/helm/webshoppingagg/templates/deployment.yaml b/deploy/k8s/helm/webshoppingagg/templates/deployment.yaml index 3e82f1a0e6..80a20fcb28 100644 --- a/deploy/k8s/helm/webshoppingagg/templates/deployment.yaml +++ b/deploy/k8s/helm/webshoppingagg/templates/deployment.yaml @@ -20,7 +20,7 @@ spec: labels: app: {{ template "webshoppingagg.name" . }} release: {{ .Release.Name }} - {{ if .Values.inf.mesh.enabled -}} + {{ if .Values.inf.mesh.linkerd -}} annotations: linkerd.io/inject: enabled {{- end }} diff --git a/deploy/k8s/helm/webshoppingagg/templates/ingress.yaml b/deploy/k8s/helm/webshoppingagg/templates/ingress.yaml index 5e2b4ef78f..c4780fb11b 100644 --- a/deploy/k8s/helm/webshoppingagg/templates/ingress.yaml +++ b/deploy/k8s/helm/webshoppingagg/templates/ingress.yaml @@ -1,4 +1,4 @@ -{{- if and .Values.ingress.enabled (not .Values.inf.k8s.istio) -}} +{{- if and .Values.ingress.enabled (not .Values.inf.mesh.istio) -}} {{- $ingressPath := include "pathBase" . -}} {{- $serviceName := .Values.app.svc.webshoppingagg -}} apiVersion: networking.k8s.io/v1 @@ -17,7 +17,7 @@ metadata: {{- if and .Values.inf.tls.enabled .Values.inf.tls.issuer }} cert-manager.io/issuer: {{ .Values.inf.tls.issuer }} {{- end }} -{{- if .Values.inf.mesh.enabled }} +{{- if .Values.inf.mesh.linkerd }} {{- with .Values.ingress.mesh.annotations }} {{ toYaml . | indent 4 }} {{- end }} diff --git a/deploy/k8s/helm/webshoppingagg/templates/ingresss-istio.yaml b/deploy/k8s/helm/webshoppingagg/templates/ingresss-istio.yaml index 497be90715..c8d0396994 100644 --- a/deploy/k8s/helm/webshoppingagg/templates/ingresss-istio.yaml +++ b/deploy/k8s/helm/webshoppingagg/templates/ingresss-istio.yaml @@ -1,5 +1,5 @@ {{- if .Values.ingress.enabled -}} -{{- if .Values.inf.k8s.istio -}} +{{- if .Values.inf.mesh.istio -}} {{- $ingressPath := include "pathBase" . -}} {{- $serviceName := .Values.app.svc.webshoppingagg -}} apiVersion: networking.istio.io/v1alpha3 @@ -15,7 +15,7 @@ metadata: annotations: cert-manager.io/issuer: {{ .Values.inf.tls.issuer }} {{- end }} -{{- if .Values.inf.mesh.enabled }} +{{- if .Values.inf.mesh.istio }} {{- with .Values.ingress.mesh.annotations }} {{ toYaml . | indent 4 }} {{- end }} @@ -26,7 +26,9 @@ spec: - {{ . }} {{- end }} gateways: - - {{ .Values.ingress.gatewayName }} + {{- range .Values.ingress.gateways }} + - {{ . }} + {{- end }} http: {{- range .Values.ingress.hosts }} - route: diff --git a/deploy/k8s/helm/webspa/templates/deployment.yaml b/deploy/k8s/helm/webspa/templates/deployment.yaml index 4cffcdb8f1..c42b325507 100644 --- a/deploy/k8s/helm/webspa/templates/deployment.yaml +++ b/deploy/k8s/helm/webspa/templates/deployment.yaml @@ -21,7 +21,7 @@ spec: labels: app: {{ template "webspa.name" . }} release: {{ .Release.Name }} - {{ if .Values.inf.mesh.enabled -}} + {{ if .Values.inf.mesh.linkerd -}} annotations: linkerd.io/inject: enabled {{- end }} diff --git a/deploy/k8s/helm/webspa/templates/ingress.yaml b/deploy/k8s/helm/webspa/templates/ingress.yaml index 4c8ce4c1d2..6f76a09b79 100644 --- a/deploy/k8s/helm/webspa/templates/ingress.yaml +++ b/deploy/k8s/helm/webspa/templates/ingress.yaml @@ -1,4 +1,4 @@ -{{- if and .Values.ingress.enabled (not .Values.inf.k8s.istio) -}} +{{- if and .Values.ingress.enabled (not .Values.inf.mesh.istio) -}} {{- $ingressPath := include "pathBase" . -}} {{- $serviceName := $.Values.app.svc.spa -}} @@ -18,7 +18,7 @@ metadata: {{- if and .Values.inf.tls.enabled .Values.inf.tls.issuer }} cert-manager.io/issuer: {{ .Values.inf.tls.issuer }} {{- end }} -{{- if .Values.inf.mesh.enabled }} +{{- if .Values.inf.mesh.linkerd }} {{- with .Values.ingress.mesh.annotations }} {{ toYaml . | indent 4 }} {{- end }} diff --git a/deploy/k8s/helm/webspa/templates/ingresss-istio.yaml b/deploy/k8s/helm/webspa/templates/ingresss-istio.yaml index eb965a6fdb..a060029e3b 100644 --- a/deploy/k8s/helm/webspa/templates/ingresss-istio.yaml +++ b/deploy/k8s/helm/webspa/templates/ingresss-istio.yaml @@ -1,5 +1,5 @@ {{- if .Values.ingress.enabled -}} -{{- if .Values.inf.k8s.istio -}} +{{- if .Values.inf.mesh.istio -}} {{- $ingressPath := include "pathBase" . -}} {{- $serviceName := $.Values.app.svc.spa -}} apiVersion: networking.istio.io/v1alpha3 @@ -15,7 +15,7 @@ metadata: annotations: cert-manager.io/issuer: {{ .Values.inf.tls.issuer }} {{- end }} -{{- if .Values.inf.mesh.enabled }} +{{- if .Values.inf.mesh.istio }} {{- with .Values.ingress.mesh.annotations }} {{ toYaml . | indent 4 }} {{- end }} @@ -26,7 +26,9 @@ spec: - {{ . }} {{- end }} gateways: - - {{ .Values.ingress.gatewayName }} + {{- range .Values.ingress.gateways }} + - {{ . }} + {{- end }} http: {{- range .Values.ingress.hosts }} - route: diff --git a/deploy/k8s/helm/webstatus/templates/deployment.yaml b/deploy/k8s/helm/webstatus/templates/deployment.yaml index 33ab7e0567..73358a5e24 100644 --- a/deploy/k8s/helm/webstatus/templates/deployment.yaml +++ b/deploy/k8s/helm/webstatus/templates/deployment.yaml @@ -21,7 +21,7 @@ spec: labels: app: {{ template "webstatus.name" . }} release: {{ .Release.Name }} - {{ if .Values.inf.mesh.enabled -}} + {{ if .Values.inf.mesh.linkerd -}} annotations: linkerd.io/inject: enabled {{- end }} diff --git a/deploy/k8s/helm/webstatus/templates/ingress.yaml b/deploy/k8s/helm/webstatus/templates/ingress.yaml index e37091a419..11aae28320 100644 --- a/deploy/k8s/helm/webstatus/templates/ingress.yaml +++ b/deploy/k8s/helm/webstatus/templates/ingress.yaml @@ -1,4 +1,4 @@ -{{- if and .Values.ingress.enabled (not .Values.inf.k8s.istio) -}} +{{- if and .Values.ingress.enabled (not .Values.inf.mesh.istio) -}} {{- $fullName := include "webstatus.fullname" . -}} {{- $ingressPath := include "pathBase" . -}} {{- $serviceName := $.Values.app.svc.status -}} @@ -19,7 +19,7 @@ metadata: {{- if and .Values.inf.tls.enabled .Values.inf.tls.issuer }} cert-manager.io/issuer: {{ .Values.inf.tls.issuer }} {{- end }} -{{- if .Values.inf.mesh.enabled }} +{{- if .Values.inf.mesh.linkerd }} {{- with .Values.ingress.mesh.annotations }} {{ toYaml . | indent 4 }} {{- end }} diff --git a/deploy/k8s/helm/webstatus/templates/ingresss-istio.yaml b/deploy/k8s/helm/webstatus/templates/ingresss-istio.yaml index c4ef54ba3f..8df228f4bf 100644 --- a/deploy/k8s/helm/webstatus/templates/ingresss-istio.yaml +++ b/deploy/k8s/helm/webstatus/templates/ingresss-istio.yaml @@ -1,5 +1,5 @@ {{- if .Values.ingress.enabled -}} -{{- if .Values.inf.k8s.istio -}} +{{- if .Values.inf.mesh.istio -}} {{- $ingressPath := include "pathBase" . -}} {{- $serviceName := $.Values.app.svc.status -}} apiVersion: networking.istio.io/v1alpha3 @@ -15,7 +15,7 @@ metadata: annotations: cert-manager.io/issuer: {{ .Values.inf.tls.issuer }} {{- end }} -{{- if .Values.inf.mesh.enabled }} +{{- if .Values.inf.mesh.istio }} {{- with .Values.ingress.mesh.annotations }} {{ toYaml . | indent 4 }} {{- end }} @@ -26,7 +26,9 @@ spec: - {{ . }} {{- end }} gateways: - - {{ .Values.ingress.gatewayName }} + {{- range .Values.ingress.gateways }} + - {{ . }} + {{- end }} http: {{- range .Values.ingress.hosts }} - route: From a2b39be5193b9b2d8e7a8b16b389dfcad14b2faa Mon Sep 17 00:00:00 2001 From: maddadder Date: Wed, 27 Sep 2023 13:27:24 -0700 Subject: [PATCH 16/16] update bash script to match pwsh script equivelent --- deploy/k8s/helm/deploy-all.sh | 91 +++++++++++++++++++++++++++++++---- 1 file changed, 82 insertions(+), 9 deletions(-) mode change 100644 => 100755 deploy/k8s/helm/deploy-all.sh diff --git a/deploy/k8s/helm/deploy-all.sh b/deploy/k8s/helm/deploy-all.sh old mode 100644 new mode 100755 index 704dffe923..ac5b9aff2b --- a/deploy/k8s/helm/deploy-all.sh +++ b/deploy/k8s/helm/deploy-all.sh @@ -43,10 +43,20 @@ Parameters: The Docker username used to logon to the custom registry, supplied using the -r parameter. --use-local-k8s Deploy to a locally installed Kubernetes (default: false). - --use-mesh + --use-linkerd Use Linkerd as service mesh + --use-istio + Use Istio as service mesh + --ingress-mesh-annotations-file ) + e.g. ingress_values_istio.yaml --image-pull-policy Image Pull Policy: Always, IfNotPresent, Never (default: Always) + --ssl-enabled + Enable SSL for the application. + --ssl-support + SSL support: prod, staging, custom, none (default) + --tls-secret-name + The name of the ssl cert. It is assumed that the Kubernetes cluster has been granted access to the container registry. If using AKS and ACR see link for more info: @@ -76,9 +86,17 @@ push_images='' skip_infrastructure='' use_local_k8s='' namespace='eshop' -use_mesh='false' -ingressMeshAnnotationsFile='ingress_values_linkerd.yaml' +use_linkerd='' +use_istio='' +istio_gateway_name='istio-system/default-gateway' +ingress_mesh_annotations_file='ingress_values_linkerd.yaml' imagePullPolicy='Always' +ssl_enabled=false +ssl_issuer="" +ssl_support="none" +ssl_options="" +tls_secret_name='eshop-tls-custom' + while [[ $# -gt 0 ]]; do case "$1" in @@ -114,10 +132,22 @@ while [[ $# -gt 0 ]]; do use_local_k8s='yes'; shift ;; --namespace ) namespace="$2"; shift 2;; - --use-mesh ) - use_mesh='true'; shift ;; + --use-linkerd ) + use_linkerd='yes'; shift ;; + --use-istio ) + use_istio='yes'; shift ;; + --istio-gateway-name ) + istio_gateway_name="$2"; shift 2;; + --ingress-mesh-annotations-file ) + ingress_mesh_annotations_file="$2"; shift 2;; --image-pull-policy ) imagePullPolicy="$2"; shift 2;; + --ssl-enabled ) + ssl_enabled='yes'; shift ;; + --ssl-support ) + ssl_support="$2"; shift 2 ;; + --tls-secret-name ) + tls_secret_name="$2"; shift 2;; *) echo "Unknown option $1" usage; exit 2 ;; @@ -144,6 +174,40 @@ if [[ $build_images ]]; then docker rmi $(docker images -qf "dangling=true") fi +case "$ssl_support" in + "staging") + ssl_enabled=true + tls_secret_name="eshop-letsencrypt-staging" + ssl_issuer="letsencrypt-staging" + ;; + "prod") + ssl_enabled=true + tls_secret_name="eshop-letsencrypt-prod" + ssl_issuer="letsencrypt-prod" + ;; + "custom") + ssl_enabled=true + ;; +esac + +if [ -z "$dns" ]; then + echo "No DNS specified. Ingress resources will be bound to public IP" >&2 + if [ $ssl_enabled ]; then + echo "Can't bind SSL to public IP. DNS is mandatory when using TLS" >&2 + exit 1 + fi +fi + +if [[ $use_istio && $use_linkerd ]]; then + echo "You cannot enable both Istio and Linkerd." >&2 + exit 1 +fi + +if [[ $use_local_k8s && $ssl_enabled ]]; then + echo "SSL cannot be enabled on local K8s." >&2 + exit 1 +fi + use_custom_registry='' if [[ -n $container_registry ]]; then @@ -223,6 +287,15 @@ if [[ $clean ]]; then fi fi +if [ "$ssl_enabled" == 'yes' ]; then + ssl_options="--set ingress.tls[0].secretName=$tls_secret_name --set ingress.tls[0].hosts={$dns}" + + if [ "$ssl_support" != "custom" ]; then + ssl_options="--set inf.tls.issuer=$ssl_issuer" + fi +fi + + echo "#################### Begin $app_name installation using Helm ####################" infras=(sql-data nosql-data rabbitmq keystore-data basket-data) charts=(eshop-common basket-api catalog-api identity-api mobileshoppingagg ordering-api ordering-backgroundtasks ordering-signalrhub payment-api webmvc webshoppingagg webspa webstatus webhooks-api webhooks-web) @@ -232,7 +305,7 @@ if [[ !$skip_infrastructure ]]; then for infra in "${infras[@]}" do echo "Installing infrastructure: $infra" - helm install "$app_name-$infra" --namespace $namespace --set "ingress.hosts={$dns}" --values app.yaml --values inf.yaml --values $ingress_values_file --values $ingressMeshAnnotationsFile --set app.name=$app_name --set inf.k8s.dns=$dns $infra --set inf.mesh.enabled=$use_mesh + helm install "$app_name-$infra" --namespace $namespace --set "ingress.hosts={$dns}" --set "ingress.gateways={$istio_gateway_name}" --values app.yaml --values inf.yaml --values $ingress_values_file --values $ingress_mesh_annotations_file --set app.name=$app_name --set inf.k8s.dns=$dns $infra --set inf.mesh.linkerd=$use_linkerd --set inf.mesh.istio=$use_istio --set inf.tls.enabled=$ssl_enabled $ssl_options done fi @@ -240,16 +313,16 @@ for chart in "${charts[@]}" do echo "Installing: $chart" if [[ $use_custom_registry ]]; then - helm install "$app_name-$chart" --namespace $namespace --set "ingress.hosts={$dns}" --set inf.registry.server=$container_registry --set inf.registry.login=$docker_username --set inf.registry.pwd=$docker_password --set inf.registry.secretName=eshop-docker-scret --values app.yaml --values inf.yaml --values $ingress_values_file --values $ingressMeshAnnotationsFile --set app.name=$app_name --set inf.k8s.dns=$dns --set image.tag=$image_tag --set image.pullPolicy=$imagePullPolicy $chart --set inf.mesh.enabled=$use_mesh + helm install "$app_name-$chart" --namespace $namespace --set "ingress.hosts={$dns}" --set "ingress.gateways={$istio_gateway_name}" --set inf.registry.server=$container_registry --set inf.registry.login=$docker_username --set inf.registry.pwd=$docker_password --set inf.registry.secretName=eshop-docker-scret --values app.yaml --values inf.yaml --values $ingress_values_file --values $ingress_mesh_annotations_file --set app.name=$app_name --set inf.k8s.dns=$dns --set image.tag=$image_tag --set image.pullPolicy=$imagePullPolicy $chart --set inf.mesh.linkerd=$use_linkerd --set inf.mesh.istio=$use_istio --set inf.tls.enabled=$ssl_enabled $ssl_options elif [[ $chart != "eshop-common" ]]; then # eshop-common is ignored when no secret must be deployed - helm install "$app_name-$chart" --namespace $namespace --set "ingress.hosts={$dns}" --values app.yaml --values inf.yaml --values $ingress_values_file --values $ingressMeshAnnotationsFile --set app.name=$app_name --set inf.k8s.dns=$dns --set image.tag=$image_tag --set image.pullPolicy=$imagePullPolicy $chart --set inf.mesh.enabled=$use_mesh + helm install "$app_name-$chart" --namespace $namespace --set "ingress.hosts={$dns}" --set "ingress.gateways={$istio_gateway_name}" --values app.yaml --values inf.yaml --values $ingress_values_file --values $ingress_mesh_annotations_file --set app.name=$app_name --set inf.k8s.dns=$dns --set image.tag=$image_tag --set image.pullPolicy=$imagePullPolicy $chart --set inf.mesh.linkerd=$use_linkerd --set inf.mesh.istio=$use_istio --set inf.tls.enabled=$ssl_enabled $ssl_options fi done for gw in "${gateways[@]}" do echo "Installing gateway: $gw" - helm install "$app_name-$gw" --namespace $namespace --set "ingress.hosts={$dns}" --values app.yaml --values inf.yaml --values $ingress_values_file --set app.name=$app_name --set inf.k8s.dns=$dns --set image.pullPolicy=$imagePullPolicy $gw + helm install "$app_name-$gw" --namespace $namespace --set "ingress.hosts={$dns}" --set "ingress.gateways={$istio_gateway_name}" --values app.yaml --values inf.yaml --values $ingress_values_file --values $ingress_mesh_annotations_file --set app.name=$app_name --set inf.k8s.dns=$dns --set image.pullPolicy=$imagePullPolicy --set inf.tls.enabled=$ssl_enabled $ssl_options --set inf.mesh.linkerd=$use_linkerd --set inf.mesh.istio=$use_istio $gw done echo "FINISHED: Helm charts installed." \ No newline at end of file