Change smarter-k3s-edge to 0.0.7

alexandref75 · alexandref75 · commit af0737d23f2a · 2023-03-23T15:25:04.000-05:00
Signed-off-by: Alexandre Peixoto Ferreira &lt;alexandre.ferreira@arm.com&gt;
diff --git a/charts/smarter-k3s-edge/Chart.yaml b/charts/smarter-k3s-edge/Chart.yaml
@@ -1,6 +1,6 @@
 apiVersion: v2
 name: smarter-k3s-edge
-version: 0.0.6
+version: 0.0.7
 type: application
 appVersion: v1.25.3-k3s1
 description: K3s server on kubernetes
diff --git a/charts/smarter-k3s-edge/templates/common.yaml b/charts/smarter-k3s-edge/templates/common.yaml
@@ -1,4 +1,4 @@
-{{- if .Values.configuration.portHTTPS }}
+{{- if or .Values.configuration.portHTTP .Values.configuration.portHTTPS }}
 apiVersion: v1
 kind: PersistentVolumeClaim
 metadata:
@@ -46,14 +46,14 @@ data:
     
         #gzip  on;
     
-        server {
-            listen 80 default_server;
-            listen [::]:80 default_server;
-            server_name server_domain_or_IP;
-            return 302 https://$server_name$request_uri;
-        }
         server {
             disable_symlinks off;
+            {{- if .Values.configuration.portHTTP }} 
+            listen {{ .Values.configuration.portHTTP }} default_server;
+            listen [::]:{{ .Values.configuration.portHTTP }} default_server;
+            server_name server_domain_or_IP;
+            {{- end }}
+            {{- if .Values.configuration.portHTTPS }} i
             # SSL configuration
             listen {{ .Values.configuration.portHTTPS }} ssl http2 default_server;
             listen [::]:{{ .Values.configuration.portHTTPS }} ssl http2 default_server;
@@ -71,13 +71,14 @@ data:
             ssl_stapling_verify on;
             resolver 8.8.8.8 8.8.4.4 valid=300s;
             resolver_timeout 5s;
+            ssl_dhparam /etc/ssl/certs/dhparam.pem;
+            {{- end }}
             # Disable preloading HSTS for now.  You can use the commented out header line that includes
             # the "preload" directive if you understand the implications.
             #add_header Strict-Transport-Security "max-age=63072000; includeSubdomains; preload";
             add_header Strict-Transport-Security "max-age=63072000; includeSubdomains";
             add_header X-Frame-Options DENY;
             add_header X-Content-Type-Options nosniff;
-            ssl_dhparam /etc/ssl/certs/dhparam.pem;
             root /var/www/html;
             server_name _;
             location / {
@@ -112,8 +113,13 @@ data:
   k3s-start.sh: |
     #!/bin/bash
     #
+    {{- if .Values.configuration.traefik }}
+    curl -sflkO https://{{ .Values.configuration.host }}.{{ .Values.configuration.domain }}/token.{{ .Values.configuration.id }}
+    curl -sflkO https://{{ .Values.configuration.host }}.{{ .Values.configuration.domain }}/k3s.yaml.{{ .Values.configuration.id }}
+    {{- else }}
     curl -sflkO https://{{ default .Values.configuration.hostIP .Values.configuration.externalHostIP}}:{{ .Values.configuration.portHTTPS }}/token.{{ .Values.configuration.id }}
     curl -sflkO https://{{ default .Values.configuration.hostIP .Values.configuration.externalHostIP}}:{{ .Values.configuration.portHTTPS }}/k3s.yaml.{{ .Values.configuration.id }}
+    {{- end }}
     export INSTALL_K3S_VERSION=$(echo "{{ default .Chart.AppVersion .Values.image.tag }}" | sed -e "s/-k3/+k3/")
     export K3S_TOKEN=$(cat token.{{ .Values.configuration.id }})
     export K3S_URL=$(grep server: k3s.yaml.{{ .Values.configuration.id }} | sed -e "s/^ *.server: *//")
@@ -140,8 +146,10 @@ data:
     #
     apk update
     apk add openssl
+    {{- if .Values.configuration.portHTTPS }} i
     echo -e "US\n\n\nSmarter\n\n"{{ default .Values.configuration.hostIP .Values.configuration.externalHostIP }}"\n\n" | openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/ssl/private/nginx-selfsigned.key -out /etc/ssl/certs/nginx-selfsigned.crt
     openssl dhparam -out /etc/ssl/certs/dhparam.pem 2048
+    {{- end }}
     mkdir -p /var/www/html
     until [ -f /etc/rancher/k3s/k3s.yaml ]
     do
@@ -185,7 +193,7 @@ spec:
                    "--disable","coredns",
                    "--disable","local-storage",
                    "--flannel-backend=none" ]
-        {{- if .Values.configuration.portHTTPS }}
+        {{- if or .Values.configuration.portHTTP .Values.configuration.portHTTPS }}
         volumeMounts:
         - name: k3s-data
           mountPath: /var/lib/rancher/k3s
@@ -194,7 +202,7 @@ spec:
         {{- end }}
         ports:
         - containerPort: {{ .Values.configuration.port }}
-      {{- if .Values.configuration.portHTTPS }}
+      {{- if or .Values.configuration.portHTTP .Values.configuration.portHTTPS }}
       - name: {{ .Values.application.appName }}-nginx
         image: nginx:1.23.2-alpine
         command: [ "/bin/sh",
@@ -207,10 +215,15 @@ spec:
         - name: config
           mountPath: /etc/nginx/conf.d
         ports:
+        {{- if .Values.configuration.portHTTP }}
+        - containerPort: {{ .Values.configuration.portHTTP }}
+        {{- end }}
+        {{- if .Values.configuration.portHTTPS }}
         - containerPort: {{ .Values.configuration.portHTTPS }}
+        {{- end }}
       {{- end }}
       volumes:
-      {{- if .Values.configuration.portHTTPS }}
+      {{- if or .Values.configuration.portHTTP .Values.configuration.portHTTPS }}
       - name: k3s-data
         persistentVolumeClaim:
           claimName: {{ .Values.application.appName }}-data
diff --git a/charts/smarter-k3s-edge/templates/k3s-edge-ingress.yaml b/charts/smarter-k3s-edge/templates/k3s-edge-ingress.yaml
@@ -0,0 +1,25 @@
+{{- if .Values.configuration.traefik }}
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: {{ .Release.Name }}-k3s-edge-ingress
+  annotations:
+    kubernetes.io/ingress.class: traefik
+    cert-manager.io/cluster-issuer: cert-manager-acme-issuer
+spec:
+  rules:
+  - host: {{ .Values.configuration.host }}.{{ .Values.configuration.domain }}
+    http:
+      paths:
+      - path: /
+        pathType: Prefix
+        backend:
+          service:
+            name: {{ .Values.application.appName }}
+            port:
+              number: {{ .Values.configuration.portHTTP }}
+  tls:
+    - secretName: {{ .Release.Name }}-k3s-edge-tls
+      hosts:
+        - {{ .Values.configuration.host }}.{{ .Values.configuration.domain }}
+{{- end }}
diff --git a/charts/smarter-k3s-edge/templates/service.yaml b/charts/smarter-k3s-edge/templates/service.yaml
@@ -11,6 +11,11 @@ spec:
     - protocol: TCP
       port: {{ .Values.configuration.port }}
       name: {{ .Values.application.appName }}
+    {{- if .Values.configuration.portHTTP }}
+    - protocol: TCP
+      port: {{ .Values.configuration.portHTTP }}
+      name: {{ .Values.application.appName }}-http
+    {{- end }}
     {{- if .Values.configuration.portHTTPS }}
     - protocol: TCP
       port: {{ .Values.configuration.portHTTPS }}
diff --git a/charts/smarter-k3s-edge/values.yaml b/charts/smarter-k3s-edge/values.yaml
@@ -10,11 +10,16 @@ image:
   pullPolicy: IfNotPresent
 
 configuration:
+  host: k3s-edge
+  domain: example.com
   hostIP: 192.168.2.222
   # Use this in case of NATed AWS
-  #externalHostIP: 192.168.2.222
+  externalHostIP: 192.168.2.222
   port: 6443
   # Comment to remove NGINX
-  portHTTPS: 6453
+  portHTTP: 80
+  #portHTTPS: 6453
+  # Uncomment to enable traefik ingress
+  #traefik: True
   # Uncomment to enable labeling for smarter-demo
   #smarter_demo_labels: true
