-
-
Notifications
You must be signed in to change notification settings - Fork 81
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
3 changed files
with
176 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,39 @@ | ||
| installed: false | ||
|
|
||
| server_name: echo-server | ||
|
|
||
| ingress_api: networking.k8s.io/v1beta1 | ||
|
|
||
| # Hostname will be set by: | ||
| # printf .Values.hostname_template .Values.stage .Values.environment | ||
| hostname_template: "echo.%v.%v.example.com" | ||
|
|
||
| # Set aws_load_balancer_controller_enabled: true to turn on | ||
| # configuration specific to https://github.com/kubernetes-sigs/aws-load-balancer-controller v2 | ||
| aws_load_balancer_controller_enabled: true | ||
| ingress_class: "alb" | ||
| # For nginx, use | ||
| # aws_load_balancer_controller_enabled: false | ||
| # ingress_class: "nginx" | ||
|
|
||
| alb_certificate_autodiscovery_enabled: true | ||
|
|
||
| forecastle_enabled: false | ||
| forecastle_annotations: | ||
| expose: "true" | ||
| appName: "echo server exposed directly to internet" | ||
| icon: "https://cloudposse.com/wp-content/uploads/2020/12/echoserver.png" | ||
| instance: "default" | ||
| group: "portal" | ||
|
|
||
| tls_enabled: true | ||
| tls_certificate_cluster_issuer: "" # for Jetstack cert-manager, e.g. "letsencrypt-prod" | ||
| # Leave tls_secret_name blank to not include a secret, e.g. for ALB auto-discovery | ||
| tls_secret_name: echo-server-tls | ||
|
|
||
| # set alb_ssl_redirect_enabled to true to make HTTP redirect to HTTPS | ||
| alb_ssl_redirect_enabled: true | ||
| # service_type defaults to NodePort (required for aws-load-balancer), | ||
| # You can set to ClusterIP with: | ||
| # | ||
| # service_type: ClusterIP |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,12 @@ | ||
| environments: | ||
| default: | ||
| values: | ||
| - defaults.yaml | ||
| ## Add additional environments with value overrides like this: | ||
| # production_east: | ||
| # values: | ||
| # - defaults.yaml | ||
| # - east.yaml | ||
| # - production.yaml | ||
| # | ||
| # See https://github.com/roboll/helmfile#environment for details |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,125 @@ | ||
| bases: | ||
| - environments.yaml | ||
| --- | ||
| repositories: | ||
| # Repo of new Kubernetes charts in development | ||
| - name: "kubernetes-incubator" | ||
| url: "https://charts.helm.sh/incubator" | ||
|
|
||
| releases: | ||
| ############################################################################### | ||
| ## Ingress #################################################################### | ||
| ## Use Kubernetes raw chart to deploy the echo server # | ||
| ## https://github.com/helm/charts/tree/master/incubator/raw # | ||
| ############################################################################### | ||
| - name: {{ .Values.server_name }} | ||
| chart: "kubernetes-incubator/raw" | ||
| namespace: "echo" | ||
| createNamespace: true | ||
| version: "0.2.3" | ||
| wait: true | ||
| atomic: true | ||
| cleanupOnFail: true | ||
| installed: {{ .Values.installed }} | ||
| values: | ||
| - resources: | ||
| - apiVersion: apps/v1 | ||
| kind: Deployment | ||
| metadata: | ||
| name: {{ .Values.server_name }} | ||
| labels: | ||
| app: {{ .Values.server_name }} | ||
| spec: | ||
| replicas: 1 | ||
| selector: | ||
| matchLabels: | ||
| app: {{ .Values.server_name }} | ||
| template: | ||
| metadata: | ||
| name: {{ .Values.server_name }} | ||
| labels: | ||
| app: {{ .Values.server_name }} | ||
| spec: | ||
| containers: | ||
| - name: {{ .Values.server_name }} | ||
| image: gcr.io/google_containers/echoserver:1.10 | ||
| imagePullPolicy: Always | ||
| ports: | ||
| - name: default | ||
| containerPort: 8080 | ||
| protocol: TCP | ||
| - apiVersion: v1 | ||
| kind: Service | ||
| metadata: | ||
| name: {{ .Values.server_name }} | ||
| spec: | ||
| type: {{ index .Values "service_type" | default "NodePort" }} | ||
| ports: | ||
| - targetPort: default | ||
| port: 80 | ||
| protocol: TCP | ||
| name: http | ||
| selector: | ||
| app: {{ .Values.server_name }} | ||
|
|
||
| - apiVersion: {{ .Values.ingress_api }} | ||
| # Not yet supported by Forecastle: apiVersion: networking.k8s.io/v1beta1 | ||
| # See https://github.com/stakater/Forecastle/issues/128 | ||
| kind: Ingress | ||
| metadata: | ||
| annotations: | ||
| kubernetes.io/ingress.class: {{ .Values.ingress_class | quote }} | ||
| {{- if eq (printf "%v" .Values.aws_load_balancer_controller_enabled) "true" }} | ||
| alb.ingress.kubernetes.io/scheme: internet-facing | ||
| {{- if eq (printf "%v" .Values.alb_ssl_redirect_enabled) "true" }} | ||
| alb.ingress.kubernetes.io/actions.ssl-redirect: '{"Type": "redirect", "RedirectConfig": { "Protocol": "HTTPS", "Port": "443", "StatusCode": "HTTP_301"}}' | ||
| {{- end }} | ||
| {{- if eq (printf "%v" .Values.tls_enabled) "true" }} | ||
| alb.ingress.kubernetes.io/listen-ports: '[{"HTTP": 80},{"HTTPS":443}]' | ||
| {{- else }} | ||
| alb.ingress.kubernetes.io/listen-ports: '[{"HTTP": 80}]' | ||
| {{- end }} | ||
| {{- end }} | ||
| {{- if (index .Values "tls_certificate_cluster_issuer") }} | ||
| cert-manager.io/cluster-issuer: {{ .Values.tls_certificate_cluster_issuer | quote }} | ||
| {{- end }} | ||
| {{- if .Values.forecastle_enabled }} | ||
| {{- range $key, $value := .Values.forecastle_annotations }} | ||
| {{ printf "forecastle.stakater.com/%v" $key | quote }}: {{ $value | quote }} | ||
| {{- end }} | ||
| {{- end }} | ||
| name: {{ .Values.server_name }} | ||
| spec: | ||
| rules: | ||
| - host: {{ printf .Values.hostname_template .Values.stage .Values.environment }} | ||
| http: | ||
| paths: | ||
| {{- if eq (printf "%v" .Values.aws_load_balancer_controller_enabled) "true" }} | ||
| # Must use implementation specific wildcard paths | ||
| # https://github.com/kubernetes-sigs/aws-load-balancer-controller/issues/1702#issuecomment-736890777 | ||
| {{- if eq (printf "%v" .Values.alb_ssl_redirect_enabled) "true" }} | ||
| - path: /* | ||
| backend: | ||
| serviceName: ssl-redirect | ||
| servicePort: use-annotation | ||
| {{- end }} | ||
| - path: /* | ||
| backend: | ||
| serviceName: {{ .Values.server_name }} | ||
| servicePort: http | ||
| {{- else }} | ||
| - path: / | ||
| backend: | ||
| serviceName: {{ .Values.server_name }} | ||
| servicePort: http | ||
| {{- end }} | ||
| {{- if eq (printf "%v" .Values.tls_enabled) "true" }} | ||
| tls: # < placing a host in the TLS config will indicate a certificate should be created | ||
| - hosts: | ||
| - {{ printf .Values.hostname_template .Values.stage .Values.environment | quote }} | ||
| {{- if eq (printf "%v" .Values.alb_certificate_autodiscovery_enabled) "false" }} | ||
| {{- with .Values.tls_secret_name }} | ||
| secretName: {{ . | quote }} # < cert-manager will store the created certificate in this secret. | ||
| {{- end }} | ||
| {{- end }} | ||
| {{- end }} |