Add support for more then one suffix domain

This commit is contained in:
ToMe25 2021-10-22 18:40:29 +01:00 committed by Carlos Eduardo
parent c0807b6477
commit 514aa37f9a
3 changed files with 37 additions and 31 deletions

View File

@ -7,9 +7,10 @@ local vars = import 'vars.jsonnet';
namespace: 'monitoring',
urls+:: {
prom_ingress: 'prometheus.' + vars.suffixDomain,
alert_ingress: 'alertmanager.' + vars.suffixDomain,
grafana_ingress: 'grafana.' + vars.suffixDomain,
domains: [vars.suffixDomain] + vars.additionalDomains,
prom_ingress: ['prometheus.' + domain for domain in $._config.urls.domains],
alert_ingress: ['alertmanager.' + domain for domain in $._config.urls.domains],
grafana_ingress: ['grafana.' + domain for domain in $._config.urls.domains],
grafana_ingress_external: 'grafana.' + vars.suffixDomain,
},
@ -76,7 +77,7 @@ local vars = import 'vars.jsonnet';
retention: vars.prometheus.retention,
scrapeInterval: vars.prometheus.scrapeInterval,
scrapeTimeout: vars.prometheus.scrapeTimeout,
externalUrl: 'http://' + $._config.urls.prom_ingress,
externalUrl: 'http://' + $._config.urls.prom_ingress[0],
}
+ (if vars.enablePersistence.prometheus then {
storage: {
@ -139,9 +140,9 @@ local vars = import 'vars.jsonnet';
local I = utils.newIngress('alertmanager-main', $._config.namespace, $._config.urls.alert_ingress, '/', 'alertmanager-main', 'web');
if vars.TLSingress then
if vars.UseProvidedCerts then
utils.addIngressTLS(I, 'ingress-secret')
utils.addIngressTLS(I, $._config.urls.alert_ingress, 'ingress-secret')
else
utils.addIngressTLS(I)
utils.addIngressTLS(I, $._config.urls.alert_ingress)
else
I,
@ -149,9 +150,9 @@ local vars = import 'vars.jsonnet';
local I = utils.newIngress('grafana', $._config.namespace, $._config.urls.grafana_ingress, '/', 'grafana', 'http');
if vars.TLSingress then
if vars.UseProvidedCerts then
utils.addIngressTLS(I, 'ingress-secret')
utils.addIngressTLS(I, $._config.urls.grafana_ingress, 'ingress-secret')
else
utils.addIngressTLS(I)
utils.addIngressTLS(I, $._config.urls.grafana_ingress)
else
I,
@ -159,9 +160,9 @@ local vars = import 'vars.jsonnet';
local I = utils.newIngress('prometheus-k8s', $._config.namespace, $._config.urls.prom_ingress, '/', 'prometheus-k8s', 'web');
if vars.TLSingress then
if vars.UseProvidedCerts then
utils.addIngressTLS(I, 'ingress-secret')
utils.addIngressTLS(I, $._config.urls.prom_ingress, 'ingress-secret')
else
utils.addIngressTLS(I)
utils.addIngressTLS(I, $._config.urls.prom_ingress)
else
I,

View File

@ -91,7 +91,7 @@ local k = import 'ksonnet/ksonnet.beta.4/k.libsonnet';
),
// Creates ingress objects
newIngress(name, namespace, host, path, serviceName, servicePort):: (
newIngress(name, namespace, hosts, path, serviceName, servicePort):: (
{
apiVersion: 'networking.k8s.io/v1',
kind: 'Ingress',
@ -100,25 +100,28 @@ local k = import 'ksonnet/ksonnet.beta.4/k.libsonnet';
namespace: namespace,
},
spec: {
rules: [
rules: [$.newIngressHost(host, path, serviceName, servicePort) for host in hosts],
},
}
),
// Add host to Ingress resource
newIngressHost(host, path, serviceName, servicePort):: (
{
host: host,
http: {
paths: [
{
host: host,
http: {
paths: [
{
backend: {
service: {
name: serviceName,
port: {
name: servicePort,
},
},
},
path: path,
pathType: 'Prefix',
backend: {
service: {
name: serviceName,
port: {
name: servicePort,
},
],
},
},
path: path,
pathType: 'Prefix',
},
],
},
@ -126,16 +129,15 @@ local k = import 'ksonnet/ksonnet.beta.4/k.libsonnet';
),
// Add TLS to Ingress resource with secret containing the certificates if exists
addIngressTLS(I, S=''):: (
addIngressTLS(I, hosts, secretName=''):: (
local ingress = k.networking.v1beta1.ingress;
local ingressTls = ingress.mixin.spec.tlsType;
local host = I.spec.rules[0].host;
local namespace = I.metadata.namespace;
I + ingress.mixin.spec.withTls(
ingressTls.new() +
ingressTls.withHosts(host) +
(if S != '' then { secretName: S } else {})
ingressTls.withHosts(hosts) +
(if secretName != '' then { secretName: secretName } else {})
)
),

View File

@ -54,6 +54,9 @@
// Domain suffix for the ingresses
suffixDomain: '192.168.1.15.nip.io',
// Additional domain suffixes for the ingresses.
// For example suffixDomain could be an external one and this a local domain.
additionalDomains: [],
// If TLSingress is true, a self-signed HTTPS ingress with redirect will be created
TLSingress: true,
// If UseProvidedCerts is true, provided files will be used on created HTTPS ingresses.