Add support for more then one suffix domain

2024-11-20 19:07:17 +01:00 · 2021-10-22 18:40:29 +01:00 · 2021-10-22 18:40:29 +01:00 · 514aa37f9a
commit 514aa37f9a
parent c0807b6477
3 changed files with 37 additions and 31 deletions
--- a/base_operator_stack.jsonnet
+++ b/base_operator_stack.jsonnet
@ -7,9 +7,10 @@ local vars = import 'vars.jsonnet';
    namespace: 'monitoring',
    urls+:: {
-      prom_ingress: 'prometheus.' + vars.suffixDomain,
+      domains: [vars.suffixDomain] + vars.additionalDomains,
-      alert_ingress: 'alertmanager.' + vars.suffixDomain,
+      prom_ingress: ['prometheus.' + domain for domain in $._config.urls.domains],
-      grafana_ingress: 'grafana.' + vars.suffixDomain,
+      alert_ingress: ['alertmanager.' + domain for domain in $._config.urls.domains],
      grafana_ingress: ['grafana.' + domain for domain in $._config.urls.domains],
      grafana_ingress_external: 'grafana.' + vars.suffixDomain,
    },
@ -76,7 +77,7 @@ local vars = import 'vars.jsonnet';
               retention: vars.prometheus.retention,
               scrapeInterval: vars.prometheus.scrapeInterval,
               scrapeTimeout: vars.prometheus.scrapeTimeout,
-               externalUrl: 'http://' + $._config.urls.prom_ingress,
+               externalUrl: 'http://' + $._config.urls.prom_ingress[0],
             }
             + (if vars.enablePersistence.prometheus then {
                  storage: {
@ -139,9 +140,9 @@ local vars = import 'vars.jsonnet';
      local I = utils.newIngress('alertmanager-main', $._config.namespace, $._config.urls.alert_ingress, '/', 'alertmanager-main', 'web');
      if vars.TLSingress then
        if vars.UseProvidedCerts then
-          utils.addIngressTLS(I, 'ingress-secret')
+          utils.addIngressTLS(I, $._config.urls.alert_ingress, 'ingress-secret')
        else
-          utils.addIngressTLS(I)
+          utils.addIngressTLS(I, $._config.urls.alert_ingress)
      else
        I,
@ -149,9 +150,9 @@ local vars = import 'vars.jsonnet';
      local I = utils.newIngress('grafana', $._config.namespace, $._config.urls.grafana_ingress, '/', 'grafana', 'http');
      if vars.TLSingress then
        if vars.UseProvidedCerts then
-          utils.addIngressTLS(I, 'ingress-secret')
+          utils.addIngressTLS(I, $._config.urls.grafana_ingress, 'ingress-secret')
        else
-          utils.addIngressTLS(I)
+          utils.addIngressTLS(I, $._config.urls.grafana_ingress)
      else
        I,
@ -159,9 +160,9 @@ local vars = import 'vars.jsonnet';
      local I = utils.newIngress('prometheus-k8s', $._config.namespace, $._config.urls.prom_ingress, '/', 'prometheus-k8s', 'web');
      if vars.TLSingress then
        if vars.UseProvidedCerts then
-          utils.addIngressTLS(I, 'ingress-secret')
+          utils.addIngressTLS(I, $._config.urls.prom_ingress, 'ingress-secret')
        else
-          utils.addIngressTLS(I)
+          utils.addIngressTLS(I, $._config.urls.prom_ingress)
      else
        I,
--- a/utils.libsonnet
+++ b/utils.libsonnet
@ -91,7 +91,7 @@ local k = import 'ksonnet/ksonnet.beta.4/k.libsonnet';
  ),
  // Creates ingress objects
-  newIngress(name, namespace, host, path, serviceName, servicePort):: (
+  newIngress(name, namespace, hosts, path, serviceName, servicePort):: (
    {
      apiVersion: 'networking.k8s.io/v1',
      kind: 'Ingress',
@ -100,25 +100,28 @@ local k = import 'ksonnet/ksonnet.beta.4/k.libsonnet';
        namespace: namespace,
      },
      spec: {
-        rules: [
+        rules: [$.newIngressHost(host, path, serviceName, servicePort) for host in hosts],
      },
    }
  ),
  // Add host to Ingress resource
  newIngressHost(host, path, serviceName, servicePort):: (
    {
      host: host,
      http: {
        paths: [
          {
-            host: host,
+            backend: {
-            http: {
+              service: {
-              paths: [
+                name: serviceName,
-                {
+                port: {
-                  backend: {
+                  name: servicePort,
                    service: {
                      name: serviceName,
                      port: {
                        name: servicePort,
                      },
                    },
                  },
                  path: path,
                  pathType: 'Prefix',
                },
-              ],
+              },
            },
            path: path,
            pathType: 'Prefix',
          },
        ],
      },
@ -126,16 +129,15 @@ local k = import 'ksonnet/ksonnet.beta.4/k.libsonnet';
  ),
  // Add TLS to Ingress resource with secret containing the certificates if exists
-  addIngressTLS(I, S=''):: (
+  addIngressTLS(I, hosts, secretName=''):: (
    local ingress = k.networking.v1beta1.ingress;
    local ingressTls = ingress.mixin.spec.tlsType;
    local host = I.spec.rules[0].host;
    local namespace = I.metadata.namespace;
    I + ingress.mixin.spec.withTls(
      ingressTls.new() +
-      ingressTls.withHosts(host) +
+      ingressTls.withHosts(hosts) +
-      (if S != '' then { secretName: S } else {})
+      (if secretName != '' then { secretName: secretName } else {})
    )
  ),
--- a/vars.jsonnet
+++ b/vars.jsonnet
@ -54,6 +54,9 @@
  // Domain suffix for the ingresses
  suffixDomain: '192.168.1.15.nip.io',
  // Additional domain suffixes for the ingresses.
  // For example suffixDomain could be an external one and this a local domain.
  additionalDomains: [],
  // If TLSingress is true, a self-signed HTTPS ingress with redirect will be created
  TLSingress: true,
  // If UseProvidedCerts is true, provided files will be used on created HTTPS ingresses.