Ingress: support arbitary hostnames.

This PS allows arbitary hostnames to be used for public endpoints, provided the resolve externally to the ingress controllers. Change-Id: I44411687f756968d00178d487af66c2393e6bde0
2018-03-20 16:47:29 -05:00 · 2018-03-20 16:47:29 -05:00 · 6971143048
commit 6971143048
parent 58c297b336
16 changed files with 98 additions and 45 deletions
--- a/barbican/values.yaml
+++ b/barbican/values.yaml
@ -43,11 +43,11 @@ pod:
    barbican:
      uid: 42424
  affinity:
-      anti:
-        type:
-          default: preferredDuringSchedulingIgnoredDuringExecution
-        topologyKey:
-          default: kubernetes.io/hostname
+    anti:
+      type:
+        default: preferredDuringSchedulingIgnoredDuringExecution
+      topologyKey:
+        default: kubernetes.io/hostname
  mounts:
    barbican_api:
      init_container: null
@ -149,8 +149,10 @@ network:
  api:
    ingress:
      public: true
+      classes:
+        namespace: "nginx"
+        cluster: "nginx-cluster"
      annotations:
-        kubernetes.io/ingress.class: "nginx"
        nginx.ingress.kubernetes.io/rewrite-target: /
    external_policy_local: false
    node_port:
--- a/ceilometer/values.yaml
+++ b/ceilometer/values.yaml
@ -62,8 +62,10 @@ network:
  api:
    ingress:
      public: true
+      classes:
+        namespace: "nginx"
+        cluster: "nginx-cluster"
      annotations:
-        kubernetes.io/ingress.class: "nginx"
        nginx.ingress.kubernetes.io/rewrite-target: /
    port: 8777
    node_port:
--- a/cinder/values.yaml
+++ b/cinder/values.yaml
@ -246,8 +246,10 @@ network:
  api:
    ingress:
      public: true
+      classes:
+        namespace: "nginx"
+        cluster: "nginx-cluster"
      annotations:
-        kubernetes.io/ingress.class: "nginx"
        nginx.ingress.kubernetes.io/rewrite-target: /
    external_policy_local: false
    node_port:
--- a/congress/values.yaml
+++ b/congress/values.yaml
@ -54,8 +54,10 @@ network:
  api:
    ingress:
      public: true
+      classes:
+        namespace: "nginx"
+        cluster: "nginx-cluster"
      annotations:
-        kubernetes.io/ingress.class: "nginx"
        nginx.ingress.kubernetes.io/rewrite-target: /
    node_port:
      enabled: false
--- a/glance/values.yaml
+++ b/glance/values.yaml
@ -286,8 +286,10 @@ network:
  api:
    ingress:
      public: true
+      classes:
+        namespace: "nginx"
+        cluster: "nginx-cluster"
      annotations:
-        kubernetes.io/ingress.class: "nginx"
        nginx.ingress.kubernetes.io/rewrite-target: /
        nginx.ingress.kubernetes.io/proxy-body-size: "1024M"
    external_policy_local: false
@ -297,8 +299,10 @@ network:
  registry:
    ingress:
      public: true
+      classes:
+        namespace: "nginx"
+        cluster: "nginx-cluster"
      annotations:
-        kubernetes.io/ingress.class: "nginx"
        nginx.ingress.kubernetes.io/rewrite-target: /
    external_policy_local: false
    node_port:
--- a/gnocchi/values.yaml
+++ b/gnocchi/values.yaml
@ -40,8 +40,10 @@ network:
  api:
    ingress:
      public: true
+      classes:
+        namespace: "nginx"
+        cluster: "nginx-cluster"
      annotations:
-        kubernetes.io/ingress.class: "nginx"
        nginx.ingress.kubernetes.io/rewrite-target: /
    external_policy_local: false
    node_port:
--- a/heat/values.yaml
+++ b/heat/values.yaml
@ -250,8 +250,10 @@ network:
  api:
    ingress:
      public: true
+      classes:
+        namespace: "nginx"
+        cluster: "nginx-cluster"
      annotations:
-        kubernetes.io/ingress.class: "nginx"
        nginx.ingress.kubernetes.io/rewrite-target: /
    external_policy_local: false
    node_port:
@ -260,8 +262,10 @@ network:
  cfn:
    ingress:
      public: true
+      classes:
+        namespace: "nginx"
+        cluster: "nginx-cluster"
      annotations:
-        kubernetes.io/ingress.class: "nginx"
        nginx.ingress.kubernetes.io/rewrite-target: /
    node_port:
      enabled: false
@ -269,8 +273,10 @@ network:
  cloudwatch:
    ingress:
      public: true
+      classes:
+        namespace: "nginx"
+        cluster: "nginx-cluster"
      annotations:
-        kubernetes.io/ingress.class: "nginx"
        nginx.ingress.kubernetes.io/rewrite-target: /
    node_port:
      enabled: false
--- a/helm-toolkit/templates/manifests/_ingress.yaml.tpl
+++ b/helm-toolkit/templates/manifests/_ingress.yaml.tpl
@ -19,6 +19,19 @@ limitations under the License.
 # {- $ingressOpts := dict "envAll" . "backendServiceType" "key-manager" -}
 # { $ingressOpts | include "helm-toolkit.manifests.ingress" }

+{{- define "helm-toolkit.manifests.ingress._host_rules" -}}
+{{- $vHost := index . "vHost" -}}
+{{- $backendName := index . "backendName" -}}
+{{- $backendPort := index . "backendPort" -}}
+- host: {{ $vHost }}
+  http:
+    paths:
+      - path: /
+        backend:
+          serviceName: {{ $backendName }}
+          servicePort: {{ $backendPort }}
+{{- end }}
+
 {{- define "helm-toolkit.manifests.ingress" -}}
 {{- $envAll := index . "envAll" -}}
 {{- $backendService := index . "backendService" | default "api" -}}
@ -27,7 +40,6 @@ limitations under the License.
 {{- $ingressName := tuple $backendServiceType "public" $envAll | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
 {{- $backendName := tuple $backendServiceType "internal" $envAll | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
 {{- $hostName := tuple $backendServiceType "public" $envAll | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
-{{- $hostNameNamespaced := tuple $backendServiceType "public" $envAll | include "helm-toolkit.endpoints.hostname_namespaced_endpoint_lookup" }}
 {{- $hostNameFull := tuple $backendServiceType "public" $envAll | include "helm-toolkit.endpoints.hostname_fqdn_endpoint_lookup" }}
 ---
 apiVersion: extensions/v1beta1
@ -35,29 +47,27 @@ kind: Ingress
 metadata:
  name: {{ $ingressName }}
  annotations:
+    kubernetes.io/ingress.class: {{ index $envAll.Values.network $backendService "ingress" "classes" "namespace" | quote }}
 {{ toYaml (index $envAll.Values.network $backendService "ingress" "annotations") | indent 4 }}
 spec:
  rules:
-{{ if ne $hostNameNamespaced $hostNameFull }}
-{{- range $key1, $vHost := tuple $hostName $hostNameNamespaced $hostNameFull }}
-  - host: {{ $vHost }}
-    http:
-      paths:
-      - path: /
-        backend:
-          serviceName: {{ $backendName }}
-          servicePort: {{ $backendPort }}
+{{- range $key1, $vHost := tuple $hostName (printf "%s.%s" $hostName $envAll.Release.Namespace) (printf "%s.%s.svc.%s" $hostName $envAll.Release.Namespace $envAll.Values.endpoints.cluster_domain_suffix)}}
+{{- $hostRules := dict "vHost" $vHost "backendName" $backendName "backendPort" $backendPort }}
+{{ $hostRules | include "helm-toolkit.manifests.ingress._host_rules" | indent 4}}
 {{- end }}
-{{- else }}
-{{- range $key1, $vHost := tuple $hostName $hostNameNamespaced }}
-  - host: {{ $vHost }}
-    http:
-      paths:
-      - path: /
-        backend:
-          serviceName: {{ $backendName }}
-          servicePort: {{ $backendPort }}
+{{- if not ( hasSuffix ( printf ".%s.svc.%s" $envAll.Release.Namespace $envAll.Values.endpoints.cluster_domain_suffix) $hostNameFull) }}
+{{- $hostNameFullRules := dict "vHost" $hostNameFull "backendName" $backendName "backendPort" $backendPort }}
+{{ $hostNameFullRules | include "helm-toolkit.manifests.ingress._host_rules" | indent 4}}
+---
+apiVersion: extensions/v1beta1
+kind: Ingress
+metadata:
+  name: {{ $ingressName }}
+  annotations:
+    kubernetes.io/ingress.class: {{ index $envAll.Values.network $backendService "ingress" "classes" "cluster" | quote }}
+{{ toYaml (index $envAll.Values.network $backendService "ingress" "annotations") | indent 4 }}
+spec:
+  rules:
+{{ $hostNameFullRules | include "helm-toolkit.manifests.ingress._host_rules" | indent 4}}
 {{- end }}
 {{- end }}
-
-{{- end }}
--- a/horizon/values.yaml
+++ b/horizon/values.yaml
@ -40,8 +40,10 @@ network:
  dashboard:
    ingress:
      public: true
+      classes:
+        namespace: "nginx"
+        cluster: "nginx-cluster"
      annotations:
-        kubernetes.io/ingress.class: "nginx"
        nginx.ingress.kubernetes.io/rewrite-target: /
  external_policy_local: false
  node_port:
--- a/ironic/values.yaml
+++ b/ironic/values.yaml
@ -111,6 +111,11 @@ network:
  api:
    ingress:
      public: true
+      classes:
+        namespace: "nginx"
+        cluster: "nginx-cluster"
+      annotations:
+        nginx.ingress.kubernetes.io/rewrite-target: /
    node_port:
      enabled: false
      port: 30511
--- a/keystone/values.yaml
+++ b/keystone/values.yaml
@ -60,8 +60,10 @@ network:
  api:
    ingress:
      public: true
+      classes:
+        namespace: "nginx"
+        cluster: "nginx-cluster"
      annotations:
-        kubernetes.io/ingress.class: "nginx"
        nginx.ingress.kubernetes.io/rewrite-target: /
    external_policy_local: false
    node_port:
--- a/magnum/values.yaml
+++ b/magnum/values.yaml
@ -125,8 +125,10 @@ network:
  api:
    ingress:
      public: true
+      classes:
+        namespace: "nginx"
+        cluster: "nginx-cluster"
      annotations:
-        kubernetes.io/ingress.class: "nginx"
        nginx.ingress.kubernetes.io/rewrite-target: /
    external_policy_local: false
    node_port:
--- a/mistral/values.yaml
+++ b/mistral/values.yaml
@ -57,8 +57,10 @@ network:
  api:
    ingress:
      public: true
+      classes:
+        namespace: "nginx"
+        cluster: "nginx-cluster"
      annotations:
-        kubernetes.io/ingress.class: "nginx"
        nginx.ingress.kubernetes.io/rewrite-target: /
    node_port:
      enabled: false
--- a/neutron/values.yaml
+++ b/neutron/values.yaml
@ -109,8 +109,10 @@ network:
  server:
    ingress:
      public: true
+      classes:
+        namespace: "nginx"
+        cluster: "nginx-cluster"
      annotations:
-        kubernetes.io/ingress.class: "nginx"
        nginx.ingress.kubernetes.io/rewrite-target: /
    external_policy_local: false
    node_port:
--- a/nova/values.yaml
+++ b/nova/values.yaml
@ -133,8 +133,10 @@ network:
    port: 8774
    ingress:
      public: true
+      classes:
+        namespace: "nginx"
+        cluster: "nginx-cluster"
      annotations:
-        kubernetes.io/ingress.class: "nginx"
        nginx.ingress.kubernetes.io/rewrite-target: /
    external_policy_local: false
    node_port:
@ -144,8 +146,10 @@ network:
    port: 8775
    ingress:
      public: true
+      classes:
+        namespace: "nginx"
+        cluster: "nginx-cluster"
      annotations:
-        kubernetes.io/ingress.class: "nginx"
        nginx.ingress.kubernetes.io/rewrite-target: /
    external_policy_local: false
    node_port:
@ -155,8 +159,10 @@ network:
    port: 8778
    ingress:
      public: true
+      classes:
+        namespace: "nginx"
+        cluster: "nginx-cluster"
      annotations:
-        kubernetes.io/ingress.class: "nginx"
        nginx.ingress.kubernetes.io/rewrite-target: /
    node_port:
      enabled: false
--- a/senlin/values.yaml
+++ b/senlin/values.yaml
@ -138,8 +138,10 @@ network:
  api:
    ingress:
      public: true
+      classes:
+        namespace: "nginx"
+        cluster: "nginx-cluster"
      annotations:
-        kubernetes.io/ingress.class: "nginx"
        nginx.ingress.kubernetes.io/rewrite-target: /
    node_port:
      enabled: false