traefik works!
ci / build (push) Has been cancelled Details

This commit is contained in:
CJ_Clippy 2024-07-01 19:50:54 -08:00
parent 38a726242c
commit 2c8e41be61
6 changed files with 264 additions and 95 deletions

View File

@ -22,26 +22,6 @@ spec:
args:
- -text="Hello, choom!"
---
apiVersion: v1
kind: Service
metadata:
name: echo
namespace: futureporn
annotations:
external-dns.alpha.kubernetes.io/hostname: "{{ .Values.echo.hostname }}"
{{ if eq .Values.environment "development" }}
chisel-operator.io/exit-node-name: "echo-exit-node"
{{ end }}
cert-manager.io/cluster-issuer: "{{ .Values.certManager.issuer }}"
spec:
selector:
app: echo
ports:
- protocol: TCP
port: 80
targetPort: 5678
{{ if eq .Values.environment "development" }}
---
apiVersion: chisel-operator.io/v1
@ -57,21 +37,102 @@ spec:
# ---
# apiVersion: traefik.io/v1alpha1
# kind: IngressRoute
# metadata:
# name: echo
# namespace: futureporn
# spec:
# entryPoints:
# - web
# routes:
# - match: Host(`echo.fp.sbtp.xyz`) || PathPrefix(`/extra/echo`)
# kind: Rule
# services:
# - name: echo
# port: 8001
# # tls:
# # secretName: echo-cert
---
apiVersion: v1
kind: Service
metadata:
name: echo
namespace: futureporn
annotations:
external-dns.alpha.kubernetes.io/hostname: "{{ .Values.echo.hostname }}"
{{ if eq .Values.environment "development" }}
chisel-operator.io/exit-node-name: "echo-exit-node"
{{ end }}
spec:
type: LoadBalancer
selector:
app: echo
ports:
- name: web
protocol: TCP
port: 5678
targetPort: 5678
- name: websecure
protocol: TCP
port: 4443
targetPort: 5678
---
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
name: echo
namespace: futureporn
spec:
secretName: echo-tls
issuerRef:
name: "{{ .Values.certManager.issuer }}"
kind: ClusterIssuer
dnsNames:
- "{{ .Values.echo.hostname }}"
---
apiVersion: traefik.io/v1alpha1
kind: IngressRoute
metadata:
name: echo
name: echo-http
namespace: futureporn
spec:
entryPoints:
- web
routes:
- match: Host(`echo.fp.sbtp.xyz`) || PathPrefix(`/extra/echo`)
kind: Rule
services:
- name: echo
port: 8001
# tls:
# secretName: echo-cert
- match: Host(`echo.fp.sbtp.xyz`)
kind: Rule
services:
- name: echo
namespace: futureporn
port: 5678
---
apiVersion: traefik.io/v1alpha1
kind: IngressRoute
metadata:
name: echo-https
namespace: futureporn
annotations:
cert-manager.io/cluster-issuer: "{{ .Values.certManager.issuer }}"
spec:
entryPoints:
- websecure
routes:
- match: Host(`echo.fp.sbtp.xyz`)
kind: Rule
middlewares:
- name: redirect
namespace: futureporn
services:
- name: echo
namespace: futureporn
port: 5678
tls:
secretName: echo-tls

View File

@ -30,6 +30,7 @@ metadata:
external-dns.alpha.kubernetes.io/hostname: "{{ .Values.next.hostname }}"
chisel-operator.io/exit-node-name: "next-exit-node"
spec:
type: LoadBalancer
selector:
app.kubernetes.io/name: next
ports:
@ -114,4 +115,59 @@ spec:
# tls:
# - hosts:
# - "{{ .Values.next.hostname }}"
# secretName: next-cert
# secretName: next-cert
---
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
name: next
namespace: futureporn
spec:
secretName: next-tls
issuerRef:
name: "{{ .Values.certManager.issuer }}"
kind: ClusterIssuer
dnsNames:
- "{{ .Values.next.hostname }}"
---
apiVersion: traefik.io/v1alpha1
kind: IngressRoute
metadata:
name: next-http
namespace: futureporn
spec:
entryPoints:
- web
routes:
- match: Host(`next.fp.sbtp.xyz`)
kind: Rule
middlewares:
- name: redirect
namespace: futureporn
services:
- name: next
port: 3000
---
apiVersion: traefik.io/v1alpha1
kind: IngressRoute
metadata:
name: next-https
namespace: futureporn
annotations:
cert-manager.io/cluster-issuer: "{{ .Values.certManager.issuer }}"
spec:
entryPoints:
- websecure
routes:
- match: Host(`next.fp.sbtp.xyz`)
kind: Rule
services:
- name: next
namespace: futureporn
port: 3000
tls:
secretName: next-tls

View File

@ -8,6 +8,7 @@ metadata:
external-dns.alpha.kubernetes.io/hostname: "{{ .Values.strapi.hostname }}"
chisel-operator.io/exit-node-name: "strapi-exit-node"
spec:
type: LoadBalancer
selector:
app.kubernetes.io/name: strapi
ports:
@ -153,33 +154,6 @@ spec:
# ---
# apiVersion: networking.k8s.io/v1
# kind: Ingress
# metadata:
# name: strapi
# namespace: futureporn
# annotations:
# kubernetes.io/ingress.class: traefik
# traefik.ingress.kubernetes.io/router.entrypoints: websecure,web
# traefik.ingress.kubernetes.io/router.tls: "false"
# cert-manager.io/cluster-issuer: "{{ .Values.certManager.issuer }}"
# spec:
# tls:
# - hosts:
# - "{{ .Values.strapi.hostname }}"
# secretName: strapi-cert
# rules:
# - host: "{{ .Values.strapi.hostname }}"
# http:
# paths:
# - path: /
# pathType: Prefix
# backend:
# service:
# name: strapi
# port:
# number: 1339
{{ if eq .Values.environment "development" }}
---
@ -193,3 +167,59 @@ spec:
port: 9090
auth: chisel
{{ end }}
---
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
name: strapi
namespace: futureporn
spec:
secretName: strapi-tls
issuerRef:
name: "{{ .Values.certManager.issuer }}"
kind: ClusterIssuer
dnsNames:
- "{{ .Values.strapi.hostname }}"
---
apiVersion: traefik.io/v1alpha1
kind: IngressRoute
metadata:
name: strapi-http
namespace: futureporn
spec:
entryPoints:
- web
routes:
- match: Host(`strapi.fp.sbtp.xyz`)
kind: Rule
middlewares:
- name: redirect
namespace: futureporn
services:
- name: strapi
namespace: futureporn
port: 1339
---
apiVersion: traefik.io/v1alpha1
kind: IngressRoute
metadata:
name: strapi-https
namespace: futureporn
annotations:
cert-manager.io/cluster-issuer: "{{ .Values.certManager.issuer }}"
spec:
entryPoints:
- websecure
routes:
- match: Host(`strapi.fp.sbtp.xyz`)
kind: Rule
services:
- name: strapi
namespace: futureporn
port: 1339
tls:
secretName: strapi-tls

View File

@ -10,6 +10,21 @@ spec:
scheme: https
permanent: true
{{ if eq .Values.environment "development" }}
---
apiVersion: chisel-operator.io/v1
kind: ExitNode
metadata:
name: traefik-exit-node
namespace: futureporn
spec:
host: "{{ .Values.chisel.exitNodeIp }}"
port: 9090
auth: chisel
{{ end }}
# ---
# apiVersion: v1
# kind: Service
@ -28,30 +43,30 @@ spec:
# port: 443
# targetPort: 8443
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: traefik
namespace: futureporn
annotations:
kubernetes.io/ingress.class: traefik
traefik.ingress.kubernetes.io/router.entrypoints: websecure
traefik.ingress.kubernetes.io/router.tls: "true"
cert-manager.io/cluster-issuer: "{{ .Values.certManager.issuer }}"
traefik.ingress.kubernetes.io/router.middlewares: futureporn-redirect@kubernetescrd
spec:
ingressClassName: traefik
rules:
- http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: traefik
port:
number: 443
# ---
# apiVersion: networking.k8s.io/v1
# kind: Ingress
# metadata:
# name: traefik
# namespace: futureporn
# annotations:
# kubernetes.io/ingress.class: traefik
# traefik.ingress.kubernetes.io/router.entrypoints: websecure
# traefik.ingress.kubernetes.io/router.tls: "true"
# cert-manager.io/cluster-issuer: "{{ .Values.certManager.issuer }}"
# traefik.ingress.kubernetes.io/router.middlewares: futureporn-redirect@kubernetescrd
# spec:
# ingressClassName: traefik
# rules:
# - http:
# paths:
# - path: /
# pathType: Prefix
# backend:
# service:
# name: traefik
# port:
# number: 443
# tls:
# - hosts:
# - "{{ .Values.echo.hostname }}"

View File

@ -26,6 +26,10 @@ spec:
namespace: futureporn
interval: 12h
values:
providers:
kubernetesIngress:
publishedService:
enabled: true
service:
annotations:
cert-manager.io/cluster-issuer: "letsencrypt-staging"

View File

@ -68,9 +68,12 @@ helm_remote(
version='28.3.0',
set=[
'globalArguments[0]=--global.sendanonymoususage=false',
'service.enabled=false',
'service.enabled=true',
'logs.access.enabled=true',
'logs.general.level=DEBUG'
'logs.access.format=json',
'logs.general.level=DEBUG',
'logs.general.format=json',
'providers.kubernetesIngress.publishedService.enabled=true',
]
)
@ -268,23 +271,14 @@ docker_build(
# )
k8s_resource(
workload='echo',
port_forwards=['8080'],
port_forwards=['8001'],
links=[
link('https://echo.fp.sbtp.xyz'),
link('http://echo.futureporn.svc.cluster.local:8001')
],
labels='debug'
)
# k8s_resource(
# workload='snake',
# port_forwards=['8080'],
# labels='debug'
# )
# k8s_resource(
# workload='game-2048',
# port_forwards=['8081:8080'],
# labels='debug'
# )
k8s_resource(
workload='next',
@ -306,9 +300,18 @@ k8s_resource(
k8s_resource(
workload='postgres',
port_forwards=['5432']
port_forwards=['5432'],
)
k8s_resource(
workload='traefik',
port_forwards=['9000:9000'],
links=[
link('http://localhost:9000/dashboard')
],
)
# k8s_resource(
# workload='scout-worker',
# resource_deps=['postgres', 'strapi', 'temporal-frontend', 'scout-manager']