Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add support for ingressClassName in helm chart #94

Open
mydompp opened this issue Jun 5, 2023 · 2 comments
Open

Add support for ingressClassName in helm chart #94

mydompp opened this issue Jun 5, 2023 · 2 comments
Assignees
@mlbiam
Labels
enhancement New feature or request

Comments

@mydompp
Copy link

mydompp commented Jun 5, 2023
edited
Loading

OpenUnison doesn't forward request after authorization when ingressClass not equal default in k8s.
Also, kubernetes.io/ingress.class annotation is progressively replaced with ingressClassName in the ingress as of v1.18
I suggest adding ingressClassName variabe and propagate to all ingresses templates for orchestra.
@mlbiam
Copy link
Contributor

mlbiam commented Jun 6, 2023

OpenUnison doesn't forward request after authorization when ingressClass not equal default in k8s.

Not sure what you mean. You can specify a "simple" Ingress for network.ingress_type and then configure the Ingress based on the annotations for which ever ingress you wish if it's not directly supported by the helm charts.

I suggest adding ingressClassName variabe and propagate to all ingresses templates for orchestra.
agreed. stay tuned

@mlbiam mlbiam self-assigned this Jun 6, 2023
@mlbiam mlbiam added the enhancement New feature or request label Jun 6, 2023
@mydompp
Copy link
Author

mydompp commented Jun 7, 2023

Hi, my part of config
ingress_type: nginx
I don't want to use deprecated annotation https://kubernetes.io/docs/concepts/services-networking/ingress/#deprecated-annotation kubernetes.io/ingress.class
I have some ingress classes in my cluster and class for openUnison is not default

kubectl get ingressclass
NAME                      CONTROLLER                       PARAMETERS   AGE
alb                       ingress.k8s.aws/alb              <none>       60d
openunison-nginx-dev      k8s.io/openunison-nginx-dev      <none>       42h

I should add ingressClassName: openunison-nginx-dev to ingress scec.

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  annotations:
    argocd.argoproj.io/sync-wave: "20"
    kubernetes.io/ingress.class: nginx
    meta.helm.sh/release-name: orchestra
    meta.helm.sh/release-namespace: openunison
    nginx.ingress.kubernetes.io/affinity: cookie
    nginx.ingress.kubernetes.io/backend-protocol: https
    nginx.ingress.kubernetes.io/proxy-read-timeout: "86400"
    nginx.ingress.kubernetes.io/secure-backends: "true"
    nginx.ingress.kubernetes.io/session-cookie-hash: sha1
    nginx.ingress.kubernetes.io/session-cookie-name: openunison-orchestra
    nginx.org/ssl-services: openunison-orchestra
  generation: 4
  labels:
    app.kubernetes.io/component: ingress-nginx
    app.kubernetes.io/instance: openunison-orchestra
    app.kubernetes.io/managed-by: Helm
    app.kubernetes.io/name: openunison
    app.kubernetes.io/part-of: openunison
  name: openunison-orchestra
  namespace: openunison
spec:
  ingressClassName: openunison-nginx-dev

So I suggest extending value network.ingress_class_name and add smth like

spec:
  {{- if .Values.network.ingress_class_name }}
  ingressClassName: {{ .Values.network.ingress_class_name }}
  {{- end }}

to all ingress templates ingress-simple.yaml, nginx.yaml and traefik.yaml
WDYT?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@mlbiam mlbiam

Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@mlbiam @mydompp