-
Notifications
You must be signed in to change notification settings - Fork 5
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Signed-off-by: sahil-lakhwani <[email protected]> * longhorn recipe * upgrade ingress to v1 * longhorn: daemonset to install iscsi * ingress-nginx * add descriptions for longhorn and ingress-nginx * longhorn: create secret from literal
- Loading branch information
1 parent
ae4cae4
commit 19d9cd3
Showing
2 changed files
with
92 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,24 @@ | ||
| # ingress-nginx | ||
| # Description: Detects Kubernetes provider type and install ingress-nginx controller | ||
| # Tested on: | ||
| # - EKS eks.5 | ||
| # - GKE 1.19.9-gke.1900 | ||
| # - Digital Ocean 1.21.2-do.2 | ||
| apiVersion: v1 | ||
| kind: kbrew | ||
| app: | ||
| args: | ||
| # annotation for EKS | ||
| controller.service.annotations."service\.beta\.kubernetes\.io/aws-load-balancer-type": '{{ $providerID := (index (lookup "v1" "Node" "" "").items 0).spec.providerID }}{{ if hasPrefix "aws" $providerID }}nlb{{end}}' | ||
| # annotations for Digital Ocean | ||
| controller.service.annotations."service\.beta\.kubernetes\.io/do-loadbalancer-enable-proxy-protocol": '{{ $providerID := (index (lookup "v1" "Node" "" "").items 0).spec.providerID }}{{ if hasPrefix "digitalocean" $providerID }}true{{end}}' | ||
| controller.config."use-proxy-protocol": '{{ $providerID := (index (lookup "v1" "Node" "" "").items 0).spec.providerID }}{{ if hasPrefix "digitalocean" $providerID }}true{{end}}' | ||
| repository: | ||
| name: ingress-nginx | ||
| url: https://kubernetes.github.io/ingress-nginx | ||
| type: helm | ||
| namespace: ingress-nginx | ||
| version: 3.34.0 | ||
| post_cleanup: | ||
| steps: | ||
| - kubectl delete namespace ingress-nginx |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,68 @@ | ||
| # Longhorn recipe | ||
| # Description: Installs iscsi daemonset, longhorn and ingress-nginx | ||
| # Tested on: | ||
| # - EKS eks.5 | ||
| # - GKE 1.19.9-gke.1900 | ||
| # - Digital Ocean 1.21.2-do.2 | ||
| apiVersion: v1 | ||
| kind: kbrew | ||
| app: | ||
| repository: | ||
| name: longhorn | ||
| url: https://charts.longhorn.io | ||
| type: helm | ||
| namespace: "longhorn-system" | ||
| pre_install: | ||
| - steps: | ||
| - openssl version | ||
| # Recipe needs USER and PASSWORD environment variables for ingress basic auth | ||
| - ': "${USERNAME:?Variable USERNAME not set or empty}" : "${PASSWORD:?Variable PASSWORD not set or empty}"' | ||
| - curl -s https://raw.githubusercontent.com/longhorn/longhorn/v1.1.1/scripts/environment_check.sh | bash | ||
| # daemonset for iscsi service installation | ||
| - kubectl apply -f https://raw.githubusercontent.com/longhorn/longhorn-manager/master/deploy/prerequisite/longhorn-iscsi-installation.yaml | ||
| post_install: | ||
| - apps: | ||
| - ingress-nginx | ||
| - steps: | ||
| - kubectl -n longhorn-system create secret generic basic-auth --from-literal=auth=$(echo ${USERNAME}:$(echo ${PASSWORD} | openssl passwd -stdin -apr1)) | ||
| - | | ||
| echo " | ||
| apiVersion: networking.k8s.io/v1 | ||
| kind: Ingress | ||
| metadata: | ||
| name: longhorn-ingress | ||
| namespace: longhorn-system | ||
| annotations: | ||
| # type of authentication | ||
| nginx.ingress.kubernetes.io/auth-type: basic | ||
| # prevent the controller from redirecting (308) to HTTPS | ||
| nginx.ingress.kubernetes.io/ssl-redirect: 'false' | ||
| # name of the secret that contains the user/password definitions | ||
| nginx.ingress.kubernetes.io/auth-secret: basic-auth | ||
| # message to display with an appropriate context why the authentication is required | ||
| nginx.ingress.kubernetes.io/auth-realm: 'Authentication Required ' | ||
| spec: | ||
| rules: | ||
| - http: | ||
| paths: | ||
| - path: / | ||
| pathType: Prefix | ||
| backend: | ||
| service: | ||
| name: longhorn-frontend | ||
| port: | ||
| number: 80 | ||
| " | kubectl -n longhorn-system create -f - | ||
| # post installation checks | ||
| - kubectl apply -f https://raw.githubusercontent.com/longhorn/longhorn/master/examples/simple_pvc.yaml | ||
| - kubectl apply -f https://raw.githubusercontent.com/longhorn/longhorn/master/examples/simple_pod.yaml | ||
| pre_cleanup: | ||
| steps: | ||
| - kubectl delete -f https://raw.githubusercontent.com/longhorn/longhorn/master/examples/simple_pod.yaml | ||
| - kubectl delete -f https://raw.githubusercontent.com/longhorn/longhorn/master/examples/simple_pvc.yaml | ||
| post_cleanup: | ||
| steps: | ||
| - kubectl delete secret basic-auth -n longhorn-system | ||
| - kubectl delete -f https://raw.githubusercontent.com/longhorn/longhorn-manager/master/deploy/prerequisite/longhorn-iscsi-installation.yaml | ||
| - kubectl delete ingress longhorn-ingress -n longhorn-system | ||
| - kubectl delete ns longhorn-system |