Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
k8s-ingress
Project
Project
Details
Activity
Releases
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
3
Merge Requests
3
Wiki
Wiki
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Commits
Issue Boards
Open sidebar
uplex-varnish
k8s-ingress
Commits
4b3ef9f6
Commit
4b3ef9f6
authored
Aug 03, 2020
by
Geoff Simmons
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Update helm charts for the refactored TLS solution.
Ref #36
parent
0ed73905
Changes
6
Hide whitespace changes
Inline
Side-by-side
Showing
6 changed files
with
32 additions
and
29 deletions
+32
-29
clusterrole.yaml
charts/viking-controller/templates/clusterrole.yaml
+0
-11
_helpers.tpl
charts/viking-service/templates/_helpers.tpl
+0
-8
admin-service.yaml
charts/viking-service/templates/admin-service.yaml
+1
-1
clusterrole.yaml
charts/viking-service/templates/clusterrole.yaml
+12
-5
clusterrolebinding.yaml
charts/viking-service/templates/clusterrolebinding.yaml
+17
-0
deployment.yaml
charts/viking-service/templates/deployment.yaml
+2
-4
No files found.
charts/viking-controller/templates/clusterrole.yaml
View file @
4b3ef9f6
...
...
@@ -25,17 +25,6 @@ rules:
-
get
-
list
-
watch
-
apiGroups
:
-
"
"
resources
:
-
secrets
resourceNames
:
-
tls-cert
verbs
:
-
get
-
list
-
watch
-
update
-
apiGroups
:
-
"
"
resources
:
...
...
charts/viking-service/templates/_helpers.tpl
View file @
4b3ef9f6
...
...
@@ -20,14 +20,6 @@ Create a admin secret name
{{- printf "%s-admin" (include "viking-service.name" . | trunc 55) -}}
{{- end -}}
{
{
/*
Create
a
TLS
secret
name
*/
}
}
{{- define "viking-service.tls-secret-name" -}}
{
{
/*
{{
-
printf
"%s-tls-crt"
(
include
"viking-service.name"
.
|
trunc
55
)
-
}}
*/
}
}
{{- printf "tls-cert" -}}
{{- end -}}
{
{
/*
Create
a
default
fully
qualified
app
name
.
We
truncate
at
63
chars
because
some
Kubernetes
name
fields
are
limited
to
this
(
by
the
DNS
naming
spec
).
...
...
charts/viking-service/templates/admin-service.yaml
View file @
4b3ef9f6
...
...
@@ -24,7 +24,7 @@ spec:
port
:
5555
targetPort
:
5555
protocol
:
TCP
-
name
:
faccess
-
name
:
crt-dnldr
port
:
5556
targetPort
:
5556
protocol
:
TCP
...
...
charts/viking-service/templates/
tls-cert-secret
.yaml
→
charts/viking-service/templates/
clusterrole
.yaml
View file @
4b3ef9f6
apiVersion
:
v1
kind
:
Secret
kind
:
ClusterRole
apiVersion
:
rbac.authorization.k8s.io/v1
metadata
:
name
:
{{
template "viking-service.tls-secret-name" .
}}
labels
:
app.kubernetes.io/name
:
{{
template "viking-service.name" .
}}
helm.sh/chart
:
{{
template "viking-service.chart" .
}}
app.kubernetes.io/managed-by
:
{{
.Release.Service
}}
app.kubernetes.io/instance
:
{{
.Release.Name
}}
viking.uplex.de/secret
:
pem
type
:
Opaque
name
:
{{
template "viking-service.fullname" .
}}
rules
:
-
apiGroups
:
-
"
"
resources
:
-
secrets
verbs
:
-
get
-
list
-
watch
charts/viking-service/templates/clusterrolebinding.yaml
0 → 100644
View file @
4b3ef9f6
apiVersion
:
rbac.authorization.k8s.io/v1
kind
:
ClusterRoleBinding
metadata
:
labels
:
app.kubernetes.io/name
:
{{
template "viking-service.name" .
}}
helm.sh/chart
:
{{
template "viking-service.chart" .
}}
app.kubernetes.io/managed-by
:
{{
.Release.Service
}}
app.kubernetes.io/instance
:
{{
.Release.Name
}}
name
:
{{
template "viking-service.fullname" .
}}
subjects
:
-
kind
:
ServiceAccount
name
:
{{
template "viking-service.fullname" .
}}
namespace
:
{{
.Release.Namespace
}}
roleRef
:
kind
:
ClusterRole
name
:
{{
template "viking-service.fullname" .
}}
apiGroup
:
rbac.authorization.k8s.io
charts/viking-service/templates/deployment.yaml
View file @
4b3ef9f6
...
...
@@ -168,7 +168,6 @@ spec:
volumeMounts
:
-
name
:
tls-cert
mountPath
:
"
/etc/ssl/private"
readOnly
:
true
-
name
:
run-offload
mountPath
:
"
/run/offload"
-
name
:
run-haproxy
...
...
@@ -202,9 +201,8 @@ spec:
-
key
:
admin
path
:
_.secret
-
name
:
tls-cert
secret
:
secretName
:
{{
template "viking-service.tls-secret-name" .
}}
defaultMode
:
0440
emptyDir
:
medium
:
"
Memory"
-
name
:
run-varnish-home
emptyDir
:
medium
:
"
Memory"
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment