*/kube: Add kube.SimpleIngress
Change-Id: Iddcac629b9938f228dd93b32e58bb14606d5c6e5
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1745
Reviewed-by: q3k <q3k@hackerspace.pl>
diff --git a/bgpwtf/cccampix/kube/ix.libsonnet b/bgpwtf/cccampix/kube/ix.libsonnet
index a3521f8..92e1eca 100644
--- a/bgpwtf/cccampix/kube/ix.libsonnet
+++ b/bgpwtf/cccampix/kube/ix.libsonnet
@@ -1,4 +1,4 @@
-local kube = import "../../../kube/kube.libsonnet";
+local kube = import "../../../kube/hscloud.libsonnet";
{
IX: {
@@ -425,81 +425,28 @@
},
},
- ingress: kube.Ingress("ingress") {
- metadata+: ix.metadata("public") {
- annotations+: {
- "kubernetes.io/tls-acme": "true",
- "cert-manager.io/cluster-issuer": "letsencrypt-prod",
- "nginx.ingress.kubernetes.io/proxy-body-size": "0",
- },
- },
- spec+: {
- tls: [
- { hosts: [cfg.frontend.domain], secretName: "public-tls"}
- ],
- rules: [
- {
- host: cfg.frontend.domain,
- http: {
- paths: [
- { path: "/", backend: ix.frontend.svc.name_port },
- ],
- },
- },
- ],
- },
+ ingress: kube.SimpleIngress("ingress") {
+ hosts:: [cfg.frontend.domain],
+ target_service:: ix.frontend.svc,
+ metadata+: ix.metadata("public"),
},
- aliceIngress: kube.Ingress("alice") {
+ aliceIngress: kube.SimpleIngress("alice") {
+ hosts:: [cfg.alice.domain],
+ target_service:: ix.alice.svc,
+ metadata+: ix.metadata("alice"),
+ },
+
+ grpcIngress: kube.SimpleIngress("grpc") {
+ hosts:: [cfg.verifier.domain],
+ target_service:: ix.verifier.svc,
metadata+: ix.metadata("alice") {
annotations+: {
- "kubernetes.io/tls-acme": "true",
- "cert-manager.io/cluster-issuer": "letsencrypt-prod",
- "nginx.ingress.kubernetes.io/proxy-body-size": "0",
- },
- },
- spec+: {
- tls: [
- { hosts: [cfg.alice.domain], secretName: "alice-tls"}
- ],
- rules: [
- {
- host: cfg.alice.domain,
- http: {
- paths: [
- { path: "/", backend: ix.alice.svc.name_port },
- ],
- },
- },
- ],
- },
- },
-
- grpcIngress: kube.Ingress("grpc") {
- metadata+: ix.metadata("grpc") {
- annotations+: {
- "kubernetes.io/tls-acme": "true",
- "cert-manager.io/cluster-issuer": "letsencrypt-prod",
"kubernetes.io/ingress.class": "nginx",
"nginx.ingress.kubernetes.io/ssl-redirect": "true",
"nginx.ingress.kubernetes.io/backend-protocol": "GRPC",
},
},
- spec+: {
- tls: [
- { hosts: [cfg.verifier.domain], secretName: "grpc-tls"}
- ],
- rules: [
- {
- host: cfg.verifier.domain,
- http: {
- paths: [
- { path: "/", backend: ix.verifier.svc.name_port },
- ],
- },
- },
- ],
- },
},
},
}
diff --git a/bgpwtf/internet/kube/prod.jsonnet b/bgpwtf/internet/kube/prod.jsonnet
index 0644ab3..e905e67 100644
--- a/bgpwtf/internet/kube/prod.jsonnet
+++ b/bgpwtf/internet/kube/prod.jsonnet
@@ -1,4 +1,4 @@
-local kube = import '../../../kube/kube.libsonnet';
+local kube = import '../../../kube/hscloud.libsonnet';
{
local internet = self,
@@ -59,27 +59,9 @@
target_pod:: internet.deployment.spec.template,
},
- ingress: kube.Ingress("frontend") {
- metadata+: internet.metadata("frontend") {
- annotations+: {
- "kubernetes.io/tls-acme": "true",
- "cert-manager.io/cluster-issuer": "letsencrypt-prod",
- },
- },
- spec+: {
- tls: [
- { hosts: [cfg.domain], secretName: "frontend-tls"}
- ],
- rules: [
- {
- host: cfg.domain,
- http: {
- paths: [
- { path: "/", backend: internet.svc.name_port },
- ],
- },
- },
- ],
- },
+ ingress: kube.SimpleIngress("frontend") {
+ hosts:: [cfg.domain],
+ target_service:: internet.svc,
+ metadata+: internet.metadata("frontend"),
},
}
diff --git a/bgpwtf/speedtest/kube/prod.jsonnet b/bgpwtf/speedtest/kube/prod.jsonnet
index 6b57ce2..e9b1d59 100644
--- a/bgpwtf/speedtest/kube/prod.jsonnet
+++ b/bgpwtf/speedtest/kube/prod.jsonnet
@@ -1,4 +1,4 @@
-local kube = import '../../../kube/kube.libsonnet';
+local kube = import '../../../kube/hscloud.libsonnet';
{
local speedtest = self,
@@ -58,28 +58,9 @@
target_pod:: speedtest.deployment.spec.template,
},
- ingress: kube.Ingress("public") {
- metadata+: speedtest.metadata("public") {
- annotations+: {
- "kubernetes.io/tls-acme": "true",
- "cert-manager.io/cluster-issuer": "letsencrypt-prod",
- "nginx.ingress.kubernetes.io/proxy-body-size": "0",
- },
- },
- spec+: {
- tls: [
- { hosts: [cfg.domain], secretName: "public-tls"}
- ],
- rules: [
- {
- host: cfg.domain,
- http: {
- paths: [
- { path: "/", backend: speedtest.svc.name_port },
- ],
- },
- },
- ],
- },
+ ingress: kube.SimpleIngress("public") {
+ hosts:: [cfg.domain],
+ target_service:: speedtest.svc,
+ metadata+: speedtest.metadata("public"),
},
}