Minor updates to the ziti-router service template #281
Conversation
|
I see this failing check: |
qrkourier
changed the base branch from
main
to
kevinlmadison-router-proxy-services
It's because forks can't run all of the checks. I'll merge this to an upsteam branch and run the remaining checks after we finish editing this branch. |
| @@ -237,9 +238,9 @@ spec: | |||
| ports: | |||
| {{- $service_name := .name }} | |||
| {{- range $root.Values.tunnel.proxyServices }} | |||
| {{- if and .k8sService (eq .k8sService $service_name) }} | |||
| - port: {{ .advertisedrPort }} | |||
There was a problem hiding this comment.
Wow. I'm surprised I missed those typos! I definitely tested this, so now I'm wondering how it ever worked. I could only have tested the default service. 🤔
| {{- if and .k8sService (eq .k8sService $service_name) }} | ||
| - port: {{ .advertisedrPort }} | ||
| targetPort: {{ .containerPortPort }} | ||
| {{- if and .zitiService (eq .zitiService $service_name) }} |
There was a problem hiding this comment.
Matching the zitiService instead of k8sService isn't crazy. 🤪 It will work either way. With those typos, I don't see how anyone could use this feature successfully, so I'm guessing the contributor tweaked it further to get it working in their fork, and that makes the risk of a breaking change vanishingly small.
Instead of matching proxyAdditionalK8sServices[].name , it would be more obvious how this works to use the exact property that needs to match a member of proxyServices, i.e., let proxyAdditionalK8sServices[].name become proxyAdditionalK8sServices[].zitiService in the template and update values.yaml example/inline comment guidance to reflect the new pattern.
If you agree, then the values.yaml would look something like this:
# -- if tunnel mode is "proxy", define an inventory of Ziti services this router's tunneler identity has permission to dial that may be published as a ClusterIP, NodePort, or LoadBalancer service
proxyServices: []
# # -- name of the Openziti service to publish as a cluster service
#- zitiService: my_ziti_service
# # -- create a cluster service named {{ release }}-proxy-{{ .k8sService}} when this item matches proxyAdditionalK8sServices
# k8sService: my_k8s_suffix
# # -- TCP port on which the cluster service listens for clients
# advertisedPort: 80
# # -- override the container port (default: advertisedPort)
# containerPort: 8443
# -- if tunnel mode is "proxy", create a single cluster service named {{ release }}-proxy-default listening on each "advertisedPort" defined in "proxyServices" (one cluster service and type with many ports)
proxyDefaultK8sService:
enabled: true
type: ClusterIP
# -- if tunnel mode is "proxy", create a cluster service for each of "proxyServices" where zitiService == zitiService (many cluster services with distinct types, each with one port)
proxyAdditionalK8sServices: []
#- zitiService: my_ziti_service
# type: ClusterIP| @@ -237,9 +238,9 @@ spec: | |||
| ports: | |||
| {{- $service_name := .name }} | |||
There was a problem hiding this comment.
| {{- $service_name := .name }} | |
| {{- $ziti_service := .zitiService }} |
| {{- if and .k8sService (eq .k8sService $service_name) }} | ||
| - port: {{ .advertisedrPort }} | ||
| targetPort: {{ .containerPortPort }} | ||
| {{- if and .zitiService (eq .zitiService $service_name) }} |
There was a problem hiding this comment.
| {{- if and .zitiService (eq .zitiService $service_name) }} | |
| {{- if and .zitiService (eq .zitiService $ziti_service) }} |
| @@ -188,6 +188,7 @@ spec: | |||
| {{- if and .Values.tunnel.mode (eq .Values.tunnel.mode "proxy" ) (gt (len .Values.tunnel.proxyAdditionalK8sServices) 0) }} | |||
| {{- $root := . }} | |||
| {{- range .Values.tunnel.proxyAdditionalK8sServices }} | |||
| --- | |||
This should allow for specifying multiple ports on the ziti-router's kubernetes service definition.