From 4e0322f8af3368882b20eff36f41a92583e8ea0a Mon Sep 17 00:00:00 2001 From: "florian.buchmeier@audi.de" Date: Tue, 8 Mar 2022 18:56:09 +0100 Subject: [PATCH] feat: support preheat function in kraken-proxy, support override of allowed cidrs for kraken-agent Signed-off-by: florian.buchmeier@audi.de --- helm/Chart.yaml | 4 ++-- helm/config/agent.yaml | 4 ++++ helm/templates/proxy.yaml | 6 ++++++ helm/values.yaml | 11 +++++++++++ 4 files changed, 23 insertions(+), 2 deletions(-) diff --git a/helm/Chart.yaml b/helm/Chart.yaml index 0a2e15d06..f3daec194 100644 --- a/helm/Chart.yaml +++ b/helm/Chart.yaml @@ -1,7 +1,7 @@ name: kraken description: P2P Docker registry capable of distributing TBs of data in seconds -version: 0.2.0 -kubeVersion: ">=1.10.0" +version: 0.2.1 +kubeVersion: "^1.10.0-0" keywords: - http - docker diff --git a/helm/config/agent.yaml b/helm/config/agent.yaml index 3a8ef563d..37951e0db 100644 --- a/helm/config/agent.yaml +++ b/helm/config/agent.yaml @@ -2,3 +2,7 @@ extends: /etc/kraken/config/agent/base.yaml {{ include "tls" . }} {{ include "trackers" . }} {{ include "build-index" . }} +{{- with .Values.agent.allowedCidrs }} +allowed_cidrs: + {{- toYaml . | nindent 2 }} +{{- end }} \ No newline at end of file diff --git a/helm/templates/proxy.yaml b/helm/templates/proxy.yaml index d0fcc99ac..ecb03dfad 100644 --- a/helm/templates/proxy.yaml +++ b/helm/templates/proxy.yaml @@ -32,6 +32,7 @@ spec: - /usr/bin/kraken-proxy - --config={{ .Values.proxy.config }} - --port=80 + - --server-port=81 volumeMounts: - name: config mountPath: /etc/config @@ -55,3 +56,8 @@ spec: - protocol: TCP port: 80 targetPort: 80 + name: proxy + - protocol: TCP + port: 81 + targetPort: 81 + name: proxy-server \ No newline at end of file diff --git a/helm/values.yaml b/helm/values.yaml index 625278410..ae5463840 100644 --- a/helm/values.yaml +++ b/helm/values.yaml @@ -74,6 +74,17 @@ agent: initContainers: tolerations: # - operator: "Exists" + # Override the list of IP address (ranges) allowed to access the agents + # Will be interpreted by NGINX allow statement. + # + # This can be useful e.g. when using AWS EKS with vpc-cni where the requests + # are made not from 127.0.0.1 but from the host IP + # default is: + # - 127.0.0.1 + # - 172.17.0.1 + allowedCidrs: + # - 192.168.178.1/24 + # - 10.10.0.1 testfs: enabled: true annotations: