search

UffizziCloud / uffizzi_controller

A smart proxy service that handles requests from the Uffizzi API to the Kubernetes API
Apache License 2.0
11 stars 3 forks source link

Specify Ingress hostname for UffizziCluster Resources #85

Closed axisofentropy closed 1 year ago

axisofentropy commented 1 year ago

Builds upon #79

When specifying a UffizziCluster Resource, Our controller must specify a hostname and annotations for the Ingress that serves the k8s Master API. The bare minimum looks like this:

apiVersion: uffizzi.com/v1alpha1
kind: UffizziCluster
metadata:
  name: june-27-three
  namespace: june-27
spec:
  ingress:
    host: app.qa-gke.uffizzi.com
    class: nginx
    cluster:
      ingressAnnotations:
        nginx.ingress.kubernetes.io/backend-protocol: HTTPS
        nginx.ingress.kubernetes.io/ssl-passthrough: "true"
        nginx.ingress.kubernetes.io/ssl-redirect: "true"

The operator's schema and behavior could change in the near future, but I've just tested this on our main qa uffizzi-client Cluster. Unfortunately all of those attributes are required for the Operator to acknowledge.

Note that this host value is actually the root of a hostname that will be generated by the operator. So make sure it matches the Cluster you're installing upon. For example, we have a DNS A record for *.app.qa-gke.uffizzi.com pointing to the IP address of this Cluster's ingress-nginx load balancer. When I specified the UffizziCluster above, it created an Ingress with a hostname june-27-three.uc.app.qa-gke.uffizzi.com. (That generated hostname will also be within the Secret fetched by uffizzi cluster update-kubeconfig, and I tested that successfully too.)

Slack thread https://uffizzi-internal.slack.com/archives/CN8MKSAQ5/p1687882228981759

axisofentropy commented 1 year ago

The environment variable MANAGED_DNS_ZONE_DNS_NAME for the web and sidekiq containers can be passed verbatim into spec.ingress.host. On qa I see that its value is app.qa-gke.uffizzi.com which is perfect.