Closed samzph closed 2 years ago
For now, a workaround for me was using an AWS ALB to proxy all ports to 80 or 443, and leaving the service configuration like this:
service:
type: NodePort
port: 8080
targetPort: 8080
portName: http
This is my ingress configuration:
apiVersion: networking.k8s.io/v1beta1
kind: Ingress
metadata:
name: camunda
namespace: camunda
annotations:
kubernetes.io/ingress.class: alb
alb.ingress.kubernetes.io/scheme: internet-facing
alb.ingress.kubernetes.io/target-type: ip
alb.ingress.kubernetes.io/listen-ports: '[{"HTTP": 80}, {"HTTPS": 443}]'
alb.ingress.kubernetes.io/group.name: <ALB ingress group - use 1 ingress load balancer in AWS for multiple services>
alb.ingress.kubernetes.io/healthcheck-path: /camunda
alb.ingress.kubernetes.io/actions.ssl-redirect: '{"Type": "redirect", "RedirectConfig": { "Protocol": "HTTPS", "Port": "443", "StatusCode": "HTTP_301"}}'
alb.ingress.kubernetes.io/success-codes: 200,302,301
alb.ingress.kubernetes.io/target-group-attributes: stickiness.enabled=true,stickiness.lb_cookie.duration_seconds=3600
alb.ingress.kubernetes.io/certificate-arn: <Certificate ARN>
service.beta.kubernetes.io/aws-load-balancer-cross-zone-load-balancing-enabled: enabled
alb.ingress.kubernetes.io/ssl-policy: <ELB SSL policy>
alb.ingress.kubernetes.io/security-groups: <Allowed inbound addresses>
spec:
rules:
- host: camunda.<yoursite>.com
http:
paths:
- path: /*
backend:
serviceName: ssl-redirect
servicePort: use-annotation
- path: /*
backend:
serviceName: camunda-camunda-bpm-platform
servicePort: 8080
I am currently deploying the cluster in a VirtualBox VM and want to port-forward from my host machine to a specific nodePort. I am setting up the VMs using Vagrant and I need to define the node port in advance before installing the helm chart. I do not want to set up Ingress, thus would I need something like this:
spec:
type: {{ .Values.service.type }}
ports:
- port: {{ .Values.service.port }}
targetPort: http
protocol: TCP
name: http
{{- if and (eq "NodePort" .Values.service.type) .Values.service.httpNodePort }}
nodePort: {{ .Values.service.httpNodePort }}
{{- end }}
https://github.com/camunda-community-hub/camunda-helm/blob/37d3655ff43f05b64e7a2d1f55239de2d27b41a/charts/camunda-bpm-platform/templates/service.yaml#L7-L13
The Service object in the templates/ folder should allow for more configurability. If the targetPort and name fields were allowed to be changed, NodePort services would work better, and Camunda could be exposed on port 80.