search

camunda-community-hub / camunda-7-community-helm

Camunda public Kubernetes Helm repo and charts
Apache License 2.0
39 stars 38 forks source link

Enable support for custom Camunda ports #37

Closed samzph closed 2 years ago

samzph commented 2 years ago

https://github.com/camunda-community-hub/camunda-helm/blob/37d3655ff43f05b64e7a2d1f55239de2d27b41a/charts/camunda-bpm-platform/templates/service.yaml#L7-L13

The Service object in the templates/ folder should allow for more configurability. If the targetPort and name fields were allowed to be changed, NodePort services would work better, and Camunda could be exposed on port 80.

samzph commented 2 years ago

For now, a workaround for me was using an AWS ALB to proxy all ports to 80 or 443, and leaving the service configuration like this:

service:
  type: NodePort
  port: 8080
  targetPort: 8080
  portName: http

This is my ingress configuration:

apiVersion: networking.k8s.io/v1beta1
kind: Ingress
metadata:
  name: camunda
  namespace: camunda
  annotations:
    kubernetes.io/ingress.class: alb
    alb.ingress.kubernetes.io/scheme: internet-facing
    alb.ingress.kubernetes.io/target-type: ip
    alb.ingress.kubernetes.io/listen-ports: '[{"HTTP": 80}, {"HTTPS": 443}]'
    alb.ingress.kubernetes.io/group.name: <ALB ingress group - use 1 ingress load balancer in AWS for multiple services>
    alb.ingress.kubernetes.io/healthcheck-path: /camunda
    alb.ingress.kubernetes.io/actions.ssl-redirect: '{"Type": "redirect", "RedirectConfig": { "Protocol": "HTTPS", "Port": "443", "StatusCode": "HTTP_301"}}'
    alb.ingress.kubernetes.io/success-codes: 200,302,301
    alb.ingress.kubernetes.io/target-group-attributes: stickiness.enabled=true,stickiness.lb_cookie.duration_seconds=3600
    alb.ingress.kubernetes.io/certificate-arn: <Certificate ARN>
    service.beta.kubernetes.io/aws-load-balancer-cross-zone-load-balancing-enabled: enabled
    alb.ingress.kubernetes.io/ssl-policy: <ELB SSL policy>
    alb.ingress.kubernetes.io/security-groups: <Allowed inbound addresses>
spec:
  rules:
    - host: camunda.<yoursite>.com
      http:
        paths:
          - path: /*
            backend:
              serviceName: ssl-redirect
              servicePort: use-annotation
          - path: /*
            backend:
              serviceName: camunda-camunda-bpm-platform
              servicePort: 8080
Sonny78 commented 2 years ago

I am currently deploying the cluster in a VirtualBox VM and want to port-forward from my host machine to a specific nodePort. I am setting up the VMs using Vagrant and I need to define the node port in advance before installing the helm chart. I do not want to set up Ingress, thus would I need something like this:

spec:
  type: {{ .Values.service.type }}
ports:
    - port: {{ .Values.service.port }}
      targetPort: http
      protocol: TCP
      name: http
      {{- if and (eq "NodePort" .Values.service.type) .Values.service.httpNodePort }}
      nodePort: {{ .Values.service.httpNodePort }}
      {{- end }}
aabouzaid commented 2 years ago

Please check out the new version v1.5.0 which should fix this issue.

Sonny78 commented 2 years ago

The node port declaration part works fine for me

Please check out the new version v1.5.0 which should fix this issue.