allow to pin IPs of vault services

[Fagioletti]

Is your feature request related to a problem? Please describe. We want the vault services to have fixed IPs (to allow for IP-based rules).

Describe the solution you'd like Extend the helm templates to add a loadBalancerIP

# helm/templates/server-ha-active-service.yaml
  # ...
  spec:
    {{- if .Values.server.service.type}}
    type: {{ .Values.server.service.type }}
    # pin IP
    {{- if not (empty .Values.server.ha.activeIP) }}
    loadBalancerIP: {{ .Values.server.ha.activeIP }}
    {{- end}}
  # ...

# helm/templates/server-ha-standby-service.yaml
  # ...
  spec:
    {{- if .Values.server.service.type}}
    type: {{ .Values.server.service.type }}
    # pin IP
    {{- if not (empty .Values.server.ha.standbyIP) }}
    loadBalancerIP: {{ .Values.server.ha.standbyIP }}
    {{- end}}
  # ...

# helm/templates/server-service.yaml
  # ...
  spec:
  {{- if .Values.server.service.clusterIP }}
  clusterIP: {{ .Values.server.service.clusterIP }}
  {{- else if eq .Values.server.service.type "LoadBalancer" }}
  type: {{ .Values.server.service.type }}
  # pin IP
  {{- if not (empty .Values.server.service.loadBalancerIP) }}
  loadBalancerIP: {{ default "" .Values.server.service.loadBalancerIP }}
  {{- end }}
  # ...

Describe alternatives you've considered

Explain any additional use-cases

Additional context if this is a feature regarded as beneficial i'd implement it.

[ccapurso]

Hi, @Fagioletti! This seems like a useful addition to vault-helm. This will likely get more attention from the Vault Ecosystem team there. I am going to go ahead and transfer the issue to that repo.

[Fagioletti]

is this ok? can i help to get this (or a better version of it) into vault-helm?

[Fagioletti]

not want to enervate anyone but is there a chance this gets added in the near future? is the change incomplete or lacking in any other way? can i help in any way?