You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@openwhisk.apache.org by dg...@apache.org on 2020/04/02 19:32:53 UTC

[openwhisk-deploy-kube] 01/04: update for AWS SSL support

This is an automated email from the ASF dual-hosted git repository.

dgrove pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/openwhisk-deploy-kube.git

commit d67925ba6a8953c68b7cf76a8e26cd4e5bd45e32
Author: Tom Barber <to...@spicule.co.uk>
AuthorDate: Tue Mar 17 21:40:57 2020 +0000

    update for AWS SSL support
---
 helm/openwhisk/configMapFiles/installPackages/myTask.sh | 14 +++++++-------
 helm/openwhisk/templates/install-packages-job.yaml      |  6 +++++-
 helm/openwhisk/templates/nginx-svc.yaml                 |  9 +++++++++
 helm/openwhisk/templates/ow-whisk-cm.yaml               |  8 ++++++++
 helm/openwhisk/values.yaml                              |  1 +
 5 files changed, 30 insertions(+), 8 deletions(-)

diff --git a/helm/openwhisk/configMapFiles/installPackages/myTask.sh b/helm/openwhisk/configMapFiles/installPackages/myTask.sh
index 04691d8..23947d0 100644
--- a/helm/openwhisk/configMapFiles/installPackages/myTask.sh
+++ b/helm/openwhisk/configMapFiles/installPackages/myTask.sh
@@ -54,14 +54,14 @@ pushd $OPENWHISK_HOME/ansible/roles/routemgmt/files
     PASSED=false
     TRIES=0
     until $PASSED || [ $TRIES -eq 10 ]; do
-        if ./installRouteMgmt.sh $WHISK_AUTH $WHISK_API_HOST $WHISK_SYSTEM_NAMESPACE /usr/local/bin/wsk; then
+        if ./installRouteMgmt.sh $WHISK_AUTH $WHISK_API_HOST_URL $WHISK_SYSTEM_NAMESPACE /usr/local/bin/wsk; then
             PASSED=true
             echo "Successfully deployed routemgmt package"
         else
             echo "Failed to deploy routemgmt package; will pause, uninstall, and try again"
             let TRIES=TRIES+1
             sleep 10
-            ./uninstallRouteMgmt.sh $WHISK_AUTH $WHISK_API_HOST $WHISK_SYSTEM_NAMESPACE /usr/local/bin/wsk;
+            ./uninstallRouteMgmt.sh $WHISK_AUTH $WHISK_API_HOST_URL $WHISK_SYSTEM_NAMESPACE /usr/local/bin/wsk;
         fi
     done
     if ! $PASSED; then
@@ -79,7 +79,7 @@ pushd openwhisk-catalog
 popd
 
 pushd openwhisk-catalog/packages
-    ./installCatalogUsingWskdeploy.sh $WHISK_AUTH $WHISK_API_HOST /usr/local/bin/wsk || exit 1
+    ./installCatalogUsingWskdeploy.sh $WHISK_AUTH $WHISK_API_HOST_URL /usr/local/bin/wsk || exit 1
 popd
 
 
@@ -101,7 +101,7 @@ if [ "$OW_INSTALL_ALARM_PROVIDER" == "yes" ]; then
 
     pushd /openwhisk-package-alarms
         git checkout $OW_GIT_TAG_OPENWHISK_PACKAGE_ALARMS
-        ./installCatalog.sh $WHISK_AUTH $WHISK_API_HOST $PROVIDER_DB_URL $ALARM_DB_PREFIX $WHISK_API_HOST || exit 1
+        ./installCatalog.sh $WHISK_AUTH $WHISK_API_HOST_URL $PROVIDER_DB_URL $ALARM_DB_PREFIX $WHISK_API_HOST_URL || exit 1
     popd
 fi
 
@@ -116,7 +116,7 @@ if [ "$OW_INSTALL_CLOUDANT_PROVIDER" == "yes" ]; then
 
     pushd /openwhisk-package-cloudant
         git checkout $OW_GIT_TAG_OPENWHISK_PACKAGE_CLOUDANT
-        ./installCatalog.sh $WHISK_AUTH $WHISK_API_HOST $PROVIDER_DB_URL $CLOUDANT_DB_PREFIX $WHISK_API_HOST || exit 1
+        ./installCatalog.sh $WHISK_AUTH $WHISK_API_HOST_URL $PROVIDER_DB_URL $CLOUDANT_DB_PREFIX $WHISK_API_HOST_URL || exit 1
     popd
 fi
 
@@ -131,8 +131,8 @@ if [ "$OW_INSTALL_KAFKA_PROVIDER" == "yes" ]; then
 
     pushd /openwhisk-package-kafka
         git checkout $OW_GIT_TAG_OPENWHISK_PACKAGE_KAFKA
-        ./installKafka.sh $WHISK_AUTH $WHISK_API_HOST $PROVIDER_DB_URL $KAFKA_DB_PREFIX $WHISK_API_HOST || exit 1
-        ./installCatalog.sh $WHISK_AUTH $WHISK_API_HOST $PROVIDER_DB_URL $KAFKA_DB_PREFIX $WHISK_API_HOST || exit 1
+        ./installKafka.sh $WHISK_AUTH $WHISK_API_HOST_URL $PROVIDER_DB_URL $KAFKA_DB_PREFIX $WHISK_API_HOST_URL || exit 1
+        ./installCatalog.sh $WHISK_AUTH $WHISK_API_HOST_URL $PROVIDER_DB_URL $KAFKA_DB_PREFIX $WHISK_API_HOST_URL || exit 1
     popd
 fi
 
diff --git a/helm/openwhisk/templates/install-packages-job.yaml b/helm/openwhisk/templates/install-packages-job.yaml
index 6535ac8..de12aa6 100644
--- a/helm/openwhisk/templates/install-packages-job.yaml
+++ b/helm/openwhisk/templates/install-packages-job.yaml
@@ -61,7 +61,11 @@ spec:
               configMapKeyRef:
                 name: {{ .Release.Name }}-whisk.config
                 key: whisk_api_host_nameAndPort
-
+          - name: "WHISK_API_HOST_URL"
+            valueFrom:
+              configMapKeyRef:
+                name: {{ .Release.Name }}-whisk.config
+                key: whisk_api_host_url
           # apigateway configuration (for installing routemgmt actions)
           - name: "WHISK_SYSTEM_NAMESPACE"
             valueFrom:
diff --git a/helm/openwhisk/templates/nginx-svc.yaml b/helm/openwhisk/templates/nginx-svc.yaml
index ee478be..e67bc61 100644
--- a/helm/openwhisk/templates/nginx-svc.yaml
+++ b/helm/openwhisk/templates/nginx-svc.yaml
@@ -19,6 +19,12 @@
 apiVersion: v1
 kind: Service
 metadata:
+  {{- if eq .Values.whisk.ingress.type "LoadBalancer" }}
+  annotations:
+    {{- range $key, $value := .Values.whisk.ingress.annotations }}
+      {{ $key }}: {{ $value | quote }}
+    {{- end }}
+  {{- end }}
   name: {{ .Release.Name }}-nginx
   labels:
     name: {{ .Release.Name }}-nginx
@@ -39,4 +45,7 @@ spec:
       nodePort: {{ .Values.nginx.httpsNodePort }}
       {{- end }}
       name: https-api
+      {{- if eq .Values.whisk.ingress.awsSSL "true"}}
+      targetPort: http
+      {{- end}}
 {{- end }}
diff --git a/helm/openwhisk/templates/ow-whisk-cm.yaml b/helm/openwhisk/templates/ow-whisk-cm.yaml
index 222fc24..2e20623 100644
--- a/helm/openwhisk/templates/ow-whisk-cm.yaml
+++ b/helm/openwhisk/templates/ow-whisk-cm.yaml
@@ -27,11 +27,19 @@ data:
   whisk_cli_version_tag: {{ .Values.whisk.versions.openwhiskCli.tag | quote }}
   whisk_system_namespace: {{ .Values.whisk.systemNameSpace | quote }}
 {{- if eq .Values.whisk.ingress.type "LoadBalancer" }}
+{{- if eq .Values.whisk.ingress.awsSSL "true" }}
+  whisk_api_host_proto: "http"
+  whisk_api_host_port: {{ .Values.nginx.httpPort | quote }}
+  whisk_api_host_name: "{{ .Release.Name }}-nginx.{{ .Release.Namespace }}.svc.{{ .Values.k8s.domain }}"
+  whisk_api_host_nameAndPort: "{{ .Release.Name }}-nginx.{{ .Release.Namespace }}.svc.{{ .Values.k8s.domain }}:{{ .Values.nginx.httpPort }}"
+  whisk_api_host_url: "http://{{ .Release.Name }}-nginx.{{ .Release.Namespace }}.svc.{{ .Values.k8s.domain }}:{{ .Values.nginx.httpPort }}"
+{{- else }}
   whisk_api_host_proto: "https"
   whisk_api_host_port: {{ .Values.nginx.httpsPort | quote }}
   whisk_api_host_name: "{{ .Release.Name }}-nginx.{{ .Release.Namespace }}.svc.{{ .Values.k8s.domain }}"
   whisk_api_host_nameAndPort: "{{ .Release.Name }}-nginx.{{ .Release.Namespace }}.svc.{{ .Values.k8s.domain }}:{{ .Values.nginx.httpsPort }}"
   whisk_api_host_url: "https://{{ .Release.Name }}-nginx.{{ .Release.Namespace }}.svc.{{ .Values.k8s.domain }}:{{ .Values.nginx.httpsPort }}"
+{{- end }}
 {{- else }}
   whisk_api_host_proto: {{ .Values.whisk.ingress.apiHostProto | quote }}
   whisk_api_host_port: {{ .Values.whisk.ingress.apiHostPort | quote }}
diff --git a/helm/openwhisk/values.yaml b/helm/openwhisk/values.yaml
index 4adc202..5406d8b 100644
--- a/helm/openwhisk/values.yaml
+++ b/helm/openwhisk/values.yaml
@@ -48,6 +48,7 @@ whisk:
   # See the "Configuring OpenWhisk section" of the docs/k8s-*.md that matches
   # your cluster type for details on what values to provide and how to get them.
   ingress:
+    aws: "false"
     apiHostName: ""
     apiHostPort: 31001
     apiHostProto: "https"