You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@openwhisk.apache.org by dg...@apache.org on 2020/04/02 19:32:53 UTC
[openwhisk-deploy-kube] 01/04: update for AWS SSL support
This is an automated email from the ASF dual-hosted git repository.
dgrove pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/openwhisk-deploy-kube.git
commit d67925ba6a8953c68b7cf76a8e26cd4e5bd45e32
Author: Tom Barber <to...@spicule.co.uk>
AuthorDate: Tue Mar 17 21:40:57 2020 +0000
update for AWS SSL support
---
helm/openwhisk/configMapFiles/installPackages/myTask.sh | 14 +++++++-------
helm/openwhisk/templates/install-packages-job.yaml | 6 +++++-
helm/openwhisk/templates/nginx-svc.yaml | 9 +++++++++
helm/openwhisk/templates/ow-whisk-cm.yaml | 8 ++++++++
helm/openwhisk/values.yaml | 1 +
5 files changed, 30 insertions(+), 8 deletions(-)
diff --git a/helm/openwhisk/configMapFiles/installPackages/myTask.sh b/helm/openwhisk/configMapFiles/installPackages/myTask.sh
index 04691d8..23947d0 100644
--- a/helm/openwhisk/configMapFiles/installPackages/myTask.sh
+++ b/helm/openwhisk/configMapFiles/installPackages/myTask.sh
@@ -54,14 +54,14 @@ pushd $OPENWHISK_HOME/ansible/roles/routemgmt/files
PASSED=false
TRIES=0
until $PASSED || [ $TRIES -eq 10 ]; do
- if ./installRouteMgmt.sh $WHISK_AUTH $WHISK_API_HOST $WHISK_SYSTEM_NAMESPACE /usr/local/bin/wsk; then
+ if ./installRouteMgmt.sh $WHISK_AUTH $WHISK_API_HOST_URL $WHISK_SYSTEM_NAMESPACE /usr/local/bin/wsk; then
PASSED=true
echo "Successfully deployed routemgmt package"
else
echo "Failed to deploy routemgmt package; will pause, uninstall, and try again"
let TRIES=TRIES+1
sleep 10
- ./uninstallRouteMgmt.sh $WHISK_AUTH $WHISK_API_HOST $WHISK_SYSTEM_NAMESPACE /usr/local/bin/wsk;
+ ./uninstallRouteMgmt.sh $WHISK_AUTH $WHISK_API_HOST_URL $WHISK_SYSTEM_NAMESPACE /usr/local/bin/wsk;
fi
done
if ! $PASSED; then
@@ -79,7 +79,7 @@ pushd openwhisk-catalog
popd
pushd openwhisk-catalog/packages
- ./installCatalogUsingWskdeploy.sh $WHISK_AUTH $WHISK_API_HOST /usr/local/bin/wsk || exit 1
+ ./installCatalogUsingWskdeploy.sh $WHISK_AUTH $WHISK_API_HOST_URL /usr/local/bin/wsk || exit 1
popd
@@ -101,7 +101,7 @@ if [ "$OW_INSTALL_ALARM_PROVIDER" == "yes" ]; then
pushd /openwhisk-package-alarms
git checkout $OW_GIT_TAG_OPENWHISK_PACKAGE_ALARMS
- ./installCatalog.sh $WHISK_AUTH $WHISK_API_HOST $PROVIDER_DB_URL $ALARM_DB_PREFIX $WHISK_API_HOST || exit 1
+ ./installCatalog.sh $WHISK_AUTH $WHISK_API_HOST_URL $PROVIDER_DB_URL $ALARM_DB_PREFIX $WHISK_API_HOST_URL || exit 1
popd
fi
@@ -116,7 +116,7 @@ if [ "$OW_INSTALL_CLOUDANT_PROVIDER" == "yes" ]; then
pushd /openwhisk-package-cloudant
git checkout $OW_GIT_TAG_OPENWHISK_PACKAGE_CLOUDANT
- ./installCatalog.sh $WHISK_AUTH $WHISK_API_HOST $PROVIDER_DB_URL $CLOUDANT_DB_PREFIX $WHISK_API_HOST || exit 1
+ ./installCatalog.sh $WHISK_AUTH $WHISK_API_HOST_URL $PROVIDER_DB_URL $CLOUDANT_DB_PREFIX $WHISK_API_HOST_URL || exit 1
popd
fi
@@ -131,8 +131,8 @@ if [ "$OW_INSTALL_KAFKA_PROVIDER" == "yes" ]; then
pushd /openwhisk-package-kafka
git checkout $OW_GIT_TAG_OPENWHISK_PACKAGE_KAFKA
- ./installKafka.sh $WHISK_AUTH $WHISK_API_HOST $PROVIDER_DB_URL $KAFKA_DB_PREFIX $WHISK_API_HOST || exit 1
- ./installCatalog.sh $WHISK_AUTH $WHISK_API_HOST $PROVIDER_DB_URL $KAFKA_DB_PREFIX $WHISK_API_HOST || exit 1
+ ./installKafka.sh $WHISK_AUTH $WHISK_API_HOST_URL $PROVIDER_DB_URL $KAFKA_DB_PREFIX $WHISK_API_HOST_URL || exit 1
+ ./installCatalog.sh $WHISK_AUTH $WHISK_API_HOST_URL $PROVIDER_DB_URL $KAFKA_DB_PREFIX $WHISK_API_HOST_URL || exit 1
popd
fi
diff --git a/helm/openwhisk/templates/install-packages-job.yaml b/helm/openwhisk/templates/install-packages-job.yaml
index 6535ac8..de12aa6 100644
--- a/helm/openwhisk/templates/install-packages-job.yaml
+++ b/helm/openwhisk/templates/install-packages-job.yaml
@@ -61,7 +61,11 @@ spec:
configMapKeyRef:
name: {{ .Release.Name }}-whisk.config
key: whisk_api_host_nameAndPort
-
+ - name: "WHISK_API_HOST_URL"
+ valueFrom:
+ configMapKeyRef:
+ name: {{ .Release.Name }}-whisk.config
+ key: whisk_api_host_url
# apigateway configuration (for installing routemgmt actions)
- name: "WHISK_SYSTEM_NAMESPACE"
valueFrom:
diff --git a/helm/openwhisk/templates/nginx-svc.yaml b/helm/openwhisk/templates/nginx-svc.yaml
index ee478be..e67bc61 100644
--- a/helm/openwhisk/templates/nginx-svc.yaml
+++ b/helm/openwhisk/templates/nginx-svc.yaml
@@ -19,6 +19,12 @@
apiVersion: v1
kind: Service
metadata:
+ {{- if eq .Values.whisk.ingress.type "LoadBalancer" }}
+ annotations:
+ {{- range $key, $value := .Values.whisk.ingress.annotations }}
+ {{ $key }}: {{ $value | quote }}
+ {{- end }}
+ {{- end }}
name: {{ .Release.Name }}-nginx
labels:
name: {{ .Release.Name }}-nginx
@@ -39,4 +45,7 @@ spec:
nodePort: {{ .Values.nginx.httpsNodePort }}
{{- end }}
name: https-api
+ {{- if eq .Values.whisk.ingress.awsSSL "true"}}
+ targetPort: http
+ {{- end}}
{{- end }}
diff --git a/helm/openwhisk/templates/ow-whisk-cm.yaml b/helm/openwhisk/templates/ow-whisk-cm.yaml
index 222fc24..2e20623 100644
--- a/helm/openwhisk/templates/ow-whisk-cm.yaml
+++ b/helm/openwhisk/templates/ow-whisk-cm.yaml
@@ -27,11 +27,19 @@ data:
whisk_cli_version_tag: {{ .Values.whisk.versions.openwhiskCli.tag | quote }}
whisk_system_namespace: {{ .Values.whisk.systemNameSpace | quote }}
{{- if eq .Values.whisk.ingress.type "LoadBalancer" }}
+{{- if eq .Values.whisk.ingress.awsSSL "true" }}
+ whisk_api_host_proto: "http"
+ whisk_api_host_port: {{ .Values.nginx.httpPort | quote }}
+ whisk_api_host_name: "{{ .Release.Name }}-nginx.{{ .Release.Namespace }}.svc.{{ .Values.k8s.domain }}"
+ whisk_api_host_nameAndPort: "{{ .Release.Name }}-nginx.{{ .Release.Namespace }}.svc.{{ .Values.k8s.domain }}:{{ .Values.nginx.httpPort }}"
+ whisk_api_host_url: "http://{{ .Release.Name }}-nginx.{{ .Release.Namespace }}.svc.{{ .Values.k8s.domain }}:{{ .Values.nginx.httpPort }}"
+{{- else }}
whisk_api_host_proto: "https"
whisk_api_host_port: {{ .Values.nginx.httpsPort | quote }}
whisk_api_host_name: "{{ .Release.Name }}-nginx.{{ .Release.Namespace }}.svc.{{ .Values.k8s.domain }}"
whisk_api_host_nameAndPort: "{{ .Release.Name }}-nginx.{{ .Release.Namespace }}.svc.{{ .Values.k8s.domain }}:{{ .Values.nginx.httpsPort }}"
whisk_api_host_url: "https://{{ .Release.Name }}-nginx.{{ .Release.Namespace }}.svc.{{ .Values.k8s.domain }}:{{ .Values.nginx.httpsPort }}"
+{{- end }}
{{- else }}
whisk_api_host_proto: {{ .Values.whisk.ingress.apiHostProto | quote }}
whisk_api_host_port: {{ .Values.whisk.ingress.apiHostPort | quote }}
diff --git a/helm/openwhisk/values.yaml b/helm/openwhisk/values.yaml
index 4adc202..5406d8b 100644
--- a/helm/openwhisk/values.yaml
+++ b/helm/openwhisk/values.yaml
@@ -48,6 +48,7 @@ whisk:
# See the "Configuring OpenWhisk section" of the docs/k8s-*.md that matches
# your cluster type for details on what values to provide and how to get them.
ingress:
+ aws: "false"
apiHostName: ""
apiHostPort: 31001
apiHostProto: "https"