[stable/spring-cloud-data-flow] Add support for restricting load bala… (

#19727) * [stable/spring-cloud-data-flow] Add support for restricting load balancer by IP ranges Signed-off-by: Viktor Radnai <viktor.radnai@gmail.com> * Fix linting error Signed-off-by: Viktor Radnai <viktor.radnai@gmail.com>
helm · Jan 2, 2020 · 95280d2 · 95280d2
1 parent 5978272
commit 95280d2
Show file tree

Hide file tree

Showing 5 changed files with 26 additions and 13 deletions.
diff --git a/stable/spring-cloud-data-flow/Chart.yaml b/stable/spring-cloud-data-flow/Chart.yaml
@@ -1,7 +1,7 @@
 apiVersion: v1
 description: Toolkit for building data processing pipelines.
 name: spring-cloud-data-flow
-version: 2.5.1
+version: 2.5.2
 appVersion: 2.3.0.RELEASE
 home: http://cloud.spring.io/spring-cloud-dataflow/
 sources:

diff --git a/stable/spring-cloud-data-flow/README.md b/stable/spring-cloud-data-flow/README.md
@@ -30,6 +30,13 @@ If you are using a cluster that does not have a load balancer (like Minikube) th
 $ helm install --name my-release --set server.service.type=NodePort stable/spring-cloud-data-flow
 ```
 
+To restrict the load balancer to an IP address range:
+
+```bash
+$ helm install --name my-release  --set server.service.loadBalancerSourceRanges='[10.0.0.0/8]' stable/spring-cloud-data-flow
+```
+
+
 ### Data Store
 
 By default, MySQL is deployed with this chart. However, if you wish to use an external database, please use the following `set` flags to the `helm` command to disable MySQL deployment, for example:
@@ -102,17 +109,18 @@ The following tables list the configurable parameters and their default values.
 
 ### Data Flow Server Configuration
 
-| Parameter                         | Description                                                        | Default          |
-| --------------------------------- | ------------------------------------------------------------------ | ---------------- |
-| server.version                    | The version/tag of the Data Flow server                            | 2.3.0.RELEASE
-| server.imagePullPolicy            | The imagePullPolicy of the Data Flow server                        | IfNotPresent
-| server.service.type               | The service type for the Data Flow server                          | LoadBalancer
-| server.service.annotations        | Extra annotations for service resource                             | {}
-| server.service.externalPort       | The external port for the Data Flow server                         | 80
-| server.service.labels             | Extra labels for the service resource                              | {}
-| server.platformName               | The name of the configured platform account                        | default
-| server.configMap                  | Custom ConfigMap name for Data Flow server configuration           |
-| server.trustCerts                 | Trust self signed certs                                            | false
+| Parameter                               | Description                                                        | Default          |
+| --------------------------------------- | ------------------------------------------------------------------ | ---------------- |
+| server.version                          | The version/tag of the Data Flow server                            | 2.3.0.RELEASE
+| server.imagePullPolicy                  | The imagePullPolicy of the Data Flow server                        | IfNotPresent
+| server.service.type                     | The service type for the Data Flow server                          | LoadBalancer
+| server.service.annotations              | Extra annotations for service resource                             | {}
+| server.service.externalPort             | The external port for the Data Flow server                         | 80
+| server.service.labels                   | Extra labels for the service resource                              | {}
+| server.service.loadBalancerSourceRanges | A list of IP address ranges to allow through the load balancer     | no restriction
+| server.platformName                     | The name of the configured platform account                        | default
+| server.configMap                        | Custom ConfigMap name for Data Flow server configuration           |
+| server.trustCerts                       | Trust self signed certs                                            | false
 
 ### Skipper Server Configuration
 

diff --git a/stable/spring-cloud-data-flow/templates/server-service.yaml b/stable/spring-cloud-data-flow/templates/server-service.yaml
@@ -18,6 +18,10 @@ metadata:
 spec:
   # If you are running k8s on a local dev box, you can use type NodePort instead
   type: {{ .Values.server.service.type }}
+{{- if .Values.server.service.loadBalancerSourceRanges }}
+  loadBalancerSourceRanges:
+{{ toYaml .Values.server.service.loadBalancerSourceRanges | indent 4 }}
+{{- end }}
   ports:
     - port: {{ .Values.server.service.externalPort }}
       targetPort: http

diff --git a/stable/spring-cloud-data-flow/templates/skipper-deployment.yaml b/stable/spring-cloud-data-flow/templates/skipper-deployment.yaml
@@ -109,7 +109,7 @@ spec:
         command: ['sh', '-c', 'until nc -w3 -z {{ template "scdf.database.host" . }} {{ template "scdf.database.port" . }}; do echo waiting for database; sleep 3; done;']
       {{- if .Values.mysql.enabled }}
       - name: init-mysql-database
-        image: {{ .Values.mysql.image }}:{{ .Values.mysql.imageTag }}
+        image: "{{ .Values.mysql.image }}:{{ .Values.mysql.imageTag }}"
         imagePullPolicy: {{ .Values.mysql.imagePullPolicy }}
         env:
         - name: MYSQL_PWD

diff --git a/stable/spring-cloud-data-flow/values.yaml b/stable/spring-cloud-data-flow/values.yaml
@@ -27,6 +27,7 @@ server:
     externalPort: 80
     annotations: {}
     labels: {}
+    loadBalancerSourceRanges: []
   configMap:
   resources: {}
   #  limits: