diff --git a/CHANGES.rst b/CHANGES.rst index a0406d0b..c0f373ff 100644 --- a/CHANGES.rst +++ b/CHANGES.rst @@ -8,7 +8,7 @@ Version 0.9.1 (UNRELEASED) - Adds new configuration option ``interactive_sessions.maximum_inactivity_period`` to set a limit in days for the maximum inactivity period of interactive sessions after which they will be closed. - Adds new configuration option ``interactive_sessions.cronjob_schedule`` to set how often interactive session cleanup should be performed. - Adds support for Kubernetes clusters 1.26. - - Adds new Ingress resource that uses traefik middleware to redirect HTTP requests to HTTPS, in order to support traefik v2 version. + - Adds new configuration option ``ingress.extra`` to define extra Ingress resources, in order to support redirecting HTTP requests to HTTPS with traefik v2 version. Version 0.9.0 (2023-01-26) -------------------------- diff --git a/helm/reana/README.md b/helm/reana/README.md index c6f51d2d..2b501737 100644 --- a/helm/reana/README.md +++ b/helm/reana/README.md @@ -63,6 +63,7 @@ This Helm automatically prefixes all names using the release name to avoid colli | `ingress.annotations.kubernetes.io/ingress.class` | Type of ingress controller | traefik | | `ingress.annotations.traefik.ingress.kubernetes.io/router.entrypoints` | Entrypoints allowed by the ingress controller | "web,websecure" | | `ingress.enabled` | Create an ingress resource to access the REANA instance from outside the cluster | true | +| `ingress.extra` | An array of extra ingress resources. They can be configured in the same way as the default ingress, with the addition of `ingress.extra[].name`. | [] | | `ingress.tls.secret_name` | Name of the Kubernetes secret containing the TLS certificate to be used | None | | `ingress.tls.self_signed_cert` | Enable the generation of a self-signed TLS certificate | true | | `kubernetes_jobs_memory_limit` | Maximum default memory limit for user job containers. Exceeding this limit will terminate the container. Please see the following URL for possible values https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/#meaning-of-memory. | 4Gi | diff --git a/helm/reana/templates/ingress.yaml b/helm/reana/templates/ingress.yaml index 398e65c5..9523ea01 100644 --- a/helm/reana/templates/ingress.yaml +++ b/helm/reana/templates/ingress.yaml @@ -1,56 +1,22 @@ -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - name: {{ include "reana.prefix" . }}-ingress-http - namespace: {{ .Release.Namespace }} - annotations: - kubernetes.io/ingress.class: traefik - traefik.ingress.kubernetes.io/router.entrypoints: http - traefik.ingress.kubernetes.io/router.middlewares: kube-system-redirect-scheme@kubernetescrd -spec: - rules: - - http: - paths: - - path: /api - pathType: Prefix - backend: - service: - name: {{ include "reana.prefix" . }}-server - port: - number: 80 - - path: /oauth - pathType: Prefix - backend: - service: - name: {{ include "reana.prefix" . }}-server - port: - number: 80 - {{- if .Values.components.reana_ui.enabled }} - - path: / - pathType: Prefix - backend: - service: - name: {{ include "reana.prefix" . }}-ui - port: - number: 80 - {{- end }} - {{- if .Values.reana_hostname }} - host: {{ .Values.reana_hostname }} - {{- end }} +{{- range (concat (list .Values.ingress) .Values.ingress.extra) }} --- apiVersion: networking.k8s.io/v1 kind: Ingress metadata: - name: {{ include "reana.prefix" . }}-ingress - namespace: {{ .Release.Namespace }} - {{- with .Values.ingress.annotations }} + {{- if .name }} + name: {{ include "reana.prefix" $ }}-ingress-{{ .name }} + {{- else }} + name: {{ include "reana.prefix" $ }}-ingress + {{- end }} + namespace: {{ $.Release.Namespace }} + {{- with .annotations }} annotations: {{- toYaml . | nindent 4 }} {{- end }} spec: - {{- with .Values.ingress.tls }} + {{- with .tls }} {{- if and .self_signed_cert .secret_name }} - {{- fail "Cannot set `ingress.tls.secret_name` and `ingress.tls.self_signed_cert` at the same time" }} + {{- fail "Cannot set `.tls.secret_name` and `.tls.self_signed_cert` at the same time" }} {{- end }} {{- if .self_signed_cert }} tls: @@ -68,25 +34,26 @@ spec: pathType: Prefix backend: service: - name: {{ include "reana.prefix" . }}-server + name: {{ include "reana.prefix" $ }}-server port: number: 80 - path: /oauth pathType: Prefix backend: service: - name: {{ include "reana.prefix" . }}-server + name: {{ include "reana.prefix" $ }}-server port: number: 80 - {{- if .Values.components.reana_ui.enabled }} + {{- if $.Values.components.reana_ui.enabled }} - path: / pathType: Prefix backend: service: - name: {{ include "reana.prefix" . }}-ui + name: {{ include "reana.prefix" $ }}-ui port: number: 80 {{- end }} - {{- if .Values.reana_hostname }} - host: {{ .Values.reana_hostname }} + {{- if $.Values.reana_hostname }} + host: {{ $.Values.reana_hostname }} {{- end }} +{{- end }} diff --git a/helm/reana/values.yaml b/helm/reana/values.yaml index 02d28730..19612e7b 100644 --- a/helm/reana/values.yaml +++ b/helm/reana/values.yaml @@ -127,6 +127,7 @@ ingress: traefik.ingress.kubernetes.io/router.entrypoints: web,websecure tls: self_signed_cert: true + extra: [] # Permissions serviceAccount: