From c4d4fefad794630aa938d3606aea55d19ad5e04d Mon Sep 17 00:00:00 2001 From: ddl-ebrown Date: Wed, 31 Jan 2024 15:05:39 -0800 Subject: [PATCH] Add support for ingressClassName in ingress - ingressClassName field was added in k8s 1.18, and effectively replaces the unofficially supported annotation `ingress.class` https://kubernetes.io/docs/concepts/services-networking/ingress/#deprecated-annotation Signed-off-by: ddl-ebrown --- charts/flyte-core/README.md | 3 ++- charts/flyte-core/templates/common/ingress.yaml | 2 ++ charts/flyte-core/values.yaml | 2 ++ deployment/eks/flyte_aws_scheduler_helm_generated.yaml | 2 ++ deployment/eks/flyte_helm_controlplane_generated.yaml | 2 ++ deployment/eks/flyte_helm_dataplane_generated.yaml | 2 ++ deployment/eks/flyte_helm_generated.yaml | 2 ++ deployment/gcp/flyte_helm_controlplane_generated.yaml | 2 ++ deployment/gcp/flyte_helm_dataplane_generated.yaml | 2 ++ deployment/gcp/flyte_helm_generated.yaml | 2 ++ deployment/sandbox/flyte_helm_generated.yaml | 1 + 11 files changed, 21 insertions(+), 1 deletion(-) diff --git a/charts/flyte-core/README.md b/charts/flyte-core/README.md index 1322a1fa3a..13f4735c4d 100644 --- a/charts/flyte-core/README.md +++ b/charts/flyte-core/README.md @@ -73,13 +73,14 @@ helm install gateway bitnami/contour -n flyte | cluster_resource_manager.service_account_name | string | `"flyteadmin"` | Service account name to run with | | cluster_resource_manager.templates | list | `[{"key":"aa_namespace","value":"apiVersion: v1\nkind: Namespace\nmetadata:\n name: {{ namespace }}\nspec:\n finalizers:\n - kubernetes\n"},{"key":"ab_project_resource_quota","value":"apiVersion: v1\nkind: ResourceQuota\nmetadata:\n name: project-quota\n namespace: {{ namespace }}\nspec:\n hard:\n limits.cpu: {{ projectQuotaCpu }}\n limits.memory: {{ projectQuotaMemory }}\n"}]` | Resource templates that should be applied | | cluster_resource_manager.templates[0] | object | `{"key":"aa_namespace","value":"apiVersion: v1\nkind: Namespace\nmetadata:\n name: {{ namespace }}\nspec:\n finalizers:\n - kubernetes\n"}` | Template for namespaces resources | -| common | object | `{"databaseSecret":{"name":"","secretManifest":{}},"flyteNamespaceTemplate":{"enabled":false},"ingress":{"albSSLRedirect":false,"annotations":{"nginx.ingress.kubernetes.io/app-root":"/console"},"enabled":true,"separateGrpcIngress":false,"separateGrpcIngressAnnotations":{"nginx.ingress.kubernetes.io/backend-protocol":"GRPC"},"tls":{"enabled":false},"webpackHMR":false}}` | ---------------------------------------------- COMMON SETTINGS | +| common | object | `{"databaseSecret":{"name":"","secretManifest":{}},"flyteNamespaceTemplate":{"enabled":false},"ingress":{"albSSLRedirect":false,"annotations":{"nginx.ingress.kubernetes.io/app-root":"/console"},"enabled":true,"ingressClassName":null,"separateGrpcIngress":false,"separateGrpcIngressAnnotations":{"nginx.ingress.kubernetes.io/backend-protocol":"GRPC"},"tls":{"enabled":false},"webpackHMR":false}}` | ---------------------------------------------- COMMON SETTINGS | | common.databaseSecret.name | string | `""` | Specify name of K8s Secret which contains Database password. Leave it empty if you don't need this Secret | | common.databaseSecret.secretManifest | object | `{}` | Specify your Secret (with sensitive data) or pseudo-manifest (without sensitive data). See https://github.com/godaddy/kubernetes-external-secrets | | common.flyteNamespaceTemplate.enabled | bool | `false` | - Enable or disable creating Flyte namespace in template. Enable when using helm as template-engine only. Disable when using `helm install ...`. | | common.ingress.albSSLRedirect | bool | `false` | - albSSLRedirect adds a special route for ssl redirect. Only useful in combination with the AWS LoadBalancer Controller. | | common.ingress.annotations | object | `{"nginx.ingress.kubernetes.io/app-root":"/console"}` | - Ingress annotations applied to both HTTP and GRPC ingresses. | | common.ingress.enabled | bool | `true` | - Enable or disable creating Ingress for Flyte. Relevant to disable when using e.g. Istio as ingress controller. | +| common.ingress.ingressClassName | string | `nil` | - Sets the ingressClassName | | common.ingress.separateGrpcIngress | bool | `false` | - separateGrpcIngress puts GRPC routes into a separate ingress if true. Required for certain ingress controllers like nginx. | | common.ingress.separateGrpcIngressAnnotations | object | `{"nginx.ingress.kubernetes.io/backend-protocol":"GRPC"}` | - Extra Ingress annotations applied only to the GRPC ingress. Only makes sense if `separateGrpcIngress` is enabled. | | common.ingress.tls | object | `{"enabled":false}` | - Ingress hostname host: | diff --git a/charts/flyte-core/templates/common/ingress.yaml b/charts/flyte-core/templates/common/ingress.yaml index 2a45152a0b..6482d32ff4 100644 --- a/charts/flyte-core/templates/common/ingress.yaml +++ b/charts/flyte-core/templates/common/ingress.yaml @@ -163,6 +163,7 @@ metadata: annotations: {{ tpl (toYaml .) $ | nindent 4}} {{- end }} spec: + ingressClassName: {{ .Values.common.ingress.ingressClassName | quote }} rules: - http: paths: @@ -485,6 +486,7 @@ metadata: {{- toYaml . | nindent 4}} {{- end }} spec: + ingressClassName: {{ .Values.common.ingress.ingressClassName | quote }} rules: - host: {{ tpl (toYaml .Values.common.ingress.host) $ }} http: diff --git a/charts/flyte-core/values.yaml b/charts/flyte-core/values.yaml index a7367052fe..16c34a886c 100755 --- a/charts/flyte-core/values.yaml +++ b/charts/flyte-core/values.yaml @@ -426,6 +426,8 @@ common: # -- Specify your Secret (with sensitive data) or pseudo-manifest (without sensitive data). See https://github.com/godaddy/kubernetes-external-secrets secretManifest: {} ingress: + # --- Sets the ingressClassName + ingressClassName: # --- Enable or disable creating Ingress for Flyte. Relevant to disable when using e.g. Istio as ingress controller. enabled: true # --- Enable or disable HMR route to flyteconsole. This is useful only for frontend development. diff --git a/deployment/eks/flyte_aws_scheduler_helm_generated.yaml b/deployment/eks/flyte_aws_scheduler_helm_generated.yaml index 77e62001f8..81633f940f 100644 --- a/deployment/eks/flyte_aws_scheduler_helm_generated.yaml +++ b/deployment/eks/flyte_aws_scheduler_helm_generated.yaml @@ -1394,6 +1394,7 @@ metadata: kubernetes.io/ingress.class: alb nginx.ingress.kubernetes.io/app-root: /console spec: + ingressClassName: rules: - http: paths: @@ -1563,6 +1564,7 @@ metadata: alb.ingress.kubernetes.io/backend-protocol-version: GRPC nginx.ingress.kubernetes.io/backend-protocol: GRPC spec: + ingressClassName: rules: - host: null http: diff --git a/deployment/eks/flyte_helm_controlplane_generated.yaml b/deployment/eks/flyte_helm_controlplane_generated.yaml index 983b6402cc..1957552eca 100644 --- a/deployment/eks/flyte_helm_controlplane_generated.yaml +++ b/deployment/eks/flyte_helm_controlplane_generated.yaml @@ -1020,6 +1020,7 @@ metadata: kubernetes.io/ingress.class: alb nginx.ingress.kubernetes.io/app-root: /console spec: + ingressClassName: rules: - http: paths: @@ -1189,6 +1190,7 @@ metadata: alb.ingress.kubernetes.io/backend-protocol-version: GRPC nginx.ingress.kubernetes.io/backend-protocol: GRPC spec: + ingressClassName: rules: - host: null http: diff --git a/deployment/eks/flyte_helm_dataplane_generated.yaml b/deployment/eks/flyte_helm_dataplane_generated.yaml index dfdf24d923..afda5cdbfe 100644 --- a/deployment/eks/flyte_helm_dataplane_generated.yaml +++ b/deployment/eks/flyte_helm_dataplane_generated.yaml @@ -593,6 +593,7 @@ metadata: kubernetes.io/ingress.class: alb nginx.ingress.kubernetes.io/app-root: /console spec: + ingressClassName: rules: - http: paths: @@ -762,6 +763,7 @@ metadata: alb.ingress.kubernetes.io/backend-protocol-version: GRPC nginx.ingress.kubernetes.io/backend-protocol: GRPC spec: + ingressClassName: rules: - host: null http: diff --git a/deployment/eks/flyte_helm_generated.yaml b/deployment/eks/flyte_helm_generated.yaml index 29fc7851f5..bee27a293d 100644 --- a/deployment/eks/flyte_helm_generated.yaml +++ b/deployment/eks/flyte_helm_generated.yaml @@ -1513,6 +1513,7 @@ metadata: kubernetes.io/ingress.class: alb nginx.ingress.kubernetes.io/app-root: /console spec: + ingressClassName: rules: - http: paths: @@ -1682,6 +1683,7 @@ metadata: alb.ingress.kubernetes.io/backend-protocol-version: GRPC nginx.ingress.kubernetes.io/backend-protocol: GRPC spec: + ingressClassName: rules: - host: null http: diff --git a/deployment/gcp/flyte_helm_controlplane_generated.yaml b/deployment/gcp/flyte_helm_controlplane_generated.yaml index b040ebafd5..e419e11c2a 100644 --- a/deployment/gcp/flyte_helm_controlplane_generated.yaml +++ b/deployment/gcp/flyte_helm_controlplane_generated.yaml @@ -1029,6 +1029,7 @@ metadata: nginx.ingress.kubernetes.io/app-root: /console nginx.ingress.kubernetes.io/ssl-redirect: "true" spec: + ingressClassName: rules: - http: paths: @@ -1189,6 +1190,7 @@ metadata: nginx.ingress.kubernetes.io/ssl-redirect: "true" nginx.ingress.kubernetes.io/backend-protocol: GRPC spec: + ingressClassName: rules: - host: '' http: diff --git a/deployment/gcp/flyte_helm_dataplane_generated.yaml b/deployment/gcp/flyte_helm_dataplane_generated.yaml index ad9ca845f9..4ca7be9cce 100644 --- a/deployment/gcp/flyte_helm_dataplane_generated.yaml +++ b/deployment/gcp/flyte_helm_dataplane_generated.yaml @@ -594,6 +594,7 @@ metadata: nginx.ingress.kubernetes.io/app-root: /console nginx.ingress.kubernetes.io/ssl-redirect: "true" spec: + ingressClassName: rules: - http: paths: @@ -754,6 +755,7 @@ metadata: nginx.ingress.kubernetes.io/ssl-redirect: "true" nginx.ingress.kubernetes.io/backend-protocol: GRPC spec: + ingressClassName: rules: - host: '' http: diff --git a/deployment/gcp/flyte_helm_generated.yaml b/deployment/gcp/flyte_helm_generated.yaml index 2ba2f62aed..898b6bf7dd 100644 --- a/deployment/gcp/flyte_helm_generated.yaml +++ b/deployment/gcp/flyte_helm_generated.yaml @@ -1529,6 +1529,7 @@ metadata: nginx.ingress.kubernetes.io/app-root: /console nginx.ingress.kubernetes.io/ssl-redirect: "true" spec: + ingressClassName: rules: - http: paths: @@ -1689,6 +1690,7 @@ metadata: nginx.ingress.kubernetes.io/ssl-redirect: "true" nginx.ingress.kubernetes.io/backend-protocol: GRPC spec: + ingressClassName: rules: - host: '' http: diff --git a/deployment/sandbox/flyte_helm_generated.yaml b/deployment/sandbox/flyte_helm_generated.yaml index e882b9d291..4ccfce9eff 100644 --- a/deployment/sandbox/flyte_helm_generated.yaml +++ b/deployment/sandbox/flyte_helm_generated.yaml @@ -7544,6 +7544,7 @@ metadata: annotations: nginx.ingress.kubernetes.io/app-root: /console spec: + ingressClassName: rules: - http: paths: