diff --git a/changelog/content/experimental/unreleased.md b/changelog/content/experimental/unreleased.md index 25a9e81d3..12a1f4fdb 100644 --- a/changelog/content/experimental/unreleased.md +++ b/changelog/content/experimental/unreleased.md @@ -31,6 +31,7 @@ version: | [#1208](https://github.com/tomkerkhove/promitor/issues/1208)) - {{% tag added %}} Provide `X-Version` response header for API endpoints ([#1209](https://github.com/tomkerkhove/promitor/issues/1209)) - {{% tag added %}} Provide capability to tweak liveness/readines probes in Helm charts ([#1350](https://github.com/tomkerkhove/promitor/issues/1350)) +- {{% tag added %}} Provide capability to expose endpoints through an internal load balancer (AKS) in Helm charts ([#1402](https://github.com/tomkerkhove/promitor/issues/1402)) - {{% tag changed %}} Show Promitor version during startup - {{% tag changed %}} Provide capability to scrape all queues in Azure Service Bus, instead of having to declare the queue name. ([#529](https://github.com/tomkerkhove/promitor/issues/529)). diff --git a/charts/promitor-agent-resource-discovery/README.md b/charts/promitor-agent-resource-discovery/README.md index 8e215f4ce..e86686cc1 100644 --- a/charts/promitor-agent-resource-discovery/README.md +++ b/charts/promitor-agent-resource-discovery/README.md @@ -86,7 +86,8 @@ their default values. | `secrets.createSecret` | Indication if you want to bring your own secret level of logging | `true` | | | `secrets.appKeySecret` | Name of the secret for Azure AD identity secret | `azure-app-key` | | `service.loadbalancer.enabled` | Indication whether or not to expose service externally through a load balancer | `false` | -| `service.loadbalancer.dnsPrefix` | Prefix for DNS name to expose the service on using `..cloudapp.azure.com` format. This setting is specific to Azure Kubernetes Service ([docs](https://docs.microsoft.com/en-us/azure/aks/static-ip#apply-a-dns-label-to-the-service)) | `` | +| `service.loadbalancer.azure.dnsPrefix` | Prefix for DNS name to expose the service on using `..cloudapp.azure.com` format. This setting is specific to Azure Kubernetes Service ([docs](https://docs.microsoft.com/en-us/azure/aks/static-ip#apply-a-dns-label-to-the-service)) | `` | +| `service.loadbalancer.azure.exposeInternally` | To restrict access to Promitor by exposing it through an internal load balancer. This setting is specific to Azure Kubernetes Service ([docs](https://docs.microsoft.com/en-us/azure/aks/internal-lb)) | `false` | | `service.port` | Port on service for other pods to talk to | `8889` | | `service.targetPort` | Port on container to serve traffic | `88` | diff --git a/charts/promitor-agent-resource-discovery/templates/service.yaml b/charts/promitor-agent-resource-discovery/templates/service.yaml index 90ba39ee1..5a074dea2 100644 --- a/charts/promitor-agent-resource-discovery/templates/service.yaml +++ b/charts/promitor-agent-resource-discovery/templates/service.yaml @@ -5,9 +5,16 @@ metadata: namespace: {{ .Release.Namespace }} labels: {{- include "promitor-agent-resource-discovery.labels" . | nindent 4 }} -{{- if and (.Values.service.loadBalancer.enabled) (.Values.service.loadBalancer.dnsPrefix) }} +{{- if .Values.service.loadBalancer.enabled }} +{{- if or (.Values.service.loadBalancer.azure.dnsPrefix) (.Values.service.loadBalancer.azure.exposeInternally) }} annotations: - service.beta.kubernetes.io/azure-dns-label-name: {{ .Values.service.loadBalancer.dnsPrefix }} + {{- if .Values.service.loadBalancer.azure.dnsPrefix }} + service.beta.kubernetes.io/azure-dns-label-name: {{ .Values.service.loadBalancer.azure.dnsPrefix }} + {{- end }} + {{- if .Values.service.loadBalancer.azure.exposeInternally }} + service.beta.kubernetes.io/azure-load-balancer-internal: "true" + {{- end }} +{{- end }} {{- end }} spec: {{- if .Values.service.loadBalancer.enabled }} diff --git a/charts/promitor-agent-resource-discovery/values.yaml b/charts/promitor-agent-resource-discovery/values.yaml index 588f0d6ed..6e53a066b 100644 --- a/charts/promitor-agent-resource-discovery/values.yaml +++ b/charts/promitor-agent-resource-discovery/values.yaml @@ -60,8 +60,10 @@ service: port: 8889 targetPort: 88 loadBalancer: - dnsPrefix: enabled: false + azure: + dnsPrefix: + exposeInternally: false health: readiness: diff --git a/charts/promitor-agent-scraper/README.md b/charts/promitor-agent-scraper/README.md index a2c05cc19..cb24a383b 100644 --- a/charts/promitor-agent-scraper/README.md +++ b/charts/promitor-agent-scraper/README.md @@ -107,7 +107,8 @@ their default values. | `service.port` | Port on service for other pods to talk to | `8888` | | `service.targetPort` | Port on container to serve traffic | `88` | | `service.loadbalancer.enabled` | Indication whether or not to expose service externally through a load balancer | `false` | -| `service.loadbalancer.dnsPrefix` | **[Azure Kubernetes Service only]** Prefix for DNS name to expose the service on using `..cloudapp.azure.com` format. ([docs](https://docs.microsoft.com/en-us/azure/aks/static-ip#apply-a-dns-label-to-the-service)) | `` | +| `service.loadbalancer.azure.dnsPrefix` | **[Azure Kubernetes Service only]** Prefix for DNS name to expose the service on using `..cloudapp.azure.com` format. ([docs](https://docs.microsoft.com/en-us/azure/aks/static-ip#apply-a-dns-label-to-the-service)) | `` | +| `service.loadbalancer.azure.exposeInternally` | To restrict access to Promitor by exposing it through an internal load balancer. This setting is specific to Azure Kubernetes Service ([docs](https://docs.microsoft.com/en-us/azure/aks/internal-lb)) | `false` | Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. For example: diff --git a/charts/promitor-agent-scraper/templates/service.yaml b/charts/promitor-agent-scraper/templates/service.yaml index a90fcec2a..7ec5d76af 100644 --- a/charts/promitor-agent-scraper/templates/service.yaml +++ b/charts/promitor-agent-scraper/templates/service.yaml @@ -5,15 +5,19 @@ metadata: namespace: {{ .Release.Namespace }} labels: {{- include "promitor-agent-scraper.labels" . | nindent 4 }} -{{- if and (.Values.service.loadBalancer.enabled) (.Values.service.loadBalancer.dnsPrefix) }} - annotations: - service.beta.kubernetes.io/azure-dns-label-name: {{ .Values.service.loadBalancer.dnsPrefix }} -{{- end }} -{{- if .Values.metricSinks.prometheusScrapingEndpoint.enableServiceDiscovery }} +{{- if or (.Values.service.loadBalancer.enabled) (.Values.metricSinks.prometheusScrapingEndpoint.enableServiceDiscovery) }} annotations: + {{- if .Values.service.loadBalancer.azure.dnsPrefix }} + service.beta.kubernetes.io/azure-dns-label-name: {{ .Values.service.loadBalancer.azure.dnsPrefix }} + {{- end }} + {{- if .Values.service.loadBalancer.azure.exposeInternally }} + service.beta.kubernetes.io/azure-load-balancer-internal: "true" + {{- end }} + {{- if .Values.metricSinks.prometheusScrapingEndpoint.enableServiceDiscovery }} prometheus.io/scrape: "true" prometheus.io/path: {{ .Values.metricSinks.prometheusScrapingEndpoint.baseUriPath | quote }} prometheus.io/port: {{ .Values.service.targetPort | quote }} + {{- end }} {{- end }} spec: {{- if .Values.service.loadBalancer.enabled }} diff --git a/charts/promitor-agent-scraper/values.yaml b/charts/promitor-agent-scraper/values.yaml index 0127e1739..15bf8e1e0 100644 --- a/charts/promitor-agent-scraper/values.yaml +++ b/charts/promitor-agent-scraper/values.yaml @@ -83,8 +83,10 @@ service: port: 8888 targetPort: 88 loadBalancer: - dnsPrefix: enabled: false + azure: + dnsPrefix: + exposeInternally: false health: readiness: