디렉토리 구조 및 각 서비스 추가
This commit is contained in:
dsk-minchulahn
70
helm/teleport-cluster/templates/proxy/service.yaml
Normal file
70
helm/teleport-cluster/templates/proxy/service.yaml
Normal file
@@ -0,0 +1,70 @@
|
||||
{{- $proxy := mustMergeOverwrite (mustDeepCopy .Values) .Values.proxy -}}
|
||||
{{- $backendProtocol := ternary "ssl" "tcp" (hasKey $proxy.annotations.service "service.beta.kubernetes.io/aws-load-balancer-ssl-cert") -}}
|
||||
{{- /* Fail early if proxy service type is set to LoadBalancer when ingress.enabled=true */ -}}
|
||||
{{- if and $proxy.ingress.enabled (eq $proxy.service.type "LoadBalancer") -}}
|
||||
{{- fail "proxy.service.type must not be LoadBalancer when using an ingress - any load balancer should be provisioned by your ingress controller. Set proxy.service.type=ClusterIP instead" -}}
|
||||
{{- end -}}
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: {{ .Release.Name }}
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels: {{- include "teleport-cluster.proxy.labels" . | nindent 4 }}
|
||||
{{- if (or ($proxy.annotations.service) (eq $proxy.chartMode "aws")) }}
|
||||
annotations:
|
||||
{{- if and (eq $proxy.chartMode "aws") (not $proxy.ingress.enabled) }}
|
||||
{{- if not (hasKey $proxy.annotations.service "service.beta.kubernetes.io/aws-load-balancer-backend-protocol")}}
|
||||
service.beta.kubernetes.io/aws-load-balancer-backend-protocol: {{ $backendProtocol }}
|
||||
{{- end }}
|
||||
{{- if not (or (hasKey $proxy.annotations.service "service.beta.kubernetes.io/aws-load-balancer-cross-zone-load-balancing-enabled") (hasKey $proxy.annotations.service "service.beta.kubernetes.io/aws-load-balancer-attributes"))}}
|
||||
service.beta.kubernetes.io/aws-load-balancer-cross-zone-load-balancing-enabled: "true"
|
||||
{{- end }}
|
||||
{{- if not (hasKey $proxy.annotations.service "service.beta.kubernetes.io/aws-load-balancer-type")}}
|
||||
service.beta.kubernetes.io/aws-load-balancer-type: nlb
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- if $proxy.annotations.service }}
|
||||
{{- toYaml $proxy.annotations.service | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
spec:
|
||||
type: {{ default "LoadBalancer" $proxy.service.type }}
|
||||
{{- with $proxy.service.spec }}
|
||||
{{- toYaml . | nindent 2 }}
|
||||
{{- end }}
|
||||
ports:
|
||||
- name: tls
|
||||
port: 443
|
||||
targetPort: 3080
|
||||
protocol: TCP
|
||||
{{- if ne $proxy.proxyListenerMode "multiplex" }}
|
||||
- name: sshproxy
|
||||
port: 3023
|
||||
targetPort: 3023
|
||||
protocol: TCP
|
||||
- name: k8s
|
||||
port: 3026
|
||||
targetPort: 3026
|
||||
protocol: TCP
|
||||
- name: sshtun
|
||||
port: 3024
|
||||
targetPort: 3024
|
||||
protocol: TCP
|
||||
- name: mysql
|
||||
port: 3036
|
||||
targetPort: 3036
|
||||
protocol: TCP
|
||||
{{- if $proxy.separatePostgresListener }}
|
||||
- name: postgres
|
||||
port: 5432
|
||||
targetPort: 5432
|
||||
protocol: TCP
|
||||
{{- end }}
|
||||
{{- if $proxy.separateMongoListener }}
|
||||
- name: mongo
|
||||
port: 27017
|
||||
targetPort: 27017
|
||||
protocol: TCP
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
selector: {{- include "teleport-cluster.proxy.selectorLabels" . | nindent 4 }}
|
||||
Reference in New Issue
Block a user