From df48d4501875e3a2ce7cfb917b93db2dfe1566c1 Mon Sep 17 00:00:00 2001 From: Nikolai Rodionov Date: Sun, 19 Feb 2023 13:22:48 +0000 Subject: [PATCH] Migrate OpenVPN (#10) Reviewed-on: https://git.badhouseplants.net/badhouseplants/k8s-cluster-config/pulls/10 --- ....yaml => values.istio-ingressgateway.yaml} | 0 bin/migrate.sh | 2 +- ....yaml => values.istio-ingressgateway.yaml} | 4 ++++ etersoft/values/values.openvpn.yaml | 20 +------------------ helmfile.yaml | 9 +++++++-- releases.yaml | 4 ++-- 6 files changed, 15 insertions(+), 24 deletions(-) rename badhouseplants/values/{values.istio-gateway.yaml => values.istio-ingressgateway.yaml} (100%) rename etersoft/values/{values.istio-gateway.yaml => values.istio-ingressgateway.yaml} (78%) diff --git a/badhouseplants/values/values.istio-gateway.yaml b/badhouseplants/values/values.istio-ingressgateway.yaml similarity index 100% rename from badhouseplants/values/values.istio-gateway.yaml rename to badhouseplants/values/values.istio-ingressgateway.yaml diff --git a/bin/migrate.sh b/bin/migrate.sh index b9ef8a9..8224a61 100755 --- a/bin/migrate.sh +++ b/bin/migrate.sh @@ -1,3 +1,3 @@ #kubectl get all,cm,secret,ing,role,clusterrole,rolebindings,clusterrolebindings -l app.kubernetes.io/managed-by=Helm -l app.kubernetes.io/instance=cert-manager -A --no-headers --output custom-columns="POD-NAME":.kind,"NAMESPACE":.metadata.name | while read -r var1 var2; do kubectl annotate $var1 $var2 "meta.helm.sh/release-namespace"="cert-manager" "meta.helm.sh/release-name"="cert-manager" --overwrite; done -kubectl get EnvoyFilter,PodDisruptionBudget,sa,ValidatingWebhookConfiguration,all,cm,secret,ing,role,clusterrole,rolebindings,clusterrolebindings,MutatingWebhookConfiguration -l argocd.argoproj.io/instance=istiod -A --no-headers --output custom-columns="POD-NAME":.kind,"NAMESPACE":.metadata.name,"ns":.metadata.namespace | while read -r var1 var2 var3; do kubectl annotate $var1 $var2 -n $var3 "meta.helm.sh/release-namespace"="istio-system" "meta.helm.sh/release-name"="istiod" && kubectl label $var1 $var2 -n $var3 app.kubernetes.io/managed-by=Helm; done +kubectl get PersistentVolumeClaim,EnvoyFilter,PodDisruptionBudget,sa,ValidatingWebhookConfiguration,all,cm,secret,ing,role,clusterrole,rolebindings,clusterrolebindings,MutatingWebhookConfiguration -l argocd.argoproj.io/instance=istio-ingressgateway -A --no-headers --output custom-columns="POD-NAME":.kind,"NAMESPACE":.metadata.name,"ns":.metadata.namespace | while read -r var1 var2 var3; do kubectl annotate $var1 $var2 -n $var3 "meta.helm.sh/release-namespace"="istio-system" "meta.helm.sh/release-name"="istio-ingressgateway" && kubectl label $var1 $var2 -n $var3 app.kubernetes.io/managed-by=Helm; done diff --git a/etersoft/values/values.istio-gateway.yaml b/etersoft/values/values.istio-ingressgateway.yaml similarity index 78% rename from etersoft/values/values.istio-gateway.yaml rename to etersoft/values/values.istio-ingressgateway.yaml index 58caaaf..4f93e51 100644 --- a/etersoft/values/values.istio-gateway.yaml +++ b/etersoft/values/values.istio-ingressgateway.yaml @@ -14,4 +14,8 @@ service: port: 443 protocol: TCP targetPort: 443 + - name: openvpn + port: 1194 + protocol: TCP + targetPort: 1194 diff --git a/etersoft/values/values.openvpn.yaml b/etersoft/values/values.openvpn.yaml index 9173f4b..f389024 100644 --- a/etersoft/values/values.openvpn.yaml +++ b/etersoft/values/values.openvpn.yaml @@ -23,22 +23,4 @@ istio-resources: name: openvpn number: 1194 protocol: TCP - # virtual_services: - # - metadata: - # name: openvpn - # spec: - # hosts: - # - '*' - # gateways: - # - istio-system/etersoft-vpn - # tcp: - # - match: - # - port: 1194 - # route: - # - destination: - # host: openvpn - # port: - # number: 1194 - # - # - # + diff --git a/helmfile.yaml b/helmfile.yaml index 76299d8..27ccbe9 100644 --- a/helmfile.yaml +++ b/helmfile.yaml @@ -6,7 +6,7 @@ bases: - repositories.yaml releases: - - <<: *metrics-server + - <<: *metrics-server installed: true namespace: kube-system createNamespace: false @@ -26,10 +26,15 @@ releases: namespace: istio-system createNamespace: false - - <<: *cert-manager + - <<: *cert-manager installed: true namespace: cert-manager createNamespace: false + + - <<: *openvpn + installed: true + namespace: openvpn-service + createNamespace: false helmfiles: - path: {{.Environment.Name }}/helmfile.yaml diff --git a/releases.yaml b/releases.yaml index 4d17d80..ccf2d0d 100644 --- a/releases.yaml +++ b/releases.yaml @@ -58,7 +58,7 @@ templates: - template: istio-version istio-gateway: &istio-gateway - name: istio-gateway + name: istio-ingressgateway chart: istio/gateway inherit: - template: istio-version @@ -77,7 +77,7 @@ templates: openvpn: &openvpn name: openvpn chart: allanger-charts/openvpn - version: 1.0.1 + version: 1.0.3 inherit: - template: default-env-values