refactor(istio-resource): Move all istio resource to helmfile

badhouseplants/values/values.argocd.yaml

@@ -1,4 +1,18 @@
 ---
+# ------------------------------------------
+# -- Istio extenstion. Just because I'm
+# --  not using ingress nginx
+# ------------------------------------------
+istio:
+  enabled: true
+  istio:
+    - name: argocd-http
+      gateway: badhouseplants-net
+      kind: http
+      hostname: argo.badhouseplants.net
+      service: argocd-server
+      port: 80
+
 controller:
   resources:
     limits:

badhouseplants/values/values.drone.yaml

@@ -1,3 +1,16 @@
+# ------------------------------------------
+# -- Istio extenstion. Just because I'm
+# --  not using ingress nginx
+# ------------------------------------------
+istio:
+  enabled: true
+  istio:
+    - name: drone-http
+      gateway: badhouseplants-net
+      kind: http
+      hostname: drone.badhouseplants.net
+      service: drone
+      port: 8080
 env:
   DRONE_SERVER_HOST: drone.badhouseplants.net
   DRONE_SERVER_PROTO: https

badhouseplants/values/values.funkwhale.yaml

@@ -1,4 +1,18 @@
 ---
+# ------------------------------------------
+# -- Istio extenstion. Just because I'm
+# --  not using ingress nginx
+# ------------------------------------------
+istio:
+  enabled: true
+  istio:
+    - name: funkwhale-http
+      gateway: badhouseplants-net
+      kind: http
+      hostname: funkwhale.badhouseplants.net
+      service: funkwhale
+      port: 80
+
 replicaCount: 1
 celery:
   worker:

badhouseplants/values/values.gitea.yaml

@@ -1,37 +1,25 @@
 ---
-ns:
+# ------------------------------------------
-  enabled: true
+# -- Istio extenstion. Just because I'm
-  name: gitea-service
+# --  not using ingress nginx
+# ------------------------------------------
 istio:
   enabled: true
   istio:
     - name: gitea-http
+      kind: http
       gateway: badhouseplants-net
       hostname: git.badhouseplants.net
       service: gitea-http
       port: 3000
-  templates:
+    - name: gitea-ssh
-    - |
+      kind: tcp
-        {{ range .Values.istio }}
+      gateway: badhouseplants-ssh
-        apiVersion: networking.istio.io/v1beta1
+      hostname: "*"
-        kind: VirtualService
+      port_match: 22
-        metadata:
+      service: gitea-ssh
-          name: {{ .name }}
+      port: 22
-        spec:
+
-          gateways:
-          - "istio-system/{{ .gateway }}"
-          hosts:
-          -  {{ .hostname }}
-          http:
-          - match:
-            - uri:
-                prefix: /
-            route:
-            - destination:
-                host: {{ .service }}
-                port:
-                  number: {{ .port }}
-        {{ end }}
 replicaCount: 1
 clusterDomain: cluster.local
 

badhouseplants/values/values.minecraft.yaml

@@ -10,6 +10,20 @@ service-account:
         app: minecraft-minecraft-metrics
       endpoints:
         port: metrics
+# ------------------------------------------
+# -- Istio extenstion. Just because I'm
+# --  not using ingress nginx
+# ------------------------------------------
+istio:
+  enabled: true
+  istio:
+    - name: minecraft-tcp
+      gateway: badhouseplants-minecraft
+      kind: tcp
+      port_match: 25565
+      host: "*"
+      service: minecraft-minecraft
+      port: 25565
 # --------------------------------------------------
 # -- Main values
 # --------------------------------------------------

badhouseplants/values/values.minio.yaml

@@ -1,4 +1,18 @@
 ---
+# ------------------------------------------
+# -- Istio extenstion. Just because I'm
+# --  not using ingress nginx
+# ------------------------------------------
+istio:
+  enabled: true
+  istio:
+    - name: nrodionov-http
+      gateway: nrodionov-info
+      kind: http
+      hostname: dev.nrodionov.info
+      service: nrodionov-wordpress
+      port: 8080
+
 rootUser: 'overlord'
 replicas: 1
 mode: standalone

badhouseplants/values/values.nrodionov.yaml

@@ -1,3 +1,18 @@
+---
+# ------------------------------------------
+# -- Istio extenstion. Just because I'm
+# --  not using ingress nginx
+# ------------------------------------------
+istio:
+  enabled: true
+  istio:
+    - name: minio-http
+      gateway: badhouseplants-net
+      kind: http
+      hostname: minio.badhouseplants.net
+      service: minio-console
+      port: 9001
+
 wordpressBlogName: Николай Николаевич Родионов
 wordpressUsername: admin
 wordpressFirstName: Nikolai

badhouseplants/values/values.openvpn.yaml

@@ -1,4 +1,19 @@
 ---
+# ------------------------------------------
+# -- Istio extenstion. Just because I'm
+# --  not using ingress nginx
+# ------------------------------------------
+istio:
+  enabled: true
+  istio:
+    - name: openvpn-tcp
+      gateway: badhouseplants-vpn
+      kind: tcp
+      port_match: 1194
+      host: "*"
+      service: openvpn
+      port: 1194
+
 storageClassName: longhorn
 openvpn:
   server: "tcp://195.201.250.50:1194"

bin/migrate.sh

@@ -3,4 +3,4 @@
 argo_instance=$1
 helm_name=$2
 helm_ns=$3
-kubectl get CustomResourceDefinition,PersistentVolumeClaim,EnvoyFilter,PodDisruptionBudget,sa,ValidatingWebhookConfiguration,all,cm,secret,ing,role,clusterrole,rolebindings,clusterrolebindings,MutatingWebhookConfiguration -l argocd.argoproj.io/instance=$argo_instance -l helm.sh/chart=longhorn-1.4.0 -A --no-headers --output  custom-columns="POD-NAME":.kind,"NAMESPACE":.metadata.name,"ns":.metadata.namespace | while read -r var1 var2 var3; do kubectl annotate $var1 $var2 -n $var3 "meta.helm.sh/release-namespace"="$helm_ns" "meta.helm.sh/release-name"="$helm_name" && kubectl label $var1 $var2 -n $var3 app.kubernetes.io/managed-by=Helm; done
+kubectl get CustomResourceDefinition,PersistentVolumeClaim,EnvoyFilter,PodDisruptionBudget,sa,ValidatingWebhookConfiguration,all,cm,secret,ing,role,clusterrole,rolebindings,clusterrolebindings,MutatingWebhookConfiguration -l argocd.argoproj.io/instance=$argo_instance -l helm.sh/chart=longhorn-1.4.0 -A --no-headers --output  custom-columns="POD-NAME":.kind,"NAMESPACE":.metadata.name,"ns":.metadata.namespace | while read -r var1 var2 var3; do kubectl annotate $var1 $var2 -n $var3 "meta.helm.sh/release-namewspace"="$helm_ns" "meta.helm.sh/release-name"="$helm_name" && kubectl label $var1 $var2 -n $var3 app.kubernetes.io/managed-by=Helm; done

common/values.istio.yaml

@@ -0,0 +1,36 @@
+---
+istio:
+  templates:
+    - |
+        {{ range .Values.istio }}
+        ---
+        apiVersion: networking.istio.io/v1beta1
+        kind: VirtualService
+        metadata:
+          name: {{ .name }}
+        spec:
+          gateways:
+          - "istio-system/{{ .gateway }}"
+          hosts:
+          -  {{ .hostname | quote }}
+          {{- if eq  .kind "http" }}
+          http:
+          - match:
+            - uri:
+                prefix: /
+            route:
+            - destination:
+                host: {{ .service }}
+                port:
+                  number: {{ .port }}
+          {{- else if eq  .kind "tcp" }}
+          tcp:
+          - match:
+            - port: {{ .port_match }}
+            route:
+            - destination:
+                host: {{ .service }}
+                port:
+                  number: {{ .port }}
+          {{ end }}
+        {{ end }}

etersoft/values/values.minio.yaml

@@ -1,4 +1,23 @@
 ---
+# ------------------------------------------
+# -- Istio extenstion. Just because I'm
+# --  not using ingress nginx
+# ------------------------------------------
+istio:
+  enabled: true
+  istio:
+    - name: minio-http
+      gateway: badhouseplants-net
+      kind: http
+      hostname: min.e.badhouseplants.net
+      service: minio-console
+      port: 9001
+    - name: s3-http
+      gateway: badhouseplants-net
+      kind: http
+      hostname: s3.e.badhouseplants.net
+      service: minio
+      port: 9000
 rootUser: 'overlord'
 replicas: 1
 mode: standalone

etersoft/values/values.openvpn.yaml

@@ -1,4 +1,19 @@
 ---
+# ------------------------------------------
+# -- Istio extenstion. Just because I'm
+# --  not using ingress nginx
+# ------------------------------------------
+istio:
+  enabled: true
+  istio:
+    - name: openvpn-tcp
+      gateway: etersoft-vp
+      kind: tcp
+      port_match: 1194
+      host: "*"
+      service: openvpn
+      port: 1194
+
 storageClassName: microk8s-hostpath
 openvpn:
   server: "tcp://91.232.225.63:1194"

releases.yaml

@@ -92,6 +92,7 @@ templates:
     inherit:
       - template: default-env-values
       - template: default-env-secrets
+      - template: ext-istio-resource
   # ----------------------------
   # -- Istio
   # ----------------------------
@@ -130,6 +131,8 @@ templates:
     version: 1.0.3
     inherit:
       - template: default-env-values
+      - template: ext-istio-resource
+
 
   drone: &drone
     name: drone
@@ -138,6 +141,7 @@ templates:
     inherit:
       - template: default-env-values
       - template: default-env-secrets
+      - template: ext-istio-resource
 
   drone-runner-kube: &drone-runner-kube
     name: drone-runner-kube
@@ -154,6 +158,8 @@ templates:
     inherit:
       - template: default-env-values
       - template: default-env-secrets
+      - template: ext-istio-resource
+
 
   minio: &minio
     name: minio
@@ -162,6 +168,8 @@ templates:
     inherit:
       - template: default-env-values
       - template: default-env-secrets
+      - template: ext-istio-resource
+
 
   minecraft: &minecraft
     name: minecraft
@@ -169,6 +177,8 @@ templates:
     version: 4.7.3
     inherit:
       - template: default-env-values
+      - template: ext-istio-resource
+
 
   gitea: &gitea
     name: gitea
@@ -186,3 +196,5 @@ templates:
     inherit:
       - template: default-env-values
       - template: default-env-secrets
+      - template: ext-istio-resource
+