Skip to content

Commit

Permalink
Merge pull request #20 from datawire/nkrause/v6.1.0
Browse files Browse the repository at this point in the history
Nkrause/v6.1.0
  • Loading branch information
iNoahNothing authored Jan 28, 2020
2 parents 2f047e9 + 3454dc0 commit db81273
Show file tree
Hide file tree
Showing 14 changed files with 103 additions and 29 deletions.
9 changes: 9 additions & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,15 @@
This file documents all notable changes to Ambassador Helm Chart. The release
numbering uses [semantic versioning](http://semver.org).

## v6.1.0

Minor improvements including:

- Adds: Option to set `restartPolicy`
- Adds: Option to give the AES license key secret a custom name
- Fixes: Assumption that the AES will be installed only from the `datawire/aes` repository. The `enableAES` flag now configures whether the AES is installed.
- Clarification on how to install OSS

## v6.0.0

Introduces Ambassador Edge Stack being installed by default.
Expand Down
2 changes: 1 addition & 1 deletion Chart.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@ appVersion: 1.0.0
ossVersion: 0.86.1
description: A Helm chart for Datawire Ambassador
name: ambassador
version: 6.0.0
version: 6.1.0
icon: https://www.getambassador.io/images/logo.png
home: https://www.getambassador.io/
sources:
Expand Down
28 changes: 22 additions & 6 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -39,6 +39,25 @@ It is recommended to use the ambassador namespace for easy upgrades.

The [configuration](#configuration) section lists the parameters that can be configured during installation.

### Ambassador Edge Stack Installation

This chart defaults to installing The Ambassador Edge Stack with all of its configuration objects.

- A Redis instance
- `AuthService` resource for enabling authentication
- `RateLimitService` resource for enabling rate limiting
- `Mapping`s for internal request routing

If installing alongside another deployment of Ambassador, some of these resources can cause configuration errors since only one `AuthService` or `RateLimitService` can be configured at a time.

If you already have one of these resources configured in your cluster, please see the [configuration](#configuration) section below for information on how to disable them in the chart.

### Ambassador OSS Installation

This chart can still be used to install Ambassador OSS.

To install OSS, change the `image` to use the OSS image and set `enableAES: false` to skip the install of any AES resources.

## Uninstalling the Chart

To uninstall/delete the `my-release` deployment:
Expand Down Expand Up @@ -92,6 +111,7 @@ The following tables lists the configurable parameters of the Ambassador chart a
| `replicaCount` | Number of Ambassador replicas | `3` |
| `resources` | CPU/memory resource requests/limits | `{}` |
| `securityContext` | Set security context for pod | `{ "runAsUser": "8888" }` |
| `restartPolicy` | Set the `restartPolicy` for pods | `` |
| `initContainers` | Containers used to initialize context for pods | `[]` |
| `sidecarContainers` | Containers that share the pod context | `[]` |
| `livenessProbe.initialDelaySeconds` | Initial delay (s) for Ambassador pod's liveness probe | `30` |
Expand All @@ -110,8 +130,10 @@ The following tables lists the configurable parameters of the Ambassador chart a
| `serviceAccount.name` | Service account to be used | `ambassador` |
| `volumeMounts` | Volume mounts for the ambassador service | `[]` |
| `volumes` | Volumes for the ambassador service | `[]` |
| `enableAES` | Create the [AES configuration objects](#ambassador-edge-stack-installation) | `true` |
| `licenseKey.value` | Ambassador Edge Stack license. Empty will install in evaluation mode. | `` |
| `licenseKey.createSecret` | Set to `false` if installing mutltiple Ambassdor Edge Stacks in a namespace. | `true` |
| `licenseKey.secretName` | Name of the secret to store Ambassador license key in. | `` |
| `redisURL` | URL of redis instance not created by the release | `""` |
| `redis.create` | Create a basic redis instance with default configurations | `true` |
| `redis.annotations` | Annotations for the redis service and deployment | `""` |
Expand Down Expand Up @@ -143,12 +165,6 @@ By default, this chart will install the latest image of The Ambassador Edge
Stack which will replace your existing deployment of Ambassador with no changes
to functionality.

See the installation notes for instructions on how to enable the advanced
features of The Ambassador Edge Stack.

To install the Ambassador API Gateway, simply change the `image` to your
desired version of the Ambassador API Gateway.

### CRDs

This helm chart includes the creation of the core CRDs Ambassador uses for
Expand Down
2 changes: 2 additions & 0 deletions ci/tests/values_templates/oss.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -7,3 +7,5 @@ service:

deploymentStrategy:
type: Recreate

enableAES: false
14 changes: 14 additions & 0 deletions ci/tests/values_templates/single-namespace.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,14 @@
service:
type: NodePort

deploymentStrategy:
type: Recreate

## This does not work. Waiting on fix for APro code watching for all namespaces
##

# scope:
# singleNamespace: true

env:
AMBASSADOR_SINGLE_NAMESPACE: true
43 changes: 30 additions & 13 deletions templates/NOTES.txt
Original file line number Diff line number Diff line change
@@ -1,12 +1,37 @@
-------------------------------------------------------------------------------
{{- if contains "datawire/aes" .Values.image.repository }}
{{- if .Values.enableAES }}
Congratulations! You have successfully installed The Ambassador Edge Stack!

{{- if empty .Values.licenseKey.value }}
-------------------------------------------------------------------------------
NOTE: You are currently running The Ambassador Edge Stack in EVALUATION MODE.

Request a free community license key at https://SERVICE_IP/edge_stack_admin/#dashboard
to unlock all the features of The Ambassador Edge Stack and update the value of
licenseKey.value in your values.yaml file.
{{- end }}

{{- if or .Values.authService.create .Values.rateLimit.create }}
-------------------------------------------------------------------------------
WARNING:

With your installation of the Ambassador Edge Stack, you have created a:
{{ if .Values.authService.create }}
- AuthService named {{include "ambassador.fullname" .}}-auth
{{ end }} {{ if .Values.rateLimit.create }}
- RateLimitService named {{include "ambassador.fullname" .}}-ratelimit
{{ end }}
in the {{ .Release.Namespace }} namespace.

Please ensure there is not another of these resources configured in your cluster.
If there is, please either remove the old resource or run

helm upgrade {{ .Release.Name }} -n {{ .Release.Namespace }} --set authService.create=false --set RateLimit.create=false

{{- end }}
{{- else }}
Congratulations! You've successfully installed Ambassador!
{{- end }}

For help, visit our Slack at https://d6e.co/slack or view the documentation online at https://www.getambassador.io.
-------------------------------------------------------------------------------
To get the IP address of Ambassador, run the following commands:

Expand All @@ -30,14 +55,6 @@ NOTE: It may take a few minutes for the LoadBalancer IP to be available.
echo "Visit http://127.0.0.1:8080 to use your application"
kubectl port-forward $POD_NAME 8080:80
{{- end }}
-------------------------------------------------------------------------------
{{- if contains "datawire/aes" .Values.image.repository }}
{{- if empty .Values.licenseKey.value }}

NOTE: You are currently running The Ambassador Edge Stack in EVALUATION MODE.

Request a free community license key at https://SERVICE_IP/edge_stack_admin/#dashboard
to unlock all the features of The Ambassador Edge Stack and update the value of
licenseKey.value in your values.yaml file.
{{- end }}
{{- end }}

For help, visit our Slack at https://d6e.co/slack or view the documentation online at https://www.getambassador.io.
2 changes: 1 addition & 1 deletion templates/aes-authservice.yaml
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
{{ if and .Values.authService.create (contains "datawire/aes" .Values.image.repository) }}
{{ if and .Values.authService.create .Values.enableAES }}
---
apiVersion: getambassador.io/v2
kind: AuthService
Expand Down
2 changes: 1 addition & 1 deletion templates/aes-internal.yaml
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
{{ if contains "datawire/aes" .Values.image.repository }}
{{ if .Values.enableAES }}
---
# Configure DevPortal
apiVersion: getambassador.io/v2
Expand Down
2 changes: 1 addition & 1 deletion templates/aes-ratelimit.yaml
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
{{ if and .Values.rateLimit.create (contains "datawire/aes" .Values.image.repository) }}
{{ if and .Values.rateLimit.create .Values.enableAES }}
---
apiVersion: getambassador.io/v2
kind: RateLimitService
Expand Down
2 changes: 1 addition & 1 deletion templates/aes-redis.yaml
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
{{ if and .Values.redis.create (contains "datawire/aes" .Values.image.repository) }}
{{ if and .Values.redis.create .Values.enableAES }}
---
apiVersion: v1
kind: Service
Expand Down
6 changes: 5 additions & 1 deletion templates/aes-secret.yaml
Original file line number Diff line number Diff line change
@@ -1,8 +1,12 @@
{{- if and .Values.licenseKey.createSecret (contains "datawire/aes" .Values.image.repository) }}
{{- if and .Values.licenseKey.createSecret .Values.enableAES }}
apiVersion: v1
kind: Secret
metadata:
{{- if .Values.licenseKey.secretName }}
name: {{ .Values.licenseKey.secretName }}
{{- else }}
name: {{ include "ambassador.fullname" . }}-edge-stack
{{- end }}
namespace: {{ .Release.Namespace }}
type: Opaque
data:
Expand Down
13 changes: 10 additions & 3 deletions templates/deployment.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -46,6 +46,9 @@ spec:
securityContext:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- if .Values.restartPolicy }}
restartPolicy: {{ .Values.restartPolicy }}
{{- end }}
serviceAccountName: {{ include "ambassador.serviceAccountName" . }}
{{- if .Values.priorityClassName }}
priorityClassName: {{ .Values.priorityClassName | quote }}
Expand Down Expand Up @@ -73,10 +76,14 @@ spec:
- key: ambassadorConfig
path: ambassador-config.yaml
{{- end }}
{{- if contains "datawire/aes" .Values.image.repository}}
{{- if .Values.enableAES}}
- name: {{ include "ambassador.fullname" . }}-edge-stack-secrets
secret:
{{- if .Values.licenseKey.secretName }}
secretName: {{ .Values.licenseKey.secretName }}
{{- else }}
secretName: {{ include "ambassador.fullname" . }}-edge-stack
{{- end }}
{{- end }}
{{- with .Values.volumes }}
{{- toYaml . | nindent 8 }}
Expand Down Expand Up @@ -124,7 +131,7 @@ spec:
valueFrom:
fieldRef:
fieldPath: status.hostIP
{{- if and (or .Values.redis.create .Values.redisURL) (contains "datawire/aes" .Values.image.repository) }}
{{- if and (or .Values.redis.create .Values.redisURL) (.Values.enableAES) }}
- name: REDIS_URL
{{- if .Values.redisURL }}
value: {{ .Values.redisURL }}
Expand Down Expand Up @@ -179,7 +186,7 @@ spec:
mountPath: /ambassador/ambassador-config/ambassador-config.yaml
subPath: ambassador-config.yaml
{{- end }}
{{- if contains "datawire/aes" .Values.image.repository }}
{{- if .Values.enableAES }}
- name: {{ include "ambassador.fullname" . }}-edge-stack-secrets
mountPath: /.config/ambassador
readOnly: true
Expand Down
2 changes: 1 addition & 1 deletion templates/rbac.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -45,7 +45,7 @@ rules:
resources: [ "ingresses/status" ]
verbs: ["update"]

{{- if (contains "datawire/aes" .Values.image.repository) }}
{{- if .Values.enableAES }}
- apiGroups: [""]
resources: [ "secrets" ]
verbs: ["get", "list", "watch", "create", "update"]
Expand Down
5 changes: 5 additions & 0 deletions values.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -163,6 +163,8 @@ serviceAccount:
deploymentStrategy:
type: RollingUpdate

restartPolicy:

initContainers: []

sidecarContainers: []
Expand Down Expand Up @@ -224,11 +226,14 @@ crds:
# Go to https://{ambassador-host}/edge_stack/admin/#dashboard to register
# for a community license key.

enableAES: true

# Set createSecret: false is installing multiple releases of The Ambassador
# Edge Stack in the same namespace.
licenseKey:
value:
createSecret: true
secretName:


# The Ambassador Edge Stack uses a redis instance for managing authentication,
Expand Down

0 comments on commit db81273

Please sign in to comment.