From b1583d5e21639189ac743343236f3a54b78a8cf8 Mon Sep 17 00:00:00 2001 From: ftocal <46001274+ftocal@users.noreply.github.com> Date: Tue, 28 Feb 2023 15:44:45 -0300 Subject: [PATCH] add ingress for api in staging and test environments (#169) --- deploy/api/api-ingress.yaml | 8 ++++---- deploy/api/api-service.yaml | 34 +--------------------------------- deploy/api/env/production.env | 4 +++- deploy/api/env/staging.env | 4 +++- deploy/api/env/test.env | 3 ++- deploy/common/namespace.yaml | 7 +++++++ deploy/fly/fly-service.yaml | 4 +--- deploy/spy/spy-service.yaml | 2 +- 8 files changed, 22 insertions(+), 44 deletions(-) create mode 100644 deploy/common/namespace.yaml diff --git a/deploy/api/api-ingress.yaml b/deploy/api/api-ingress.yaml index ee6a0106..93164f2c 100644 --- a/deploy/api/api-ingress.yaml +++ b/deploy/api/api-ingress.yaml @@ -1,5 +1,4 @@ -{{ if eq .ENVIRONMENT "production" }} --- apiVersion: networking.k8s.io/v1 kind: Ingress @@ -14,13 +13,15 @@ metadata: alb.ingress.kubernetes.io/healthcheck-protocol: HTTP alb.ingress.kubernetes.io/healthcheck-timeout-seconds: "5" alb.ingress.kubernetes.io/healthy-threshold-count: "2" - alb.ingress.kubernetes.io/listen-ports: '[{"HTTP": 80} ]' + alb.ingress.kubernetes.io/listen-ports: '[{"HTTP": 80}, {"HTTPS":443}]' alb.ingress.kubernetes.io/scheme: internet-facing alb.ingress.kubernetes.io/success-codes: "200" alb.ingress.kubernetes.io/tags: createdBy=aws-controller alb.ingress.kubernetes.io/target-type: ip alb.ingress.kubernetes.io/unhealthy-threshold-count: "2" - alb.ingress.kubernetes.io/group.name: wormscan-group + alb.ingress.kubernetes.io/group.name: {{ .ALB_GROUP_NAME }} + alb.ingress.kubernetes.io/certificate-arn: {{ .ALB_SSL_CERT }} + alb.ingress.kubernetes.io/actions.ssl-redirect: '{"Type": "redirect", "RedirectConfig": { "Protocol": "HTTPS", "Port": "443", "StatusCode": "HTTP_301"}}' external-dns.alpha.kubernetes.io/hostname: {{ .HOSTNAME }} spec: rules: @@ -34,4 +35,3 @@ spec: name: {{ .NAME }} port: number: 80 -{{ end }} \ No newline at end of file diff --git a/deploy/api/api-service.yaml b/deploy/api/api-service.yaml index 16171ee9..47248f8a 100644 --- a/deploy/api/api-service.yaml +++ b/deploy/api/api-service.yaml @@ -1,5 +1,3 @@ - -{{ if eq .ENVIRONMENT "production" }} --- apiVersion: v1 kind: Service @@ -17,36 +15,6 @@ spec: targetPort: {{ .PORT }} name: {{ .NAME }} protocol: TCP -{{ else }} ---- -apiVersion: v1 -kind: Service -metadata: - name: {{ .NAME }} - namespace: {{ .NAMESPACE }} - annotations: - external-dns.alpha.kubernetes.io/hostname: {{ .HOSTNAME }} - {{ if eq .ENVIRONMENT "test" }} - service.beta.kubernetes.io/aws-load-balancer-backend-protocol: "http" - service.beta.kubernetes.io/aws-load-balancer-ssl-ports: "https" - service.beta.kubernetes.io/aws-load-balancer-ssl-cert: {{ .SSL_CERT }} - {{ end }} - labels: - app: {{ .NAME }} -spec: - type: LoadBalancer - selector: - app: {{ .NAME }} - ports: - - name: http - port: 80 - targetPort: {{ .PORT }} - protocol: TCP - - name: https - port: 443 - targetPort: {{ .PORT }} - protocol: TCP -{{ end }} --- apiVersion: apps/v1 kind: Deployment @@ -111,7 +79,7 @@ spec: - name: WORMSCAN_CACHE_ENABLED value: "true" - name: WORMSCAN_PPROF_ENABLED - value: {{ .WORMSCAN_PPROF_ENABLED }} + value: "{{ .WORMSCAN_PPROF_ENABLED }}" resources: limits: memory: {{ .RESOURCES_LIMITS_MEMORY }} diff --git a/deploy/api/env/production.env b/deploy/api/env/production.env index 80d8e3f8..2ada97fe 100644 --- a/deploy/api/env/production.env +++ b/deploy/api/env/production.env @@ -12,4 +12,6 @@ WORMSCAN_RUNMODE=PRODUCTION WORMSCAN_LOGLEVEL=INFO WORMSCAN_P2PNETWORK=mainnet WORMSCAN_PPROF_ENABLED=false -HOSTNAME=api.wormscan.io \ No newline at end of file +HOSTNAME=api.wormscan.io +ALB_GROUP_NAME=wormscan-group +ALB_SSL_CERT= \ No newline at end of file diff --git a/deploy/api/env/staging.env b/deploy/api/env/staging.env index 77f45da5..322650cb 100644 --- a/deploy/api/env/staging.env +++ b/deploy/api/env/staging.env @@ -12,4 +12,6 @@ WORMSCAN_RUNMODE=DEVELOPMENT WORMSCAN_LOGLEVEL=INFO WORMSCAN_P2PNETWORK=mainnet WORMSCAN_PPROF_ENABLED=true -HOSTNAME=api.staging.wormscan.io \ No newline at end of file +HOSTNAME=api.staging.wormscan.io +ALB_GROUP_NAME=wormscan-group-staging +ALB_SSL_CERT= \ No newline at end of file diff --git a/deploy/api/env/test.env b/deploy/api/env/test.env index d379545f..b4ab4f88 100644 --- a/deploy/api/env/test.env +++ b/deploy/api/env/test.env @@ -13,4 +13,5 @@ WORMSCAN_LOGLEVEL=INFO WORMSCAN_P2PNETWORK=testnet WORMSCAN_PPROF_ENABLED=false HOSTNAME=api.testnet.wormscan.io -SSL_CERT= \ No newline at end of file +ALB_GROUP_NAME=wormscan-group-test +ALB_SSL_CERT= \ No newline at end of file diff --git a/deploy/common/namespace.yaml b/deploy/common/namespace.yaml new file mode 100644 index 00000000..4dbff83f --- /dev/null +++ b/deploy/common/namespace.yaml @@ -0,0 +1,7 @@ +--- +apiVersion: v1 +kind: Namespace +metadata: + name: {{ .NAMESPACE }} + labels: + name: {{ .NAMESPACE }} diff --git a/deploy/fly/fly-service.yaml b/deploy/fly/fly-service.yaml index 230c5714..aeaf8cf2 100644 --- a/deploy/fly/fly-service.yaml +++ b/deploy/fly/fly-service.yaml @@ -51,10 +51,8 @@ spec: key: mongo-database - name: P2P_NETWORK value: {{ .P2P_NETWORK }} - - name: MAX_HEALTH_TIME_SECONDS - value: "{{ .MAX_HEALTH_TIME_SECONDS }}" - name: PPROF_ENABLED - value: {{ .PPROF_ENABLED }} + value: "{{ .PPROF_ENABLED }}" - name: SQS_URL value: {{ .SQS_URL }} - name: AWS_REGION diff --git a/deploy/spy/spy-service.yaml b/deploy/spy/spy-service.yaml index 77c510f5..8531206c 100644 --- a/deploy/spy/spy-service.yaml +++ b/deploy/spy/spy-service.yaml @@ -70,7 +70,7 @@ spec: - name: PORT value: "8000" - name: PPROF_ENABLED - value: {{ .PPROF_ENABLED }} + value: "{{ .PPROF_ENABLED }}" resources: limits: memory: {{ .RESOURCES_LIMITS_MEMORY }}