stackoom
  简体   繁体   中英

Vault Helm chart run with terraform does not create an ingress on kubernetes

 原文  2022-08-04 07:31:03       kubernetes/ terraform/ hashicorp-vault/ terraform-provider-helm

Question

I'm trying to install Vault on a Kubernetes Cluster by running the Vault Helm chart out of Terraform. For some reason the ingress doesn't get created. When I forward the pods port the ui comes up fine, so I assume everything is working, but the ingress not being available is tripping me up. Edit: There are no errors while running terraform apply. If there is another point where I should look, please tell me. This is my helm_release resource:

  name       = "vault"
  repository = "https://helm.releases.hashicorp.com"
  chart      = "vault"

  namespace        = "vault"
  create_namespace = true

  set {
    name  = "ui.enabled"
    value = "true"
  }

  #Set ingress up to use cert-manager provided secret
  set {
    name  = "ingress.enabled"
    value = "true"
  }

  set {
    name  = "ingress.annotations.cert-manager\\.io/cluster-issuer"
    value = "letsencrypt-cluster-prod"
  }

  set {
    name  = "ingress.annotations.kubernetes\\.io/ingress\\.class"
    value = "nginx"
  }

  set {
    name  = "ingress.tls[0].hosts[0]"
    value = var.vault_hostname
  }

  set {
    name  = "ingress.hosts[0].host"
    value = var.vault_hostname
  }

  set {
    name  = "ingress.hosts[0].paths[0]"
    value = "/"
  }
}

I'm relatively new to all of these techs, having worked with puppet before, so if someone could point me in the right direction, I'd be much obliged.

1 answers

solution1
 0  2022-08-04 08:24:04

I achieved enabling ingress with a local variable, here is the working example

locals {
    values = {
        server= {
            ingress = {
              enabled = var.server_enabled
              labels = {
                traffic = "external"
              }
              ingressClassName = "nginx"
              annotations = {
                "kubernetes.io/tls-acme" =  "true"
                "nginx.ingress.kubernetes.io/ssl-redirect" = "true"
              }
              hosts = [{
                host = vault.example.com
                paths = ["/"]
              }]
              tls = [
                {
                  secretName = vault-tls-secret
                  hosts = ["vault.example.com"]
                }
              ]
            }
        }
    }
}
resource "helm_release" "vault" {
  name          = "vault"
  namespace     = "vault"
  repository = "https://helm.releases.hashicorp.com"
  chart      = "vault"
  version       = "0.19.0"
  create_namespace = true
  # other value to set
  #set { 
   # name = "server.ha.enabled"
    #value = "true"
  #}
    values = [
    yamlencode(local.values)
  ]
}

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question update kubernetes ingress helm chart port Kubernetes helm chart one namespace contains multiple ingress files How to add dependency between helm chart and kubernetes resource in terraform CDK deploy kubernetes ingress with terraform Problem with definition of Kubernetes Ingress in helm How to create AWS ALB using kubernetes_ingress terraform resource? Ingress and Helm Chart HTTPS issue Find Ingress IP in Helm Chart kubernetes helm chart Kubernetes Helm Chart - Debugging
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM