diff --git a/stack_orchestrator/deploy/k8s/cluster_info.py b/stack_orchestrator/deploy/k8s/cluster_info.py index be1b2e3d..04bfeaed 100644 --- a/stack_orchestrator/deploy/k8s/cluster_info.py +++ b/stack_orchestrator/deploy/k8s/cluster_info.py @@ -117,19 +117,23 @@ class ClusterInfo: def get_ingress(self, use_tls=False, certificate=None, cluster_issuer="letsencrypt-prod"): # No ingress for a deployment that has no http-proxy defined, for now http_proxy_info_list = self.spec.get_http_proxy() - ingress = None - if http_proxy_info_list: - # TODO: handle multiple definitions - http_proxy_info = http_proxy_info_list[0] + if not http_proxy_info_list: + return None + + tls = [] if use_tls else None + rules = [] + for http_proxy_info in http_proxy_info_list: if opts.o.debug: print(f"http-proxy: {http_proxy_info}") # TODO: good enough parsing for webapp deployment for now host_name = http_proxy_info["host-name"] - rules = [] - tls = [client.V1IngressTLS( - hosts=certificate["spec"]["dnsNames"] if certificate else [host_name], - secret_name=certificate["spec"]["secretName"] if certificate else f"{self.app_name}-tls" - )] if use_tls else None + + if use_tls: + tls.append(client.V1IngressTLS( + hosts=certificate["spec"]["dnsNames"] if certificate else [host_name], + secret_name=certificate["spec"]["secretName"] if certificate else f"{self.app_name}-{host_name}-tls" + )) + paths = [] for route in http_proxy_info["routes"]: path = route["path"] @@ -156,24 +160,24 @@ class ClusterInfo: paths=paths ) )) - spec = client.V1IngressSpec( - tls=tls, - rules=rules - ) + spec = client.V1IngressSpec( + tls=tls, + rules=rules + ) - ingress_annotations = { - "kubernetes.io/ingress.class": "nginx", - } - if not certificate: - ingress_annotations["cert-manager.io/cluster-issuer"] = cluster_issuer + ingress_annotations = { + "kubernetes.io/ingress.class": "nginx", + } + if not certificate: + ingress_annotations["cert-manager.io/cluster-issuer"] = cluster_issuer - ingress = client.V1Ingress( - metadata=client.V1ObjectMeta( - name=f"{self.app_name}-ingress", - annotations=ingress_annotations - ), - spec=spec - ) + ingress = client.V1Ingress( + metadata=client.V1ObjectMeta( + name=f"{self.app_name}-ingress", + annotations=ingress_annotations + ), + spec=spec + ) return ingress # TODO: suppoprt multiple services diff --git a/stack_orchestrator/deploy/k8s/deploy_k8s.py b/stack_orchestrator/deploy/k8s/deploy_k8s.py index b254fd4c..e9519db8 100644 --- a/stack_orchestrator/deploy/k8s/deploy_k8s.py +++ b/stack_orchestrator/deploy/k8s/deploy_k8s.py @@ -230,6 +230,7 @@ class K8sDeployer(Deployer): http_proxy_info = self.cluster_info.spec.get_http_proxy() # Note: at present we don't support tls for kind (and enabling tls causes errors) use_tls = http_proxy_info and not self.is_kind() + # TODO Handle for multiple http_proxy_info certificate = self._find_certificate_for_host_name(http_proxy_info[0]["host-name"]) if use_tls else None if opts.o.debug: if certificate: @@ -367,6 +368,7 @@ class K8sDeployer(Deployer): # Destroy the kind cluster destroy_cluster(self.kind_cluster_name) + # TODO: Update for multiple host-names def status(self): self.connect_api() # Call whatever API we need to get the running container list