Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Open both port 443 & 80 when AWS cert manager is in use. #221

Merged
merged 1 commit into from Jun 19, 2017
Merged

Open both port 443 & 80 when AWS cert manager is in use. #221

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
18 changes: 13 additions & 5 deletions pkg/ingress/create.go
View file
Open in desktop
Expand Up @@ -163,7 +163,7 @@ func (lbc *EngressController) createHostPortSvc() error {
}

// opening other tcp ports
for targetPort, svcPort := range lbc.Ports {
for svcPort, targetPort := range lbc.Ports {
p := apiv1.ServicePort{
Name: "tcp-" + strconv.Itoa(svcPort),
Protocol: "TCP",
Expand Down Expand Up @@ -308,7 +308,11 @@ func (lbc *EngressController) createHostPortPods() error {
}

// adding tcp ports to pod template
for targetPort := range lbc.Ports {
targetPorts := make(map[int]bool)
for _, targetPort := range lbc.Ports {
targetPorts[targetPort] = true
}
for targetPort := range targetPorts {
p := apiv1.ContainerPort{
Name: "tcp-" + strconv.Itoa(targetPort),
Protocol: "TCP",
Expand Down Expand Up @@ -385,7 +389,7 @@ func (lbc *EngressController) createNodePortSvc() error {
}

// opening other tcp ports
for targetPort, svcPort := range lbc.Ports {
for svcPort, targetPort := range lbc.Ports {
p := apiv1.ServicePort{
Name: "tcp-" + strconv.Itoa(svcPort),
Protocol: "TCP",
Expand Down Expand Up @@ -514,7 +518,11 @@ func (lbc *EngressController) createNodePortPods() error {
}

// adding tcp ports to pod template
for targetPort := range lbc.Ports {
targetPorts := make(map[int]bool)
for _, targetPort := range lbc.Ports {
targetPorts[targetPort] = true
}
for targetPort := range targetPorts {
p := apiv1.ContainerPort{
Name: "tcp-" + strconv.Itoa(targetPort),
Protocol: "TCP",
Expand Down Expand Up @@ -588,7 +596,7 @@ func (lbc *EngressController) createLoadBalancerSvc() error {
}

// opening other tcp ports
for targetPort, svcPort := range lbc.Ports {
for svcPort, targetPort := range lbc.Ports {
p := apiv1.ServicePort{
Name: "tcp-" + strconv.Itoa(svcPort),
Protocol: "TCP",
Expand Down
2 changes: 1 addition & 1 deletion pkg/ingress/handler.go
View file
Open in desktop
Expand Up @@ -169,7 +169,7 @@ func (lbc *EngressController) Handle(e *events.Event) error {
}

var updateFW bool
for targetPort, svcPort := range lbc.Ports {
for svcPort, targetPort := range lbc.Ports {
if sp, ok := curPorts[svcPort]; !ok || sp.TargetPort.IntValue() != targetPort {
updateFW = true // new port has to be opened
break
Expand Down
4 changes: 2 additions & 2 deletions pkg/ingress/parser.go
View file
Open in desktop
Expand Up @@ -316,7 +316,7 @@ func (lbc *EngressController) parseSpec() {
if ans, ok := lbc.Resource.ServiceAnnotations(lbc.ProviderName); ok {
if v, usesAWSCertManager := ans["service.beta.kubernetes.io/aws-load-balancer-ssl-cert"]; usesAWSCertManager && v != "" {
var tp80, sp443 bool
for targetPort, svcPort := range lbc.Ports {
for svcPort, targetPort := range lbc.Ports {
if targetPort == 80 {
tp80 = true
}
Expand All @@ -325,7 +325,7 @@ func (lbc *EngressController) parseSpec() {
}
}
if tp80 && !sp443 {
lbc.Ports[80] = 443
lbc.Ports[443] = 80
} else {
log.Errorln("Failed to open port 443 on service for AWS cert manager.")
}
Expand Down
6 changes: 3 additions & 3 deletions pkg/ingress/types.go
View file
Open in desktop
Expand Up @@ -22,10 +22,10 @@ type EngressController struct {
// contains raw configMap data parsed from the cfg file.
ConfigData string

// Ports contains a map of HAProxy port to Service Port (svc.TargetPort -> svc.Port).
// HAProxy binds to the target ports. Service ports are used to open loadbalancer/firewall.
// Ports contains a map of Service Port to HAProxy port (svc.Port -> svc.TargetPort).
// HAProxy pods binds to the target ports. Service ports are used to open loadbalancer/firewall.
// Usually target port == service port with one exception for LoadBalancer type service in AWS.
// If AWS cert manager is used then a 80 -> 443 port mapping is added.
// If AWS cert manager is used then a 443 -> 80 port mapping is added.
Ports map[int]int
// contains all the https host names.
HostFilter []string
Expand Down
2 changes: 1 addition & 1 deletion pkg/ingress/update.go
View file
Open in desktop
Expand Up @@ -137,7 +137,7 @@ func (lbc *EngressController) updateLBSvc() error {
curPorts[p.Port] = p
}
svc.Spec.Ports = make([]apiv1.ServicePort, 0)
for targetPort, svcPort := range lbc.Ports {
for svcPort, targetPort := range lbc.Ports {
if sp, found := curPorts[int32(svcPort)]; found && sp.TargetPort.IntValue() == targetPort {
svc.Spec.Ports = append(svc.Spec.Ports, sp)
} else {
Expand Down