This repository has been archived by the owner on Dec 7, 2021. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 0
/
index.ts
438 lines (351 loc) · 22.8 KB
/
index.ts
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
import * as pulumi from '@pulumi/pulumi';
import * as aws from "@pulumi/aws";
import * as eks from "@pulumi/eks";
import * as k8s from "@pulumi/kubernetes";
/// import { GraviteeKube } from './components/kubernetes/GraviteeKube';
import { GraviteeAPIMKube } from './components/kubernetes/GraviteeAPIMKube';
/// import { TraefiKube } from './components/kubernetes/TraefiKube';
/// import { AWSDocumentDb } from './components/aws/documentdb/AWSDocumentDb';
import { UnderlayVPC } from './components/aws/networking/UnderlayVPC'
import { AwsALB } from './components/aws/networking/AwsALB'
export const pulumiEnvironment = pulumi.getStack();
/**
* PULUMI PROJECT CONFIGURATION
**/
const pulumiConfig = new pulumi.Config();
/// export PULUMI_PROJECT_NAME='gio_fargate' ===>>> When you run [pulumi new aws-typescript -n ${PROJECT_NAME} -s {PULUMI_STACK_NAME} --secrets-provider hashivault]
/// export PULUMI_STACK_NAME='gio_fargate'
/// --- [~/.aws/credentials] actually could not exists as a file, in which case, you will HAVE to set AWS credentails this way :
/// AWS_ACCESS_KEY_ID Can be configured by running [pulumi config set aws:accessKey <you aws account access key id>]
/// AWS_SECRET_ACCESS_KEY Can be configured by running [pulumi config set aws:secretKey <you aws account access key id> --secret]
/// Note : the [--secret] GNU Option is exetremely important, to manage secrets with Pulumi 's configured
/// Secret Manager, Gravitee Recommends HashiCorp Vault', see :
/// [ --secrets-provider hashivault] GNU option to create a new Pulumi Project
///
console.log('----');
console.log('---- AWS [~/.aws/credentials] must exists, and the AWS Profile which will be used : ');
console.log(' Can be configured by setting the [export AWS_PROFILE] env. var value, in your pulumi execution environment ');
console.log(' Can be configured by running [pulumi config set aws:profile <profilename>] ');
console.log('---- if the [default] AWS_PROFILE is inside of it will be used. ');
// aws.config.profile
// aws.config.accessKey
console.log(` > AWS_PROFILE is : ${aws.config.profile}`)
console.log(` > AWS_REGION is: ${aws.config.region}`)
// console.log(` > AWS_REGION is: ${aws.config.accessKey}`)
// console.log(` > AWS_REGION is: ${aws.config.secretKey}`)
/// export CORPORATE_DOMAIN_NAME='mycompany.io'
/// pulumi config set ${PULUMI_PROJECT_NAME}:corporate_domain_name "${CORPORATE_DOMAIN_NAME}" -s "${PULUMI_STACK_NAME}"
console.log('----');
console.log('---- Corporate domain name (your companys API common domain name) ');
console.log(' Example : if your expose you API through [https://api.mycompany.io] ');
console.log(' Then set this configuration parameter to [mycompany.io] ');
console.log('---- ');
console.log(` Corporate domain name is set to ${pulumiConfig.require("corporate_domain_name")} `);
console.log('----');
/// export K8S_NAMESPACE='default'
/// pulumi config set ${PULUMI_PROJECT_NAME}:k8s_namespace "${K8S_NAMESPACE}" -s "${PULUMI_STACK_NAME}"
console.log('----');
console.log('---- Kubernetes Namespace ');
console.log('----');
console.log(' This where your applications including their APIs, and Gravitee API Gateway will deployed');
console.log('----');
console.log(` Configured K8S namespace for https://${pulumiConfig.require("corporate_domain_name")} Apps and API Gateway is : ${pulumiConfig.require("k8s_namespace")}`);
console.log('----');
/// export DESIRED_FARGATE_PROFILE_NAME='myfargateprofile'
/// pulumi config set ${PULUMI_PROJECT_NAME}:desired_fargate_profile_name "${DESIRED_FARGATE_PROFILE_NAME}" -s "${PULUMI_STACK_NAME}"
console.log('----');
console.log('---- Fargate Profile Name');
console.log('---- ');
console.log(` Fargate Profile name is set to [${pulumiConfig.require("desired_fargate_profile_name")}] `);
console.log(` Fargate Profile will be created in the ${pulumiConfig.require("k8s_namespace")} Kubernetes namespace `);
console.log('----');
/// export GRAVITEE_APIM_CHART_VERSION='3.0.4'
/// pulumi config set ${PULUMI_PROJECT_NAME}:gravitee_apim_chart_version "${GRAVITEE_APIM_CHART_VERSION}" -s "${PULUMI_STACK_NAME}"
console.log('----');
console.log('---- Gravitee Helm Chart ');
console.log(`To check the lastest stable Gravitee APIM Helm Chart version, run the following commands with Helm v3 in a shell terminal : ${pulumiConfig.require("gravitee_apim_chart_version")}`);
console.log(`helm repo add graviteeio https://helm.gravitee.io`);
console.log(`helm search repo graviteeio`);
/// export GIO_K8S_HELM_RELEASE_NAME="graviteeio-apim3x"
/// pulumi config set ${PULUMI_PROJECT_NAME}:gravitee_apim_helm_release_name ${GIO_K8S_DEPLOYMENT_NAME} -s ${PULUMI_STACK_NAME}
console.log('-');
console.log(` > Helm Chart Repo Id (the Id of the chart inside the helm repo) : ${pulumiConfig.require("gravitee_apim_helm_chart_repo_id")}`);
console.log(` > Helm Chart version : ${pulumiConfig.require("gravitee_apim_chart_version")}`);
console.log(` > Helm Release name : ${pulumiConfig.require("gravitee_apim_helm_release_name")}`);
console.log('----');
console.log('----');
/// export GRAVITEE_CONTAINERS_TAG='3.1.1'
/// pulumi config set ${PULUMI_PROJECT_NAME}:gravitee_containers_tag "${GRAVITEE_CONTAINERS_TAG}" -s "${PULUMI_STACK_NAME}"
console.log('----');
console.log('---- Gravitee Containers ');
console.log(``);
console.log(`All Gravitee components docker images are designed to be run with homogeneous TAG (versions).`);
console.log(`When you run Gravitee, you have to set the exact same OCI image version tag. For example :`);
console.log(` > graviteeio/apim-gateway:3.1.1`);
console.log(` > graviteeio/apim-management-ui:3.1.1`);
console.log(` > graviteeio/apim-management-api:3.1.1`);
console.log(` `);
console.log(` etc...`);
console.log(` `);
console.log(`Configuration of the Gravitee APIM Containers tag is set to : ${pulumiConfig.require("gravitee_containers_tag")}`);
console.log('----');
/// --- External MongoDB and Elasticsearch configuration values are top level parameters for the
/// pulumi recipe :
console.log('----');
console.log('---- Gravitee External Data persistence ');
/// export MONGO_DB_NAME="gravitee_db"
/// pulumi config set ${PULUMI_PROJECT_NAME}:mongo_db_name ${MONGO_DB_NAME} -s ${PULUMI_STACK_NAME}
console.log(`Configuration of the Gravitee External MongoDB HOST : ${pulumiConfig.require("mongo_db_name")}`);
/// export MONGO_HOST="54.228.103.148"
/// pulumi config set ${PULUMI_PROJECT_NAME}:mongo_host ${MONGO_HOST} -s ${PULUMI_STACK_NAME}
console.log(`Configuration of the Gravitee External MongoDB HOST : ${pulumiConfig.require("mongo_host")}`);
/// export MONGO_PORT="27017"
/// pulumi config set ${PULUMI_PROJECT_NAME}:mongo_port ${MONGO_PORT} -s ${PULUMI_STACK_NAME}
console.log(`Configuration of the Gravitee External MongoDB PORT : ${pulumiConfig.require("mongo_port")}`);
/// export MONGO_URI_PROTOCOL="http" /// 2 possible values : [http] or [https]
/// pulumi config set ${PULUMI_PROJECT_NAME}:mongo_uri_protocol ${MONGO_PORT} -s ${PULUMI_STACK_NAME}
console.log(`Configuration of the Gravitee External MongoDB URI PROTOCOL ( 2 possible values : either 'mongodb' or 'mongodb+srv') : ${pulumiConfig.require("mongo_uri_protocol")}`);
console.log("Given the configured {Mongo DB HOST}, {MongoDB PORT}, and {MongoDB URI PROTOCOL}, the Gravitee External MongoDB Full URI will be :" + `${pulumiConfig.require("mongo_uri_protocol")}` + "://" + `${pulumiConfig.require("mongo_host")}` + ":" + `${pulumiConfig.require("mongo_port")}` + `/${pulumiConfig.require("mongo_db_name")}?serverSelectionTimeoutMS=5000&connectTimeoutMS=30000&socketTimeoutMS=30000`);
// basic constraints checking on [mongo_uri_protocol] error management
const mongo_uri_protocol_value_tocheck = `${pulumiConfig.require("mongo_uri_protocol")}`;
if ( mongo_uri_protocol_value_tocheck === 'mongodb') {
// then we're good
} else {
if ( mongo_uri_protocol_value_tocheck === 'mongodb+srv') {
// then we're good
} else {
// then we're not good
let errmsg = `[mongo_uri_protocol] value should be set either 'mongodb' or 'mongodb+srv', but your curent value is '${mongo_uri_protocol_value_tocheck}'`;
errmsg += " Please reset [mongo_uri_protocol] value either to either 'mongodb' or 'mongodb+srv', using the command `pulumi config set <your pulumi project name>:mongo_uri_protocol <value>`"
throw new Error(errmsg);
}
}
/// export PULUMI_STACK_NAME='${PULUMI_STACK_NAME}'
/// export ES_ENDPOINT="http://54.228.103.148:9200"
/// pulumi config set ${PULUMI_PROJECT_NAME}:elastic_endpoint ${ES_ENDPOINT} -s ${PULUMI_STACK_NAME}
console.log(`Configuration of the Gravitee External Elasticsearch endpoint : ${pulumiConfig.require("elastic_endpoint")}`);
/// export KUBECTL_PORT_FORWARD_MGMT_UI="8002"
/// pulumi config set ${PULUMI_PROJECT_NAME}:kubectl_port_forward_mgmt_ui ${KUBECTL_PORT_FORWARD_MGMT_UI} -s ${PULUMI_STACK_NAME}
/// export KUBECTL_PORT_FORWARD_MGMT_API="8383"
/// pulumi config set ${PULUMI_PROJECT_NAME}:kubectl_port_forward_mgmt_api ${KUBECTL_PORT_FORWARD_MGMT_API} -s ${PULUMI_STACK_NAME}
console.log('----');
console.log('---- Gravitee Admin Staff ');
console.log(`Admin Staff only will access APIM Management UI using the 2 following [kubectl port-forward] commands, executed in 2 distinct terminal shell sessions : `);
console.log('-');
console.log(`[kubectl port-forward svc/${pulumiConfig.require("gravitee_apim_helm_release_name")}-ui ${pulumiConfig.require("kubectl_port_forward_mgmt_ui")}:8002`);
console.log('-');
console.log(`[kubectl port-forward svc/${pulumiConfig.require("gravitee_apim_helm_release_name")}-api ${pulumiConfig.require("kubectl_port_forward_mgmt_api")}:83`);
console.log('----');
/** example below [gravitee_apim_helm_release_name] = 'graviteeio-apim3x'
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
service/graviteeio-apim3x-api ClusterIP 172.20.182.220 <none> 83/TCP 3m52s
service/graviteeio-apim3x-gateway ClusterIP 172.20.195.171 <none> 82/TCP 3m52s
service/graviteeio-apim3x-portal ClusterIP 172.20.221.111 <none> 8003/TCP 3m52s
service/graviteeio-apim3x-ui ClusterIP 172.20.115.81 <none> 8002/TCP 3m52s
service/kubernetes ClusterIP 172.20.0.1 <none> 443/TCP 16h
service/traefik LoadBalancer 172.20.253.133 a4aea71263fbc4c96bd2378b0677d778-1505901099.eu-west-1.elb.amazonaws.com 8000:31062/TCP,8080:30644/TCP,4443:32162/TCP 15h
*/
const gioVPC = new UnderlayVPC(`gravitee-serverless-vpc`, {
externalMongoDBport: `${pulumiConfig.require("mongo_port")}`, /// Could be used used to set networking Security Groups rules (permissions to connect to Mongo), if using an external MongoDB inside the same VPC, but not in the EKS Fargate cluster
});
export const vpcId = gioVPC.vpc.id;
export const vpcIsolatedSubnetIds = gioVPC.vpc.isolatedSubnetIds;
export const vpcPrivateSubnetIds = gioVPC.vpc.privateSubnetIds;
export const vpcPublicSubnetIds = gioVPC.vpc.publicSubnetIds;
export const allVpcSubnetIds = gioVPC.vpc.getSubnetsIds;
const privSubnetIds = pulumi
.all([gioVPC.vpc.privateSubnetIds])
.apply(([privateSubnetIds]) => ([
...privateSubnetIds
]))
const allSubnetIds = pulumi
.all([gioVPC.vpc.privateSubnetIds, gioVPC.vpc.publicSubnetIds])
.apply(([privateSubnetIds, publicSubnetIds]) => ([
...privateSubnetIds,
...publicSubnetIds,
]))
/**
* ----------------------------------------------------------------------------------------------------------------
* ----------------------------------------------------------------------------------------------------------------
* External Services First (not in Fargate Cluster) :
* AWS Document DB ==>>> External MongoDB for GRAVTIEE
* AWS Elasticsearch Services ==>>> External Elasticsearch for GRAVTIEE
* ----------------------------------------------------------------------------------------------------------------
* Or use existing external Elasticsearch and MongoDB services :
* Networking in this Pulumi defined AWS Vpc is setup so that outbound Access is
* allowed for External Databases Access.
* ----------------------------------------------------------------------------------------------------------------
* ----------------------------------------------------------------------------------------------------------------
**/
/*
/// +++
/// AWS Elasticsearch Services ==>>> External Elasticsearch for GRAVTIEE
/// export const GRAVITEE_MONGO_DBNAME: string = 'gravitee'; /// sets the DB NAME for gravitee APIM /// Create MongoDB ? not necessary, gravitee will do it ?
const docdbSubnetGroup = new aws.rds.SubnetGroup("docdb-subnetgroup", {
subnetIds: gioVPC.vpc.publicSubnetIds,
tags: {
Name: "My DB subnet group",
},
});
export const documentdb = new AWSDocumentDb(`gio-documentdb-${environment}`, {
// -- //
// A reference on the created Kubernetes Cluster with EKS
// https://github.com/pulumi/pulumi-eks#deploying-a-workload
/// graviteeMongoDBname: `${GRAVITEE_MONGO_DBNAME}`,/// Create MongoDB ? not necessary, gravitee will do it ?
backupRetentionPeriod: 5,
engine: 'docdb',
preferredBackupWindow: "04:00-06:00",
skipFinalSnapshot: true,
clusterIdentifier: "gravitee-docdb", /// only lowercase alphanumeric characters and hyphens allowed in "cluster_identifier" accepted by AWS
vpcSecurityGroupIds: [gioVPC.documentdbSecGroup.id], /// [gioVPC.documentdbSecGroup] defnies Inbound Network Permissions
// vpcSecurityGroupIds: []
vpcDocDbSubnetGroup: docdbSubnetGroup
});
export const EXTERNAL_MONGODB_ENDPOINT = documentdb.endpoint.apply(JSON.stringify);
export const EXTERNAL_MONGODB_BACKUP_RETENTION_PERIOD = documentdb.backupRetentionPeriod;
export const EXTERNAL_MONGODB_CLUSTER_IDENTIFIER = documentdb.clusterIdentifier; /// e.g. "graviteedocdb-cluster"
export const EXTERNAL_MONGODB_ENGINE = documentdb.engine;
export const EXTERNAL_MONGODB_SKIPFINALSNAPSHOT = documentdb.skipFinalSnapshot;
export const EXTERNAL_MONGODB_PREFERREDBACKUPWINDOW = documentdb.preferredBackupWindow;
*/
/**
* ----------------------------------------------------------------------------------------------------------------
* ----------------------------------------------------------------------------------------------------------------
* Kubernetes EKS cluster
* ----------------------------------------------------------------------------------------------------------------
* ----------------------------------------------------------------------------------------------------------------
**/
//// see https://thenewstack.io/how-aws-fargate-turned-amazon-eks-into-serverless-container-platform/ : Difference between ECS and Fargate on EKS
// Create the EKS cluster itself with Fargate enabled.
/// only one difference will be tested : [nodeAssociatePublicIpAddress] left to default
const gioEKSCluster: eks.Cluster = new eks.Cluster(`gioEKSCluster`, {
providerCredentialOpts: { profileName: aws.config.profile },
fargate: true,
vpcId: gioVPC.vpc.id,
/// privateSubnetIds: vpcPrivateSubnetIds,
/// instanceRole: role0,
///privateSubnetIds: vpc.privateSubnetIds,
subnetIds: allSubnetIds, /// I personally added this one as less restrictive, but it's either [subnetIds] OR [privateSubnetIds], either one of them, it's a choice
nodeAssociatePublicIpAddress: false, ///
/// createOidcProvider: true /// very imlportant for AWS User Management see [https://www.pulumi.com/blog/eks-oidc/] and [https://aws.amazon.com/blogs/containers/using-alb-ingress-controller-with-amazon-eks-on-fargate/]
});
// Export the cluster's kubeconfig.
export const kubeconfig = gioEKSCluster.kubeconfig;
// a reference on the pulumi k8s provider, to pass on to modules deploying to kubernetes cluster
const k8sProvider = new k8s.Provider('k8s', {
kubeconfig: gioEKSCluster.kubeconfig.apply(JSON.stringify),
});
/// ------------------------------------------
/// Explicitly Create Fargate Profile
/// Why?
/// Because we need a fargate
/// profile, inside the same namespace where
/// the apps we want to run on fargate live
/// otherwise, Fargate Scheduler won't "see"
/// the apps we kubectl label for
/// fargate scheduler
/// In the following AWS doc, you will see that
/// multiple (at least 2) Fargate Profiles can be created
/// in the same Cluster :
/// https://docs.aws.amazon.com/eks/latest/userguide/fargate-getting-started.html :
/// ------------------------------------------
/// https://www.pulumi.com/docs/reference/pkg/nodejs/pulumi/aws/eks/#example-usage-1
/// https://www.pulumi.com/docs/reference/pkg/nodejs/pulumi/aws/eks/#FargateProfile
/// ---
/// ---
/// Fargate Profile and IAM Role
/// See https://www.pulumi.com/docs/reference/pkg/aws/eks/fargateprofile/#example-usage
///
const podsAWSRole = new aws.iam.Role("podsAWSRole", {assumeRolePolicy: JSON.stringify({
Statement: [{
Action: "sts:AssumeRole",
Effect: "Allow",
Principal: {
Service: "eks-fargate-pods.amazonaws.com",
},
}]
})});
const example_AmazonEKSFargatePodExecutionRolePolicyAttachment = new aws.iam.RolePolicyAttachment("example-AmazonEKSFargatePodExecutionRolePolicy", {
policyArn: "arn:aws:iam::aws:policy/AmazonEKSFargatePodExecutionRolePolicy",
role: podsAWSRole.name,
});
/// This name will be used to [LABEL] [K8S DEPLOYMENTS] with [eks.amazonaws.com/fargate-profile: myfargateprofile]
export const gioFargateProfileName: string = `${pulumiConfig.require("desired_fargate_profile_name")}`;
let fargateTipMsg: string = "For any application deployed as a [kind: Service], you can label it for fargate scheduler like this : ";
let fargateTipCommand = " kubectl label svc whoami eks.amazonaws.com/fargate-profile=" + `${gioFargateProfileName}` +" --overwrite ";
// kubectl label svc whoami 'gravitee.io/gravitee_team_rocks'='doesntit' --overwrite
export const gioFargateProfileTip: string = `${fargateTipMsg}`;
export const gioFargateProfileTipCommand: string = `${fargateTipCommand}`;
// Create a Kubernetes Namespace ? doesn't help with providing namespace
/// const ns = new k8s.core.v1.Namespace(config.require("k8s_namespace"), {}, { provider: k8sProvider });
/// see https://thenewstack.io/how-aws-fargate-turned-amazon-eks-into-serverless-container-platform/ : Difference between ECS and Fargate on EKS
export const fprofile = new aws.eks.FargateProfile(`${gioFargateProfileName}`, {
clusterName: gioEKSCluster.eksCluster.name,
podExecutionRoleArn: podsAWSRole.arn,
subnetIds: privSubnetIds, /// [allSubnetIds] contains public Subnets, And Fargate does not tolerate that, an error like this would be thrown: : [ error: error creating EKS Fargate Profile (gioEKSCluster-eksCluster-e8f222c:giofargateprofile-a242243): InvalidParameterException: Subnet subnet-0388a5e2e3dc49212 provided in Fargate Profile is not a private subnet]
selectors: [
{namespace: 'kube-system'},
{
namespace: `${pulumiConfig.require("k8s_namespace")}`, /// Le voilà le pods selector pour le fargate profile, on oublie le namespace, on uitlisera un label, et bingo label
labels: {
'graviteeio/serverless': 'fargate'
}
}]
});
// fprofile.fargateProfileName
// fprofile.status
console.log(`Fargate Profile name is : [${fprofile.fargateProfileName.apply(JSON.stringify)}]`);
console.log(`Fargate Profile status is : [${fprofile.status.apply(JSON.stringify)}]`);
/// https://towardsdatascience.com/how-to-configure-iam-roles-for-fargate-tasks-on-aws-76ad54f11314
/// ABOUT [privateSubnetIds] and Fargate Profile :
///
/// Even though the Fargate data plane runs in a hidden, private VPC, a subnet from the customer VPC is needed to route the inbound and outbound traffic.
///
/**
* ----------------------------------------------------------------------------------------------------------------
* ----------------------------------------------------------------------------------------------------------------
* ALB Ingress Controller (deplpoyed as HELM CHART)
* ----------------------------------------------------------------------------------------------------------------
* ----------------------------------------------------------------------------------------------------------------
**/
export const ALBIngresController = new AwsALB(`albIngressController`, {
cluster: gioEKSCluster,
pulumiConfig: pulumiConfig
});
/**
* ----------------------------------------------------------------------------------------------------------------
* ----------------------------------------------------------------------------------------------------------------
* Optional - Traefik Reverse Proxy (Not acting as Kubernetes Ingress Controller)
* ----------------------------------------------------------------------------------------------------------------
* ----------------------------------------------------------------------------------------------------------------
**/
/*
const gioReverseProxy = new TraefiKube(`gio-traefik`, {
scaleUpOrder: 61,
helmChartVersion: "10.2.3", // must comply to semver, use linter inside package.json scripts section
// -- //
// A reference on the created Kubernetes Cluster with EKS
// https://github.com/pulumi/pulumi-eks#deploying-a-workload
eksCluster: gioEKSCluster,
pulumiConfig: pulumiConfig
});
*/
// pulumi stack output -j
// export const ips = gioIngressController.IPs
/**
* ----------------------------------------------------------------------------------------------------------------
* ----------------------------------------------------------------------------------------------------------------
* Kubernetes External DNS : we will consider this when finished with all other components
* ----------------------------------------------------------------------------------------------------------------
* ----------------------------------------------------------------------------------------------------------------
**/
/////======>>>>>>> LEAVING GRAVTIEE ASIDE FOR TEST PURPOSES WILL BRING BACK AFTER
const gioApiGateway = new GraviteeAPIMKube(`gravitee-apim-kube`, {
// -- //
// A reference on the created Kubernetes Cluster with EKS
// https://github.com/pulumi/pulumi-eks#deploying-a-workload
eksCluster: gioEKSCluster,
pulumiConfig: pulumiConfig,
baseNomsDomainesGraviteeAPIM: "api", // then Gravitee APIM Gateway (The API Gateway) will be exposed at https://api.
fargateProfile: fprofile
});