New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Support non-GKE clusters in Helm #3295
Comments
I'd very much like to use the Traefik for our ingress too so this is interesting to me. 😄 fwiw it should just be a case of allowing people to customise the annotations that are put on the ingress (and perhaps deferring the GCP specific ones to be in your deployments' values.yml). We don't use pre-provisioned HTTPS certificates, so we already have to override some of these in https://github.com/wellplayedgames/taskcluster-operator. |
It seems like we have a large-scale choice: either continue to ship Helm charts, or replace the helm chart with a controller. Helm Chart
Controller
So I think the question to answer here is, should we try to continue to improve the chart approach, or switch to controller? @oremj / @sciurus your input would be useful too :) |
@djmitche did you mean to say "operator" instead of controller? My hot take is that it's much more realistic to have the helm chart support bringing your own ingress than it is to switch to an operator. In fact, we are already using a hack to skip the ingress you ship and inject our own for Mozilla's taskcluster deployment. |
I did, sorry! I'll leave it as-is for history :) I agree that's more realistic. But it's getting increasingly tempting to implement the "external coordination" in a more general way, so maybe setting aside the realism of resources available within Mozilla (which basically means "don't change anything"), an operator is a good thing to consider. |
I've addressed some of those concerns in #5613. As ingress.yml is autogenerated, it is almost impossible to introduce helm templates features like flow control, to conditionally include or exclude parts of it. Instead, I've added few annotations and couple of new config values. This allows to use ingress-nginx and certbot through annotations. And also generate proper routes for nginx |
TC's Helm configuration currently assumes it is running in GKE, and in particular that it is using a Google ingress controller, the configuration for which is different from that for nginx. Let's make it possible to use either Google or non-Google ingress controllers.
The text was updated successfully, but these errors were encountered: