Create openfaas ingress operator chart

Signed-off-by: Vivek Singh <[email protected]>
openfaas · Jun 28, 2020 · 322ea94 · 322ea94
1 parent af91f32
commit 322ea94
Show file tree

Hide file tree

Showing 14 changed files with 171 additions and 57 deletions.
diff --git a/chart/ingress-operator/.helmignore b/chart/ingress-operator/.helmignore
@@ -0,0 +1,22 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/
diff --git a/chart/ingress-operator/Chart.yaml b/chart/ingress-operator/Chart.yaml
@@ -0,0 +1,18 @@
+apiVersion: v1
+description: Get custom domains and TLS for your OpenFaaS Functions through the FunctionIngress CRD
+name: ingress-operator
+version: 0.1.0
+sources:
+  - https://github.com/openfaas-incubator/ingress-operator
+home: https://www.openfaas.com
+icon: https://raw.githubusercontent.com/openfaas/media/master/OpenFaaS_logo_stacked_opaque.png
+keywords:
+  - functions
+  - service
+  - ingress
+  - openfaas
+maintainers:
+  - name: alexellis
+    email: [email protected]
+  - name: viveksyngh
+    email: [email protected]
diff --git a/chart/ingress-operator/README.md b/chart/ingress-operator/README.md
@@ -0,0 +1,54 @@
+# OpenFaaS Ingress Operator
+
+The [Ingress operator](https://github.com/openfaas-incubator/ingress-operator) gets custom domains and TLS for your OpenFaaS Functions through the FunctionIngress CRD
+## Prerequisites
+
+- Install OpenFaaS
+
+  You must have a working OpenFaaS installation. You can find [instructions in the docs](https://docs.openfaas.com/deployment/kubernetes/#pick-helm-or-yaml-files-for-deployment-a-or-b), including instructions to also install OpenFaaS via Helm.
+
+
+## Install the Chart
+
+- Add the OpenFaaS chart repo and deploy the `ingress-operator` chart. We recommend installing it in the same namespace as the rest of OpenFaaS
+
+```sh
+$ helm repo add openfaas https://openfaas.github.io/faas-netes/
+$ helm upgrade ingress-operator openfaas/ingress-operator \
+    --install \
+    --namespace openfaas
+```
+
+> The above command will also update your helm repo to pull in any new releases.
+
+## Configuration
+
+Additional ingress-operator options in `values.yaml`.
+
+| Parameter                | Description                                                                            | Default                        |
+| ------------------------ | -------------------------------------------------------------------------------------- | ------------------------------ |
+| `create` | Create the ingress-operator component | `false` |
+| `replicas` | Replicas of the ingress-operator| `1` |
+| `image` | Container image used in ingress-operator| `openfaas/ingress-operator:0.6.2` |
+| `resources` | Limits and requests for memory and CPU usage | Memory Requests: 25Mi |
+| `imagePullPolicy` | Image Pull Policy | `Always` |
+| `functionNamespace` | Namespace for functions | `openfaas-fn` |
+
+Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`.
+See values.yaml for detailed configuration.
+
+## Removing the ingress-operator
+
+All control plane components can be cleaned up with helm:
+
+For Helm 2
+
+```sh
+$ helm delete --purge ingress-operator
+```
+
+For Helm 3
+
+```sh
+$ helm uninstall ingress-operator
+```
diff --git a/chart/ingress-operator/development.md b/chart/ingress-operator/development.md
diff --git a/chart/ingress-operator/templates/NOTES.txt b/chart/ingress-operator/templates/NOTES.txt
@@ -0,0 +1 @@
+Thanks for installing ingress-operator. Please follow the instructions below to get you started.
diff --git a/chart/ingress-operator/templates/_helpers.tpl b/chart/ingress-operator/templates/_helpers.tpl
@@ -0,0 +1,20 @@
+{{/* vim: set filetype=mustache: */}}
+{{/*
+Expand the name of the chart.
+*/}}
+{{- define "openfaas.name" -}}
+{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+{{/*
+Create a default fully qualified app name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+*/}}
+{{- define "openfaas.fullname" -}}
+{{- $name := default .Chart.Name .Values.nameOverride -}}
+{{- if contains $name .Release.Name -}}
+{{- .Release.Name | trunc 63 | trimSuffix "-" -}}
+{{- else -}}
+{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+{{- end -}}
diff --git a/...nfaas/templates/ingress-operator-crd.yaml → ...rator/templates/ingress-operator-crd.yaml b/...nfaas/templates/ingress-operator-crd.yaml → ...rator/templates/ingress-operator-crd.yaml
@@ -1,4 +1,3 @@
-{{- if .Values.ingressOperator.create }}
 apiVersion: apiextensions.k8s.io/v1beta1
 kind: CustomResourceDefinition
 metadata:
@@ -18,23 +17,27 @@ spec:
       description: FunctionIngress describes an OpenFaaS function
       properties:
         apiVersion:
-          description: 'APIVersion defines the versioned schema of this representation
+          description:
+            "APIVersion defines the versioned schema of this representation
             of an object. Servers should convert recognized schemas to the latest
-            internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+            internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources"
           type: string
         kind:
-          description: 'Kind is a string value representing the REST resource this
+          description:
+            "Kind is a string value representing the REST resource this
             object represents. Servers may infer this from the endpoint the client
-            submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+            submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds"
           type: string
         metadata:
           type: object
         spec:
-          description: FunctionIngressSpec is the spec for a FunctionIngress resource.
+          description:
+            FunctionIngressSpec is the spec for a FunctionIngress resource.
             It must be created in the same namespace as the gateway, i.e. openfaas.
           properties:
             bypassGateway:
-              description: BypassGateway, when true creates an Ingress record directly
+              description:
+                BypassGateway, when true creates an Ingress record directly
                 for the Function name without using the gateway in the hot path
               type: boolean
             domain:
@@ -47,7 +50,8 @@ spec:
               description: IngressType such as "nginx"
               type: string
             path:
-              description: Path such as "/v1/profiles/view/(.*)", or leave empty for
+              description:
+                Path such as "/v1/profiles/view/(.*)", or leave empty for
                 default
               type: string
             tls:
@@ -56,7 +60,8 @@ spec:
                 enabled:
                   type: boolean
                 issuerRef:
-                  description: ObjectReference is a reference to an object with a
+                  description:
+                    ObjectReference is a reference to an object with a
                     given name and kind.
                   properties:
                     kind:
@@ -83,4 +88,3 @@ spec:
     - name: v1alpha2
       served: true
       storage: true
-{{- end }}
diff --git a/...nfaas/templates/ingress-operator-dep.yaml → ...rator/templates/ingress-operator-dep.yaml b/...nfaas/templates/ingress-operator-dep.yaml → ...rator/templates/ingress-operator-dep.yaml
@@ -1,5 +1,4 @@
-{{- $functionNs := default .Release.Namespace .Values.functionNamespace }}
-{{- if .Values.ingressOperator.create }}
+{{- if .Values.create }}
 apiVersion: apps/v1
 kind: Deployment
 metadata:
@@ -12,7 +11,7 @@ metadata:
   name: ingress-operator
   namespace: {{ .Release.Namespace | quote }}
 spec:
-  replicas: {{ .Values.ingressOperator.replicas }}
+  replicas: {{ .Values.replicas }}
   selector:
     matchLabels:
       app: ingress-operator
@@ -27,15 +26,15 @@ spec:
       containers:
       - name: operator
         resources:
-          {{- .Values.ingressOperator.resources | toYaml | nindent 10 }}
-        image: {{ .Values.ingressOperator.image }}
-        imagePullPolicy: {{ .Values.openfaasImagePullPolicy }}
+          {{- .Values.resources | toYaml | nindent 10 }}
+        image: {{ .Values.image }}
+        imagePullPolicy: {{ .Values.imagePullPolicy }}
         command:
           - ./ingress-operator
           - -logtostderr
         env:
         - name: function_namespace
-          value: {{ $functionNs | quote }}
+          value: {{ .Values.functionNamespace | quote }}
         - name: ingress_namespace
           value: {{ .Release.Namespace | quote }}
 {{- end }}
diff --git a/...faas/templates/ingress-operator-rbac.yaml → ...ator/templates/ingress-operator-rbac.yaml b/...faas/templates/ingress-operator-rbac.yaml → ...ator/templates/ingress-operator-rbac.yaml
@@ -1,4 +1,4 @@
-{{- if .Values.ingressOperator.create }}
+{{- if .Values.create }}
 ---
 apiVersion: v1
 kind: ServiceAccount

diff --git a/chart/ingress-operator/values.yaml b/chart/ingress-operator/values.yaml
@@ -0,0 +1,16 @@
+# https://github.com/openfaas-incubator/ingress-operator
+image: openfaas/ingress-operator:0.6.2
+
+replicas: 1
+
+create: false
+
+imagePullPolicy: "Always"
+
+functionNamespace: "openfaas-fn"
+
+rbac: true
+
+resources:
+  requests:
+    memory: "25Mi"
diff --git a/chart/openfaas/README.md b/chart/openfaas/README.md
@@ -380,10 +380,6 @@ Additional OpenFaaS options in `values.yaml`.
 | `operator.createCRD` | Create the CRD for OpenFaaS Function definition | `true` |
 | `ingress.enabled` | Create ingress resources | `false` |
 | `faasnetes.httpProbe` | Use a httpProbe instead of exec | `false` |
-| `ingressOperator.create` | Create the ingress-operator component | `false` |
-| `ingressOperator.replicas` | Replicas of the ingress-operator| `1` |
-| `ingressOperator.image` | Container image used in ingress-operator| `openfaas/ingress-operator:0.6.2` |
-| `ingressOperator.resources` | Limits and requests for memory and CPU usage | Memory Requests: 25Mi |
 | `faasnetes.readTimeout` | Queue worker read timeout | `60s` |
 | `faasnetes.writeTimeout` | Queue worker write timeout | `60s` |
 | `faasnetes.imagePullPolicy` | Image pull policy for deployed functions | `Always` |

diff --git a/chart/openfaas/values-arm64.yaml b/chart/openfaas/values-arm64.yaml
@@ -36,9 +36,6 @@ basicAuthPlugin:
   image: openfaas/basic-auth-plugin:0.18.17-arm64
   replicas: 1
 
-ingressOperator:
-  create: false
-
 # Unfortunately the exporter is not multi-arch (yet)
 nats:
   metrics:

diff --git a/chart/openfaas/values-armhf.yaml b/chart/openfaas/values-armhf.yaml
@@ -36,9 +36,6 @@ basicAuthPlugin:
   image: openfaas/basic-auth-plugin:0.18.17-armhf
   replicas: 0
 
-ingressOperator:
-  create: false
-
 # Unfortunately the exporter is not multi-arch (yet)
 nats:
   metrics:

diff --git a/chart/openfaas/values.yaml b/chart/openfaas/values.yaml
@@ -1,12 +1,12 @@
-functionNamespace: openfaas-fn  # Default namespace for functions
+functionNamespace: openfaas-fn # Default namespace for functions
 
 async: true
 
 exposeServices: true
 serviceType: NodePort
-httpProbe: true               # Setting to true will use HTTP for readiness and liveness probe on the OpenFaaS system Pods (incompatible with Istio < 1.1.5)
+httpProbe: true # Setting to true will use HTTP for readiness and liveness probe on the OpenFaaS system Pods (incompatible with Istio < 1.1.5)
 rbac: true
-clusterRole: false            # Set to true to have OpenFaaS administrate multiple namespaces
+clusterRole: false # Set to true to have OpenFaaS administrate multiple namespaces
 
 # create pod security policies for OpenFaaS control plane
 # https://kubernetes.io/docs/concepts/policy/pod-security-policy/
@@ -23,9 +23,9 @@ gatewayExternal:
 
 gateway:
   image: openfaas/gateway:0.18.17
-  readTimeout : "65s"
-  writeTimeout : "65s"
-  upstreamTimeout : "60s"  # Must be smaller than read/write_timeout
+  readTimeout: "65s"
+  writeTimeout: "65s"
+  upstreamTimeout: "60s" # Must be smaller than read/write_timeout
   replicas: 1
   scaleFromZero: true
   # change the port when creating multiple releases in the same baremetal cluster
@@ -74,19 +74,19 @@ oauth2Plugin:
 
 faasnetes:
   image: openfaas/faas-netes:0.10.5
-  readTimeout : "60s"
-  writeTimeout : "60s"
-  imagePullPolicy : "Always"    # Image pull policy for deployed functions
-  httpProbe: true               # Setting to true will use HTTP for readiness and liveness probe on Pods (incompatible with Istio < 1.1.5)
+  readTimeout: "60s"
+  writeTimeout: "60s"
+  imagePullPolicy: "Always" # Image pull policy for deployed functions
+  httpProbe: true # Setting to true will use HTTP for readiness and liveness probe on Pods (incompatible with Istio < 1.1.5)
   setNonRootUser: false
   readinessProbe:
     initialDelaySeconds: 2
-    timeoutSeconds: 1           # Tuned-in to run checks early and quickly to support fast cold-start from zero replicas
-    periodSeconds: 2            # Reduce to 1 for a faster cold-start, increase higher for lower-CPU usage
+    timeoutSeconds: 1 # Tuned-in to run checks early and quickly to support fast cold-start from zero replicas
+    periodSeconds: 2 # Reduce to 1 for a faster cold-start, increase higher for lower-CPU usage
   livenessProbe:
     initialDelaySeconds: 2
     timeoutSeconds: 1
-    periodSeconds: 2           # Reduce to 1 for a faster cold-start, increase higher for lower-CPU usage
+    periodSeconds: 2 # Reduce to 1 for a faster cold-start, increase higher for lower-CPU usage
   resources:
     requests:
       memory: "120Mi"
@@ -112,7 +112,7 @@ queueWorker:
   maxInflight: 1
   gatewayInvoke: true
   queueGroup: "faas"
-  ackWait : "60s"
+  ackWait: "60s"
   resources:
     requests:
       memory: "120Mi"
@@ -148,7 +148,7 @@ nats:
   enableMonitoring: false
   metrics:
     enabled: false
-    image: synadia/prometheus-nats-exporter:0.6.2 
+    image: synadia/prometheus-nats-exporter:0.6.2
   resources:
     requests:
       memory: "120Mi"
@@ -158,7 +158,7 @@ ingress:
   enabled: false
   # Used to create Ingress record (should be used with exposeServices: false).
   hosts:
-    - host: gateway.openfaas.local  # Replace with gateway.example.com if public-facing
+    - host: gateway.openfaas.local # Replace with gateway.example.com if public-facing
       serviceName: gateway
       servicePort: 8080
       path: /
@@ -167,24 +167,14 @@ ingress:
   tls:
     # Secrets must be manually created in the namespace.
 
-# ingressOperator (optional) – component to have specific FQDN and TLS for Functions
-# https://github.com/openfaas-incubator/ingress-operator
-ingressOperator:
-  image: openfaas/ingress-operator:0.6.2
-  replicas: 1
-  create: false
-  resources:
-    requests:
-      memory: "25Mi"
-
 # faas-idler configuration
 faasIdler:
   image: openfaas/faas-idler:0.3.0
   replicas: 1
   create: true
-  inactivityDuration: 30m               # If a function is inactive for 15 minutes, it may be scaled to zero
-  reconcileInterval: 2m                 # The interval between each attempt to scale functions to zero
-  dryRun: true                          # Set to false to enable the idler to apply changes and scale to zero
+  inactivityDuration: 30m # If a function is inactive for 15 minutes, it may be scaled to zero
+  reconcileInterval: 2m # The interval between each attempt to scale functions to zero
+  dryRun: true # Set to false to enable the idler to apply changes and scale to zero
   resources:
     requests:
       memory: "64Mi"