[bitnami/contour] Add contour multi az service (#21994)

* [bitnami/postgres-ha] feat: add logical backup to pg data (#20563) * feat: add logical backup to pg data Signed-off-by: Abdullah Barrak <abdullahalotaibi@lucidmotors.com> * fix Signed-off-by: Abdullah Barrak <abdullahalotaibi@lucidmotors.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * fix: linter Signed-off-by: Abdullah Barrak <abdullahalotaibi@lucidmotors.com> * fix: bump chart Signed-off-by: Abdullah Barrak <abdullahalotaibi@lucidmotors.com> --------- Signed-off-by: Abdullah Barrak <abdullahalotaibi@lucidmotors.com> Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> Signed-off-by: Abdullah Barrak <abdullah@abarrak.com> Co-authored-by: Bitnami Containers <bitnami-bot@vmware.com> Signed-off-by: Jan Mitterle <17966949+wsn-dev@users.noreply.github.com> * Add multi-az loadbalancer service feature Signed-off-by: Jan Mitterle <17966949+wsn-dev@users.noreply.github.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> Signed-off-by: Jan Mitterle <17966949+wsn-dev@users.noreply.github.com> * Revert "[bitnami/postgres-ha] feat: add logical backup to pg data (#20563)" This reverts commit d12b6b7aa5c534deeb4d54b668745a06b8d8a8d0. Signed-off-by: Jan Mitterle <17966949+wsn-dev@users.noreply.github.com> * Reformat license header Signed-off-by: Jan Mitterle <17966949+wsn-dev@users.noreply.github.com> * Bump Chart Version Signed-off-by: Jan Mitterle <17966949+wsn-dev@users.noreply.github.com> --------- Signed-off-by: Abdullah Barrak <abdullahalotaibi@lucidmotors.com> Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> Signed-off-by: Abdullah Barrak <abdullah@abarrak.com> Signed-off-by: Jan Mitterle <17966949+wsn-dev@users.noreply.github.com> Signed-off-by: wsn-dev <17966949+wsn-dev@users.noreply.github.com> Co-authored-by: Abdullah Barrak <abdullah@abarrak.com> Co-authored-by: Bitnami Containers <bitnami-bot@vmware.com>
2026-03-11 07:17:45 +08:00 · 2024-01-26 12:55:49 +01:00
parent 07dc445489
commit 867cf51c57
5 changed files with 166 additions and 82 deletions
--- a/bitnami/contour/Chart.yaml
+++ b/bitnami/contour/Chart.yaml
@@ -32,4 +32,4 @@ maintainers:
 name: contour
 sources:
 - https://github.com/bitnami/charts/tree/main/bitnami/contour
-version: 15.2.1
+version: 15.3.0
--- a/bitnami/contour/README.md
+++ b/bitnami/contour/README.md
@@ -318,6 +318,8 @@ helm uninstall my-release
 | `envoy.terminationGracePeriodSeconds`                                     | Envoy termination grace period in seconds                                                                             | `300`                   |
 | `envoy.logLevel`                                                          | Envoy log level                                                                                                       | `info`                  |
 | `envoy.service.name`                                                      | envoy service name                                                                                                    | `""`                    |
+| `envoy.service.multiAz.enabled`                                           | enables the rendering of the multiple services                                                                        | `false`                 |
+| `envoy.service.multiAz.zones`                                             | defines different zones their annotations and loadBalancerIPs                                                         | `[]`                    |
 | `envoy.service.targetPorts`                                               | Map the controller service HTTP/HTTPS port                                                                            | `{}`                    |
 | `envoy.service.type`                                                      | Type of Envoy service to create                                                                                       | `LoadBalancer`          |
 | `envoy.service.externalTrafficPolicy`                                     | Envoy Service external cluster policy. If `envoy.service.type` is NodePort or LoadBalancer                            | `Local`                 |
--- a/bitnami/contour/templates/envoy/service.yaml
+++ b/bitnami/contour/templates/envoy/service.yaml
@@ -5,86 +5,11 @@ SPDX-License-Identifier: APACHE-2.0

 {{- $versionLabel := dict "app.kubernetes.io/version" ( include "common.images.version" ( dict "imageRoot" .Values.envoy.image "chart" .Chart ) ) }}
 {{- $podLabels := include "common.tplvalues.merge" ( dict "values" ( list .Values.envoy.podLabels .Values.commonLabels ) "context" . ) }}
-{{- if .Values.envoy.enabled }}
-apiVersion: v1
-kind: Service
-metadata:
-  name: {{ default (printf "%s-envoy" (include "common.names.fullname" .) | trunc 63 | trimSuffix "-") .Values.envoy.service.name }}
-  namespace: {{ include "common.names.namespace" . | quote }}
-  {{- $labels := include "common.tplvalues.merge" ( dict "values" ( list .Values.envoy.service.labels .Values.commonLabels $versionLabel ) "context" . ) }}
-  labels: {{- include "common.labels.standard" ( dict "customLabels" $labels "context" $ ) | nindent 4 }}
-    app.kubernetes.io/component: envoy
-  annotations:
-    {{- if (ne (index .Values.envoy.service.annotations "service.beta.kubernetes.io/aws-load-balancer-type" | toString ) "nlb") }}
-    # This annotation puts the AWS ELB into "TCP" mode so that it does not
-    # do HTTP negotiation for HTTPS connections at the ELB edge.
-    # The downside of this is the remote IP address of all connections will
-    # appear to be the internal address of the ELB. See docs/proxy-proto.md
-    # for information about enabling the PROXY protocol on the ELB to recover
-    # the original remote IP address.
-    # We don't set this for nlb, per the contour docs.
-    service.beta.kubernetes.io/aws-load-balancer-backend-protocol: tcp
-    {{- end }}
-    {{- if or .Values.envoy.service.annotations .Values.commonAnnotations }}
-    {{- $annotations := include "common.tplvalues.merge" ( dict "values" ( list .Values.envoy.service.annotations .Values.commonAnnotations ) "context" . ) }}
-    {{- include "common.tplvalues.render" ( dict "value" $annotations "context" $) | nindent 4 }}
-    {{- end }}
-spec:
-  {{- if .Values.envoy.service.externalTrafficPolicy }}
-  externalTrafficPolicy: {{ .Values.envoy.service.externalTrafficPolicy | quote }}
-  {{- end }}
-  {{- if not (empty .Values.envoy.service.clusterIP) }}
-  clusterIP: {{ .Values.envoy.service.clusterIP | quote }}
-  {{- end }}
-  {{- if .Values.envoy.service.sessionAffinity }}
-  sessionAffinity: {{ .Values.envoy.service.sessionAffinity }}
-  {{- end }}
-  {{- if .Values.envoy.service.sessionAffinityConfig }}
-  sessionAffinityConfig: {{- include "common.tplvalues.render" (dict "value" .Values.envoy.service.sessionAffinityConfig "context" $) | nindent 4 }}
-  {{- end }}
-  {{- if .Values.envoy.service.externalIPs }}
-  externalIPs: {{- toYaml .Values.envoy.service.externalIPs | nindent 4 }}
-  {{- end }}
-  {{- if .Values.envoy.service.loadBalancerIP }}
-  loadBalancerIP: {{ .Values.envoy.service.loadBalancerIP | quote }}
-  {{- end }}
-  {{- if .Values.envoy.service.loadBalancerSourceRanges }}
-  loadBalancerSourceRanges: {{- toYaml .Values.envoy.service.loadBalancerSourceRanges | nindent 4 }}
-  {{- end }}
-  {{- if .Values.envoy.service.ipFamilyPolicy }}
-  ipFamilyPolicy: {{ .Values.envoy.service.ipFamilyPolicy }}
-  {{- end }}
-  {{- if .Values.envoy.service.ipFamilies }}
-  ipFamilies: {{ toYaml .Values.envoy.service.ipFamilies | nindent 4 }}
-  {{- end }}
-  {{- if and .Values.envoy.service.loadBalancerClass (eq .Values.envoy.service.type "LoadBalancer") }}
-  loadBalancerClass: {{ .Values.envoy.service.loadBalancerClass }}
-  {{- end }}
-  ports:
-    - name: http
-      port: {{ .Values.envoy.service.ports.http }}
-      protocol: TCP
-      targetPort: {{ .Values.envoy.service.targetPorts.http }}
-      {{- if and (or (eq .Values.envoy.service.type "NodePort") (eq .Values.envoy.service.type "LoadBalancer")) (not (empty .Values.envoy.service.nodePorts.http)) }}
-      nodePort: {{ .Values.envoy.service.nodePorts.http }}
-      {{- else if eq .Values.envoy.service.type "ClusterIP" }}
-      nodePort: null
-      {{- end }}
-    - name: https
-      port: {{ .Values.envoy.service.ports.https }}
-      protocol: TCP
-      targetPort: {{ .Values.envoy.service.targetPorts.https }}
-      {{- if and (or (eq .Values.envoy.service.type "NodePort") (eq .Values.envoy.service.type "LoadBalancer")) (not (empty .Values.envoy.service.nodePorts.https)) }}
-      nodePort: {{ .Values.envoy.service.nodePorts.https }}
-      {{- else if eq .Values.envoy.service.type "ClusterIP" }}
-      nodePort: null
-      {{- end }}
-    {{- if .Values.envoy.service.extraPorts }}
-    {{- include "common.tplvalues.render" (dict "value" .Values.envoy.service.extraPorts "context" $) | nindent 4 }}
-    {{- end }}
-  selector: {{- include "common.labels.matchLabels" ( dict "customLabels" $podLabels "context" $ ) | nindent 4 }}
-    app.kubernetes.io/component: envoy
-  type: {{ .Values.envoy.service.type }}
+{{- if and .Values.envoy.service.multiAz.enabled .Values.envoy.service.multiAz.zones .Values.envoy.enabled }}
+{{ include "envoy.envoyServiceMultiAZ" . }}
+{{- else if .Values.envoy.enabled }}
+{{ include "envoy.envoyService" . }}
+{{- end }}
 {{- if .Values.metrics.serviceMonitor.enabled }}
 ---
 apiVersion: v1
@@ -109,4 +34,3 @@ spec:
      protocol: TCP
      targetPort: {{ .Values.envoy.service.targetPorts.metrics }}
 {{- end }}
-{{- end }}
--- a/bitnami/contour/templates/service_helpers.yaml
+++ b/bitnami/contour/templates/service_helpers.yaml
@@ -0,0 +1,140 @@
+{{- /*
+Copyright VMware, Inc.
+SPDX-License-Identifier: APACHE-2.0
+*/}}
+
+{{/* vim: set filetype=mustache: */}}
+
+{{/*
+Create the standalone envoyService
+*/}}
+{{- define "envoy.envoyService" -}}
+{{- $versionLabel := dict "app.kubernetes.io/version" ( include "common.images.version" ( dict "imageRoot" .Values.envoy.image "chart" .Chart ) ) }}
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ default (printf "%s-envoy" (include "common.names.fullname" .) | trunc 63 | trimSuffix "-") .Values.envoy.service.name }}
+  namespace: {{ include "common.names.namespace" . | quote }}
+  {{- $labels := include "common.tplvalues.merge" ( dict "values" ( list .Values.envoy.service.labels .Values.commonLabels $versionLabel ) "context" . ) }}
+  labels: {{- include "common.labels.standard" ( dict "customLabels" $labels "context" $ ) | nindent 4 }}
+    app.kubernetes.io/component: envoy
+  annotations:
+    {{- if (ne (index .Values.envoy.service.annotations "service.beta.kubernetes.io/aws-load-balancer-type" | toString ) "nlb") }}
+    # This annotation puts the AWS ELB into "TCP" mode so that it does not
+    # do HTTP negotiation for HTTPS connections at the ELB edge.
+    # The downside of this is the remote IP address of all connections will
+    # appear to be the internal address of the ELB. See docs/proxy-proto.md
+    # for information about enabling the PROXY protocol on the ELB to recover
+    # the original remote IP address.
+    # We don't set this for nlb, per the contour docs.
+    service.beta.kubernetes.io/aws-load-balancer-backend-protocol: tcp
+    {{- end }}
+    {{- if or .Values.envoy.service.annotations .Values.commonAnnotations }}
+    {{- $annotations := include "common.tplvalues.merge" ( dict "values" ( list .Values.envoy.service.annotations .Values.commonAnnotations ) "context" . ) }}
+    {{- include "common.tplvalues.render" ( dict "value" $annotations "context" $) | nindent 4 }}
+    {{- end }}
+spec:
+  {{- if .Values.envoy.service.loadBalancerIP }}
+  loadBalancerIP: {{ .Values.envoy.service.loadBalancerIP | quote }}
+  {{- end }}
+{{- include "envoy.envoyServiceSpec" . }}
+{{- end -}}
+
+{{/*
+Create the multi az envoyService
+*/}}
+{{- define "envoy.envoyServiceMultiAZ" -}}
+{{- range $azArray := .Values.envoy.service.multiAz.zones }}
+{{- with $ -}}
+{{- $versionLabel := dict "app.kubernetes.io/version" ( include "common.images.version" ( dict "imageRoot" .Values.envoy.image "chart" .Chart ) ) }}
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ default (printf "%s-%s-envoy" (include "common.names.fullname" .) $azArray.name | trunc 63 | trimSuffix "-") .Values.envoy.service.name }}
+  namespace: {{ include "common.names.namespace" . | quote }}
+  {{- $labels := include "common.tplvalues.merge" ( dict "values" ( list .Values.envoy.service.labels .Values.commonLabels $versionLabel ) "context" . ) }}
+  labels: {{- include "common.labels.standard" ( dict "customLabels" $labels "context" $ ) | nindent 4 }}
+    app.kubernetes.io/component: envoy
+  annotations:
+    {{- if (ne (index .Values.envoy.service.annotations "service.beta.kubernetes.io/aws-load-balancer-type" | toString ) "nlb") }}
+    # This annotation puts the AWS ELB into "TCP" mode so that it does not
+    # do HTTP negotiation for HTTPS connections at the ELB edge.
+    # The downside of this is the remote IP address of all connections will
+    # appear to be the internal address of the ELB. See docs/proxy-proto.md
+    # for information about enabling the PROXY protocol on the ELB to recover
+    # the original remote IP address.
+    # We don't set this for nlb, per the contour docs.
+    service.beta.kubernetes.io/aws-load-balancer-backend-protocol: tcp
+    {{- end }}
+    {{- if or .Values.envoy.service.annotations .Values.commonAnnotations $azArray.annotations }}
+    {{- $annotations := include "common.tplvalues.merge" ( dict "values" ( list .Values.envoy.service.annotations .Values.commonAnnotations $azArray.annotations ) "context" . ) }}
+    {{- include "common.tplvalues.render" ( dict "value" $annotations "context" $) | nindent 4 }}
+    {{- end }}
+spec:
+  {{- if $azArray.loadBalancerIP }}
+  loadBalancerIP: {{ $azArray.loadBalancerIP | quote }}
+  {{- end }}
+{{- include "envoy.envoyServiceSpec" . }}
+{{- end -}}
+{{- end -}}
+{{- end -}}
+
+{{/*
+The default envoy service spec
+*/}}
+{{- define "envoy.envoyServiceSpec" -}}
+{{- $podLabels := include "common.tplvalues.merge" ( dict "values" ( list .Values.envoy.podLabels .Values.commonLabels ) "context" . ) }}
+  {{- if .Values.envoy.service.externalTrafficPolicy }}
+  externalTrafficPolicy: {{ .Values.envoy.service.externalTrafficPolicy | quote }}
+  {{- end }}
+  {{- if not (empty .Values.envoy.service.clusterIP) }}
+  clusterIP: {{ .Values.envoy.service.clusterIP | quote }}
+  {{- end }}
+  {{- if .Values.envoy.service.sessionAffinity }}
+  sessionAffinity: {{ .Values.envoy.service.sessionAffinity }}
+  {{- end }}
+  {{- if .Values.envoy.service.sessionAffinityConfig }}
+  sessionAffinityConfig: {{- include "common.tplvalues.render" (dict "value" .Values.envoy.service.sessionAffinityConfig "context" $) | nindent 4 }}
+  {{- end }}
+  {{- if .Values.envoy.service.externalIPs }}
+  externalIPs: {{- toYaml .Values.envoy.service.externalIPs | nindent 4 }}
+  {{- end }}
+  {{- if .Values.envoy.service.loadBalancerSourceRanges }}
+  loadBalancerSourceRanges: {{- toYaml .Values.envoy.service.loadBalancerSourceRanges | nindent 4 }}
+  {{- end }}
+  {{- if .Values.envoy.service.ipFamilyPolicy }}
+  ipFamilyPolicy: {{ .Values.envoy.service.ipFamilyPolicy }}
+  {{- end }}
+  {{- if .Values.envoy.service.ipFamilies }}
+  ipFamilies: {{ toYaml .Values.envoy.service.ipFamilies | nindent 4 }}
+  {{- end }}
+  {{- if and .Values.envoy.service.loadBalancerClass (eq .Values.envoy.service.type "LoadBalancer") }}
+  loadBalancerClass: {{ .Values.envoy.service.loadBalancerClass }}
+  {{- end }}
+  ports:
+    - name: http
+      port: {{ .Values.envoy.service.ports.http }}
+      protocol: TCP
+      targetPort: {{ .Values.envoy.service.targetPorts.http }}
+      {{- if and (or (eq .Values.envoy.service.type "NodePort") (eq .Values.envoy.service.type "LoadBalancer")) (not (empty .Values.envoy.service.nodePorts.http)) }}
+      nodePort: {{ .Values.envoy.service.nodePorts.http }}
+      {{- else if eq .Values.envoy.service.type "ClusterIP" }}
+      nodePort: null
+      {{- end }}
+    - name: https
+      port: {{ .Values.envoy.service.ports.https }}
+      protocol: TCP
+      targetPort: {{ .Values.envoy.service.targetPorts.https }}
+      {{- if and (or (eq .Values.envoy.service.type "NodePort") (eq .Values.envoy.service.type "LoadBalancer")) (not (empty .Values.envoy.service.nodePorts.https)) }}
+      nodePort: {{ .Values.envoy.service.nodePorts.https }}
+      {{- else if eq .Values.envoy.service.type "ClusterIP" }}
+      nodePort: null
+      {{- end }}
+    {{- if .Values.envoy.service.extraPorts }}
+    {{- include "common.tplvalues.render" (dict "value" .Values.envoy.service.extraPorts "context" $) | nindent 4 }}
+    {{- end }}
+  selector: {{- include "common.labels.matchLabels" ( dict "customLabels" $podLabels "context" $ ) | nindent 4 }}
+    app.kubernetes.io/component: envoy
+  type: {{ .Values.envoy.service.type }}
+{{- end -}}
--- a/bitnami/contour/values.yaml
+++ b/bitnami/contour/values.yaml
@@ -890,6 +890,24 @@ envoy:
    ## @param envoy.service.name envoy service name
    ##
    name: ""
+    ## The multi az feature renders multiple service, so you could attach different service provider loadbalancer to it.
+    ## This feature is primarily used to achieve a high availability with multiple loadbalancer
+    ## @param envoy.service.multiAz.enabled enables the rendering of the multiple services
+    ## @param envoy.service.multiAz.zones defines different zones their annotations and loadBalancerIPs
+    ##
+    multiAz:
+      enabled: false
+      zones: []
+    ## Example
+    ## - name: "zone1"
+    ##   loadBalancerIP: "1.2.3.4"
+    ##   annotations:
+    ##    service.beta.kubernetes.io/loadbalancer-zone: zone1
+    ## - name: "zone2"
+    ##   loadBalancerIP: "5.6.7.8"
+    ##   annotations:
+    ##    service.beta.kubernetes.io/loadbalancer-zone: zone2
+    ##
    ## @param envoy.service.targetPorts [object] Map the controller service HTTP/HTTPS port
    ##
    targetPorts: