Skip to content

Commit

Permalink
♻️(helm) separate PostHog ingress
Browse files Browse the repository at this point in the history 
Based on feedback from @rouja, I've updated the Helm configuration for PostHog
to use separate ingress resources for each service. Although the documentation
suggests sharing the same ingress, the services have different externalName
values, which conflicts with the use of a vhost in the ingress annotations.
This change ensures proper service redirection by aligning each service with
its own ingress.
  • Loading branch information
@lebaudantoine
lebaudantoine committed Sep 25, 2024
1 parent b5244a5 commit e4c7bc0
Show file tree
Hide file tree
Showing 7 changed files with 120 additions and 30 deletions.
3 changes: 3 additions & 0 deletions src/helm/env.d/dev/values.meet.yaml.gotmpl
View file
Original file line number Diff line number Diff line change
Expand Up @@ -102,3 +102,6 @@ posthog:
ingress:
enabled: false

ingressAssets:
enabled: false

8 changes: 8 additions & 0 deletions src/helm/env.d/production/values.meet.yaml.gotmpl
View file
Original file line number Diff line number Diff line change
Expand Up @@ -138,3 +138,11 @@ posthog:
kubernetes.io/ingress.class: nginx
nginx.ingress.kubernetes.io/upstream-vhost: eu.i.posthog.com
nginx.ingress.kubernetes.io/backend-protocol: https

ingressAssets:
enabled: true
host: product.visio.numerique.gouv.fr
annotations:
kubernetes.io/ingress.class: nginx
nginx.ingress.kubernetes.io/upstream-vhost: eu-assets.i.posthog.com
nginx.ingress.kubernetes.io/backend-protocol: https
8 changes: 8 additions & 0 deletions src/helm/env.d/staging/values.meet.yaml.gotmpl
View file
Original file line number Diff line number Diff line change
Expand Up @@ -148,3 +148,11 @@ posthog:
kubernetes.io/ingress.class: nginx
nginx.ingress.kubernetes.io/upstream-vhost: eu.i.posthog.com
nginx.ingress.kubernetes.io/backend-protocol: https

ingressAssets:
enabled: true
host: product.visio-staging.beta.numerique.gouv.fr
annotations:
kubernetes.io/ingress.class: nginx
nginx.ingress.kubernetes.io/upstream-vhost: eu-assets.i.posthog.com
nginx.ingress.kubernetes.io/backend-protocol: https
28 changes: 0 additions & 28 deletions src/helm/meet/templates/ingress_posthog.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -60,20 +60,6 @@ spec:
serviceName: {{ include "meet.posthog.fullname" . }}-proxy
servicePort: {{ .Values.posthog.service.port }}
{{- end }}
- path: {{ .Values.posthog.ingress.pathAssets }}
{{- if semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion }}
pathType: Prefix
{{- end }}
backend:
{{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }}
service:
name: {{ include "meet.posthog.fullname" . }}-assets-proxy
port:
number: {{ .Values.posthog.assetsService.port }}
{{- else }}
serviceName: {{ include "meet.posthog.fullname" . }}
servicePort: {{ .Values.posthog.assetsService.port }}
{{- end }}
{{- end }}
{{- range .Values.posthog.ingress.hosts }}
- host: {{ . | quote }}
Expand All @@ -93,20 +79,6 @@ spec:
serviceName: {{ include "meet.posthog.fullname" . }}-proxy
servicePort: {{ $.Values.posthog.service.port }}
{{- end }}
- path: {{ .Values.posthog.ingress.pathAssets }}
{{- if semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion }}
pathType: Prefix
{{- end }}
backend:
{{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }}
service:
name: {{ include "meet.posthog.fullname" . }}-assets-proxy
port:
number: {{ $.Values.posthog.assetsService.service.port }}
{{- else }}
serviceName: {{ include "meet.posthog.fullname" . }}-assets-proxy
servicePort: {{ $.Values.posthog.assetsService.service.port }}
{{- end }}
{{- with $.Values.posthog.assetsService.customBackends }}
{{- toYaml . | nindent 10 }}
{{- end }}
Expand Down
87 changes: 87 additions & 0 deletions src/helm/meet/templates/ingress_posthog_assets.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,87 @@
{{- if .Values.posthog.ingressAssets.enabled -}}
{{- $fullName := include "meet.fullname" . -}}
{{- if and .Values.posthog.ingressAssets.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }}
{{- if not (hasKey .Values.posthog.ingressAssets.annotations "kubernetes.io/ingress.class") }}
{{- $_ := set .Values.posthog.ingressAssets.annotations "kubernetes.io/ingress.class" .Values.posthog.ingressAssets.className}}
{{- end }}
{{- end }}
{{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion -}}
apiVersion: networking.k8s.io/v1
{{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}}
apiVersion: networking.k8s.io/v1beta1
{{- else -}}
apiVersion: extensions/v1beta1
{{- end }}
kind: Ingress
metadata:
name: {{ $fullName }}-posthog-assets
namespace: {{ .Release.Namespace | quote }}
labels:
{{- include "meet.labels" . | nindent 4 }}
{{- with .Values.posthog.ingressAssets.annotations }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
spec:
{{- if and .Values.posthog.ingressAssets.className (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion) }}
ingressClassName: {{ .Values.posthog.ingressAssets.className }}
{{- end }}
{{- if .Values.posthog.ingressAssets.tls.enabled }}
tls:
{{- if .Values.posthog.ingressAssets.host }}
- secretName: {{ $fullName }}-posthog-tls
hosts:
- {{ .Values.posthog.ingressAssets.host | quote }}
{{- end }}
{{- range .Values.posthog.ingressAssets.tls.additional }}
- hosts:
{{- range .hosts }}
- {{ . | quote }}
{{- end }}
secretName: {{ .secretName }}
{{- end }}
{{- end }}
rules:
{{- if .Values.posthog.ingressAssets.host }}
- host: {{ .Values.posthog.ingressAssets.host | quote }}
http:
paths:
- path: {{ .Values.posthog.ingressAssets.path }}
{{- if semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion }}
pathType: Prefix
{{- end }}
backend:
{{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }}
service:
name: {{ include "meet.posthog.fullname" . }}-assets-proxy
port:
number: {{ .Values.posthog.assetsService.port }}
{{- else }}
serviceName: {{ include "meet.posthog.fullname" . }}
servicePort: {{ .Values.posthog.assetsService.port }}
{{- end }}
{{- end }}
{{- range .Values.posthog.ingressAssets.hosts }}
- host: {{ . | quote }}
http:
paths:
- path: {{ $.Values.posthog.ingressAssets.path | quote }}
{{- if semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion }}
pathType: Prefix
{{- end }}
backend:
{{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }}
service:
name: {{ include "meet.posthog.fullname" . }}-assets-proxy
port:
number: {{ $.Values.posthog.assetsService.service.port }}
{{- else }}
serviceName: {{ include "meet.posthog.fullname" . }}-assets-proxy
servicePort: {{ $.Values.posthog.assetsService.service.port }}
{{- end }}
{{- with $.Values.posthog.assetsService.customBackends }}
{{- toYaml . | nindent 10 }}
{{- end }}
{{- end }}
{{- end }}

2 changes: 1 addition & 1 deletion src/helm/meet/templates/posthog_assets_svc.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
{{- if .Values.posthog.ingress.enabled -}}
{{- if .Values.posthog.ingressAssets.enabled -}}
{{- $envVars := include "meet.common.env" (list . .Values.posthog) -}}
{{- $fullName := include "meet.posthog.fullname" . -}}
{{- $component := "posthog" -}}
Expand Down
14 changes: 13 additions & 1 deletion src/helm/meet/values.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -273,7 +273,19 @@ posthog:
className: null
host: meet.example.com
path: /
pathAssets: /static
hosts: [ ]
tls:
enabled: true
additional: [ ]

customBackends: [ ]
annotations: {}

ingressAssets:
enabled: false
className: null
host: meet.example.com
path: /static
hosts: [ ]
tls:
enabled: true
Expand Down

0 comments on commit e4c7bc0

Please sign in to comment.