Add FE Ingress #435
Merged
Add FE Ingress #435
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
|
|
with this change, will you be able to connect the frontend via SDK? like below |
|
Yes and in ingress we need to mention grpc protocol
grpc uses http/2
…On Sat, 28 Oct 2023 at 20:36, Vithu R ***@***.***> wrote:
with this change, will you be able to connect the frontend via SDK? like
below
c, err := client.Dial(client.Options{ HostPort: "ingress-path-prefix:80",
})
—
Reply to this email directly, view it on GitHub
<#435 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/ADA6PH55HDZB7MV73U4IDT3YBUNPDAVCNFSM6AAAAAA6LPP3O2VHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMYTOOBTHA2DCNJWGE>
.
You are receiving this because you authored the thread.Message ID:
***@***.***>
|
|
I tried. but it didn't work for me. sharing my config |
|
Try with this, it needs some additional annotations |
|
@debugger24 I used the below config, temporal-frontend ingress gets created but it says some backend services are in unhealthy state. |
|
Mostly it is because this service use gRPC, depending on the ingress controller you may need to add additional annotation, like in my traefik (can be different for you) I use |
|
@debugger24 I'm using, gce as the ingress class, not using any ingress controller like traefik or nginx. |
|
Just found this PR and wanted to add: we implemented similar change internally and made it to work with ALB ingress over SSL for EKS on AWS. Here is the ALB ingress config we used: For the temporal client to connect successfully, we also had to set Looking forward to have this feature added to Temporal's official helm charts! Thanks! |
|
The information from @ogusak was extremely helpful. For those using Google Cloud, it can also be pointed out that the ingress facilitated by this PR is not required when electing to implement "Container-native load balancing through standalone zonal NEGs." If such an infrastructure is desired, the critical annotation is the following. |
|
Oops, my apologies, different service. |
robholland
requested review from
robholland,
tsurdilo,
MasonEgger and
axfelix
as code owners
robholland
requested changes
Jun 8, 2024
templates/server-ingress.yaml
Outdated
| @@ -0,0 +1,58 @@ | |||
| {{- if .Values.server.frontend.ingress.enabled -}} | |||
There was a problem hiding this comment.
Please rename file to frontend-ingress.yaml.
There was a problem hiding this comment.
Thanks for the catch, renamed.
There was a problem hiding this comment.
other resources too like service is in server-service.yaml. should we really make frontend-ingress.yaml ?
There was a problem hiding this comment.
Yes please, I'll be adjusting file names to be more reflective as well.
robholland
approved these changes
Jul 1, 2024
|
Just my 2 cents (it took me several hours to find a working solution): server:
frontend:
ingress:
enabled: true
hosts:
- <host>
# TLS is taken from default secret configured for ingress chart
annotations:
nginx.ingress.kubernetes.io/backend-protocol: "GRPC"
nginx.ingress.kubernetes.io/ssl-redirect: "true"
nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
nginx.ingress.kubernetes.io/ssl-passthrough: "true"Test: |
mihaelabalas84
added a commit
to fairmoney/temporal-helm-charts
that referenced
this pull request
Aug 16, 2024
* update ui image to 2.25.0 (temporalio#478) Signed-off-by: Tihomir Surdilovic <[email protected]> * Allow forcing a specific chart version. (temporalio#479) This is useful for patch releases on older release lines. * Update Chart to 0.37.0, Temporal v1.23.1 * Ensure appVersion is used by default as the server image tag. (temporalio#488) * Bumps server version to the specified appVersion * Use chart.appversion instead of image.tag from values in deployment spec * Allow overriding deployment spec with image.tag --------- Co-authored-by: Kshitij <[email protected]> * Update Chart to 0.38.1, Temporal v1.23.1 * [Bug] Allow and document configuring Web UI via values.yaml (temporalio#394) 1. remove web ui config in values.yaml 2. remove web config volume in web-deployment.yaml 3. remove web-config config map 4. remove line 280 since the install bash didn't configure web ui auth 5. update the document for web ui configuration with env variable Co-authored-by: Rob Holland <[email protected]> * fix(imageTag): Fix default type in values for imageTag (temporalio#489) * Update Chart to 0.39.0, Temporal v1.24.0 * Update README.md * Update Chart to 0.39.1, Temporal v1.24.1 * Switch to devrel. * Support new admintools image tag format (temporalio#493) * Require tags for server, admintools and ui. Don't use server tag for admintools, it's versioned separately now. * Update Chart to 0.40.0. * fix: add support for pre upgrade. (temporalio#476) * adding missing ImagePullSecrets section to web deployment * Whitespace. * fix: Use visibility server when defining visibility config (temporalio#436) Co-authored-by: Rob Holland <[email protected]> * fix: sidecarContainers should be an array, not a dict * Use tplvalues.render for templating inside values (temporalio#492) Allow templated values inside the values.yaml for web annotations * Apply security context regardless of persistence engine. (temporalio#494) Replaces temporalio#308. * Update Chart to 0.40.1. * Allow to skip database creation (temporalio#480) Signed-off-by: Valentin Zayash <[email protected]> * Update Cassandra host URLs to remove the ".cluster.local" suffix (temporalio#485) * Update Cassandra host URLs to remove the ".cluster.local" suffix * Configure SQL TLS environment variables in server-job (temporalio#411) * Configure SQL_TLS environment variables in server-job * Update Chart to 0.41.0. * Fix weird helm lint false alarm. Fixes temporalio#284. * Helm 2 compat. Fixes temporalio#187. * Update codeowners. * Revert "Update Cassandra host URLs to remove the ".cluster.local" suffix (temporalio#485)" (temporalio#500) This reverts commit b25c4fc. * Update Chart to 0.41.1. * Adds a PodDisruptionBudget and topologySpreadConstraints to web (temporalio#409) * Adds a PodDisruptionBudget and topologySpreadConstraints to web * fixing type on topologySpreadConstraints topologySpreadConstraints should be a list instead of map * Update Chart to 0.42.0. * Update README to mention you cannot do Cassandra only anymore. (temporalio#499) Related: temporalio#470. * Remove invalid line. (temporalio#502) Fixes temporalio#426 * Service account should be set when present, even if not creating. (temporalio#498) Fixes temporalio#403. * Correct outdated port config. (temporalio#497) Fixes temporalio#333 and temporalio#149. Context: temporalio/temporal#650 * Update Chart to 0.43.0. * ElasticSearch -> Elasticsearch * fix: Escape ES credentials (temporalio#505) * feat: updated grafana and prometheus helm dependencies (temporalio#424) * feat: bump grafana and prometheus charts versions Signed-off-by: David Calvert <[email protected]> * Remove hard coded cluster.local references. (temporalio#501) Switch check-cassandra-service init container to use nc. nslookup in recent busybox images is broken and doesn't obey resolv.conf, meaning it won't check k8s search domains. * Enable HTTP API for Nexus (temporalio#511) * Enable HTTP API for Nexus * Update charts/temporal/templates/server-service.yaml * Add FE Ingress (temporalio#435) * Add ingress for frontend * Add CONTRIBUTING. * Note contributing in README. * Note slack channel. * Use a shared config map for all services. (temporalio#514) Remove helpers in favour of defaults via values file. Remove unused Elasticsearch environment variables. Stop switching between es-visibility and visibility for store names. * Pass `ct lint` * Lint chart on PR. * Setup for `ci install`. (temporalio#522) * Setup for `ci install`. Adds a test so that `helm test` now checks that the cluster is healthy after the system is deployed. Refactors server-job to remove the use of helm hooks which cause lot of users pain and don't work with --wait, or the mechanism that helm test uses. Improve the handling of elasticsearch by treating it just like the other drivers. Correctly handle the schema.createDatabase setting which previously had edge cases. * Secret key fixes. * Fix missed ES quoting issue. * Add postgres-es test. * Fix branch reference. * Update Chart to 0.44.0. * Update README to use repo. (temporalio#531) * Update README to use repo. Fixes temporalio#458 --------- Co-authored-by: Alex Garnett <[email protected]> * Check for pgx driver as well as plain postgres. (temporalio#546) Fixes temporalio#532 * Templatize resourceLabels for standardization (temporalio#539) * Templatize resourceLabels for standardization --------- Signed-off-by: Tihomir Surdilovic <[email protected]> Signed-off-by: Valentin Zayash <[email protected]> Signed-off-by: David Calvert <[email protected]> Co-authored-by: Tihomir Surdilovic <[email protected]> Co-authored-by: Rob Holland <[email protected]> Co-authored-by: Temporal Data <[email protected]> Co-authored-by: Kshitij Tulsyan <[email protected]> Co-authored-by: Kshitij <[email protected]> Co-authored-by: Jingyu <[email protected]> Co-authored-by: Theo REY <[email protected]> Co-authored-by: Alex Shtin <[email protected]> Co-authored-by: Rob Holland <[email protected]> Co-authored-by: Punit Kulal <[email protected]> Co-authored-by: Gerardo Enrique Mora Salazar <[email protected]> Co-authored-by: Giovanny Gutiérrez <[email protected]> Co-authored-by: vogre <[email protected]> Co-authored-by: Valentin Zayash <[email protected]> Co-authored-by: Chris Taylor <[email protected]> Co-authored-by: Grzegorz Kołakowski <[email protected]> Co-authored-by: Prathyush PV <[email protected]> Co-authored-by: sringel <[email protected]> Co-authored-by: Alex Shtin <[email protected]> Co-authored-by: David Calvert <[email protected]> Co-authored-by: Roey Berman <[email protected]> Co-authored-by: Rahul Kumar <[email protected]> Co-authored-by: Alex Garnett <[email protected]> Co-authored-by: Sahil Vazirani <[email protected]>
mihaelabalas84
added a commit
to fairmoney/temporal-helm-charts
that referenced
this pull request
Oct 2, 2024
* update ui image to 2.25.0 (temporalio#478) Signed-off-by: Tihomir Surdilovic <[email protected]> * Allow forcing a specific chart version. (temporalio#479) This is useful for patch releases on older release lines. * Update Chart to 0.37.0, Temporal v1.23.1 * Ensure appVersion is used by default as the server image tag. (temporalio#488) * Bumps server version to the specified appVersion * Use chart.appversion instead of image.tag from values in deployment spec * Allow overriding deployment spec with image.tag --------- Co-authored-by: Kshitij <[email protected]> * Update Chart to 0.38.1, Temporal v1.23.1 * [Bug] Allow and document configuring Web UI via values.yaml (temporalio#394) 1. remove web ui config in values.yaml 2. remove web config volume in web-deployment.yaml 3. remove web-config config map 4. remove line 280 since the install bash didn't configure web ui auth 5. update the document for web ui configuration with env variable Co-authored-by: Rob Holland <[email protected]> * fix(imageTag): Fix default type in values for imageTag (temporalio#489) * Update Chart to 0.39.0, Temporal v1.24.0 * Update README.md * Update Chart to 0.39.1, Temporal v1.24.1 * Switch to devrel. * Support new admintools image tag format (temporalio#493) * Require tags for server, admintools and ui. Don't use server tag for admintools, it's versioned separately now. * Update Chart to 0.40.0. * fix: add support for pre upgrade. (temporalio#476) * adding missing ImagePullSecrets section to web deployment * Whitespace. * fix: Use visibility server when defining visibility config (temporalio#436) Co-authored-by: Rob Holland <[email protected]> * fix: sidecarContainers should be an array, not a dict * Use tplvalues.render for templating inside values (temporalio#492) Allow templated values inside the values.yaml for web annotations * Apply security context regardless of persistence engine. (temporalio#494) Replaces temporalio#308. * Update Chart to 0.40.1. * Allow to skip database creation (temporalio#480) Signed-off-by: Valentin Zayash <[email protected]> * Update Cassandra host URLs to remove the ".cluster.local" suffix (temporalio#485) * Update Cassandra host URLs to remove the ".cluster.local" suffix * Configure SQL TLS environment variables in server-job (temporalio#411) * Configure SQL_TLS environment variables in server-job * Update Chart to 0.41.0. * Fix weird helm lint false alarm. Fixes temporalio#284. * Helm 2 compat. Fixes temporalio#187. * Update codeowners. * Revert "Update Cassandra host URLs to remove the ".cluster.local" suffix (temporalio#485)" (temporalio#500) This reverts commit b25c4fc. * Update Chart to 0.41.1. * Adds a PodDisruptionBudget and topologySpreadConstraints to web (temporalio#409) * Adds a PodDisruptionBudget and topologySpreadConstraints to web * fixing type on topologySpreadConstraints topologySpreadConstraints should be a list instead of map * Update Chart to 0.42.0. * Update README to mention you cannot do Cassandra only anymore. (temporalio#499) Related: temporalio#470. * Remove invalid line. (temporalio#502) Fixes temporalio#426 * Service account should be set when present, even if not creating. (temporalio#498) Fixes temporalio#403. * Correct outdated port config. (temporalio#497) Fixes temporalio#333 and temporalio#149. Context: temporalio/temporal#650 * Update Chart to 0.43.0. * ElasticSearch -> Elasticsearch * fix: Escape ES credentials (temporalio#505) * feat: updated grafana and prometheus helm dependencies (temporalio#424) * feat: bump grafana and prometheus charts versions Signed-off-by: David Calvert <[email protected]> * Remove hard coded cluster.local references. (temporalio#501) Switch check-cassandra-service init container to use nc. nslookup in recent busybox images is broken and doesn't obey resolv.conf, meaning it won't check k8s search domains. * Enable HTTP API for Nexus (temporalio#511) * Enable HTTP API for Nexus * Update charts/temporal/templates/server-service.yaml * Add FE Ingress (temporalio#435) * Add ingress for frontend * Add CONTRIBUTING. * Note contributing in README. * Note slack channel. * Use a shared config map for all services. (temporalio#514) Remove helpers in favour of defaults via values file. Remove unused Elasticsearch environment variables. Stop switching between es-visibility and visibility for store names. * Pass `ct lint` * Lint chart on PR. * Setup for `ci install`. (temporalio#522) * Setup for `ci install`. Adds a test so that `helm test` now checks that the cluster is healthy after the system is deployed. Refactors server-job to remove the use of helm hooks which cause lot of users pain and don't work with --wait, or the mechanism that helm test uses. Improve the handling of elasticsearch by treating it just like the other drivers. Correctly handle the schema.createDatabase setting which previously had edge cases. * Secret key fixes. * Fix missed ES quoting issue. * Add postgres-es test. * Fix branch reference. * Update Chart to 0.44.0. * Update README to use repo. (temporalio#531) * Update README to use repo. Fixes temporalio#458 --------- Co-authored-by: Alex Garnett <[email protected]> * Check for pgx driver as well as plain postgres. (temporalio#546) Fixes temporalio#532 * Templatize resourceLabels for standardization (temporalio#539) * Templatize resourceLabels for standardization * Feat add authorization options (temporalio#542) Server authorization config. * Quote sql password for default store in the same way as the visibility store (temporalio#551) * Update Chart to 0.45.0. * Update Chart to 0.45.1. * Update UI version description (temporalio#556) * Use admintools-env and secret for ES password consistent with e.g. jobs (temporalio#530) * Provide option to create default namespace (temporalio#550) * Provide option to create default namespace * Create multiple namespaces with optional retention --------- Co-authored-by: Manan Mangal <[email protected]> * add Job annotations and labels (temporalio#536) * add job labels and annotations Signed-off-by: André Bauer <[email protected]> Co-authored-by: Rob Holland <[email protected]> --------- Signed-off-by: André Bauer <[email protected]> Co-authored-by: Rob Holland <[email protected]> * Config to specify tags to be excluded in prometheus metrics (temporalio#566) * Config to specify tags to be excluded in prometheus metrics --------- Co-authored-by: Rob Holland <[email protected]> * Update Chart to 0.46.0. * Ensure we use global for includes. (temporalio#568) Some call sites used . which was sometimes not the global context. * Update Chart to 0.46.1. * Update _helpers.tpl to avoid nested custom resource label (temporalio#576) * Update Chart to 0.46.2. * fix identation --------- Signed-off-by: Tihomir Surdilovic <[email protected]> Signed-off-by: Valentin Zayash <[email protected]> Signed-off-by: David Calvert <[email protected]> Signed-off-by: André Bauer <[email protected]> Co-authored-by: Tihomir Surdilovic <[email protected]> Co-authored-by: Rob Holland <[email protected]> Co-authored-by: Temporal Data <[email protected]> Co-authored-by: Kshitij Tulsyan <[email protected]> Co-authored-by: Kshitij <[email protected]> Co-authored-by: Jingyu <[email protected]> Co-authored-by: Theo REY <[email protected]> Co-authored-by: Alex Shtin <[email protected]> Co-authored-by: Rob Holland <[email protected]> Co-authored-by: Punit Kulal <[email protected]> Co-authored-by: Gerardo Enrique Mora Salazar <[email protected]> Co-authored-by: Giovanny Gutiérrez <[email protected]> Co-authored-by: vogre <[email protected]> Co-authored-by: Valentin Zayash <[email protected]> Co-authored-by: Chris Taylor <[email protected]> Co-authored-by: Grzegorz Kołakowski <[email protected]> Co-authored-by: Prathyush PV <[email protected]> Co-authored-by: sringel <[email protected]> Co-authored-by: Alex Shtin <[email protected]> Co-authored-by: David Calvert <[email protected]> Co-authored-by: Roey Berman <[email protected]> Co-authored-by: Rahul Kumar <[email protected]> Co-authored-by: Alex Garnett <[email protected]> Co-authored-by: Sahil Vazirani <[email protected]> Co-authored-by: Quinn <[email protected]> Co-authored-by: Kristian Nordman <[email protected]> Co-authored-by: Alex Tideman <[email protected]> Co-authored-by: Csaba Tűz <[email protected]> Co-authored-by: Manan Mangal <[email protected]> Co-authored-by: Manan Mangal <[email protected]> Co-authored-by: André Bauer <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
What was changed
Added ingress for server frontend service
Why?
To access server frontend service from other microservice
Checklist