helm-charts
helm-charts copied to clipboard
smallstep
introduce more configurable options for service type
Hello!
I need to host small-step on it's own LoadBalancerIP rather than an ingress controller as the ingress controller uses cert-manager to get a public cert from LE rather than the PKI chain that Small Step provides.
This PR introduces additional service options for Small Step but defaults to the current configuration.
Hey, that is awesome MR. I also need LoadBalancer type instead NodePort. Right now I started to modify template locally but It would be great to have it in public chart.
To someone landing here and the peeps already on the issue. I worked around this issue by using the ytt tool from Carvel.
So when I set service to type LoadBalancer I overlay on the generated Kubernetes Service object and add a loadBalancerIP key/value to that object.
If people are interested in more ... let me know and I can provide a gist. But, of course, the greatest solution would be that the step-certificates Helm charts actually supports providing a loadBalancerIP. So why not get this PR proposal in 💯 - good stuff.
Thanks and have a great day.
Hey, that is awesome MR. I also need LoadBalancer type instead NodePort. Right now I started to modify template locally but It would be great to have it in public chart.
@zolech see my suggestion until this is merged. My solution makes it possible for you to avoid customizing the chart locally.
Hey, that is awesome MR. I also need LoadBalancer type instead NodePort. Right now I started to modify template locally but It would be great to have it in public chart.
@zolech see my suggestion until this is merged. My solution makes it possible for you to avoid customizing the chart locally.
Thanks but I've already resolved that by passing ssl through with treafik. Works great and there is no need using LoadBalancer type.
Hey, that is awesome MR. I also need LoadBalancer type instead NodePort. Right now I started to modify template locally but It would be great to have it in public chart.
@zolech see my suggestion until this is merged. My solution makes it possible for you to avoid customizing the chart locally.
Thanks but I've already resolved that by passing ssl through with treafik. Works great and there is no need using LoadBalancer type.
Alright. Totally fair! However, based on this issue > https://github.com/smallstep/helm-charts/issues/77 < I get the impression that doing that is not the best of ideas. Hmm.
Hey, that is awesome MR. I also need LoadBalancer type instead NodePort. Right now I started to modify template locally but It would be great to have it in public chart.
@zolech see my suggestion until this is merged. My solution makes it possible for you to avoid customizing the chart locally.
Thanks but I've already resolved that by passing ssl through with treafik. Works great and there is no need using LoadBalancer type.
Alright. Totally fair! However, based on this issue > #77 < I get the impression that doing that is not the best of ideas. Hmm.
It's not the best idea to use L7 ingress but traefik has CRD that uses L4 load balancing: ingressroutetcps.traefik.containo.us and together with SNI works well in this case.
Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you sign our Contributor License Agreement before we can accept your contribution.
You have signed the CLA already but the status is still pending? Let us recheck it.
