ingress: Use upstream resources w/ patches

This will make it easier to upgrade, since we keep track of _exactly_ what we changed from the upstream resources with Kustomize patches.
2024-11-21 19:42:35 -06:00
parent 3b3d4c38ed
commit 3d5dd52eb9
2 changed files with 57 additions and 651 deletions
--- a/ingress/kustomization.yaml
+++ b/ingress/kustomization.yaml
@@ -4,5 +4,61 @@ kind: Kustomization
 namespace: ingress-nginx

 resources:
- ingress-nginx.yaml
+- https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v1.3.0/deploy/static/provider/cloud/deploy.yaml
 - tcp-services.yaml
+
+patches:
+- patch: |-
+    $patch: delete
+    apiVersion: v1
+    kind: Service
+    metadata:
+      name: ingress-nginx-controller
+      namespace: ingress-nginx
+
+- patch: |-
+    - op: replace
+      path: /kind
+      value: DaemonSet
+    - op: remove
+      path: /spec/template/spec/containers/0/args/1
+    - op: add
+      path: /spec/template/spec/containers/0/args/-
+      value: >-
+        --report-node-internal-ip-address
+    - op: add
+      path: /spec/template/spec/containers/0/args/-
+      value: >-
+        --default-ssl-certificate=default/pyrocufflink-cert
+    - op: add
+      path: /spec/template/spec/containers/0/args/-
+      value: >-
+        --tcp-services-configmap=ingress-nginx/tcp-services
+  target:
+    group: apps
+    kind: Deployment
+    name: ingress-nginx-controller
+    version: v1
+
+- patch: |-
+    apiVersion: apps/v1
+    kind: DaemonSet
+    metadata:
+      name: ingress-nginx-controller
+      namespace: ingress-nginx
+    spec:
+      template:
+        spec:
+          dnsPolicy: ClusterFirstWithHostNet
+          hostNetwork: true
+          nodeSelector:
+            kubernetes.io/role: ingress
+
+
+- patch: |-
+    apiVersion: networking.k8s.io/v1
+    kind: IngressClass
+    metadata:
+      name: nginx
+      annotations:
+        ingressclass.kubernetes.io/is-default-class: "true"