Skip to content

Commit

Permalink
chore(app): add headless service type to chart
Browse files Browse the repository at this point in the history
In some scenarios, an ExternalName service cannot point to an IP
address. For these cases, a headless service + endpoint slice may
resolve any issues
  • Loading branch information
stevepentland committed Apr 9, 2024
1 parent 3d4a0d9 commit 35d7988
Show file tree
Hide file tree
Showing 4 changed files with 114 additions and 3 deletions.
2 changes: 1 addition & 1 deletion charts/nx-cloud/Chart.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@ apiVersion: v2
name: nx-cloud
description: Nx Cloud Helm Chart
type: application
version: 0.14.1
version: 0.15.0-rc.4
maintainers:
- name: nx
url: "https://nx.app/"
Expand Down
69 changes: 69 additions & 0 deletions charts/nx-cloud/ci/endpointslice-values.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,69 @@
global:
imageTag: '2308.22.7'

nxCloudAppURL: 'URL_TO_ACCESS_INGRESS_FROM_DEV_MACHINES'

secret:
name: 'cloudsecret'
nxCloudMongoServerEndpoint: 'NX_CLOUD_MONGO_SERVER_ENDPOINT'
adminPassword: 'ADMIN_PASSWORD'

# When creating new values files for testing, bring over the lines below. The generated environment is quite resource
# constrained and with the default settings from values.yaml some of the pods will fail to schedule.
frontend:
resources:
requests:
memory: '0.5Mi'
cpu: '0.1'

nxApi:
resources:
requests:
memory: '0.5Mi'
cpu: '0.1'

fileServer:
resources:
requests:
memory: '0.5Mi'
cpu: '0.1'

aggregator:
resources:
requests:
memory: '0.5Mi'
cpu: '0.1'

nxCloudWorkflows:
enabled: true
port: 9000
name: 'nx-cloud-workflow-controller-service'
workflowsNamespace: 'nx-cloud-workflows'

externalName: '192.0.2.22'
headless: true

extraManifests:
secret:
apiVersion: v1
kind: Secret
metadata:
name: cloudsecret
namespace: default
type: Opaque
stringData:
NX_CLOUD_MONGO_SERVER_ENDPOINT: "mongodb://127.0.0.1"
ADMIN_PASSWORD: "SOME_ADMIN_PASSWORD"
GITHUB_SECRET: "I_AM_A_SECRET_VALUE"
GH_CLIENT_ID: "I_AM_A_SECRET_VALUE"
GH_CLIENT_SECRET_VALUE: "I_AM_A_SECRET_VALUE"
SOME_SECRET_TOKEN: "I_AM_A_SECRET_VALUE"
GITLAB_ACCESS_TOKEN: "I_AM_A_SECRET_VALUE"
GITHUB_AUTH_CLIENT_ID: "A_GITHUB_ID"
GITHUB_AUTH_CLIENT_SECRET: "A_GITHUB_CLIENT_SECRET"
GITHUB_WEBHOOK_SECRET: "A_GITHUB_SECRET_VALUE"
GITHUB_AUTH_TOKEN: "A_GITHUB_SECRET_VALUE"
GITHUB_APP_PRIVATE_KEY: "A_GITHUB_SECRET_VALUE"
GITHUB_APP_ID: "A_GITHUB_SECRET_VALUE"
AWS_KEY: "MYAWSKEY"
AWS_SECRET: "SUPER_SECRET_AWS_SECRET"
Original file line number Diff line number Diff line change
@@ -1,4 +1,41 @@
{{- if and .Values.nxCloudWorkflows.enabled .Values.nxCloudWorkflows.externalName }}
{{- if and .Values.nxCloudWorkflows.enabled .Values.nxCloudWorkflows.externalName}}
{{- if .Values.nxCloudWorkflows.headless }}
# Headless service and endpoint slice
---
apiVersion: v1
kind: Service
metadata:
name: {{ .Values.nxCloudWorkflows.name }}
namespace: {{ .Values.global.namespace }}
labels:
app: nx-cloud-workflow-controller
{{- include "nxCloud.app.labels" . | indent 4 }}
spec:
ports:
- port: {{ .Values.nxCloudWorkflows.port }}
protocol: TCP
targetPort: {{ .Values.nxCloudWorkflows.port }}
---
apiVersion: discovery.k8s.io/v1
kind: EndpointSlice
metadata:
name: {{ printf "%s-1" .Values.nxCloudWorkflows.name }}
namespace: {{ .Values.global.namespace }}
labels:
kubernetes.io/service-name: {{ .Values.nxCloudWorkflows.name }}
endpointslice.kubernetes.io/manage-by: helm
app: nx-cloud-workflow-controller
{{- include "nxCloud.app.labels" . | indent 4 }}
addressType: IPv4
ports:
- name: ''
protocol: TCP
port: {{ .Values.nxCloudWorkflows.port }}
endpoints:
- addresses:
- {{ .Values.nxCloudWorkflows.externalName | quote }}
conditions: {}
{{- else }}
---
apiVersion: v1
kind: Service
Expand All @@ -14,3 +51,4 @@ spec:
externalName: {{ .Values.nxCloudWorkflows.externalName }}
{{- end }}
{{- end }}
{{- end }}
6 changes: 5 additions & 1 deletion charts/nx-cloud/values.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -135,7 +135,6 @@ nxCloudWorkflows:
name: 'nx-cloud-workflow-controller-service'
workflowsNamespace: 'nx-cloud-workflows'


# If externalName is left unset, the applications will look for ane existing service with the name defined
# by `nxCloudWorkflows.name` in the namespace `nxCloudWorkflows.workflowsNamespace`. Use this option if you are
# also running the nx-agents chart in the same cluster as this nx-cloud chart
Expand All @@ -145,6 +144,11 @@ nxCloudWorkflows:
# Use this option if your nx-agents are running in a different cluster than this nx-cloud chart
externalName: ''

# If you find that an externalName service is not working as expected, you can set this to true to create a headless service
# which will create an endpoint group as an alternative. Please continue to set `externalName` to the IP address
# you wish to direct traffic to as we will use it to populate the endpoint slice.
headless: false

# Deprecated, use nxApi.deployment.replicas and frontend.deployment.replicas
replicas:
frontend: 1
Expand Down

0 comments on commit 35d7988

Please sign in to comment.