From 6a1be4e24f80066ff7a906aad505c67e7e6ad43b Mon Sep 17 00:00:00 2001
From: michaeljguarino <mguarino46@gmail.com>
Date: Sat, 6 Jan 2024 00:22:20 -0500
Subject: [PATCH] add http probe info for nginx ingress

---
 charts/runtime/Chart.yaml     |  2 +-
 charts/runtime/values.yaml    |  8 +++++--
 templates/setup/console.tf    | 45 ++++++++++++++++++-----------------
 terraform/clouds/azure/aks.tf |  1 +
 4 files changed, 31 insertions(+), 25 deletions(-)

diff --git a/charts/runtime/Chart.yaml b/charts/runtime/Chart.yaml
index 6bb7ece..a6bdacc 100644
--- a/charts/runtime/Chart.yaml
+++ b/charts/runtime/Chart.yaml
@@ -2,7 +2,7 @@ apiVersion: v2
 name: runtime
 description: Sets up the basic dependencies needed to get a network stack running
 type: application
-version: 0.1.15
+version: 0.1.16
 appVersion: "0.1.0"
 dependencies:
 - name: external-dns
diff --git a/charts/runtime/values.yaml b/charts/runtime/values.yaml
index 85fccf0..bab9973 100644
--- a/charts/runtime/values.yaml
+++ b/charts/runtime/values.yaml
@@ -55,7 +55,7 @@ cert-manager:
     fsGroup: 1000
     runAsNonRoot: true
 
-ingress-nginx:
+ingress-nginx-private:
   enabled: true
   controller:
     image:
@@ -70,6 +70,7 @@ ingress-nginx:
       controllerValue: "k8s.io/internal-ingress-nginx"
     service:
       annotations:
+        service.beta.kubernetes.io/azure-load-balancer-health-probe-request-path: /healthz
         networking.gke.io/load-balancer-type: "Internal"
         service.beta.kubernetes.io/azure-load-balancer-internal: "true"
         service.beta.kubernetes.io/aws-load-balancer-scheme: internal
@@ -139,7 +140,7 @@ ingress-nginx:
       prometheusRule:
         enabled: false
 
-ingress-nginx-private:
+ingress-nginx:
   enabled: true
   controller:
     image:
@@ -147,6 +148,9 @@ ingress-nginx-private:
       digestChroot: null
     admissionWebhooks:
       enabled: false
+    service:
+      annotations:
+        service.beta.kubernetes.io/azure-load-balancer-health-probe-request-path: /healthz
     config:
       worker-shutdown-timeout: 240s
       proxy-body-size: '0'
diff --git a/templates/setup/console.tf b/templates/setup/console.tf
index 24de872..a0d4b9c 100644
--- a/templates/setup/console.tf
+++ b/templates/setup/console.tf
@@ -1,7 +1,28 @@
+// leave this resource static, if you want to modify console values, do it in the generated helm values directly instead.
+resource "null_resource" "console" {
+  provisioner "local-exec" {
+    command = "plural cd control-plane-values --name {{ .Cluster }} --dsn \"${module.mgmt.db_url}\" --domain {{ .Subdomain }} --file console.yaml"
+    working_dir = "${path.module}/../helm-values"
+  }
+}
+
 data "local_sensitive_file" "certmanager" {
   filename = "${path.module}/../helm-values/certmanager.yaml"
 }
 
+data "local_sensitive_file" "flux" {
+  filename = "${path.module}/../helm-values/flux.yaml"
+}
+
+data "local_sensitive_file" "runtime" {
+  filename = "${path.module}/../helm-values/runtime.yaml"
+}
+
+data "local_sensitive_file" "console" {
+  filename = "${path.module}/../helm-values/console.yaml"
+  depends_on = [ null_resource.console ]
+}
+
 resource "helm_release" "certmanager" {
   name             = "cert-manager"
   namespace        = "cert-manager"
@@ -18,10 +39,6 @@ resource "helm_release" "certmanager" {
   depends_on = [ module.mgmt.cluster ]
 }
 
-data "local_sensitive_file" "flux" {
-  filename = "${path.module}/../helm-values/flux.yaml"
-}
-
 resource "helm_release" "flux" {
   name             = "flux"
   namespace        = "flux"
@@ -38,16 +55,12 @@ resource "helm_release" "flux" {
   depends_on = [ module.mgmt.cluster ]
 }
 
-data "local_sensitive_file" "runtime" {
-  filename = "${path.module}/../helm-values/runtime.yaml"
-}
-
 resource "helm_release" "runtime" {
   name             = "runtime"
   namespace        = "plural-runtime"
   chart            = "runtime"
   repository       = "https://pluralsh.github.io/bootstrap"
-  version          = "0.1.15"
+  version          = "0.1.16"
   create_namespace = true
   timeout          = 300
   wait             = false
@@ -58,18 +71,6 @@ resource "helm_release" "runtime" {
   depends_on = [ module.mgmt.cluster, helm_release.certmanager, helm_release.flux ]
 }
 
-resource "null_resource" "console" {
-  provisioner "local-exec" {
-    command = "plural cd control-plane-values --name {{ .Cluster }} --dsn \"${module.mgmt.db_url}\" --domain {{ .Subdomain }} --file console.yaml"
-    working_dir = "${path.module}/../helm-values"
-  }
-}
-
-data "local_sensitive_file" "console" {
-  filename = "${path.module}/../helm-values/console.yaml"
-  depends_on = [ null_resource.console ]
-}
-
 resource "helm_release" "console" {
   name             = "console"
   namespace        = "plrl-console"
@@ -77,7 +78,7 @@ resource "helm_release" "console" {
   repository       = "https://pluralsh.github.io/console"
   version          = "0.1.21"
   create_namespace = true
-  timeout          = 300
+  timeout          = 600
   wait             = true
   values           = [
     data.local_sensitive_file.console.content
diff --git a/terraform/clouds/azure/aks.tf b/terraform/clouds/azure/aks.tf
index 8e813ca..1facd48 100644
--- a/terraform/clouds/azure/aks.tf
+++ b/terraform/clouds/azure/aks.tf
@@ -12,5 +12,6 @@ module "aks" {
   vnet_subnet_id       = azurerm_subnet.network.id
   node_pools           = {for name, pool in var.node_pools : name => merge(pool, {name = name, vnet_subnet_id = azurerm_subnet.network.id})}
   
+  ebpf_data_plane = true
   role_based_access_control_enabled = true
 }
\ No newline at end of file