Comments (5)
This seems reasonable, would you be able to put up a pull request for us to review?
from charts-clickhouse.
@tiina303 while checking what I needed to do, I noticed that the ingress already has a placeholder for custom annotations.
{{- if eq (include "ingress.letsencrypt" .) "true"}}
cert-manager.io/cluster-issuer: "letsencrypt-prod"
{{- end }}
...
{{- if .Values.ingress.annotations }}
{{- range $key, $value := .Values.ingress.annotations }}
{{ $key }}: {{ $value | quote }}
{{- end }}
{{- end }}
So I guess the right way to do this would be just to add to the values:
certManager:
enabled: false
ingress:
letsencrypt: false
annotations:
cert-manager.io/cluster-issuer: my-cluster-certrificate
As the later annotations will override the chart's value.
So we could just add an empty ingress.annotations
key to values.yml
to document the possibility of adding them? I don't know if this is something that is so common to charts that everyone expects it to happen. But for me it wasn't obvious.
Let me know how you would like me to proceed :)
from charts-clickhouse.
put up a quick pr for this ^
from charts-clickhouse.
So we could just add an empty ingress.annotations key to values.yml to document the possibility of adding them? I don't know if this is something that is so common to charts that everyone expects it to happen. But for me it wasn't obvious.
Yes, I'd love to have all the possible values documented in the values file, I know we're a bit inconsistent about that atm.
qq: Do you need the secret name to be configurable too https://github.com/PostHog/charts-clickhouse/blob/main/charts/posthog/templates/ingress.yaml#L40 (which can be done, but feels a bit odd to put it under gcp if one is not on gcp)?
from charts-clickhouse.
@tiina303 Indeed, I think I do. If letsencrypt: false
then the secret is not set.
I ended up deploying using K8 manifests directly to try out posthog, and specify the TLS secret.
If I do letsencrypt: true
and the the extra annotations it has the side effect of creating an unused certificate, which is not the worst.
This seems to be a more involved change and refactoring, and I'm not sure if I can do it by myself. But maybe it's worth considering, as having a centralised cluster issuer and shared CertManager for the entire cluster is, as far as I understood, a common practice.
Bellow is my ingress setup for reference
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: posthog-webserver-ingress
namespace: posthog
annotations:
kubernetes.io/ingress.class: "nginx"
cert-manager.io/cluster-issuer: cluster-certificate-issuer
spec:
rules:
- host: my.url.for.posthog.com
http:
paths:
- backend:
service:
name: posthog-webserver-service
port:
number: 8000
path: /
pathType: Prefix
tls:
- hosts:
- my.url.for.posthog.com
secretName: posthog-cert
from charts-clickhouse.
Related Issues (20)
- Cleanup old `posthog-grafana-annotation` jobs
- Add additional configuration to externalKafka
- Read-only tables in clickhouse
- CI - Ingress: validate traffic routing
- Alertmanager - switch `RedisTooManyConnections` to be % based
- Support nodeSelector, tolerations, affinity for "events" HOT 1
- Plugin server is not starting
- Unable to change clickhouse log level
- Backups error HOT 1
- Trying to install second instance HOT 3
- Only 23.5.1 available for Helm Chart for k8 HOT 1
- Support for external Grafana HOT 3
- External Zookeeper seems ignored - references built-in
- Support GCP CloudSQL Proxy for connecting to Postgres database in GCP deployment HOT 1
- Migration failed to run HOT 1
- Service does not have load balancer ingress IP address: posthog/posthog-ingress-nginx-controller HOT 3
- Add slow lane consumer for ingestion
- Bump version of kafka
- Kafka error: 'posthog' is not in the form of topic-partition or topic-partition.uniqueId-delete (if marked for deletion). HOT 1
- Unable to reset password using SMTP.
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from charts-clickhouse.