TheArchive/tailscale
1
0
Fork 0
mirror of https://github.com/tailscale/tailscale.git synced 2025-02-16 18:08:40 +00:00
Code Issues Packages Projects Releases Wiki Activity

cmd/k8s-operator,k8s-operator: host network and port

Browse Source 
Allow helm users to configure the host networking for the operator
deployment, and specify a port to open.

Fixes #13981

Signed-off-by: Lee Briggs <lee@leebriggs.co.uk>
This commit is contained in:
Lee Briggs 2024-10-31 11:48:41 -07:00
parent 3477bfd234
commit 6682953e7d
No known key found for this signature in database
GPG Key ID: A4D09B96FDFEB505
2 changed files with 24 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
cmd/k8s-operator/deploy/chart/templates/deployment.yaml
View File

@ -1,6 +1,5 @@
# Copyright (c) Tailscale Inc & AUTHORS # Copyright (c) Tailscale Inc & AUTHORS
# SPDX-License-Identifier: BSD-3-Clause # SPDX-License-Identifier: BSD-3-Clause
apiVersion: apps/v1 apiVersion: apps/v1
kind: Deployment kind: Deployment
metadata: metadata:
@ -25,6 +24,10 @@ spec:
{{- toYaml . | nindent 8 }} {{- toYaml . | nindent 8 }}
{{- end }} {{- end }}
spec: spec:
{{- if .Values.operatorConfig.hostNetwork.enabled }}
hostNetwork: true
dnsPolicy: {{ .Values.operatorConfig.hostNetwork.dnsPolicy }}
{{- end }}
{{- with .Values.imagePullSecrets }} {{- with .Values.imagePullSecrets }}
imagePullSecrets: imagePullSecrets:
{{- toYaml . | nindent 8 }} {{- toYaml . | nindent 8 }}
@ -44,6 +47,11 @@ spec:
securityContext: securityContext:
{{- toYaml . | nindent 12 }} {{- toYaml . | nindent 12 }}
{{- end }} {{- end }}
{{- if .Values.operatorConfig.port.enabled }}
ports:
- containerPort: {{ .Values.operatorConfig.port.containerPort }}
protocol: TCP
{{- end }}
{{- with .Values.operatorConfig.resources }} {{- with .Values.operatorConfig.resources }}
resources: resources:
{{- toYaml . | nindent 12 }} {{- toYaml . | nindent 12 }}
@ -68,6 +76,10 @@ spec:
value: /oauth/client_id value: /oauth/client_id
- name: CLIENT_SECRET_FILE - name: CLIENT_SECRET_FILE
value: /oauth/client_secret value: /oauth/client_secret
{{- if .Values.operatorConfig.port.enabled }}
- name: PORT
value: {{ .Values.operatorConfig.port.containerPort | quote }}
{{- end }}
{{- $proxyTag := printf ":%s" ( .Values.proxyConfig.image.tag | default .Chart.AppVersion )}} {{- $proxyTag := printf ":%s" ( .Values.proxyConfig.image.tag | default .Chart.AppVersion )}}
- name: PROXY_IMAGE - name: PROXY_IMAGE
value: {{ coalesce .Values.proxyConfig.image.repo .Values.proxyConfig.image.repository }}{{- if .Values.proxyConfig.image.digest -}}{{ printf "@%s" .Values.proxyConfig.image.digest}}{{- else -}}{{ printf "%s" $proxyTag }}{{- end }} value: {{ coalesce .Values.proxyConfig.image.repo .Values.proxyConfig.image.repository }}{{- if .Values.proxyConfig.image.digest -}}{{ printf "@%s" .Values.proxyConfig.image.digest}}{{- else -}}{{ printf "%s" $proxyTag }}{{- end }}
@ -99,4 +111,4 @@ spec:
{{- with .Values.operatorConfig.tolerations }} {{- with .Values.operatorConfig.tolerations }}
tolerations: tolerations:
{{- toYaml . | nindent 8 }} {{- toYaml . | nindent 8 }}
{{- end }} {{- end }}

10
cmd/k8s-operator/deploy/chart/values.yaml
View File

@ -22,6 +22,16 @@ operatorConfig:
defaultTags: defaultTags:
- "tag:k8s-operator" - "tag:k8s-operator"
# Manual configuration of Tailscaled port
port:
enabled: false
containerPort: 8080
# Optional host network configuration. Likely only needed for public Kubernetes nodes
hostNetwork:
enabled: false
dnsPolicy: ClusterFirstWithHostNet # Common options: ClusterFirst, ClusterFirstWithHostNet, Default
image: image:
# Repository defaults to DockerHub, but images are also synced to ghcr.io/tailscale/k8s-operator. # Repository defaults to DockerHub, but images are also synced to ghcr.io/tailscale/k8s-operator.
repository: tailscale/k8s-operator repository: tailscale/k8s-operator