From 10c67920c79d813632fcdd107470097e3c2a0d64 Mon Sep 17 00:00:00 2001 From: calvix Date: Thu, 25 Aug 2022 11:13:37 +0200 Subject: [PATCH 1/5] proxy-support --- helm/cluster-aws/templates/_control_plane.tpl | 1 + helm/cluster-aws/templates/_helpers.tpl | 7 +++++++ helm/cluster-aws/templates/_machine_pools.tpl | 3 +++ helm/cluster-aws/values.yaml | 5 +++++ 4 files changed, 16 insertions(+) diff --git a/helm/cluster-aws/templates/_control_plane.tpl b/helm/cluster-aws/templates/_control_plane.tpl index 53f44232..d1bac79f 100644 --- a/helm/cluster-aws/templates/_control_plane.tpl +++ b/helm/cluster-aws/templates/_control_plane.tpl @@ -83,6 +83,7 @@ spec: files: {{- include "sshFiles" . | nindent 4 }} {{- include "diskFiles" . | nindent 4 }} + {{- if .Values.proxy.enabled }}{{- include "proxyFiles" . | nindent 4 }}{{- end }} {{- include "kubernetesFiles" . | nindent 4 }} initConfiguration: localAPIEndpoint: diff --git a/helm/cluster-aws/templates/_helpers.tpl b/helm/cluster-aws/templates/_helpers.tpl index 067198f5..1996e82b 100644 --- a/helm/cluster-aws/templates/_helpers.tpl +++ b/helm/cluster-aws/templates/_helpers.tpl @@ -58,6 +58,13 @@ room for such suffix. encoding: base64 content: {{ $.Files.Get "files/opt/init-disks.sh" | b64enc }} {{- end -}} +{{- define "proxyFiles" -}} +- path: /etc/systemd/system/containerd.service.d/http-proxy.conf + permissions: "0644" + encoding: base64 + content: {{ tpl ($.Files.Get "files/etc/systemd/system/containerd.service.d/http-proxy.conf") . | b64enc }} +{{- end -}} + {{- define "kubernetesFiles" -}} - path: /etc/kubernetes/policies/audit-policy.yaml diff --git a/helm/cluster-aws/templates/_machine_pools.tpl b/helm/cluster-aws/templates/_machine_pools.tpl index 33e181da..15f869e5 100644 --- a/helm/cluster-aws/templates/_machine_pools.tpl +++ b/helm/cluster-aws/templates/_machine_pools.tpl @@ -88,6 +88,9 @@ spec: {{- include "sshPostKubeadmCommands" . | nindent 2 }} users: {{- include "sshUsers" . | nindent 2 }} + files: + {{- include "sshFiles" $ | nindent 2 }} + {{- if .Values.proxy.enabled }}{{- include "proxyFiles" $ | nindent 2 }}{{- end }} --- {{ end }} {{- end -}} diff --git a/helm/cluster-aws/values.yaml b/helm/cluster-aws/values.yaml index 5137a06a..f96008a9 100644 --- a/helm/cluster-aws/values.yaml +++ b/helm/cluster-aws/values.yaml @@ -56,6 +56,11 @@ oidc: usernameClaim: "" groupsClaim: "" +proxy: + enabled: false + http_proxy: "" + https_proxy: "" + # Used by `cluster-shared` library chart includeClusterResourceSet: true kubectlImage: From 93876e8af1050aeb8be50ab03912ff048b0ba382 Mon Sep 17 00:00:00 2001 From: calvix Date: Thu, 25 Aug 2022 11:16:00 +0200 Subject: [PATCH 2/5] file --- .../etc/systemd/system/containerd.service.d/http_proxy.conf | 3 +++ 1 file changed, 3 insertions(+) create mode 100644 helm/cluster-aws/files/etc/systemd/system/containerd.service.d/http_proxy.conf diff --git a/helm/cluster-aws/files/etc/systemd/system/containerd.service.d/http_proxy.conf b/helm/cluster-aws/files/etc/systemd/system/containerd.service.d/http_proxy.conf new file mode 100644 index 00000000..0d54f54d --- /dev/null +++ b/helm/cluster-aws/files/etc/systemd/system/containerd.service.d/http_proxy.conf @@ -0,0 +1,3 @@ +[Service] +Environment="HTTP_PROXY={{ .Values.proxy.http_proxy }}" +Environment="HTTPS_PROXY={{ .Values.proxy.https_proxy }}" From 6568617a1c7c8dc0e1e5b918db6efc98d614ab22 Mon Sep 17 00:00:00 2001 From: calvix Date: Thu, 25 Aug 2022 11:16:57 +0200 Subject: [PATCH 3/5] changelog --- CHANGELOG.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 3dcba5b6..56224635 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -7,6 +7,10 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0 ## [Unreleased] +### Added + +- Add support for configuring outgoing proxy for the cluster. + ## [0.8.6] - 2022-08-23 ### Fixed From fadee7c7731639e05d930d83e9927be895f8480c Mon Sep 17 00:00:00 2001 From: calvix Date: Thu, 25 Aug 2022 11:17:35 +0200 Subject: [PATCH 4/5] schema --- helm/cluster-aws/values.schema.json | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/helm/cluster-aws/values.schema.json b/helm/cluster-aws/values.schema.json index 985e24db..30d0dd13 100644 --- a/helm/cluster-aws/values.schema.json +++ b/helm/cluster-aws/values.schema.json @@ -163,6 +163,20 @@ "organization": { "type": "string" }, + "proxy": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean" + }, + "http_proxy": { + "type": "string" + }, + "https_proxy": { + "type": "string" + } + } + }, "releaseVersion": { "type": "string" }, From 74a0564bda0d16c9d43a4d83adb0b58371adf0ff Mon Sep 17 00:00:00 2001 From: calvix Date: Thu, 25 Aug 2022 11:19:28 +0200 Subject: [PATCH 5/5] fixhelm --- helm/cluster-aws/templates/_machine_pools.tpl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/helm/cluster-aws/templates/_machine_pools.tpl b/helm/cluster-aws/templates/_machine_pools.tpl index 15f869e5..310a5283 100644 --- a/helm/cluster-aws/templates/_machine_pools.tpl +++ b/helm/cluster-aws/templates/_machine_pools.tpl @@ -90,7 +90,7 @@ spec: {{- include "sshUsers" . | nindent 2 }} files: {{- include "sshFiles" $ | nindent 2 }} - {{- if .Values.proxy.enabled }}{{- include "proxyFiles" $ | nindent 2 }}{{- end }} + {{- if $.Values.proxy.enabled }}{{- include "proxyFiles" $ | nindent 2 }}{{- end }} --- {{ end }} {{- end -}}