outposts: create different service when using embedded outpost

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
This commit is contained in:
Jens Langhammer 2021-08-08 14:01:39 +02:00
parent 571049219f
commit f0a8c30ce9
3 changed files with 37 additions and 2 deletions

View File

@ -40,6 +40,11 @@ class KubernetesObjectReconciler(Generic[T]):
self.namespace = controller.outpost.config.kubernetes_namespace self.namespace = controller.outpost.config.kubernetes_namespace
self.logger = get_logger().bind(type=self.__class__.__name__) self.logger = get_logger().bind(type=self.__class__.__name__)
@property
def is_embedded(self) -> bool:
"""Return true if the current outpost is embedded"""
return self.controller.outpost.managed != ""
@property @property
def noop(self) -> bool: def noop(self) -> bool:
"""Return true if this object should not be created/updated/deleted in this cluster""" """Return true if this object should not be created/updated/deleted in this cluster"""

View File

@ -3,7 +3,7 @@ from typing import TYPE_CHECKING
from kubernetes.client import CoreV1Api, V1Service, V1ServicePort, V1ServiceSpec from kubernetes.client import CoreV1Api, V1Service, V1ServicePort, V1ServiceSpec
from authentik.outposts.controllers.base import FIELD_MANAGER from authentik.outposts.controllers.base import FIELD_MANAGER, DeploymentPort
from authentik.outposts.controllers.k8s.base import KubernetesObjectReconciler, NeedsUpdate from authentik.outposts.controllers.k8s.base import KubernetesObjectReconciler, NeedsUpdate
from authentik.outposts.controllers.k8s.deployment import DeploymentReconciler from authentik.outposts.controllers.k8s.deployment import DeploymentReconciler
@ -26,8 +26,39 @@ class ServiceReconciler(KubernetesObjectReconciler[V1Service]):
if port not in current.spec.ports: if port not in current.spec.ports:
raise NeedsUpdate() raise NeedsUpdate()
def get_embedded_reference_object(self) -> V1Service:
"""Get Service for embedded outpost"""
selector_labels = {
"app.kubernetes.io/name": "authentik",
"app.kubernetes.io/component": "server",
}
meta = self.get_object_meta(name=self.name)
ports = []
for port in [
DeploymentPort(9000, "http", "tcp"),
DeploymentPort(9443, "https", "tcp"),
]:
ports.append(
V1ServicePort(
name=port.name,
port=port.port,
protocol=port.protocol.upper(),
target_port=port.inner_port or port.port,
)
)
return V1Service(
metadata=meta,
spec=V1ServiceSpec(
ports=ports,
selector=selector_labels,
type=self.controller.outpost.config.kubernetes_service_type,
),
)
def get_reference_object(self) -> V1Service: def get_reference_object(self) -> V1Service:
"""Get deployment object for outpost""" """Get deployment object for outpost"""
if self.is_embedded:
return self.get_embedded_reference_object()
meta = self.get_object_meta(name=self.name) meta = self.get_object_meta(name=self.name)
ports = [] ports = []
for port in self.controller.deployment_ports: for port in self.controller.deployment_ports:

View File

@ -38,7 +38,6 @@ class OutpostManager(ObjectManager):
authentik_host="", authentik_host="",
kubernetes_disabled_components=[ kubernetes_disabled_components=[
"deployment", "deployment",
"service",
"secret", "secret",
], ],
) )