feat(argo-cd): Support AWS ALB Ingress with gRPC (#806)

* Support AWS ALB Ingress with GRPC Signed-off-by: Thomas O'Neill <toneill818@gmail.com> Signed-off-by: Thomas O'Neill <toneill@new-innov.com> * Bump chart version Signed-off-by: Marco Kilchhofer <marco@kilchhofer.info> * Apply suggestions from code review Signed-off-by: Marco Kilchhofer <marco@kilchhofer.info> * Use single if statement Signed-off-by: Thomas O'Neill <toneill@new-innov.com> * Append -grpc to the service labels for ALB GRPC service Signed-off-by: Thomas O'Neill <toneill@new-innov.com> Co-authored-by: Thomas O'Neill <toneill@new-innov.com> Co-authored-by: Marco Kilchhofer <mkilchhofer@users.noreply.github.com> Co-authored-by: Marco Kilchhofer <marco@kilchhofer.info>
2021-07-20 07:40:54 -04:00 · 2021-07-20 07:40:54 -04:00 · 1e3a4afd05
commit 1e3a4afd05
parent 922799081d
6 changed files with 73 additions and 4 deletions
--- a/charts/argo-cd/templates/argocd-server/alb-grpc-service.yaml
+++ b/charts/argo-cd/templates/argocd-server/alb-grpc-service.yaml
@ -0,0 +1,24 @@
+{{- if and .Values.server.ingressGrpc.enabled .Values.server.ingressGrpc.isAWSALB -}}
+apiVersion: v1
+kind: Service
+metadata:
+  annotations:
+    alb.ingress.kubernetes.io/backend-protocol-version: HTTP2 #This tells AWS to send traffic from the ALB using HTTP2. Can use GRPC as well if you want to leverage GRPC specific features
+  labels:
+    {{- include "argo-cd.labels" (dict "context" . "component" (print .Values.server.name "-gprc") "name" (print .Values.server.name "-grpc")) | nindent 4 }}
+  name: {{ template "argo-cd.server.fullname" . }}-grpc
+spec:
+  ports:
+  - name: {{ .Values.server.service.servicePortHttpName }}
+    protocol: TCP
+    port: {{ .Values.server.service.servicePortHttp }}
+    targetPort: {{- if .Values.server.service.namedTargetPort }} {{ .Values.server.name }} {{- else }} {{ .Values.server.containerPort }} {{- end }}
+  - name: {{ .Values.server.service.servicePortHttpsName }}
+    protocol: TCP
+    port: {{ .Values.server.service.servicePortHttps }}
+    targetPort: {{- if .Values.server.service.namedTargetPort }} {{ .Values.server.name }} {{- else }} {{ .Values.server.containerPort }} {{- end }}
+  selector:
+    {{- include "argo-cd.selectorLabels" (dict "context" . "name" .Values.server.name) | nindent 4 }}
+  sessionAffinity: None
+  type: ClusterIP
+{{- end -}}
--- a/charts/argo-cd/templates/argocd-server/ingress-grpc.yaml
+++ b/charts/argo-cd/templates/argocd-server/ingress-grpc.yaml
@ -1,4 +1,4 @@
-{{- if .Values.server.ingressGrpc.enabled -}}
+{{- if and .Values.server.ingressGrpc.enabled (not .Values.server.ingressGrpc.isAWSALB) -}}
 {{- $serviceName := include "argo-cd.server.fullname" . -}}
 {{- $servicePort := ternary .Values.server.service.servicePortHttps .Values.server.service.servicePortHttp .Values.server.ingressGrpc.https -}}
 {{- $paths := .Values.server.ingressGrpc.paths -}}
--- a/charts/argo-cd/templates/argocd-server/ingress.yaml
+++ b/charts/argo-cd/templates/argocd-server/ingress.yaml
@ -12,6 +12,10 @@ metadata:
  {{- range $key, $value := .Values.server.ingress.annotations }}
    {{ $key }}: {{ $value | quote }}
  {{- end }}
+  {{- if and .Values.server.ingressGrpc.isAWSALB .Values.server.ingressGrpc.enabled }}
+    alb.ingress.kubernetes.io/conditions.{{ template "argo-cd.server.fullname" . }}-grpc: |
+      [{"field":"http-header","httpHeaderConfig":{"httpHeaderName": "Content-Type", "values":["application/grpc"]}}]
+  {{- end }}
 {{- end }}
  name: {{ template "argo-cd.server.fullname" . }}
  labels:
@ -35,6 +39,26 @@ spec:
          {{- toYaml $extraPaths | nindent 10 }}
          {{- end }}
          {{- range $p := $paths }}
+          {{- if and $.Values.server.ingressGrpc.isAWSALB $.Values.server.ingressGrpc.enabled }}
+          - path: {{ $p }}
+            {{- if eq (include "argo-cd.ingress.apiVersion" $) "networking.k8s.io/v1" }}
+            pathType: Prefix
+            {{- end }}
+            backend:
+              {{- if eq (include "argo-cd.ingress.apiVersion" $) "networking.k8s.io/v1" }}
+              service:
+                name: {{ template "argo-cd.server.fullname" $ }}-grpc
+                port:
+                  {{- if kindIs "float64" $servicePort }}
+                  number: {{ $servicePort }}
+                  {{- else }}
+                  name: {{ $servicePort }}
+                  {{- end }}
+              {{- else }}
+              serviceName: {{ template "argo-cd.server.fullname" $ }}-grpc
+              servicePort: {{ $servicePort }}
+              {{- end }}
+            {{- end }}
          - path: {{ $p }}
            {{- if eq (include "argo-cd.ingress.apiVersion" $) "networking.k8s.io/v1" }}
            pathType: {{ $pathType }}