diff --git a/kiali-server/Chart.yaml b/kiali-server/Chart.yaml index 742901b..f5b6dc8 100644 --- a/kiali-server/Chart.yaml +++ b/kiali-server/Chart.yaml @@ -1,6 +1,6 @@ --- apiVersion: v2 -name: kiali-server +name: kiali description: A Helm chart for Kubernetes # A chart can be either an 'application' or a 'library' chart. diff --git a/kiali-server/templates/_helpers.tpl b/kiali-server/templates/_helpers.tpl index 21d38a9..25040c8 100644 --- a/kiali-server/templates/_helpers.tpl +++ b/kiali-server/templates/_helpers.tpl @@ -2,7 +2,7 @@ {{/* Expand the name of the chart. */}} -{{- define "kiali-server.name" -}} +{{- define "kiali.name" -}} {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} {{- end }} @@ -11,7 +11,7 @@ Create a default fully qualified app name. We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). If release name contains chart name it will be used as a full name. */}} -{{- define "kiali-server.fullname" -}} +{{- define "kiali.fullname" -}} {{- if .Values.fullnameOverride }} {{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} {{- else }} @@ -27,16 +27,16 @@ If release name contains chart name it will be used as a full name. {{/* Create chart name and version as used by the chart label. */}} -{{- define "kiali-server.chart" -}} +{{- define "kiali.chart" -}} {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} {{- end }} {{/* Common labels */}} -{{- define "kiali-server.labels" -}} -helm.sh/chart: {{ include "kiali-server.chart" . }} -{{ include "kiali-server.selectorLabels" . }} +{{- define "kiali.labels" -}} +helm.sh/chart: {{ include "kiali.chart" . }} +{{ include "kiali.selectorLabels" . }} {{- if .Chart.AppVersion }} app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} {{- end }} @@ -46,17 +46,17 @@ app.kubernetes.io/managed-by: {{ .Release.Service }} {{/* Selector labels */}} -{{- define "kiali-server.selectorLabels" -}} -app.kubernetes.io/name: {{ include "kiali-server.name" . }} +{{- define "kiali.selectorLabels" -}} +app.kubernetes.io/name: {{ include "kiali.name" . }} app.kubernetes.io/instance: {{ .Release.Name }} {{- end }} {{/* Create the name of the service account to use */}} -{{- define "kiali-server.serviceAccountName" -}} +{{- define "kiali.serviceAccountName" -}} {{- if .Values.serviceAccount.create }} -{{- default (include "kiali-server.fullname" .) .Values.serviceAccount.name }} +{{- default (include "kiali.fullname" .) .Values.serviceAccount.name }} {{- else }} {{- default "default" .Values.serviceAccount.name }} {{- end }} diff --git a/kiali-server/templates/kiali.yaml b/kiali-server/templates/kiali.yaml index 47f8cd1..5ecebd8 100644 --- a/kiali-server/templates/kiali.yaml +++ b/kiali-server/templates/kiali.yaml @@ -7,10 +7,10 @@ metadata: spec: istio_namespace: {{ .Values.istioNamespace }} auth: - strategy: "token" + strategy: {{ .Values.auth.strategy }} deployment: cluster_wide_access: true - view_only_mode: false + view_only_mode: {{ .Values.deployment.view_only_mode }} external_services: prometheus: enabled: true @@ -19,10 +19,12 @@ spec: url: {{ .Values.prometheus.url }} grafana: enabled: true - auth: - type: basic - username: "admin" - password: secret:{{ .Values.grafana.secretName }}:{{ .Values.grafana.passwordKey }} + auth: + insecure_skip_verify: true + # auth: + # type: basic + # username: "admin" + # password: secret:{{ .Values.grafana.secretName }}:{{ .Values.grafana.passwordKey }} external_url: {{ .Values.grafana.externalUrl }} internal_url: {{ .Values.grafana.internalUrl }} tracing: diff --git a/kiali-server/values.yaml b/kiali-server/values.yaml index b7d9356..f37e21b 100644 --- a/kiali-server/values.yaml +++ b/kiali-server/values.yaml @@ -4,6 +4,12 @@ istioNamespace: "istio-system" +auth: + strategy: + +deployment: + view_only_mode: + prometheus: enabled: true url: diff --git a/main.tf b/main.tf index 964cd8d..5281319 100644 --- a/main.tf +++ b/main.tf @@ -1,7 +1,7 @@ locals { internal_hostname = format("%v.%v.svc.cluster.local", var.service_name, var.namespace) internal_port_number = "20001" - internal_url = format("https://%s:%s/", local.internal_hostname, local.internal_port_number) + internal_url = format("http://%s:%s/", local.internal_hostname, local.internal_port_number) } resource "helm_release" "kiali_operator" { @@ -10,7 +10,8 @@ resource "helm_release" "kiali_operator" { version = var.kiali_operator_version name = "kiali-operator" namespace = var.namespace - repository = "https://kiali.org/helm-charts" + repository = "./helm-charts-2.4.0" + # repository = "https://kiali.org/helm-charts" set { name = "image.repo" @@ -70,13 +71,65 @@ resource "helm_release" "kiali_operator" { } } -module "ingress_resources" { - depends_on = [helm_release.kiali_operator] - # tflint-ignore: terraform_module_pinned_source - source = "git@github.e.it.census.gov:SCT-Engineering/tfmod-istio-service-ingress.git?ref=main" - public_hostname = var.service_name - public_domain = var.cluster_domain - service_name = var.service_name - service_namespace = var.namespace - service_port = local.internal_port_number +resource "helm_release" "kiali" { + depends_on = [ + helm_release.kiali_operator, + # module.preinstall, + ] + + chart = "./kiali-server" + name = "kiali" + namespace = var.namespace + + set { + name = "auth.strategy" + value = "anonymous" + } + set { + name = "deployment.view_only_mode" + value = true + } + set { + name = "istioNamespace" + value = var.istio_namespace + } + set { + name = "prometheus.url" + value = var.prometheus_internal_url + } + # set { + # name = "grafana.secretName" + # value = var.grafana_secret_name + # } + # set { + # name = "grafana.passwordKey" + # value = local.grafana_password_key + # } + set { + name = "grafana.externalUrl" + value = var.grafana_public_url + } + set { + name = "grafana.internalUrl" + value = var.grafana_internal_url + } + set { + name = "tracing.internalUrl" + value = var.tempo_internal_url + } + set { + name = "tracing.tempo_config.datasource_uid" + value = var.tempo_datasource_id + } } + +# module "ingress_resources" { +# depends_on = [helm_release.kiali_operator] +# # tflint-ignore: terraform_module_pinned_source +# source = "git@github.e.it.census.gov:SCT-Engineering/tfmod-istio-service-ingress.git?ref=main" +# public_hostname = var.service_name +# public_domain = var.cluster_domain +# service_name = var.service_name +# service_namespace = var.namespace +# service_port = local.internal_port_number +# } diff --git a/outputs.tf b/outputs.tf index f221287..dca5a9a 100644 --- a/outputs.tf +++ b/outputs.tf @@ -1,7 +1,7 @@ -output "public_endpoint" { - description = "The endpoint at which keycloak can be reached from outside the cluster." - value = module.ingress_resources.service_url -} +# output "public_endpoint" { +# description = "The endpoint at which keycloak can be reached from outside the cluster." +# value = module.ingress_resources.service_url +# } output "internal_endpoint" { description = "The internal endpoint to use to access kiali" @@ -12,6 +12,11 @@ output "internal_endpoint" { } } +output "namespace" { + description = "The namespace in which kiali gets installed in." + value = var.namespace +} + ################################################################################ # Module information ################################################################################ diff --git a/variables.tf b/variables.tf index 2af2040..ed8b0af 100644 --- a/variables.tf +++ b/variables.tf @@ -46,6 +46,16 @@ variable "prometheus_internal_url" { type = string } +variable "tempo_internal_url" { + description = "The url within the cluster to use to query tempo tracing." + type = string +} + +variable "tempo_datasource_id" { + description = "The UID of the created Tempo datasource" + type = string +} + # variable "jaeger_internal_url" { # description = "The url within the cluster to use to query the jaegertracing." # type = string