From 794906b09bee63be8e35999c3c774698e7cf9b9b Mon Sep 17 00:00:00 2001 From: Justin Law Date: Tue, 24 Sep 2024 16:48:41 -0400 Subject: [PATCH 01/17] implement graceful UDS Core CoreDNS overrides --- README.md | 2 +- chart/templates/core-dns-custom.yaml | 7 +++++-- docs/DNS.md | 4 +++- 3 files changed, 9 insertions(+), 4 deletions(-) diff --git a/README.md b/README.md index 38822db..ab4b3d7 100644 --- a/README.md +++ b/README.md @@ -41,7 +41,7 @@ This package is published via CI, but can be created locally with the following ## Start and Stop -To stop and start an existing UDS K3d cluster gracefully, without disrupting the `host.k3d.internal` CoreDNS rewrite for `*.uds.dev`, use the following prior to host hibernation, suspension, restart, or shutoff: +To stop and start an existing UDS K3d cluster gracefully, use the following prior to host hibernation, suspension, restart, or shutoff: ```bash # to stop the default UDS cluster diff --git a/chart/templates/core-dns-custom.yaml b/chart/templates/core-dns-custom.yaml index 7a360bf..2d6fed8 100644 --- a/chart/templates/core-dns-custom.yaml +++ b/chart/templates/core-dns-custom.yaml @@ -5,6 +5,9 @@ metadata: namespace: kube-system data: uds.override: | - rewrite stop { - name regex (.*\.uds\.dev) host.k3d.internal answer auto + rewrite { + name regex (.*admin\.uds\.dev) admin-ingressgateway.istio-admin-gateway.svc.cluster.local answer auto + } + rewrite { + name regex (.*\.uds\.dev) tenant-ingressgateway.istio-tenant-gateway.svc.cluster.local answer auto } diff --git a/docs/DNS.md b/docs/DNS.md index e70a2d2..b1ad3d5 100644 --- a/docs/DNS.md +++ b/docs/DNS.md @@ -4,7 +4,9 @@ One of the core assumptions of the `uds-k3d` package is the use of `uds.dev` as ### CoreDNS Override -The package includes a CoreDNS configuration override designed to rewrite requests for `*.uds.dev` to `host.k3d.internal`. This rewrite ensures that any DNS resolution request within the cluster targeting a `*.uds.dev` address will be correctly routed to `host.k3d.internal` which is an internal K3D alias which resolves to the host gateway. +[UDS Core](https://github.com/defenseunicorns/uds-core) is assumed to be the main infrastructure and/or testing target in local development; therefore, the DNS resolution assumes the existence of the default admin and tenant Istio gateways. + +This package includes a CoreDNS configuration override designed to rewrite requests for `*.uds.dev` to the tenant and admin Istio gateways based on the subdomain, `*.admin.uds.dev` or `*.uds.dev`. This rewrite ensures that any DNS resolution request within the cluster targeting a `*.uds.dev` address will be correctly routed to the correct service mesh gateway. The outcome of this is a pods in the cluster can resolve domains like sso.uds.dev to an address (not 127.0.0.1) that will ultimately get routed correctly. From 119edf8c79bc42187b666b30a43aedc96ff47815 Mon Sep 17 00:00:00 2001 From: Justin Law Date: Tue, 24 Sep 2024 17:18:45 -0400 Subject: [PATCH 02/17] zarf variable test --- chart/templates/core-dns-custom.yaml | 15 +++++++++------ chart/values.yaml | 10 ++++++++++ values/dev-stack-values.yaml | 3 +++ zarf.yaml | 8 ++++++++ 4 files changed, 30 insertions(+), 6 deletions(-) diff --git a/chart/templates/core-dns-custom.yaml b/chart/templates/core-dns-custom.yaml index 2d6fed8..838d8a6 100644 --- a/chart/templates/core-dns-custom.yaml +++ b/chart/templates/core-dns-custom.yaml @@ -5,9 +5,12 @@ metadata: namespace: kube-system data: uds.override: | - rewrite { - name regex (.*admin\.uds\.dev) admin-ingressgateway.istio-admin-gateway.svc.cluster.local answer auto - } - rewrite { - name regex (.*\.uds\.dev) tenant-ingressgateway.istio-tenant-gateway.svc.cluster.local answer auto - } + {{- if .Values.coreDnsOverrides }} + {{- if kindIs "string" .Values.coreDnsOverrides }} + {{ .Values.coreDnsOverrides | indent 4 }} + {{- else if kindIs "array" .Values.coreDnsOverrides }} + {{- range .Values.coreDnsOverrides }} + {{ . | indent 4 }} + {{- end }} + {{- end }} + {{- end }} diff --git a/chart/values.yaml b/chart/values.yaml index a14ebd6..bb23d33 100644 --- a/chart/values.yaml +++ b/chart/values.yaml @@ -1 +1,11 @@ extraPorts: [] + +coreDnsOverrides: + - | + rewrite { + name regex (.*admin\.uds\.dev) admin-ingressgateway.istio-admin-gateway.svc.cluster.local answer auto + } + - | + rewrite { + name regex (.*\.uds\.dev) tenant-ingressgateway.istio-tenant-gateway.svc.cluster.local answer auto + } \ No newline at end of file diff --git a/values/dev-stack-values.yaml b/values/dev-stack-values.yaml index a67e584..d4c5466 100644 --- a/values/dev-stack-values.yaml +++ b/values/dev-stack-values.yaml @@ -1 +1,4 @@ extraPorts: ###ZARF_VAR_NGINX_EXTRA_PORTS### + +coreDnsOverrides: | + ###ZARF_VAR_COREDNS_OVERRIDES### diff --git a/zarf.yaml b/zarf.yaml index 58968c6..6d914a9 100644 --- a/zarf.yaml +++ b/zarf.yaml @@ -27,6 +27,14 @@ variables: description: "Optionally allow more ports through Nginx (combine with K3D_EXTRA_ARGS '-p :@server:*')" default: "[]" + - name: COREDNS_OVERRIDES + description: | + "CoreDNS overrides for rewriting requests. Defaults for `*.uds.dev` are the UDS Core Istio tenant and admin gateways." + default: | + rewrite stop { + name regex (.*\.uds\.dev) host.k3d.internal answer auto + } + components: - name: destroy-cluster required: true From ea48befeae2f63c77b63b24035e48add3683fa2c Mon Sep 17 00:00:00 2001 From: Justin Law Date: Tue, 24 Sep 2024 17:22:30 -0400 Subject: [PATCH 03/17] values templating string fix --- values/dev-stack-values.yaml | 3 +-- zarf.yaml | 1 + 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/values/dev-stack-values.yaml b/values/dev-stack-values.yaml index d4c5466..55192a7 100644 --- a/values/dev-stack-values.yaml +++ b/values/dev-stack-values.yaml @@ -1,4 +1,3 @@ extraPorts: ###ZARF_VAR_NGINX_EXTRA_PORTS### -coreDnsOverrides: | - ###ZARF_VAR_COREDNS_OVERRIDES### +coreDnsOverrides: ###ZARF_VAR_COREDNS_OVERRIDES### diff --git a/zarf.yaml b/zarf.yaml index 6d914a9..370160a 100644 --- a/zarf.yaml +++ b/zarf.yaml @@ -30,6 +30,7 @@ variables: - name: COREDNS_OVERRIDES description: | "CoreDNS overrides for rewriting requests. Defaults for `*.uds.dev` are the UDS Core Istio tenant and admin gateways." + autoIndent: true default: | rewrite stop { name regex (.*\.uds\.dev) host.k3d.internal answer auto From 0b7c27986873c318d1ebf9a2dfec972de30ec8ac Mon Sep 17 00:00:00 2001 From: Justin Law Date: Tue, 24 Sep 2024 17:31:11 -0400 Subject: [PATCH 04/17] values templating string fix, pt.2 --- chart/templates/core-dns-custom.yaml | 10 +--------- chart/values.yaml | 16 +++++++--------- values/dev-stack-values.yaml | 3 ++- 3 files changed, 10 insertions(+), 19 deletions(-) diff --git a/chart/templates/core-dns-custom.yaml b/chart/templates/core-dns-custom.yaml index 838d8a6..a169eae 100644 --- a/chart/templates/core-dns-custom.yaml +++ b/chart/templates/core-dns-custom.yaml @@ -5,12 +5,4 @@ metadata: namespace: kube-system data: uds.override: | - {{- if .Values.coreDnsOverrides }} - {{- if kindIs "string" .Values.coreDnsOverrides }} - {{ .Values.coreDnsOverrides | indent 4 }} - {{- else if kindIs "array" .Values.coreDnsOverrides }} - {{- range .Values.coreDnsOverrides }} - {{ . | indent 4 }} - {{- end }} - {{- end }} - {{- end }} +{{ .Values.coreDnsOverrides | indent 4 }} \ No newline at end of file diff --git a/chart/values.yaml b/chart/values.yaml index bb23d33..c17f8db 100644 --- a/chart/values.yaml +++ b/chart/values.yaml @@ -1,11 +1,9 @@ extraPorts: [] -coreDnsOverrides: - - | - rewrite { - name regex (.*admin\.uds\.dev) admin-ingressgateway.istio-admin-gateway.svc.cluster.local answer auto - } - - | - rewrite { - name regex (.*\.uds\.dev) tenant-ingressgateway.istio-tenant-gateway.svc.cluster.local answer auto - } \ No newline at end of file +coreDnsOverrides: | + rewrite { + name regex (.*admin\.uds\.dev) admin-ingressgateway.istio-admin-gateway.svc.cluster.local answer auto + } + rewrite { + name regex (.*\.uds\.dev) tenant-ingressgateway.istio-tenant-gateway.svc.cluster.local answer auto + } diff --git a/values/dev-stack-values.yaml b/values/dev-stack-values.yaml index 55192a7..d4c5466 100644 --- a/values/dev-stack-values.yaml +++ b/values/dev-stack-values.yaml @@ -1,3 +1,4 @@ extraPorts: ###ZARF_VAR_NGINX_EXTRA_PORTS### -coreDnsOverrides: ###ZARF_VAR_COREDNS_OVERRIDES### +coreDnsOverrides: | + ###ZARF_VAR_COREDNS_OVERRIDES### From ea76ef1e72d5e40fb7ccfc7bf3b6e6220f4dd885 Mon Sep 17 00:00:00 2001 From: Justin Law Date: Tue, 24 Sep 2024 17:38:48 -0400 Subject: [PATCH 05/17] add var to tasks --- tasks.yaml | 16 +++++++++++++++- zarf.yaml | 7 +++++-- 2 files changed, 20 insertions(+), 3 deletions(-) diff --git a/tasks.yaml b/tasks.yaml index 3963ae2..9571173 100644 --- a/tasks.yaml +++ b/tasks.yaml @@ -7,6 +7,14 @@ variables: default: "" - name: NGINX_EXTRA_PORTS default: "[]" + - name: COREDNS_OVERRIDES + default: | + rewrite { + name regex (.*admin\.uds\.dev) admin-ingressgateway.istio-admin-gateway.svc.cluster.local answer auto + } + rewrite { + name regex (.*\.uds\.dev) tenant-ingressgateway.istio-tenant-gateway.svc.cluster.local answer auto + } tasks: - name: default @@ -16,7 +24,13 @@ tasks: cmd: "uds zarf package create --confirm --no-progress" - description: "Deploy UDS K3d package" - cmd: "uds zarf package deploy zarf-package-uds-k3d-*.tar.zst --confirm --set K3D_IMAGE=${IMAGE_NAME}:${VERSION} --set K3D_EXTRA_ARGS=\"${K3D_EXTRA_ARGS}\" --set NGINX_EXTRA_PORTS=\"${NGINX_EXTRA_PORTS}\" --no-progress" + cmd: | + uds zarf package deploy zarf-package-uds-k3d-*.tar.zst \ + --set K3D_IMAGE=${IMAGE_NAME}:${VERSION} \ + --set K3D_EXTRA_ARGS="${K3D_EXTRA_ARGS}" \ + --set NGINX_EXTRA_PORTS="${NGINX_EXTRA_PORTS}" \ + --set COREDNS_OVERRIDES="${COREDNS_OVERRIDES}" \ + --no-progress --confirm - name: validate actions: diff --git a/zarf.yaml b/zarf.yaml index 370160a..13f0617 100644 --- a/zarf.yaml +++ b/zarf.yaml @@ -32,8 +32,11 @@ variables: "CoreDNS overrides for rewriting requests. Defaults for `*.uds.dev` are the UDS Core Istio tenant and admin gateways." autoIndent: true default: | - rewrite stop { - name regex (.*\.uds\.dev) host.k3d.internal answer auto + rewrite { + name regex (.*admin\.uds\.dev) admin-ingressgateway.istio-admin-gateway.svc.cluster.local answer auto + } + rewrite { + name regex (.*\.uds\.dev) tenant-ingressgateway.istio-tenant-gateway.svc.cluster.local answer auto } components: From 14045c1be0a639257e48694738f1c0e0f3a633e8 Mon Sep 17 00:00:00 2001 From: Justin Law <81255462+justinthelaw@users.noreply.github.com> Date: Wed, 25 Sep 2024 17:53:32 -0400 Subject: [PATCH 06/17] add extra separator before admin subdomain Co-authored-by: Micah Nagel --- chart/values.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/chart/values.yaml b/chart/values.yaml index c17f8db..3b13fd4 100644 --- a/chart/values.yaml +++ b/chart/values.yaml @@ -2,7 +2,7 @@ extraPorts: [] coreDnsOverrides: | rewrite { - name regex (.*admin\.uds\.dev) admin-ingressgateway.istio-admin-gateway.svc.cluster.local answer auto + name regex (.*\.admin\.uds\.dev) admin-ingressgateway.istio-admin-gateway.svc.cluster.local answer auto } rewrite { name regex (.*\.uds\.dev) tenant-ingressgateway.istio-tenant-gateway.svc.cluster.local answer auto From b2316a59f771e59f4ef7bbce264249f6d893a4e9 Mon Sep 17 00:00:00 2001 From: Justin Law Date: Thu, 26 Sep 2024 16:35:06 -0400 Subject: [PATCH 07/17] overrides versus defaults --- chart/templates/core-dns-custom.yaml | 3 ++- chart/values.yaml | 4 +++- tasks.yaml | 9 --------- values/dev-stack-values.yaml | 4 ++-- zarf.yaml | 4 ++-- 5 files changed, 9 insertions(+), 15 deletions(-) diff --git a/chart/templates/core-dns-custom.yaml b/chart/templates/core-dns-custom.yaml index a169eae..1f70b69 100644 --- a/chart/templates/core-dns-custom.yaml +++ b/chart/templates/core-dns-custom.yaml @@ -5,4 +5,5 @@ metadata: namespace: kube-system data: uds.override: | -{{ .Values.coreDnsOverrides | indent 4 }} \ No newline at end of file +{{ .Values.coreDnsDefaults | nindent 4 }} +{{ .Values.coreDnsOverrides | nindent 4 }} \ No newline at end of file diff --git a/chart/values.yaml b/chart/values.yaml index 3b13fd4..e64249b 100644 --- a/chart/values.yaml +++ b/chart/values.yaml @@ -1,9 +1,11 @@ extraPorts: [] -coreDnsOverrides: | +coreDnsDefaults: | rewrite { name regex (.*\.admin\.uds\.dev) admin-ingressgateway.istio-admin-gateway.svc.cluster.local answer auto } rewrite { name regex (.*\.uds\.dev) tenant-ingressgateway.istio-tenant-gateway.svc.cluster.local answer auto } + +coreDnsOverrides: "" \ No newline at end of file diff --git a/tasks.yaml b/tasks.yaml index 9571173..00fb80c 100644 --- a/tasks.yaml +++ b/tasks.yaml @@ -7,14 +7,6 @@ variables: default: "" - name: NGINX_EXTRA_PORTS default: "[]" - - name: COREDNS_OVERRIDES - default: | - rewrite { - name regex (.*admin\.uds\.dev) admin-ingressgateway.istio-admin-gateway.svc.cluster.local answer auto - } - rewrite { - name regex (.*\.uds\.dev) tenant-ingressgateway.istio-tenant-gateway.svc.cluster.local answer auto - } tasks: - name: default @@ -29,7 +21,6 @@ tasks: --set K3D_IMAGE=${IMAGE_NAME}:${VERSION} \ --set K3D_EXTRA_ARGS="${K3D_EXTRA_ARGS}" \ --set NGINX_EXTRA_PORTS="${NGINX_EXTRA_PORTS}" \ - --set COREDNS_OVERRIDES="${COREDNS_OVERRIDES}" \ --no-progress --confirm - name: validate diff --git a/values/dev-stack-values.yaml b/values/dev-stack-values.yaml index d4c5466..cf35b87 100644 --- a/values/dev-stack-values.yaml +++ b/values/dev-stack-values.yaml @@ -1,4 +1,4 @@ extraPorts: ###ZARF_VAR_NGINX_EXTRA_PORTS### -coreDnsOverrides: | - ###ZARF_VAR_COREDNS_OVERRIDES### +coreDnsDefaults: | + ###ZARF_VAR_COREDNS_DEFAULTS### \ No newline at end of file diff --git a/zarf.yaml b/zarf.yaml index 13f0617..3a1b0d2 100644 --- a/zarf.yaml +++ b/zarf.yaml @@ -27,9 +27,9 @@ variables: description: "Optionally allow more ports through Nginx (combine with K3D_EXTRA_ARGS '-p :@server:*')" default: "[]" - - name: COREDNS_OVERRIDES + - name: COREDNS_DEFAULTS description: | - "CoreDNS overrides for rewriting requests. Defaults for `*.uds.dev` are the UDS Core Istio tenant and admin gateways." + "Default CoreDNS rewrites that resolve `*.uds.dev` requests to the UDS Core Istio tenant and admin gateways." autoIndent: true default: | rewrite { From 0840a69782ddee7be5496f76e23dc6ea6412524d Mon Sep 17 00:00:00 2001 From: Justin Law Date: Fri, 27 Sep 2024 10:29:28 -0400 Subject: [PATCH 08/17] Zarf helm overrides --- chart/templates/core-dns-custom.yaml | 1 - chart/values.yaml | 4 +--- values/dev-stack-values.yaml | 3 --- zarf.yaml | 17 +++++------------ 4 files changed, 6 insertions(+), 19 deletions(-) diff --git a/chart/templates/core-dns-custom.yaml b/chart/templates/core-dns-custom.yaml index 1f70b69..07c34d2 100644 --- a/chart/templates/core-dns-custom.yaml +++ b/chart/templates/core-dns-custom.yaml @@ -5,5 +5,4 @@ metadata: namespace: kube-system data: uds.override: | -{{ .Values.coreDnsDefaults | nindent 4 }} {{ .Values.coreDnsOverrides | nindent 4 }} \ No newline at end of file diff --git a/chart/values.yaml b/chart/values.yaml index e64249b..3b13fd4 100644 --- a/chart/values.yaml +++ b/chart/values.yaml @@ -1,11 +1,9 @@ extraPorts: [] -coreDnsDefaults: | +coreDnsOverrides: | rewrite { name regex (.*\.admin\.uds\.dev) admin-ingressgateway.istio-admin-gateway.svc.cluster.local answer auto } rewrite { name regex (.*\.uds\.dev) tenant-ingressgateway.istio-tenant-gateway.svc.cluster.local answer auto } - -coreDnsOverrides: "" \ No newline at end of file diff --git a/values/dev-stack-values.yaml b/values/dev-stack-values.yaml index cf35b87..a67e584 100644 --- a/values/dev-stack-values.yaml +++ b/values/dev-stack-values.yaml @@ -1,4 +1 @@ extraPorts: ###ZARF_VAR_NGINX_EXTRA_PORTS### - -coreDnsDefaults: | - ###ZARF_VAR_COREDNS_DEFAULTS### \ No newline at end of file diff --git a/zarf.yaml b/zarf.yaml index 3a1b0d2..13d61e6 100644 --- a/zarf.yaml +++ b/zarf.yaml @@ -27,18 +27,6 @@ variables: description: "Optionally allow more ports through Nginx (combine with K3D_EXTRA_ARGS '-p :@server:*')" default: "[]" - - name: COREDNS_DEFAULTS - description: | - "Default CoreDNS rewrites that resolve `*.uds.dev` requests to the UDS Core Istio tenant and admin gateways." - autoIndent: true - default: | - rewrite { - name regex (.*admin\.uds\.dev) admin-ingressgateway.istio-admin-gateway.svc.cluster.local answer auto - } - rewrite { - name regex (.*\.uds\.dev) tenant-ingressgateway.istio-tenant-gateway.svc.cluster.local answer auto - } - components: - name: destroy-cluster required: true @@ -103,6 +91,11 @@ components: version: 0.2.0 valuesFiles: - "values/dev-stack-values.yaml" + variables: + - name: COREDNS_OVERRIDES + # Defaults contain rewrites of `*.uds.dev` to the UDS core Istio tenant and admin gateways + description: "CoreDNS overrides" + path: coreDnsOverrides - name: minio namespace: uds-dev-stack version: 5.2.0 From d481b7f3f16d276cc862df26dcd26f12298ea911 Mon Sep 17 00:00:00 2001 From: Justin Law Date: Fri, 27 Sep 2024 11:21:46 -0400 Subject: [PATCH 09/17] versioning and docs fixes --- chart/Chart.yaml | 4 +++- docs/DNS.md | 6 +++--- docs/PORTS.md | 10 +++++----- release-please-config.json | 2 +- zarf.yaml | 4 +++- 5 files changed, 15 insertions(+), 11 deletions(-) diff --git a/chart/Chart.yaml b/chart/Chart.yaml index 608ea4c..fab85a3 100644 --- a/chart/Chart.yaml +++ b/chart/Chart.yaml @@ -15,4 +15,6 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.2.0 +# x-release-please-start-version +version: 0.9.0 +# x-release-please-end diff --git a/docs/DNS.md b/docs/DNS.md index b1ad3d5..8e275bc 100644 --- a/docs/DNS.md +++ b/docs/DNS.md @@ -1,8 +1,8 @@ -## Domain Assumptions +# Domain Assumptions One of the core assumptions of the `uds-k3d` package is the use of `uds.dev` as the base domain for your development environment. This assumption is integral to the DNS and network configuration provided by the package. It is based on an existing DNS entry for `*.uds.dev` that resolves to `127.0.0.1`, facilitating local development and testing. -### CoreDNS Override +## CoreDNS Override [UDS Core](https://github.com/defenseunicorns/uds-core) is assumed to be the main infrastructure and/or testing target in local development; therefore, the DNS resolution assumes the existence of the default admin and tenant Istio gateways. @@ -10,6 +10,6 @@ This package includes a CoreDNS configuration override designed to rewrite reque The outcome of this is a pods in the cluster can resolve domains like sso.uds.dev to an address (not 127.0.0.1) that will ultimately get routed correctly. -### Nginx Configuration +## Nginx Configuration Additionally, the package includes Nginx configuration that assumes the use of `uds.dev` as the base domain. This configuration is tailored to support the development environment setup, ensuring that Nginx correctly handles requests and routes them within the cluster, based on the `uds.dev` domain. diff --git a/docs/PORTS.md b/docs/PORTS.md index 84c6b22..31e55c4 100644 --- a/docs/PORTS.md +++ b/docs/PORTS.md @@ -1,20 +1,20 @@ -## Port Configuration +# Port Configuration By default, `uds-k3d` will only expose ports `80` and `443` through `k3d` with a redirect from `80` to `443` within the Nginx configuration. The works for most packages however some may require additional TCP ports to be opened in order to provide / test all of their functionality. To do so you can override the following: -### K3d Override +## K3d Override First set (or add to) `K3D_EXTRA_ARGS` to include all of the ports that you would like to expose: -``` +```bash --set K3D_EXTRA_ARGS="-p :@server:* -p 9999:9999@server:*" ``` -### Nginx Configuration +## Nginx Configuration Then allow the ports to pass through Nginx by setting `NGINX_EXTRA_PORTS`: -``` +```bash --set NGINX_EXTRA_PORTS="[,9999]" ``` diff --git a/release-please-config.json b/release-please-config.json index 3990168..85c883d 100644 --- a/release-please-config.json +++ b/release-please-config.json @@ -10,7 +10,7 @@ { "type": "chore", "section": "Miscellaneous", "hidden": false } ], "versioning": "default", - "extra-files": ["README.md", "zarf.yaml"] + "extra-files": ["README.md", "zarf.yaml", "chart/Chart.yaml"] } } } diff --git a/zarf.yaml b/zarf.yaml index 13d61e6..9a9d19f 100644 --- a/zarf.yaml +++ b/zarf.yaml @@ -88,7 +88,9 @@ components: - name: uds-dev-stack namespace: uds-dev-stack localPath: chart - version: 0.2.0 + # x-release-please-start-version + version: 0.9.0 + # x-release-please-end valuesFiles: - "values/dev-stack-values.yaml" variables: From 9972ae24fad51d14bcc704018357a6217fc1ab99 Mon Sep 17 00:00:00 2001 From: Justin Law Date: Fri, 27 Sep 2024 12:24:43 -0400 Subject: [PATCH 10/17] remove zarf helm overrides --- chart/templates/core-dns-custom.yaml | 1 + chart/values.yaml | 4 +++- docs/DNS.md | 9 +++++++++ tasks.yaml | 4 ++++ values/dev-stack-values.yaml | 3 +++ zarf.yaml | 11 ++++++----- 6 files changed, 26 insertions(+), 6 deletions(-) diff --git a/chart/templates/core-dns-custom.yaml b/chart/templates/core-dns-custom.yaml index 07c34d2..1f70b69 100644 --- a/chart/templates/core-dns-custom.yaml +++ b/chart/templates/core-dns-custom.yaml @@ -5,4 +5,5 @@ metadata: namespace: kube-system data: uds.override: | +{{ .Values.coreDnsDefaults | nindent 4 }} {{ .Values.coreDnsOverrides | nindent 4 }} \ No newline at end of file diff --git a/chart/values.yaml b/chart/values.yaml index 3b13fd4..b8b31b5 100644 --- a/chart/values.yaml +++ b/chart/values.yaml @@ -1,9 +1,11 @@ extraPorts: [] -coreDnsOverrides: | +coreDnsDefaults: | rewrite { name regex (.*\.admin\.uds\.dev) admin-ingressgateway.istio-admin-gateway.svc.cluster.local answer auto } rewrite { name regex (.*\.uds\.dev) tenant-ingressgateway.istio-tenant-gateway.svc.cluster.local answer auto } + +coreDnsOverrides: "" diff --git a/docs/DNS.md b/docs/DNS.md index 8e275bc..7cc06d6 100644 --- a/docs/DNS.md +++ b/docs/DNS.md @@ -10,6 +10,15 @@ This package includes a CoreDNS configuration override designed to rewrite reque The outcome of this is a pods in the cluster can resolve domains like sso.uds.dev to an address (not 127.0.0.1) that will ultimately get routed correctly. +To add additional CoreDNS overrides, you can set the `coreDnsOverrides` value by supplying the following to the deployment command: + +```bash +--set COREDNS_OVERRIDES="rewrite { + name regex (.*\.uds\.dev) host.k3d.internal answer auto +} +" +``` + ## Nginx Configuration Additionally, the package includes Nginx configuration that assumes the use of `uds.dev` as the base domain. This configuration is tailored to support the development environment setup, ensuring that Nginx correctly handles requests and routes them within the cluster, based on the `uds.dev` domain. diff --git a/tasks.yaml b/tasks.yaml index 00fb80c..e0a7c6d 100644 --- a/tasks.yaml +++ b/tasks.yaml @@ -7,6 +7,9 @@ variables: default: "" - name: NGINX_EXTRA_PORTS default: "[]" + - name: COREDNS_OVERRIDES + autoIndent: true + default: "" tasks: - name: default @@ -21,6 +24,7 @@ tasks: --set K3D_IMAGE=${IMAGE_NAME}:${VERSION} \ --set K3D_EXTRA_ARGS="${K3D_EXTRA_ARGS}" \ --set NGINX_EXTRA_PORTS="${NGINX_EXTRA_PORTS}" \ + --set COREDNS_OVERRIDES="${COREDNS_OVERRIDES}" \ --no-progress --confirm - name: validate diff --git a/values/dev-stack-values.yaml b/values/dev-stack-values.yaml index a67e584..d4c5466 100644 --- a/values/dev-stack-values.yaml +++ b/values/dev-stack-values.yaml @@ -1 +1,4 @@ extraPorts: ###ZARF_VAR_NGINX_EXTRA_PORTS### + +coreDnsOverrides: | + ###ZARF_VAR_COREDNS_OVERRIDES### diff --git a/zarf.yaml b/zarf.yaml index 9a9d19f..170161f 100644 --- a/zarf.yaml +++ b/zarf.yaml @@ -27,6 +27,12 @@ variables: description: "Optionally allow more ports through Nginx (combine with K3D_EXTRA_ARGS '-p :@server:*')" default: "[]" + - name: COREDNS_OVERRIDES + description: | + "CoreDNS rewrites beyond the default overrides for UDS Core" + autoIndent: true + default: "" + components: - name: destroy-cluster required: true @@ -93,11 +99,6 @@ components: # x-release-please-end valuesFiles: - "values/dev-stack-values.yaml" - variables: - - name: COREDNS_OVERRIDES - # Defaults contain rewrites of `*.uds.dev` to the UDS core Istio tenant and admin gateways - description: "CoreDNS overrides" - path: coreDnsOverrides - name: minio namespace: uds-dev-stack version: 5.2.0 From b9c4791f527cafdde1a4853c0923837c74164f21 Mon Sep 17 00:00:00 2001 From: Justin Law Date: Fri, 27 Sep 2024 12:34:20 -0400 Subject: [PATCH 11/17] remove zarf helm overrides, pt.2 --- docs/DNS.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/docs/DNS.md b/docs/DNS.md index 7cc06d6..dbe0f33 100644 --- a/docs/DNS.md +++ b/docs/DNS.md @@ -13,7 +13,8 @@ The outcome of this is a pods in the cluster can resolve domains like sso.uds.de To add additional CoreDNS overrides, you can set the `coreDnsOverrides` value by supplying the following to the deployment command: ```bash ---set COREDNS_OVERRIDES="rewrite { +--set COREDNS_OVERRIDES=" +rewrite { name regex (.*\.uds\.dev) host.k3d.internal answer auto } " From baf0dff4e80bf774b608caf7d5470940308d514e Mon Sep 17 00:00:00 2001 From: Justin Law Date: Fri, 27 Sep 2024 12:39:05 -0400 Subject: [PATCH 12/17] remove zarf helm overrides, pt.3 --- chart/templates/core-dns-custom.yaml | 11 +++++++++-- chart/values.yaml | 10 ---------- docs/DNS.md | 12 +----------- tasks.yaml | 4 ---- values/dev-stack-values.yaml | 3 --- zarf.yaml | 6 ------ 6 files changed, 10 insertions(+), 36 deletions(-) diff --git a/chart/templates/core-dns-custom.yaml b/chart/templates/core-dns-custom.yaml index 1f70b69..efc30d9 100644 --- a/chart/templates/core-dns-custom.yaml +++ b/chart/templates/core-dns-custom.yaml @@ -5,5 +5,12 @@ metadata: namespace: kube-system data: uds.override: | -{{ .Values.coreDnsDefaults | nindent 4 }} -{{ .Values.coreDnsOverrides | nindent 4 }} \ No newline at end of file + rewrite stop { + name regex (.*\.admin\.uds\.dev) admin-ingressgateway.istio-admin-gateway.svc.cluster.local answer auto + } + rewrite stop { + name regex (.*\.uds\.dev) tenant-ingressgateway.istio-tenant-gateway.svc.cluster.local answer auto + } + rewrite stop { + name regex (.*\.uds\.dev) host.k3d.internal answer auto + } \ No newline at end of file diff --git a/chart/values.yaml b/chart/values.yaml index b8b31b5..a14ebd6 100644 --- a/chart/values.yaml +++ b/chart/values.yaml @@ -1,11 +1 @@ extraPorts: [] - -coreDnsDefaults: | - rewrite { - name regex (.*\.admin\.uds\.dev) admin-ingressgateway.istio-admin-gateway.svc.cluster.local answer auto - } - rewrite { - name regex (.*\.uds\.dev) tenant-ingressgateway.istio-tenant-gateway.svc.cluster.local answer auto - } - -coreDnsOverrides: "" diff --git a/docs/DNS.md b/docs/DNS.md index dbe0f33..5e9f9bf 100644 --- a/docs/DNS.md +++ b/docs/DNS.md @@ -6,20 +6,10 @@ One of the core assumptions of the `uds-k3d` package is the use of `uds.dev` as [UDS Core](https://github.com/defenseunicorns/uds-core) is assumed to be the main infrastructure and/or testing target in local development; therefore, the DNS resolution assumes the existence of the default admin and tenant Istio gateways. -This package includes a CoreDNS configuration override designed to rewrite requests for `*.uds.dev` to the tenant and admin Istio gateways based on the subdomain, `*.admin.uds.dev` or `*.uds.dev`. This rewrite ensures that any DNS resolution request within the cluster targeting a `*.uds.dev` address will be correctly routed to the correct service mesh gateway. +This package includes a CoreDNS configuration override designed to rewrite requests for `*.uds.dev` to the tenant and admin Istio gateways based on the subdomain, `*.admin.uds.dev` or `*.uds.dev`. This rewrite ensures that any DNS resolution request within the cluster targeting a `*.uds.dev` address will be correctly routed to the correct service mesh gateway. A final rewrite in this package is used as a catch-all by redirecting `*.uds.dev` requests to `host.k3d.internal`. The outcome of this is a pods in the cluster can resolve domains like sso.uds.dev to an address (not 127.0.0.1) that will ultimately get routed correctly. -To add additional CoreDNS overrides, you can set the `coreDnsOverrides` value by supplying the following to the deployment command: - -```bash ---set COREDNS_OVERRIDES=" -rewrite { - name regex (.*\.uds\.dev) host.k3d.internal answer auto -} -" -``` - ## Nginx Configuration Additionally, the package includes Nginx configuration that assumes the use of `uds.dev` as the base domain. This configuration is tailored to support the development environment setup, ensuring that Nginx correctly handles requests and routes them within the cluster, based on the `uds.dev` domain. diff --git a/tasks.yaml b/tasks.yaml index e0a7c6d..00fb80c 100644 --- a/tasks.yaml +++ b/tasks.yaml @@ -7,9 +7,6 @@ variables: default: "" - name: NGINX_EXTRA_PORTS default: "[]" - - name: COREDNS_OVERRIDES - autoIndent: true - default: "" tasks: - name: default @@ -24,7 +21,6 @@ tasks: --set K3D_IMAGE=${IMAGE_NAME}:${VERSION} \ --set K3D_EXTRA_ARGS="${K3D_EXTRA_ARGS}" \ --set NGINX_EXTRA_PORTS="${NGINX_EXTRA_PORTS}" \ - --set COREDNS_OVERRIDES="${COREDNS_OVERRIDES}" \ --no-progress --confirm - name: validate diff --git a/values/dev-stack-values.yaml b/values/dev-stack-values.yaml index d4c5466..a67e584 100644 --- a/values/dev-stack-values.yaml +++ b/values/dev-stack-values.yaml @@ -1,4 +1 @@ extraPorts: ###ZARF_VAR_NGINX_EXTRA_PORTS### - -coreDnsOverrides: | - ###ZARF_VAR_COREDNS_OVERRIDES### diff --git a/zarf.yaml b/zarf.yaml index 170161f..0295680 100644 --- a/zarf.yaml +++ b/zarf.yaml @@ -27,12 +27,6 @@ variables: description: "Optionally allow more ports through Nginx (combine with K3D_EXTRA_ARGS '-p :@server:*')" default: "[]" - - name: COREDNS_OVERRIDES - description: | - "CoreDNS rewrites beyond the default overrides for UDS Core" - autoIndent: true - default: "" - components: - name: destroy-cluster required: true From 686ff43a1f77a80f0a0f1855236a2f694074d158 Mon Sep 17 00:00:00 2001 From: Justin Law Date: Fri, 27 Sep 2024 13:48:39 -0400 Subject: [PATCH 13/17] working zarf helm overrides --- chart/templates/core-dns-custom.yaml | 10 +--------- chart/values.yaml | 11 +++++++++++ zarf.yaml | 5 +++++ 3 files changed, 17 insertions(+), 9 deletions(-) diff --git a/chart/templates/core-dns-custom.yaml b/chart/templates/core-dns-custom.yaml index efc30d9..a169eae 100644 --- a/chart/templates/core-dns-custom.yaml +++ b/chart/templates/core-dns-custom.yaml @@ -5,12 +5,4 @@ metadata: namespace: kube-system data: uds.override: | - rewrite stop { - name regex (.*\.admin\.uds\.dev) admin-ingressgateway.istio-admin-gateway.svc.cluster.local answer auto - } - rewrite stop { - name regex (.*\.uds\.dev) tenant-ingressgateway.istio-tenant-gateway.svc.cluster.local answer auto - } - rewrite stop { - name regex (.*\.uds\.dev) host.k3d.internal answer auto - } \ No newline at end of file +{{ .Values.coreDnsOverrides | indent 4 }} \ No newline at end of file diff --git a/chart/values.yaml b/chart/values.yaml index a14ebd6..fa13b07 100644 --- a/chart/values.yaml +++ b/chart/values.yaml @@ -1 +1,12 @@ extraPorts: [] + +coreDnsOverrides: | + rewrite stop { + name regex (.*\.admin\.uds\.dev) admin-ingressgateway.istio-admin-gateway.svc.cluster.local answer auto + } + rewrite stop { + name regex (.*\.uds\.dev) tenant-ingressgateway.istio-tenant-gateway.svc.cluster.local answer auto + } + rewrite stop { + name regex (.*\.uds\.dev) host.k3d.internal answer auto + } \ No newline at end of file diff --git a/zarf.yaml b/zarf.yaml index 0295680..9a9d19f 100644 --- a/zarf.yaml +++ b/zarf.yaml @@ -93,6 +93,11 @@ components: # x-release-please-end valuesFiles: - "values/dev-stack-values.yaml" + variables: + - name: COREDNS_OVERRIDES + # Defaults contain rewrites of `*.uds.dev` to the UDS core Istio tenant and admin gateways + description: "CoreDNS overrides" + path: coreDnsOverrides - name: minio namespace: uds-dev-stack version: 5.2.0 From 8321dec6332862f1632a465faa885a52b16aafad Mon Sep 17 00:00:00 2001 From: Justin Law Date: Fri, 27 Sep 2024 13:58:15 -0400 Subject: [PATCH 14/17] docs and tasks update --- docs/DNS.md | 15 +++++++++++++++ tasks.yaml | 12 ++++++++++++ 2 files changed, 27 insertions(+) diff --git a/docs/DNS.md b/docs/DNS.md index 5e9f9bf..e3353c5 100644 --- a/docs/DNS.md +++ b/docs/DNS.md @@ -10,6 +10,21 @@ This package includes a CoreDNS configuration override designed to rewrite reque The outcome of this is a pods in the cluster can resolve domains like sso.uds.dev to an address (not 127.0.0.1) that will ultimately get routed correctly. +You can use Zarf Helm overrides to overwrite the overrides provided by default in this package. To do so you must have Zarf >= v0.33.0. An example of how one might use this override with the default UDS task is as follows: + +```bash +# Define the overrides +COREDNS_OVERRIDES=$(cat << 'EOF' +rewrite stop { + name regex (.*\.uds\.dev) host.k3d.internal answer auto +} +EOF +) + +# Now use the variable in your command +uds run --set COREDNS_OVERRIDES="$COREDNS_OVERRIDES" +``` + ## Nginx Configuration Additionally, the package includes Nginx configuration that assumes the use of `uds.dev` as the base domain. This configuration is tailored to support the development environment setup, ensuring that Nginx correctly handles requests and routes them within the cluster, based on the `uds.dev` domain. diff --git a/tasks.yaml b/tasks.yaml index 00fb80c..6404a23 100644 --- a/tasks.yaml +++ b/tasks.yaml @@ -7,6 +7,17 @@ variables: default: "" - name: NGINX_EXTRA_PORTS default: "[]" + - name: COREDNS_OVERRIDES + default: | + rewrite stop { + name regex (.*\.admin\.uds\.dev) admin-ingressgateway.istio-admin-gateway.svc.cluster.local answer auto + } + rewrite stop { + name regex (.*\.uds\.dev) tenant-ingressgateway.istio-tenant-gateway.svc.cluster.local answer auto + } + rewrite stop { + name regex (.*\.uds\.dev) host.k3d.internal answer auto + } tasks: - name: default @@ -21,6 +32,7 @@ tasks: --set K3D_IMAGE=${IMAGE_NAME}:${VERSION} \ --set K3D_EXTRA_ARGS="${K3D_EXTRA_ARGS}" \ --set NGINX_EXTRA_PORTS="${NGINX_EXTRA_PORTS}" \ + --set COREDNS_OVERRIDES="${COREDNS_OVERRIDES}" \ --no-progress --confirm - name: validate From b43733ab2e6593f4890f4b5091c80e7e2247fb24 Mon Sep 17 00:00:00 2001 From: Justin Law <81255462+justinthelaw@users.noreply.github.com> Date: Fri, 27 Sep 2024 14:15:22 -0400 Subject: [PATCH 15/17] remove extraneous rewrite, value.yaml --- chart/values.yaml | 3 --- 1 file changed, 3 deletions(-) diff --git a/chart/values.yaml b/chart/values.yaml index fa13b07..fe7e6f0 100644 --- a/chart/values.yaml +++ b/chart/values.yaml @@ -7,6 +7,3 @@ coreDnsOverrides: | rewrite stop { name regex (.*\.uds\.dev) tenant-ingressgateway.istio-tenant-gateway.svc.cluster.local answer auto } - rewrite stop { - name regex (.*\.uds\.dev) host.k3d.internal answer auto - } \ No newline at end of file From 86943aa9f4cd0787a4d3b33106b05d44d8e8a5b9 Mon Sep 17 00:00:00 2001 From: Justin Law <81255462+justinthelaw@users.noreply.github.com> Date: Fri, 27 Sep 2024 14:15:42 -0400 Subject: [PATCH 16/17] remove extraneous rewrite, tasks.yaml --- tasks.yaml | 3 --- 1 file changed, 3 deletions(-) diff --git a/tasks.yaml b/tasks.yaml index 6404a23..efb15e8 100644 --- a/tasks.yaml +++ b/tasks.yaml @@ -15,9 +15,6 @@ variables: rewrite stop { name regex (.*\.uds\.dev) tenant-ingressgateway.istio-tenant-gateway.svc.cluster.local answer auto } - rewrite stop { - name regex (.*\.uds\.dev) host.k3d.internal answer auto - } tasks: - name: default From f4b303839ba0e83f94ff763281c3c36b23ad7f30 Mon Sep 17 00:00:00 2001 From: Justin Law <81255462+justinthelaw@users.noreply.github.com> Date: Tue, 1 Oct 2024 18:10:34 -0400 Subject: [PATCH 17/17] remove COREDNS_OVERRIDES from tasks --- tasks.yaml | 9 --------- 1 file changed, 9 deletions(-) diff --git a/tasks.yaml b/tasks.yaml index efb15e8..00fb80c 100644 --- a/tasks.yaml +++ b/tasks.yaml @@ -7,14 +7,6 @@ variables: default: "" - name: NGINX_EXTRA_PORTS default: "[]" - - name: COREDNS_OVERRIDES - default: | - rewrite stop { - name regex (.*\.admin\.uds\.dev) admin-ingressgateway.istio-admin-gateway.svc.cluster.local answer auto - } - rewrite stop { - name regex (.*\.uds\.dev) tenant-ingressgateway.istio-tenant-gateway.svc.cluster.local answer auto - } tasks: - name: default @@ -29,7 +21,6 @@ tasks: --set K3D_IMAGE=${IMAGE_NAME}:${VERSION} \ --set K3D_EXTRA_ARGS="${K3D_EXTRA_ARGS}" \ --set NGINX_EXTRA_PORTS="${NGINX_EXTRA_PORTS}" \ - --set COREDNS_OVERRIDES="${COREDNS_OVERRIDES}" \ --no-progress --confirm - name: validate