67 lines
2.3 KiB
YAML
67 lines
2.3 KiB
YAML
{{- $proxy := mustMergeOverwrite (mustDeepCopy .Values) .Values.proxy -}}
|
|
{{- $backendProtocol := ternary "ssl" "tcp" (hasKey $proxy.annotations.service "service.beta.kubernetes.io/aws-load-balancer-ssl-cert") -}}
|
|
apiVersion: v1
|
|
kind: Service
|
|
metadata:
|
|
name: {{ .Release.Name }}-lb
|
|
namespace: {{ .Release.Namespace }}
|
|
labels: {{- include "teleport-cluster.proxy.labels" . | nindent 4 }}
|
|
{{- if (or ($proxy.annotations.service) (eq $proxy.chartMode "aws")) }}
|
|
annotations:
|
|
{{- if and (eq $proxy.chartMode "aws") (not $proxy.ingress.enabled) }}
|
|
{{- if not (hasKey $proxy.annotations.service "service.beta.kubernetes.io/aws-load-balancer-backend-protocol")}}
|
|
service.beta.kubernetes.io/aws-load-balancer-backend-protocol: {{ $backendProtocol }}
|
|
{{- end }}
|
|
{{- if not (or (hasKey $proxy.annotations.service "service.beta.kubernetes.io/aws-load-balancer-cross-zone-load-balancing-enabled") (hasKey $proxy.annotations.service "service.beta.kubernetes.io/aws-load-balancer-attributes"))}}
|
|
service.beta.kubernetes.io/aws-load-balancer-cross-zone-load-balancing-enabled: "true"
|
|
{{- end }}
|
|
{{- if not (hasKey $proxy.annotations.service "service.beta.kubernetes.io/aws-load-balancer-type")}}
|
|
service.beta.kubernetes.io/aws-load-balancer-type: nlb
|
|
{{- end }}
|
|
{{- end }}
|
|
{{- if $proxy.annotations.service }}
|
|
{{- toYaml $proxy.annotations.service | nindent 4 }}
|
|
{{- end }}
|
|
{{- end }}
|
|
spec:
|
|
type: "LoadBalancer"
|
|
{{- with $proxy.service.spec }}
|
|
{{- toYaml . | nindent 2 }}
|
|
{{- end }}
|
|
ports:
|
|
- name: tls
|
|
port: 443
|
|
targetPort: 3080
|
|
protocol: TCP
|
|
{{- if ne $proxy.proxyListenerMode "multiplex" }}
|
|
- name: sshproxy
|
|
port: 3023
|
|
targetPort: 3023
|
|
protocol: TCP
|
|
- name: k8s
|
|
port: 3026
|
|
targetPort: 3026
|
|
protocol: TCP
|
|
- name: sshtun
|
|
port: 3024
|
|
targetPort: 3024
|
|
protocol: TCP
|
|
- name: mysql
|
|
port: 3036
|
|
targetPort: 3036
|
|
protocol: TCP
|
|
{{- if $proxy.separatePostgresListener }}
|
|
- name: postgres
|
|
port: 5432
|
|
targetPort: 5432
|
|
protocol: TCP
|
|
{{- end }}
|
|
{{- if $proxy.separateMongoListener }}
|
|
- name: mongo
|
|
port: 27017
|
|
targetPort: 27017
|
|
protocol: TCP
|
|
{{- end }}
|
|
{{- end }}
|
|
selector: {{- include "teleport-cluster.proxy.selectorLabels" . | nindent 4 }}
|