diff --git a/helm/minio/templates/console-service.yaml b/helm/minio/templates/console-service.yaml index 2bbe7e385..f09e3f3c6 100644 --- a/helm/minio/templates/console-service.yaml +++ b/helm/minio/templates/console-service.yaml @@ -12,16 +12,18 @@ metadata: annotations: {{- toYaml .Values.consoleService.annotations | nindent 4 }} {{- end }} spec: - {{- if (or (eq .Values.consoleService.type "ClusterIP" "") (empty .Values.consoleService.type)) }} - type: ClusterIP - {{- if not (empty .Values.consoleService.clusterIP) }} + type: {{ .Values.consoleService.type }} + {{- if and (eq .Values.consoleService.type "ClusterIP") .Values.consoleService.clusterIP }} clusterIP: {{ .Values.consoleService.clusterIP }} {{- end }} - {{- else if eq .Values.consoleService.type "LoadBalancer" }} - type: {{ .Values.consoleService.type }} - loadBalancerIP: {{ default "" .Values.consoleService.loadBalancerIP }} - {{- else }} - type: {{ .Values.consoleService.type }} + {{- if or (eq .Values.consoleService.type "LoadBalancer") (eq .Values.consoleService.type "NodePort") }} + externalTrafficPolicy: {{ .Values.consoleService.externalTrafficPolicy | quote }} + {{- end }} + {{- if and (eq .Values.consoleService.type "LoadBalancer") .Values.consoleService.loadBalancerSourceRanges }} + loadBalancerSourceRanges: {{ .Values.consoleService.loadBalancerSourceRanges }} + {{ end }} + {{- if and (eq .Values.consoleService.type "LoadBalancer") (not (empty .Values.consoleService.loadBalancerIP)) }} + loadBalancerIP: {{ .Values.consoleService.loadBalancerIP }} {{- end }} ports: - name: {{ $scheme }} diff --git a/helm/minio/templates/service.yaml b/helm/minio/templates/service.yaml index ba1f3feaa..d872cd07a 100644 --- a/helm/minio/templates/service.yaml +++ b/helm/minio/templates/service.yaml @@ -13,16 +13,18 @@ metadata: annotations: {{- toYaml .Values.service.annotations | nindent 4 }} {{- end }} spec: - {{- if (or (eq .Values.service.type "ClusterIP" "") (empty .Values.service.type)) }} - type: ClusterIP - {{- if not (empty .Values.service.clusterIP) }} + type: {{ .Values.service.type }} + {{- if and (eq .Values.service.type "ClusterIP") .Values.service.clusterIP }} clusterIP: {{ .Values.service.clusterIP }} {{- end }} - {{- else if eq .Values.service.type "LoadBalancer" }} - type: {{ .Values.service.type }} - loadBalancerIP: {{ default "" .Values.service.loadBalancerIP }} - {{- else }} - type: {{ .Values.service.type }} + {{- if or (eq .Values.service.type "LoadBalancer") (eq .Values.service.type "NodePort") }} + externalTrafficPolicy: {{ .Values.service.externalTrafficPolicy | quote }} + {{- end }} + {{- if and (eq .Values.service.type "LoadBalancer") .Values.service.loadBalancerSourceRanges }} + loadBalancerSourceRanges: {{ .Values.service.loadBalancerSourceRanges }} + {{ end }} + {{- if and (eq .Values.service.type "LoadBalancer") (not (empty .Values.service.loadBalancerIP)) }} + loadBalancerIP: {{ default "" .Values.service.loadBalancerIP | quote }} {{- end }} ports: - name: {{ $scheme }} diff --git a/helm/minio/values.yaml b/helm/minio/values.yaml index 4ac770ea1..245b2384c 100644 --- a/helm/minio/values.yaml +++ b/helm/minio/values.yaml @@ -182,6 +182,18 @@ service: externalIPs: [] annotations: {} + ## service.loadBalancerSourceRanges Addresses that are allowed when service is LoadBalancer + ## https://kubernetes.io/docs/tasks/access-application-cluster/configure-cloud-provider-firewall/#restrict-access-for-loadbalancer-service + ## + #loadBalancerSourceRanges: + # - 10.10.10.0/24 + loadBalancerSourceRanges: [] + + ## service.externalTrafficPolicy minio service external traffic policy + ## ref http://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/#preserving-the-client-source-ip + ## + externalTrafficPolicy: Cluster + ## Configure Ingress based on the documentation here: https://kubernetes.io/docs/concepts/services-networking/ingress/ ## @@ -214,6 +226,17 @@ consoleService: loadBalancerIP: ~ externalIPs: [] annotations: {} + ## consoleService.loadBalancerSourceRanges Addresses that are allowed when service is LoadBalancer + ## https://kubernetes.io/docs/tasks/access-application-cluster/configure-cloud-provider-firewall/#restrict-access-for-loadbalancer-service + ## + #loadBalancerSourceRanges: + # - 10.10.10.0/24 + loadBalancerSourceRanges: [] + + ## servconsoleServiceice.externalTrafficPolicy minio service external traffic policy + ## ref http://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/#preserving-the-client-source-ip + ## + externalTrafficPolicy: Cluster consoleIngress: enabled: false