def __init__(self, scope: Construct, id: str, name_space):
super().__init__(scope, id, namespace=name_space)
app_name = 'kibana'
app_label = {'dev': app_name}
k8s.KubeIngressV1Beta1(
self,
'KibanaIngress',
metadata=k8s.ObjectMeta(annotations={
'kubernetes.io/ingress.class':
'alb',
'alb.ingress.kubernetes.io/group.name':
'dev',
'alb.ingress.kubernetes.io/group.order':
'7',
'alb.ingress.kubernetes.io/healthcheck-path':
'/api/status',
'alb.ingress.kubernetes.io/backend-protocol':
'HTTP',
'alb.ingress.kubernetes.io/listen-ports':
'[{"HTTPS":443}]',
'alb.ingress.kubernetes.io/certificate-arn':
'arn:aws:acm:ap-northeast-2:123456789012:certificate/aaaa-bbbb-cccc-xxxx'
},
labels=app_label,
name=app_name),
spec=k8s.IngressSpec(rules=[
k8s.IngressRule(
host="kibana.cloudopz.co",
http=k8s.HttpIngressRuleValue(paths=[
k8s.HttpIngressPath(backend=k8s.IngressBackend(
service_name='kibana',
service_port=k8s.IntOrString.from_number(5601)))
]))
]))
def render_k8s_resource(self, chart: Chart) -> k8s.Ingress:
ingress_meta = self.__create_object_meta()
ingress_tls = self.__create_ingress_tls([self.name])
ingress_backend = k8s.IngressBackend(
service_name=self.name,
service_port=k8s.IntOrString.from_number(self.port))
ingress_spec = k8s.IngressSpec(backend=ingress_backend,
tls=ingress_tls)
return k8s.Ingress(scop=chart,
name=self.name,
metadata=ingress_meta,
spec=ingress_spec)
def __init__(self, scope: Construct, id: str, name_space):
super().__init__(scope, id)
app_name = 'frontend'
app_label = {'dev': app_name}
k8s.KubeIngressV1Beta1(
self, 'FrontendIngress',
metadata=k8s.ObjectMeta(
annotations={
'kubernetes.io/ingress.class': 'alb',
'alb.ingress.kubernetes.io/group.name': f'{name_space}',
'alb.ingress.kubernetes.io/group.order': '100',
'alb.ingress.kubernetes.io/healthcheck-path': '/frontend/health-check.do',
'alb.ingress.kubernetes.io/actions.frontend-condition': '{"Type":"forward","ForwardConfig":{"TargetGroups":[{"ServiceName":"frontend","ServicePort":"2087","Weight":100}]}}',
'alb.ingress.kubernetes.io/conditions.frontend-condition': '[{"field":"path-pattern","pathPatternConfig":{"values":["/frontend/*"]}}]',
'alb.ingress.kubernetes.io/backend-protocol': 'HTTP',
'alb.ingress.kubernetes.io/listen-ports': '[{"HTTPS":443}]',
'alb.ingress.kubernetes.io/certificate-arn':
'arn:aws:acm:ap-northeast-2:123456789012:certificate/aaaa-bbbb-cccc-xxxx'
},
labels=app_label,
name=app_name
),
spec=k8s.IngressSpec(
rules=[
k8s.IngressRule(
http=k8s.HttpIngressRuleValue(
paths=[
k8s.HttpIngressPath(
backend=k8s.IngressBackend(
service_name='frontend-condition',
service_port=k8s.IntOrString.from_string('use-annotation')
)
)
]
)
)
]
)
)
def __init__(self, scope: Construct, id: str, name_space):
super().__init__(scope, id, namespace=name_space)
""" Create default rule and redirect HTTP to HTTPS """
app_name = 'dev-alb'
app_label = {'dev': app_name}
k8s.KubeIngressV1Beta1(
self,
'AppIngress',
metadata=k8s.ObjectMeta(annotations={
'kubernetes.io/ingress.class':
'alb',
'alb.ingress.kubernetes.io/scheme':
'internet-facing',
'alb.ingress.kubernetes.io/target-type':
'instance',
'alb.ingress.kubernetes.io/group.name':
f"{name_space}",
'alb.ingress.kubernetes.io/ip-address-type':
'ipv4',
'alb.ingress.kubernetes.io/backend-protocol':
'HTTP',
'alb.ingress.kubernetes.io/backend-protocol-version':
'HTTP2',
'alb.ingress.kubernetes.io/listen-ports':
'[{"HTTPS":443}, {"HTTP":80}]',
'alb.ingress.kubernetes.io/actions.ssl-redirect':
'{"Type": "redirect", "RedirectConfig": { "Protocol": "HTTPS", "Port": "443", "StatusCode": "HTTP_301"}}',
'alb.ingress.kubernetes.io/certificate-arn':
'arn:aws:acm:ap-northeast-2:123456789012:certificate/aaaa-bbbb-cccc-xxxx'
},
labels=app_label,
name=app_name),
spec=k8s.IngressSpec(rules=[
k8s.IngressRule(http=k8s.HttpIngressRuleValue(paths=[
k8s.HttpIngressPath(backend=k8s.IngressBackend(
service_name='ssl-redirect',
service_port=k8s.IntOrString.from_string(
'use-annotation')))
]))
]))
def render_k8s_resource(self, chart: Chart) -> k8s.Ingress:
ingress_meta = self.__create_object_meta()
ingress_tls = self.__create_ingress_tls()
host_list = jmespath.search("rules[].host", {"rules": self.rules})
ingress_rules = []
for host in host_list:
backend_list = jmespath.search(f"rules[?host == '{host}'].port",
{"rules": self.rules})
for backend in backend_list:
ingress_backend = k8s.IngressBackend(
service_name=backend.service_name,
service_port=k8s.IntOrString.from_number(backend.port))
backend_paths = jmespath.search(
f"rules[?host == '{host}'].path", {"rules": self.rules})
http_ingress_paths = []
if len(backend_paths) > 0:
for path in backend_paths:
http_ingress_paths.append(
k8s.HttpIngressPath(backend=ingress_backend,
path=path))
else:
http_ingress_paths.append(
k8s.HttpIngressPath(backend=ingress_backend))
ingress_rules.append(
k8s.IngressRule(host=host,
http=k8s.HttpIngressRuleValue(
paths=http_ingress_paths)))
ingress_spec = k8s.IngressSpec(rules=ingress_rules, tls=ingress_tls)
return k8s.Ingress(scope=chart,
name=self.name,
metadata=ingress_meta,
spec=ingress_spec)
