Allow specifying the service's ipFamilyPolicy and ipFamilies
This commit is contained in:
Philipp Kolberg
parent
a43b2fb17c
commit
ca025690e0
|
|
@ -32,6 +32,12 @@ class ServiceReconciler(KubernetesObjectReconciler[V1Service]):
|
||||||
# priority than being updated.
|
# priority than being updated.
|
||||||
if current.spec.selector != reference.spec.selector:
|
if current.spec.selector != reference.spec.selector:
|
||||||
raise NeedsUpdate()
|
raise NeedsUpdate()
|
||||||
|
if current.spec.type != reference.spec.type:
|
||||||
|
raise NeedsUpdate()
|
||||||
|
if current.spec.ipFamilyPolicy != reference.spec.ipFamilyPolicy:
|
||||||
|
raise NeedsUpdate()
|
||||||
|
if current.spec.ipFamilies != reference.spec.ipFamilies:
|
||||||
|
raise NeedsUpdate()
|
||||||
super().reconcile(current, reference)
|
super().reconcile(current, reference)
|
||||||
|
|
||||||
def get_reference_object(self) -> V1Service:
|
def get_reference_object(self) -> V1Service:
|
||||||
|
|
@ -60,6 +66,8 @@ class ServiceReconciler(KubernetesObjectReconciler[V1Service]):
|
||||||
ports=ports,
|
ports=ports,
|
||||||
selector=selector_labels,
|
selector=selector_labels,
|
||||||
type=self.controller.outpost.config.kubernetes_service_type,
|
type=self.controller.outpost.config.kubernetes_service_type,
|
||||||
|
ip_family_policy=self.controller.outpost.config.kubernetes_service_ip_family_policy,
|
||||||
|
ip_families=self.controller.outpost.config.kubernetes_service_ip_families,
|
||||||
),
|
),
|
||||||
)
|
)
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -73,6 +73,8 @@ class OutpostConfig:
|
||||||
kubernetes_ingress_secret_name: str = field(default="authentik-outpost-tls")
|
kubernetes_ingress_secret_name: str = field(default="authentik-outpost-tls")
|
||||||
kubernetes_ingress_class_name: Optional[str] = field(default=None)
|
kubernetes_ingress_class_name: Optional[str] = field(default=None)
|
||||||
kubernetes_service_type: str = field(default="ClusterIP")
|
kubernetes_service_type: str = field(default="ClusterIP")
|
||||||
|
kubernetes_service_ip_family_policy: Optional[str] = field(default="SingleStack")
|
||||||
|
kubernetes_service_ip_families: list[str] = field(default_factory=list)
|
||||||
kubernetes_disabled_components: list[str] = field(default_factory=list)
|
kubernetes_disabled_components: list[str] = field(default_factory=list)
|
||||||
kubernetes_image_pull_secrets: list[str] = field(default_factory=list)
|
kubernetes_image_pull_secrets: list[str] = field(default_factory=list)
|
||||||
kubernetes_json_patches: Optional[dict[str, list[dict[str, Any]]]] = field(default=None)
|
kubernetes_json_patches: Optional[dict[str, list[dict[str, Any]]]] = field(default=None)
|
||||||
|
|
|
||||||
|
|
@ -159,13 +159,13 @@ class IngressReconciler(KubernetesObjectReconciler[V1Ingress]):
|
||||||
rules.append(rule)
|
rules.append(rule)
|
||||||
tls_config = None
|
tls_config = None
|
||||||
if tls_hosts:
|
if tls_hosts:
|
||||||
tls_config = V1IngressTLS(
|
tls_config = [V1IngressTLS(
|
||||||
hosts=tls_hosts,
|
hosts=tls_hosts,
|
||||||
secret_name=self.controller.outpost.config.kubernetes_ingress_secret_name,
|
secret_name=self.controller.outpost.config.kubernetes_ingress_secret_name,
|
||||||
)
|
)]
|
||||||
spec = V1IngressSpec(
|
spec = V1IngressSpec(
|
||||||
rules=rules,
|
rules=rules,
|
||||||
tls=[tls_config],
|
tls=tls_config,
|
||||||
)
|
)
|
||||||
if self.controller.outpost.config.kubernetes_ingress_class_name:
|
if self.controller.outpost.config.kubernetes_ingress_class_name:
|
||||||
spec.ingress_class_name = self.controller.outpost.config.kubernetes_ingress_class_name
|
spec.ingress_class_name = self.controller.outpost.config.kubernetes_ingress_class_name
|
||||||
|
|
|
||||||
Reference in a new issue