rename consulHA to serverHA; add dev mode, update config and values

2018-11-26 16:12:03 -06:00 · 2018-11-26 16:12:03 -06:00 · 34e0b377d9
commit 34e0b377d9
parent 666cdb75cc
5 changed files with 16 additions and 14 deletions
--- a/templates/ha-ui-service.yaml
+++ b/templates/ha-ui-service.yaml
@ -3,7 +3,7 @@
 # the agent is installed locally on the node and the NODE_IP should be used.
 # If the node can't run a Vault agent, then this service can be used to
 # communicate directly to a server agent.
-{{- if (and (or (and (ne (.Values.consulHA.enabled | toString) "-") .Values.consulHA.enabled) (and (eq (.Values.consulHA.enabled | toString) "-") .Values.global.enabled)) (or (and (ne (.Values.ui.enabled | toString) "-") .Values.ui.enabled) (and (eq (.Values.ui.enabled | toString) "-") .Values.global.enabled)) (or (and (ne (.Values.ui.service.enabled | toString) "-") .Values.ui.service.enabled) (and (eq (.Values.ui.service.enabled | toString) "-") .Values.global.enabled))) }}
+{{- if (and (or (and (ne (.Values.serverHA.enabled | toString) "-") .Values.serverHA.enabled) (and (eq (.Values.serverHA.enabled | toString) "-") .Values.global.enabled)) (or (and (ne (.Values.ui.enabled | toString) "-") .Values.ui.enabled) (and (eq (.Values.ui.enabled | toString) "-") .Values.global.enabled)) (or (and (ne (.Values.ui.service.enabled | toString) "-") .Values.ui.service.enabled) (and (eq (.Values.ui.service.enabled | toString) "-") .Values.global.enabled))) }}
 apiVersion: v1
 kind: Service
 metadata:
--- a/templates/server-ha-config-configmap.yaml
+++ b/templates/server-ha-config-configmap.yaml
@ -1,9 +1,9 @@
 # StatefulSet to run the actual vault server cluster.
-{{- if (or (and (ne (.Values.consulHA.enabled | toString) "-") .Values.consulHA.enabled) (and (eq (.Values.consulHA.enabled | toString) "-") .Values.global.enabled)) }}
+{{- if (or (and (ne (.Values.serverHA.enabled | toString) "-") .Values.serverHA.enabled) (and (eq (.Values.serverHA.enabled | toString) "-") .Values.global.enabled)) }}
 apiVersion: v1
 kind: ConfigMap
 metadata:
-  name: {{ template "vault.fullname" . }}-server-config
+  name: {{ template "vault.fullname" . }}-server-ha-config
  labels:
    app: {{ template "vault.name" . }}
    chart: {{ template "vault.chart" . }}
@ -11,5 +11,5 @@ metadata:
    release: {{ .Release.Name }}
 data:
  statefulconfig-from-values.hcl: |-
-{{ tpl .Values.consulHA.config . | indent 4 }}
+{{ tpl .Values.serverHA.config . | indent 4 }}
 {{- end }}
--- a/templates/server-ha-service.yaml
+++ b/templates/server-ha-service.yaml
@ -4,7 +4,7 @@
 # If the node can't run a Vault agent, then this service can be used to
 # communicate directly to a server agent.
 # TODO: verify for Vault
-{{- if (or (and (ne (.Values.consulHA.enabled | toString) "-") .Values.consulHA.enabled) (and (eq (.Values.consulHA.enabled | toString) "-") .Values.global.enabled)) }}
+{{- if (or (and (ne (.Values.serverHA.enabled | toString) "-") .Values.serverHA.enabled) (and (eq (.Values.serverHA.enabled | toString) "-") .Values.global.enabled)) }}
 apiVersion: v1
 kind: Service
 metadata:
--- a/templates/server-ha-statefulset.yaml
+++ b/templates/server-ha-statefulset.yaml
@ -1,5 +1,5 @@
 # StatefulSet to run the actual vault server cluster.
-{{- if (or (and (ne (.Values.consulHA.enabled | toString) "-") .Values.consulHA.enabled) (and (eq (.Values.consulHA.enabled | toString) "-") .Values.global.enabled)) }}
+{{- if (or (and (ne (.Values.serverHA.enabled | toString) "-") .Values.serverHA.enabled) (and (eq (.Values.serverHA.enabled | toString) "-") .Values.global.enabled)) }}
 apiVersion: apps/v1
 kind: StatefulSet
 metadata:
@ -12,13 +12,13 @@ metadata:
 spec:
  serviceName: {{ template "vault.fullname" . }}-ha-server
  podManagementPolicy: Parallel
-  replicas: {{ .Values.consulHA.replicas }}
+  replicas: {{ .Values.serverHA.replicas }}
  # TODO: add updatePartition option 
-  {{- if (gt (int .Values.consulHA.updatePartition) 0) }}
+  {{- if (gt (int .Values.serverHA.updatePartition) 0) }}
  updateStrategy:
    type: RollingUpdate
    rollingUpdate:
-      partition: {{ .Values.consulHA.updatePartition }}
+      partition: {{ .Values.serverHA.updatePartition }}
  {{- end }}
  selector:
    matchLabels:
@ -41,7 +41,7 @@ spec:
          configMap:
            name: {{ template "vault.fullname" . }}-server-ha-config
            defaultMode: 0755
-        {{- range .Values.consulHA.extraVolumes }}
+        {{- range .Values.serverHA.extraVolumes }}
        - name: userconfig-{{ .name }}
          {{ .type }}:
            {{- if (eq .type "configMap") }}
@ -56,7 +56,7 @@ spec:
            fsGroup: 1000
            # TODO: confirm Vault needs this
            privileged: true
-          image: "{{ default .Values.global.image .Values.consulHA.image }}"
+          image: "{{ default .Values.global.image .Values.serverHA.image }}"
          env:
            - name: HOST_IP
              valueFrom:
@ -86,7 +86,7 @@ spec:
          volumeMounts:
            - name: config
              mountPath: /vault/config
-            {{- range .Values.consulHA.extraVolumes }}
+            {{- range .Values.serverHA.extraVolumes }}
            - name: userconfig-{{ .name }}
              readOnly: true
              mountPath: /vault/userconfig/{{ .name }}
--- a/values.yaml
+++ b/values.yaml
@ -72,7 +72,7 @@ server:
    #   name: my-secret
    #   load: false # if true, will add to `-config-dir` to load by Vault

-consulHA:
+serverHA:
  enabled: false
  image: null
  replicas: 1
@ -136,7 +136,9 @@ ui:
  # on the server nodes. This makes UI access via the service below (if
  # enabled) predictable rather than "any node" if you're running Vault
  # clients as well.
-  enabled: "-"
+  #
+  # This value is used for both Single Server and HA mode setups
+  enabled: false

  # True if you want to create a Service entry for the Vault UI.
  #