Skip to content

Commit d4f5cee

Browse files
OpenGuidouDandyDeveloper
OpenGuidou
and
DandyDeveloper
authored
feat(redis-ha): Add tls ports to netpol if defined (#313)
Signed-off-by: OpenGuidou <[email protected]> Co-authored-by: Aaron Layfield <[email protected]>
1 parent 6f360e7 commit d4f5cee

File tree

4 files changed

+32
-29
lines changed

4 files changed

+32
-29
lines changed

charts/redis-ha/Chart.yaml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -5,7 +5,7 @@ keywords:
55
- redis
66
- keyvalue
77
- database
8-
version: 4.34.10
8+
version: 4.34.11
99
appVersion: 8.2.1
1010
description: This Helm chart provides a highly available Redis implementation with a master/slave configuration and uses Sentinel sidecars for failover management
1111
icon: https://img.icons8.com/external-tal-revivo-shadow-tal-revivo/24/external-redis-an-in-memory-data-structure-project-implementing-a-distributed-logo-shadow-tal-revivo.png

charts/redis-ha/templates/_helpers.tpl

Lines changed: 24 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -127,4 +127,28 @@ Usage:
127127
{{- $adaptedContext = omit $adaptedContext "capabilities" "seLinuxOptions" -}}
128128
{{- end -}}
129129
{{- omit $adaptedContext "enabled" | toYaml -}}
130+
{{- end -}}
131+
132+
{{/*
133+
Defines the redis ports to be used inside network policies
134+
Usage:
135+
{{- include "redis-ports" . -}}
136+
*/}}
137+
{{- define "redis-ports" -}}
138+
{{- if ne (int .Values.redis.port) 0 }}
139+
- port: {{ .Values.redis.port }}
140+
protocol: TCP
141+
{{- end -}}
142+
{{- if ne (int .Values.sentinel.port) 0 }}
143+
- port: {{ .Values.sentinel.port }}
144+
protocol: TCP
145+
{{- end -}}
146+
{{- if ne (int .Values.redis.tlsPort) 0 }}
147+
- port: {{ .Values.redis.tlsPort }}
148+
protocol: TCP
149+
{{- end -}}
150+
{{- if ne (int .Values.sentinel.tlsPort) 0 }}
151+
- port: {{ .Values.sentinel.tlsPort }}
152+
protocol: TCP
153+
{{- end -}}
130154
{{- end -}}

charts/redis-ha/templates/redis-ha-network-policy.yaml

Lines changed: 4 additions & 16 deletions
Original file line numberDiff line numberDiff line change
@@ -31,10 +31,7 @@ spec:
3131
release: {{ .Release.Name }}
3232
app: {{ template "redis-ha.name" . }}
3333
ports:
34-
- port: {{ .Values.redis.port }}
35-
protocol: TCP
36-
- port: {{ .Values.sentinel.port }}
37-
protocol: TCP
34+
{{- include "redis-ports" . | nindent 6 }}
3835
{{- range $rule := .Values.networkPolicy.egressRules }}
3936
- to:
4037
{{ (tpl (toYaml $rule.selectors) $) | indent 7 }}
@@ -48,21 +45,15 @@ spec:
4845
release: {{ .Release.Name }}
4946
app: {{ template "redis-ha.name" . }}
5047
ports:
51-
- port: {{ .Values.redis.port }}
52-
protocol: TCP
53-
- port: {{ .Values.sentinel.port }}
54-
protocol: TCP
48+
{{- include "redis-ports" . | nindent 6 }}
5549
{{- if .Values.haproxy.enabled }}
5650
- from:
5751
- podSelector:
5852
matchLabels:
5953
release: {{ .Release.Name }}
6054
app: {{ template "redis-ha.name" . }}-haproxy
6155
ports:
62-
- port: {{ .Values.redis.port }}
63-
protocol: TCP
64-
- port: {{ .Values.sentinel.port }}
65-
protocol: TCP
56+
{{- include "redis-ports" . | nindent 6 }}
6657
{{- end }}
6758
{{- range $rule := .Values.networkPolicy.ingressRules }}
6859
- from:
@@ -71,10 +62,7 @@ spec:
7162
{{- if $rule.ports }}
7263
{{ toYaml $rule.ports | indent 7 }}
7364
{{- else }}
74-
- port: {{ $root.Values.redis.port }}
75-
protocol: TCP
76-
- port: {{ $root.Values.sentinel.port }}
77-
protocol: TCP
65+
{{- include "redis-ports" . | nindent 6 }}
7866
{{- end }}
7967
{{- end }}
8068
{{- end }}

charts/redis-ha/templates/redis-haproxy-network-policy.yaml

Lines changed: 3 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -32,10 +32,7 @@ spec:
3232
release: {{ .Release.Name }}
3333
app: {{ template "redis-ha.name" . }}
3434
ports:
35-
- port: {{ .Values.redis.port }}
36-
protocol: TCP
37-
- port: {{ .Values.sentinel.port }}
38-
protocol: TCP
35+
{{- include "redis-ports" . | nindent 6 }}
3936
- to:
4037
- namespaceSelector: {}
4138
ports:
@@ -56,20 +53,14 @@ spec:
5653
release: {{ .Release.Name }}
5754
app: {{ template "redis-ha.name" . }}
5855
ports:
59-
- port: {{ .Values.redis.port }}
60-
protocol: TCP
61-
- port: {{ .Values.sentinel.port }}
62-
protocol: TCP
56+
{{- include "redis-ports" . | nindent 8 }}
6357
{{- range $rule := .Values.haproxy.networkPolicy.ingressRules }}
6458
- from:
6559
{{- (tpl (toYaml $rule.selectors) $) | nindent 8 }}
6660
ports:
6761
{{- if $rule.ports }}
6862
{{- toYaml $rule.ports | nindent 8 }}
6963
{{- end }}
70-
- port: {{ $root.Values.redis.port }}
71-
protocol: TCP
72-
- port: {{ $root.Values.sentinel.port }}
73-
protocol: TCP
64+
{{- include "redis-ports" . | nindent 8 }}
7465
{{- end }}
7566
{{- end }}

0 commit comments

Comments
 (0)