From ae207da1722c48f257c4d2f36651c785f0b336c0 Mon Sep 17 00:00:00 2001 From: Felix Kunde Date: Tue, 26 May 2020 12:37:10 +0200 Subject: [PATCH] add global toggle and enum field for schema --- .../crds/operatorconfigurations.yaml | 9 +++- .../postgres-operator/crds/postgresqls.yaml | 7 ++- charts/postgres-operator/values-crd.yaml | 6 ++- charts/postgres-operator/values.yaml | 6 ++- docs/administrator.md | 5 ++- docs/reference/cluster_manifest.md | 8 ++-- docs/reference/operator_parameters.md | 12 +++-- manifests/complete-postgres-manifest.yaml | 2 +- manifests/configmap.yaml | 3 +- manifests/operatorconfiguration.crd.yaml | 11 +++-- ...gresql-operator-default-configuration.yaml | 3 +- manifests/postgresql.crd.yaml | 7 ++- pkg/apis/acid.zalan.do/v1/crds.go | 31 ++++++++++--- .../v1/operator_configuration_type.go | 3 +- pkg/apis/acid.zalan.do/v1/postgresql_type.go | 6 +-- .../acid.zalan.do/v1/zz_generated.deepcopy.go | 10 ++--- pkg/cluster/cluster_test.go | 45 ++++++++++++++----- pkg/cluster/k8sres.go | 11 +++-- pkg/controller/operator_config.go | 3 +- pkg/util/config/config.go | 3 +- 20 files changed, 132 insertions(+), 59 deletions(-) diff --git a/charts/postgres-operator/crds/operatorconfigurations.yaml b/charts/postgres-operator/crds/operatorconfigurations.yaml index ca2c3e1d4..34dd5bddd 100644 --- a/charts/postgres-operator/crds/operatorconfigurations.yaml +++ b/charts/postgres-operator/crds/operatorconfigurations.yaml @@ -217,16 +217,21 @@ spec: load_balancer: type: object properties: + allow_public_load_balancers: + type: boolean custom_service_annotations: type: object additionalProperties: type: string db_hosted_zone: type: string + default_load_balancer_schema: + type: string + enum: + - "internal" + - "public" enable_master_load_balancer: type: boolean - enable_public_load_balancer: - type: boolean enable_replica_load_balancer: type: boolean master_dns_name_format: diff --git a/charts/postgres-operator/crds/postgresqls.yaml b/charts/postgres-operator/crds/postgresqls.yaml index 275524734..afb6db392 100644 --- a/charts/postgres-operator/crds/postgresqls.yaml +++ b/charts/postgres-operator/crds/postgresqls.yaml @@ -190,8 +190,6 @@ spec: type: boolean enableMasterLoadBalancer: type: boolean - enablePublicLoadBalancer: - type: boolean enableReplicaLoadBalancer: type: boolean enableShmVolume: @@ -208,6 +206,11 @@ spec: items: type: object additionalProperties: true + loadBalancerSchema: + type: string + enum: + - "internal" + - "public" logicalBackupSchedule: type: string pattern: '^(\d+|\*)(/\d+)?(\s+(\d+|\*)(/\d+)?){4}$' diff --git a/charts/postgres-operator/values-crd.yaml b/charts/postgres-operator/values-crd.yaml index 71c07e372..398875d3e 100644 --- a/charts/postgres-operator/values-crd.yaml +++ b/charts/postgres-operator/values-crd.yaml @@ -159,6 +159,8 @@ configTimeouts: # configure behavior of load balancers configLoadBalancer: + # global toggle to allow public load balancers + allow_public_load_balancers: "false" # annotations to apply to service when load balancing is enabled # custom_service_annotations: # keyx: valuez @@ -166,10 +168,10 @@ configLoadBalancer: # DNS zone for cluster DNS name when load balancer is configured for cluster db_hosted_zone: db.example.com + # internal will set the annotation service.beta.kubernetes.io/aws-load-balancer-internal, public not + default_load_balancer_schema: "internal" # toggles service type load balancer pointing to the master pod of the cluster enable_master_load_balancer: false - # toggles load balancer annotation service.beta.kubernetes.io/aws-load-balancer-internal - enable_public_load_balancer: false # toggles service type load balancer pointing to the replica pod of the cluster enable_replica_load_balancer: false # defines the DNS name string template for the master load balancer cluster diff --git a/charts/postgres-operator/values.yaml b/charts/postgres-operator/values.yaml index bdfd84e82..56e0339f2 100644 --- a/charts/postgres-operator/values.yaml +++ b/charts/postgres-operator/values.yaml @@ -150,15 +150,17 @@ configTimeouts: # configure behavior of load balancers configLoadBalancer: + # global toggle to allow public load balancers + allow_public_load_balancers: "false" # annotations to apply to service when load balancing is enabled # custom_service_annotations: "keyx:valuez,keya:valuea" # DNS zone for cluster DNS name when load balancer is configured for cluster db_hosted_zone: db.example.com + # internal will set the annotation service.beta.kubernetes.io/aws-load-balancer-internal, public not + default_load_balancer_schema: "internal" # toggles service type load balancer pointing to the master pod of the cluster enable_master_load_balancer: "false" - # toggles load balancer annotation service.beta.kubernetes.io/aws-load-balancer-internal - enable_public_load_balancer: "false" # toggles service type load balancer pointing to the replica pod of the cluster enable_replica_load_balancer: "false" # defines the DNS name string template for the master load balancer cluster diff --git a/docs/administrator.md b/docs/administrator.md index 8da97f5eb..039ab6896 100644 --- a/docs/administrator.md +++ b/docs/administrator.md @@ -400,8 +400,9 @@ services: config parameter `custom_service_annotations` or the cluster parameter `serviceAnnotations`. -If `enable_public_load_balancer` is disabled (default) another annotation is -added to indicate the usage of an internal ELB: +If `allow_public_load_balancer` is disabled or the the `loadBalancerSchema` is +set to `"internal"` another annotation is added to indicate the usage of an +internal ELB: - `service.beta.kubernetes.io/aws-load-balancer-internal: "true"` diff --git a/docs/reference/cluster_manifest.md b/docs/reference/cluster_manifest.md index 3d4337b64..6e7d68271 100644 --- a/docs/reference/cluster_manifest.md +++ b/docs/reference/cluster_manifest.md @@ -82,10 +82,10 @@ These parameters are grouped directly under the `spec` key in the manifest. `enable_replica_load_balancer` parameter) to define whether to enable the load balancer pointing to the Postgres standby instances. Optional. -* **enablePublicLoadBalancer** - boolean flag to override the operator defaults (set by the - `enable_public_load_balancer` parameter) to define whether to use an internal - or public ELB. Optional. +* **loadBalancerSchema** + can be either `internal` or `public`. Overrides the configured default schema + but will not work for `public`, if this is forbidden with + `allow_public_load_balancers` set to false. Optional. * **allowedSourceRanges** when one or more load balancers are enabled for the cluster, this parameter diff --git a/docs/reference/operator_parameters.md b/docs/reference/operator_parameters.md index d5f852674..fecb11775 100644 --- a/docs/reference/operator_parameters.md +++ b/docs/reference/operator_parameters.md @@ -418,12 +418,16 @@ In the CRD-based configuration they are grouped under the `load_balancer` key. cluster. Can be overridden by individual cluster settings. The default is `false`. -* **enable_public_load_balancer** - when using load balancer services they can be internal or public which can be - toggled with this option. The default is `false`. +* **default_load_balancer_schema** + when using load balancer services they can be `internal` or `public` which can + be toggled with this option. Note, that public load balancers must be allowed + via configuration (see next option). The default is `internal`. + +* **allow_public_load_balancers** + global toggle to allow usage of public load balancers. The default is `true`. * **custom_service_annotations** - This key/value map provides a list of annotations that get attached to each + this key/value map provides a list of annotations that get attached to each service of a cluster created by the operator. If the annotation key is also provided by the cluster definition, the manifest value is used. Optional. diff --git a/manifests/complete-postgres-manifest.yaml b/manifests/complete-postgres-manifest.yaml index 062a1f2ec..9193ab931 100644 --- a/manifests/complete-postgres-manifest.yaml +++ b/manifests/complete-postgres-manifest.yaml @@ -16,7 +16,7 @@ spec: - createdb enableMasterLoadBalancer: false enableReplicaLoadBalancer: false - enablePublicLoadBalancer: false +# loadBalancerSchema: "internal" # enableConnectionPooler: true # not needed when connectionPooler section is present (see below) allowedSourceRanges: # load balancers' source ranges for both master and replica services - 127.0.0.1/32 diff --git a/manifests/configmap.yaml b/manifests/configmap.yaml index 5d3a4006c..46f40bf32 100644 --- a/manifests/configmap.yaml +++ b/manifests/configmap.yaml @@ -5,6 +5,7 @@ metadata: data: # additional_secret_mount: "some-secret-name" # additional_secret_mount_path: "/some/dir" + allow_public_load_balancers: "false" api_port: "8080" aws_region: eu-central-1 cluster_domain: cluster.local @@ -29,6 +30,7 @@ data: # default_cpu_request: 100m # default_memory_limit: 500Mi # default_memory_request: 100Mi + default_load_balancer_schema: "internal" docker_image: registry.opensource.zalan.do/acid/spilo-12:1.6-p3 # downscaler_annotations: "deployment-time,downscaler/*" # enable_admin_role_for_users: "true" @@ -39,7 +41,6 @@ data: enable_master_load_balancer: "false" # enable_pod_antiaffinity: "false" # enable_pod_disruption_budget: "true" - enable_public_load_balancer: "false" enable_replica_load_balancer: "false" # enable_shm_volume: "true" # enable_sidecars: "true" diff --git a/manifests/operatorconfiguration.crd.yaml b/manifests/operatorconfiguration.crd.yaml index 514cad996..d01bfdaba 100644 --- a/manifests/operatorconfiguration.crd.yaml +++ b/manifests/operatorconfiguration.crd.yaml @@ -193,16 +193,19 @@ spec: load_balancer: type: object properties: + allow_public_load_balancers: + type: boolean custom_service_annotations: type: object additionalProperties: type: string db_hosted_zone: type: string - enable_master_load_balancer: - type: boolean - enable_public_load_balancer: - type: boolean + default_load_balancer_schema: + type: string + enum: + - "internal" + - "public" enable_replica_load_balancer: type: boolean master_dns_name_format: diff --git a/manifests/postgresql-operator-default-configuration.yaml b/manifests/postgresql-operator-default-configuration.yaml index 1ee0873c9..b5c6fbbc7 100644 --- a/manifests/postgresql-operator-default-configuration.yaml +++ b/manifests/postgresql-operator-default-configuration.yaml @@ -76,12 +76,13 @@ configuration: resource_check_interval: 3s resource_check_timeout: 10m load_balancer: + allow_public_load_balancers: false # custom_service_annotations: # keyx: valuex # keyy: valuey # db_hosted_zone: "" + default_load_balancer_schema: "internal" enable_master_load_balancer: false - enable_public_load_balancer: false enable_replica_load_balancer: false master_dns_name_format: "{cluster}.{team}.{hostedzone}" replica_dns_name_format: "{cluster}-repl.{team}.{hostedzone}" diff --git a/manifests/postgresql.crd.yaml b/manifests/postgresql.crd.yaml index 866d34bdd..4e9be04d0 100644 --- a/manifests/postgresql.crd.yaml +++ b/manifests/postgresql.crd.yaml @@ -154,8 +154,6 @@ spec: type: boolean enableMasterLoadBalancer: type: boolean - enablePublicLoadBalancer: - type: boolean enableReplicaLoadBalancer: type: boolean enableShmVolume: @@ -172,6 +170,11 @@ spec: items: type: object additionalProperties: true + loadBalancerSchema: + type: string + enum: + - "internal" + - "public" logicalBackupSchedule: type: string pattern: '^(\d+|\*)(/\d+)?(\s+(\d+|\*)(/\d+)?){4}$' diff --git a/pkg/apis/acid.zalan.do/v1/crds.go b/pkg/apis/acid.zalan.do/v1/crds.go index f431b81fd..2396dcf06 100644 --- a/pkg/apis/acid.zalan.do/v1/crds.go +++ b/pkg/apis/acid.zalan.do/v1/crds.go @@ -268,9 +268,6 @@ var PostgresCRDResourceValidation = apiextv1beta1.CustomResourceValidation{ "enableMasterLoadBalancer": { Type: "boolean", }, - "enablePublicLoadBalancer": { - Type: "boolean", - }, "enableReplicaLoadBalancer": { Type: "boolean", }, @@ -300,6 +297,17 @@ var PostgresCRDResourceValidation = apiextv1beta1.CustomResourceValidation{ }, }, }, + "loadBalancerSchema": { + Type: "string", + Enum: []apiextv1beta1.JSON{ + { + Raw: []byte(`"internal"`), + }, + { + Raw: []byte(`"public"`), + }, + }, + }, "logicalBackupSchedule": { Type: "string", Pattern: "^(\\d+|\\*)(/\\d+)?(\\s+(\\d+|\\*)(/\\d+)?){4}$", @@ -1051,6 +1059,9 @@ var OperatorConfigCRDResourceValidation = apiextv1beta1.CustomResourceValidation "load_balancer": { Type: "object", Properties: map[string]apiextv1beta1.JSONSchemaProps{ + "allow_public_load_balancers": { + Type: "boolean", + }, "custom_service_annotations": { Type: "object", AdditionalProperties: &apiextv1beta1.JSONSchemaPropsOrBool{ @@ -1062,10 +1073,18 @@ var OperatorConfigCRDResourceValidation = apiextv1beta1.CustomResourceValidation "db_hosted_zone": { Type: "string", }, - "enable_master_load_balancer": { - Type: "boolean", + "default_load_balancer_schema": { + Type: "string", + Enum: []apiextv1beta1.JSON{ + { + Raw: []byte(`"internal"`), + }, + { + Raw: []byte(`"public"`), + }, + }, }, - "enable_public_load_balancer": { + "enable_master_load_balancer": { Type: "boolean", }, "enable_replica_load_balancer": { diff --git a/pkg/apis/acid.zalan.do/v1/operator_configuration_type.go b/pkg/apis/acid.zalan.do/v1/operator_configuration_type.go index 783c303d0..b75711347 100644 --- a/pkg/apis/acid.zalan.do/v1/operator_configuration_type.go +++ b/pkg/apis/acid.zalan.do/v1/operator_configuration_type.go @@ -100,8 +100,9 @@ type OperatorTimeouts struct { type LoadBalancerConfiguration struct { DbHostedZone string `json:"db_hosted_zone,omitempty"` EnableMasterLoadBalancer bool `json:"enable_master_load_balancer,omitempty"` - EnablePublicLoadBalancer bool `json:"enable_public_load_balancer,omitempty"` EnableReplicaLoadBalancer bool `json:"enable_replica_load_balancer,omitempty"` + AllowPublicLoadBalancers *bool `json:"allow_public_load_balancers,omitempty"` + DefaultLoadBalancerSchema string `json:"default_load_balancer_schema,omitempty"` CustomServiceAnnotations map[string]string `json:"custom_service_annotations,omitempty"` MasterDNSNameFormat config.StringTemplate `json:"master_dns_name_format,omitempty"` ReplicaDNSNameFormat config.StringTemplate `json:"replica_dns_name_format,omitempty"` diff --git a/pkg/apis/acid.zalan.do/v1/postgresql_type.go b/pkg/apis/acid.zalan.do/v1/postgresql_type.go index 872589af3..637cda8f5 100644 --- a/pkg/apis/acid.zalan.do/v1/postgresql_type.go +++ b/pkg/apis/acid.zalan.do/v1/postgresql_type.go @@ -39,9 +39,9 @@ type PostgresSpec struct { // vars that enable load balancers are pointers because it is important to know if any of them is omitted from the Postgres manifest // in that case the var evaluates to nil and the value is taken from the operator config - EnableMasterLoadBalancer *bool `json:"enableMasterLoadBalancer,omitempty"` - EnablePublicLoadBalancer *bool `json:"enablePublicLoadBalancer,omitempty"` - EnableReplicaLoadBalancer *bool `json:"enableReplicaLoadBalancer,omitempty"` + EnableMasterLoadBalancer *bool `json:"enableMasterLoadBalancer,omitempty"` + EnableReplicaLoadBalancer *bool `json:"enableReplicaLoadBalancer,omitempty"` + LoadBalancerSchema string `json:"loadBalancerSchema,omitempty"` // deprecated load balancer settings maintained for backward compatibility // see "Load balancers" operator docs diff --git a/pkg/apis/acid.zalan.do/v1/zz_generated.deepcopy.go b/pkg/apis/acid.zalan.do/v1/zz_generated.deepcopy.go index be40c316e..91682077c 100644 --- a/pkg/apis/acid.zalan.do/v1/zz_generated.deepcopy.go +++ b/pkg/apis/acid.zalan.do/v1/zz_generated.deepcopy.go @@ -223,6 +223,11 @@ func (in *KubernetesMetaConfiguration) DeepCopy() *KubernetesMetaConfiguration { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *LoadBalancerConfiguration) DeepCopyInto(out *LoadBalancerConfiguration) { *out = *in + if in.AllowPublicLoadBalancers != nil { + in, out := &in.AllowPublicLoadBalancers, &out.AllowPublicLoadBalancers + *out = new(bool) + **out = **in + } if in.CustomServiceAnnotations != nil { in, out := &in.CustomServiceAnnotations, &out.CustomServiceAnnotations *out = make(map[string]string, len(*in)) @@ -525,11 +530,6 @@ func (in *PostgresSpec) DeepCopyInto(out *PostgresSpec) { *out = new(bool) **out = **in } - if in.EnablePublicLoadBalancer != nil { - in, out := &in.EnablePublicLoadBalancer, &out.EnablePublicLoadBalancer - *out = new(bool) - **out = **in - } if in.EnableReplicaLoadBalancer != nil { in, out := &in.EnableReplicaLoadBalancer, &out.EnableReplicaLoadBalancer *out = new(bool) diff --git a/pkg/cluster/cluster_test.go b/pkg/cluster/cluster_test.go index a6c8d39ee..03dc59cca 100644 --- a/pkg/cluster/cluster_test.go +++ b/pkg/cluster/cluster_test.go @@ -403,8 +403,9 @@ func TestServiceAnnotations(t *testing.T) { enableMasterLoadBalancerOC bool enableReplicaLoadBalancerSpec *bool enableReplicaLoadBalancerOC bool - enablePublicLoadBalancerSpec *bool - enablePublicLoadBalancerOC bool + allowPublicLoadBalancersOC *bool + loadBalancerSchemaSpec string + defaultLoadBalancerSchemaOC string operatorAnnotations map[string]string clusterAnnotations map[string]string expect map[string]string @@ -681,11 +682,12 @@ func TestServiceAnnotations(t *testing.T) { }, //PUBLIC { - about: "Public ELB disabled in spec and OperatorConfig", + about: "Internal ELB set in spec and OperatorConfig, but public LB allowed", role: "master", enableMasterLoadBalancerSpec: &enabled, - enablePublicLoadBalancerSpec: &disabled, - enablePublicLoadBalancerOC: false, + allowPublicLoadBalancersOC: &enabled, + loadBalancerSchemaSpec: "internal", + defaultLoadBalancerSchemaOC: "internal", operatorAnnotations: make(map[string]string), clusterAnnotations: make(map[string]string), expect: map[string]string{ @@ -695,11 +697,12 @@ func TestServiceAnnotations(t *testing.T) { }, }, { - about: "Enable public ELB with EnablePublicLoadBalancer in spec but disabled in OperatorConfig", + about: "Internal ELB set in OperatorConfig overwritten by spec. Public LB allowed", role: "master", enableMasterLoadBalancerSpec: &enabled, - enablePublicLoadBalancerSpec: &enabled, - enablePublicLoadBalancerOC: false, + allowPublicLoadBalancersOC: &enabled, + loadBalancerSchemaSpec: "public", + defaultLoadBalancerSchemaOC: "internal", operatorAnnotations: make(map[string]string), clusterAnnotations: make(map[string]string), expect: map[string]string{ @@ -708,15 +711,32 @@ func TestServiceAnnotations(t *testing.T) { }, }, { - about: "Enable public ELB with enable_public_load_balancer in OperatorConfig", + about: "Public ELB set in OperatorConfig overwritten by spec. Public LB allowed", role: "master", enableMasterLoadBalancerSpec: &enabled, - enablePublicLoadBalancerOC: true, + allowPublicLoadBalancersOC: &enabled, + loadBalancerSchemaSpec: "internal", + defaultLoadBalancerSchemaOC: "public", operatorAnnotations: make(map[string]string), clusterAnnotations: make(map[string]string), expect: map[string]string{ "external-dns.alpha.kubernetes.io/hostname": "test.acid.db.example.com", "service.beta.kubernetes.io/aws-load-balancer-connection-idle-timeout": "3600", + "service.beta.kubernetes.io/aws-load-balancer-internal": "true", + }, + }, + { + about: "Public ELB set in spec, but not globally not allowed", + role: "master", + enableMasterLoadBalancerSpec: &enabled, + allowPublicLoadBalancersOC: &disabled, + loadBalancerSchemaSpec: "public", + operatorAnnotations: make(map[string]string), + clusterAnnotations: make(map[string]string), + expect: map[string]string{ + "external-dns.alpha.kubernetes.io/hostname": "test.acid.db.example.com", + "service.beta.kubernetes.io/aws-load-balancer-connection-idle-timeout": "3600", + "service.beta.kubernetes.io/aws-load-balancer-internal": "true", }, }, // COMMON @@ -743,7 +763,8 @@ func TestServiceAnnotations(t *testing.T) { cl.OpConfig.CustomServiceAnnotations = tt.operatorAnnotations cl.OpConfig.EnableMasterLoadBalancer = tt.enableMasterLoadBalancerOC cl.OpConfig.EnableReplicaLoadBalancer = tt.enableReplicaLoadBalancerOC - cl.OpConfig.EnablePublicLoadBalancer = tt.enablePublicLoadBalancerOC + cl.OpConfig.AllowPublicLoadBalancers = tt.allowPublicLoadBalancersOC + cl.OpConfig.DefaultLoadBalancerSchema = tt.defaultLoadBalancerSchemaOC cl.OpConfig.MasterDNSNameFormat = "{cluster}.{team}.{hostedzone}" cl.OpConfig.ReplicaDNSNameFormat = "{cluster}-repl.{team}.{hostedzone}" cl.OpConfig.DbHostedZone = "db.example.com" @@ -753,7 +774,7 @@ func TestServiceAnnotations(t *testing.T) { cl.Postgresql.Spec.ServiceAnnotations = tt.clusterAnnotations cl.Postgresql.Spec.EnableMasterLoadBalancer = tt.enableMasterLoadBalancerSpec cl.Postgresql.Spec.EnableReplicaLoadBalancer = tt.enableReplicaLoadBalancerSpec - cl.Postgresql.Spec.EnablePublicLoadBalancer = tt.enablePublicLoadBalancerSpec + cl.Postgresql.Spec.LoadBalancerSchema = tt.loadBalancerSchemaSpec got := cl.generateServiceAnnotations(tt.role, &cl.Postgresql.Spec) if len(tt.expect) != len(got) { diff --git a/pkg/cluster/k8sres.go b/pkg/cluster/k8sres.go index 47a2e4579..d725745af 100644 --- a/pkg/cluster/k8sres.go +++ b/pkg/cluster/k8sres.go @@ -1527,13 +1527,18 @@ func (c *Cluster) shouldCreateLoadBalancerForService(role PostgresRole, spec *ac func (c *Cluster) shouldUseInternalLoadBalancerForService(spec *acidv1.PostgresSpec) bool { + // check if public load balancers are even allowed + if c.OpConfig.AllowPublicLoadBalancers == nil || !(*c.OpConfig.AllowPublicLoadBalancers) { + return true + } + // if the value is explicitly set in a Postgresql manifest, follow this setting - if spec.EnablePublicLoadBalancer != nil { - return !(*spec.EnablePublicLoadBalancer) + if spec.LoadBalancerSchema != "" { + return spec.LoadBalancerSchema == "internal" } // otherwise, follow the operator configuration - return !c.OpConfig.EnablePublicLoadBalancer + return c.OpConfig.DefaultLoadBalancerSchema == "internal" } func (c *Cluster) generateService(role PostgresRole, spec *acidv1.PostgresSpec) *v1.Service { diff --git a/pkg/controller/operator_config.go b/pkg/controller/operator_config.go index 37ae0a21c..32eeba3c9 100644 --- a/pkg/controller/operator_config.go +++ b/pkg/controller/operator_config.go @@ -101,8 +101,9 @@ func (c *Controller) importConfigurationFromCRD(fromCRD *acidv1.OperatorConfigur // load balancer config result.DbHostedZone = fromCRD.LoadBalancer.DbHostedZone result.EnableMasterLoadBalancer = fromCRD.LoadBalancer.EnableMasterLoadBalancer - result.EnablePublicLoadBalancer = fromCRD.LoadBalancer.EnablePublicLoadBalancer result.EnableReplicaLoadBalancer = fromCRD.LoadBalancer.EnableReplicaLoadBalancer + result.AllowPublicLoadBalancers = util.CoalesceBool(fromCRD.LoadBalancer.AllowPublicLoadBalancers, util.True()) + result.DefaultLoadBalancerSchema = util.Coalesce(fromCRD.LoadBalancer.DefaultLoadBalancerSchema, "internal") result.CustomServiceAnnotations = fromCRD.LoadBalancer.CustomServiceAnnotations result.MasterDNSNameFormat = fromCRD.LoadBalancer.MasterDNSNameFormat result.ReplicaDNSNameFormat = fromCRD.LoadBalancer.ReplicaDNSNameFormat diff --git a/pkg/util/config/config.go b/pkg/util/config/config.go index cd1b2a6b0..f2eac3de3 100644 --- a/pkg/util/config/config.go +++ b/pkg/util/config/config.go @@ -135,8 +135,9 @@ type Config struct { TeamAdminRole string `name:"team_admin_role" default:"admin"` EnableAdminRoleForUsers bool `name:"enable_admin_role_for_users" default:"true"` EnableMasterLoadBalancer bool `name:"enable_master_load_balancer" default:"false"` - EnablePublicLoadBalancer bool `name:"enable_public_load_balancer" default:"false"` EnableReplicaLoadBalancer bool `name:"enable_replica_load_balancer" default:"false"` + AllowPublicLoadBalancers *bool `name:"allow_public_load_balancers" default:"true"` + DefaultLoadBalancerSchema string `name:"default_load_balancer_schema" default:"true"` CustomServiceAnnotations map[string]string `name:"custom_service_annotations"` CustomPodAnnotations map[string]string `name:"custom_pod_annotations"` EnablePodAntiAffinity bool `name:"enable_pod_antiaffinity" default:"false"`