stable/unifi: Added "unified service" option to place everything under one service (#11550)

Signed-off-by: Mike Cronce <mike@quadra-tec.net>
2025-02-03 07:49:03 +00:00 · 2019-03-03 08:31:08 -05:00 · 2019-03-03 08:31:08 -05:00 · 652612e76b
commit 652612e76b
parent 93addda234
9 changed files with 126 additions and 3 deletions
--- a/charts/unifi/Chart.yaml
+++ b/charts/unifi/Chart.yaml
@ -2,7 +2,7 @@ apiVersion: v1
 appVersion: 5.9.29
 description: Ubiquiti Network's Unifi Controller
 name: unifi
-version: 0.3.1
+version: 0.3.2
 keywords:
  - ubiquiti
  - unifi
--- a/charts/unifi/README.md
+++ b/charts/unifi/README.md
@ -67,6 +67,13 @@ The following tables lists the configurable parameters of the Unifi chart and th
 | `discoveryService.loadBalancerIP`            | Loadbalance IP for AP discovery                                                                                        | `{}`                         |
 | `discoveryService.loadBalancerSourceRanges`  | List of IP CIDRs allowed access to load balancer (if supported)                                                        | None                         |
 | `discoveryService.externalTrafficPolicy`     | Set the externalTrafficPolicy in the Service to either Cluster or Local                                                | `Cluster`                    |
+| `unifiedService.enabled`                     | Use a single service for GUI, controller, STUN, and discovery                                                          | `false`                      |
+| `unifiedService.type`                        | Kubernetes service type for the unified service                                                                        | `ClusterIP`                  |
+| `unifiedService.annotations`                 | Annotations for the unified service                                                                                    | `{}`                         |
+| `unifiedService.labels`                      | Custom labels for the unified service                                                                                  | `{}`                         |
+| `unifiedService.loadBalancerIP`              | Load balancer IP for the unified service                                                                               | None                         |
+| `unifiedService.loadBalancerSourceRanges`    | List of IP CIDRs allowed access to the load balancer (if supported)                                                    | None                         |
+| `unifiedService.externalTrafficPolicy`       | Set the externalTrafficPolicy in the service to either Cluster or Local                                                | `Cluster`                    |
 | `ingress.enabled`                            | Enables Ingress                                                                                                        | `false`                      |
 | `ingress.annotations`                        | Ingress annotations                                                                                                    | `{}`                         |
 | `ingress.labels`                             | Custom labels                                                                                                          | `{}`                         |
--- a/charts/unifi/templates/controller-svc.yaml
+++ b/charts/unifi/templates/controller-svc.yaml
@ -1,3 +1,4 @@
+{{ if not .Values.unifiedService.enabled }}
 apiVersion: v1
 kind: Service
 metadata:
@ -50,3 +51,4 @@ spec:
  selector:
    app: {{ template "unifi.name" . }}
    release: {{ .Release.Name }}
+{{ end }}
--- a/charts/unifi/templates/discovery-svc.yaml
+++ b/charts/unifi/templates/discovery-svc.yaml
@ -1,3 +1,4 @@
+{{ if not .Values.unifiedService.enabled }}
 apiVersion: v1
 kind: Service
 metadata:
@ -50,3 +51,4 @@ spec:
  selector:
    app: {{ template "unifi.name" . }}
    release: {{ .Release.Name }}
+{{ end }}
--- a/charts/unifi/templates/gui-svc.yaml
+++ b/charts/unifi/templates/gui-svc.yaml
@ -1,3 +1,4 @@
+{{ if not .Values.unifiedService.enabled }}
 apiVersion: v1
 kind: Service
 metadata:
@ -49,4 +50,5 @@ spec:
 {{ end }}
  selector:
    app: {{ template "unifi.name" . }}
-    release: {{ .Release.Name }}
+    release: {{ .Release.Name }}
+{{ end }}
--- a/charts/unifi/templates/ingress.yaml
+++ b/charts/unifi/templates/ingress.yaml
@ -32,7 +32,11 @@ spec:
        paths:
          - path: {{ $ingressPath }}
            backend:
+              {{- if .Values.unifiedService.enabled }}
+              serviceName: {{ $fullName }}
+              {{- else }}
              serviceName: {{ $fullName }}-gui
+              {{- end }}
              servicePort: https-gui
  {{- end }}
 {{- end }}
--- a/charts/unifi/templates/stun-svc.yaml
+++ b/charts/unifi/templates/stun-svc.yaml
@ -1,3 +1,4 @@
+{{ if not .Values.unifiedService.enabled }}
 apiVersion: v1
 kind: Service
 metadata:
@ -49,4 +50,5 @@ spec:
 {{ end }}
  selector:
    app: {{ template "unifi.name" . }}
-    release: {{ .Release.Name }}
+    release: {{ .Release.Name }}
+{{ end }}
--- a/charts/unifi/templates/unified-svc.yaml
+++ b/charts/unifi/templates/unified-svc.yaml
@ -0,0 +1,76 @@
+{{ if .Values.unifiedService.enabled }}
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ template "unifi.fullname" . }}
+  labels:
+    app: {{ template "unifi.name" . }}
+    chart: {{ template "unifi.chart" . }}
+    release: {{ .Release.Name }}
+    heritage: {{ .Release.Service }}
+{{- if .Values.unifiedService.labels }}
+{{ toYaml .Values.unifiedService.labels | indent 4 }}
+{{- end }}
+{{- with .Values.unifiedService.annotations }}
+  annotations:
+{{ toYaml . | indent 4 }}
+{{- end }}
+spec:
+{{- if (or (eq .Values.unifiedService.type "ClusterIP") (empty .Values.unifiedService.type)) }}
+  type: ClusterIP
+  {{- if .Values.unifiedService.clusterIP }}
+  clusterIP: {{ .Values.unifiedService.clusterIP }}
+  {{end}}
+{{- else if eq .Values.unifiedService.type "LoadBalancer" }}
+  type: {{ .Values.unifiedService.type }}
+  {{- if .Values.unifiedService.loadBalancerIP }}
+  loadBalancerIP: {{ .Values.unifiedService.loadBalancerIP }}
+  {{- end }}
+  {{- if .Values.unifiedService.loadBalancerSourceRanges }}
+  loadBalancerSourceRanges:
+{{ toYaml .Values.unifiedService.loadBalancerSourceRanges | indent 4 }}
+  {{- end -}}
+{{- else }}
+  type: {{ .Values.unifiedService.type }}
+{{- end }}
+{{- if .Values.unifiedService.externalIPs }}
+  externalIPs:
+{{ toYaml .Values.unifiedService.externalIPs | indent 4 }}
+{{- end }}
+  {{- if .Values.unifiedService.externalTrafficPolicy }}
+  externalTrafficPolicy: {{ .Values.unifiedService.externalTrafficPolicy }}
+  {{- end }}
+  ports:
+    - port: {{ .Values.controllerService.port }}
+      targetPort: controller
+      protocol: TCP
+      name: controller
+{{ if (and (eq .Values.unifiedService.type "NodePort") (not (empty .Values.controllerService.nodePort))) }}
+      nodePort: {{.Values.controllerService.nodePort}}
+{{ end }}
+    - port: {{ .Values.discoveryService.port }}
+      targetPort: discovery
+      protocol: UDP
+      name: discovery
+{{ if (and (eq .Values.unifiedService.type "NodePort") (not (empty .Values.discoveryService.nodePort))) }}
+      nodePort: {{.Values.discoveryService.nodePort}}
+{{ end }}
+    - port: {{ .Values.stunService.port }}
+      targetPort: stun
+      protocol: UDP
+      name: stun
+{{ if (and (eq .Values.unifiedService.type "NodePort") (not (empty .Values.stunService.nodePort))) }}
+      nodePort: {{.Values.stunService.nodePort}}
+{{ end }}
+    - name: https-gui
+      port: {{ .Values.guiService.port }}
+      protocol: TCP
+      targetPort: https-gui
+{{ if (and (eq .Values.unifiedService.type "NodePort") (not (empty .Values.guiService.nodePort))) }}
+      nodePort: {{.Values.guiService.nodePort}}
+{{ end }}
+  selector:
+    app: {{ template "unifi.name" . }}
+    release: {{ .Release.Name }}
+{{ end }}
+
--- a/charts/unifi/values.yaml
+++ b/charts/unifi/values.yaml
@ -9,6 +9,34 @@ image:
  tag: 5.9.29
  pullPolicy: IfNotPresent

+# If enabled, the controller, discovery, GUI, and STUN services will not be
+# created.
+# Instead, one service will be created with the port and nodePort settings from
+# controllerService, discoveryService, guiService, and stunService.
+# This is useful if, for example, the ClusterIP network is routable and being
+# accessed directly by access points, and the APs don't have a way to discern
+# different services on different IPs.
+unifiedService:
+  enabled: false
+  type: ClusterIP
+  ## Specify the nodePort value for the LoadBalancer and NodePort service types.
+  ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport
+  ##
+  # nodePort:
+  ## Provide any additional annotations which may be required. This can be used to
+  ## set the LoadBalancer service type to internal only.
+  ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#internal-load-balancer
+  ##
+  annotations: {}
+  labels: {}
+  ## Use loadBalancerIP to request a specific static IP,
+  ## otherwise leave blank
+  ##
+  loadBalancerIP:
+  # loadBalancerSourceRanges: []
+  ## Set the externalTrafficPolicy in the Service to either Cluster or Local
+  # externalTrafficPolicy: Cluster
+
 guiService:
  type: ClusterIP
  port: 8443