Helm & Kubernetes¶
Note
We use the chart internally to deploy the proxy in our clusters, so it’s safe to say that a given version works. However, as we go towards general availability, we will most probably make breaking changes to the configuration format and to the chart content. Please review the chart content before upgrading.
Install or upgrade¶
You can install the published helm chart using the following command:
helm upgrade --install my-proxy oci://europe-west1-docker.pkg.dev/makersquad/harp/harp-proxy
This will install (or upgrade) the latest version of the Harp proxy. If you want to install a specific version, you can
specify it using the --version
flag.
The «my-proxy» string is the name of the release. You can choose any name you want.
Services¶
Services are defined for each of the enpoints configured in your values. If you define a foobar
endpoint, you will
get an internal foobar-proxy
service in your cluster, that your applications can use as the proxied endpoint.
Ingress¶
You can enable the dashboard ingress by setting ingress.enabled
to true
in your values. Make sure to add
authentication if your cluster is public!
Database¶
The chart has an optional PostgreSQL dependency that can be used to spawn a database for the proxy. You can enable it by
setting postgresql.enabled
to true
in your values, and eventually settings for the related chart.
Values¶
# Default values for harp-proxy.
replicaCount: 1
image:
repository: makersquad/harp-proxy
pullPolicy: IfNotPresent
harp:
container:
command: ["/tini", "--", "/opt/venv/bin/python3", "-m", "harp"]
subcommand: ["server"]
arguments: []
env:
USE_PROMETHEUS: "true"
settings: {}
endpoints:
- name: httpbin
port: "8080"
remote:
min_pool_size: 2
endpoints:
- url: https://httpbin.org/
liveness:
type: leaky
probe:
method: GET
path: /
timeout: 10.0
postgresql:
enabled: false
service:
ports:
postgresql: 5432
imagePullSecrets: []
nameOverride: ""
fullnameOverride: ""
serviceAccount:
# Specifies whether a service account should be created
create: true
# Annotations to add to the service account
annotations: {}
# The name of the service account to use.
# If not set and create is true, a name is generated using the fullname template
name: ""
podAnnotations: {}
podSecurityContext: {}
# fsGroup: 2000
securityContext: {}
# capabilities:
# drop:
# - ALL
# readOnlyRootFilesystem: true
# runAsNonRoot: true
# runAsUser: 1000
service:
type: ClusterIP
port: 4080
ingress:
enabled: false
className: ""
annotations: {}
# kubernetes.io/ingress.class: nginx
# kubernetes.io/tls-acme: "true"
hosts:
- host: chart-example.local
paths:
- path: /
pathType: ImplementationSpecific
tls: []
# - secretName: chart-example-tls
# hosts:
# - chart-example.local
resources: {}
# We usually recommend not to specify default resources and to leave this as a conscious
# choice for the user. This also increases chances charts run on environments with little
# resources, such as Minikube. If you do want to specify resources, uncomment the following
# lines, adjust them as necessary, and remove the curly braces after 'resources:'.
# limits:
# cpu: 100m
# memory: 128Mi
# requests:
# cpu: 100m
# memory: 128Mi
autoscaling:
enabled: false
minReplicas: 1
maxReplicas: 100
targetCPUUtilizationPercentage: 80
# targetMemoryUtilizationPercentage: 80
nodeSelector: {}
tolerations: []
affinity: {}