K
Q

Specify proxy for helm repository in terraform for azure china

3/10/2021

I am trying to deploy a helm chart via terraform to Azure Kubernetes Service in China. The problem is that I cannot pull images from k8s.gcr.io/ingress-nginx. I need to specify a proxy as described in https://github.com/Azure/container-service-for-azure-china/blob/master/aks/README.md#22-container-registry-proxy but I don't know how to do this via terraform. In west europe my resource simply looks like 

resource "helm_release" "nginx_ingress" {
  name      = "ingress-nginx"
  chart     = "ingress-nginx"
  repository = "https://kubernetes.github.io/ingress-nginx"
  namespace = kubernetes_namespace.nginx_ingress.metadata[0].name

  set {
    name  = "controller.service.annotations.service\\.beta\\.kubernetes\\.io/azure-load-balancer-resource-group"
    value = azurerm_public_ip.nginx_ingress_pip.resource_group_name
  }

  set {
    name  = "controller.service.loadBalancerIP"
    value = azurerm_public_ip.nginx_ingress_pip.ip_address
  }
}

How do I get the proxy settings in there? Any help is greatly appreciated.

-- Mark
azure
azure-china
kubernetes
kubernetes-helm
terraform

Similar Questions

Use Kubernetes secrets as environment variables inside a config map
How to avoid error "VP Notify mechanism incomplete after" in Informix using Kubernetes?
nginx-ingress-controller: Error while initializing connection to Kubernetes apiserver
How to Change Kubernetes Node Status from "Ready" to "NotReady" by changing CPU Utilization or memory utilization or Disk Pressure?
how to port forward openshift pod with all of its ports?

2 Answers

3/11/2021

AFIK, Helm provider for terraform does not support proxy settings yet. There is a pull request being discussed under this thread: https://github.com/hashicorp/terraform-provider-helm/issues/552

Until this feature is implemented you may consider other temporary workarounds like make a copy of the chart on your terraform repo and reference it from the helm provider.

-- Jaime S
Source: StackOverflow
3/11/2021

Turns out I had some problems figuring out how to modify the helm chart in the correct way plus the solution was not exactly a proxy configuration but to directly use a different repository for the image pull. This works:

resource "helm_release" "nginx_ingress" {
  name      = "ingress-nginx"
  chart     = "ingress-nginx"
  repository = "https://kubernetes.github.io/ingress-nginx"
  namespace = kubernetes_namespace.nginx_ingress.metadata[0].name

  set {
    name  = "controller.service.annotations.service\\.beta\\.kubernetes\\.io/azure-load-balancer-resource-group"
    value = azurerm_public_ip.nginx_ingress_pip.resource_group_name
  }

  set {
    name  = "controller.service.loadBalancerIP"
    value = azurerm_public_ip.nginx_ingress_pip.ip_address
  }

  set {
    name = "controller.image.repository"
    value = "k8sgcr.azk8s.cn/ingress-nginx/controller"
  }
}

Thank you anyways for your input!

-- Mark
Source: StackOverflow