Helm Chart

wlanboy · wlanboy · commit 9ea7ae8fd55b · 2025-11-29T13:17:43.000+01:00
diff --git a/webshell-chart/Chart.yaml b/webshell-chart/Chart.yaml
@@ -0,0 +1,6 @@
+apiVersion: v2
+name: webshell
+description: Webshell deployment with Istio Gateway and cert-manager
+type: application
+version: 0.1.0
+appVersion: "latest"
diff --git a/webshell-chart/readme.md b/webshell-chart/readme.md
@@ -0,0 +1,16 @@
+```bash
+helm install webshell . -n shells --create-namespace
+```
+
+```bash
+kubectl get secret webshell-tls -n istio-ingress
+kubectl get gateway,virtualservice -n shells
+```
+
+```bash
+helm upgrade webshell . -n shells 
+```
+
+```bash
+helm uninstall webshell -n shells
+```
diff --git a/webshell-chart/templates/certificate.yaml b/webshell-chart/templates/certificate.yaml
@@ -0,0 +1,18 @@
+{{- if .Values.certManager.enabled }}
+apiVersion: cert-manager.io/v1
+kind: Certificate
+metadata:
+  name: {{ .Values.istio.tls.secretName }}
+  namespace: {{ .Values.istio.gatewayNamespace}}
+spec:
+  secretName: {{ .Values.istio.tls.secretName }}
+  issuerRef:
+    name: {{ .Values.certManager.issuerRef.name }}
+    kind: {{ .Values.certManager.issuerRef.kind }}
+  dnsNames:
+{{- range .Values.certManager.dnsNames }}
+    - {{ . }}
+{{- end }}
+  privateKey:
+    rotationPolicy: Always
+{{- end }}
diff --git a/webshell-chart/templates/deployment.yaml b/webshell-chart/templates/deployment.yaml
@@ -0,0 +1,28 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: webshell
+spec:
+  replicas: {{ .Values.replicaCount }}
+  selector:
+    matchLabels:
+      app: webshell
+  template:
+    metadata:
+      labels:
+        app: webshell
+        sidecar.istio.io/inject: "true"
+    spec:
+      containers:
+        - name: webshell
+          image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
+          imagePullPolicy: {{ .Values.image.pullPolicy }}
+          ports:
+            - containerPort: {{ .Values.service.targetPort }}
+          volumeMounts:
+            - name: tmp-volume
+              mountPath: {{ .Values.volume.mountPath }}
+      volumes:
+        - name: tmp-volume
+          persistentVolumeClaim:
+            claimName: {{ .Values.pvc.name }}
diff --git a/webshell-chart/templates/gateway.yaml b/webshell-chart/templates/gateway.yaml
@@ -0,0 +1,23 @@
+apiVersion: networking.istio.io/v1beta1
+kind: Gateway
+metadata:
+  name: {{ .Values.istio.gatewayName }}
+spec:
+  selector:
+    istio: ingressgateway
+  servers:
+    - port:
+        number: 443
+        name: https
+        protocol: HTTPS
+      hosts:
+        - {{ .Values.istio.host }}
+      tls:
+        mode: SIMPLE
+        credentialName: {{ .Values.istio.tls.secretName }}
+    - port:
+        number: 80
+        name: http
+        protocol: HTTP
+      hosts:
+        - {{ .Values.istio.host }}
diff --git a/webshell-chart/templates/pvc.yaml b/webshell-chart/templates/pvc.yaml
@@ -0,0 +1,14 @@
+{{- if .Values.pvc.enabled }}
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: {{ .Values.pvc.name }}
+spec:
+  accessModes: {{ toJson .Values.pvc.accessModes }}
+  {{- if .Values.pvc.storageClassName }}
+  storageClassName: {{ .Values.pvc.storageClassName }}
+  {{- end }}
+  resources:
+    requests:
+      storage: {{ .Values.pvc.size }}
+{{- end }}
diff --git a/webshell-chart/templates/service.yaml b/webshell-chart/templates/service.yaml
@@ -0,0 +1,12 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ .Values.service.name }}
+spec:
+  type: {{ .Values.service.type }}
+  selector:
+    app: webshell
+  ports:
+    - name: http
+      port: {{ .Values.service.port }}
+      targetPort: {{ .Values.service.targetPort }}
diff --git a/webshell-chart/templates/virtualservice.yaml b/webshell-chart/templates/virtualservice.yaml
@@ -0,0 +1,20 @@
+apiVersion: networking.istio.io/v1beta1
+kind: VirtualService
+metadata:
+  name: webshell-vs
+spec:
+  hosts:
+    - {{ .Values.istio.host }}
+  exportTo:
+  - "."
+  - istio-ingress
+  - istio-system
+  gateways:
+    - {{ .Values.istio.gatewayName }}
+    - mesh
+  http:
+    - route:
+        - destination:
+            host: {{ .Values.service.name }}
+            port:
+              number: {{ .Values.service.port }}
diff --git a/webshell-chart/values.yaml b/webshell-chart/values.yaml
@@ -0,0 +1,39 @@
+image:
+  repository: wlanboy/webshell
+  tag: latest
+  pullPolicy: IfNotPresent
+
+replicaCount: 1
+
+service:
+  name: webshell-svc
+  type: ClusterIP
+  port: 8080
+  targetPort: 8001
+
+pvc:
+  enabled: true
+  name: webshell-tmp-pvc
+  accessModes:
+    - ReadWriteOnce
+  storageClassName: ""
+  size: "100Mi"
+
+volume:
+  mountPath: /tmp
+
+istio:
+  gatewayName: webshell-gw
+  gatewayNamespace: "istio-ingress"
+  host: webshell.tp.lan
+  tls:
+    enabled: true
+    secretName: webshell-tls
+
+certManager:
+  enabled: true
+  issuerRef:
+    kind: ClusterIssuer
+    name: "local-ca-issuer"
+  dnsNames:
+    - webshell.tp.lan
