Refactored to use v13

2026-05-02 10:46:51 +00:00
parent e5ef94def8
commit 7e17336bcf
1 changed files with 47 additions and 45 deletions
@@ -35,6 +35,7 @@ spec:
    requests:
      storage: 1Gi
 ---
+# 1. Aspire Dashboard Deployment
 apiVersion: apps/v1
 kind: Deployment
 metadata:
@@ -50,9 +51,11 @@ spec:
      labels:
        app: aspire-dashboard
    spec:
+      securityContext:
+        fsGroup: 1000 
      containers:
        - name: dashboard
-          image: mcr.microsoft.com/dotnet/aspire-dashboard:8.0
+          image: mcr.microsoft.com/dotnet/aspire-dashboard:13
          ports:
            - name: ui
              containerPort: 18888
@@ -61,30 +64,20 @@ spec:
            - name: otlp-http
              containerPort: 18890
          env:
+            - name: DOTNET_DASHBOARD_UNSECURED_ALLOW_ANONYMOUS
+              value: "true"
+            - name: ASPNETCORE_URLS
+              value: "http://0.0.0.0:18888"
+            - name: DOTNET_DASHBOARD_OTLP_ENDPOINT_URL
+              value: "http://0.0.0.0:18889"
+            - name: DOTNET_DASHBOARD_OTLP_HTTP_ENDPOINT_URL
+              value: "http://0.0.0.0:18890"
            - name: Dashboard__ApplicationName
              value: "Khongisa Monitoring"
-            - name: Dashboard__Frontend__EndpointUrls
-              value: "http://0.0.0.0:18888"
-            - name: Dashboard__Otlp__EndpointUrl
-              value: "http://0.0.0.0:18889"
-            - name: Dashboard__Otlp__HttpEndpointUrl
-              value: "http://0.0.0.0:18890"
-            - name: ASPIRE_ALLOW_UNSECURED_TRANSPORT
-              value: "true"
-            - name: Dashboard__Frontend__AuthMode
-              value: "BrowserToken"
-            - name: Dashboard__Frontend__BrowserToken
-              valueFrom:
-                secretKeyRef:
-                  name: aspire-dashboard-auth
-                  key: dashboard-token
-            - name: Dashboard__Otlp__AuthMode
-              value: "ApiKey"
-            - name: Dashboard__Otlp__PrimaryApiKey
-              valueFrom:
-                secretKeyRef:
-                  name: aspire-dashboard-auth
-                  key: otlp-api-key
+            - name: Dashboard__TelemetryLimits__MaxLogCount
+              value: "50000"
+            - name: Dashboard__ResourceServiceClient__AuthMode
+              value: "Unsecured"
          volumeMounts:
            - name: aspire-keys
              mountPath: /home/app/.aspnet/DataProtection-Keys
@@ -92,7 +85,9 @@ spec:
        - name: aspire-keys
          persistentVolumeClaim:
            claimName: aspire-dashboard-pvc
+
 ---
+# 2. UI & Telemetry Service (Combined)
 apiVersion: v1
 kind: Service
 metadata:
@@ -106,43 +101,50 @@ spec:
    - name: ui
      port: 18888
      targetPort: 18888
-    - name: otlp-grpc
-      port: 18889
-      targetPort: 18889
    - name: otlp-http
      port: 18890
      targetPort: 18890
+
 ---
+# 3. Path Stripping Middleware
+# This removes /otlp-http from the URL before sending it to the pod
+apiVersion: traefik.io/v1alpha1
+kind: Middleware
+metadata:
+  name: aspire-otlp-strip-prefix
+  namespace: aspire
+spec:
+  stripPrefix:
+    prefixes:
+      - /otlp-http
+
+---
+# 4. IngressRoute (Updated for UI and Telemetry Path)
 apiVersion: traefik.io/v1alpha1
 kind: IngressRoute
 metadata:
-  name: aspire-dashboard-web
+  name: aspire-dashboard-ui-web
  namespace: aspire
 spec:
  entryPoints:
    - websecure
  routes:
-    - match: Host(`aspire.khongisa.co.za`) && PathPrefix(`/`)
-      kind: Rule
-      services:
-        - name: aspire-dashboard-service
-          port: 18888
-    - match: Host(`aspire.khongisa.co.za`) && PathPrefix(`/otlp`)
+    # Telemetry Route: Catches your app traffic
+    - match: Host(`aspire.khongisa.co.za`) && PathPrefix(`/otlp-http`)
      kind: Rule
+      priority: 20
      middlewares:
-        - name: aspire-strip-prefix
+        - name: aspire-otlp-strip-prefix
      services:
        - name: aspire-dashboard-service
          port: 18890
+    
+    # UI Route: Standard access
+    - match: Host(`aspire.khongisa.co.za`) && PathPrefix(`/`)
+      kind: Rule
+      priority: 10
+      services:
+        - name: aspire-dashboard-service
+          port: 18888
  tls:
-    secretName: aspire-cert-secret
---
-apiVersion: traefik.io/v1alpha1
-kind: Middleware
-metadata:
-  name: aspire-strip-prefix
-  namespace: aspire
-spec:
-  stripPrefix:
-    prefixes:
-      - /otlp
+    secretName: aspire-cert-secret