feat(lighthouse): add support for LB service

charts/lighthouse/README.md

@@ -93,6 +93,15 @@ We do not recommend that you upgrade the application by overriding `image.tag`.
  | lighthouse.jwt.existingSecret.name | Name of the Secret resource in the same namespace | string | `""` |
  | lighthouse.jwt.fromLiteral | Use this literal value for the JWT | string | `""` |
  | lighthouse.nodeSelector |  | object | `{}` |
+ | lighthouse.p2p.service.advertiseIP | IP address to explicitly advertise in ENR (overrides autodetection and LB IP) | string | `""` |
+ | lighthouse.p2p.service.annotations | Annotations to add to the P2P Service (e.g., Cilium sharing keys) | object | `{}` |
+ | lighthouse.p2p.service.enabled | Enable a dedicated P2P Service | bool | `false` |
+ | lighthouse.p2p.service.externalIPs | Fixed external IPs to bind the Service to (requires upstream routing) | list | `[]` |
+ | lighthouse.p2p.service.externalTrafficPolicy | External traffic policy | string | `"Local"` |
+ | lighthouse.p2p.service.labels | Additional labels to add to the P2P Service | object | `{}` |
+ | lighthouse.p2p.service.loadBalancerIP | When using a LoadBalancer and your cloud supports it, set a specific LB IP | string | `""` |
+ | lighthouse.p2p.service.loadBalancerSourceRanges | Restrict which source ranges can access the LoadBalancer (CIDRs) | list | `[]` |
+ | lighthouse.p2p.service.type | Service type for P2P exposure | string | `"LoadBalancer"` |
  | lighthouse.p2pHostPort.enabled | Expose P2P ports via hostPort | bool | `false` |
  | lighthouse.p2pHostPort.initContainer.image.pullPolicy | Container pull policy | string | `"IfNotPresent"` |
  | lighthouse.p2pHostPort.initContainer.image.repository | Container image to fetch IP/port information | string | `"lachlanevenson/k8s-kubectl"` |

charts/lighthouse/templates/lighthouse/service.yaml

@@ -81,3 +81,57 @@ spec:
   selector:
     {{- include "lighthouse.selectorLabels" . | nindent 4 }}
     {{- $componentLabel | nindent 4 }}
+{{/* Dedicated P2P LoadBalancer Service */}}
+{{- if and $values.p2p $values.p2p.service $values.p2p.service.enabled (eq (default "" $values.p2p.service.type) "LoadBalancer") }}
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ include "lighthouse.fullname" . }}-{{ $componentName }}-p2p
+  labels:
+    {{- include "lighthouse.labels" . | nindent 4 }}
+    {{- $componentLabel | nindent 4 }}
+    {{- with $values.p2p.service.labels }}
+    {{- toYaml . | nindent 4 }}
+    {{- end }}
+  {{- with $values.p2p.service.annotations }}
+  annotations:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+spec:
+  type: LoadBalancer
+  externalTrafficPolicy: {{ default "Local" $values.p2p.service.externalTrafficPolicy }}
+  {{- with $values.p2p.service.loadBalancerIP }}
+  {{- if . }}
+  loadBalancerIP: {{ . }}
+  {{- end }}
+  {{- end }}
+  {{- with $values.p2p.service.loadBalancerSourceRanges }}
+  {{- if . }}
+  loadBalancerSourceRanges:
+    {{- toYaml . | nindent 2 }}
+  {{- end }}
+  {{- end }}
+  {{- with $values.p2p.service.externalIPs }}
+  {{- if . }}
+  externalIPs:
+    {{- toYaml . | nindent 2 }}
+  {{- end }}
+  {{- end }}
+  ports:
+    - name: tcp-transport
+      port: {{ include "lighthouse.port" $values }}
+      targetPort: tcp-transport
+      protocol: TCP
+    - name: udp-discovery
+      port: {{ include "lighthouse.discoveryPort" $values }}
+      targetPort: udp-discovery
+      protocol: UDP
+    - name: udp-transport
+      port: {{ include "lighthouse.quicPort" $values }}
+      targetPort: udp-transport
+      protocol: UDP
+  selector:
+    {{- include "lighthouse.selectorLabels" . | nindent 4 }}
+    {{- $componentLabel | nindent 4 }}
+{{- end }}

charts/lighthouse/templates/lighthouse/statefulset.yaml

@@ -160,6 +160,14 @@ spec:
                 --enr-address=$EXTERNAL_IP \
                 --enr-udp-port={{ $values.p2pHostPort.port }} \
                 --enr-tcp-port={{ $values.p2pHostPort.port }} \
+              {{- else if and $values.p2p $values.p2p.service $values.p2p.service.enabled (eq $values.p2p.service.type "LoadBalancer") }}
+                {{- if $values.p2p.service.advertiseIP }}
+                --enr-address={{ $values.p2p.service.advertiseIP }} \
+                {{- else if $values.p2p.service.loadBalancerIP }}
+                --enr-address={{ $values.p2p.service.loadBalancerIP }} \
+                {{- end }}
+                --enr-udp-port={{ include "lighthouse.discoveryPort" $values }} \
+                --enr-tcp-port={{ include "lighthouse.port" $values }} \
               {{- end }}
                 --port={{ include "lighthouse.port" $values }} \
                 --discovery-port={{ include "lighthouse.discoveryPort" $values }} \

charts/lighthouse/values.yaml

@@ -172,3 +172,25 @@ lighthouse:
         tag: v1.25.4
         # -- Container pull policy
         pullPolicy: IfNotPresent
+
+  # P2P Service exposure (alternative to hostPort)
+  p2p:
+    service:
+      # -- Enable a dedicated P2P Service
+      enabled: false
+      # -- Service type for P2P exposure
+      type: LoadBalancer
+      # -- Additional labels to add to the P2P Service
+      labels: {}
+      # -- Annotations to add to the P2P Service (e.g., Cilium sharing keys)
+      annotations: {}
+      # -- External traffic policy
+      externalTrafficPolicy: Local
+      # -- Fixed external IPs to bind the Service to (requires upstream routing)
+      externalIPs: []
+      # -- When using a LoadBalancer and your cloud supports it, set a specific LB IP
+      loadBalancerIP: ""
+      # -- Restrict which source ranges can access the LoadBalancer (CIDRs)
+      loadBalancerSourceRanges: []
+      # -- IP address to explicitly advertise in ENR (overrides autodetection and LB IP)
+      advertiseIP: ""