Skip to content

Commit

Permalink
feat: support Ingress 1.7.0 etcdserver (#624)
Browse files Browse the repository at this point in the history
  • Loading branch information
lingsamuel authored Sep 27, 2023
1 parent 9402a56 commit 67d7d47
Show file tree
Hide file tree
Showing 6 changed files with 204 additions and 1 deletion.
4 changes: 4 additions & 0 deletions charts/apisix-ingress-controller/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -120,6 +120,10 @@ The same for container level, you need to set:
| config.apisixResourceSyncInterval | string | `"1h"` | Default interval for synchronizing Kubernetes resources to APISIX |
| config.certFile | string | `"/etc/webhook/certs/cert.pem"` | the TLS certificate file path. |
| config.enableProfiling | bool | `true` | enable profiling via web interfaces host:port/debug/pprof, default is true. |
| config.etcdserver.enabled | bool | `false` | Enable etcd server or not, default is false. |
| config.etcdserver.image.pullPolicy | string | `"IfNotPresent"` | Apache APISIX image pull policy |
| config.etcdserver.image.repository | string | `"apache/apisix"` | Apache APISIX image repository |
| config.etcdserver.image.tag | string | `"3.5.0-debian"` | Apache APISIX image tag Overrides the image tag whose default is the chart appVersion. |
| config.httpListen | string | `":8080"` | the HTTP Server listen address, default is ":8080" |
| config.httpsListen | string | `":8443"` | the HTTPS Server listen address, default is ":8443" |
| config.ingressPublishService | string | `""` | the controller will use the Endpoint of this Service to update the status information of the Ingress resource. The format is "namespace/svc-name" to solve the situation that the data plane and the controller are not deployed in the same namespace. |
Expand Down
127 changes: 127 additions & 0 deletions charts/apisix-ingress-controller/templates/apisix-configmap.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,127 @@
{{ if .Values.config.etcdserver.enabled }}
apiVersion: v1
kind: ConfigMap
metadata:
name: {{ .Release.Name }}-gw-configmap
namespace: {{ .Release.Namespace }}
labels:
{{- include "apisix-ingress-controller.labels" . | nindent 4 }}
data:
config.yaml: >
deployment:
admin:
allow_admin:
- 127.0.0.0/24
- 0.0.0.0/0
admin_listen:
ip: 0.0.0.0
port: 9180
etcd:
host:
- "http://127.0.0.1:12379"
prefix: "/apisix"
timeout: 60
apisix:
enable_control: true
enable_reuseport: true
stream_proxy:
only: false
tcp:
- 9100
- addr: 9110
tls: true
udp:
- 9200
plugins: # plugin list (sorted by priority)
- real-ip # priority: 23000
- ai # priority: 22900
- client-control # priority: 22000
- proxy-control # priority: 21990
- request-id # priority: 12015
- zipkin # priority: 12011
#- skywalking # priority: 12010
#- opentelemetry # priority: 12009
- ext-plugin-pre-req # priority: 12000
- fault-injection # priority: 11000
- mocking # priority: 10900
- serverless-pre-function # priority: 10000
#- batch-requests # priority: 4010
- cors # priority: 4000
- ip-restriction # priority: 3000
- ua-restriction # priority: 2999
- referer-restriction # priority: 2990
- csrf # priority: 2980
- uri-blocker # priority: 2900
- request-validation # priority: 2800
- openid-connect # priority: 2599
- cas-auth # priority: 2597
- authz-casbin # priority: 2560
- authz-casdoor # priority: 2559
- wolf-rbac # priority: 2555
- ldap-auth # priority: 2540
- hmac-auth # priority: 2530
- basic-auth # priority: 2520
- jwt-auth # priority: 2510
- key-auth # priority: 2500
- consumer-restriction # priority: 2400
- forward-auth # priority: 2002
- opa # priority: 2001
- authz-keycloak # priority: 2000
#- error-log-logger # priority: 1091
- proxy-mirror # priority: 1010
- proxy-cache # priority: 1009
- proxy-rewrite # priority: 1008
- workflow # priority: 1006
- api-breaker # priority: 1005
- limit-conn # priority: 1003
- limit-count # priority: 1002
- limit-req # priority: 1001
#- node-status # priority: 1000
- gzip # priority: 995
- traffic-split # priority: 966
- redirect # priority: 900
- response-rewrite # priority: 899
- kafka-proxy # priority: 508
#- dubbo-proxy # priority: 507
- grpc-transcode # priority: 506
- grpc-web # priority: 505
- public-api # priority: 501
- prometheus # priority: 500
- datadog # priority: 495
- elasticsearch-logger # priority: 413
- echo # priority: 412
- loggly # priority: 411
- http-logger # priority: 410
- splunk-hec-logging # priority: 409
- skywalking-logger # priority: 408
- google-cloud-logging # priority: 407
- sls-logger # priority: 406
- tcp-logger # priority: 405
- kafka-logger # priority: 403
- rocketmq-logger # priority: 402
- syslog # priority: 401
- udp-logger # priority: 400
- file-logger # priority: 399
- clickhouse-logger # priority: 398
- tencent-cloud-cls # priority: 397
- inspect # priority: 200
#- log-rotate # priority: 100
# <- recommend to use priority (0, 100) for your custom plugins
- example-plugin # priority: 0
#- gm # priority: -43
- aws-lambda # priority: -1899
- azure-functions # priority: -1900
- openwhisk # priority: -1901
- openfunction # priority: -1902
- serverless-post-function # priority: -2000
- ext-plugin-post-req # priority: -3000
- ext-plugin-post-resp # priority: -4000
plugin_attr:
prometheus:
enable_export_server: false
{{ end }}
8 changes: 8 additions & 0 deletions charts/apisix-ingress-controller/templates/configmap.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -53,17 +53,25 @@ data:
plugin_metadata_cm: {{ .Values.config.kubernetes.pluginMetadataCM | quote }}
apisix:
admin_api_version: {{ .Values.config.apisix.adminAPIVersion | quote }}
{{- if .Values.config.etcdserver.enabled }}
default_cluster_base_url: http://127.0.0.1:9180/apisix/admin
{{ else }}
{{- if .Values.config.apisix.serviceFullname }}
default_cluster_base_url: http://{{ .Values.config.apisix.serviceFullname }}:{{ .Values.config.apisix.servicePort }}/apisix/admin
{{ else }}
default_cluster_base_url: http://{{ .Values.config.apisix.serviceName }}.{{ .Values.config.apisix.serviceNamespace }}.svc.{{ .Values.clusterDomain }}:{{ .Values.config.apisix.servicePort }}/apisix/admin
{{- end}}
{{- end }}
{{- if .Values.config.apisix.existingSecret }}
default_cluster_admin_key: "{{"{{"}}.DEFAULT_CLUSTER_ADMIN_KEY{{"}}"}}"
{{- else }}
default_cluster_admin_key: {{ .Values.config.apisix.adminKey | quote }}
{{- end }}
default_cluster_name: {{ .Values.config.apisix.clusterName | quote }}
{{ if .Values.config.etcdserver.enabled }}
etcdserver:
enabled: true
{{ end }}
kind: ConfigMap
metadata:
name: {{ .Release.Name }}-configmap
Expand Down
35 changes: 34 additions & 1 deletion charts/apisix-ingress-controller/templates/deployment.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -60,6 +60,12 @@ spec:
items:
- key: config.yaml
path: config.yaml
{{ if .Values.config.etcdserver.enabled }}
- name: apisix-config
configMap:
name: {{ .Release.Name }}-gw-configmap
{{ end }}
{{ if not .Values.config.etcdserver.enabled }}
initContainers:
- name: wait-apisix-admin
image: {{ .Values.initContainer.image }}:{{ .Values.initContainer.tag }}
Expand All @@ -71,6 +77,7 @@ spec:

securityContext:
{{- toYaml .Values.securityContext | nindent 12 }}
{{ end }}
containers:
- name: {{ .Chart.Name }}
command:
Expand All @@ -86,6 +93,11 @@ spec:
- name: http
containerPort: {{ (.Values.config.httpListen | split ":")._1 }}
protocol: TCP
{{ if .Values.config.etcdserver.enabled }}
- name: etcd
containerPort: 12379
protocol: TCP
{{ end }}
livenessProbe:
httpGet:
path: /healthz
Expand All @@ -97,8 +109,9 @@ spec:
resources:
{{- toYaml .Values.resources | nindent 12 }}
volumeMounts:
- mountPath: /ingress-apisix/conf
- mountPath: /ingress-apisix/conf/config.yaml
name: configuration
subPath: config.yaml
env:
- name: POD_NAMESPACE
valueFrom:
Expand All @@ -115,6 +128,26 @@ spec:
name: {{ .Values.config.apisix.existingSecret | quote }}
key: {{ include "apisix-ingress-controller.credentials.secretAdminKey" . }}
{{- end }}
{{ if .Values.config.etcdserver.enabled }}
- name: apisix
image: "{{ .Values.config.etcdserver.image.repository }}:{{ .Values.config.etcdserver.image.tag }}"
imagePullPolicy: {{ .Values.config.etcdserver.image.pullPolicy }}
ports:
- name: http
containerPort: 9080
protocol: TCP
- name: http-admin
containerPort: 9180
protocol: TCP
- name: https
containerPort: 9443
protocol: TCP
resources: {}
volumeMounts:
- name: apisix-config
mountPath: /usr/local/apisix/conf/config.yaml
subPath: config.yaml
{{- end }}
{{- with .Values.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 8 }}
Expand Down
20 changes: 20 additions & 0 deletions charts/apisix-ingress-controller/templates/service-apisix.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,20 @@
apiVersion: v1
kind: Service
metadata:
name: {{ include "apisix-ingress-controller.fullname" . }}-apisix-gateway
namespace: {{ .Release.Namespace }}
labels:
{{- include "apisix-ingress-controller.labels" . | nindent 4 }}
spec:
ports:
- name: http
protocol: TCP
port: 80
targetPort: 9080
- name: https
protocol: TCP
port: 443
targetPort: 9443
selector:
{{- include "apisix-ingress-controller.selectorLabels" . | nindent 4 }}
type: NodePort
11 changes: 11 additions & 0 deletions charts/apisix-ingress-controller/values.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -61,6 +61,17 @@ service:
port: 80

config:
etcdserver:
# -- Enable etcd server or not, default is false.
enabled: false
image:
# -- Apache APISIX image repository
repository: apache/apisix
# -- Apache APISIX image pull policy
pullPolicy: IfNotPresent
# -- Apache APISIX image tag
# Overrides the image tag whose default is the chart appVersion.
tag: 3.5.0-debian
# -- the error log level, default is info, optional values are: debug, info, warn, error, panic, fatal
logLevel: "info"
# -- the output file path of error log, default is stderr, when
Expand Down

0 comments on commit 67d7d47

Please sign in to comment.