mirror of
https://github.com/nold360/hive-apps
synced 2024-12-23 06:01:18 +00:00
Del(apisix)
This commit is contained in:
parent
649a1e2791
commit
e910663d2e
2 changed files with 0 additions and 389 deletions
|
@ -55,13 +55,6 @@ apps:
|
||||||
targetRevision: 10.19.5
|
targetRevision: 10.19.5
|
||||||
syncWave: '0'
|
syncWave: '0'
|
||||||
|
|
||||||
- name: apisix
|
|
||||||
namespace: ingress-apisix
|
|
||||||
repoURL: https://charts.apiseven.com
|
|
||||||
chart: apisix
|
|
||||||
targetRevision: 0.9.3
|
|
||||||
syncWave: '0'
|
|
||||||
|
|
||||||
- name: cilium
|
- name: cilium
|
||||||
existingNamespace: kube-system
|
existingNamespace: kube-system
|
||||||
repoURL: https://helm.cilium.io
|
repoURL: https://helm.cilium.io
|
||||||
|
|
|
@ -1,382 +0,0 @@
|
||||||
apisix:
|
|
||||||
# Enable or disable Apache APISIX itself
|
|
||||||
# Set it to false and ingress-controller.enabled=true will deploy only ingress-controller
|
|
||||||
enabled: true
|
|
||||||
|
|
||||||
# Enable nginx IPv6 resolver
|
|
||||||
enableIPv6: true
|
|
||||||
|
|
||||||
# Use Pod metadata.uid as the APISIX id.
|
|
||||||
setIDFromPodUID: false
|
|
||||||
|
|
||||||
customLuaSharedDicts: []
|
|
||||||
# - name: foo
|
|
||||||
# size: 10k
|
|
||||||
# - name: bar
|
|
||||||
# size: 1m
|
|
||||||
luaModuleHook:
|
|
||||||
enabled: false
|
|
||||||
# extend lua_package_path to load third party code
|
|
||||||
luaPath: ""
|
|
||||||
# the hook module which will be used to inject third party code into APISIX
|
|
||||||
# use the lua require style like: "module.say_hello"
|
|
||||||
hookPoint: ""
|
|
||||||
# configmap that stores the codes
|
|
||||||
configMapRef:
|
|
||||||
name: ""
|
|
||||||
# mounts decides how to mount the codes to the container.
|
|
||||||
mounts:
|
|
||||||
- key: ""
|
|
||||||
path: ""
|
|
||||||
|
|
||||||
enableCustomizedConfig: false
|
|
||||||
customizedConfig: {}
|
|
||||||
|
|
||||||
image:
|
|
||||||
repository: apache/apisix
|
|
||||||
pullPolicy: IfNotPresent
|
|
||||||
# Overrides the image tag whose default is the chart appVersion.
|
|
||||||
tag: 2.14.0-alpine
|
|
||||||
|
|
||||||
# Use a `DaemonSet` or `Deployment`
|
|
||||||
kind: Deployment
|
|
||||||
# kind is DaemonSet,replicaCount not become effective
|
|
||||||
replicaCount: 1
|
|
||||||
|
|
||||||
podAnnotations: {}
|
|
||||||
podSecurityContext: {}
|
|
||||||
# fsGroup: 2000
|
|
||||||
securityContext: {}
|
|
||||||
# capabilities:
|
|
||||||
# drop:
|
|
||||||
# - ALL
|
|
||||||
# readOnlyRootFilesystem: true
|
|
||||||
# runAsNonRoot: true
|
|
||||||
# runAsUser: 1000
|
|
||||||
|
|
||||||
# See https://kubernetes.io/docs/tasks/run-application/configure-pdb/ for more details
|
|
||||||
podDisruptionBudget:
|
|
||||||
enabled: false
|
|
||||||
minAvailable: 90%
|
|
||||||
maxUnavailable: 1
|
|
||||||
|
|
||||||
resources: {}
|
|
||||||
# We usually recommend not to specify default resources and to leave this as a conscious
|
|
||||||
# choice for the user. This also increases chances charts run on environments with little
|
|
||||||
# resources, such as Minikube. If you do want to specify resources, uncomment the following
|
|
||||||
# lines, adjust them as necessary, and remove the curly braces after 'resources:'.
|
|
||||||
# limits:
|
|
||||||
# cpu: 100m
|
|
||||||
# memory: 128Mi
|
|
||||||
# requests:
|
|
||||||
# cpu: 100m
|
|
||||||
# memory: 128Mi
|
|
||||||
|
|
||||||
nodeSelector: {}
|
|
||||||
tolerations: []
|
|
||||||
affinity: {}
|
|
||||||
# If true, it will sets the anti-affinity of the Pod.
|
|
||||||
podAntiAffinity:
|
|
||||||
enabled: false
|
|
||||||
|
|
||||||
# timezone is the timezone where apisix uses.
|
|
||||||
# For example: "UTC" or "Asia/Shanghai"
|
|
||||||
# This value will be set on apisix container's environment variable TZ.
|
|
||||||
# You may need to set the timezone to be consistent with your local time zone,
|
|
||||||
# otherwise the apisix's logs may used to retrieve event maybe in wrong timezone.
|
|
||||||
timezone: ""
|
|
||||||
|
|
||||||
# extraEnvVars An array to add extra env vars
|
|
||||||
# e.g:
|
|
||||||
# extraEnvVars:
|
|
||||||
# - name: FOO
|
|
||||||
# value: "bar"
|
|
||||||
# - name: FOO2
|
|
||||||
# valueFrom:
|
|
||||||
# secretKeyRef:
|
|
||||||
# name: SECRET_NAME
|
|
||||||
# key: KEY
|
|
||||||
extraEnvVars: []
|
|
||||||
|
|
||||||
nameOverride: ""
|
|
||||||
fullnameOverride: ""
|
|
||||||
|
|
||||||
|
|
||||||
gateway:
|
|
||||||
#type: NodePort
|
|
||||||
# If you want to keep the client source IP, you can set this to Local.
|
|
||||||
# ref: https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/#preserving-the-client-source-ip
|
|
||||||
externalTrafficPolicy: Cluster
|
|
||||||
type: LoadBalancer
|
|
||||||
annotations:
|
|
||||||
metallb.universe.tf/address-pool: internal
|
|
||||||
# service.beta.kubernetes.io/aws-load-balancer-type: nlb
|
|
||||||
externalIPs:
|
|
||||||
- 192.168.1.14
|
|
||||||
http:
|
|
||||||
enabled: true
|
|
||||||
servicePort: 80
|
|
||||||
containerPort: 9080
|
|
||||||
tls:
|
|
||||||
enabled: true
|
|
||||||
servicePort: 443
|
|
||||||
containerPort: 9443
|
|
||||||
existingCASecret: ""
|
|
||||||
certCAFilename: ""
|
|
||||||
http2:
|
|
||||||
enabled: true
|
|
||||||
stream: # L4 proxy (TCP/UDP)
|
|
||||||
enabled: false
|
|
||||||
only: false
|
|
||||||
tcp: []
|
|
||||||
udp: []
|
|
||||||
ingress:
|
|
||||||
enabled: true
|
|
||||||
annotations:
|
|
||||||
kubernetes.io/ingress.class: apisix
|
|
||||||
cert-manager.io/cluster-issuer: vault-issuer
|
|
||||||
# kubernetes.io/tls-acme: "true"
|
|
||||||
hosts:
|
|
||||||
- host: api.six
|
|
||||||
paths:
|
|
||||||
- '/'
|
|
||||||
tls:
|
|
||||||
- secretName: apisix-tls
|
|
||||||
hosts:
|
|
||||||
- api.six
|
|
||||||
|
|
||||||
admin:
|
|
||||||
# Enable Admin API
|
|
||||||
enabled: true
|
|
||||||
# admin service type
|
|
||||||
type: ClusterIP
|
|
||||||
# loadBalancerIP: a.b.c.d
|
|
||||||
# loadBalancerSourceRanges:
|
|
||||||
# - "143.231.0.0/16"
|
|
||||||
externalIPs: []
|
|
||||||
#
|
|
||||||
port: 9180
|
|
||||||
servicePort: 9180
|
|
||||||
# Admin API support CORS response headers
|
|
||||||
cors: true
|
|
||||||
# Admin API credentials
|
|
||||||
credentials:
|
|
||||||
admin: edd1c9f034335f136f87ad84b625c8f1
|
|
||||||
viewer: 4054f7cf07e344346cd3f287985e76a2
|
|
||||||
|
|
||||||
allow:
|
|
||||||
# The ip range for allowing access to Apache APISIX
|
|
||||||
ipList:
|
|
||||||
- 127.0.0.1/24
|
|
||||||
|
|
||||||
|
|
||||||
# APISIX plugins to be enabled
|
|
||||||
plugins:
|
|
||||||
- api-breaker
|
|
||||||
- authz-keycloak
|
|
||||||
- basic-auth
|
|
||||||
- batch-requests
|
|
||||||
- consumer-restriction
|
|
||||||
- cors
|
|
||||||
- echo
|
|
||||||
- fault-injection
|
|
||||||
- grpc-transcode
|
|
||||||
- hmac-auth
|
|
||||||
- http-logger
|
|
||||||
- ip-restriction
|
|
||||||
- ua-restriction
|
|
||||||
- jwt-auth
|
|
||||||
- kafka-logger
|
|
||||||
- key-auth
|
|
||||||
- limit-conn
|
|
||||||
- limit-count
|
|
||||||
- limit-req
|
|
||||||
- node-status
|
|
||||||
- openid-connect
|
|
||||||
- authz-casbin
|
|
||||||
- prometheus
|
|
||||||
- proxy-cache
|
|
||||||
- proxy-mirror
|
|
||||||
- proxy-rewrite
|
|
||||||
- redirect
|
|
||||||
- referer-restriction
|
|
||||||
- request-id
|
|
||||||
- request-validation
|
|
||||||
- response-rewrite
|
|
||||||
- serverless-post-function
|
|
||||||
- serverless-pre-function
|
|
||||||
- sls-logger
|
|
||||||
- syslog
|
|
||||||
- tcp-logger
|
|
||||||
- udp-logger
|
|
||||||
- uri-blocker
|
|
||||||
- wolf-rbac
|
|
||||||
- zipkin
|
|
||||||
- traffic-split
|
|
||||||
- gzip
|
|
||||||
- real-ip
|
|
||||||
- ext-plugin-pre-req
|
|
||||||
- ext-plugin-post-req
|
|
||||||
stream_plugins:
|
|
||||||
- mqtt-proxy
|
|
||||||
- ip-restriction
|
|
||||||
- limit-conn
|
|
||||||
|
|
||||||
pluginAttrs: {}
|
|
||||||
|
|
||||||
extPlugin:
|
|
||||||
enabled: false
|
|
||||||
cmd: ["/path/to/apisix-plugin-runner/runner", "run"]
|
|
||||||
|
|
||||||
# customPlugins allows you to mount your own HTTP plugins.
|
|
||||||
customPlugins:
|
|
||||||
enabled: false
|
|
||||||
# the lua_path that tells APISIX where it can find plugins,
|
|
||||||
# note the last ';' is required.
|
|
||||||
luaPath: "/opts/custom_plugins/?.lua"
|
|
||||||
plugins:
|
|
||||||
# plugin name.
|
|
||||||
- name: ""
|
|
||||||
# plugin attrs
|
|
||||||
attrs: |
|
|
||||||
# plugin codes can be saved inside configmap object.
|
|
||||||
configMap:
|
|
||||||
# name of configmap.
|
|
||||||
name: ""
|
|
||||||
# since keys in configmap is flat, mountPath allows to define the mount
|
|
||||||
# path, so that plugin codes can be mounted hierarchically.
|
|
||||||
mounts:
|
|
||||||
- key: ""
|
|
||||||
path: ""
|
|
||||||
- key: ""
|
|
||||||
path: ""
|
|
||||||
|
|
||||||
updateStrategy: {}
|
|
||||||
# type: RollingUpdate
|
|
||||||
|
|
||||||
extraVolumes: []
|
|
||||||
# - name: extras
|
|
||||||
# emptyDir: {}
|
|
||||||
|
|
||||||
extraVolumeMounts: []
|
|
||||||
# - name: extras
|
|
||||||
# mountPath: /usr/share/extras
|
|
||||||
# readOnly: true
|
|
||||||
|
|
||||||
discovery:
|
|
||||||
enabled: false
|
|
||||||
registry:
|
|
||||||
# Integration service discovery registry. E.g eureka\dns\nacos\consul_kv
|
|
||||||
# reference:
|
|
||||||
# https://apisix.apache.org/docs/apisix/discovery#configuration-for-eureka
|
|
||||||
# https://apisix.apache.org/docs/apisix/discovery/dns#service-discovery-via-dns
|
|
||||||
# https://apisix.apache.org/docs/apisix/discovery/consul_kv#configuration-for-consul-kv
|
|
||||||
# https://apisix.apache.org/docs/apisix/discovery/nacos#configuration-for-nacos
|
|
||||||
#
|
|
||||||
# an eureka example:
|
|
||||||
# eureka:
|
|
||||||
# host:
|
|
||||||
# - "http://${username}:${password}@${eureka_host1}:${eureka_port1}"
|
|
||||||
# - "http://${username}:${password}@${eureka_host2}:${eureka_port2}"
|
|
||||||
# prefix: "/eureka/"
|
|
||||||
# fetch_interval: 30
|
|
||||||
# weight: 100
|
|
||||||
# timeout:
|
|
||||||
# connect: 2000
|
|
||||||
# send: 2000
|
|
||||||
# read: 5000
|
|
||||||
|
|
||||||
# access log and error log configuration
|
|
||||||
logs:
|
|
||||||
enableAccessLog: true
|
|
||||||
accessLog: "/dev/stdout"
|
|
||||||
accessLogFormat: '$remote_addr - $remote_user [$time_local] $http_host \"$request\" $status $body_bytes_sent $request_time \"$http_referer\" \"$http_user_agent\" $upstream_addr $upstream_status $upstream_response_time \"$upstream_scheme://$upstream_host$upstream_uri\"'
|
|
||||||
accessLogFormatEscape: default
|
|
||||||
errorLog: "/dev/stderr"
|
|
||||||
errorLogLevel: "warn"
|
|
||||||
|
|
||||||
dns:
|
|
||||||
resolvers:
|
|
||||||
- 192.168.1.53
|
|
||||||
- 192.168.1.1
|
|
||||||
validity: 30
|
|
||||||
timeout: 5
|
|
||||||
|
|
||||||
|
|
||||||
autoscaling:
|
|
||||||
enabled: false
|
|
||||||
minReplicas: 1
|
|
||||||
maxReplicas: 100
|
|
||||||
targetCPUUtilizationPercentage: 80
|
|
||||||
targetMemoryUtilizationPercentage: 80
|
|
||||||
|
|
||||||
# Custom configuration snippet.
|
|
||||||
configurationSnippet:
|
|
||||||
main: |
|
|
||||||
|
|
||||||
httpStart: |
|
|
||||||
|
|
||||||
httpEnd: |
|
|
||||||
|
|
||||||
httpSrv: |
|
|
||||||
|
|
||||||
httpAdmin: |
|
|
||||||
|
|
||||||
stream: |
|
|
||||||
|
|
||||||
# Observability configuration.
|
|
||||||
# ref: https://apisix.apache.org/docs/apisix/plugins/prometheus/
|
|
||||||
serviceMonitor:
|
|
||||||
enabled: false
|
|
||||||
# namespace where the serviceMonitor is deployed, by default, it is the same as the namespace of the apisix
|
|
||||||
namespace: ""
|
|
||||||
# name of the serviceMonitor, by default, it is the same as the apisix fullname
|
|
||||||
name: ""
|
|
||||||
# interval at which metrics should be scraped
|
|
||||||
interval: 15s
|
|
||||||
# path of the metrics endpoint
|
|
||||||
path: /apisix/prometheus/metrics
|
|
||||||
# prefix of the metrics
|
|
||||||
metricPrefix: apisix_
|
|
||||||
# container port where the metrics are exposed
|
|
||||||
containerPort: 9091
|
|
||||||
# @param serviceMonitor.labels ServiceMonitor extra labels
|
|
||||||
labels: {}
|
|
||||||
# @param serviceMonitor.annotations ServiceMonitor annotations
|
|
||||||
annotations: {}
|
|
||||||
|
|
||||||
# etcd configuration
|
|
||||||
# use the FQDN address or the IP of the etcd
|
|
||||||
etcd:
|
|
||||||
# install etcd(v3) by default, set false if do not want to install etcd(v3) together
|
|
||||||
enabled: true
|
|
||||||
host:
|
|
||||||
- http://etcd.host:2379 # host or ip e.g. http://172.20.128.89:2379
|
|
||||||
prefix: "/apisix"
|
|
||||||
timeout: 30
|
|
||||||
|
|
||||||
# if etcd.enabled is true, set more values of bitnami/etcd helm chart
|
|
||||||
auth:
|
|
||||||
rbac:
|
|
||||||
# No authentication by default
|
|
||||||
create: false
|
|
||||||
user: ""
|
|
||||||
password: ""
|
|
||||||
tls:
|
|
||||||
enabled: false
|
|
||||||
existingSecret: ""
|
|
||||||
certFilename: ""
|
|
||||||
certKeyFilename: ""
|
|
||||||
verify: true
|
|
||||||
sni: ""
|
|
||||||
|
|
||||||
service:
|
|
||||||
port: 2379
|
|
||||||
|
|
||||||
replicaCount: 1
|
|
||||||
|
|
||||||
dashboard:
|
|
||||||
enabled: true
|
|
||||||
|
|
||||||
ingress-controller:
|
|
||||||
enabled: true
|
|
Loading…
Reference in a new issue