mirror of
https://github.com/nold360/hive-apps
synced 2024-12-22 21:51:20 +00:00
add(ingress): apisix
This commit is contained in:
parent
02474f10ed
commit
ebb1d7cd2d
2 changed files with 105 additions and 0 deletions
|
@ -55,6 +55,13 @@ apps:
|
|||
targetRevision: 10.19.5
|
||||
syncWave: '0'
|
||||
|
||||
- name: apisix
|
||||
existingNamespace: ingress-internal
|
||||
repoURL: https://charts.apiseven.com
|
||||
chart: apisix-ingress-controller
|
||||
targetRevision: 0.9.2
|
||||
syncWave: '0'
|
||||
|
||||
- name: cilium
|
||||
existingNamespace: kube-system
|
||||
repoURL: https://helm.cilium.io
|
||||
|
|
98
projects/core/values/apisix.yaml
Normal file
98
projects/core/values/apisix.yaml
Normal file
|
@ -0,0 +1,98 @@
|
|||
image:
|
||||
repository: apache/apisix-ingress-controller
|
||||
pullPolicy: IfNotPresent
|
||||
tag: "1.4.1"
|
||||
|
||||
service:
|
||||
annotations:
|
||||
metallb.universe.tf/address-pool: internal
|
||||
port: 80
|
||||
|
||||
config:
|
||||
logLevel: "info"
|
||||
logOutput: "stderr"
|
||||
# the TLS certificate file path.
|
||||
certFile: "/etc/webhook/certs/cert.pem"
|
||||
# the TLS key file path.
|
||||
keyFile: "/etc/webhook/certs/key.pem"
|
||||
# the HTTP Server listen address, default is ":8080"
|
||||
httpListen: ":8080"
|
||||
# the HTTPS Server listen address, default is ":8443"
|
||||
httpsListen: ":8443"
|
||||
# the controller will use the Endpoint of this Service to
|
||||
# update the status information of the Ingress resource.
|
||||
# The format is "namespace/svc-name" to solve the situation that
|
||||
# the data plane and the controller are not deployed in the same namespace.
|
||||
ingressPublishService: ""
|
||||
ingressStatusAddress: []
|
||||
# enable profiling via web interfaces host:port/debug/pprof, default is true.
|
||||
enableProfiling: true
|
||||
# Kubernetes related configurations.
|
||||
kubernetes:
|
||||
# the Kubernetes configuration file path, default is "", so the in-cluster
|
||||
# configuration will be used.
|
||||
kubeconfig: ""
|
||||
# how long should apisix-ingress-controller re-synchronizes with Kubernetes,
|
||||
# default is 6h,
|
||||
resyncInterval: "6h"
|
||||
# namespace list that controller will watch for resources,
|
||||
# by default all namespaces (represented by "*") are watched.
|
||||
appNamespaces: ["*"]
|
||||
# namespace_selector represent basis for selecting managed namespaces.
|
||||
# the field is support since version 1.4.0
|
||||
# For example, "apisix.ingress=watching", so ingress will watching the namespaces which labels "apisix.ingress=watching"
|
||||
namespaceSelector: [""]
|
||||
# the election id for the controller leader campaign,
|
||||
# only the leader will watch and delivery resource changes,
|
||||
# other instances (as candidates) stand by.
|
||||
electionId: "ingress-apisix-leader"
|
||||
# The class of an Ingress object is set using the field IngressClassName in
|
||||
# Kubernetes clusters version v1.18.0 or higher or the annotation
|
||||
# "kubernetes.io/ingress.class" (deprecated).
|
||||
ingressClass: "apisix"
|
||||
# the supported ingress api group version, can be "networking/v1beta1",
|
||||
# "networking/v1" (for Kubernetes version v1.19.0 or higher), and
|
||||
# "extensions/v1beta1", default is "networking/v1".
|
||||
ingressVersion: "networking/v1"
|
||||
# whether to watch EndpointSlices rather than Endpoints.
|
||||
watchEndpointSlices: false
|
||||
# the supported apisixroute api group version, can be "apisix.apache.org/v2beta1"
|
||||
# "apisix.apache.org/v2beta2" or "apisix.apache.org/v2beta3"
|
||||
apisixRouteVersion: "apisix.apache.org/v2beta3"
|
||||
# whether to enable support for Gateway API.
|
||||
# Note: This feature is currently under development and may not work as expected.
|
||||
# It is not recommended to use it in a production environment.
|
||||
# Before we announce support for it to reach Beta level or GA.
|
||||
enableGatewayAPI: false
|
||||
# APISIX related configurations.
|
||||
apisix:
|
||||
serviceName: apisix-admin
|
||||
serviceNamespace: ingress-apisix
|
||||
servicePort: 9180
|
||||
adminKey: "edd1c9f034335f136f87ad84b625c8f1"
|
||||
clusterName: "default"
|
||||
|
||||
initContainer:
|
||||
image: busybox
|
||||
tag: 1.28
|
||||
|
||||
serviceMonitor:
|
||||
enabled: true
|
||||
namespace: "monitoring"
|
||||
interval: 15s
|
||||
# @param serviceMonitor.labels ServiceMonitor extra labels
|
||||
labels: {}
|
||||
# @param serviceMonitor.annotations ServiceMonitor annotations
|
||||
annotations: {}
|
||||
|
||||
|
||||
podSecurityContext:
|
||||
fsGroup: 2000
|
||||
|
||||
securityContext:
|
||||
capabilities:
|
||||
drop:
|
||||
- ALL
|
||||
readOnlyRootFilesystem: true
|
||||
runAsNonRoot: true
|
||||
runAsUser: 1000
|
Loading…
Reference in a new issue