From 2461821486f42b1c4c800fd63c8b7f78bb0aa48b Mon Sep 17 00:00:00 2001 From: Ghanil Mohamed Yusof Date: Thu, 26 Oct 2023 14:56:02 +0800 Subject: [PATCH] feat: adding nginx configuration & gateway type in composite architecture (#644) --- charts/apisix-ingress-controller/README.md | 8 ++++++ .../templates/apisix-configmap.yaml | 7 +++++ .../templates/service-apisix.yaml | 26 ++++++++++++++++++- charts/apisix-ingress-controller/values.yaml | 22 ++++++++++++++++ 4 files changed, 62 insertions(+), 1 deletion(-) diff --git a/charts/apisix-ingress-controller/README.md b/charts/apisix-ingress-controller/README.md index 7fbb2d93..a2af3bee 100644 --- a/charts/apisix-ingress-controller/README.md +++ b/charts/apisix-ingress-controller/README.md @@ -144,6 +144,14 @@ The same for container level, you need to set: | config.logOutput | string | `"stderr"` | the output file path of error log, default is stderr, when the file path is "stderr" or "stdout", logs are marshalled plainly, which is more readable for human; otherwise logs are marshalled in JSON format, which can be parsed by programs easily. | | config.pluginMetadataCM | string | `""` | Pluginmetadata in APISIX can be controlled through ConfigMap. default is "" | | fullnameOverride | string | `""` | | +| gateway.externalIPs | list | `[]` | load balancer ips | +| gateway.externalTrafficPolicy | string | `"Cluster"` | | +| gateway.nginx.errorLog | string | `"stderr"` | Nginx error logs path | +| gateway.nginx.errorLogLevel | string | `"warn"` | Nginx error logs level | +| gateway.nginx.workerConnections | string | `"10620"` | Nginx worker connections | +| gateway.nginx.workerProcesses | string | `"auto"` | Nginx worker processes | +| gateway.nginx.workerRlimitNofile | string | `"20480"` | Nginx workerRlimitNoFile | +| gateway.type | string | `"NodePort"` | Apache APISIX service type for user access itself | | image.pullPolicy | string | `"IfNotPresent"` | | | image.repository | string | `"apache/apisix-ingress-controller"` | | | image.tag | string | `"1.7.0"` | | diff --git a/charts/apisix-ingress-controller/templates/apisix-configmap.yaml b/charts/apisix-ingress-controller/templates/apisix-configmap.yaml index 1fd43079..73105247 100644 --- a/charts/apisix-ingress-controller/templates/apisix-configmap.yaml +++ b/charts/apisix-ingress-controller/templates/apisix-configmap.yaml @@ -51,6 +51,13 @@ data: udp: - 9200 + nginx_config: + error_log: "{{ .Values.gateway.nginx.errorLog }}" + error_log_level: "{{ .Values.gateway.nginx.errorLogLevel }}" # warn,error + worker_processes: "{{ .Values.gateway.nginx.workerProcesses }}" + worker_rlimit_nofile: {{ .Values.gateway.nginx.workerRlimitNofile }} # the number of files a worker process can open, should be larger than worker_connections + event: + worker_connections: {{ .Values.gateway.nginx.workerConnections }} plugins: # plugin list (sorted by priority) - real-ip # priority: 23000 diff --git a/charts/apisix-ingress-controller/templates/service-apisix.yaml b/charts/apisix-ingress-controller/templates/service-apisix.yaml index 106ec90b..5125974d 100644 --- a/charts/apisix-ingress-controller/templates/service-apisix.yaml +++ b/charts/apisix-ingress-controller/templates/service-apisix.yaml @@ -3,6 +3,10 @@ kind: Service metadata: name: {{ include "apisix-ingress-controller.fullname" . }}-apisix-gateway namespace: {{ .Release.Namespace }} + annotations: + {{- range $key, $value := .Values.gateway.annotations }} + {{ $key }}: {{ $value | quote }} + {{- end }} labels: {{- include "apisix-ingress-controller.labels" . | nindent 4 }} spec: @@ -17,4 +21,24 @@ spec: targetPort: 9443 selector: {{- include "apisix-ingress-controller.selectorLabels" . | nindent 4 }} - type: NodePort + type: {{ .Values.gateway.type }} # LoadBalancer or NodePort + {{- if or (eq .Values.gateway.type "LoadBalancer") (eq .Values.gateway.type "NodePort") }} + externalTrafficPolicy: {{ .Values.gateway.externalTrafficPolicy }} + {{- end }} + {{- if eq .Values.gateway.type "LoadBalancer" }} + {{- if .Values.gateway.loadBalancerIP }} + loadBalancerIP: {{ .Values.gateway.loadBalancerIP }} # specify load balancer ip by user + {{- end }} + {{- if .Values.gateway.loadBalancerSourceRanges }} + loadBalancerSourceRanges: + {{- range $cidr := .Values.gateway.loadBalancerSourceRanges }} + - {{ $cidr }} + {{- end }} + {{- end }} + {{- end }} + {{- if gt (len .Values.gateway.externalIPs) 0 }} + externalIPs: + {{- range $ip := .Values.gateway.externalIPs }} + - {{ $ip }} + {{- end }} + {{- end }} \ No newline at end of file diff --git a/charts/apisix-ingress-controller/values.yaml b/charts/apisix-ingress-controller/values.yaml index ed98e397..6b8d265b 100644 --- a/charts/apisix-ingress-controller/values.yaml +++ b/charts/apisix-ingress-controller/values.yaml @@ -210,3 +210,25 @@ securityContext: {} # readOnlyRootFilesystem: true # runAsNonRoot: true # runAsUser: 1000 +gateway: + # -- Apache APISIX service type for user access itself + type: NodePort + externalTrafficPolicy: Cluster + # annotations: + # service.beta.kubernetes.io/aws-load-balancer-type: nlb + # loadBalancerIP: a.b.c.d + # loadBalancerSourceRanges: + # - "143.231.0.0/16" + # -- load balancer ips + externalIPs: [] + nginx: + # -- Nginx workerRlimitNoFile + workerRlimitNofile: "20480" + # -- Nginx worker connections + workerConnections: "10620" + # -- Nginx worker processes + workerProcesses: auto + # -- Nginx error logs path + errorLog: stderr + # -- Nginx error logs level + errorLogLevel: warn