mirror of
https://github.com/outbackdingo/cozystack.git
synced 2026-02-03 23:45:56 +00:00
Compare commits
4 Commits
v0.28.1
...
release-0.
| Author | SHA1 | Date | |
|---|---|---|---|
|
45a7416c3e | ||
|
|
3e0a2f6160 | ||
|
|
5344db56f9 | ||
|
|
c979746082 |
@@ -69,7 +69,7 @@ spec:
|
||||
serviceAccountName: cozystack
|
||||
containers:
|
||||
- name: cozystack
|
||||
image: "ghcr.io/cozystack/cozystack/installer:v0.28.1"
|
||||
image: "ghcr.io/cozystack/cozystack/installer:v0.28.2"
|
||||
env:
|
||||
- name: KUBERNETES_SERVICE_HOST
|
||||
value: localhost
|
||||
@@ -88,7 +88,7 @@ spec:
|
||||
fieldRef:
|
||||
fieldPath: metadata.name
|
||||
- name: assets
|
||||
image: "ghcr.io/cozystack/cozystack/installer:v0.28.1"
|
||||
image: "ghcr.io/cozystack/cozystack/installer:v0.28.2"
|
||||
command:
|
||||
- /usr/bin/cozystack-assets-server
|
||||
- "-dir=/cozystack/assets"
|
||||
|
||||
@@ -1,2 +1,2 @@
|
||||
cozystack:
|
||||
image: ghcr.io/cozystack/cozystack/installer:v0.28.1@sha256:2e7c6cb288500e59768fccfe76d7750a7a3a44187ae388dd2cea0a0193b791b7
|
||||
image: ghcr.io/cozystack/cozystack/installer:v0.28.2@sha256:f13bad3220695e206ed5142228f37bd3afa49db2913a1fd52ab91f809c3a017b
|
||||
|
||||
@@ -205,7 +205,7 @@ releases:
|
||||
releaseName: piraeus-operator
|
||||
chart: cozy-piraeus-operator
|
||||
namespace: cozy-linstor
|
||||
dependsOn: [cilium,kubeovn,cert-manager]
|
||||
dependsOn: [cilium,kubeovn,cert-manager,victoria-metrics-operator]
|
||||
|
||||
- name: linstor
|
||||
releaseName: linstor
|
||||
|
||||
@@ -1,2 +1,2 @@
|
||||
e2e:
|
||||
image: ghcr.io/cozystack/cozystack/e2e-sandbox:v0.28.1@sha256:bb5e8f5d92e2e4305ea1cc7f007b3e98769645ab845f632b4788b9373cd207eb
|
||||
image: ghcr.io/cozystack/cozystack/e2e-sandbox:v0.28.2@sha256:bb5e8f5d92e2e4305ea1cc7f007b3e98769645ab845f632b4788b9373cd207eb
|
||||
|
||||
@@ -1 +1 @@
|
||||
ghcr.io/cozystack/cozystack/matchbox:v0.28.1@sha256:59ae3b557161088d8add6497690c5dcb79a2d315b9de473641b5f3f9fd14a124
|
||||
ghcr.io/cozystack/cozystack/matchbox:v0.28.2@sha256:d63d18eb6f10dc298339523f9bbf22127a874b340111df129028a83e3ea94fef
|
||||
|
||||
@@ -1 +1 @@
|
||||
ghcr.io/cozystack/cozystack/s3manager:v0.5.0@sha256:016fc6c4f37c40e70b9cbc619de8c4b427f55757ba83cd102d753cd817ab1a4f
|
||||
ghcr.io/cozystack/cozystack/s3manager:v0.5.0@sha256:6965cf844afc34950bdcbd626cb8751a0556c87aa6dbaa20150ec6d5f0c428b5
|
||||
|
||||
@@ -1,2 +1,2 @@
|
||||
cozystackAPI:
|
||||
image: ghcr.io/cozystack/cozystack/cozystack-api:v0.28.1@sha256:718d6fbbb9806e3704c42b48ab28547da0618539761c5b2fa8740043966d7073
|
||||
image: ghcr.io/cozystack/cozystack/cozystack-api:v0.28.2@sha256:69b09f1416def58d9f556d80318e35d77fad6287a75d42ad47587b6fde12e5ba
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
cozystackController:
|
||||
image: ghcr.io/cozystack/cozystack/cozystack-controller:v0.28.1@sha256:ec3888832affb2cb657774a64a9929aa0d2b5f92b064f7a4dd55540a0d93324e
|
||||
image: ghcr.io/cozystack/cozystack/cozystack-controller:v0.28.2@sha256:ec3888832affb2cb657774a64a9929aa0d2b5f92b064f7a4dd55540a0d93324e
|
||||
debug: false
|
||||
disableTelemetry: false
|
||||
cozystackVersion: "v0.28.1"
|
||||
cozystackVersion: "v0.28.2"
|
||||
|
||||
@@ -76,7 +76,7 @@ data:
|
||||
"kubeappsNamespace": {{ .Release.Namespace | quote }},
|
||||
"helmGlobalNamespace": {{ include "kubeapps.helmGlobalPackagingNamespace" . | quote }},
|
||||
"carvelGlobalNamespace": {{ .Values.kubeappsapis.pluginConfig.kappController.packages.v1alpha1.globalPackagingNamespace | quote }},
|
||||
"appVersion": "v0.28.1",
|
||||
"appVersion": "v0.28.2",
|
||||
"authProxyEnabled": {{ .Values.authProxy.enabled }},
|
||||
"oauthLoginURI": {{ .Values.authProxy.oauthLoginURI | quote }},
|
||||
"oauthLogoutURI": {{ .Values.authProxy.oauthLogoutURI | quote }},
|
||||
|
||||
@@ -18,14 +18,14 @@ kubeapps:
|
||||
image:
|
||||
registry: ghcr.io/cozystack/cozystack
|
||||
repository: dashboard
|
||||
tag: v0.28.1
|
||||
tag: v0.28.2
|
||||
digest: "sha256:ebef6a0c4b0c9f0857fc82699abcaa7a135d18b5dafe129febc0bf90707f2f48"
|
||||
kubeappsapis:
|
||||
image:
|
||||
registry: ghcr.io/cozystack/cozystack
|
||||
repository: kubeapps-apis
|
||||
tag: v0.28.1
|
||||
digest: "sha256:be0c2137e15926f543a66f68a2d60e92015b945c10a1251cd5c77e97106d473b"
|
||||
tag: v0.28.2
|
||||
digest: "sha256:54ca0e1381a5a42201ab7fa5c08eaa54c88491375773a3fb842bb9c09a252b97"
|
||||
pluginConfig:
|
||||
flux:
|
||||
packages:
|
||||
|
||||
@@ -1,9 +1,9 @@
|
||||
annotations:
|
||||
artifacthub.io/changes: |
|
||||
- Update Ingress-Nginx version controller-v1.11.5
|
||||
- Update Ingress-Nginx version controller-v1.11.2
|
||||
artifacthub.io/prerelease: "false"
|
||||
apiVersion: v2
|
||||
appVersion: 1.11.5
|
||||
appVersion: 1.11.2
|
||||
description: Ingress controller for Kubernetes using NGINX as a reverse proxy and
|
||||
load balancer
|
||||
home: https://github.com/kubernetes/ingress-nginx
|
||||
@@ -15,9 +15,11 @@ kubeVersion: '>=1.21.0-0'
|
||||
maintainers:
|
||||
- name: cpanato
|
||||
- name: Gacko
|
||||
- name: puerco
|
||||
- name: rikatz
|
||||
- name: strongjz
|
||||
- name: tao12345666333
|
||||
name: ingress-nginx
|
||||
sources:
|
||||
- https://github.com/kubernetes/ingress-nginx
|
||||
version: 4.11.5
|
||||
version: 4.11.2
|
||||
|
||||
@@ -1,4 +1,10 @@
|
||||
# See the OWNERS docs: https://www.kubernetes.dev/docs/guide/owners
|
||||
|
||||
approvers:
|
||||
- ingress-nginx-helm-maintainers
|
||||
|
||||
reviewers:
|
||||
- ingress-nginx-helm-reviewers
|
||||
|
||||
labels:
|
||||
- area/helm
|
||||
|
||||
@@ -2,7 +2,7 @@
|
||||
|
||||
[ingress-nginx](https://github.com/kubernetes/ingress-nginx) Ingress controller for Kubernetes using NGINX as a reverse proxy and load balancer
|
||||
|
||||
 
|
||||
 
|
||||
|
||||
To use, add `ingressClassName: nginx` spec field or the `kubernetes.io/ingress.class: nginx` annotation to your Ingress resources.
|
||||
|
||||
@@ -229,24 +229,6 @@ Detail of how and why are in [this issue](https://github.com/helm/charts/pull/13
|
||||
|
||||
As of version `1.26.0` of this chart, by simply not providing any clusterIP value, `invalid: spec.clusterIP: Invalid value: "": field is immutable` will no longer occur since `clusterIP: ""` will not be rendered.
|
||||
|
||||
### Pod Security Admission
|
||||
|
||||
You can use Pod Security Admission by applying labels to the `ingress-nginx` namespace as instructed by the [documentation](https://kubernetes.io/docs/tasks/configure-pod-container/enforce-standards-namespace-labels).
|
||||
|
||||
Example:
|
||||
|
||||
```yaml
|
||||
apiVersion: v1
|
||||
kind: Namespace
|
||||
metadata:
|
||||
name: ingress-nginx
|
||||
labels:
|
||||
kubernetes.io/metadata.name: ingress-nginx
|
||||
name: ingress-nginx
|
||||
pod-security.kubernetes.io/enforce: restricted
|
||||
pod-security.kubernetes.io/enforce-version: v1.31
|
||||
```
|
||||
|
||||
## Values
|
||||
|
||||
| Key | Type | Default | Description |
|
||||
@@ -271,11 +253,11 @@ metadata:
|
||||
| controller.admissionWebhooks.namespaceSelector | object | `{}` | |
|
||||
| controller.admissionWebhooks.objectSelector | object | `{}` | |
|
||||
| controller.admissionWebhooks.patch.enabled | bool | `true` | |
|
||||
| controller.admissionWebhooks.patch.image.digest | string | `"sha256:e8825994b7a2c7497375a9b945f386506ca6a3eda80b89b74ef2db743f66a5ea"` | |
|
||||
| controller.admissionWebhooks.patch.image.digest | string | `"sha256:a320a50cc91bd15fd2d6fa6de58bd98c1bd64b9a6f926ce23a600d87043455a3"` | |
|
||||
| controller.admissionWebhooks.patch.image.image | string | `"ingress-nginx/kube-webhook-certgen"` | |
|
||||
| controller.admissionWebhooks.patch.image.pullPolicy | string | `"IfNotPresent"` | |
|
||||
| controller.admissionWebhooks.patch.image.registry | string | `"registry.k8s.io"` | |
|
||||
| controller.admissionWebhooks.patch.image.tag | string | `"v1.5.2"` | |
|
||||
| controller.admissionWebhooks.patch.image.tag | string | `"v1.4.3"` | |
|
||||
| controller.admissionWebhooks.patch.labels | object | `{}` | Labels to be added to patch job resources |
|
||||
| controller.admissionWebhooks.patch.networkPolicy.enabled | bool | `false` | Enable 'networkPolicy' or not |
|
||||
| controller.admissionWebhooks.patch.nodeSelector."kubernetes.io/os" | string | `"linux"` | |
|
||||
@@ -343,8 +325,8 @@ metadata:
|
||||
| controller.hostname | object | `{}` | Optionally customize the pod hostname. |
|
||||
| controller.image.allowPrivilegeEscalation | bool | `false` | |
|
||||
| controller.image.chroot | bool | `false` | |
|
||||
| controller.image.digest | string | `"sha256:a1cbad75b0a7098bf9325132794dddf9eef917e8a7fe246749a4cea7ff6f01eb"` | |
|
||||
| controller.image.digestChroot | string | `"sha256:ec9df3eb6b06563a079ee46045da94cbf750f7dbb16fdbcb9e3265b551ed72ad"` | |
|
||||
| controller.image.digest | string | `"sha256:d5f8217feeac4887cb1ed21f27c2674e58be06bd8f5184cacea2a69abaf78dce"` | |
|
||||
| controller.image.digestChroot | string | `"sha256:21b55a2f0213a18b91612a8c0850167e00a8e34391fd595139a708f9c047e7a8"` | |
|
||||
| controller.image.image | string | `"ingress-nginx/controller"` | |
|
||||
| controller.image.pullPolicy | string | `"IfNotPresent"` | |
|
||||
| controller.image.readOnlyRootFilesystem | bool | `false` | |
|
||||
@@ -352,7 +334,7 @@ metadata:
|
||||
| controller.image.runAsNonRoot | bool | `true` | |
|
||||
| controller.image.runAsUser | int | `101` | |
|
||||
| controller.image.seccompProfile.type | string | `"RuntimeDefault"` | |
|
||||
| controller.image.tag | string | `"v1.11.5"` | |
|
||||
| controller.image.tag | string | `"v1.11.2"` | |
|
||||
| controller.ingressClass | string | `"nginx"` | For backwards compatibility with ingress.class annotation, use ingressClass. Algorithm is as follows, first ingressClassName is considered, if not present, controller looks for ingress.class annotation |
|
||||
| controller.ingressClassByName | bool | `false` | Process IngressClass per name (additionally as per spec.controller). |
|
||||
| controller.ingressClassResource | object | `{"aliases":[],"annotations":{},"controllerValue":"k8s.io/ingress-nginx","default":false,"enabled":true,"name":"nginx","parameters":{}}` | This section refers to the creation of the IngressClass resource. IngressClasses are immutable and cannot be changed after creation. We do not support namespaced IngressClasses, yet, so a ClusterRole and a ClusterRoleBinding is required. |
|
||||
@@ -384,7 +366,7 @@ metadata:
|
||||
| controller.livenessProbe.periodSeconds | int | `10` | |
|
||||
| controller.livenessProbe.successThreshold | int | `1` | |
|
||||
| controller.livenessProbe.timeoutSeconds | int | `1` | |
|
||||
| controller.maxmindLicenseKey | string | `""` | Maxmind license key to download GeoLite2 Databases. # https://blog.maxmind.com/2019/12/significant-changes-to-accessing-and-using-geolite2-databases/ |
|
||||
| controller.maxmindLicenseKey | string | `""` | Maxmind license key to download GeoLite2 Databases. # https://blog.maxmind.com/2019/12/18/significant-changes-to-accessing-and-using-geolite2-databases |
|
||||
| controller.metrics.enabled | bool | `false` | |
|
||||
| controller.metrics.port | int | `10254` | |
|
||||
| controller.metrics.portName | string | `"metrics"` | |
|
||||
@@ -398,7 +380,7 @@ metadata:
|
||||
| controller.metrics.service.servicePort | int | `10254` | |
|
||||
| controller.metrics.service.type | string | `"ClusterIP"` | |
|
||||
| controller.metrics.serviceMonitor.additionalLabels | object | `{}` | |
|
||||
| controller.metrics.serviceMonitor.annotations | object | `{}` | Annotations to be added to the ServiceMonitor. |
|
||||
| controller.metrics.serviceMonitor.annotations | object | `{}` | |
|
||||
| controller.metrics.serviceMonitor.enabled | bool | `false` | |
|
||||
| controller.metrics.serviceMonitor.metricRelabelings | list | `[]` | |
|
||||
| controller.metrics.serviceMonitor.namespace | string | `""` | |
|
||||
@@ -533,7 +515,7 @@ metadata:
|
||||
| defaultBackend.livenessProbe.periodSeconds | int | `10` | |
|
||||
| defaultBackend.livenessProbe.successThreshold | int | `1` | |
|
||||
| defaultBackend.livenessProbe.timeoutSeconds | int | `5` | |
|
||||
| defaultBackend.minAvailable | int | `1` | Minimum available pods set in PodDisruptionBudget. |
|
||||
| defaultBackend.minAvailable | int | `1` | |
|
||||
| defaultBackend.minReadySeconds | int | `0` | `minReadySeconds` to avoid killing pods before we are ready # |
|
||||
| defaultBackend.name | string | `"defaultbackend"` | |
|
||||
| defaultBackend.networkPolicy.enabled | bool | `false` | Enable 'networkPolicy' or not |
|
||||
|
||||
@@ -226,22 +226,4 @@ Detail of how and why are in [this issue](https://github.com/helm/charts/pull/13
|
||||
|
||||
As of version `1.26.0` of this chart, by simply not providing any clusterIP value, `invalid: spec.clusterIP: Invalid value: "": field is immutable` will no longer occur since `clusterIP: ""` will not be rendered.
|
||||
|
||||
### Pod Security Admission
|
||||
|
||||
You can use Pod Security Admission by applying labels to the `ingress-nginx` namespace as instructed by the [documentation](https://kubernetes.io/docs/tasks/configure-pod-container/enforce-standards-namespace-labels).
|
||||
|
||||
Example:
|
||||
|
||||
```yaml
|
||||
apiVersion: v1
|
||||
kind: Namespace
|
||||
metadata:
|
||||
name: ingress-nginx
|
||||
labels:
|
||||
kubernetes.io/metadata.name: ingress-nginx
|
||||
name: ingress-nginx
|
||||
pod-security.kubernetes.io/enforce: restricted
|
||||
pod-security.kubernetes.io/enforce-version: v1.31
|
||||
```
|
||||
|
||||
{{ template "chart.valuesSection" . }}
|
||||
|
||||
@@ -0,0 +1,6 @@
|
||||
controller:
|
||||
admissionWebhooks:
|
||||
certManager:
|
||||
enabled: true
|
||||
service:
|
||||
type: ClusterIP
|
||||
@@ -0,0 +1,7 @@
|
||||
controller:
|
||||
watchIngressWithoutClass: true
|
||||
ingressClassResource:
|
||||
name: custom-nginx
|
||||
enabled: true
|
||||
default: true
|
||||
controllerValue: "k8s.io/custom-nginx"
|
||||
@@ -1,30 +0,0 @@
|
||||
controller:
|
||||
image:
|
||||
repository: ingress-controller/controller
|
||||
tag: 1.0.0-dev
|
||||
digest: null
|
||||
|
||||
service:
|
||||
type: ClusterIP
|
||||
|
||||
kind: DaemonSet
|
||||
|
||||
extraModules:
|
||||
- name: opentelemetry
|
||||
image:
|
||||
registry: registry.k8s.io
|
||||
image: ingress-nginx/opentelemetry-1.25.3
|
||||
tag: v20240813-b933310d
|
||||
digest: sha256:f7604ac0547ed64d79b98d92133234e66c2c8aade3c1f4809fed5eec1fb7f922
|
||||
distroless: true
|
||||
containerSecurityContext:
|
||||
runAsNonRoot: true
|
||||
runAsUser: 65532
|
||||
runAsGroup: 65532
|
||||
allowPrivilegeEscalation: false
|
||||
seccompProfile:
|
||||
type: RuntimeDefault
|
||||
capabilities:
|
||||
drop:
|
||||
- ALL
|
||||
readOnlyRootFilesystem: true
|
||||
@@ -1,30 +0,0 @@
|
||||
controller:
|
||||
image:
|
||||
repository: ingress-controller/controller
|
||||
tag: 1.0.0-dev
|
||||
digest: null
|
||||
|
||||
service:
|
||||
type: ClusterIP
|
||||
|
||||
kind: Deployment
|
||||
|
||||
extraModules:
|
||||
- name: opentelemetry
|
||||
image:
|
||||
registry: registry.k8s.io
|
||||
image: ingress-nginx/opentelemetry-1.25.3
|
||||
tag: v20240813-b933310d
|
||||
digest: sha256:f7604ac0547ed64d79b98d92133234e66c2c8aade3c1f4809fed5eec1fb7f922
|
||||
distroless: true
|
||||
containerSecurityContext:
|
||||
runAsNonRoot: true
|
||||
runAsUser: 65532
|
||||
runAsGroup: 65532
|
||||
allowPrivilegeEscalation: false
|
||||
seccompProfile:
|
||||
type: RuntimeDefault
|
||||
capabilities:
|
||||
drop:
|
||||
- ALL
|
||||
readOnlyRootFilesystem: true
|
||||
@@ -1,13 +0,0 @@
|
||||
controller:
|
||||
image:
|
||||
repository: ingress-controller/controller
|
||||
tag: 1.0.0-dev
|
||||
digest: null
|
||||
|
||||
service:
|
||||
type: ClusterIP
|
||||
|
||||
kind: Deployment
|
||||
|
||||
opentelemetry:
|
||||
enabled: true
|
||||
@@ -1,15 +0,0 @@
|
||||
controller:
|
||||
image:
|
||||
repository: ingress-controller/controller
|
||||
tag: 1.0.0-dev
|
||||
digest: null
|
||||
|
||||
service:
|
||||
type: ClusterIP
|
||||
|
||||
ingressClassResource:
|
||||
name: custom-nginx
|
||||
default: true
|
||||
controllerValue: k8s.io/custom-nginx
|
||||
|
||||
watchIngressWithoutClass: true
|
||||
@@ -0,0 +1,14 @@
|
||||
controller:
|
||||
image:
|
||||
repository: ingress-controller/controller
|
||||
tag: 1.0.0-dev
|
||||
digest: null
|
||||
kind: DaemonSet
|
||||
allowSnippetAnnotations: false
|
||||
admissionWebhooks:
|
||||
enabled: false
|
||||
service:
|
||||
type: ClusterIP
|
||||
|
||||
config:
|
||||
use-proxy-protocol: "true"
|
||||
@@ -0,0 +1,22 @@
|
||||
controller:
|
||||
kind: DaemonSet
|
||||
image:
|
||||
repository: ingress-controller/controller
|
||||
tag: 1.0.0-dev
|
||||
digest: null
|
||||
admissionWebhooks:
|
||||
enabled: false
|
||||
|
||||
service:
|
||||
type: NodePort
|
||||
nodePorts:
|
||||
tcp:
|
||||
9000: 30090
|
||||
udp:
|
||||
9001: 30091
|
||||
|
||||
tcp:
|
||||
9000: "default/test:8080"
|
||||
|
||||
udp:
|
||||
9001: "default/test:8080"
|
||||
@@ -0,0 +1,13 @@
|
||||
controller:
|
||||
kind: DaemonSet
|
||||
image:
|
||||
repository: ingress-controller/controller
|
||||
tag: 1.0.0-dev
|
||||
service:
|
||||
type: ClusterIP
|
||||
extraModules:
|
||||
- name: opentelemetry
|
||||
image:
|
||||
registry: registry.k8s.io
|
||||
image: busybox
|
||||
tag: latest
|
||||
@@ -0,0 +1,14 @@
|
||||
controller:
|
||||
kind: DaemonSet
|
||||
image:
|
||||
repository: ingress-controller/controller
|
||||
tag: 1.0.0-dev
|
||||
digest: null
|
||||
admissionWebhooks:
|
||||
enabled: false
|
||||
addHeaders:
|
||||
X-Frame-Options: deny
|
||||
proxySetHeaders:
|
||||
X-Forwarded-Proto: https
|
||||
service:
|
||||
type: ClusterIP
|
||||
@@ -1,12 +1,13 @@
|
||||
controller:
|
||||
kind: DaemonSet
|
||||
image:
|
||||
repository: ingress-controller/controller
|
||||
tag: 1.0.0-dev
|
||||
digest: null
|
||||
|
||||
admissionWebhooks:
|
||||
enabled: false
|
||||
service:
|
||||
type: ClusterIP
|
||||
|
||||
internal:
|
||||
enabled: true
|
||||
annotations:
|
||||
@@ -0,0 +1,10 @@
|
||||
controller:
|
||||
kind: DaemonSet
|
||||
image:
|
||||
repository: ingress-controller/controller
|
||||
tag: 1.0.0-dev
|
||||
digest: null
|
||||
admissionWebhooks:
|
||||
enabled: false
|
||||
service:
|
||||
type: NodePort
|
||||
@@ -1,16 +1,17 @@
|
||||
controller:
|
||||
kind: DaemonSet
|
||||
image:
|
||||
repository: ingress-controller/controller
|
||||
tag: 1.0.0-dev
|
||||
digest: null
|
||||
|
||||
admissionWebhooks:
|
||||
enabled: false
|
||||
metrics:
|
||||
enabled: true
|
||||
service:
|
||||
type: ClusterIP
|
||||
|
||||
kind: DaemonSet
|
||||
|
||||
podAnnotations:
|
||||
prometheus.io/scrape: "true"
|
||||
prometheus.io/path: /metrics
|
||||
prometheus.io/port: "10254"
|
||||
prometheus.io/scheme: http
|
||||
prometheus.io/path: /metrics
|
||||
prometheus.io/scrape: "true"
|
||||
@@ -0,0 +1,20 @@
|
||||
controller:
|
||||
kind: DaemonSet
|
||||
image:
|
||||
repository: ingress-controller/controller
|
||||
tag: 1.0.0-dev
|
||||
digest: null
|
||||
admissionWebhooks:
|
||||
enabled: false
|
||||
service:
|
||||
type: ClusterIP
|
||||
tcp:
|
||||
configMapNamespace: default
|
||||
udp:
|
||||
configMapNamespace: default
|
||||
|
||||
tcp:
|
||||
9000: "default/test:8080"
|
||||
|
||||
udp:
|
||||
9001: "default/test:8080"
|
||||
@@ -0,0 +1,18 @@
|
||||
controller:
|
||||
kind: DaemonSet
|
||||
image:
|
||||
repository: ingress-controller/controller
|
||||
tag: 1.0.0-dev
|
||||
digest: null
|
||||
admissionWebhooks:
|
||||
enabled: false
|
||||
service:
|
||||
type: ClusterIP
|
||||
|
||||
tcp:
|
||||
9000: "default/test:8080"
|
||||
|
||||
udp:
|
||||
9001: "default/test:8080"
|
||||
|
||||
portNamePrefix: "port"
|
||||
@@ -0,0 +1,16 @@
|
||||
controller:
|
||||
kind: DaemonSet
|
||||
image:
|
||||
repository: ingress-controller/controller
|
||||
tag: 1.0.0-dev
|
||||
digest: null
|
||||
admissionWebhooks:
|
||||
enabled: false
|
||||
service:
|
||||
type: ClusterIP
|
||||
|
||||
tcp:
|
||||
9000: "default/test:8080"
|
||||
|
||||
udp:
|
||||
9001: "default/test:8080"
|
||||
@@ -0,0 +1,14 @@
|
||||
controller:
|
||||
kind: DaemonSet
|
||||
image:
|
||||
repository: ingress-controller/controller
|
||||
tag: 1.0.0-dev
|
||||
digest: null
|
||||
admissionWebhooks:
|
||||
enabled: false
|
||||
service:
|
||||
type: ClusterIP
|
||||
|
||||
tcp:
|
||||
9000: "default/test:8080"
|
||||
9001: "default/test:8080"
|
||||
@@ -1,12 +1,10 @@
|
||||
controller:
|
||||
kind: DaemonSet
|
||||
image:
|
||||
repository: ingress-controller/controller
|
||||
tag: 1.0.0-dev
|
||||
digest: null
|
||||
|
||||
admissionWebhooks:
|
||||
enabled: false
|
||||
service:
|
||||
type: ClusterIP
|
||||
|
||||
admissionWebhooks:
|
||||
certManager:
|
||||
enabled: true
|
||||
@@ -0,0 +1,12 @@
|
||||
controller:
|
||||
kind: DaemonSet
|
||||
image:
|
||||
repository: ingress-controller/controller
|
||||
tag: 1.0.0-dev
|
||||
digest: null
|
||||
admissionWebhooks:
|
||||
enabled: false
|
||||
metrics:
|
||||
enabled: true
|
||||
service:
|
||||
type: ClusterIP
|
||||
@@ -1,13 +1,10 @@
|
||||
controller:
|
||||
kind: DaemonSet
|
||||
image:
|
||||
repository: ingress-controller/controller
|
||||
tag: 1.0.0-dev
|
||||
digest: null
|
||||
|
||||
admissionWebhooks:
|
||||
enabled: true
|
||||
service:
|
||||
type: ClusterIP
|
||||
|
||||
kind: DaemonSet
|
||||
|
||||
metrics:
|
||||
enabled: true
|
||||
@@ -1,12 +1,4 @@
|
||||
controller:
|
||||
image:
|
||||
repository: ingress-controller/controller
|
||||
tag: 1.0.0-dev
|
||||
digest: null
|
||||
|
||||
service:
|
||||
type: ClusterIP
|
||||
|
||||
autoscaling:
|
||||
enabled: true
|
||||
behavior:
|
||||
@@ -16,3 +8,7 @@ controller:
|
||||
- type: Pods
|
||||
value: 1
|
||||
periodSeconds: 180
|
||||
admissionWebhooks:
|
||||
enabled: false
|
||||
service:
|
||||
type: ClusterIP
|
||||
@@ -0,0 +1,11 @@
|
||||
controller:
|
||||
image:
|
||||
repository: ingress-controller/controller
|
||||
tag: 1.0.0-dev
|
||||
digest: null
|
||||
autoscaling:
|
||||
enabled: true
|
||||
admissionWebhooks:
|
||||
enabled: false
|
||||
service:
|
||||
type: ClusterIP
|
||||
@@ -3,9 +3,10 @@ controller:
|
||||
repository: ingress-controller/controller
|
||||
tag: 1.0.0-dev
|
||||
digest: null
|
||||
|
||||
service:
|
||||
type: ClusterIP
|
||||
|
||||
config:
|
||||
use-proxy-protocol: "true"
|
||||
allowSnippetAnnotations: false
|
||||
admissionWebhooks:
|
||||
enabled: false
|
||||
service:
|
||||
type: ClusterIP
|
||||
@@ -3,20 +3,18 @@ controller:
|
||||
repository: ingress-controller/controller
|
||||
tag: 1.0.0-dev
|
||||
digest: null
|
||||
|
||||
admissionWebhooks:
|
||||
enabled: false
|
||||
service:
|
||||
type: NodePort
|
||||
|
||||
nodePorts:
|
||||
tcp:
|
||||
9000: 30090
|
||||
udp:
|
||||
9001: 30091
|
||||
|
||||
portNamePrefix: port
|
||||
|
||||
tcp:
|
||||
9000: default/test:8080
|
||||
9000: "default/test:8080"
|
||||
|
||||
udp:
|
||||
9001: default/test:8080
|
||||
9001: "default/test:8080"
|
||||
@@ -1,10 +1,8 @@
|
||||
# Left blank to test default values
|
||||
controller:
|
||||
image:
|
||||
repository: ingress-controller/controller
|
||||
tag: 1.0.0-dev
|
||||
digest: null
|
||||
|
||||
service:
|
||||
type: ClusterIP
|
||||
|
||||
kind: DaemonSet
|
||||
@@ -0,0 +1,15 @@
|
||||
controller:
|
||||
image:
|
||||
repository: ingress-controller/controller
|
||||
tag: 1.0.0-dev
|
||||
digest: null
|
||||
service:
|
||||
type: ClusterIP
|
||||
containerSecurityContext:
|
||||
allowPrivilegeEscalation: false
|
||||
extraModules:
|
||||
- name: opentelemetry
|
||||
image:
|
||||
registry: registry.k8s.io
|
||||
image: busybox
|
||||
tag: latest
|
||||
@@ -0,0 +1,15 @@
|
||||
controller:
|
||||
image:
|
||||
repository: ingress-controller/controller
|
||||
tag: 1.0.0-dev
|
||||
digest: null
|
||||
service:
|
||||
type: ClusterIP
|
||||
extraModules:
|
||||
- name: opentelemetry
|
||||
image:
|
||||
registry: registry.k8s.io
|
||||
image: busybox
|
||||
tag: latest
|
||||
containerSecurityContext:
|
||||
allowPrivilegeEscalation: false
|
||||
@@ -0,0 +1,13 @@
|
||||
controller:
|
||||
image:
|
||||
repository: ingress-controller/controller
|
||||
tag: 1.0.0-dev
|
||||
digest: null
|
||||
service:
|
||||
type: ClusterIP
|
||||
extraModules:
|
||||
- name: opentelemetry
|
||||
image:
|
||||
registry: registry.k8s.io
|
||||
image: busybox
|
||||
tag: latest
|
||||
@@ -3,9 +3,11 @@ controller:
|
||||
repository: ingress-controller/controller
|
||||
tag: 1.0.0-dev
|
||||
digest: null
|
||||
|
||||
service:
|
||||
type: ClusterIP
|
||||
|
||||
admissionWebhooks:
|
||||
enabled: false
|
||||
addHeaders:
|
||||
X-Frame-Options: deny
|
||||
proxySetHeaders:
|
||||
X-Forwarded-Proto: https
|
||||
service:
|
||||
type: ClusterIP
|
||||
@@ -0,0 +1,19 @@
|
||||
controller:
|
||||
image:
|
||||
repository: ingress-controller/controller
|
||||
tag: 1.0.0-dev
|
||||
digest: null
|
||||
admissionWebhooks:
|
||||
enabled: false
|
||||
service:
|
||||
type: ClusterIP
|
||||
internal:
|
||||
enabled: true
|
||||
annotations:
|
||||
service.beta.kubernetes.io/aws-load-balancer-internal: "true"
|
||||
ports:
|
||||
http: 443
|
||||
https: 80
|
||||
targetPorts:
|
||||
http: 443
|
||||
https: 80
|
||||
@@ -0,0 +1,11 @@
|
||||
controller:
|
||||
image:
|
||||
repository: ingress-controller/controller
|
||||
tag: 1.0.0-dev
|
||||
digest: null
|
||||
admissionWebhooks:
|
||||
enabled: false
|
||||
metrics:
|
||||
enabled: true
|
||||
service:
|
||||
type: ClusterIP
|
||||
@@ -3,8 +3,7 @@ controller:
|
||||
repository: ingress-controller/controller
|
||||
tag: 1.0.0-dev
|
||||
digest: null
|
||||
|
||||
admissionWebhooks:
|
||||
enabled: false
|
||||
service:
|
||||
type: ClusterIP
|
||||
|
||||
kind: Deployment
|
||||
type: NodePort
|
||||
@@ -3,11 +3,7 @@ controller:
|
||||
repository: ingress-controller/controller
|
||||
tag: 1.0.0-dev
|
||||
digest: null
|
||||
|
||||
service:
|
||||
type: ClusterIP
|
||||
|
||||
kind: DaemonSet
|
||||
|
||||
opentelemetry:
|
||||
enabled: true
|
||||
@@ -3,14 +3,14 @@ controller:
|
||||
repository: ingress-controller/controller
|
||||
tag: 1.0.0-dev
|
||||
digest: null
|
||||
|
||||
admissionWebhooks:
|
||||
enabled: false
|
||||
metrics:
|
||||
enabled: true
|
||||
service:
|
||||
type: ClusterIP
|
||||
|
||||
kind: Deployment
|
||||
|
||||
podAnnotations:
|
||||
prometheus.io/scrape: "true"
|
||||
prometheus.io/path: /metrics
|
||||
prometheus.io/port: "10254"
|
||||
prometheus.io/scheme: http
|
||||
prometheus.io/path: /metrics
|
||||
prometheus.io/scrape: "true"
|
||||
@@ -0,0 +1,19 @@
|
||||
controller:
|
||||
image:
|
||||
repository: ingress-controller/controller
|
||||
tag: 1.0.0-dev
|
||||
digest: null
|
||||
admissionWebhooks:
|
||||
enabled: false
|
||||
service:
|
||||
type: ClusterIP
|
||||
tcp:
|
||||
configMapNamespace: default
|
||||
udp:
|
||||
configMapNamespace: default
|
||||
|
||||
tcp:
|
||||
9000: "default/test:8080"
|
||||
|
||||
udp:
|
||||
9001: "default/test:8080"
|
||||
@@ -0,0 +1,17 @@
|
||||
controller:
|
||||
image:
|
||||
repository: ingress-controller/controller
|
||||
tag: 1.0.0-dev
|
||||
digest: null
|
||||
admissionWebhooks:
|
||||
enabled: false
|
||||
service:
|
||||
type: ClusterIP
|
||||
|
||||
tcp:
|
||||
9000: "default/test:8080"
|
||||
|
||||
udp:
|
||||
9001: "default/test:8080"
|
||||
|
||||
portNamePrefix: "port"
|
||||
@@ -0,0 +1,15 @@
|
||||
controller:
|
||||
image:
|
||||
repository: ingress-controller/controller
|
||||
tag: 1.0.0-dev
|
||||
digest: null
|
||||
admissionWebhooks:
|
||||
enabled: false
|
||||
service:
|
||||
type: ClusterIP
|
||||
|
||||
tcp:
|
||||
9000: "default/test:8080"
|
||||
|
||||
udp:
|
||||
9001: "default/test:8080"
|
||||
@@ -3,9 +3,9 @@ controller:
|
||||
repository: ingress-controller/controller
|
||||
tag: 1.0.0-dev
|
||||
digest: null
|
||||
|
||||
service:
|
||||
type: ClusterIP
|
||||
|
||||
addHeaders:
|
||||
X-Frame-Options: deny
|
||||
tcp:
|
||||
9000: "default/test:8080"
|
||||
9001: "default/test:8080"
|
||||
@@ -0,0 +1,12 @@
|
||||
controller:
|
||||
service:
|
||||
type: ClusterIP
|
||||
admissionWebhooks:
|
||||
enabled: true
|
||||
extraEnvs:
|
||||
- name: FOO
|
||||
value: foo
|
||||
- name: TEST
|
||||
value: test
|
||||
patch:
|
||||
enabled: true
|
||||
@@ -0,0 +1,23 @@
|
||||
controller:
|
||||
service:
|
||||
type: ClusterIP
|
||||
admissionWebhooks:
|
||||
enabled: true
|
||||
createSecretJob:
|
||||
resources:
|
||||
limits:
|
||||
cpu: 10m
|
||||
memory: 20Mi
|
||||
requests:
|
||||
cpu: 10m
|
||||
memory: 20Mi
|
||||
patchWebhookJob:
|
||||
resources:
|
||||
limits:
|
||||
cpu: 10m
|
||||
memory: 20Mi
|
||||
requests:
|
||||
cpu: 10m
|
||||
memory: 20Mi
|
||||
patch:
|
||||
enabled: true
|
||||
@@ -3,11 +3,7 @@ controller:
|
||||
repository: ingress-controller/controller
|
||||
tag: 1.0.0-dev
|
||||
digest: null
|
||||
|
||||
admissionWebhooks:
|
||||
enabled: true
|
||||
service:
|
||||
type: ClusterIP
|
||||
|
||||
kind: Deployment
|
||||
|
||||
metrics:
|
||||
enabled: true
|
||||
@@ -203,7 +203,7 @@ We truncate at 63 chars because some Kubernetes name fields are limited to this
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Create the name of the default backend service account to use
|
||||
Create the name of the backend service account to use - only used when podsecuritypolicy is also enabled
|
||||
*/}}
|
||||
{{- define "ingress-nginx.defaultBackend.serviceAccountName" -}}
|
||||
{{- if .Values.defaultBackend.serviceAccount.create -}}
|
||||
|
||||
@@ -40,7 +40,6 @@ webhooks:
|
||||
service:
|
||||
name: {{ include "ingress-nginx.controller.fullname" . }}-admission
|
||||
namespace: {{ include "ingress-nginx.namespace" . }}
|
||||
port: {{ .Values.controller.admissionWebhooks.service.servicePort }}
|
||||
path: /networking/v1/ingresses
|
||||
{{- if .Values.controller.admissionWebhooks.timeoutSeconds }}
|
||||
timeoutSeconds: {{ .Values.controller.admissionWebhooks.timeoutSeconds }}
|
||||
|
||||
@@ -29,7 +29,7 @@ spec:
|
||||
{{- end }}
|
||||
ports:
|
||||
- name: https-webhook
|
||||
port: {{ .Values.controller.admissionWebhooks.service.servicePort }}
|
||||
port: 443
|
||||
targetPort: webhook
|
||||
{{- if semverCompare ">=1.20.0-0" .Capabilities.KubeVersion.Version }}
|
||||
appProtocol: https
|
||||
|
||||
@@ -3,48 +3,51 @@ apiVersion: monitoring.coreos.com/v1
|
||||
kind: ServiceMonitor
|
||||
metadata:
|
||||
name: {{ include "ingress-nginx.controller.fullname" . }}
|
||||
{{- if .Values.controller.metrics.serviceMonitor.namespace }}
|
||||
{{- if .Values.controller.metrics.serviceMonitor.namespace }}
|
||||
namespace: {{ .Values.controller.metrics.serviceMonitor.namespace }}
|
||||
{{- else }}
|
||||
{{- else }}
|
||||
namespace: {{ include "ingress-nginx.namespace" . }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
labels:
|
||||
{{- include "ingress-nginx.labels" . | nindent 4 }}
|
||||
app.kubernetes.io/component: controller
|
||||
{{- if .Values.controller.metrics.serviceMonitor.additionalLabels }}
|
||||
{{- if .Values.controller.metrics.serviceMonitor.additionalLabels }}
|
||||
{{- toYaml .Values.controller.metrics.serviceMonitor.additionalLabels | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- if .Values.controller.metrics.serviceMonitor.annotations }}
|
||||
annotations: {{ toYaml .Values.controller.metrics.serviceMonitor.annotations | nindent 4 }}
|
||||
{{- end }}
|
||||
spec:
|
||||
{{- if .Values.controller.metrics.serviceMonitor.namespaceSelector }}
|
||||
endpoints:
|
||||
- port: {{ .Values.controller.metrics.portName }}
|
||||
interval: {{ .Values.controller.metrics.serviceMonitor.scrapeInterval }}
|
||||
{{- if .Values.controller.metrics.serviceMonitor.honorLabels }}
|
||||
honorLabels: true
|
||||
{{- end }}
|
||||
{{- if .Values.controller.metrics.serviceMonitor.relabelings }}
|
||||
relabelings: {{ toYaml .Values.controller.metrics.serviceMonitor.relabelings | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- if .Values.controller.metrics.serviceMonitor.metricRelabelings }}
|
||||
metricRelabelings: {{ toYaml .Values.controller.metrics.serviceMonitor.metricRelabelings | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- if .Values.controller.metrics.serviceMonitor.jobLabel }}
|
||||
jobLabel: {{ .Values.controller.metrics.serviceMonitor.jobLabel | quote }}
|
||||
{{- end }}
|
||||
{{- if .Values.controller.metrics.serviceMonitor.namespaceSelector }}
|
||||
namespaceSelector: {{ toYaml .Values.controller.metrics.serviceMonitor.namespaceSelector | nindent 4 }}
|
||||
{{- else }}
|
||||
{{- else }}
|
||||
namespaceSelector:
|
||||
matchNames:
|
||||
- {{ include "ingress-nginx.namespace" . }}
|
||||
- {{ include "ingress-nginx.namespace" . }}
|
||||
{{- end }}
|
||||
{{- if .Values.controller.metrics.serviceMonitor.targetLabels }}
|
||||
targetLabels:
|
||||
{{- range .Values.controller.metrics.serviceMonitor.targetLabels }}
|
||||
- {{ . }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
selector:
|
||||
matchLabels:
|
||||
{{- include "ingress-nginx.selectorLabels" . | nindent 6 }}
|
||||
app.kubernetes.io/component: controller
|
||||
endpoints:
|
||||
- port: {{ .Values.controller.metrics.portName }}
|
||||
interval: {{ .Values.controller.metrics.serviceMonitor.scrapeInterval }}
|
||||
{{- if .Values.controller.metrics.serviceMonitor.honorLabels }}
|
||||
honorLabels: true
|
||||
{{- end }}
|
||||
{{- if .Values.controller.metrics.serviceMonitor.relabelings }}
|
||||
relabelings: {{ toYaml .Values.controller.metrics.serviceMonitor.relabelings | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- if .Values.controller.metrics.serviceMonitor.metricRelabelings }}
|
||||
metricRelabelings: {{ toYaml .Values.controller.metrics.serviceMonitor.metricRelabelings | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- if .Values.controller.metrics.serviceMonitor.jobLabel }}
|
||||
jobLabel: {{ .Values.controller.metrics.serviceMonitor.jobLabel | quote }}
|
||||
{{- end }}
|
||||
{{- if .Values.controller.metrics.serviceMonitor.targetLabels }}
|
||||
targetLabels: {{ toYaml .Values.controller.metrics.serviceMonitor.targetLabels | nindent 2 }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
|
||||
@@ -102,7 +102,7 @@ spec:
|
||||
{{- if .Values.defaultBackend.nodeSelector }}
|
||||
nodeSelector: {{ toYaml .Values.defaultBackend.nodeSelector | nindent 8 }}
|
||||
{{- end }}
|
||||
serviceAccountName: {{ include "ingress-nginx.defaultBackend.serviceAccountName" . }}
|
||||
serviceAccountName: {{ template "ingress-nginx.defaultBackend.serviceAccountName" . }}
|
||||
{{- if .Values.defaultBackend.tolerations }}
|
||||
tolerations: {{ toYaml .Values.defaultBackend.tolerations | nindent 8 }}
|
||||
{{- end }}
|
||||
|
||||
@@ -1,9 +1,5 @@
|
||||
{{- if .Values.defaultBackend.enabled -}}
|
||||
{{- $replicas := .Values.defaultBackend.replicaCount }}
|
||||
{{- if .Values.defaultBackend.autoscaling.enabled }}
|
||||
{{- $replicas = .Values.defaultBackend.autoscaling.minReplicas }}
|
||||
{{- end }}
|
||||
{{- if gt ($replicas | int) 1 }}
|
||||
{{- if or (gt (.Values.defaultBackend.replicaCount | int) 1) (gt (.Values.defaultBackend.autoscaling.minReplicas | int) 1) }}
|
||||
apiVersion: {{ ternary "policy/v1" "policy/v1beta1" (semverCompare ">=1.21.0-0" .Capabilities.KubeVersion.Version) }}
|
||||
kind: PodDisruptionBudget
|
||||
metadata:
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
{{- if and .Values.defaultBackend.enabled .Values.defaultBackend.serviceAccount.create -}}
|
||||
{{- if and .Values.defaultBackend.enabled .Values.defaultBackend.serviceAccount.create -}}
|
||||
apiVersion: v1
|
||||
kind: ServiceAccount
|
||||
metadata:
|
||||
@@ -8,7 +8,7 @@ metadata:
|
||||
{{- with .Values.defaultBackend.labels }}
|
||||
{{- toYaml . | nindent 4 }}
|
||||
{{- end }}
|
||||
name: {{ include "ingress-nginx.defaultBackend.serviceAccountName" . }}
|
||||
name: {{ template "ingress-nginx.defaultBackend.serviceAccountName" . }}
|
||||
namespace: {{ include "ingress-nginx.namespace" . }}
|
||||
automountServiceAccountToken: {{ .Values.defaultBackend.serviceAccount.automountServiceAccountToken }}
|
||||
{{- end }}
|
||||
|
||||
@@ -20,7 +20,7 @@ tests:
|
||||
of: ServiceAccount
|
||||
- equal:
|
||||
path: metadata.name
|
||||
value: RELEASE-NAME-ingress-nginx-admission
|
||||
value: ingress-nginx-admission
|
||||
|
||||
- it: should create a ServiceAccount with specified name if `controller.admissionWebhooks.patch.serviceAccount.name` is set
|
||||
set:
|
||||
|
||||
@@ -1,32 +0,0 @@
|
||||
suite: Admission Webhooks > ValidatingWebhookConfiguration
|
||||
templates:
|
||||
- admission-webhooks/validating-webhook.yaml
|
||||
|
||||
tests:
|
||||
- it: should not create a ValidatingWebhookConfiguration if `controller.admissionWebhooks.enabled` is false
|
||||
set:
|
||||
controller.admissionWebhooks.enabled: false
|
||||
asserts:
|
||||
- hasDocuments:
|
||||
count: 0
|
||||
|
||||
- it: should create a ValidatingWebhookConfiguration if `controller.admissionWebhooks.enabled` is true
|
||||
set:
|
||||
controller.admissionWebhooks.enabled: true
|
||||
asserts:
|
||||
- hasDocuments:
|
||||
count: 1
|
||||
- isKind:
|
||||
of: ValidatingWebhookConfiguration
|
||||
- equal:
|
||||
path: metadata.name
|
||||
value: RELEASE-NAME-ingress-nginx-admission
|
||||
|
||||
- it: should create a ValidatingWebhookConfiguration with a custom port if `controller.admissionWebhooks.service.servicePort` is set
|
||||
set:
|
||||
controller.admissionWebhooks.enabled: true
|
||||
controller.admissionWebhooks.service.servicePort: 9443
|
||||
asserts:
|
||||
- equal:
|
||||
path: webhooks[0].clientConfig.service.port
|
||||
value: 9443
|
||||
@@ -16,16 +16,16 @@ tests:
|
||||
- it: should create a ConfigMap with templated values if `controller.config` contains templates
|
||||
set:
|
||||
controller.config:
|
||||
template: "test.{{ .Release.Namespace }}.svc.kubernetes.local"
|
||||
integer: 12345
|
||||
boolean: true
|
||||
global-rate-limit-memcached-host: "memcached.{{ .Release.Namespace }}.svc.kubernetes.local"
|
||||
global-rate-limit-memcached-port: 11211
|
||||
use-gzip: true
|
||||
asserts:
|
||||
- equal:
|
||||
path: data.template
|
||||
value: test.NAMESPACE.svc.kubernetes.local
|
||||
path: data.global-rate-limit-memcached-host
|
||||
value: memcached.NAMESPACE.svc.kubernetes.local
|
||||
- equal:
|
||||
path: data.integer
|
||||
value: "12345"
|
||||
path: data.global-rate-limit-memcached-port
|
||||
value: "11211"
|
||||
- equal:
|
||||
path: data.boolean
|
||||
path: data.use-gzip
|
||||
value: "true"
|
||||
|
||||
@@ -139,34 +139,12 @@ tests:
|
||||
- controller
|
||||
topologyKey: kubernetes.io/hostname
|
||||
|
||||
- it: should create a DaemonSet with a custom registry if `controller.image.registry` is set
|
||||
set:
|
||||
controller.kind: DaemonSet
|
||||
controller.image.registry: custom.registry.io
|
||||
controller.image.tag: v1.0.0-dev
|
||||
controller.image.digest: sha256:faa2d18687f734994b6bd9e309e7a73852a81c30e1b8f63165fcd4f0a087e3cd
|
||||
asserts:
|
||||
- equal:
|
||||
path: spec.template.spec.containers[0].image
|
||||
value: custom.registry.io/ingress-nginx/controller:v1.0.0-dev@sha256:faa2d18687f734994b6bd9e309e7a73852a81c30e1b8f63165fcd4f0a087e3cd
|
||||
|
||||
- it: should create a DaemonSet with a custom image if `controller.image.image` is set
|
||||
set:
|
||||
controller.kind: DaemonSet
|
||||
controller.image.image: custom-repo/custom-image
|
||||
controller.image.tag: v1.0.0-dev
|
||||
controller.image.digest: sha256:faa2d18687f734994b6bd9e309e7a73852a81c30e1b8f63165fcd4f0a087e3cd
|
||||
asserts:
|
||||
- equal:
|
||||
path: spec.template.spec.containers[0].image
|
||||
value: registry.k8s.io/custom-repo/custom-image:v1.0.0-dev@sha256:faa2d18687f734994b6bd9e309e7a73852a81c30e1b8f63165fcd4f0a087e3cd
|
||||
|
||||
- it: should create a DaemonSet with a custom tag if `controller.image.tag` is set
|
||||
set:
|
||||
controller.kind: DaemonSet
|
||||
controller.image.tag: custom-tag
|
||||
controller.image.tag: my-little-custom-tag
|
||||
controller.image.digest: sha256:faa2d18687f734994b6bd9e309e7a73852a81c30e1b8f63165fcd4f0a087e3cd
|
||||
asserts:
|
||||
- equal:
|
||||
path: spec.template.spec.containers[0].image
|
||||
value: registry.k8s.io/ingress-nginx/controller:custom-tag@sha256:faa2d18687f734994b6bd9e309e7a73852a81c30e1b8f63165fcd4f0a087e3cd
|
||||
value: registry.k8s.io/ingress-nginx/controller:my-little-custom-tag@sha256:faa2d18687f734994b6bd9e309e7a73852a81c30e1b8f63165fcd4f0a087e3cd
|
||||
|
||||
@@ -161,31 +161,11 @@ tests:
|
||||
- controller
|
||||
topologyKey: kubernetes.io/hostname
|
||||
|
||||
- it: should create a Deployment with a custom registry if `controller.image.registry` is set
|
||||
set:
|
||||
controller.image.registry: custom.registry.io
|
||||
controller.image.tag: v1.0.0-dev
|
||||
controller.image.digest: sha256:faa2d18687f734994b6bd9e309e7a73852a81c30e1b8f63165fcd4f0a087e3cd
|
||||
asserts:
|
||||
- equal:
|
||||
path: spec.template.spec.containers[0].image
|
||||
value: custom.registry.io/ingress-nginx/controller:v1.0.0-dev@sha256:faa2d18687f734994b6bd9e309e7a73852a81c30e1b8f63165fcd4f0a087e3cd
|
||||
|
||||
- it: should create a Deployment with a custom image if `controller.image.image` is set
|
||||
set:
|
||||
controller.image.image: custom-repo/custom-image
|
||||
controller.image.tag: v1.0.0-dev
|
||||
controller.image.digest: sha256:faa2d18687f734994b6bd9e309e7a73852a81c30e1b8f63165fcd4f0a087e3cd
|
||||
asserts:
|
||||
- equal:
|
||||
path: spec.template.spec.containers[0].image
|
||||
value: registry.k8s.io/custom-repo/custom-image:v1.0.0-dev@sha256:faa2d18687f734994b6bd9e309e7a73852a81c30e1b8f63165fcd4f0a087e3cd
|
||||
|
||||
- it: should create a Deployment with a custom tag if `controller.image.tag` is set
|
||||
set:
|
||||
controller.image.tag: custom-tag
|
||||
controller.image.tag: my-little-custom-tag
|
||||
controller.image.digest: sha256:faa2d18687f734994b6bd9e309e7a73852a81c30e1b8f63165fcd4f0a087e3cd
|
||||
asserts:
|
||||
- equal:
|
||||
path: spec.template.spec.containers[0].image
|
||||
value: registry.k8s.io/ingress-nginx/controller:custom-tag@sha256:faa2d18687f734994b6bd9e309e7a73852a81c30e1b8f63165fcd4f0a087e3cd
|
||||
value: registry.k8s.io/ingress-nginx/controller:my-little-custom-tag@sha256:faa2d18687f734994b6bd9e309e7a73852a81c30e1b8f63165fcd4f0a087e3cd
|
||||
|
||||
@@ -71,19 +71,3 @@ tests:
|
||||
asserts:
|
||||
- hasDocuments:
|
||||
count: 0
|
||||
|
||||
- it: should create a PodDisruptionBudget without `minAvailable` and with `maxUnavailable` if `controller.minAvailable` and `controller.maxUnavailable` are set
|
||||
set:
|
||||
controller.replicaCount: 2
|
||||
controller.minAvailable: 1
|
||||
controller.maxUnavailable: 1
|
||||
asserts:
|
||||
- hasDocuments:
|
||||
count: 1
|
||||
- isKind:
|
||||
of: PodDisruptionBudget
|
||||
- notExists:
|
||||
path: spec.minAvailable
|
||||
- equal:
|
||||
path: spec.maxUnavailable
|
||||
value: 1
|
||||
|
||||
@@ -1,17 +0,0 @@
|
||||
suite: Controller > PrometheusRule
|
||||
templates:
|
||||
- controller-prometheusrule.yaml
|
||||
|
||||
tests:
|
||||
- it: should create a PrometheusRule if `controller.metrics.prometheusRule.enabled` is true
|
||||
set:
|
||||
controller.metrics.enabled: true
|
||||
controller.metrics.prometheusRule.enabled: true
|
||||
asserts:
|
||||
- hasDocuments:
|
||||
count: 1
|
||||
- isKind:
|
||||
of: PrometheusRule
|
||||
- equal:
|
||||
path: metadata.name
|
||||
value: RELEASE-NAME-ingress-nginx-controller
|
||||
@@ -1,32 +0,0 @@
|
||||
suite: Controller > Service > Webhook
|
||||
templates:
|
||||
- controller-service-webhook.yaml
|
||||
|
||||
tests:
|
||||
- it: should not create a webhook Service if `controller.admissionWebhooks.enabled` is false
|
||||
set:
|
||||
controller.admissionWebhooks.enabled: false
|
||||
asserts:
|
||||
- hasDocuments:
|
||||
count: 0
|
||||
|
||||
- it: should create a webhook Service if `controller.admissionWebhooks.enabled` is true
|
||||
set:
|
||||
controller.admissionWebhooks.enabled: true
|
||||
asserts:
|
||||
- hasDocuments:
|
||||
count: 1
|
||||
- isKind:
|
||||
of: Service
|
||||
- equal:
|
||||
path: metadata.name
|
||||
value: RELEASE-NAME-ingress-nginx-controller-admission
|
||||
|
||||
- it: should create a webhook Service with a custom port if `controller.admissionWebhooks.service.servicePort` is set
|
||||
set:
|
||||
controller.admissionWebhooks.enabled: true
|
||||
controller.admissionWebhooks.service.servicePort: 9443
|
||||
asserts:
|
||||
- equal:
|
||||
path: spec.ports[0].port
|
||||
value: 9443
|
||||
@@ -1,47 +0,0 @@
|
||||
suite: Controller > ServiceAccount
|
||||
templates:
|
||||
- controller-serviceaccount.yaml
|
||||
|
||||
tests:
|
||||
- it: should not create a ServiceAccount if `serviceAccount.create` is false
|
||||
set:
|
||||
serviceAccount.create: false
|
||||
asserts:
|
||||
- hasDocuments:
|
||||
count: 0
|
||||
|
||||
- it: should create a ServiceAccount if `serviceAccount.create` is true
|
||||
set:
|
||||
serviceAccount.create: true
|
||||
asserts:
|
||||
- hasDocuments:
|
||||
count: 1
|
||||
- isKind:
|
||||
of: ServiceAccount
|
||||
- equal:
|
||||
path: metadata.name
|
||||
value: RELEASE-NAME-ingress-nginx
|
||||
|
||||
- it: should create a ServiceAccount with specified name if `serviceAccount.name` is set
|
||||
set:
|
||||
serviceAccount.name: ingress-nginx-admission-test-sa
|
||||
asserts:
|
||||
- hasDocuments:
|
||||
count: 1
|
||||
- isKind:
|
||||
of: ServiceAccount
|
||||
- equal:
|
||||
path: metadata.name
|
||||
value: ingress-nginx-admission-test-sa
|
||||
|
||||
- it: should create a ServiceAccount with token auto-mounting disabled if `serviceAccount.automountServiceAccountToken` is false
|
||||
set:
|
||||
serviceAccount.automountServiceAccountToken: false
|
||||
asserts:
|
||||
- hasDocuments:
|
||||
count: 1
|
||||
- isKind:
|
||||
of: ServiceAccount
|
||||
- equal:
|
||||
path: automountServiceAccountToken
|
||||
value: false
|
||||
@@ -1,29 +0,0 @@
|
||||
suite: Controller > ServiceMonitor
|
||||
templates:
|
||||
- controller-servicemonitor.yaml
|
||||
|
||||
tests:
|
||||
- it: should create a ServiceMonitor if `controller.metrics.serviceMonitor.enabled` is true
|
||||
set:
|
||||
controller.metrics.enabled: true
|
||||
controller.metrics.serviceMonitor.enabled: true
|
||||
asserts:
|
||||
- hasDocuments:
|
||||
count: 1
|
||||
- isKind:
|
||||
of: ServiceMonitor
|
||||
- equal:
|
||||
path: metadata.name
|
||||
value: RELEASE-NAME-ingress-nginx-controller
|
||||
|
||||
- it: should create a ServiceMonitor with annotations if `controller.metrics.serviceMonitor.annotations` is set
|
||||
set:
|
||||
controller.metrics.enabled: true
|
||||
controller.metrics.serviceMonitor.enabled: true
|
||||
controller.metrics.serviceMonitor.annotations:
|
||||
my-little-annotation: test-value
|
||||
asserts:
|
||||
- equal:
|
||||
path: metadata.annotations
|
||||
value:
|
||||
my-little-annotation: test-value
|
||||
@@ -135,35 +135,3 @@ tests:
|
||||
values:
|
||||
- default-backend
|
||||
topologyKey: kubernetes.io/hostname
|
||||
|
||||
- it: should create a Deployment with a custom registry if `defaultBackend.image.registry` is set
|
||||
set:
|
||||
defaultBackend.enabled: true
|
||||
defaultBackend.image.registry: custom.registry.io
|
||||
defaultBackend.image.tag: v1.0.0-dev
|
||||
defaultBackend.image.digest: sha256:faa2d18687f734994b6bd9e309e7a73852a81c30e1b8f63165fcd4f0a087e3cd
|
||||
asserts:
|
||||
- equal:
|
||||
path: spec.template.spec.containers[0].image
|
||||
value: custom.registry.io/defaultbackend-amd64:v1.0.0-dev@sha256:faa2d18687f734994b6bd9e309e7a73852a81c30e1b8f63165fcd4f0a087e3cd
|
||||
|
||||
- it: should create a Deployment with a custom image if `defaultBackend.image.image` is set
|
||||
set:
|
||||
defaultBackend.enabled: true
|
||||
defaultBackend.image.image: custom-repo/custom-image
|
||||
defaultBackend.image.tag: v1.0.0-dev
|
||||
defaultBackend.image.digest: sha256:faa2d18687f734994b6bd9e309e7a73852a81c30e1b8f63165fcd4f0a087e3cd
|
||||
asserts:
|
||||
- equal:
|
||||
path: spec.template.spec.containers[0].image
|
||||
value: registry.k8s.io/custom-repo/custom-image:v1.0.0-dev@sha256:faa2d18687f734994b6bd9e309e7a73852a81c30e1b8f63165fcd4f0a087e3cd
|
||||
|
||||
- it: should create a Deployment with a custom tag if `defaultBackend.image.tag` is set
|
||||
set:
|
||||
defaultBackend.enabled: true
|
||||
defaultBackend.image.tag: custom-tag
|
||||
defaultBackend.image.digest: sha256:faa2d18687f734994b6bd9e309e7a73852a81c30e1b8f63165fcd4f0a087e3cd
|
||||
asserts:
|
||||
- equal:
|
||||
path: spec.template.spec.containers[0].image
|
||||
value: registry.k8s.io/defaultbackend-amd64:custom-tag@sha256:faa2d18687f734994b6bd9e309e7a73852a81c30e1b8f63165fcd4f0a087e3cd
|
||||
|
||||
@@ -1,48 +0,0 @@
|
||||
suite: Default Backend > PodDisruptionBudget
|
||||
templates:
|
||||
- default-backend-poddisruptionbudget.yaml
|
||||
|
||||
tests:
|
||||
- it: should create a PodDisruptionBudget if `defaultBackend.replicaCount` is greater than 1
|
||||
set:
|
||||
defaultBackend.enabled: true
|
||||
defaultBackend.replicaCount: 2
|
||||
asserts:
|
||||
- hasDocuments:
|
||||
count: 1
|
||||
- isKind:
|
||||
of: PodDisruptionBudget
|
||||
- equal:
|
||||
path: metadata.name
|
||||
value: RELEASE-NAME-ingress-nginx-defaultbackend
|
||||
|
||||
- it: should not create a PodDisruptionBudget if `defaultBackend.replicaCount` is less than or equal 1
|
||||
set:
|
||||
defaultBackend.enabled: true
|
||||
defaultBackend.replicaCount: 1
|
||||
asserts:
|
||||
- hasDocuments:
|
||||
count: 0
|
||||
|
||||
- it: should create a PodDisruptionBudget if `defaultBackend.autoscaling.enabled` is true and `defaultBackend.autoscaling.minReplicas` is greater than 1
|
||||
set:
|
||||
defaultBackend.enabled: true
|
||||
defaultBackend.autoscaling.enabled: true
|
||||
defaultBackend.autoscaling.minReplicas: 2
|
||||
asserts:
|
||||
- hasDocuments:
|
||||
count: 1
|
||||
- isKind:
|
||||
of: PodDisruptionBudget
|
||||
- equal:
|
||||
path: metadata.name
|
||||
value: RELEASE-NAME-ingress-nginx-defaultbackend
|
||||
|
||||
- it: should not create a PodDisruptionBudget if `defaultBackend.autoscaling.enabled` is true and `defaultBackend.autoscaling.minReplicas` is less than or equal 1
|
||||
set:
|
||||
defaultBackend.enabled: true
|
||||
defaultBackend.autoscaling.enabled: true
|
||||
defaultBackend.autoscaling.minReplicas: 1
|
||||
asserts:
|
||||
- hasDocuments:
|
||||
count: 0
|
||||
@@ -1,51 +0,0 @@
|
||||
suite: Default Backend > ServiceAccount
|
||||
templates:
|
||||
- default-backend-serviceaccount.yaml
|
||||
|
||||
tests:
|
||||
- it: should not create a ServiceAccount if `defaultBackend.serviceAccount.create` is false
|
||||
set:
|
||||
defaultBackend.enabled: true
|
||||
defaultBackend.serviceAccount.create: false
|
||||
asserts:
|
||||
- hasDocuments:
|
||||
count: 0
|
||||
|
||||
- it: should create a ServiceAccount if `defaultBackend.serviceAccount.create` is true
|
||||
set:
|
||||
defaultBackend.enabled: true
|
||||
defaultBackend.serviceAccount.create: true
|
||||
asserts:
|
||||
- hasDocuments:
|
||||
count: 1
|
||||
- isKind:
|
||||
of: ServiceAccount
|
||||
- equal:
|
||||
path: metadata.name
|
||||
value: RELEASE-NAME-ingress-nginx-backend
|
||||
|
||||
- it: should create a ServiceAccount with specified name if `defaultBackend.serviceAccount.name` is set
|
||||
set:
|
||||
defaultBackend.enabled: true
|
||||
defaultBackend.serviceAccount.name: ingress-nginx-admission-test-sa
|
||||
asserts:
|
||||
- hasDocuments:
|
||||
count: 1
|
||||
- isKind:
|
||||
of: ServiceAccount
|
||||
- equal:
|
||||
path: metadata.name
|
||||
value: ingress-nginx-admission-test-sa
|
||||
|
||||
- it: should create a ServiceAccount with token auto-mounting disabled if `defaultBackend.serviceAccount.automountServiceAccountToken` is false
|
||||
set:
|
||||
defaultBackend.enabled: true
|
||||
defaultBackend.serviceAccount.automountServiceAccountToken: false
|
||||
asserts:
|
||||
- hasDocuments:
|
||||
count: 1
|
||||
- isKind:
|
||||
of: ServiceAccount
|
||||
- equal:
|
||||
path: automountServiceAccountToken
|
||||
value: false
|
||||
@@ -26,9 +26,9 @@ controller:
|
||||
## for backwards compatibility consider setting the full image url via the repository value below
|
||||
## use *either* current default registry/image or repository format or installing chart by providing the values.yaml will fail
|
||||
## repository:
|
||||
tag: "v1.11.5"
|
||||
digest: sha256:a1cbad75b0a7098bf9325132794dddf9eef917e8a7fe246749a4cea7ff6f01eb
|
||||
digestChroot: sha256:ec9df3eb6b06563a079ee46045da94cbf750f7dbb16fdbcb9e3265b551ed72ad
|
||||
tag: "v1.11.2"
|
||||
digest: sha256:d5f8217feeac4887cb1ed21f27c2674e58be06bd8f5184cacea2a69abaf78dce
|
||||
digestChroot: sha256:21b55a2f0213a18b91612a8c0850167e00a8e34391fd595139a708f9c047e7a8
|
||||
pullPolicy: IfNotPresent
|
||||
runAsNonRoot: true
|
||||
# www-data -> uid 101
|
||||
@@ -194,7 +194,7 @@ controller:
|
||||
# -- Annotations to be added to the udp config configmap
|
||||
annotations: {}
|
||||
# -- Maxmind license key to download GeoLite2 Databases.
|
||||
## https://blog.maxmind.com/2019/12/significant-changes-to-accessing-and-using-geolite2-databases/
|
||||
## https://blog.maxmind.com/2019/12/18/significant-changes-to-accessing-and-using-geolite2-databases
|
||||
maxmindLicenseKey: ""
|
||||
# -- Additional command line arguments to pass to Ingress-Nginx Controller
|
||||
# E.g. to specify the default SSL certificate you can use
|
||||
@@ -299,8 +299,6 @@ controller:
|
||||
# app.kubernetes.io/name: '{{ include "ingress-nginx.name" . }}'
|
||||
# app.kubernetes.io/instance: '{{ .Release.Name }}'
|
||||
# app.kubernetes.io/component: controller
|
||||
# matchLabelKeys:
|
||||
# - pod-template-hash
|
||||
# topologyKey: topology.kubernetes.io/zone
|
||||
# maxSkew: 1
|
||||
# whenUnsatisfiable: ScheduleAnyway
|
||||
@@ -309,8 +307,6 @@ controller:
|
||||
# app.kubernetes.io/name: '{{ include "ingress-nginx.name" . }}'
|
||||
# app.kubernetes.io/instance: '{{ .Release.Name }}'
|
||||
# app.kubernetes.io/component: controller
|
||||
# matchLabelKeys:
|
||||
# - pod-template-hash
|
||||
# topologyKey: kubernetes.io/hostname
|
||||
# maxSkew: 1
|
||||
# whenUnsatisfiable: ScheduleAnyway
|
||||
@@ -808,8 +804,8 @@ controller:
|
||||
## for backwards compatibility consider setting the full image url via the repository value below
|
||||
## use *either* current default registry/image or repository format or installing chart by providing the values.yaml will fail
|
||||
## repository:
|
||||
tag: v1.5.2
|
||||
digest: sha256:e8825994b7a2c7497375a9b945f386506ca6a3eda80b89b74ef2db743f66a5ea
|
||||
tag: v1.4.3
|
||||
digest: sha256:a320a50cc91bd15fd2d6fa6de58bd98c1bd64b9a6f926ce23a600d87043455a3
|
||||
pullPolicy: IfNotPresent
|
||||
# -- Provide a priority class name to the webhook patching job
|
||||
##
|
||||
@@ -877,7 +873,6 @@ controller:
|
||||
serviceMonitor:
|
||||
enabled: false
|
||||
additionalLabels: {}
|
||||
# -- Annotations to be added to the ServiceMonitor.
|
||||
annotations: {}
|
||||
## The label to use to retrieve the job name from.
|
||||
## jobLabel: "app.kubernetes.io/name"
|
||||
@@ -1067,8 +1062,6 @@ defaultBackend:
|
||||
# app.kubernetes.io/name: '{{ include "ingress-nginx.name" . }}'
|
||||
# app.kubernetes.io/instance: '{{ .Release.Name }}'
|
||||
# app.kubernetes.io/component: default-backend
|
||||
# matchLabelKeys:
|
||||
# - pod-template-hash
|
||||
# topologyKey: topology.kubernetes.io/zone
|
||||
# maxSkew: 1
|
||||
# whenUnsatisfiable: ScheduleAnyway
|
||||
@@ -1077,8 +1070,6 @@ defaultBackend:
|
||||
# app.kubernetes.io/name: '{{ include "ingress-nginx.name" . }}'
|
||||
# app.kubernetes.io/instance: '{{ .Release.Name }}'
|
||||
# app.kubernetes.io/component: default-backend
|
||||
# matchLabelKeys:
|
||||
# - pod-template-hash
|
||||
# topologyKey: kubernetes.io/hostname
|
||||
# maxSkew: 1
|
||||
# whenUnsatisfiable: ScheduleAnyway
|
||||
@@ -1099,7 +1090,6 @@ defaultBackend:
|
||||
##
|
||||
podAnnotations: {}
|
||||
replicaCount: 1
|
||||
# -- Minimum available pods set in PodDisruptionBudget.
|
||||
minAvailable: 1
|
||||
resources: {}
|
||||
# limits:
|
||||
|
||||
@@ -5,8 +5,8 @@ ingress-nginx:
|
||||
image:
|
||||
registry: ghcr.io
|
||||
image: cozystack/ingress-nginx-with-protobuf-exporter/controller
|
||||
tag: v1.11.5
|
||||
digest: sha256:b78ae118129a9417d4126744cab2fc2f777b3a9ac460d74caa4b57a479b98ead
|
||||
tag: v1.11.2
|
||||
digest: sha256:beba8869ee370599e1f26557a9669ebdc9481c07b34059f348eb3e17b647e7e0
|
||||
allowSnippetAnnotations: true
|
||||
replicaCount: 2
|
||||
admissionWebhooks:
|
||||
@@ -16,10 +16,17 @@ ingress-nginx:
|
||||
enabled: true
|
||||
extraContainers:
|
||||
- name: protobuf-exporter
|
||||
image: ghcr.io/cozystack/ingress-nginx-with-protobuf-exporter/protobuf-exporter:v1.11.5@sha256:1e60d53324c2028d6f20136cdd5553ebf2d1288aefc5900b96cd379680fc25dc
|
||||
image: ghcr.io/kvaps/ingress-nginx-with-protobuf-exporter/protobuf-exporter:v1.11.2@sha256:6d9235a9ee6f2be1921db4687afbdcd85d145b087dd916b5a96455bdb5cff560
|
||||
args:
|
||||
- --server.telemetry-address=0.0.0.0:9090
|
||||
- --server.exporter-address=0.0.0.0:9091
|
||||
resources:
|
||||
limits:
|
||||
cpu: 100m
|
||||
memory: 90Mi
|
||||
requests:
|
||||
cpu: 100m
|
||||
memory: 90Mi
|
||||
service:
|
||||
#type: NodePort # ClusterIP
|
||||
externalTrafficPolicy: "Local"
|
||||
@@ -40,8 +47,22 @@ ingress-nginx:
|
||||
upstream-keepalive-timeout: "60"
|
||||
upstream-keepalive-connections: "320"
|
||||
ssl-session-tickets: "true"
|
||||
|
||||
resources:
|
||||
limits:
|
||||
cpu: "1"
|
||||
memory: 2048Mi
|
||||
requests:
|
||||
cpu: 100m
|
||||
memory: 90Mi
|
||||
|
||||
defaultBackend:
|
||||
##
|
||||
enabled: true
|
||||
resources:
|
||||
limits:
|
||||
cpu: 10m
|
||||
memory: 20Mi
|
||||
requests:
|
||||
cpu: 10m
|
||||
memory: 20Mi
|
||||
|
||||
|
||||
@@ -3,7 +3,7 @@ kamaji:
|
||||
deploy: false
|
||||
image:
|
||||
pullPolicy: IfNotPresent
|
||||
tag: v0.28.1@sha256:aceb8519b5497a37de26e044eaca4366ac5cf7e8fc5ad667013dbbd3be85d44c
|
||||
tag: v0.28.2@sha256:20fda048d6097b59bdb4d2b036d2890ca85f1ba1ec7051182831e4559edfa226
|
||||
repository: ghcr.io/cozystack/cozystack/kamaji
|
||||
resources:
|
||||
limits:
|
||||
|
||||
@@ -1,3 +1,3 @@
|
||||
portSecurity: true
|
||||
routes: ""
|
||||
image: ghcr.io/cozystack/cozystack/kubeovn-webhook:v0.28.1@sha256:56605ce59bed9b1163c79b8255fa5d72d73cb53923d15fc2665e8e6736c0aa51
|
||||
image: ghcr.io/cozystack/cozystack/kubeovn-webhook:v0.28.2@sha256:587f25f7005d68f2e46f1fc135b35eabdb5bc43c7d60f617eb75bd608d876bab
|
||||
|
||||
@@ -22,4 +22,4 @@ global:
|
||||
images:
|
||||
kubeovn:
|
||||
repository: kubeovn
|
||||
tag: v1.13.3@sha256:ce2355a70e58fc62f1e5c36c0f41b625574e49d2580e11124318439f5b0d86be
|
||||
tag: v1.13.3@sha256:8c4d665b67562286ded1fa796a747c4c621bc59d77f2854615fd66fd572fffcb
|
||||
|
||||
Reference in New Issue
Block a user