You are viewing a plain text version of this content. The canonical link for it is here.
Posted to notifications@apisix.apache.org by we...@apache.org on 2020/12/07 07:28:26 UTC
[apisix-helm-chart] branch master updated: feat: adjustments for
APISIX 2.1 release (#4)
This is an automated email from the ASF dual-hosted git repository.
wenming pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/apisix-helm-chart.git
The following commit(s) were added to refs/heads/master by this push:
new 5cbe910 feat: adjustments for APISIX 2.1 release (#4)
5cbe910 is described below
commit 5cbe9105e17464d9f7ccf9584a79c7f78fac2046
Author: kv <gx...@163.com>
AuthorDate: Mon Dec 7 15:27:54 2020 +0800
feat: adjustments for APISIX 2.1 release (#4)
---
.gitignore | 3 +
README.md | 64 ++++++++++++++++++---
chart/apisix/Chart.yaml | 11 +++-
chart/apisix/templates/configmap.yaml | 23 ++++++--
chart/apisix/templates/deployment.yaml | 14 ++---
chart/apisix/templates/hpa.yaml | 1 +
chart/apisix/templates/ingress.yaml | 57 -------------------
chart/apisix/templates/service-gateway.yaml | 1 +
chart/apisix/templates/tests/test-connection.yaml | 31 ----------
chart/apisix/values.yaml | 69 ++++++++++++++++-------
10 files changed, 144 insertions(+), 130 deletions(-)
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..946867d
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,3 @@
+.DS_Store
+*.tgz
+*.lock
\ No newline at end of file
diff --git a/README.md b/README.md
index 5a3bc63..7bd3e9f 100644
--- a/README.md
+++ b/README.md
@@ -17,14 +17,64 @@
#
-->
-Apache APISIX
-=============
+# Apache APISIX Helm Charts
-## Documentation
+## Dependencies
-#### Prerequisites
+Update the dependency chart
-* Install etcd
+```shell
+$ helm repo add bitnami https://charts.bitnami.com/bitnami
+$ helm dependency update ./chart/apisix
+```
-#### Deploy the chart
-$ helm install <release_name> ./chart/apisix
\ No newline at end of file
+## Install
+
+```shell
+$ helm install apisix ./chart/apisix -n default
+```
+
+## Uninstall
+
+```shell
+helm uninstall apisix ./chart/apisix -n default
+```
+
+## FAQ
+
+1. How to install APISIX only?
+
+The Charts will install etcd 3.4.14 by default. If you want to install Apache APISIX only, please set `etcd.enabled=false` and set `etcd.host=http://your_etcd_address:2379`.
+
+Please use the FQDN address or the IP of the etcd.
+
+```shell
+$ helm install apisix ./chart/apisix -n default \
+ --set etcd.enabled=false \
+ --set etcd.host=http://your_etcd_address:2379
+```
+
+2. Why get 403 when I access Apache APISIX admin api?
+
+We can define `allow.ipList` in CIDR.
+
+```shell
+$ helm install apisix ./chart/apisix -n default \
+ --set allow.ipList="10.22.100.12/8" \
+ --set allow.ipList="172.0.0.0/24"
+```
+
+If you want to allow all IPs for a quick test, just set `allow.ipList=""`
+
+```shell
+$ helm install apisix ./chart/apisix -n default \
+ --set allow.ipList=""
+```
+
+## Seeking help
+
+- Mailing List: Mail to dev-subscribe@apisix.apache.org, follow the reply to subscribe the mailing list.
+- QQ Group - 578997126, 552030619
+- [Slack Workspace](http://s.apache.org/slack-invite) - join `#apisix` on our Slack to meet the team and ask questions
+- ![Twitter Follow](https://img.shields.io/twitter/follow/ApacheAPISIX?style=social) - follow and interact with us using hashtag `#ApacheAPISIX`
+- [bilibili video](https://space.bilibili.com/551921247)
diff --git a/chart/apisix/Chart.yaml b/chart/apisix/Chart.yaml
index fa435a3..9cf6a14 100644
--- a/chart/apisix/Chart.yaml
+++ b/chart/apisix/Chart.yaml
@@ -31,9 +31,16 @@ type: application
# This is the chart version. This version number should be incremented each time you make changes
# to the chart and its templates, including the app version.
# Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 0.1.0
+version: 0.1.1
# This is the version number of the application being deployed. This version number should be
# incremented each time you make changes to the application. Versions are not expected to
# follow Semantic Versioning. They should reflect the version the application is using.
-appVersion: 1.16.0
+appVersion: 2.1.0
+
+dependencies:
+ - name: etcd
+ version: 5.2.1
+ repository: https://charts.bitnami.com/bitnami
+ condition: etcd.enabled
+
diff --git a/chart/apisix/templates/configmap.yaml b/chart/apisix/templates/configmap.yaml
index 5e69fa0..36e500e 100644
--- a/chart/apisix/templates/configmap.yaml
+++ b/chart/apisix/templates/configmap.yaml
@@ -18,6 +18,7 @@ apiVersion: v1
kind: ConfigMap
metadata:
name: {{ include "apisix.fullname" . }}
+ namespace: {{ .Release.Namespace }}
data:
config.yaml: |-
#
@@ -72,9 +73,14 @@ data:
# disk_path: "/tmp/disk_cache_two"
# cache_levels: "1:2"
- # allow_admin: # http://nginx.org/en/docs/http/ngx_http_access_module.html#allow
- # - 127.0.0.0/24 # If we don't set any IP list, then any IP access is allowed by default.
- # - 172.17.0.0/24
+ allow_admin: # http://nginx.org/en/docs/http/ngx_http_access_module.html#allow
+ {{- if .Values.allow.ipList }}
+ {{- range $ips := .Values.allow.ipList }}
+ - {{ $ips }}
+ {{- end }}
+ {{- else }}
+ - 0.0.0.0/0
+ {{- end}}
# - "::/64"
# port_admin: 9180 # use a separate port
@@ -137,12 +143,19 @@ data:
# ipc_shared_dict: 100m # custom shared cache, format: `cache-key: cache-size`
etcd:
+ {{- if .Values.etcd.enabled }}
host: # it's possible to define multiple etcd hosts addresses of the same etcd cluster.
- - {{ .Values.etcd.host | quote }} # multiple etcd address
+ - "http://{{ .Release.Name }}-etcd.{{ .Release.Namespace }}.svc.{{ .Values.gateway.k8s_domain }}:{{ .Values.etcd.port }}"
+ {{- else }}
+ host: # it's possible to define multiple etcd hosts addresses of the same etcd cluster.
+ - "http://{{ .Values.etcd.host }}:{{ .Values.etcd.port }}" # multiple etcd address
+ {{- end }}
prefix: {{ .Values.etcd.prefix | quote }} # apisix configurations prefix
- timeout: {{ .Values.etcd.timeout }} # 3 seconds
+ timeout: {{ .Values.etcd.timeout }} # 30 seconds
+ {{- if .Values.plugins }}
plugins: # plugin list
+ {{- end }}
{{- range $plugin := .Values.plugins }}
- {{ $plugin }}
{{- end }}
diff --git a/chart/apisix/templates/deployment.yaml b/chart/apisix/templates/deployment.yaml
index 7aeef3c..e21bc23 100644
--- a/chart/apisix/templates/deployment.yaml
+++ b/chart/apisix/templates/deployment.yaml
@@ -18,6 +18,7 @@ apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ include "apisix.fullname" . }}
+ namespace: {{ .Release.Namespace }}
labels:
{{- include "apisix.labels" . | nindent 4 }}
spec:
@@ -77,13 +78,12 @@ spec:
subPath: config.yaml
resources:
{{- toYaml .Values.resources | nindent 12 }}
- # - name: dnsmasq
- # image: "janeczku/go-dnsmasq:release-1.0.7"
- # args:
- # - --listen
- # - "127.0.0.1:53"
- # - --default-resolver
- # - --append-search-domains
+ {{- if .Values.etcd.enabled }}
+ initContainers:
+ - name: wait-etcd
+ image: busybox:1.28
+ command: ['sh', '-c', "until nc -z {{ .Release.Name }}-etcd.{{ .Release.Namespace }}.svc.{{ .Values.gateway.k8s_domain }} {{ .Values.etcd.port }}; do echo waiting for etcd `date`; sleep 2; done;"]
+ {{- end }}
volumes:
- configMap:
name: {{ include "apisix.fullname" . }}
diff --git a/chart/apisix/templates/hpa.yaml b/chart/apisix/templates/hpa.yaml
index fe478be..63347f0 100644
--- a/chart/apisix/templates/hpa.yaml
+++ b/chart/apisix/templates/hpa.yaml
@@ -19,6 +19,7 @@ apiVersion: autoscaling/v2beta1
kind: HorizontalPodAutoscaler
metadata:
name: {{ include "apisix.fullname" . }}
+ namespace: {{ .Release.Namespace }}
labels:
{{- include "apisix.labels" . | nindent 4 }}
spec:
diff --git a/chart/apisix/templates/ingress.yaml b/chart/apisix/templates/ingress.yaml
deleted file mode 100644
index e6dcdb7..0000000
--- a/chart/apisix/templates/ingress.yaml
+++ /dev/null
@@ -1,57 +0,0 @@
-#
-# Licensed to the Apache Software Foundation (ASF) under one or more
-# contributor license agreements. See the NOTICE file distributed with
-# this work for additional information regarding copyright ownership.
-# The ASF licenses this file to You under the Apache License, Version 2.0
-# (the "License"); you may not use this file except in compliance with
-# the License. You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-{{- if .Values.gateway.ingress.enabled -}}
-{{- $fullName := include "apisix.fullname" . -}}
-{{- $svcPort := .Values.gateway.http.servicePort -}}
-{{- if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}}
-apiVersion: networking.k8s.io/v1beta1
-{{- else -}}
-apiVersion: extensions/v1beta1
-{{- end }}
-kind: Ingress
-metadata:
- name: {{ $fullName }}
- labels:
- {{- include "apisix.labels" . | nindent 4 }}
- {{- with .Values.gateway.ingress.annotations }}
- annotations:
- {{- toYaml . | nindent 4 }}
- {{- end }}
-spec:
- {{- if .Values.gateway.ingress.tls }}
- tls:
- {{- range .Values.gateway.ingress.tls }}
- - hosts:
- {{- range .hosts }}
- - {{ . | quote }}
- {{- end }}
- secretName: {{ .secretName }}
- {{- end }}
- {{- end }}
- rules:
- {{- range .Values.gateway.ingress.hosts }}
- - host: {{ .host | quote }}
- http:
- paths:
- {{- range .paths }}
- - path: {{ . }}
- backend:
- serviceName: {{ $fullName }}
- servicePort: {{ $svcPort }}
- {{- end }}
- {{- end }}
- {{- end }}
diff --git a/chart/apisix/templates/service-gateway.yaml b/chart/apisix/templates/service-gateway.yaml
index 59f9d58..5866fe2 100644
--- a/chart/apisix/templates/service-gateway.yaml
+++ b/chart/apisix/templates/service-gateway.yaml
@@ -18,6 +18,7 @@ apiVersion: v1
kind: Service
metadata:
name: {{ include "apisix.fullname" . }}-gateway
+ namespace: {{ .Release.Namespace }}
annotations:
{{- range $key, $value := .Values.gateway.annotations }}
{{ $key }}: {{ $value | quote }}
diff --git a/chart/apisix/templates/tests/test-connection.yaml b/chart/apisix/templates/tests/test-connection.yaml
deleted file mode 100644
index d5bf0ea..0000000
--- a/chart/apisix/templates/tests/test-connection.yaml
+++ /dev/null
@@ -1,31 +0,0 @@
-#
-# Licensed to the Apache Software Foundation (ASF) under one or more
-# contributor license agreements. See the NOTICE file distributed with
-# this work for additional information regarding copyright ownership.
-# The ASF licenses this file to You under the Apache License, Version 2.0
-# (the "License"); you may not use this file except in compliance with
-# the License. You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: v1
-kind: Pod
-metadata:
- name: "{{ include "apisix.fullname" . }}-test-connection"
- labels:
- {{- include "apisix.labels" . | nindent 4 }}
- annotations:
- "helm.sh/hook": test-success
-spec:
- containers:
- - name: wget
- image: busybox
- command: ['wget']
- args: ['{{ include "apisix.fullname" . }}:{{ .Values.gateway.http.containerPort }}']
- restartPolicy: Never
diff --git a/chart/apisix/values.yaml b/chart/apisix/values.yaml
index 217d9ea..5de32da 100644
--- a/chart/apisix/values.yaml
+++ b/chart/apisix/values.yaml
@@ -19,7 +19,8 @@ image:
repository: apache/apisix
pullPolicy: IfNotPresent
# Overrides the image tag whose default is the chart appVersion.
- tag: 1.3-alpine
+ tag: 2.1-alpine
+
imagePullSecrets: []
nameOverride: ""
@@ -40,6 +41,7 @@ securityContext: {}
gateway:
type: NodePort
+ k8s_domain: cluster.local
# type: LoadBalancer
# annotations:
# service.beta.kubernetes.io/aws-load-balancer-type: nlb
@@ -70,9 +72,16 @@ gateway:
# etcd configuration
# use the FQDN address or the IP of the etcd
etcd:
- host: http://etcd-apisix.local:2379 # http://172.20.128.89:2379
+ # install etcd(v3) by default, set false if do not want to install etcd(v3) together
+ enabled: true
+ host: etcd.host # host or ip e.g.172.20.128.89
prefix: "/apisix"
- timeout: 3
+ timeout: 30
+ port: 2379
+ auth:
+ rbac:
+ # No authentication by default
+ enabled: false
dns:
resolvers:
@@ -95,34 +104,51 @@ admin:
admin: edd1c9f034335f136f87ad84b625c8f1
viewer: 4054f7cf07e344346cd3f287985e76a2
+allow:
+ # The ip range for allowing access to Apache APISIX
+ ipList:
+ - 127.0.0.1/24
+
# APISIX plugins to be enabled
plugins:
- - example-plugin
- - limit-req
- - limit-count
- - limit-conn
- - key-auth
+ - api-breaker
+ - authz-keycloak
- basic-auth
- - prometheus
- - node-status
- - jwt-auth
- - zipkin
- - ip-restriction
+ - batch-requests
+ - consumer-restriction
+ - cors
+ - echo
+ - fault-injection
- grpc-transcode
- - serverless-pre-function
- - serverless-post-function
+ - hmac-auth
+ - http-logger
+ - ip-restriction
+ - jwt-auth
+ - kafka-logger
+ - key-auth
+ - limit-conn
+ - limit-count
+ - limit-req
+ - node-status
- openid-connect
+ - prometheus
+ - proxy-cache
+ - proxy-mirror
- proxy-rewrite
- redirect
+ - referer-restriction
+ - request-id
+ - request-validation
- response-rewrite
- - fault-injection
+ - serverless-post-function
+ - serverless-pre-function
+ - sls-logger
+ - syslog
+ - tcp-logger
- udp-logger
+ - uri-blocker
- wolf-rbac
- - proxy-cache
- - tcp-logger
- - proxy-mirror
- - kafka-logger
- - cors
+ - zipkin
stream_plugins:
- mqtt-proxy
@@ -154,3 +180,4 @@ nodeSelector: {}
tolerations: []
affinity: {}
+