You are viewing a plain text version of this content. The canonical link for it is here.
Posted to notifications@apisix.apache.org by kv...@apache.org on 2022/01/27 01:46:52 UTC
[apisix-helm-chart] branch master updated: chore: apisix-ingress v1.4 (#208)
This is an automated email from the ASF dual-hosted git repository.
kvn pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/apisix-helm-chart.git
The following commit(s) were added to refs/heads/master by this push:
new 337936c chore: apisix-ingress v1.4 (#208)
337936c is described below
commit 337936c06412395614bc58af995ce5297c5189e7
Author: Jintao Zhang <zh...@gmail.com>
AuthorDate: Thu Jan 27 09:46:47 2022 +0800
chore: apisix-ingress v1.4 (#208)
---
charts/apisix-ingress-controller/Chart.yaml | 4 +-
.../crds/customresourcedefinitions.yaml | 1486 +++++++++++++-------
.../templates/configmap.yaml | 25 +-
.../apisix-ingress-controller/templates/rbac.yaml | 2 +
charts/apisix-ingress-controller/values.yaml | 26 +-
5 files changed, 992 insertions(+), 551 deletions(-)
diff --git a/charts/apisix-ingress-controller/Chart.yaml b/charts/apisix-ingress-controller/Chart.yaml
index 595e6ee..6030d23 100644
--- a/charts/apisix-ingress-controller/Chart.yaml
+++ b/charts/apisix-ingress-controller/Chart.yaml
@@ -24,8 +24,8 @@ keywords:
- nginx
- crd
type: application
-version: 0.8.0
-appVersion: 1.3.0
+version: 0.9.0
+appVersion: 1.4.0
maintainers:
- name: tao12345666333
diff --git a/charts/apisix-ingress-controller/crds/customresourcedefinitions.yaml b/charts/apisix-ingress-controller/crds/customresourcedefinitions.yaml
index bde3e89..487b4be 100644
--- a/charts/apisix-ingress-controller/crds/customresourcedefinitions.yaml
+++ b/charts/apisix-ingress-controller/crds/customresourcedefinitions.yaml
@@ -17,6 +17,8 @@
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
+ labels:
+ apisix.apache.org/app: ingress-apisix
name: apisixclusterconfigs.apisix.apache.org
spec:
group: apisix.apache.org
@@ -29,7 +31,7 @@ spec:
preserveUnknownFields: false
scope: Cluster
versions:
- - name: v2alpha1
+ - name: v2beta3
schema:
openAPIV3Schema:
properties:
@@ -68,10 +70,52 @@ spec:
storage: true
subresources:
status: {}
+ - name: v2alpha1
+ schema:
+ openAPIV3Schema:
+ properties:
+ spec:
+ properties:
+ admin:
+ properties:
+ adminKey:
+ type: string
+ baseURL:
+ pattern: https?://[^:]+:(\d+)
+ type: string
+ required:
+ - baseURL
+ type: object
+ monitoring:
+ properties:
+ prometheus:
+ properties:
+ enable:
+ type: boolean
+ type: object
+ skywalking:
+ properties:
+ enable:
+ type: boolean
+ sampleRatio:
+ maximum: 1
+ minimum: 1e-05
+ type: number
+ type: object
+ type: object
+ type: object
+ type: object
+ served: false
+ storage: false
+ deprecated: true
+ subresources:
+ status: {}
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
+ labels:
+ apisix.apache.org/app: ingress-apisix
name: apisixconsumers.apisix.apache.org
spec:
group: apisix.apache.org
@@ -84,6 +128,80 @@ spec:
preserveUnknownFields: false
scope: Namespaced
versions:
+ - name: v2beta3
+ schema:
+ openAPIV3Schema:
+ properties:
+ spec:
+ properties:
+ authParameter:
+ oneOf:
+ - required:
+ - basicAuth
+ - required:
+ - keyAuth
+ properties:
+ basicAuth:
+ oneOf:
+ - required:
+ - value
+ - required:
+ - secretRef
+ properties:
+ secretRef:
+ properties:
+ name:
+ minLength: 1
+ type: string
+ required:
+ - name
+ type: object
+ value:
+ properties:
+ password:
+ minLength: 1
+ type: string
+ username:
+ minLength: 1
+ type: string
+ required:
+ - username
+ - password
+ type: object
+ type: object
+ keyAuth:
+ oneOf:
+ - required:
+ - value
+ - required:
+ - secretRef
+ properties:
+ secretRef:
+ properties:
+ name:
+ minLength: 1
+ type: string
+ required:
+ - name
+ type: object
+ value:
+ properties:
+ key:
+ minLength: 1
+ type: string
+ required:
+ - key
+ type: object
+ type: object
+ type: object
+ required:
+ - authParameter
+ type: object
+ type: object
+ served: true
+ storage: true
+ subresources:
+ status: {}
- name: v2alpha1
schema:
openAPIV3Schema:
@@ -154,6 +272,77 @@ spec:
- authParameter
type: object
type: object
+ served: false
+ storage: false
+ deprecated: true
+ subresources:
+ status: {}
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ labels:
+ apisix.apache.org/app: ingress-apisix
+ name: apisixpluginconfigs.apisix.apache.org
+spec:
+ group: apisix.apache.org
+ names:
+ kind: ApisixPluginConfig
+ plural: apisixpluginconfigs
+ shortNames:
+ - apc
+ singular: apisixpluginconfig
+ scope: Namespaced
+ versions:
+ - additionalPrinterColumns:
+ - jsonPath: .metadata.creationTimestamp
+ name: Age
+ priority: 0
+ type: date
+ name: v2beta3
+ schema:
+ openAPIV3Schema:
+ properties:
+ spec:
+ properties:
+ plugins:
+ items:
+ properties:
+ config:
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enable:
+ type: boolean
+ name:
+ minLength: 1
+ type: string
+ type: object
+ required:
+ - name
+ - enable
+ type: array
+ required:
+ - plugins
+ type: object
+ status:
+ properties:
+ conditions:
+ items:
+ properties:
+ message:
+ type: string
+ observedGeneration:
+ type: integer
+ reason:
+ type: string
+ status:
+ type: string
+ type:
+ type: string
+ type: object
+ type: array
+ type: object
+ type: object
served: true
storage: true
subresources:
@@ -162,6 +351,8 @@ spec:
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
+ labels:
+ apisix.apache.org/app: ingress-apisix
name: apisixroutes.apisix.apache.org
spec:
group: apisix.apache.org
@@ -199,7 +390,7 @@ spec:
priority: 0
type: date
deprecated: true
- name: v1
+ name: v2beta1
schema:
openAPIV3Schema:
properties:
@@ -243,7 +434,7 @@ spec:
type: object
backend:
properties:
- resolveGranualrity:
+ resolveGranularity:
enum:
- endpoint
- service
@@ -267,7 +458,7 @@ spec:
backends:
items:
properties:
- resolveGranualrity:
+ resolveGranularity:
enum:
- endpoint
- service
@@ -416,7 +607,7 @@ spec:
properties:
backend:
properties:
- resolveGranualrity:
+ resolveGranularity:
enum:
- endpoint
- service
@@ -464,7 +655,7 @@ spec:
properties:
backend:
properties:
- resolveGranualrity:
+ resolveGranularity:
enum:
- endpoint
- service
@@ -502,8 +693,26 @@ spec:
minItems: 1
type: array
type: object
+ status:
+ properties:
+ conditions:
+ items:
+ properties:
+ message:
+ type: string
+ observedGeneration:
+ type: integer
+ reason:
+ type: string
+ status:
+ type: string
+ type:
+ type: string
+ type: object
+ type: array
+ type: object
type: object
- served: false
+ served: true
storage: false
subresources:
status: {}
@@ -516,7 +725,7 @@ spec:
name: URIs
priority: 0
type: string
- - jsonPath: .spec.http[].backend.serviceName
+ - jsonPath: .spec.http[].backends[].serviceName
name: Target Service(HTTP)
priority: 1
type: string
@@ -532,8 +741,7 @@ spec:
name: Age
priority: 0
type: date
- deprecated: true
- name: v2alpha1
+ name: v2beta2
schema:
openAPIV3Schema:
properties:
@@ -542,21 +750,10 @@ spec:
- required:
- http
- required:
- - tcp
- - required:
- stream
properties:
http:
items:
- oneOf:
- - required:
- - name
- - match
- - backend
- - required:
- - name
- - match
- - backends
properties:
authentication:
properties:
@@ -575,33 +772,10 @@ spec:
required:
- enable
type: object
- backend:
- properties:
- resolveGranualrity:
- enum:
- - endpoint
- - service
- type: string
- serviceName:
- minLength: 1
- type: string
- servicePort:
- maximum: 65535
- minimum: 1
- type: integer
- subset:
- type: string
- weight:
- minimum: 0
- type: integer
- required:
- - serviceName
- - servicePort
- type: object
backends:
items:
properties:
- resolveGranualrity:
+ resolveGranularity:
enum:
- endpoint
- service
@@ -742,6 +916,10 @@ spec:
type: object
websocket:
type: boolean
+ required:
+ - name
+ - match
+ - backends
type: object
minItems: 1
type: array
@@ -750,7 +928,7 @@ spec:
properties:
backend:
properties:
- resolveGranualrity:
+ resolveGranularity:
enum:
- endpoint
- service
@@ -793,47 +971,23 @@ spec:
type: object
minItems: 1
type: array
- tcp:
+ type: object
+ status:
+ properties:
+ conditions:
items:
properties:
- backend:
- properties:
- resolveGranualrity:
- enum:
- - endpoint
- - service
- type: string
- serviceName:
- minLength: 1
- type: string
- servicePort:
- maximum: 65535
- minimum: 1
- type: integer
- subset:
- type: string
- required:
- - serviceName
- - servicePort
- type: object
- match:
- properties:
- ingressPort:
- maximum: 65535
- minimum: 1
- type: integer
- required:
- - ingressPort
- type: object
- name:
- minLength: 1
+ message:
+ type: string
+ observedGeneration:
+ type: integer
+ reason:
+ type: string
+ status:
+ type: string
+ type:
type: string
- required:
- - name
- - match
- - backend
type: object
- minItems: 1
type: array
type: object
type: object
@@ -850,7 +1004,7 @@ spec:
name: URIs
priority: 0
type: string
- - jsonPath: .spec.http[].backend.serviceName
+ - jsonPath: .spec.http[].backends[].serviceName
name: Target Service(HTTP)
priority: 1
type: string
@@ -866,8 +1020,7 @@ spec:
name: Age
priority: 0
type: date
- deprecated: true
- name: v2beta1
+ name: v2beta3
schema:
openAPIV3Schema:
properties:
@@ -876,21 +1029,10 @@ spec:
- required:
- http
- required:
- - tcp
- - required:
- stream
properties:
http:
items:
- oneOf:
- - required:
- - name
- - match
- - backend
- - required:
- - name
- - match
- - backends
properties:
authentication:
properties:
@@ -909,33 +1051,10 @@ spec:
required:
- enable
type: object
- backend:
- properties:
- resolveGranualrity:
- enum:
- - endpoint
- - service
- type: string
- serviceName:
- minLength: 1
- type: string
- servicePort:
- maximum: 65535
- minimum: 1
- type: integer
- subset:
- type: string
- weight:
- minimum: 0
- type: integer
- required:
- - serviceName
- - servicePort
- type: object
backends:
items:
properties:
- resolveGranualrity:
+ resolveGranularity:
enum:
- endpoint
- service
@@ -1047,6 +1166,9 @@ spec:
name:
minLength: 1
type: string
+ plugin_config_name:
+ minLength: 1
+ type: string
plugins:
items:
properties:
@@ -1076,6 +1198,10 @@ spec:
type: object
websocket:
type: boolean
+ required:
+ - name
+ - match
+ - backends
type: object
minItems: 1
type: array
@@ -1084,7 +1210,7 @@ spec:
properties:
backend:
properties:
- resolveGranualrity:
+ resolveGranularity:
enum:
- endpoint
- service
@@ -1127,243 +1253,689 @@ spec:
type: object
minItems: 1
type: array
- tcp:
+ type: object
+ status:
+ properties:
+ conditions:
items:
properties:
- backend:
- properties:
- resolveGranualrity:
- enum:
- - endpoint
- - service
- type: string
- serviceName:
- minLength: 1
- type: string
- servicePort:
- maximum: 65535
- minimum: 1
- type: integer
- subset:
- type: string
- required:
- - serviceName
- - servicePort
- type: object
- match:
- properties:
- ingressPort:
- maximum: 65535
- minimum: 1
- type: integer
- required:
- - ingressPort
- type: object
- name:
- minLength: 1
+ message:
+ type: string
+ observedGeneration:
+ type: integer
+ reason:
+ type: string
+ status:
+ type: string
+ type:
type: string
- required:
- - name
- - match
- - backend
type: object
- minItems: 1
type: array
type: object
type: object
served: true
- storage: false
+ storage: true
subresources:
status: {}
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ labels:
+ apisix.apache.org/app: ingress-apisix
+ name: apisixtlses.apisix.apache.org
+spec:
+ group: apisix.apache.org
+ names:
+ kind: ApisixTls
+ plural: apisixtlses
+ shortNames:
+ - atls
+ singular: apisixtls
+ preserveUnknownFields: false
+ scope: Namespaced
+ versions:
- additionalPrinterColumns:
- - jsonPath: .spec.http[].match.hosts
- name: Hosts
- priority: 0
- type: string
- - jsonPath: .spec.http[].match.paths
- name: URIs
- priority: 0
+ - jsonPath: .spec.hosts
+ name: SNIs
type: string
- - jsonPath: .spec.http[].backends[].serviceName
- name: Target Service(HTTP)
- priority: 1
+ - jsonPath: .spec.secret.name
+ name: Secret Name
type: string
- - jsonPath: .spec.tcp[].match.ingressPort
- name: Ingress Server Port(TCP)
- priority: 1
- type: integer
- - jsonPath: .spec.tcp[].match.backend.serviceName
- name: Target Service(TCP)
- priority: 1
+ - jsonPath: .spec.secret.namespace
+ name: Secret Namespace
type: string
- jsonPath: .metadata.creationTimestamp
name: Age
- priority: 0
type: date
- name: v2beta2
+ name: v2beta3
schema:
openAPIV3Schema:
+ description: ApisixTls defines SSL resource in APISIX.
properties:
+ apiVersion:
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+ type: string
+ kind:
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+ type: string
+ metadata:
+ type: object
spec:
- anyOf:
- - required:
- - http
- - required:
- - stream
+ description: ApisixTlsSpec is the specification of ApisixSSL.
properties:
- http:
+ client:
+ description: ApisixMutualTlsClientConfig describes the mutual TLS
+ CA and verify depth
+ properties:
+ caSecret:
+ description: ApisixSecret describes the Kubernetes Secret name
+ and namespace.
+ properties:
+ name:
+ minLength: 1
+ type: string
+ namespace:
+ minLength: 1
+ type: string
+ required:
+ - name
+ - namespace
+ type: object
+ depth:
+ type: integer
+ type: object
+ hosts:
+ items:
+ pattern: ^\*?[0-9a-zA-Z-.]+$
+ type: string
+ minItems: 1
+ type: array
+ secret:
+ description: ApisixSecret describes the Kubernetes Secret name and
+ namespace.
+ properties:
+ name:
+ minLength: 1
+ type: string
+ namespace:
+ minLength: 1
+ type: string
+ required:
+ - name
+ - namespace
+ type: object
+ required:
+ - hosts
+ - secret
+ type: object
+ status:
+ description: ApisixStatus is the status report for Apisix ingress Resources
+ properties:
+ conditions:
items:
+ description: "Condition contains details for one aspect of the current
+ state of this API Resource. --- This struct is intended for direct
+ use as an array at the field path .status.conditions. For example,
+ type FooStatus struct{ // Represents the observations of a
+ foo's current state. // Known .status.conditions.type are:
+ \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type
+ \ // +patchStrategy=merge // +listType=map // +listMapKey=type
+ \ Conditions []metav1.Condition `json:\"conditions,omitempty\"
+ patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`
+ \n // other fields }"
properties:
- authentication:
- properties:
- enable:
- type: boolean
- keyAuth:
- properties:
- header:
+ lastTransitionTime:
+ description: lastTransitionTime is the last time the condition
+ transitioned from one status to another. This should be when
+ the underlying condition changed. If that is not known, then
+ using the time when the API field changed is acceptable.
+ format: date-time
+ type: string
+ message:
+ description: message is a human readable message indicating
+ details about the transition. This may be an empty string.
+ maxLength: 32768
+ type: string
+ observedGeneration:
+ description: observedGeneration represents the .metadata.generation
+ that the condition was set based upon. For instance, if .metadata.generation
+ is currently 12, but the .status.conditions[x].observedGeneration
+ is 9, the condition is out of date with respect to the current
+ state of the instance.
+ format: int64
+ minimum: 0
+ type: integer
+ reason:
+ description: reason contains a programmatic identifier indicating
+ the reason for the condition's last transition. Producers
+ of specific condition types may define expected values and
+ meanings for this field, and whether the values are considered
+ a guaranteed API. The value should be a CamelCase string.
+ This field may not be empty.
+ maxLength: 1024
+ minLength: 1
+ pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
+ type: string
+ status:
+ description: status of the condition, one of True, False, Unknown.
+ enum:
+ - "True"
+ - "False"
+ - Unknown
+ type: string
+ type:
+ description: type of condition in CamelCase or in foo.example.com/CamelCase.
+ --- Many .condition.type values are consistent across resources
+ like Available, but because arbitrary conditions can be useful
+ (see .node.status.conditions), the ability to deconflict is
+ important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
+ maxLength: 316
+ pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
+ type: string
+ required:
+ - lastTransitionTime
+ - message
+ - reason
+ - status
+ - type
+ type: object
+ type: array
+ type: object
+ type: object
+ served: true
+ storage: true
+ subresources:
+ status: {}
+ - additionalPrinterColumns:
+ - jsonPath: .spec.hosts
+ name: SNIs
+ type: string
+ - jsonPath: .spec.secret.name
+ name: Secret Name
+ type: string
+ - jsonPath: .spec.secret.namespace
+ name: Secret Namespace
+ type: string
+ - jsonPath: .metadata.creationTimestamp
+ name: Age
+ type: date
+ name: v1
+ schema:
+ openAPIV3Schema:
+ description: ApisixTls defines SSL resource in APISIX.
+ properties:
+ apiVersion:
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+ type: string
+ kind:
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: ApisixTlsSpec is the specification of ApisixSSL.
+ properties:
+ client:
+ description: ApisixMutualTlsClientConfig describes the mutual TLS
+ CA and verify depth
+ properties:
+ caSecret:
+ description: ApisixSecret describes the Kubernetes Secret name
+ and namespace.
+ properties:
+ name:
+ minLength: 1
+ type: string
+ namespace:
+ minLength: 1
+ type: string
+ required:
+ - name
+ - namespace
+ type: object
+ depth:
+ type: integer
+ type: object
+ hosts:
+ items:
+ pattern: ^\*?[0-9a-zA-Z-.]+$
+ type: string
+ minItems: 1
+ type: array
+ secret:
+ description: ApisixSecret describes the Kubernetes Secret name and
+ namespace.
+ properties:
+ name:
+ minLength: 1
+ type: string
+ namespace:
+ minLength: 1
+ type: string
+ required:
+ - name
+ - namespace
+ type: object
+ required:
+ - hosts
+ - secret
+ type: object
+ status:
+ description: ApisixStatus is the status report for Apisix ingress Resources
+ properties:
+ conditions:
+ items:
+ description: "Condition contains details for one aspect of the current
+ state of this API Resource. --- This struct is intended for direct
+ use as an array at the field path .status.conditions. For example,
+ type FooStatus struct{ // Represents the observations of a
+ foo's current state. // Known .status.conditions.type are:
+ \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type
+ \ // +patchStrategy=merge // +listType=map // +listMapKey=type
+ \ Conditions []metav1.Condition `json:\"conditions,omitempty\"
+ patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`
+ \n // other fields }"
+ properties:
+ lastTransitionTime:
+ description: lastTransitionTime is the last time the condition
+ transitioned from one status to another. This should be when
+ the underlying condition changed. If that is not known, then
+ using the time when the API field changed is acceptable.
+ format: date-time
+ type: string
+ message:
+ description: message is a human readable message indicating
+ details about the transition. This may be an empty string.
+ maxLength: 32768
+ type: string
+ observedGeneration:
+ description: observedGeneration represents the .metadata.generation
+ that the condition was set based upon. For instance, if .metadata.generation
+ is currently 12, but the .status.conditions[x].observedGeneration
+ is 9, the condition is out of date with respect to the current
+ state of the instance.
+ format: int64
+ minimum: 0
+ type: integer
+ reason:
+ description: reason contains a programmatic identifier indicating
+ the reason for the condition's last transition. Producers
+ of specific condition types may define expected values and
+ meanings for this field, and whether the values are considered
+ a guaranteed API. The value should be a CamelCase string.
+ This field may not be empty.
+ maxLength: 1024
+ minLength: 1
+ pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
+ type: string
+ status:
+ description: status of the condition, one of True, False, Unknown.
+ enum:
+ - "True"
+ - "False"
+ - Unknown
+ type: string
+ type:
+ description: type of condition in CamelCase or in foo.example.com/CamelCase.
+ --- Many .condition.type values are consistent across resources
+ like Available, but because arbitrary conditions can be useful
+ (see .node.status.conditions), the ability to deconflict is
+ important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
+ maxLength: 316
+ pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
+ type: string
+ required:
+ - lastTransitionTime
+ - message
+ - reason
+ - status
+ - type
+ type: object
+ type: array
+ type: object
+ type: object
+ served: false
+ storage: false
+ deprecated: true
+ subresources:
+ status: {}
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ labels:
+ apisix.apache.org/app: ingress-apisix
+ name: apisixupstreams.apisix.apache.org
+spec:
+ group: apisix.apache.org
+ names:
+ kind: ApisixUpstream
+ plural: apisixupstreams
+ shortNames:
+ - au
+ singular: apisixupstream
+ scope: Namespaced
+ versions:
+ - name: v2beta3
+ schema:
+ openAPIV3Schema:
+ properties:
+ spec:
+ properties:
+ healthCheck:
+ anyOf:
+ - required:
+ - active
+ - required:
+ - active
+ - passive
+ properties:
+ active:
+ properties:
+ concurrency:
+ minimum: 1
+ type: integer
+ healthy:
+ properties:
+ httpCodes:
+ items:
+ maximum: 599
+ minimum: 200
+ type: integer
+ minItems: 1
+ type: array
+ interval:
+ type: string
+ successes:
+ maximum: 254
+ minimum: 1
+ type: integer
+ type: object
+ host:
+ pattern: ^\*?[0-9a-zA-Z-._]+$
+ type: string
+ httpPath:
+ minLength: 1
+ type: string
+ port:
+ maximum: 65535
+ minimum: 1
+ type: integer
+ requestHeaders:
+ items:
+ type: string
+ minItems: 1
+ type: array
+ strictTLS:
+ type: boolean
+ timeout:
+ minimum: 0
+ type: number
+ type:
+ enum:
+ - http
+ - https
+ - tcp
+ type: string
+ unhealthy:
+ properties:
+ httpCodes:
+ items:
+ maximum: 599
+ minimum: 200
+ type: integer
+ minItems: 1
+ type: array
+ httpFailures:
+ maximum: 254
+ minimum: 1
+ type: integer
+ interval:
+ type: string
+ tcpFailures:
+ maximum: 254
+ minimum: 1
+ type: integer
+ timeouts:
+ minimum: 0
+ type: integer
+ type: object
+ type: object
+ passive:
+ properties:
+ healthy:
+ properties:
+ httpCodes:
+ items:
+ maximum: 599
+ minimum: 200
+ type: integer
+ minItems: 1
+ type: array
+ successes:
+ maximum: 254
+ minimum: 1
+ type: integer
+ type: object
+ type:
+ enum:
+ - http
+ - https
+ - tcp
+ type: string
+ unhealthy:
+ properties:
+ httpCodes:
+ items:
+ maximum: 599
+ minimum: 200
+ type: integer
+ minItems: 1
+ type: array
+ httpFailures:
+ maximum: 254
+ minimum: 1
+ type: integer
+ tcpFailures:
+ maximum: 254
+ minimum: 1
+ type: integer
+ timeouts:
+ minimum: 0
+ type: integer
+ type: object
+ type: object
+ type: object
+ loadbalancer:
+ properties:
+ hashOn:
+ enum:
+ - vars
+ - vars_combinations
+ - header
+ - cookie
+ - consumer
+ type: string
+ key:
+ type: string
+ type:
+ enum:
+ - roundrobin
+ - chash
+ - ewma
+ - least_conn
+ type: string
+ required:
+ - type
+ type: object
+ portLevelSettings:
+ items:
+ properties:
+ healthCheck:
+ anyOf:
+ - required:
+ - active
+ - required:
+ - active
+ - passive
+ properties:
+ active:
+ properties:
+ concurrency:
+ minimum: 1
+ type: integer
+ healthy:
+ properties:
+ httpCodes:
+ items:
+ maximum: 599
+ minimum: 200
+ type: integer
+ minItems: 1
+ type: array
+ interval:
+ type: string
+ successes:
+ maximum: 254
+ minimum: 1
+ type: integer
+ type: object
+ host:
+ pattern: ^\*?[0-9a-zA-Z-._]+$
+ type: string
+ httpPath:
+ minLength: 1
+ type: string
+ port:
+ maximum: 65535
+ minimum: 1
+ type: integer
+ requestHeaders:
+ items:
+ type: string
+ minItems: 1
+ type: array
+ strictTLS:
+ type: boolean
+ timeout:
+ minimum: 0
+ type: number
+ type:
+ enum:
+ - http
+ - https
+ - tcp
+ type: string
+ unhealthy:
+ properties:
+ httpCodes:
+ items:
+ maximum: 599
+ minimum: 200
+ type: integer
+ minItems: 1
+ type: array
+ httpFailures:
+ maximum: 254
+ minimum: 1
+ type: integer
+ interval:
+ type: string
+ tcpFailures:
+ maximum: 254
+ minimum: 1
+ type: integer
+ timeout:
+ type: string
+ type: object
+ type: object
+ passive:
+ properties:
+ healthy:
+ properties:
+ httpCodes:
+ items:
+ maximum: 599
+ minimum: 200
+ type: integer
+ minItems: 1
+ type: array
+ successes:
+ maximum: 254
+ minimum: 1
+ type: integer
+ type: object
+ type:
+ enum:
+ - http
+ - https
+ - tcp
type: string
+ unhealthy:
+ properties:
+ httpCodes:
+ items:
+ maximum: 599
+ minimum: 200
+ type: integer
+ minItems: 1
+ type: array
+ httpFailures:
+ maximum: 254
+ minimum: 1
+ type: integer
+ tcpFailures:
+ maximum: 254
+ minimum: 1
+ type: integer
+ timeout:
+ type: string
+ type: object
type: object
+ type: object
+ loadbalancer:
+ properties:
+ hashOn:
+ enum:
+ - vars
+ - vars_combinations
+ - header
+ - cookie
+ - consumer
+ type: string
+ key:
+ type: string
type:
enum:
- - basicAuth
- - keyAuth
+ - roundrobin
+ - chash
+ - ewma
+ - least_conn
type: string
required:
- - enable
- type: object
- backends:
- items:
- properties:
- resolveGranularity:
- enum:
- - endpoint
- - service
- type: string
- serviceName:
- minLength: 1
- type: string
- servicePort:
- maximum: 65535
- minimum: 1
- type: integer
- subset:
- type: string
- weight:
- minimum: 0
- type: integer
- type: object
- minItems: 1
- required:
- - serviceName
- - servicePort
- type: array
- match:
- properties:
- exprs:
- items:
- oneOf:
- - required:
- - subject
- - op
- - value
- - required:
- - subject
- - op
- - set
- properties:
- op:
- enum:
- - Equal
- - NotEqual
- - GreaterThan
- - LessThan
- - In
- - NotIn
- - RegexMatch
- - RegexNotMatch
- - RegexMatchCaseInsensitive
- - RegexNotMatchCaseInsensitive
- type: string
- set:
- items:
- type: string
- type: array
- subject:
- properties:
- name:
- minLength: 1
- type: string
- scope:
- enum:
- - Cookie
- - Header
- - Path
- - Query
- type: string
- required:
- - scope
- type: object
- value:
- type: string
- type: object
- minItems: 1
- type: array
- hosts:
- items:
- pattern: ^\*?[0-9a-zA-Z-._]+$
- type: string
- minItems: 1
- type: array
- methods:
- items:
- enum:
- - CONNECT
- - DELETE
- - GET
- - HEAD
- - OPTIONS
- - PATCH
- - POST
- - PUT
- - TRACE
- type: string
- minItems: 1
- type: array
- paths:
- items:
- pattern: ^/[a-zA-Z0-9\-._~%!$&'()+,;=:@/]*\*?$
- type: string
- minItems: 1
- type: array
- remoteAddrs:
- items:
- type: string
- minItems: 1
- type: array
- required:
- - paths
+ - type
type: object
- name:
- minLength: 1
- type: string
- plugins:
- items:
- properties:
- config:
- type: object
- x-kubernetes-preserve-unknown-fields: true
- enable:
- type: boolean
- name:
- minLength: 1
- type: string
- type: object
- required:
- - name
- - enable
- type: array
- priority:
+ port:
+ maximum: 65535
+ minimum: 1
+ type: integer
+ retries:
+ minimum: 0
type: integer
+ scheme:
+ enum:
+ - http
+ - grpc
+ type: string
timeout:
properties:
connect:
@@ -1373,146 +1945,42 @@ spec:
send:
type: string
type: object
- websocket:
- type: boolean
- required:
- - name
- - match
- - backends
type: object
- minItems: 1
type: array
- stream:
+ retries:
+ minimum: 0
+ type: integer
+ scheme:
+ enum:
+ - http
+ - grpc
+ - https
+ - grpcs
+ type: string
+ subsets:
items:
properties:
- backend:
- properties:
- resolveGranularity:
- enum:
- - endpoint
- - service
- type: string
- serviceName:
- minLength: 1
- type: string
- servicePort:
- maximum: 65535
- minimum: 1
- type: integer
- subset:
- type: string
- required:
- - serviceName
- - servicePort
- type: object
- match:
- properties:
- ingressPort:
- maximum: 65535
- minimum: 1
- type: integer
- required:
- - ingressPort
+ labels:
type: object
+ x-kubernetes-preserve-unknown-fields: true
name:
minLength: 1
type: string
- protocol:
- enum:
- - TCP
- - UDP
- type: string
required:
- name
- - match
- - backend
- - protocol
+ - labels
type: object
- minItems: 1
type: array
- type: object
- type: object
- served: true
- storage: true
- subresources:
- status: {}
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- name: apisixtlses.apisix.apache.org
-spec:
- group: apisix.apache.org
- names:
- kind: ApisixTls
- plural: apisixtlses
- shortNames:
- - atls
- singular: apisixtls
- preserveUnknownFields: false
- scope: Namespaced
- versions:
- - additionalPrinterColumns:
- - jsonPath: .spec.hosts
- name: SNIs
- type: string
- - jsonPath: .spec.secret.name
- name: Secret Name
- type: string
- - jsonPath: .spec.secret.namespace
- name: Secret Namespace
- type: string
- - jsonPath: .metadata.creationTimestamp
- name: Age
- type: date
- name: v1
- schema:
- openAPIV3Schema:
- description: ApisixTls defines SSL resource in APISIX.
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: ApisixTlsSpec is the specification of ApisixSSL.
- properties:
- client:
- description: ApisixMutualTlsClientConfig describes the mutual TLS
- CA and verify depth
+ timeout:
properties:
- caSecret:
- description: ApisixSecret describes the Kubernetes Secret name
- and namespace.
- properties:
- name:
- minLength: 1
- type: string
- namespace:
- minLength: 1
- type: string
- required:
- - name
- - namespace
- type: object
- depth:
- type: integer
+ connect:
+ type: string
+ read:
+ type: string
+ send:
+ type: string
type: object
- hosts:
- items:
- pattern: ^\*?[0-9a-zA-Z-.]+$
- type: string
- minItems: 1
- type: array
- secret:
+ tlsSecret:
description: ApisixSecret describes the Kubernetes Secret name and
namespace.
properties:
@@ -1526,103 +1994,12 @@ spec:
- name
- namespace
type: object
- required:
- - hosts
- - secret
- type: object
- status:
- description: ApisixStatus is the status report for Apisix ingress Resources
- properties:
- conditions:
- items:
- description: "Condition contains details for one aspect of the current
- state of this API Resource. --- This struct is intended for direct
- use as an array at the field path .status.conditions. For example,
- type FooStatus struct{ // Represents the observations of a
- foo's current state. // Known .status.conditions.type are:
- \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type
- \ // +patchStrategy=merge // +listType=map // +listMapKey=type
- \ Conditions []metav1.Condition `json:\"conditions,omitempty\"
- patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`
- \n // other fields }"
- properties:
- lastTransitionTime:
- description: lastTransitionTime is the last time the condition
- transitioned from one status to another. This should be when
- the underlying condition changed. If that is not known, then
- using the time when the API field changed is acceptable.
- format: date-time
- type: string
- message:
- description: message is a human readable message indicating
- details about the transition. This may be an empty string.
- maxLength: 32768
- type: string
- observedGeneration:
- description: observedGeneration represents the .metadata.generation
- that the condition was set based upon. For instance, if .metadata.generation
- is currently 12, but the .status.conditions[x].observedGeneration
- is 9, the condition is out of date with respect to the current
- state of the instance.
- format: int64
- minimum: 0
- type: integer
- reason:
- description: reason contains a programmatic identifier indicating
- the reason for the condition's last transition. Producers
- of specific condition types may define expected values and
- meanings for this field, and whether the values are considered
- a guaranteed API. The value should be a CamelCase string.
- This field may not be empty.
- maxLength: 1024
- minLength: 1
- pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
- type: string
- status:
- description: status of the condition, one of True, False, Unknown.
- enum:
- - "True"
- - "False"
- - Unknown
- type: string
- type:
- description: type of condition in CamelCase or in foo.example.com/CamelCase.
- --- Many .condition.type values are consistent across resources
- like Available, but because arbitrary conditions can be useful
- (see .node.status.conditions), the ability to deconflict is
- important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
- maxLength: 316
- pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
- type: string
- required:
- - lastTransitionTime
- - message
- - reason
- - status
- - type
- type: object
- type: array
type: object
type: object
served: true
storage: true
subresources:
status: {}
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
- name: apisixupstreams.apisix.apache.org
-spec:
- group: apisix.apache.org
- names:
- kind: ApisixUpstream
- plural: apisixupstreams
- shortNames:
- - au
- singular: apisixupstream
- scope: Namespaced
- versions:
- name: v1
schema:
openAPIV3Schema:
@@ -1952,6 +2329,8 @@ spec:
enum:
- http
- grpc
+ - https
+ - grpcs
type: string
subsets:
items:
@@ -1976,9 +2355,24 @@ spec:
send:
type: string
type: object
+ tlsSecret:
+ description: ApisixSecret describes the Kubernetes Secret name and
+ namespace.
+ properties:
+ name:
+ minLength: 1
+ type: string
+ namespace:
+ minLength: 1
+ type: string
+ required:
+ - name
+ - namespace
+ type: object
type: object
type: object
- served: true
- storage: true
+ served: false
+ storage: false
+ deprecated: true
subresources:
status: {}
diff --git a/charts/apisix-ingress-controller/templates/configmap.yaml b/charts/apisix-ingress-controller/templates/configmap.yaml
index 8b7450d..4670444 100644
--- a/charts/apisix-ingress-controller/templates/configmap.yaml
+++ b/charts/apisix-ingress-controller/templates/configmap.yaml
@@ -20,7 +20,17 @@ data:
# log options
log_level: {{ .Values.config.logLevel | quote }}
log_output: {{ .Values.config.logOutput | quote }}
+ cert_file: {{ .Values.config.certFile | quote }}
+ key_file: {{ .Values.config.keyFile | quote }}
http_listen: {{ .Values.config.httpListen | quote }}
+ https_listen: {{ .Values.config.httpsListen | quote }}
+ ingress_publish_service: {{ .Values.config.ingressPublishService }}
+ {{- if gt (len .Values.config.ingressStatusAddress) 0 }}
+ ingress_status_address:
+ {{- range .Values.config.ingressStatusAddress }}
+ - {{ . | quote }}
+ {{- end }}
+ {{- end }}
enable_profiling: {{ .Values.config.enableProfiling }}
kubernetes:
kubeconfig: {{ .Values.config.kubernetes.kubeconfig | quote }}
@@ -31,12 +41,23 @@ data:
- {{ . | quote }}
{{- end }}
{{- end }}
+
+ {{- if gt (len .Values.config.kubernetes.namespaceSelector) 0 }}
+ namespace_selector:
+ {{- range .Values.config.kubernetes.namespaceSelector }}
+ - {{ . | quote }}
+ {{- end }}
+ {{- end }}
+ election_id: {{ .Values.config.kubernetes.electionId | quote }}
ingress_class: {{ .Values.config.kubernetes.ingressClass | quote }}
ingress_version: {{ .Values.config.kubernetes.ingressVersion | quote }}
+ watch_endpointslices: {{ .Values.config.kubernetes.watchEndpointSlices }}
apisix_route_version: {{ .Values.config.kubernetes.apisixRouteVersion | quote }}
+ enable_gateway_api: {{ .Values.config.kubernetes.enableGatewayAPI }}
apisix:
- base_url: http://{{ .Values.config.apisix.serviceName }}.{{ .Values.config.apisix.serviceNamespace }}.svc.{{ .Values.clusterDomain }}:{{ .Values.config.apisix.servicePort }}/apisix/admin
- admin_key: {{ .Values.config.apisix.adminKey | quote }}
+ default_cluster_base_url: http://{{ .Values.config.apisix.serviceName }}.{{ .Values.config.apisix.serviceNamespace }}.svc.{{ .Values.clusterDomain }}:{{ .Values.config.apisix.servicePort }}/apisix/admin
+ default_cluster_admin_key: {{ .Values.config.apisix.adminKey | quote }}
+ default_cluster_name: {{ .Values.config.apisix.clusterName | quote }}
kind: ConfigMap
metadata:
name: {{ .Release.Name }}-configmap
diff --git a/charts/apisix-ingress-controller/templates/rbac.yaml b/charts/apisix-ingress-controller/templates/rbac.yaml
index 93e5078..fd30dae 100644
--- a/charts/apisix-ingress-controller/templates/rbac.yaml
+++ b/charts/apisix-ingress-controller/templates/rbac.yaml
@@ -147,6 +147,8 @@ rules:
- apisixclusterconfigs/status
- apisixconsumers
- apisixconsumers/status
+ - apisixpluginconfigs
+ - apisixpluginconfigs/status
verbs:
- '*'
- apiGroups:
diff --git a/charts/apisix-ingress-controller/values.yaml b/charts/apisix-ingress-controller/values.yaml
index ebdc42e..84d8297 100644
--- a/charts/apisix-ingress-controller/values.yaml
+++ b/charts/apisix-ingress-controller/values.yaml
@@ -42,7 +42,7 @@ replicaCount: 1
image:
repository: apache/apisix-ingress-controller
pullPolicy: IfNotPresent
- tag: "1.3.0"
+ tag: "1.4.0"
imagePullSecrets: []
clusterDomain: cluster.local
@@ -65,8 +65,20 @@ config:
# are marshalled in JSON format, which can be parsed by
# programs easily.
logOutput: "stderr"
+ # the TLS certificate file path.
+ certFile: "/etc/webhook/certs/cert.pem"
+ # the TLS key file path.
+ keyFile: "/etc/webhook/certs/key.pem"
# the HTTP Server listen address, default is ":8080"
httpListen: ":8080"
+ # the HTTPS Server listen address, default is ":8443"
+ httpsListen: ":8443"
+ # the controller will use the Endpoint of this Service to
+ # update the status information of the Ingress resource.
+ # The format is "namespace/svc-name" to solve the situation that
+ # the data plane and the controller are not deployed in the same namespace.
+ ingressPublishService: ""
+ ingressStatusAddress: []
# enable profiling via web interfaces host:port/debug/pprof, default is true.
enableProfiling: true
# Kubernetes related configurations.
@@ -80,6 +92,10 @@ config:
# namespace list that controller will watch for resources,
# by default all namespaces (represented by "*") are watched.
appNamespaces: ["*"]
+ # namespace_selector represent basis for selecting managed namespaces.
+ # the field is support since version 1.4.0
+ # For example, "apisix.ingress=watching", so ingress will watching the namespaces which labels "apisix.ingress=watching"
+ namespaceSelector: [""]
# the election id for the controller leader campaign,
# only the leader will watch and delivery resource changes,
# other instances (as candidates) stand by.
@@ -92,15 +108,23 @@ config:
# "networking/v1" (for Kubernetes version v1.19.0 or higher), and
# "extensions/v1beta1", default is "networking/v1".
ingressVersion: "networking/v1"
+ # whether to watch EndpointSlices rather than Endpoints.
+ watchEndpointSlices: false
# the supported apisixroute api group version, can be "apisix.apache.org/v1"
# "apisix.apache.org/v2alpha1" or "apisix.apache.org/v2beta1"
apisixRouteVersion: "apisix.apache.org/v2beta1"
+ # whether to enable support for Gateway API.
+ # Note: This feature is currently under development and may not work as expected.
+ # It is not recommended to use it in a production environment.
+ # Before we announce support for it to reach Beta level or GA.
+ enableGatewayAPI: false
# APISIX related configurations.
apisix:
serviceName: apisix-admin
serviceNamespace: ingress-apisix
servicePort: 9180
adminKey: "edd1c9f034335f136f87ad84b625c8f1"
+ clusterName: "default"
resources: {}