You are viewing a plain text version of this content. The canonical link for it is here.
Posted to notifications@apisix.apache.org by GitBox <gi...@apache.org> on 2022/08/14 11:38:55 UTC
[GitHub] [apisix-helm-chart] tokers commented on a diff in pull request #321: feat: support hostnetwork
tokers commented on code in PR #321:
URL: https://github.com/apache/apisix-helm-chart/pull/321#discussion_r945275366
##########
charts/apisix/templates/_pod.tpl:
##########
@@ -0,0 +1,176 @@
+{{- define "apisix.podTemplate" -}}
+metadata:
+ annotations:
+ checksum/config: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }}
+ {{- with .Values.apisix.podAnnotations }}
+ {{- toYaml . | nindent 4 }}
+ {{- end }}
+ labels:
+ {{- include "apisix.selectorLabels" . | nindent 4 }}
+spec:
+ {{- with .Values.global.imagePullSecrets }}
+ imagePullSecrets:
+ {{- toYaml . | nindent 4 }}
+ {{- end }}
+ securityContext: {{- toYaml .Values.podSecurityContext | nindent 4 }}
+ containers:
+ - name: {{ .Chart.Name }}
+ securityContext: {{- toYaml .Values.securityContext | nindent 8 }}
+ image: "{{ .Values.apisix.image.repository }}:{{ default .Chart.AppVersion .Values.apisix.image.tag }}"
+ imagePullPolicy: {{ .Values.apisix.image.pullPolicy }}
+ env:
+ {{- if .Values.apisix.timezone }}
+ - name: TZ
+ value: {{ .Values.apisix.timezone }}
+ {{- end }}
+ {{- if .Values.apisix.extraEnvVars }}
+ {{- include "apisix.tplvalues.render" (dict "value" .Values.apisix.extraEnvVars "context" $) | nindent 8 }}
+ {{- end }}
+ ports:
+ - name: http
+ containerPort: {{ .Values.gateway.http.containerPort }}
+ protocol: TCP
+ - name: tls
+ containerPort: {{ .Values.gateway.tls.containerPort }}
+ protocol: TCP
+ {{- if .Values.admin.enabled }}
+ - name: admin
+ containerPort: {{ .Values.admin.port }}
+ protocol: TCP
+ {{- end }}
+ {{- if .Values.serviceMonitor.enabled }}
+ - name: prometheus
+ containerPort: {{ .Values.serviceMonitor.containerPort }}
+ protocol: TCP
+ {{- end }}
+ {{- if and .Values.gateway.stream.enabled (or (gt (len .Values.gateway.stream.tcp) 0) (gt (len .Values.gateway.stream.udp) 0)) }}
+ {{- with .Values.gateway.stream }}
+ {{- if (gt (len .tcp) 0) }}
+ {{- range $index, $port := .tcp }}
+ - name: proxy-tcp-{{ $index | toString }}
+ containerPort: {{ $port }}
+ protocol: TCP
+ {{- end }}
+ {{- end }}
+ {{- if (gt (len .udp) 0) }}
+ {{- range $index, $port := .udp }}
+ - name: proxy-udp-{{ $index | toString }}
+ containerPort: {{ $port }}
+ protocol: UDP
+ {{- end }}
+ {{- end }}
+ {{- end }}
+ {{- end }}
+ readinessProbe:
+ failureThreshold: 6
+ initialDelaySeconds: 10
+ periodSeconds: 10
+ successThreshold: 1
+ tcpSocket:
+ port: {{ .Values.gateway.http.containerPort }}
+ timeoutSeconds: 1
+ lifecycle:
+ preStop:
+ exec:
+ command:
+ - /bin/sh
+ - -c
+ - "sleep 30"
+ volumeMounts:
+ {{- if .Values.apisix.setIDFromPodUID }}
+ - mountPath: /usr/local/apisix/conf/apisix.uid
+ name: id
+ subPath: apisix.uid
+ {{- end }}
+ - mountPath: /usr/local/apisix/conf/config.yaml
+ name: apisix-config
+ subPath: config.yaml
+ {{- if and .Values.gateway.tls.enabled .Values.gateway.tls.existingCASecret }}
+ - mountPath: /usr/local/apisix/conf/ssl/{{ .Values.gateway.tls.certCAFilename }}
+ name: ssl
+ subPath: {{ .Values.gateway.tls.certCAFilename }}
+ {{- end }}
+ {{- if .Values.etcd.auth.tls.enabled }}
+ - mountPath: /etcd-ssl
+ name: etcd-ssl
+ {{- end }}
+ {{- if .Values.customPlugins.enabled }}
+ {{- range $plugin := .Values.customPlugins.plugins }}
+ {{- range $mount := $plugin.configMap.mounts }}
+ - mountPath: {{ $mount.path }}
+ name: plugin-{{ $plugin.configMap.name }}
+ subPath: {{ $mount.key }}
+ {{- end }}
+ {{- end }}
+ {{- end }}
+ {{- if .Values.apisix.luaModuleHook.enabled }}
+ {{- range $mount := .Values.apisix.luaModuleHook.configMapRef.mounts }}
+ - mountPath: {{ $mount.path }}
+ name: lua-module-hook
+ subPath: {{ $mount.key }}
+ {{- end }}
+ {{- end }}
+ {{- if .Values.extraVolumeMounts }}
+ {{- toYaml .Values.extraVolumeMounts | nindent 8 }}
+ {{- end }}
+ resources:
+ {{- toYaml .Values.apisix.resources | nindent 8 }}
+ hostNetwork: {{ .Values.apisix.hostNetwork }}
+ {{- if .Values.etcd.enabled }}
+ initContainers:
+ - name: wait-etcd
+ image: {{ .Values.initContainer.image }}:{{ .Values.initContainer.tag }}
+ {{- if .Values.etcd.fullnameOverride }}
+ command: ['sh', '-c', "until nc -z {{ .Values.etcd.fullnameOverride }} {{ .Values.etcd.service.port }}; do echo waiting for etcd `date`; sleep 2; done;"]
+ {{ else }}
+ command: ['sh', '-c', "until nc -z {{ .Release.Name }}-etcd.{{ .Release.Namespace }}.svc.{{ .Values.etcd.clusterDomain }} {{ .Values.etcd.service.port }}; do echo waiting for etcd `date`; sleep 2; done;"]
+ {{- end }}
+ {{- end }}
+ volumes:
+ - configMap:
+ name: {{ include "apisix.fullname" . }}
+ name: apisix-config
+ {{- if and .Values.gateway.tls.enabled .Values.gateway.tls.existingCASecret }}
+ - secret:
+ secretName: {{ .Values.gateway.tls.existingCASecret | quote }}
+ name: ssl
+ {{- end }}
+ {{- if .Values.etcd.auth.tls.enabled }}
+ - secret:
+ secretName: {{ .Values.etcd.auth.tls.existingSecret | quote }}
+ name: etcd-ssl
+ {{- end }}
+ {{- if .Values.apisix.setIDFromPodUID }}
+ - downwardAPI:
+ items:
+ - path: "apisix.uid"
+ fieldRef:
+ fieldPath: metadata.uid
+ name: id
+ {{- end }}
+ {{- if .Values.customPlugins.enabled }}
+ {{- range $plugin := .Values.customPlugins.plugins }}
+ - name: plugin-{{ $plugin.configMap.name }}
+ configMap:
+ name: {{ $plugin.configMap.name }}
+ {{- end }}
+ {{- end }}
+ {{- if .Values.apisix.luaModuleHook.enabled }}
+ - name: lua-module-hook
+ configMap:
+ name: {{ .Values.apisix.luaModuleHook.configMapRef.name }}
+ {{- end }}
+ {{- if .Values.extraVolumes }}
+ {{- toYaml .Values.extraVolumes | nindent 4 }}
+ {{- end }}
+ {{- with .Values.apisix.nodeSelector }}
+ nodeSelector:
+ {{- toYaml . | nindent 4 }}
+ {{- end }}
+ affinity:
+ {{- merge .Values.apisix.affinity (include "apisix.podAntiAffinity" . | fromYaml) | toYaml | nindent 4 }}
+ {{- with .Values.apisix.tolerations }}
+ tolerations:
+ {{- toYaml . | nindent 4 }}
+ {{- end }}
+{{- end -}}
Review Comment:
Ditto.
##########
charts/apisix/templates/configmap.yaml:
##########
@@ -166,7 +166,7 @@ data:
error_log: "{{ .Values.logs.errorLog }}"
error_log_level: "{{ .Values.logs.errorLogLevel }}" # warn,error
worker_processes: "{{ .Values.nginx.workerProcesses }}"
- enable_cpu_affinity: {{ default "true" .Values.nginx.enableCPUAffinity }}
+ enable_cpu_affinity: {{ and true .Values.nginx.enableCPUAffinity }}
Review Comment:
Is the `and` for avoiding a missing `enableCPUAffinity`
##########
charts/apisix/templates/_helpers.tpl:
##########
@@ -74,3 +74,39 @@ Usage:
{{- tpl (.value | toYaml) .context }}
{{- end }}
{{- end -}}
+
+{{- define "apisix.basePluginAttrs" -}}
+{{- if .Values.serviceMonitor.enabled }}
+prometheus:
+ export_addr:
+ ip: 0.0.0.0
+ port: {{ .Values.serviceMonitor.containerPort }}
+ export_uri: {{ .Values.serviceMonitor.path }}
+ metric_prefix: {{ .Values.serviceMonitor.metricPrefix }}
+{{- end }}
+{{- if .Values.customPlugins.enabled }}
+{{- range $plugin := .Values.customPlugins.plugins }}
+{{- if $plugin.attrs }}
+{{ $plugin.name }}: {{- $plugin.attrs | toYaml | nindent 2 }}
+{{- end }}
+{{- end }}
+{{- end }}
+{{- end -}}
+
+{{- define "apisix.pluginAttrs" -}}
+{{- merge .Values.pluginAttrs (include "apisix.basePluginAttrs" . | fromYaml) | toYaml -}}
+{{- end -}}
+
+{{- define "apisix.podAntiAffinity" -}}
+{{- if and .Values.apisix.hostNetwork (eq .Values.apisix.kind "Deployment") }}
+podAntiAffinity:
+ requiredDuringSchedulingIgnoredDuringExecution:
+ - labelSelector:
+ matchExpressions:
+ - key: app.kubernetes.io/instance
+ operator: In
+ values:
+ - {{ .Release.Name }}
+ topologyKey: "kubernetes.io/hostname"
+{{- end }}
+{{- end -}}
Review Comment:
Add the EOL symbol.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@apisix.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org