You are viewing a plain text version of this content. The canonical link for it is here.
Posted to notifications@apisix.apache.org by kv...@apache.org on 2021/05/13 12:56:47 UTC
[apisix-helm-chart] branch master updated: feat: restructure the
apisix-helm-chart repo (#74)
This is an automated email from the ASF dual-hosted git repository.
kvn pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/apisix-helm-chart.git
The following commit(s) were added to refs/heads/master by this push:
new 7eeeedd feat: restructure the apisix-helm-chart repo (#74)
7eeeedd is described below
commit 7eeeeddc92899ff71bcc2b687e7ffd695575c81f
Author: Jintao Zhang <ta...@163.com>
AuthorDate: Thu May 13 20:56:39 2021 +0800
feat: restructure the apisix-helm-chart repo (#74)
* chore: add icon for Charts
Signed-off-by: Jintao Zhang <zh...@gmail.com>
* feat: support for controller-only deployment
Signed-off-by: Jintao Zhang <zh...@gmail.com>
---
.gitignore | 4 +-
charts/apisix-dashboard/Chart.yaml | 2 +-
charts/apisix/Chart.lock | 12 ++
charts/apisix/Chart.yaml | 6 +-
charts/apisix/README.md | 121 ++++++++++++++++
charts/apisix/charts/apisix-dashboard-0.1.2.tgz | Bin 0 -> 4702 bytes
.../charts/apisix-ingress-controller-0.4.0.tgz | Bin 0 -> 4992 bytes
charts/apisix/charts/etcd-5.2.1.tgz | Bin 0 -> 34939 bytes
charts/apisix/templates/configmap.yaml | 6 +-
charts/apisix/templates/deployment.yaml | 20 +--
charts/apisix/templates/hpa.yaml | 2 +-
charts/apisix/templates/ingress.yaml | 4 +-
charts/apisix/templates/service-admin.yaml | 4 +-
charts/apisix/templates/service-gateway.yaml | 2 +
charts/apisix/values.yaml | 159 +++++++++++----------
15 files changed, 242 insertions(+), 100 deletions(-)
diff --git a/.gitignore b/.gitignore
index 9eebac1..bef1900 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,4 +1,2 @@
.DS_Store
-*.tgz
-*.lock
-test_**.yaml
\ No newline at end of file
+test_**.yaml
diff --git a/charts/apisix-dashboard/Chart.yaml b/charts/apisix-dashboard/Chart.yaml
index f37de0a..f78c7ad 100644
--- a/charts/apisix-dashboard/Chart.yaml
+++ b/charts/apisix-dashboard/Chart.yaml
@@ -17,7 +17,7 @@
apiVersion: v2
name: apisix-dashboard
description: A Helm chart for Apache APISIX Dashboard
-
+icon: https://apache.org/logos/res/apisix/apisix.png
# A chart can be either an 'application' or a 'library' chart.
#
# Application charts are a collection of templates that can be packaged into versioned archives
diff --git a/charts/apisix/Chart.lock b/charts/apisix/Chart.lock
new file mode 100644
index 0000000..de4b619
--- /dev/null
+++ b/charts/apisix/Chart.lock
@@ -0,0 +1,12 @@
+dependencies:
+- name: etcd
+ repository: https://charts.bitnami.com/bitnami
+ version: 5.2.1
+- name: apisix-dashboard
+ repository: https://charts.apiseven.com
+ version: 0.1.2
+- name: apisix-ingress-controller
+ repository: https://charts.apiseven.com
+ version: 0.4.0
+digest: sha256:111cf0f06c6039a02340f3ddafba83882336774ec5539dfceef8f6d59d5d6d34
+generated: "2021-05-11T15:52:54.405811637+08:00"
diff --git a/charts/apisix/Chart.yaml b/charts/apisix/Chart.yaml
index 0d87898..fc2918e 100644
--- a/charts/apisix/Chart.yaml
+++ b/charts/apisix/Chart.yaml
@@ -17,7 +17,7 @@
apiVersion: v2
name: apisix
description: A Helm chart for Apache APISIX
-
+icon: https://apache.org/logos/res/apisix/apisix.png
# A chart can be either an 'application' or a 'library' chart.
#
# Application charts are a collection of templates that can be packaged into versioned archives
@@ -45,11 +45,11 @@ dependencies:
condition: etcd.enabled
- name: apisix-dashboard
version: 0.1.2
- repository: file://../apisix-dashboard
+ repository: https://charts.apiseven.com
condition: dashboard.enabled
alias: dashboard
- name: apisix-ingress-controller
version: 0.4.0
- repository: file://../apisix-ingress-controller
+ repository: https://charts.apiseven.com
condition: ingress-controller.enabled
alias: ingress-controller
diff --git a/charts/apisix/README.md b/charts/apisix/README.md
new file mode 100644
index 0000000..524714d
--- /dev/null
+++ b/charts/apisix/README.md
@@ -0,0 +1,121 @@
+## Apache APISIX for Kubernetes
+
+Apache APISIX is a dynamic, real-time, high-performance API gateway.
+
+APISIX provides rich traffic management features such as load balancing, dynamic upstream, canary release, circuit breaking, authentication, observability, and more.
+
+You can use Apache APISIX to handle traditional north-south traffic, as well as east-west traffic between services. It can also be used as a [k8s ingress controller](https://github.com/apache/apisix-ingress-controller/).
+
+This chart bootstraps all the components needed to run Apache APISIX on a Kubernetes Cluster using [Helm](https://helm.sh).
+
+
+## TL;DR
+
+```sh
+➜ helm repo add apisix https://charts.apiseven.com
+➜ helm repo update
+
+➜ helm install apisix/apisix --generate-name
+```
+
+## Prerequisites
+
+* Kubernetes v1.14+
+* Helm v3+
+
+
+## Install
+
+To install the chart with the release name `my-apisix`:
+
+```sh
+➜ helm repo add apisix https://charts.apiseven.com
+➜ helm repo update
+
+➜ helm install my-apisix apisix/apisix
+```
+
+## Uninstall
+
+ To uninstall/delete a Helm release `my-apisix`:
+
+ ```sh
+➜ helm delete my-apisix
+ ```
+
+The command removes all the Kubernetes components associated with the chart and deletes the release.
+
+## Parameters
+
+The following tables lists the configurable parameters of the apisix chart and their default values per section/component:
+
+### Global parameters
+
+| Parameter | Description | Default |
+|---------------------------|-------------------------------------------------|---------------------------------------------------------|
+| `global.imagePullSecrets` | Global Docker registry secret names as an array | `[]` (does not add image pull secrets to deployed pods) |
+
+
+### apisix parameters
+
+| Parameter | Description | Default |
+|------------------------------------------|-----------------------------------------------------|---------------------------------------------------------|
+| `apisix.enabled` | Enable or disable Apache APISIX itself | `true` |
+| `apisix.image.repository` | Apache APISIX image repository | `apache/apisix` |
+| `apisix.image.tag` | Apache APISIX image tag | `{TAG_NAME}` (the latest Apache APISIX image tag) |
+| `apisix.image.pullPolicy` | Apache APISIX image pull policy | `IfNotPresent` |
+| `apisix.replicaCount` | Apache APISIX deploy replica count | `1` |
+| `apisix.podAnnotations` | Annotations to add to each pod | `{}` |
+| `apisix.podSecurityContext` | Set the securityContext for Apache APISIX pods | `{}` |
+| `apisix.securityContext` | Set the securityContext for Apache APISIX container | `{}` |
+| `apisix.resources` | Set pod resource requests & limits | `{}` |
+| `apisix.nodeSelector` | Node labels for Apache APISIX pod assignment | `{}` |
+| `apisix.tolerations` | List of node taints to tolerate | `{}` |
+| `apisix.affinity` | Set affinity for Apache APISIX deploy | `{}` |
+| `apisix.podAntiAffinity.enabled` | Enable or disable podAntiAffinity | `false` |
+
+
+### gateway parameters
+
+Apache APISIX service parameters, this determines how users can access itself.
+
+| Parameter | Description | Default |
+|----------------------------|----------------------------------------------------------------------------------|---------------------------------------------------------|
+| `gateway.type` | Apache APISIX service type for user access itself | `NodePort` |
+| `gateway.http` | Apache APISIX service settings for http | |
+| `gateway.tls` | Apache APISIX service settings for tls | |
+| `gateway.stream` | Apache APISIX service settings for stream | |
+| `gateway.ingress` | Using ingress access Apache APISIX service | |
+
+
+### admin parameters
+
+| Parameter | Description | Default |
+|----------------------------|----------------------------------------------------------------------------------|---------------------------------------------------------|
+| `admin.enabled` | Enable or disable Apache APISIX admin API | `true` |
+| `admin.port` | which port to use for Apache APISIX admin API | `9180` |
+| `admin.servicePort` | Service port to use for Apache APISIX admin API | `9180` |
+| `admin.type` | Apache APISIX admin API service type | `ClusterIP` |
+| `admin.externalIPs` | IPs for which nodes in the cluster will also accept traffic for the servic | `[]` |
+| `admin.cors` | Apache APISIX admin API support CORS response headers | `true` |
+| `admin.credentials.admin` | Apache APISIX admin API admin role credentials | `edd1c9f034335f136f87ad84b625c8f1` |
+| `admin.credentials.viewer` | Apache APISIX admin API viewer role credentials | `4054f7cf07e344346cd3f287985e76a2` |
+| `admin.allow.ipList` | the IP range allowed to Apache APISIX admin API | `true` |
+
+### plugins and stream_plugins parameters
+
+Default enabled plugins. See [configmap template](charts/apisix/templates/configmap.yaml) for details.
+
+
+### etcd parameters
+
+Configurations for etcd sub chart.
+
+### dashboard parameters
+
+Configurations for apisix-dashboard sub chart.
+
+
+### ingress-controller parameters
+
+Configurations for Apache APISIX ingress-controller sub chart.
diff --git a/charts/apisix/charts/apisix-dashboard-0.1.2.tgz b/charts/apisix/charts/apisix-dashboard-0.1.2.tgz
new file mode 100644
index 0000000..4585c58
Binary files /dev/null and b/charts/apisix/charts/apisix-dashboard-0.1.2.tgz differ
diff --git a/charts/apisix/charts/apisix-ingress-controller-0.4.0.tgz b/charts/apisix/charts/apisix-ingress-controller-0.4.0.tgz
new file mode 100644
index 0000000..cd31d27
Binary files /dev/null and b/charts/apisix/charts/apisix-ingress-controller-0.4.0.tgz differ
diff --git a/charts/apisix/charts/etcd-5.2.1.tgz b/charts/apisix/charts/etcd-5.2.1.tgz
new file mode 100644
index 0000000..1df6384
Binary files /dev/null and b/charts/apisix/charts/etcd-5.2.1.tgz differ
diff --git a/charts/apisix/templates/configmap.yaml b/charts/apisix/templates/configmap.yaml
index a3d0883..0696f7e 100644
--- a/charts/apisix/templates/configmap.yaml
+++ b/charts/apisix/templates/configmap.yaml
@@ -14,6 +14,7 @@
# See the License for the specific language governing permissions and
# limitations under the License.
+{{- if .Values.apisix.enabled }}
apiVersion: v1
kind: ConfigMap
metadata:
@@ -74,8 +75,8 @@ data:
# cache_levels: "1:2"
allow_admin: # http://nginx.org/en/docs/http/ngx_http_access_module.html#allow
- {{- if .Values.allow.ipList }}
- {{- range $ips := .Values.allow.ipList }}
+ {{- if .Values.admin.allow.ipList }}
+ {{- range $ips := .Values.admin.allow.ipList }}
- {{ $ips }}
{{- end }}
{{- else }}
@@ -174,3 +175,4 @@ data:
{{- range $plugin := .Values.stream_plugins }}
- {{ $plugin }}
{{- end }}
+{{- end }}
diff --git a/charts/apisix/templates/deployment.yaml b/charts/apisix/templates/deployment.yaml
index 318cff2..9cf7d40 100644
--- a/charts/apisix/templates/deployment.yaml
+++ b/charts/apisix/templates/deployment.yaml
@@ -14,6 +14,7 @@
# See the License for the specific language governing permissions and
# limitations under the License.
+{{- if .Values.apisix.enabled }}
apiVersion: apps/v1
kind: Deployment
metadata:
@@ -23,7 +24,7 @@ metadata:
{{- include "apisix.labels" . | nindent 4 }}
spec:
{{- if not .Values.autoscaling.enabled }}
- replicas: {{ .Values.replicaCount }}
+ replicas: {{ .Values.apisix.replicaCount }}
{{- end }}
selector:
matchLabels:
@@ -38,7 +39,7 @@ spec:
labels:
{{- include "apisix.selectorLabels" . | nindent 8 }}
spec:
- {{- with .Values.imagePullSecrets }}
+ {{- with .Values.global.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 8 }}
{{- end }}
@@ -48,8 +49,8 @@ spec:
- name: {{ .Chart.Name }}
securityContext:
{{- toYaml .Values.securityContext | nindent 12 }}
- image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
- imagePullPolicy: {{ .Values.image.pullPolicy }}
+ image: "{{ .Values.apisix.image.repository }}:{{ .Values.apisix.image.tag | default .Chart.AppVersion }}"
+ imagePullPolicy: {{ .Values.apisix.image.pullPolicy }}
ports:
- name: http
containerPort: {{ .Values.gateway.http.containerPort }}
@@ -82,7 +83,7 @@ spec:
name: apisix-config
subPath: config.yaml
resources:
- {{- toYaml .Values.resources | nindent 12 }}
+ {{- toYaml .Values.apisix.resources | nindent 12 }}
{{- if .Values.etcd.enabled }}
initContainers:
- name: wait-etcd
@@ -93,15 +94,15 @@ spec:
- configMap:
name: {{ include "apisix.fullname" . }}
name: apisix-config
- {{- with .Values.nodeSelector }}
+ {{- with .Values.apisix.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 8 }}
{{- end }}
affinity:
- {{- with .Values.affinity }}
+ {{- with .Values.apisix.affinity }}
{{- toYaml . | nindent 8 }}
{{- end }}
- {{- if .Values.podAntiAffinity.enabled }}
+ {{- if .Values.apisix.podAntiAffinity.enabled }}
podAntiAffinity:
preferredDuringSchedulingIgnoredDuringExecution:
- podAffinityTerm:
@@ -114,7 +115,8 @@ spec:
topologyKey: kubernetes.io/hostname
weight: 100
{{- end }}
- {{- with .Values.tolerations }}
+ {{- with .Values.apisix.tolerations }}
tolerations:
{{- toYaml . | nindent 8 }}
{{- end }}
+{{- end }}
diff --git a/charts/apisix/templates/hpa.yaml b/charts/apisix/templates/hpa.yaml
index 63347f0..c1b123a 100644
--- a/charts/apisix/templates/hpa.yaml
+++ b/charts/apisix/templates/hpa.yaml
@@ -14,7 +14,7 @@
# See the License for the specific language governing permissions and
# limitations under the License.
-{{- if .Values.autoscaling.enabled }}
+{{- if (and .Values.apisix.enabled .Values.autoscaling.enabled) }}
apiVersion: autoscaling/v2beta1
kind: HorizontalPodAutoscaler
metadata:
diff --git a/charts/apisix/templates/ingress.yaml b/charts/apisix/templates/ingress.yaml
index 960331f..b9220cc 100644
--- a/charts/apisix/templates/ingress.yaml
+++ b/charts/apisix/templates/ingress.yaml
@@ -13,8 +13,8 @@
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
-#
-{{- if .Values.gateway.ingress.enabled -}}
+
+{{- if (and .Values.apisix.enabled .Values.gateway.ingress.enabled) -}}
{{- $fullName := include "apisix.fullname" . -}}
{{- $svcPort := .Values.gateway.http.servicePort -}}
{{- if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion }}
diff --git a/charts/apisix/templates/service-admin.yaml b/charts/apisix/templates/service-admin.yaml
index 9d3b535..809260f 100644
--- a/charts/apisix/templates/service-admin.yaml
+++ b/charts/apisix/templates/service-admin.yaml
@@ -13,7 +13,7 @@
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
-{{ if .Values.admin.enabled }}
+{{ if (and .Values.apisix.enabled .Values.admin.enabled) }}
apiVersion: v1
kind: Service
metadata:
@@ -47,7 +47,7 @@ spec:
ports:
- name: apisix-admin
port: {{ .Values.admin.servicePort }}
- targetPort: {{ .Values.admin.containerPort }}
+ targetPort: {{ .Values.admin.port }}
{{- if (and (eq .Values.admin.type "NodePort") (not (empty .Values.admin.nodePort))) }}
nodePort: {{ .Values.admin.nodePort }}
{{- end }}
diff --git a/charts/apisix/templates/service-gateway.yaml b/charts/apisix/templates/service-gateway.yaml
index f7bc210..482e7e4 100644
--- a/charts/apisix/templates/service-gateway.yaml
+++ b/charts/apisix/templates/service-gateway.yaml
@@ -14,6 +14,7 @@
# See the License for the specific language governing permissions and
# limitations under the License.
+{{- if .Values.apisix.enabled }}
apiVersion: v1
kind: Service
metadata:
@@ -65,3 +66,4 @@ spec:
{{- end }}
selector:
{{- include "apisix.selectorLabels" . | nindent 4 }}
+{{- end }}
diff --git a/charts/apisix/values.yaml b/charts/apisix/values.yaml
index be73804..81ce5bf 100644
--- a/charts/apisix/values.yaml
+++ b/charts/apisix/values.yaml
@@ -14,36 +14,57 @@
# See the License for the specific language governing permissions and
# limitations under the License.
+global:
+ imagePullSecrets: []
+
+
apisix:
# Enable or disable Apache APISIX itself
# Set it to flase and ingress-controller.enabled=true will deploy only ingress-controller
enabled: true
-replicaCount: 1
-image:
- repository: apache/apisix
- pullPolicy: IfNotPresent
- # Overrides the image tag whose default is the chart appVersion.
- tag: 2.5-alpine
+ image:
+ repository: apache/apisix
+ pullPolicy: IfNotPresent
+ # Overrides the image tag whose default is the chart appVersion.
+ tag: 2.5-alpine
+
+ replicaCount: 1
+
+ podAnnotations: {}
+ podSecurityContext: {}
+ # fsGroup: 2000
+ securityContext: {}
+ # capabilities:
+ # drop:
+ # - ALL
+ # readOnlyRootFilesystem: true
+ # runAsNonRoot: true
+ # runAsUser: 1000
+
+ resources: {}
+ # We usually recommend not to specify default resources and to leave this as a conscious
+ # choice for the user. This also increases chances charts run on environments with little
+ # resources, such as Minikube. If you do want to specify resources, uncomment the following
+ # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
+ # limits:
+ # cpu: 100m
+ # memory: 128Mi
+ # requests:
+ # cpu: 100m
+ # memory: 128Mi
+
+ nodeSelector: {}
+ tolerations: []
+ affinity: {}
+ # If true, it will sets the anti-affinity of the Pod.
+ podAntiAffinity:
+ enabled: false
+
-imagePullSecrets: []
nameOverride: ""
fullnameOverride: ""
-podAnnotations: {}
-
-podSecurityContext:
- {}
- # fsGroup: 2000
-
-securityContext:
- {}
- # capabilities:
- # drop:
- # - ALL
- # readOnlyRootFilesystem: true
- # runAsNonRoot: true
- # runAsUser: 1000
gateway:
type: NodePort
@@ -66,7 +87,7 @@ gateway:
udp: []
ingress:
enabled: false
- annotations:
+ annotations: {}
# kubernetes.io/ingress.class: nginx
# kubernetes.io/tls-acme: "true"
hosts:
@@ -77,32 +98,6 @@ gateway:
# hosts:
# - chart-example.local
-# etcd configuration
-# use the FQDN address or the IP of the etcd
-etcd:
- # install etcd(v3) by default, set false if do not want to install etcd(v3) together
- enabled: true
- host:
- - http://etcd.host:2379 # host or ip e.g. http://172.20.128.89:2379
- prefix: "/apisix"
- timeout: 30
-
- # if etcd.enabled is true, set more values of bitnami/etcd helm chart
- auth:
- rbac:
- # No authentication by default
- enabled: false
-
-dns:
- resolvers:
- - 127.0.0.1
- - 172.20.0.10
- - 114.114.114.114
- - 223.5.5.5
- - 1.1.1.1
- - 8.8.8.8
- validity: 30
- timeout: 5
admin:
# Enable Admin API
@@ -123,16 +118,11 @@ admin:
admin: edd1c9f034335f136f87ad84b625c8f1
viewer: 4054f7cf07e344346cd3f287985e76a2
-dashboard:
- enabled: false
-
-ingress-controller:
- enabled: false
+ allow:
+ # The ip range for allowing access to Apache APISIX
+ ipList:
+ - 127.0.0.1/24
-allow:
- # The ip range for allowing access to Apache APISIX
- ipList:
- - 127.0.0.1/24
# APISIX plugins to be enabled
plugins:
@@ -178,21 +168,18 @@ plugins:
stream_plugins:
- mqtt-proxy
-resources:
- limits:
- cpu: "2"
- requests:
- cpu: "50m"
- # We usually recommend not to specify default resources and to leave this as a conscious
- # choice for the user. This also increases chances charts run on environments with little
- # resources, such as Minikube. If you do want to specify resources, uncomment the following
- # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
- # limits:
- # cpu: 100m
- # memory: 128Mi
- # requests:
- # cpu: 100m
- # memory: 128Mi
+
+dns:
+ resolvers:
+ - 127.0.0.1
+ - 172.20.0.10
+ - 114.114.114.114
+ - 223.5.5.5
+ - 1.1.1.1
+ - 8.8.8.8
+ validity: 30
+ timeout: 5
+
autoscaling:
enabled: false
@@ -201,12 +188,30 @@ autoscaling:
targetCPUUtilizationPercentage: 80
targetMemoryUtilizationPercentage: 80
-nodeSelector: {}
-tolerations: []
+# etcd configuration
+# use the FQDN address or the IP of the etcd
+etcd:
+ # install etcd(v3) by default, set false if do not want to install etcd(v3) together
+ enabled: true
+ host:
+ - http://etcd.host:2379 # host or ip e.g. http://172.20.128.89:2379
+ prefix: "/apisix"
+ timeout: 30
-affinity: {}
+ # if etcd.enabled is true, set more values of bitnami/etcd helm chart
+ auth:
+ rbac:
+ # No authentication by default
+ enabled: false
+
+ service:
+ port: 2379
+
+
+dashboard:
+ enabled: false
-# If true, it will sets the anti-affinity of the Pod.
-podAntiAffinity:
+
+ingress-controller:
enabled: false