diff --git a/bitnami/rabbitmq/Chart.yaml b/bitnami/rabbitmq/Chart.yaml index bf38968fbe..2ba702384e 100644 --- a/bitnami/rabbitmq/Chart.yaml +++ b/bitnami/rabbitmq/Chart.yaml @@ -23,4 +23,4 @@ name: rabbitmq sources: - https://github.com/bitnami/bitnami-docker-rabbitmq - https://www.rabbitmq.com -version: 8.19.3 +version: 8.20.0 diff --git a/bitnami/rabbitmq/README.md b/bitnami/rabbitmq/README.md index 15a3b8edbe..942751e210 100644 --- a/bitnami/rabbitmq/README.md +++ b/bitnami/rabbitmq/README.md @@ -204,50 +204,51 @@ The command removes all the Kubernetes components associated with the chart and ### Exposure parameters -| Name | Description | Value | -| ---------------------------------- | -------------------------------------------------------------------------------------------------------------- | ------------------------ | -| `service.type` | Kubernetes Service type | `ClusterIP` | -| `service.port` | Amqp port | `5672` | -| `service.portName` | Amqp service port name | `amqp` | -| `service.tlsPort` | Amqp TLS port | `5671` | -| `service.tlsPortName` | Amqp TLS service port name | `amqp-ssl` | -| `service.nodePort` | Node port override for `amqp` port, if serviceType is `NodePort` or `LoadBalancer` | `""` | -| `service.tlsNodePort` | Node port override for `amqp-ssl` port, if serviceType is `NodePort` or `LoadBalancer` | `""` | -| `service.distPort` | Erlang distribution server port | `25672` | -| `service.distPortName` | Erlang distribution service port name | `dist` | -| `service.distNodePort` | Node port override for `dist` port, if serviceType is `NodePort` | `""` | -| `service.managerPortEnabled` | RabbitMQ Manager port | `true` | -| `service.managerPort` | RabbitMQ Manager port | `true` | -| `service.managerPortName` | RabbitMQ Manager service port name | `http-stats` | -| `service.managerNodePort` | Node port override for `http-stats` port, if serviceType `NodePort` | `""` | -| `service.metricsPort` | RabbitMQ Prometheues metrics port | `9419` | -| `service.metricsPortName` | RabbitMQ Prometheues metrics service port name | `metrics` | -| `service.metricsNodePort` | Node port override for `metrics` port, if serviceType is `NodePort` | `""` | -| `service.epmdNodePort` | Node port override for `epmd` port, if serviceType is `NodePort` | `""` | -| `service.epmdPortName` | EPMD Discovery service port name | `epmd` | -| `service.extraPorts` | Extra ports to expose in the service | `[]` | -| `service.loadBalancerSourceRanges` | Address(es) that are allowed when service is `LoadBalancer` | `[]` | -| `service.externalIPs` | Set the ExternalIPs | `[]` | -| `service.externalTrafficPolicy` | Enable client source IP preservation | `Cluster` | -| `service.loadBalancerIP` | Set the LoadBalancerIP | `""` | -| `service.labels` | Service labels. Evaluated as a template | `{}` | -| `service.annotations` | Service annotations. Evaluated as a template | `{}` | -| `service.annotationsHeadless` | Headless Service annotations. Evaluated as a template | `{}` | -| `ingress.enabled` | Enable ingress resource for Management console | `false` | -| `ingress.path` | Path for the default host. You may need to set this to '/*' in order to use this with ALB ingress controllers. | `/` | -| `ingress.pathType` | Ingress path type | `ImplementationSpecific` | -| `ingress.hostname` | Default host for the ingress resource | `rabbitmq.local` | -| `ingress.annotations` | Ingress annotations | `{}` | -| `ingress.tls` | Enable TLS configuration for the hostname defined at `ingress.hostname` parameter | `false` | -| `ingress.certManager` | Set this to true in order to add the corresponding annotations for cert-manager | `false` | -| `ingress.selfSigned` | Set this to true in order to create a TLS secret for this ingress record | `false` | -| `ingress.extraHosts` | The list of additional hostnames to be covered with this ingress record. | `[]` | -| `ingress.extraTls` | The tls configuration for additional hostnames to be covered with this ingress record. | `[]` | -| `ingress.secrets` | Custom TLS certificates as secrets | `[]` | -| `ingress.ingressClassName` | IngressClass that will be be used to implement the Ingress (Kubernetes 1.18+) | `""` | -| `networkPolicy.enabled` | Enable creation of NetworkPolicy resources | `false` | -| `networkPolicy.allowExternal` | Don't require client label for connections | `true` | -| `networkPolicy.additionalRules` | Additional NetworkPolicy Ingress "from" rules to set. Note that all rules are OR-ed. | `[]` | +| Name | Description | Value | +| ---------------------------------- | ----------------------------------------------------------------------------------------------------------------------- | ------------------------ | +| `service.type` | Kubernetes Service type | `ClusterIP` | +| `service.portEnabled` | Amqp port. Cannot be disabled when `auth.tls.enabled` is `false`. Listener can be disabled with `listeners.tcp = none`. | `true` | +| `service.port` | Amqp port | `5672` | +| `service.portName` | Amqp service port name | `amqp` | +| `service.tlsPort` | Amqp TLS port | `5671` | +| `service.tlsPortName` | Amqp TLS service port name | `amqp-ssl` | +| `service.nodePort` | Node port override for `amqp` port, if serviceType is `NodePort` or `LoadBalancer` | `""` | +| `service.tlsNodePort` | Node port override for `amqp-ssl` port, if serviceType is `NodePort` or `LoadBalancer` | `""` | +| `service.distPort` | Erlang distribution server port | `25672` | +| `service.distPortName` | Erlang distribution service port name | `dist` | +| `service.distNodePort` | Node port override for `dist` port, if serviceType is `NodePort` | `""` | +| `service.managerPortEnabled` | RabbitMQ Manager port | `true` | +| `service.managerPort` | RabbitMQ Manager port | `true` | +| `service.managerPortName` | RabbitMQ Manager service port name | `http-stats` | +| `service.managerNodePort` | Node port override for `http-stats` port, if serviceType `NodePort` | `""` | +| `service.metricsPort` | RabbitMQ Prometheues metrics port | `9419` | +| `service.metricsPortName` | RabbitMQ Prometheues metrics service port name | `metrics` | +| `service.metricsNodePort` | Node port override for `metrics` port, if serviceType is `NodePort` | `""` | +| `service.epmdNodePort` | Node port override for `epmd` port, if serviceType is `NodePort` | `""` | +| `service.epmdPortName` | EPMD Discovery service port name | `epmd` | +| `service.extraPorts` | Extra ports to expose in the service | `[]` | +| `service.loadBalancerSourceRanges` | Address(es) that are allowed when service is `LoadBalancer` | `[]` | +| `service.externalIPs` | Set the ExternalIPs | `[]` | +| `service.externalTrafficPolicy` | Enable client source IP preservation | `Cluster` | +| `service.loadBalancerIP` | Set the LoadBalancerIP | `""` | +| `service.labels` | Service labels. Evaluated as a template | `{}` | +| `service.annotations` | Service annotations. Evaluated as a template | `{}` | +| `service.annotationsHeadless` | Headless Service annotations. Evaluated as a template | `{}` | +| `ingress.enabled` | Enable ingress resource for Management console | `false` | +| `ingress.path` | Path for the default host. You may need to set this to '/*' in order to use this with ALB ingress controllers. | `/` | +| `ingress.pathType` | Ingress path type | `ImplementationSpecific` | +| `ingress.hostname` | Default host for the ingress resource | `rabbitmq.local` | +| `ingress.annotations` | Ingress annotations | `{}` | +| `ingress.tls` | Enable TLS configuration for the hostname defined at `ingress.hostname` parameter | `false` | +| `ingress.certManager` | Set this to true in order to add the corresponding annotations for cert-manager | `false` | +| `ingress.selfSigned` | Set this to true in order to create a TLS secret for this ingress record | `false` | +| `ingress.extraHosts` | The list of additional hostnames to be covered with this ingress record. | `[]` | +| `ingress.extraTls` | The tls configuration for additional hostnames to be covered with this ingress record. | `[]` | +| `ingress.secrets` | Custom TLS certificates as secrets | `[]` | +| `ingress.ingressClassName` | IngressClass that will be be used to implement the Ingress (Kubernetes 1.18+) | `""` | +| `networkPolicy.enabled` | Enable creation of NetworkPolicy resources | `false` | +| `networkPolicy.allowExternal` | Don't require client label for connections | `true` | +| `networkPolicy.additionalRules` | Additional NetworkPolicy Ingress "from" rules to set. Note that all rules are OR-ed. | `[]` | ### Metrics Parameters diff --git a/bitnami/rabbitmq/templates/NOTES.txt b/bitnami/rabbitmq/templates/NOTES.txt index c95b519c83..24ffa890df 100644 --- a/bitnami/rabbitmq/templates/NOTES.txt +++ b/bitnami/rabbitmq/templates/NOTES.txt @@ -1,3 +1,5 @@ +{{- $servicePort := or (.Values.service.portEnabled) (not .Values.auth.tls.enabled) | ternary .Values.service.port .Values.service.tlsPort -}} +{{- $serviceNodePort := or (.Values.service.portEnabled) (not .Values.auth.tls.enabled) | ternary .Values.service.nodePort .Values.service.tlsNodePort -}} ** Please be patient while the chart is being deployed ** {{- if .Values.diagnosticMode.enabled }} @@ -32,7 +34,7 @@ Note that the credentials are saved in persistent volume claims and will not be This is applicable when no passwords are set and therefore the random password is autogenerated. In case of using a fixed password, you should specify it when upgrading. More information about the credentials may be found at https://docs.bitnami.com/general/how-to/troubleshoot-helm-chart-issues/#credential-errors-while-upgrading-chart-releases. -RabbitMQ can be accessed within the cluster on port {{ .Values.service.nodePort }} at {{ include "rabbitmq.fullname" . }}.{{ .Release.Namespace }}.svc.{{ .Values.clustering.k8s_domain }} +RabbitMQ can be accessed within the cluster on port {{ $serviceNodePort }} at {{ include "rabbitmq.fullname" . }}.{{ .Release.Namespace }}.svc.{{ .Values.clustering.k8s_domain }} To access for outside the cluster, perform the following steps: @@ -57,7 +59,7 @@ NOTE: It may take a few minutes for the LoadBalancer IP to be available. Watch the status with: 'kubectl get svc --namespace {{ .Release.Namespace }} -w {{ include "rabbitmq.fullname" . }}' export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "rabbitmq.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}") - echo "URL : amqp://$SERVICE_IP:{{ .Values.service.port }}/" + echo "URL : amqp://$SERVICE_IP:{{ $servicePort }}/" {{- else if contains "ClusterIP" .Values.service.type }} @@ -65,8 +67,8 @@ To Access the RabbitMQ AMQP port: 1. Create a port-forward to the AMQP port: - kubectl port-forward --namespace {{ .Release.Namespace }} svc/{{ include "rabbitmq.fullname" . }} {{ .Values.service.port }}:{{ .Values.service.port }} & - echo "URL : amqp://127.0.0.1:{{ .Values.service.port }}/" + kubectl port-forward --namespace {{ .Release.Namespace }} svc/{{ include "rabbitmq.fullname" . }} {{ $servicePort }}:{{ $servicePort }} & + echo "URL : amqp://127.0.0.1:{{ $servicePort }}/" {{- end }} @@ -110,7 +112,7 @@ NOTE: It may take a few minutes for the LoadBalancer IP to be available. To Access the RabbitMQ AMQP port: - echo "URL : amqp://$SERVICE_IP:{{ .Values.service.port }}/" + echo "URL : amqp://$SERVICE_IP:{{ $servicePort }}/" To Access the RabbitMQ Management interface: @@ -120,8 +122,8 @@ To Access the RabbitMQ Management interface: To Access the RabbitMQ AMQP port: - echo "URL : amqp://127.0.0.1:{{ .Values.service.port }}/" - kubectl port-forward --namespace {{ .Release.Namespace }} svc/{{ include "rabbitmq.fullname" . }} {{ .Values.service.port }}:{{ .Values.service.port }} + echo "URL : amqp://127.0.0.1:{{ $servicePort }}/" + kubectl port-forward --namespace {{ .Release.Namespace }} svc/{{ include "rabbitmq.fullname" . }} {{ $servicePort }}:{{ $servicePort }} To Access the RabbitMQ Management interface: diff --git a/bitnami/rabbitmq/templates/statefulset.yaml b/bitnami/rabbitmq/templates/statefulset.yaml index b7c8f0a4a8..9eeb7a99fc 100644 --- a/bitnami/rabbitmq/templates/statefulset.yaml +++ b/bitnami/rabbitmq/templates/statefulset.yaml @@ -212,8 +212,10 @@ spec: {{- end }} {{- end }} ports: + {{- if or (.Values.service.portEnabled) (not .Values.auth.tls.enabled) }} - name: amqp containerPort: 5672 + {{- end }} {{- if .Values.auth.tls.enabled }} - name: amqp-ssl containerPort: {{ .Values.service.tlsPort }} diff --git a/bitnami/rabbitmq/templates/svc-headless.yaml b/bitnami/rabbitmq/templates/svc-headless.yaml index c374dc2857..4ed26cc4d3 100644 --- a/bitnami/rabbitmq/templates/svc-headless.yaml +++ b/bitnami/rabbitmq/templates/svc-headless.yaml @@ -19,9 +19,11 @@ spec: - name: {{ .Values.service.epmdPortName }} port: 4369 targetPort: epmd + {{- if or (.Values.service.portEnabled) (not .Values.auth.tls.enabled) }} - name: amqp port: {{ .Values.service.port }} targetPort: {{ .Values.service.portName }} + {{- end }} {{- if .Values.auth.tls.enabled }} - name: {{ .Values.service.tlsPortName }} port: {{ .Values.service.tlsPort }} diff --git a/bitnami/rabbitmq/templates/svc.yaml b/bitnami/rabbitmq/templates/svc.yaml index 2f7312f4e9..2b4c224aa9 100644 --- a/bitnami/rabbitmq/templates/svc.yaml +++ b/bitnami/rabbitmq/templates/svc.yaml @@ -33,6 +33,7 @@ spec: externalIPs: {{- toYaml .Values.service.externalIPs | nindent 4 }} {{- end }} ports: + {{- if or (.Values.service.portEnabled) (not .Values.auth.tls.enabled) }} - name: {{ .Values.service.portName }} port: {{ .Values.service.port }} targetPort: amqp @@ -41,6 +42,7 @@ spec: {{- else if and (or (eq .Values.service.type "NodePort") (eq .Values.service.type "LoadBalancer")) (not (empty .Values.service.nodePort)) }} nodePort: {{ .Values.service.nodePort }} {{- end }} + {{- end }} {{- if .Values.auth.tls.enabled }} - name: {{ .Values.service.tlsPortName }} port: {{ .Values.service.tlsPort }} diff --git a/bitnami/rabbitmq/values.yaml b/bitnami/rabbitmq/values.yaml index 1cd93ea1b6..3169604280 100644 --- a/bitnami/rabbitmq/values.yaml +++ b/bitnami/rabbitmq/values.yaml @@ -703,6 +703,10 @@ service: ## @param service.type Kubernetes Service type ## type: ClusterIP + + ## @param service.portEnabled Amqp port. Cannot be disabled when `auth.tls.enabled` is `false`. Listener can be disabled with `listeners.tcp = none`. + portEnabled: true + ## @param service.port Amqp port ## ref: https://github.com/bitnami/bitnami-docker-rabbitmq#environment-variables ##