diff --git a/bitnami/rabbitmq/Chart.yaml b/bitnami/rabbitmq/Chart.yaml index 4e16ecf839..a1e2043363 100644 --- a/bitnami/rabbitmq/Chart.yaml +++ b/bitnami/rabbitmq/Chart.yaml @@ -23,4 +23,4 @@ name: rabbitmq sources: - https://github.com/bitnami/bitnami-docker-rabbitmq - https://www.rabbitmq.com -version: 8.29.3 +version: 8.30.0 diff --git a/bitnami/rabbitmq/README.md b/bitnami/rabbitmq/README.md index 645d9b254b..60f08b680a 100644 --- a/bitnami/rabbitmq/README.md +++ b/bitnami/rabbitmq/README.md @@ -64,10 +64,10 @@ The command removes all the Kubernetes components associated with the chart and | Name | Description | Value | | ------------------- | -------------------------------------------------------------- | ---------------------- | -| `image.registry` | RabbitMQ image registry | `docker.io` | -| `image.repository` | RabbitMQ image repository | `bitnami/rabbitmq` | -| `image.tag` | RabbitMQ image tag (immutable tags are recommended) | `3.9.13-debian-10-r13` | -| `image.pullPolicy` | RabbitMQ image pull policy | `IfNotPresent` | +| `image.registry` | RabbitMQ image registry | `docker.io` | +| `image.repository` | RabbitMQ image repository | `bitnami/rabbitmq` | +| `image.tag` | RabbitMQ image tag (immutable tags are recommended) | `3.9.13-debian-10-r38` | +| `image.pullPolicy` | RabbitMQ image pull policy | `IfNotPresent` | | `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | | `image.debug` | Set to true if you would like to see extra information on logs | `false` | @@ -86,46 +86,46 @@ The command removes all the Kubernetes components associated with the chart and | `diagnosticMode.args` | Args to override all containers in the deployment | `["infinity"]` | | `hostAliases` | Deployment pod host aliases | `[]` | | `commonAnnotations` | Annotations to add to all deployed objects | `{}` | -| `auth.username` | RabbitMQ application username | `user` | -| `auth.password` | RabbitMQ application password | `""` | -| `auth.existingPasswordSecret` | Existing secret with RabbitMQ credentials (must contain a value for `rabbitmq-password` key) | `""` | +| `auth.username` | RabbitMQ application username | `user` | +| `auth.password` | RabbitMQ application password | `""` | +| `auth.existingPasswordSecret` | Existing secret with RabbitMQ credentials (must contain a value for `rabbitmq-password` key) | `""` | | `auth.erlangCookie` | Erlang cookie to determine whether different nodes are allowed to communicate with each other | `""` | -| `auth.existingErlangSecret` | Existing secret with RabbitMQ Erlang cookie (must contain a value for `rabbitmq-erlang-cookie` key) | `""` | -| `auth.tls.enabled` | Enable TLS support on RabbitMQ | `false` | +| `auth.existingErlangSecret` | Existing secret with RabbitMQ Erlang cookie (must contain a value for `rabbitmq-erlang-cookie` key) | `""` | +| `auth.tls.enabled` | Enable TLS support on RabbitMQ | `false` | | `auth.tls.autoGenerated` | Generate automatically self-signed TLS certificates | `false` | | `auth.tls.failIfNoPeerCert` | When set to true, TLS connection will be rejected if client fails to provide a certificate | `true` | | `auth.tls.sslOptionsVerify` | Should [peer verification](https://www.rabbitmq.com/ssl.html#peer-verification) be enabled? | `verify_peer` | | `auth.tls.caCertificate` | Certificate Authority (CA) bundle content | `""` | | `auth.tls.serverCertificate` | Server certificate content | `""` | | `auth.tls.serverKey` | Server private key content | `""` | -| `auth.tls.existingSecret` | Existing secret with certificate content to RabbitMQ credentials | `""` | +| `auth.tls.existingSecret` | Existing secret with certificate content to RabbitMQ credentials | `""` | | `auth.tls.existingSecretFullChain` | Whether or not the existing secret contains the full chain in the certificate (`tls.crt`). Will be used in place of `ca.cert` if `true`. | `false` | -| `logs` | Path of the RabbitMQ server's Erlang log file. Value for the `RABBITMQ_LOGS` environment variable | `-` | -| `ulimitNofiles` | RabbitMQ Max File Descriptors | `65536` | -| `maxAvailableSchedulers` | RabbitMQ maximum available scheduler threads | `""` | -| `onlineSchedulers` | RabbitMQ online scheduler threads | `""` | -| `memoryHighWatermark.enabled` | Enable configuring Memory high watermark on RabbitMQ | `false` | +| `logs` | Path of the RabbitMQ server's Erlang log file. Value for the `RABBITMQ_LOGS` environment variable | `-` | +| `ulimitNofiles` | RabbitMQ Max File Descriptors | `65536` | +| `maxAvailableSchedulers` | RabbitMQ maximum available scheduler threads | `""` | +| `onlineSchedulers` | RabbitMQ online scheduler threads | `""` | +| `memoryHighWatermark.enabled` | Enable configuring Memory high watermark on RabbitMQ | `false` | | `memoryHighWatermark.type` | Memory high watermark type. Either `absolute` or `relative` | `relative` | | `memoryHighWatermark.value` | Memory high watermark value | `0.4` | | `plugins` | List of default plugins to enable (should only be altered to remove defaults; for additional plugins use `extraPlugins`) | `rabbitmq_management rabbitmq_peer_discovery_k8s` | | `communityPlugins` | List of Community plugins (URLs) to be downloaded during container initialization | `""` | | `extraPlugins` | Extra plugins to enable (single string containing a space-separated list) | `rabbitmq_auth_backend_ldap` | -| `clustering.enabled` | Enable RabbitMQ clustering | `true` | +| `clustering.enabled` | Enable RabbitMQ clustering | `true` | | `clustering.addressType` | Switch clustering mode. Either `ip` or `hostname` | `hostname` | | `clustering.rebalance` | Rebalance master for queues in cluster when new replica is created | `false` | | `clustering.forceBoot` | Force boot of an unexpectedly shut down cluster (in an unexpected order). | `false` | | `clustering.partitionHandling` | Switch Partition Handling Strategy. Either `autoheal` or `pause-minority` or `pause-if-all-down` or `ignore` | `autoheal` | -| `loadDefinition.enabled` | Enable loading a RabbitMQ definitions file to configure RabbitMQ | `false` | +| `loadDefinition.enabled` | Enable loading a RabbitMQ definitions file to configure RabbitMQ | `false` | | `loadDefinition.existingSecret` | Existing secret with the load definitions file | `""` | | `command` | Override default container command (useful when using custom images) | `[]` | | `args` | Override default container args (useful when using custom images) | `[]` | | `terminationGracePeriodSeconds` | Default duration in seconds k8s waits for container to exit before sending kill signal. | `120` | -| `extraEnvVars` | Extra environment variables to add to RabbitMQ pods | `[]` | +| `extraEnvVars` | Extra environment variables to add to RabbitMQ pods | `[]` | | `extraEnvVarsCM` | Name of existing ConfigMap containing extra environment variables | `""` | | `extraEnvVarsSecret` | Name of existing Secret containing extra environment variables (in case of sensitive data) | `""` | | `extraContainerPorts` | Extra ports to be included in container spec, primarily informational | `[]` | -| `configuration` | RabbitMQ Configuration file content: required cluster configuration | `""` | -| `extraConfiguration` | Configuration file content: extra configuration to be appended to RabbitMQ configuration | `""` | +| `configuration` | RabbitMQ Configuration file content: required cluster configuration | `""` | +| `extraConfiguration` | Configuration file content: extra configuration to be appended to RabbitMQ configuration | `""` | | `advancedConfiguration` | Configuration file content: advanced configuration | `""` | | `ldap.enabled` | Enable LDAP support | `false` | | `ldap.servers` | List of LDAP servers hostnames | `[]` | @@ -142,14 +142,14 @@ The command removes all the Kubernetes components associated with the chart and | Name | Description | Value | | ------------------------------------ | ------------------------------------------------------------------------------------------------------------------------ | --------------- | -| `replicaCount` | Number of RabbitMQ replicas to deploy | `1` | +| `replicaCount` | Number of RabbitMQ replicas to deploy | `1` | | `schedulerName` | Use an alternate scheduler, e.g. "stork". | `""` | | `podManagementPolicy` | Pod management policy | `OrderedReady` | -| `podLabels` | RabbitMQ Pod labels. Evaluated as a template | `{}` | -| `podAnnotations` | RabbitMQ Pod annotations. Evaluated as a template | `{}` | -| `updateStrategyType` | Update strategy type for RabbitMQ statefulset | `RollingUpdate` | -| `statefulsetLabels` | RabbitMQ statefulset labels. Evaluated as a template | `{}` | -| `priorityClassName` | Name of the priority class to be used by RabbitMQ pods, priority class needs to be created beforehand | `""` | +| `podLabels` | RabbitMQ Pod labels. Evaluated as a template | `{}` | +| `podAnnotations` | RabbitMQ Pod annotations. Evaluated as a template | `{}` | +| `updateStrategyType` | Update strategy type for RabbitMQ statefulset | `RollingUpdate` | +| `statefulsetLabels` | RabbitMQ statefulset labels. Evaluated as a template | `{}` | +| `priorityClassName` | Name of the priority class to be used by RabbitMQ pods, priority class needs to be created beforehand | `""` | | `podAffinityPreset` | Pod affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | | `podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `soft` | | `nodeAffinityPreset.type` | Node affinity preset type. Ignored if `affinity` is set. Allowed values: `soft` or `hard` | `""` | @@ -159,12 +159,12 @@ The command removes all the Kubernetes components associated with the chart and | `nodeSelector` | Node labels for pod assignment. Evaluated as a template | `{}` | | `tolerations` | Tolerations for pod assignment. Evaluated as a template | `[]` | | `topologySpreadConstraints` | Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template | `[]` | -| `podSecurityContext.enabled` | Enable RabbitMQ pods' Security Context | `true` | +| `podSecurityContext.enabled` | Enable RabbitMQ pods' Security Context | `true` | | `podSecurityContext.fsGroup` | Group ID for the filesystem used by the containers | `1001` | | `podSecurityContext.runAsUser` | User ID for the service user running the pod | `1001` | -| `containerSecurityContext` | RabbitMQ containers' Security Context | `{}` | -| `resources.limits` | The resources limits for RabbitMQ containers | `{}` | -| `resources.requests` | The requested resources for RabbitMQ containers | `{}` | +| `containerSecurityContext` | RabbitMQ containers' Security Context | `{}` | +| `resources.limits` | The resources limits for RabbitMQ containers | `{}` | +| `resources.requests` | The requested resources for RabbitMQ containers | `{}` | | `livenessProbe.enabled` | Enable livenessProbe | `true` | | `livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `120` | | `livenessProbe.periodSeconds` | Period seconds for livenessProbe | `30` | @@ -180,8 +180,8 @@ The command removes all the Kubernetes components associated with the chart and | `customLivenessProbe` | Override default liveness probe | `{}` | | `customReadinessProbe` | Override default readiness probe | `{}` | | `customStartupProbe` | Define a custom startup probe | `{}` | -| `initContainers` | Add init containers to the RabbitMQ pod | `[]` | -| `sidecars` | Add sidecar containers to the RabbitMQ pod | `[]` | +| `initContainers` | Add init containers to the RabbitMQ pod | `[]` | +| `sidecars` | Add sidecar containers to the RabbitMQ pod | `[]` | | `pdb.create` | Enable/disable a Pod Disruption Budget creation | `false` | | `pdb.minAvailable` | Minimum number/percentage of pods that should remain scheduled | `1` | | `pdb.maxUnavailable` | Maximum number/percentage of pods that may be made unavailable | `""` | @@ -189,26 +189,26 @@ The command removes all the Kubernetes components associated with the chart and ### RBAC parameters -| Name | Description | Value | -| --------------------------------------------- | ------------------------------------------------------- | ------ | +| Name | Description | Value | +| --------------------------------------------- | --------------------------------------------------- | ------ | | `serviceAccount.create` | Enable creation of ServiceAccount for RabbitMQ pods | `true` | -| `serviceAccount.name` | Name of the created serviceAccount | `""` | -| `serviceAccount.automountServiceAccountToken` | Auto-mount the service account token in the pod | `true` | -| `rbac.create` | Whether RBAC rules should be created | `true` | +| `serviceAccount.name` | Name of the created serviceAccount | `""` | +| `serviceAccount.automountServiceAccountToken` | Auto-mount the service account token in the pod | `true` | +| `rbac.create` | Whether RBAC rules should be created | `true` | ### Persistence parameters | Name | Description | Value | | --------------------------- | ------------------------------------------------ | -------------------------- | -| `persistence.enabled` | Enable RabbitMQ data persistence using PVC | `true` | -| `persistence.storageClass` | PVC Storage Class for RabbitMQ data volume | `""` | +| `persistence.enabled` | Enable RabbitMQ data persistence using PVC | `true` | +| `persistence.storageClass` | PVC Storage Class for RabbitMQ data volume | `""` | | `persistence.selector` | Selector to match an existing Persistent Volume | `{}` | -| `persistence.accessMode` | PVC Access Mode for RabbitMQ data volume | `ReadWriteOnce` | +| `persistence.accessMode` | PVC Access Mode for RabbitMQ data volume | `ReadWriteOnce` | | `persistence.existingClaim` | Provide an existing PersistentVolumeClaims | `""` | | `persistence.mountPath` | The path the volume will be mounted at | `/bitnami/rabbitmq/mnesia` | | `persistence.subPath` | The subdirectory of the volume to mount to | `""` | -| `persistence.size` | PVC Storage Request for RabbitMQ data volume | `8Gi` | +| `persistence.size` | PVC Storage Request for RabbitMQ data volume | `8Gi` | | `persistence.volumes` | Additional volumes without creating PVC | `[]` | | `persistence.annotations` | Persistence annotations. Evaluated as a template | `{}` | @@ -229,14 +229,14 @@ The command removes all the Kubernetes components associated with the chart and | `service.distPort` | Erlang distribution server port | `25672` | | `service.distPortName` | Erlang distribution service port name | `dist` | | `service.distNodePort` | Node port override for `dist` port, if serviceType is `NodePort` | `""` | -| `service.managerPortEnabled` | RabbitMQ Manager port | `true` | -| `service.managerPort` | RabbitMQ Manager port | `15672` | -| `service.managerPortName` | RabbitMQ Manager service port name | `http-stats` | +| `service.managerPortEnabled` | RabbitMQ Manager port | `true` | +| `service.managerPort` | RabbitMQ Manager port | `15672` | +| `service.managerPortName` | RabbitMQ Manager service port name | `http-stats` | | `service.managerNodePort` | Node port override for `http-stats` port, if serviceType `NodePort` | `""` | -| `service.metricsPort` | RabbitMQ Prometheues metrics port | `9419` | -| `service.metricsPortName` | RabbitMQ Prometheues metrics service port name | `metrics` | +| `service.metricsPort` | RabbitMQ Prometheues metrics port | `9419` | +| `service.metricsPortName` | RabbitMQ Prometheues metrics service port name | `metrics` | | `service.metricsNodePort` | Node port override for `metrics` port, if serviceType is `NodePort` | `""` | -| `service.epmdPortEnabled` | RabbitMQ EPMD Discovery service port | `true` | +| `service.epmdPortEnabled` | RabbitMQ EPMD Discovery service port | `true` | | `service.epmdNodePort` | Node port override for `epmd` port, if serviceType is `NodePort` | `""` | | `service.epmdPortName` | EPMD Discovery service port name | `epmd` | | `service.extraPorts` | Extra ports to expose in the service | `[]` | @@ -255,6 +255,7 @@ The command removes all the Kubernetes components associated with the chart and | `ingress.tls` | Enable TLS configuration for the hostname defined at `ingress.hostname` parameter | `false` | | `ingress.selfSigned` | Set this to true in order to create a TLS secret for this ingress record | `false` | | `ingress.extraHosts` | The list of additional hostnames to be covered with this ingress record. | `[]` | +| `ingress.extraRules` | The list of additional rules to be added to this ingress record. Evaluated as a template | `[]` | | `ingress.extraTls` | The tls configuration for additional hostnames to be covered with this ingress record. | `[]` | | `ingress.secrets` | Custom TLS certificates as secrets | `[]` | | `ingress.ingressClassName` | IngressClass that will be be used to implement the Ingress (Kubernetes 1.18+) | `""` | @@ -267,8 +268,8 @@ The command removes all the Kubernetes components associated with the chart and | Name | Description | Value | | ------------------------------------------ | ------------------------------------------------------------------------------------------------------ | --------------------- | -| `metrics.enabled` | Enable exposing RabbitMQ metrics to be gathered by Prometheus | `false` | -| `metrics.plugins` | Plugins to enable Prometheus metrics in RabbitMQ | `rabbitmq_prometheus` | +| `metrics.enabled` | Enable exposing RabbitMQ metrics to be gathered by Prometheus | `false` | +| `metrics.plugins` | Plugins to enable Prometheus metrics in RabbitMQ | `rabbitmq_prometheus` | | `metrics.podAnnotations` | Annotations for enabling prometheus to access the metrics endpoint | `{}` | | `metrics.serviceMonitor.enabled` | Create ServiceMonitor Resource for scraping metrics using PrometheusOperator | `false` | | `metrics.serviceMonitor.namespace` | Specify the namespace in which the serviceMonitor resource will be created | `""` | @@ -295,7 +296,7 @@ The command removes all the Kubernetes components associated with the chart and | `volumePermissions.enabled` | Enable init container that changes the owner and group of the persistent volume(s) mountpoint to `runAsUser:fsGroup` | `false` | | `volumePermissions.image.registry` | Init container volume-permissions image registry | `docker.io` | | `volumePermissions.image.repository` | Init container volume-permissions image repository | `bitnami/bitnami-shell` | -| `volumePermissions.image.tag` | Init container volume-permissions image tag | `10-debian-10-r326` | +| `volumePermissions.image.tag` | Init container volume-permissions image tag | `10-debian-10-r349` | | `volumePermissions.image.pullPolicy` | Init container volume-permissions image pull policy | `IfNotPresent` | | `volumePermissions.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` | | `volumePermissions.resources.limits` | Init container volume-permissions resource limits | `{}` | diff --git a/bitnami/rabbitmq/templates/ingress.yaml b/bitnami/rabbitmq/templates/ingress.yaml index aa956237d0..09ba870bb3 100644 --- a/bitnami/rabbitmq/templates/ingress.yaml +++ b/bitnami/rabbitmq/templates/ingress.yaml @@ -41,7 +41,10 @@ spec: {{- if eq "true" (include "common.ingress.supportsPathType" $) }} pathType: {{ default "ImplementationSpecific" .pathType }} {{- end }} - backend: {{- include "common.ingress.backend" (dict "serviceName" (include "common.names.fullname" $) "servicePort" "http-stats" "context" $) | nindent 14 }} + backend: {{- include "common.ingress.backend" (dict "serviceName" (include "common.names.fullname" $) "servicePort" .Values.service.managerPortName "context" $) | nindent 14 }} + {{- end }} + {{- if .Values.ingress.extraRules }} + {{- include "common.tplvalues.render" (dict "value" .Values.ingress.extraRules "context" $) | nindent 4 }} {{- end }} {{- if or (and .Values.ingress.tls (or (include "common.ingress.certManagerRequest" ( dict "annotations" .Values.ingress.annotations )) .Values.ingress.selfSigned)) .Values.ingress.extraTls }} tls: diff --git a/bitnami/rabbitmq/values.yaml b/bitnami/rabbitmq/values.yaml index 037120a727..a90ed3a28e 100644 --- a/bitnami/rabbitmq/values.yaml +++ b/bitnami/rabbitmq/values.yaml @@ -932,6 +932,11 @@ ingress: ## extraHosts: [] + ## @param ingress.extraRules The list of additional rules to be added to this ingress record. Evaluated as a template + ## Useful when looking for additional customization, such as using different backend + ## + extraRules: [] + ## @param ingress.extraTls The tls configuration for additional hostnames to be covered with this ingress record. ## see: https://kubernetes.io/docs/concepts/services-networking/ingress/#tls ## e.g: