Bitnami/charts
2
0
Fork 0
mirror of https://github.com/bitnami/charts.git synced 2026-03-15 06:47:24 +08:00
Code Issues Packages Projects Releases Wiki Activity

[bitnami/apisix]: Correct values comments (#34737)

Browse Source 
* docs(bitnami/apisix): correct comments in values

Signed-off-by: mikyll <righi.michy@gmail.com>

* chore(bitnami/apisix): bump chart version

Signed-off-by: mikyll <righi.michy@gmail.com>

* Update CHANGELOG.md

Signed-off-by: Bitnami Bot <bitnami.bot@broadcom.com>

* Update README.md with readme-generator-for-helm

Signed-off-by: Bitnami Bot <bitnami.bot@broadcom.com>

* Update CHANGELOG.md

Signed-off-by: Bitnami Bot <bitnami.bot@broadcom.com>

---------

Signed-off-by: mikyll <righi.michy@gmail.com>
Signed-off-by: Bitnami Bot <bitnami.bot@broadcom.com>
Co-authored-by: Bitnami Bot <bitnami.bot@broadcom.com>
This commit is contained in:
Michele Righi
2025-07-07 13:06:29 +02:00
committed by GitHub
parent 396147d60d
commit e9bc018e68
4 changed files with 362 additions and 346 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
bitnami/apisix/CHANGELOG.md
View File

@@ -1,8 +1,24 @@
# Changelog
## 5.0.1 (2025-05-28)
## 5.0.5 (2025-07-02)
* feat: [bitnami/apisix] Add dnsPolicy parameter support ([#33926](https://github.com/bitnami/charts/pull/33926))
* [bitnami/apisix]: Correct values comments ([#34737](https://github.com/bitnami/charts/pull/34737))
## <small>5.0.4 (2025-06-27)</small>
* [bitnami/apisix] :zap: :arrow_up: Update dependency references (#34687) ([605be56](https://github.com/bitnami/charts/commit/605be569626e31e217e61c5dc96964b8cf861201)), closes [#34687](https://github.com/bitnami/charts/issues/34687)
## <small>5.0.3 (2025-06-13)</small>
* [bitnami/apisix] :zap: :arrow_up: Update dependency references (#34390) ([c6638d8](https://github.com/bitnami/charts/commit/c6638d85b4251c422aba1b1819d6f7c38906a637)), closes [#34390](https://github.com/bitnami/charts/issues/34390)
## <small>5.0.2 (2025-06-05)</small>
* [bitnami/apisix] :zap: :arrow_up: Update dependency references (#34131) ([6c92e2b](https://github.com/bitnami/charts/commit/6c92e2b43c77189862658dce993e624ab6ecb9ab)), closes [#34131](https://github.com/bitnami/charts/issues/34131)
## <small>5.0.1 (2025-05-29)</small>
* feat: [bitnami/apisix] Add dnsPolicy parameter support (#33926) ([62bffa4](https://github.com/bitnami/charts/commit/62bffa41d6c4ae2eb5d1ffb986d1b3993d9122ef)), closes [#33926](https://github.com/bitnami/charts/issues/33926)
## 5.0.0 (2025-05-26)

2
bitnami/apisix/Chart.yaml
View File

@@ -48,4 +48,4 @@ sources:
- https://github.com/bitnami/charts/tree/main/bitnami/apisix
- https://github.com/bitnami/charts/tree/main/bitnami/apisix-dashboard
- https://github.com/bitnami/charts/tree/main/bitnami/apisix-ingress-controller
version: 5.0.4
version: 5.0.5

352
bitnami/apisix/README.md
View File

@@ -313,28 +313,28 @@ As an alternative, use one of the preset configurations for pod affinity, pod an
| Name | Description | Value |
| ------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------- |
| `dataPlane.enabled` | Enable APISIX | `true` |
| `dataPlane.useDaemonSet` | Deploy as DaemonSet | `false` |
| `dataPlane.replicaCount` | Number of APISIX replicas to deploy | `1` |
| `dataPlane.hostNetwork` | Use hostNetwork | `false` |
| `dataPlane.dnsPolicy` | DNS policy for APISIX pods | `ClusterFirst` |
| `dataPlane.containerPorts.http` | APISIX HTTP container port | `9080` |
| `dataPlane.containerPorts.https` | APISIX HTTPS container port | `9443` |
| `dataPlane.containerPorts.control` | APISIX control container port | `9090` |
| `dataPlane.containerPorts.metrics` | APISIX metrics container port | `9099` |
| `dataPlane.livenessProbe.enabled` | Enable livenessProbe on APISIX containers | `true` |
| `dataPlane.enabled` | Enable APISIX Data Plane | `true` |
| `dataPlane.useDaemonSet` | Deploy Data Plane as DaemonSet | `false` |
| `dataPlane.replicaCount` | Number of APISIX Data Plane replicas to deploy | `1` |
| `dataPlane.hostNetwork` | Use hostNetwork in APISIX Data Plane | `false` |
| `dataPlane.dnsPolicy` | DNS policy for APISIX Data Plane pods | `ClusterFirst` |
| `dataPlane.containerPorts.http` | APISIX Data Plane HTTP container port | `9080` |
| `dataPlane.containerPorts.https` | APISIX Data Plane HTTPS container port | `9443` |
| `dataPlane.containerPorts.control` | APISIX Data Plane control container port | `9090` |
| `dataPlane.containerPorts.metrics` | APISIX Data Plane metrics container port | `9099` |
| `dataPlane.livenessProbe.enabled` | Enable livenessProbe on APISIX Data Plane containers | `true` |
| `dataPlane.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `5` |
| `dataPlane.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` |
| `dataPlane.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` |
| `dataPlane.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `5` |
| `dataPlane.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` |
| `dataPlane.readinessProbe.enabled` | Enable readinessProbe on APISIX containers | `true` |
| `dataPlane.readinessProbe.enabled` | Enable readinessProbe on APISIX Data Plane containers | `true` |
| `dataPlane.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `5` |
| `dataPlane.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` |
| `dataPlane.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `5` |
| `dataPlane.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `5` |
| `dataPlane.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` |
| `dataPlane.startupProbe.enabled` | Enable startupProbe on APISIX containers | `false` |
| `dataPlane.startupProbe.enabled` | Enable startupProbe on APISIX Data Plane containers | `false` |
| `dataPlane.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `5` |
| `dataPlane.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` |
| `dataPlane.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `5` |
@@ -345,30 +345,30 @@ As an alternative, use one of the preset configurations for pod affinity, pod an
| `dataPlane.customStartupProbe` | Custom startupProbe that overrides the default one | `{}` |
| `dataPlane.resourcesPreset` | Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if dataPlane.resources is set (dataPlane.resources is recommended for production). | `nano` |
| `dataPlane.resources` | Set container requests and limits for different resources like CPU or memory (essential for production workloads) | `{}` |
| `dataPlane.podSecurityContext.enabled` | Enabled APISIX pods' Security Context | `true` |
| `dataPlane.podSecurityContext.enabled` | Enabled APISIX Data Plane pods' Security Context | `true` |
| `dataPlane.podSecurityContext.fsGroupChangePolicy` | Set filesystem group change policy | `Always` |
| `dataPlane.podSecurityContext.sysctls` | Set kernel settings using the sysctl interface | `[]` |
| `dataPlane.podSecurityContext.supplementalGroups` | Set filesystem extra groups | `[]` |
| `dataPlane.podSecurityContext.fsGroup` | Set APISIX pod's Security Context fsGroup | `1001` |
| `dataPlane.containerSecurityContext.enabled` | Enabled APISIX containers' Security Context | `true` |
| `dataPlane.podSecurityContext.fsGroup` | Set APISIX Data Plane pod's Security Context fsGroup | `1001` |
| `dataPlane.containerSecurityContext.enabled` | Enabled APISIX Data Plane containers' Security Context | `true` |
| `dataPlane.containerSecurityContext.seLinuxOptions` | Set SELinux options in container | `{}` |
| `dataPlane.containerSecurityContext.runAsUser` | Set APISIX containers' Security Context runAsUser | `1001` |
| `dataPlane.containerSecurityContext.runAsGroup` | Set APISIX containers' Security Context runAsGroup | `1001` |
| `dataPlane.containerSecurityContext.runAsNonRoot` | Set APISIX containers' Security Context runAsNonRoot | `true` |
| `dataPlane.containerSecurityContext.privileged` | Set APISIX containers' Security Context privileged | `false` |
| `dataPlane.containerSecurityContext.readOnlyRootFilesystem` | Set APISIX containers' Security Context runAsNonRoot | `true` |
| `dataPlane.containerSecurityContext.allowPrivilegeEscalation` | Set APISIX container's privilege escalation | `false` |
| `dataPlane.containerSecurityContext.capabilities.drop` | Set APISIX container's Security Context runAsNonRoot | `["ALL"]` |
| `dataPlane.containerSecurityContext.seccompProfile.type` | Set APISIX container's Security Context seccomp profile | `RuntimeDefault` |
| `dataPlane.containerSecurityContext.runAsUser` | Set APISIX Data Plane containers' Security Context runAsUser | `1001` |
| `dataPlane.containerSecurityContext.runAsGroup` | Set APISIX Data Plane containers' Security Context runAsGroup | `1001` |
| `dataPlane.containerSecurityContext.runAsNonRoot` | Set APISIX Data Plane containers' Security Context runAsNonRoot | `true` |
| `dataPlane.containerSecurityContext.privileged` | Set APISIX Data Plane containers' Security Context privileged | `false` |
| `dataPlane.containerSecurityContext.readOnlyRootFilesystem` | Set APISIX Data Plane containers' Security Context runAsNonRoot | `true` |
| `dataPlane.containerSecurityContext.allowPrivilegeEscalation` | Set APISIX Data Plane container's privilege escalation | `false` |
| `dataPlane.containerSecurityContext.capabilities.drop` | Set APISIX Data Plane container's Security Context runAsNonRoot | `["ALL"]` |
| `dataPlane.containerSecurityContext.seccompProfile.type` | Set APISIX Data Plane container's Security Context seccomp profile | `RuntimeDefault` |
| `dataPlane.command` | Override default container command (useful when using custom images) | `[]` |
| `dataPlane.args` | Override default container args (useful when using custom images) | `[]` |
| `dataPlane.automountServiceAccountToken` | Mount Service Account token in pod | `true` |
| `dataPlane.hostAliases` | APISIX pods host aliases | `[]` |
| `dataPlane.defaultConfig` | Apisix apisix configuration (evaluated as a template) | `""` |
| `dataPlane.extraConfig` | extra configuration parameters to add to the config.yaml file in APISIX Data plane | `{}` |
| `dataPlane.existingConfigMap` | name of a ConfigMap with existing configuration for the apisix | `""` |
| `dataPlane.extraConfigExistingConfigMap` | name of a ConfigMap with existing configuration for the data plane | `""` |
| `dataPlane.tls.enabled` | Enable TLS transport in Data Plane | `true` |
| `dataPlane.hostAliases` | APISIX Data Plane pods host aliases | `[]` |
| `dataPlane.defaultConfig` | APISIX Data Plane configuration (evaluated as a template) | `""` |
| `dataPlane.extraConfig` | extra configuration parameters to add to the config.yaml file in APISIX Data Plane | `{}` |
| `dataPlane.existingConfigMap` | name of a ConfigMap with existing configuration for APISIX Data Plane | `""` |
| `dataPlane.extraConfigExistingConfigMap` | name of a ConfigMap with existing configuration for APISIX Data Plane | `""` |
| `dataPlane.tls.enabled` | Enable TLS transport in APISIX Data Plane | `true` |
| `dataPlane.tls.autoGenerated` | Auto-generate self-signed certificates | `true` |
| `dataPlane.tls.existingSecret` | Name of a secret containing the certificates | `""` |
| `dataPlane.tls.certFilename` | Path of the certificate file when mounted as a secret | `tls.crt` |
@@ -377,8 +377,8 @@ As an alternative, use one of the preset configurations for pod affinity, pod an
| `dataPlane.tls.cert` | Content of the certificate to be added to the secret | `""` |
| `dataPlane.tls.key` | Content of the certificate key to be added to the secret | `""` |
| `dataPlane.tls.ca` | Content of the certificate CA to be added to the secret | `""` |
| `dataPlane.podLabels` | Extra labels for APISIX pods | `{}` |
| `dataPlane.podAnnotations` | Annotations for APISIX pods | `{}` |
| `dataPlane.podLabels` | Extra labels for APISIX Data Plane pods | `{}` |
| `dataPlane.podAnnotations` | Annotations for APISIX Data Plane pods | `{}` |
| `dataPlane.podAffinityPreset` | Pod affinity preset. Ignored if `apisix.affinity` is set. Allowed values: `soft` or `hard` | `""` |
| `dataPlane.podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `apisix.affinity` is set. Allowed values: `soft` or `hard` | `soft` |
| `dataPlane.pdb.create` | Enable/disable a Pod Disruption Budget creation | `true` |
@@ -387,41 +387,41 @@ As an alternative, use one of the preset configurations for pod affinity, pod an
| `dataPlane.nodeAffinityPreset.type` | Node affinity preset type. Ignored if `apisix.affinity` is set. Allowed values: `soft` or `hard` | `""` |
| `dataPlane.nodeAffinityPreset.key` | Node label key to match. Ignored if `apisix.affinity` is set | `""` |
| `dataPlane.nodeAffinityPreset.values` | Node label values to match. Ignored if `apisix.affinity` is set | `[]` |
| `dataPlane.affinity` | Affinity for APISIX pods assignment | `{}` |
| `dataPlane.nodeSelector` | Node labels for APISIX pods assignment | `{}` |
| `dataPlane.tolerations` | Tolerations for APISIX pods assignment | `[]` |
| `dataPlane.updateStrategy.type` | APISIX statefulset strategy type | `RollingUpdate` |
| `dataPlane.priorityClassName` | APISIX pods' priorityClassName | `""` |
| `dataPlane.affinity` | Affinity for APISIX Data Plane pods assignment | `{}` |
| `dataPlane.nodeSelector` | Node labels for APISIX Data Plane pods assignment | `{}` |
| `dataPlane.tolerations` | Tolerations for APISIX Data Plane pods assignment | `[]` |
| `dataPlane.updateStrategy.type` | APISIX Data Plane statefulset strategy type | `RollingUpdate` |
| `dataPlane.priorityClassName` | APISIX Data Plane pods' priorityClassName | `""` |
| `dataPlane.topologySpreadConstraints` | Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template | `[]` |
| `dataPlane.schedulerName` | Name of the k8s scheduler (other than default) for APISIX pods | `""` |
| `dataPlane.schedulerName` | Name of the k8s scheduler (other than default) for APISIX Data Plane pods | `""` |
| `dataPlane.terminationGracePeriodSeconds` | Seconds Redmine pod needs to terminate gracefully | `""` |
| `dataPlane.lifecycleHooks` | for the APISIX container(s) to automate configuration before or after startup | `{}` |
| `dataPlane.extraEnvVars` | Array with extra environment variables to add to APISIX nodes | `[]` |
| `dataPlane.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for APISIX nodes | `""` |
| `dataPlane.extraEnvVarsSecret` | Name of existing Secret containing extra env vars for APISIX nodes | `""` |
| `dataPlane.extraVolumes` | Optionally specify extra list of additional volumes for the APISIX pod(s) | `[]` |
| `dataPlane.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the APISIX container(s) | `[]` |
| `dataPlane.sidecars` | Add additional sidecar containers to the APISIX pod(s) | `[]` |
| `dataPlane.initContainers` | Add additional init containers to the APISIX pod(s) | `[]` |
| `dataPlane.lifecycleHooks` | for the APISIX Data Plane container(s) to automate configuration before or after startup | `{}` |
| `dataPlane.extraEnvVars` | Array with extra environment variables to add to APISIX Data Plane nodes | `[]` |
| `dataPlane.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for APISIX Data Plane nodes | `""` |
| `dataPlane.extraEnvVarsSecret` | Name of existing Secret containing extra env vars for APISIX Data Plane nodes | `""` |
| `dataPlane.extraVolumes` | Optionally specify extra list of additional volumes for the APISIX Data Plane pod(s) | `[]` |
| `dataPlane.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the APISIX Data Plane container(s) | `[]` |
| `dataPlane.sidecars` | Add additional sidecar containers to the APISIX Data Plane pod(s) | `[]` |
| `dataPlane.initContainers` | Add additional init containers to the APISIX Data Plane pod(s) | `[]` |
### APISIX Data Plane Traffic Exposure Parameters
| Name | Description | Value |
| ------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------- | ------------------------- |
| `dataPlane.service.type` | APISIX service type | `LoadBalancer` |
| `dataPlane.service.ports.http` | APISIX service HTTP port | `80` |
| `dataPlane.service.ports.https` | APISIX service HTTPS port | `443` |
| `dataPlane.service.ports.metrics` | APISIX service HTTPS port | `8080` |
| `dataPlane.service.type` | APISIX Data Plane service type | `LoadBalancer` |
| `dataPlane.service.ports.http` | APISIX Data Plane service HTTP port | `80` |
| `dataPlane.service.ports.https` | APISIX Data Plane service HTTPS port | `443` |
| `dataPlane.service.ports.metrics` | APISIX Data Plane service HTTPS port | `8080` |
| `dataPlane.service.nodePorts.http` | Node port for HTTP | `""` |
| `dataPlane.service.nodePorts.https` | Node port for HTTPS | `""` |
| `dataPlane.service.nodePorts.metrics` | Node port for metrics | `""` |
| `dataPlane.service.clusterIP` | APISIX service Cluster IP | `""` |
| `dataPlane.service.loadBalancerIP` | APISIX service Load Balancer IP | `""` |
| `dataPlane.service.loadBalancerSourceRanges` | APISIX service Load Balancer sources | `[]` |
| `dataPlane.service.externalIPs` | APISIX service External IPs | `[]` |
| `dataPlane.service.externalTrafficPolicy` | APISIX service external traffic policy | `Cluster` |
| `dataPlane.service.annotations` | Additional custom annotations for APISIX service | `{}` |
| `dataPlane.service.extraPorts` | Extra ports to expose in APISIX service (normally used with the `sidecars` value) | `[]` |
| `dataPlane.service.clusterIP` | APISIX Data Plane service Cluster IP | `""` |
| `dataPlane.service.loadBalancerIP` | APISIX Data Plane service Load Balancer IP | `""` |
| `dataPlane.service.loadBalancerSourceRanges` | APISIX Data Plane service Load Balancer sources | `[]` |
| `dataPlane.service.externalIPs` | APISIX Data Plane service External IPs | `[]` |
| `dataPlane.service.externalTrafficPolicy` | APISIX Data Plane service external traffic policy | `Cluster` |
| `dataPlane.service.annotations` | Additional custom annotations for APISIX Data Plane service | `{}` |
| `dataPlane.service.extraPorts` | Extra ports to expose in APISIX Data Plane service (normally used with the `sidecars` value) | `[]` |
| `dataPlane.service.sessionAffinity` | Control where web requests go, to the same pod or round-robin | `None` |
| `dataPlane.service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` |
| `dataPlane.networkPolicy.enabled` | Specifies whether a NetworkPolicy should be created | `true` |
@@ -432,7 +432,7 @@ As an alternative, use one of the preset configurations for pod affinity, pod an
| `dataPlane.networkPolicy.extraEgress` | Add extra ingress rules to the NetworkPolicy (ignored if allowExternalEgress=true) | `[]` |
| `dataPlane.networkPolicy.ingressNSMatchLabels` | Labels to match to allow traffic from other namespaces | `{}` |
| `dataPlane.networkPolicy.ingressNSPodMatchLabels` | Pod labels to match to allow traffic from other namespaces | `{}` |
| `dataPlane.ingress.enabled` | Enable ingress record generation for Apisix | `false` |
| `dataPlane.ingress.enabled` | Enable ingress record generation for APISIX Data Plane | `false` |
| `dataPlane.ingress.pathType` | Ingress path type | `ImplementationSpecific` |
| `dataPlane.ingress.apiVersion` | Force Ingress API version (automatically detected if not set) | `""` |
| `dataPlane.ingress.hostname` | Default host for the ingress record | `apisix-data-plane.local` |
@@ -465,21 +465,21 @@ As an alternative, use one of the preset configurations for pod affinity, pod an
### APISIX Data Plane RBAC Parameters
| Name | Description | Value |
| ------------------------------------------------------- | ---------------------------------------------------------------- | ------- |
| `dataPlane.rbac.create` | Specifies whether RBAC resources should be created | `true` |
| `dataPlane.rbac.rules` | Custom RBAC rules to set | `[]` |
| `dataPlane.serviceAccount.create` | Specifies whether a ServiceAccount should be created | `true` |
| `dataPlane.serviceAccount.name` | The name of the ServiceAccount to use. | `""` |
| `dataPlane.serviceAccount.annotations` | Additional Service Account annotations (evaluated as a template) | `{}` |
| `dataPlane.serviceAccount.automountServiceAccountToken` | Automount service account token for the apisix service account | `false` |
| Name | Description | Value |
| ------------------------------------------------------- | ------------------------------------------------------------------------- | ------- |
| `dataPlane.rbac.create` | Specifies whether RBAC resources should be created | `true` |
| `dataPlane.rbac.rules` | Custom RBAC rules to set | `[]` |
| `dataPlane.serviceAccount.create` | Specifies whether a ServiceAccount should be created | `true` |
| `dataPlane.serviceAccount.name` | The name of the ServiceAccount to use. | `""` |
| `dataPlane.serviceAccount.annotations` | Additional Service Account annotations (evaluated as a template) | `{}` |
| `dataPlane.serviceAccount.automountServiceAccountToken` | Automount service account token for the APISIX Data Plane service account | `false` |
### APISIX Data Plane Metrics Parameters
| Name | Description | Value |
| ---------------------------------------------------- | ------------------------------------------------------------------------------------------------------ | ------- |
| `dataPlane.metrics.enabled` | Enable the export of Prometheus metrics | `false` |
| `dataPlane.metrics.annotations` | Annotations for the apisix service in order to scrape metrics | `{}` |
| `dataPlane.metrics.annotations` | Annotations for the APISIX Data Plane service in order to scrape metrics | `{}` |
| `dataPlane.metrics.serviceMonitor.enabled` | if `true`, creates a Prometheus Operator ServiceMonitor (also requires `metrics.enabled` to be `true`) | `false` |
| `dataPlane.metrics.serviceMonitor.namespace` | Namespace in which Prometheus is running | `""` |
| `dataPlane.metrics.serviceMonitor.annotations` | Additional custom annotations for the ServiceMonitor | `{}` |
@@ -496,28 +496,28 @@ As an alternative, use one of the preset configurations for pod affinity, pod an
| Name | Description | Value |
| ---------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------- |
| `controlPlane.enabled` | Enable APISIX | `true` |
| `controlPlane.replicaCount` | Number of APISIX replicas to deploy | `1` |
| `controlPlane.enabled` | Enable APISIX Control Plane | `true` |
| `controlPlane.replicaCount` | Number of APISIX Control Plane replicas to deploy | `1` |
| `controlPlane.hostNetwork` | Use hostNetwork | `false` |
| `controlPlane.dnsPolicy` | DNS policy for APISIX Admin pods | `ClusterFirst` |
| `controlPlane.dnsPolicy` | DNS policy for APISIX Control Plane pods | `ClusterFirst` |
| `controlPlane.useDaemonSet` | Deploy as DaemonSet | `false` |
| `controlPlane.containerPorts.adminAPI` | APISIX Admin API port | `9180` |
| `controlPlane.containerPorts.configServer` | APISIX config port | `9280` |
| `controlPlane.containerPorts.control` | APISIX control port | `9090` |
| `controlPlane.containerPorts.metrics` | APISIX metrics port | `9099` |
| `controlPlane.livenessProbe.enabled` | Enable livenessProbe on APISIX containers | `true` |
| `controlPlane.containerPorts.adminAPI` | APISIX Control Plane Admin API port | `9180` |
| `controlPlane.containerPorts.configServer` | APISIX Control Plane config port | `9280` |
| `controlPlane.containerPorts.control` | APISIX Control Plane control port | `9090` |
| `controlPlane.containerPorts.metrics` | APISIX Control Plane metrics port | `9099` |
| `controlPlane.livenessProbe.enabled` | Enable livenessProbe on APISIX Control Plane containers | `true` |
| `controlPlane.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `5` |
| `controlPlane.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` |
| `controlPlane.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` |
| `controlPlane.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `5` |
| `controlPlane.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` |
| `controlPlane.readinessProbe.enabled` | Enable readinessProbe on APISIX containers | `true` |
| `controlPlane.readinessProbe.enabled` | Enable readinessProbe on APISIX Control Plane containers | `true` |
| `controlPlane.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `5` |
| `controlPlane.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` |
| `controlPlane.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `5` |
| `controlPlane.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `5` |
| `controlPlane.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` |
| `controlPlane.startupProbe.enabled` | Enable startupProbe on APISIX containers | `false` |
| `controlPlane.startupProbe.enabled` | Enable startupProbe on APISIX Control Plane containers | `false` |
| `controlPlane.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `5` |
| `controlPlane.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` |
| `controlPlane.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `5` |
@@ -528,35 +528,35 @@ As an alternative, use one of the preset configurations for pod affinity, pod an
| `controlPlane.customStartupProbe` | Custom startupProbe that overrides the default one | `{}` |
| `controlPlane.resourcesPreset` | Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if controlPlane.resources is set (controlPlane.resources is recommended for production). | `nano` |
| `controlPlane.resources` | Set container requests and limits for different resources like CPU or memory (essential for production workloads) | `{}` |
| `controlPlane.podSecurityContext.enabled` | Enabled APISIX pods' Security Context | `true` |
| `controlPlane.podSecurityContext.enabled` | Enabled APISIX Control Plane pods' Security Context | `true` |
| `controlPlane.podSecurityContext.fsGroupChangePolicy` | Set filesystem group change policy | `Always` |
| `controlPlane.podSecurityContext.sysctls` | Set kernel settings using the sysctl interface | `[]` |
| `controlPlane.podSecurityContext.supplementalGroups` | Set filesystem extra groups | `[]` |
| `controlPlane.podSecurityContext.fsGroup` | Set APISIX pod's Security Context fsGroup | `1001` |
| `controlPlane.containerSecurityContext.enabled` | Enabled APISIX containers' Security Context | `true` |
| `controlPlane.podSecurityContext.fsGroup` | Set APISIX Control Plane pod's Security Context fsGroup | `1001` |
| `controlPlane.containerSecurityContext.enabled` | Enabled APISIX Control Plane containers' Security Context | `true` |
| `controlPlane.containerSecurityContext.seLinuxOptions` | Set SELinux options in container | `{}` |
| `controlPlane.containerSecurityContext.runAsUser` | Set APISIX containers' Security Context runAsUser | `1001` |
| `controlPlane.containerSecurityContext.runAsGroup` | Set APISIX containers' Security Context runAsGroup | `1001` |
| `controlPlane.containerSecurityContext.runAsNonRoot` | Set APISIX containers' Security Context runAsNonRoot | `true` |
| `controlPlane.containerSecurityContext.privileged` | Set APISIX containers' Security Context privileged | `false` |
| `controlPlane.containerSecurityContext.readOnlyRootFilesystem` | Set APISIX containers' Security Context runAsNonRoot | `true` |
| `controlPlane.containerSecurityContext.allowPrivilegeEscalation` | Set APISIX container's privilege escalation | `false` |
| `controlPlane.containerSecurityContext.capabilities.drop` | Set APISIX container's Security Context runAsNonRoot | `["ALL"]` |
| `controlPlane.containerSecurityContext.seccompProfile.type` | Set APISIX container's Security Context seccomp profile | `RuntimeDefault` |
| `controlPlane.containerSecurityContext.runAsUser` | Set APISIX Control Plane containers' Security Context runAsUser | `1001` |
| `controlPlane.containerSecurityContext.runAsGroup` | Set APISIX Control Plane containers' Security Context runAsGroup | `1001` |
| `controlPlane.containerSecurityContext.runAsNonRoot` | Set APISIX Control Plane containers' Security Context runAsNonRoot | `true` |
| `controlPlane.containerSecurityContext.privileged` | Set APISIX Control Plane containers' Security Context privileged | `false` |
| `controlPlane.containerSecurityContext.readOnlyRootFilesystem` | Set APISIX Control Plane containers' Security Context runAsNonRoot | `true` |
| `controlPlane.containerSecurityContext.allowPrivilegeEscalation` | Set APISIX Control Plane container's privilege escalation | `false` |
| `controlPlane.containerSecurityContext.capabilities.drop` | Set APISIX Control Plane container's Security Context runAsNonRoot | `["ALL"]` |
| `controlPlane.containerSecurityContext.seccompProfile.type` | Set APISIX Control Plane container's Security Context seccomp profile | `RuntimeDefault` |
| `controlPlane.command` | Override default container command (useful when using custom images) | `[]` |
| `controlPlane.args` | Override default container args (useful when using custom images) | `[]` |
| `controlPlane.automountServiceAccountToken` | Mount Service Account token in pod | `true` |
| `controlPlane.hostAliases` | APISIX pods host aliases | `[]` |
| `controlPlane.apiTokenAdmin` | Admin API Token for APISIX control plane | `""` |
| `controlPlane.apiTokenViewer` | Viewer API Token for APISIX control plane | `""` |
| `controlPlane.existingSecret` | Name of a secret containing API Tokens for APISIX control plane | `""` |
| `controlPlane.existingSecretAdminTokenKey` | Key inside the secret containing the Admin API Tokens for APISIX control plane | `""` |
| `controlPlane.existingSecretViewerTokenKey` | Key inside the secret containing the Viewer API Tokens for APISIX control plane | `""` |
| `controlPlane.defaultConfig` | Apisix apisix configuration (evaluated as a template) | `""` |
| `controlPlane.hostAliases` | APISIX Control Plane pods host aliases | `[]` |
| `controlPlane.apiTokenAdmin` | Admin API Token for APISIX Control Plane | `""` |
| `controlPlane.apiTokenViewer` | Viewer API Token for APISIX Control Plane | `""` |
| `controlPlane.existingSecret` | Name of a secret containing API Tokens for APISIX Control Plane | `""` |
| `controlPlane.existingSecretAdminTokenKey` | Key inside the secret containing the Admin API Tokens for APISIX Control Plane | `""` |
| `controlPlane.existingSecretViewerTokenKey` | Key inside the secret containing the Viewer API Tokens for APISIX Control Plane | `""` |
| `controlPlane.defaultConfig` | APISIX Control Plane configuration (evaluated as a template) | `""` |
| `controlPlane.extraConfig` | extra configuration parameters to add to the config.yaml file in APISIX Control plane | `{}` |
| `controlPlane.existingConfigMap` | name of a ConfigMap with existing configuration for the apisix | `""` |
| `controlPlane.extraConfigExistingConfigMap` | name of a ConfigMap with existing configuration for the conrol plane | `""` |
| `controlPlane.tls.enabled` | Enable TLS transport in Control Plane | `true` |
| `controlPlane.existingConfigMap` | name of a ConfigMap with existing configuration for APISIX Control Plane | `""` |
| `controlPlane.extraConfigExistingConfigMap` | name of a ConfigMap with existing configuration for APISIX Control Plane | `""` |
| `controlPlane.tls.enabled` | Enable TLS transport in APISIX Control Plane | `true` |
| `controlPlane.tls.autoGenerated` | Auto-generate self-signed certificates | `true` |
| `controlPlane.tls.existingSecret` | Name of a secret containing the certificates | `""` |
| `controlPlane.tls.certFilename` | Path of the certificate file when mounted as a secret | `tls.crt` |
@@ -565,8 +565,8 @@ As an alternative, use one of the preset configurations for pod affinity, pod an
| `controlPlane.tls.cert` | Content of the certificate to be added to the secret | `""` |
| `controlPlane.tls.key` | Content of the certificate key to be added to the secret | `""` |
| `controlPlane.tls.ca` | Content of the certificate CA to be added to the secret | `""` |
| `controlPlane.podLabels` | Extra labels for APISIX pods | `{}` |
| `controlPlane.podAnnotations` | Annotations for APISIX pods | `{}` |
| `controlPlane.podLabels` | Extra labels for APISIX Control Plane pods | `{}` |
| `controlPlane.podAnnotations` | Annotations for APISIX Control Plane pods | `{}` |
| `controlPlane.podAffinityPreset` | Pod affinity preset. Ignored if `apisix.affinity` is set. Allowed values: `soft` or `hard` | `""` |
| `controlPlane.podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `apisix.affinity` is set. Allowed values: `soft` or `hard` | `soft` |
| `controlPlane.pdb.create` | Enable/disable a Pod Disruption Budget creation | `true` |
@@ -575,41 +575,41 @@ As an alternative, use one of the preset configurations for pod affinity, pod an
| `controlPlane.nodeAffinityPreset.type` | Node affinity preset type. Ignored if `apisix.affinity` is set. Allowed values: `soft` or `hard` | `""` |
| `controlPlane.nodeAffinityPreset.key` | Node label key to match. Ignored if `apisix.affinity` is set | `""` |
| `controlPlane.nodeAffinityPreset.values` | Node label values to match. Ignored if `apisix.affinity` is set | `[]` |
| `controlPlane.affinity` | Affinity for APISIX pods assignment | `{}` |
| `controlPlane.nodeSelector` | Node labels for APISIX pods assignment | `{}` |
| `controlPlane.tolerations` | Tolerations for APISIX pods assignment | `[]` |
| `controlPlane.updateStrategy.type` | APISIX statefulset strategy type | `RollingUpdate` |
| `controlPlane.priorityClassName` | APISIX pods' priorityClassName | `""` |
| `controlPlane.affinity` | Affinity for APISIX Control Plane pods assignment | `{}` |
| `controlPlane.nodeSelector` | Node labels for APISIX Control Plane pods assignment | `{}` |
| `controlPlane.tolerations` | Tolerations for APISIX Control Plane pods assignment | `[]` |
| `controlPlane.updateStrategy.type` | APISIX Control Plane statefulset strategy type | `RollingUpdate` |
| `controlPlane.priorityClassName` | APISIX Control Plane pods' priorityClassName | `""` |
| `controlPlane.topologySpreadConstraints` | Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template | `[]` |
| `controlPlane.schedulerName` | Name of the k8s scheduler (other than default) for APISIX pods | `""` |
| `controlPlane.schedulerName` | Name of the k8s scheduler (other than default) for APISIX Control Plane pods | `""` |
| `controlPlane.terminationGracePeriodSeconds` | Seconds Redmine pod needs to terminate gracefully | `""` |
| `controlPlane.lifecycleHooks` | for the APISIX container(s) to automate configuration before or after startup | `{}` |
| `controlPlane.extraEnvVars` | Array with extra environment variables to add to APISIX nodes | `[]` |
| `controlPlane.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for APISIX nodes | `""` |
| `controlPlane.extraEnvVarsSecret` | Name of existing Secret containing extra env vars for APISIX nodes | `""` |
| `controlPlane.extraVolumes` | Optionally specify extra list of additional volumes for the APISIX pod(s) | `[]` |
| `controlPlane.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the APISIX container(s) | `[]` |
| `controlPlane.sidecars` | Add additional sidecar containers to the APISIX pod(s) | `[]` |
| `controlPlane.initContainers` | Add additional init containers to the APISIX pod(s) | `[]` |
| `controlPlane.lifecycleHooks` | for the APISIX Control Plane container(s) to automate configuration before or after startup | `{}` |
| `controlPlane.extraEnvVars` | Array with extra environment variables to add to APISIX Control Plane nodes | `[]` |
| `controlPlane.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for APISIX Control Plane nodes | `""` |
| `controlPlane.extraEnvVarsSecret` | Name of existing Secret containing extra env vars for APISIX Control Plane nodes | `""` |
| `controlPlane.extraVolumes` | Optionally specify extra list of additional volumes for the APISIX Control Plane pod(s) | `[]` |
| `controlPlane.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the APISIX Control Plane container(s) | `[]` |
| `controlPlane.sidecars` | Add additional sidecar containers to the APISIX Control Plane pod(s) | `[]` |
| `controlPlane.initContainers` | Add additional init containers to the APISIX Control Plane pod(s) | `[]` |
### APISIX Control Plane Traffic Exposure Parameters
| Name | Description | Value |
| ---------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------- | ---------------------------- |
| `controlPlane.service.type` | APISIX service type | `ClusterIP` |
| `controlPlane.service.ports.adminAPI` | APISIX service Admin API port | `9180` |
| `controlPlane.service.ports.configServer` | APISIX service Config Server port | `9280` |
| `controlPlane.service.ports.metrics` | APISIX service metrics port | `8080` |
| `controlPlane.service.type` | APISIX Control Plane service type | `ClusterIP` |
| `controlPlane.service.ports.adminAPI` | APISIX Control Plane service Admin API port | `9180` |
| `controlPlane.service.ports.configServer` | APISIX Control Plane service Config Server port | `9280` |
| `controlPlane.service.ports.metrics` | APISIX Control Plane service metrics port | `8080` |
| `controlPlane.service.nodePorts.adminAPI` | Node port for Admin API | `""` |
| `controlPlane.service.nodePorts.configServer` | Node port for Config Server | `""` |
| `controlPlane.service.nodePorts.metrics` | Node port for Metrics | `""` |
| `controlPlane.service.clusterIP` | APISIX service Cluster IP | `""` |
| `controlPlane.service.loadBalancerIP` | APISIX service Load Balancer IP | `""` |
| `controlPlane.service.loadBalancerSourceRanges` | APISIX service Load Balancer sources | `[]` |
| `controlPlane.service.externalIPs` | APISIX service External IPs | `[]` |
| `controlPlane.service.externalTrafficPolicy` | APISIX service external traffic policy | `Cluster` |
| `controlPlane.service.annotations` | Additional custom annotations for APISIX service | `{}` |
| `controlPlane.service.extraPorts` | Extra ports to expose in APISIX service (normally used with the `sidecars` value) | `[]` |
| `controlPlane.service.clusterIP` | APISIX Control Plane service Cluster IP | `""` |
| `controlPlane.service.loadBalancerIP` | APISIX Control Plane service Load Balancer IP | `""` |
| `controlPlane.service.loadBalancerSourceRanges` | APISIX Control Plane service Load Balancer sources | `[]` |
| `controlPlane.service.externalIPs` | APISIX Control Plane service External IPs | `[]` |
| `controlPlane.service.externalTrafficPolicy` | APISIX Control Plane service external traffic policy | `Cluster` |
| `controlPlane.service.annotations` | Additional custom annotations for APISIX Control Plane service | `{}` |
| `controlPlane.service.extraPorts` | Extra ports to expose in APISIX Control Plane service (normally used with the `sidecars` value) | `[]` |
| `controlPlane.service.sessionAffinity` | Control where web requests go, to the same pod or round-robin | `None` |
| `controlPlane.service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` |
| `controlPlane.networkPolicy.enabled` | Specifies whether a NetworkPolicy should be created | `true` |
@@ -620,7 +620,7 @@ As an alternative, use one of the preset configurations for pod affinity, pod an
| `controlPlane.networkPolicy.extraEgress` | Add extra ingress rules to the NetworkPolicy (ignored if allowExternalEgress=true) | `[]` |
| `controlPlane.networkPolicy.ingressNSMatchLabels` | Labels to match to allow traffic from other namespaces | `{}` |
| `controlPlane.networkPolicy.ingressNSPodMatchLabels` | Pod labels to match to allow traffic from other namespaces | `{}` |
| `controlPlane.ingress.enabled` | Enable ingress record generation for Apisix | `false` |
| `controlPlane.ingress.enabled` | Enable ingress record generation for APISIX Control Plane | `false` |
| `controlPlane.ingress.pathType` | Ingress path type | `ImplementationSpecific` |
| `controlPlane.ingress.apiVersion` | Force Ingress API version (automatically detected if not set) | `""` |
| `controlPlane.ingress.hostname` | Default host for the ingress record | `apisix-control-plane.local` |
@@ -645,29 +645,29 @@ As an alternative, use one of the preset configurations for pod affinity, pod an
| `controlPlane.autoscaling.vpa.maxAllowed` | VPA Max allowed resources for the pod | `{}` |
| `controlPlane.autoscaling.vpa.minAllowed` | VPA Min allowed resources for the pod | `{}` |
| `controlPlane.autoscaling.vpa.updatePolicy.updateMode` | Autoscaling update policy Specifies whether recommended updates are applied when a Pod is started and whether recommended updates are applied during the life of a Pod | `Auto` |
| `controlPlane.autoscaling.hpa.enabled` | Enable HPA for APISIX Data Plane | `false` |
| `controlPlane.autoscaling.hpa.minReplicas` | Minimum number of APISIX Data Plane replicas | `""` |
| `controlPlane.autoscaling.hpa.maxReplicas` | Maximum number of APISIX Data Plane replicas | `""` |
| `controlPlane.autoscaling.hpa.enabled` | Enable HPA for APISIX Control Plane | `false` |
| `controlPlane.autoscaling.hpa.minReplicas` | Minimum number of APISIX Control Plane replicas | `""` |
| `controlPlane.autoscaling.hpa.maxReplicas` | Maximum number of APISIX Control Plane replicas | `""` |
| `controlPlane.autoscaling.hpa.targetCPU` | Target CPU utilization percentage | `""` |
| `controlPlane.autoscaling.hpa.targetMemory` | Target Memory utilization percentage | `""` |
### APISIX Control Plane RBAC parameters
| Name | Description | Value |
| ---------------------------------------------------------- | ---------------------------------------------------------------- | ------- |
| `controlPlane.rbac.create` | Specifies whether RBAC resources should be created | `true` |
| `controlPlane.rbac.rules` | Custom RBAC rules to set | `[]` |
| `controlPlane.serviceAccount.create` | Specifies whether a ServiceAccount should be created | `true` |
| `controlPlane.serviceAccount.name` | The name of the ServiceAccount to use. | `""` |
| `controlPlane.serviceAccount.annotations` | Additional Service Account annotations (evaluated as a template) | `{}` |
| `controlPlane.serviceAccount.automountServiceAccountToken` | Automount service account token for the apisix service account | `false` |
| Name | Description | Value |
| ---------------------------------------------------------- | ---------------------------------------------------------------------------- | ------- |
| `controlPlane.rbac.create` | Specifies whether RBAC resources should be created | `true` |
| `controlPlane.rbac.rules` | Custom RBAC rules to set | `[]` |
| `controlPlane.serviceAccount.create` | Specifies whether a ServiceAccount should be created | `true` |
| `controlPlane.serviceAccount.name` | The name of the ServiceAccount to use. | `""` |
| `controlPlane.serviceAccount.annotations` | Additional Service Account annotations (evaluated as a template) | `{}` |
| `controlPlane.serviceAccount.automountServiceAccountToken` | Automount service account token for the APISIX Control Plane service account | `false` |
### APISIX Control Plane Metrics Parameters
| Name | Description | Value |
| ------------------------------------------------------- | ------------------------------------------------------------------------------------------------------ | ------- |
| `controlPlane.metrics.enabled` | Enable the export of Prometheus metrics | `false` |
| `controlPlane.metrics.annotations` | Annotations for the apisix service in order to scrape metrics | `{}` |
| `controlPlane.metrics.annotations` | Annotations for the APISIX Control Plane service in order to scrape metrics | `{}` |
| `controlPlane.metrics.serviceMonitor.enabled` | if `true`, creates a Prometheus Operator ServiceMonitor (also requires `metrics.enabled` to be `true`) | `false` |
| `controlPlane.metrics.serviceMonitor.namespace` | Namespace in which Prometheus is running | `""` |
| `controlPlane.metrics.serviceMonitor.annotations` | Additional custom annotations for the ServiceMonitor | `{}` |
@@ -698,9 +698,9 @@ As an alternative, use one of the preset configurations for pod affinity, pod an
| `dashboard.existingSecretPasswordKey` | Key inside the secret containing the password for APISIX Dashboard | `""` |
| `dashboard.defaultConfig` | APISIX Dashboard configuration (evaluated as a template) | `""` |
| `dashboard.extraConfig` | extra configuration settings for APISIX Dashboard | `{}` |
| `dashboard.existingConfigMap` | name of a ConfigMap with existing configuration for the Dashboard | `""` |
| `dashboard.extraConfigExistingConfigMap` | name of a ConfigMap with existing configuration for the Dashboard | `""` |
| `dashboard.tls.enabled` | Enable TLS transport in Dashboard | `true` |
| `dashboard.existingConfigMap` | name of a ConfigMap with existing configuration for APISIX Dashboard | `""` |
| `dashboard.extraConfigExistingConfigMap` | name of a ConfigMap with existing configuration for APISIX Dashboard | `""` |
| `dashboard.tls.enabled` | Enable TLS transport in APISIX Dashboard | `true` |
| `dashboard.tls.autoGenerated` | Auto-generate self-signed certificates | `true` |
| `dashboard.tls.existingSecret` | Name of a secret containing the certificates | `""` |
| `dashboard.tls.certFilename` | Path of the certificate file when mounted as a secret | `tls.crt` |
@@ -737,21 +737,21 @@ As an alternative, use one of the preset configurations for pod affinity, pod an
| `dashboard.podSecurityContext.sysctls` | Set kernel settings using the sysctl interface | `[]` |
| `dashboard.podSecurityContext.supplementalGroups` | Set filesystem extra groups | `[]` |
| `dashboard.podSecurityContext.fsGroup` | Set Dashboard pod's Security Context fsGroup | `1001` |
| `dashboard.containerPorts.http` | Dashboard http container port | `8080` |
| `dashboard.containerPorts.https` | Dashboard https container port | `8443` |
| `dashboard.livenessProbe.enabled` | Enable livenessProbe on Dashboard container | `true` |
| `dashboard.containerPorts.http` | APISIX Dashboard http container port | `8080` |
| `dashboard.containerPorts.https` | APISIX Dashboard https container port | `8443` |
| `dashboard.livenessProbe.enabled` | Enable livenessProbe on APISIX Dashboard container | `true` |
| `dashboard.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `5` |
| `dashboard.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` |
| `dashboard.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` |
| `dashboard.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `5` |
| `dashboard.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` |
| `dashboard.readinessProbe.enabled` | Enable readinessProbe on Dashboard container | `true` |
| `dashboard.readinessProbe.enabled` | Enable readinessProbe on APISIX Dashboard container | `true` |
| `dashboard.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `5` |
| `dashboard.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` |
| `dashboard.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `5` |
| `dashboard.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `5` |
| `dashboard.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` |
| `dashboard.startupProbe.enabled` | Enable startupProbe on Dashboard container | `false` |
| `dashboard.startupProbe.enabled` | Enable startupProbe on APISIX Dashboard container | `false` |
| `dashboard.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `5` |
| `dashboard.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` |
| `dashboard.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `5` |
@@ -762,22 +762,22 @@ As an alternative, use one of the preset configurations for pod affinity, pod an
| `dashboard.customStartupProbe` | Custom startupProbe that overrides the default one | `{}` |
| `dashboard.resourcesPreset` | Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if dashboard.resources is set (dashboard.resources is recommended for production). | `nano` |
| `dashboard.resources` | Set container requests and limits for different resources like CPU or memory (essential for production workloads) | `{}` |
| `dashboard.containerSecurityContext.enabled` | Enabled Dashboard container' Security Context | `true` |
| `dashboard.containerSecurityContext.enabled` | Enabled APISIX Dashboard containers' Security Context | `true` |
| `dashboard.containerSecurityContext.seLinuxOptions` | Set SELinux options in container | `{}` |
| `dashboard.containerSecurityContext.runAsUser` | Set Dashboard container' Security Context runAsUser | `1001` |
| `dashboard.containerSecurityContext.runAsGroup` | Set Dashboard container' Security Context runAsGroup | `1001` |
| `dashboard.containerSecurityContext.runAsNonRoot` | Set Dashboard container' Security Context runAsNonRoot | `true` |
| `dashboard.containerSecurityContext.privileged` | Set Dashboard container' Security Context privileged | `false` |
| `dashboard.containerSecurityContext.readOnlyRootFilesystem` | Set Dashboard container' Security Context runAsNonRoot | `true` |
| `dashboard.containerSecurityContext.allowPrivilegeEscalation` | Set Dashboard container's privilege escalation | `false` |
| `dashboard.containerSecurityContext.capabilities.drop` | Set Dashboard container's Security Context runAsNonRoot | `["ALL"]` |
| `dashboard.containerSecurityContext.seccompProfile.type` | Set Dashboard container's Security Context seccomp profile | `RuntimeDefault` |
| `dashboard.containerSecurityContext.runAsUser` | Set APISIX Dashboard containers' Security Context runAsUser | `1001` |
| `dashboard.containerSecurityContext.runAsGroup` | Set APISIX Dashboard containers' Security Context runAsGroup | `1001` |
| `dashboard.containerSecurityContext.runAsNonRoot` | Set APISIX Dashboard containers' Security Context runAsNonRoot | `true` |
| `dashboard.containerSecurityContext.privileged` | Set APISIX Dashboard containers' Security Context privileged | `false` |
| `dashboard.containerSecurityContext.readOnlyRootFilesystem` | Set APISIX Dashboard containers' Security Context readOnlyRootFilesystem | `true` |
| `dashboard.containerSecurityContext.allowPrivilegeEscalation` | Set APISIX Dashboard containers' privilege escalation | `false` |
| `dashboard.containerSecurityContext.capabilities.drop` | Set APISIX Dashboard containers' Security Context capabilities drop | `["ALL"]` |
| `dashboard.containerSecurityContext.seccompProfile.type` | Set APISIX Dashboard containers' Security Context seccomp profile | `RuntimeDefault` |
| `dashboard.command` | Override default container command (useful when using custom images) | `[]` |
| `dashboard.args` | Override default container args (useful when using custom images) | `[]` |
| `dashboard.lifecycleHooks` | for the Dashboard container(s) to automate configuration before or after startup | `{}` |
| `dashboard.extraEnvVars` | Array with extra environment variables to add to Dashboard nodes | `[]` |
| `dashboard.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for Dashboard nodes | `""` |
| `dashboard.extraEnvVarsSecret` | Name of existing Secret containing extra env vars for Dashboard nodes | `""` |
| `dashboard.lifecycleHooks` | for the APISIX Dashboard container(s) to automate configuration before or after startup | `{}` |
| `dashboard.extraEnvVars` | Array with extra environment variables to add to APISIX Dashboard nodes | `[]` |
| `dashboard.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for APISIX Dashboard nodes | `""` |
| `dashboard.extraEnvVarsSecret` | Name of existing Secret containing extra env vars for APISIX Dashboard nodes | `""` |
| `dashboard.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the APISIX Dashboard container | `[]` |
### APISIX Dashboard Traffic Exposure Parameters
@@ -805,7 +805,7 @@ As an alternative, use one of the preset configurations for pod affinity, pod an
| `dashboard.networkPolicy.extraEgress` | Add extra ingress rules to the NetworkPolicy (ignored if allowExternalEgress=true) | `[]` |
| `dashboard.networkPolicy.ingressNSMatchLabels` | Labels to match to allow traffic from other namespaces | `{}` |
| `dashboard.networkPolicy.ingressNSPodMatchLabels` | Pod labels to match to allow traffic from other namespaces | `{}` |
| `dashboard.ingress.enabled` | Enable ingress record generation for Apisix | `false` |
| `dashboard.ingress.enabled` | Enable ingress record generation for APISIX Dashboard | `false` |
| `dashboard.ingress.pathType` | Ingress path type | `ImplementationSpecific` |
| `dashboard.ingress.apiVersion` | Force Ingress API version (automatically detected if not set) | `""` |
| `dashboard.ingress.hostname` | Default host for the ingress record | `apisix-dashboard.local` |
@@ -928,13 +928,13 @@ As an alternative, use one of the preset configurations for pod affinity, pod an
| `ingressController.sidecars` | Add additional sidecar containers to the APISIX Ingress Controller pod(s) | `[]` |
| `ingressController.initContainers` | Add additional init containers to the APISIX Ingress Controller pod(s) | `[]` |
| `ingressController.ingressClass.create` | Specifies whether a IngressClass should be created | `true` |
| `ingressController.ingressClass.name` | IngressClass that will be be used to implement the APISIX Ingress | `apisix` |
| `ingressController.ingressClass.annotations` | Additional annotations for the APISIX IngressClass | `{}` |
| `ingressController.defaultConfig` | APISIX Dashboard configuration (evaluated as a template) | `""` |
| `ingressController.ingressClass.name` | IngressClass that will be be used to implement the APISIX Ingress Controller Ingress | `apisix` |
| `ingressController.ingressClass.annotations` | Additional annotations for the APISIX Ingress Controller IngressClass | `{}` |
| `ingressController.defaultConfig` | APISIX Ingress Controller configuration (evaluated as a template) | `""` |
| `ingressController.extraConfig` | Extra configuration parameters for APISIX Ingress Controller | `{}` |
| `ingressController.existingConfigMap` | name of a ConfigMap with existing configuration for the Dashboard | `""` |
| `ingressController.extraConfigExistingConfigMap` | name of a ConfigMap with existing configuration for the Dashboard | `""` |
| `ingressController.tls.enabled` | Enable TLS transport in Ingress Controller | `true` |
| `ingressController.existingConfigMap` | name of a ConfigMap with existing configuration for the APISIX Ingress Controller | `""` |
| `ingressController.extraConfigExistingConfigMap` | name of a ConfigMap with existing configuration for the APISIX Ingress Controller | `""` |
| `ingressController.tls.enabled` | Enable TLS transport in APISIX Ingress Controller | `true` |
| `ingressController.tls.autoGenerated` | Auto-generate self-signed certificates | `true` |
| `ingressController.tls.existingSecret` | Name of a secret containing the certificates | `""` |
| `ingressController.tls.certFilename` | Path of the certificate file when mounted as a secret | `tls.crt` |
@@ -970,7 +970,7 @@ As an alternative, use one of the preset configurations for pod affinity, pod an
| `ingressController.networkPolicy.extraEgress` | Add extra ingress rules to the NetworkPolicy (ignored if allowExternalEgress=true) | `[]` |
| `ingressController.networkPolicy.ingressNSMatchLabels` | Labels to match to allow traffic from other namespaces | `{}` |
| `ingressController.networkPolicy.ingressNSPodMatchLabels` | Pod labels to match to allow traffic from other namespaces | `{}` |
| `ingressController.ingress.enabled` | Enable ingress record generation for Apisix | `false` |
| `ingressController.ingress.enabled` | Enable ingress record generation for APISIX Ingress Controller | `false` |
| `ingressController.ingress.pathType` | Ingress path type | `ImplementationSpecific` |
| `ingressController.ingress.apiVersion` | Force Ingress API version (automatically detected if not set) | `""` |
| `ingressController.ingress.hostname` | Default host for the ingress record | `apisix-ingress-controller.local` |
@@ -1012,7 +1012,7 @@ As an alternative, use one of the preset configurations for pod affinity, pod an
| `ingressController.serviceAccount.annotations` | Additional Service Account annotations (evaluated as a template) | `{}` |
| `ingressController.serviceAccount.automountServiceAccountToken` | Automount service account token for the server service account | `false` |
| `ingressController.metrics.enabled` | Enable the export of Prometheus metrics | `false` |
| `ingressController.metrics.annotations` | Annotations for the apisix service in order to scrape metrics | `{}` |
| `ingressController.metrics.annotations` | Annotations for the APISIX Ingress Controller service in order to scrape metrics | `{}` |
| `ingressController.metrics.serviceMonitor.enabled` | if `true`, creates a Prometheus Operator ServiceMonitor (also requires `metrics.enabled` to be `true`) | `false` |
| `ingressController.metrics.serviceMonitor.namespace` | Namespace in which Prometheus is running | `""` |
| `ingressController.metrics.serviceMonitor.annotations` | Additional custom annotations for the ServiceMonitor | `{}` |
@@ -1034,16 +1034,16 @@ As an alternative, use one of the preset configurations for pod affinity, pod an
| `waitContainer.image.digest` | Init container wait-container image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag | `""` |
| `waitContainer.image.pullPolicy` | Init container wait-container image pull policy | `IfNotPresent` |
| `waitContainer.image.pullSecrets` | Specify docker-registry secret names as an array | `[]` |
| `waitContainer.containerSecurityContext.enabled` | Enabled APISIX containers' Security Context | `true` |
| `waitContainer.containerSecurityContext.enabled` | Enabled APISIX Ingress Controller containers' Security Context | `true` |
| `waitContainer.containerSecurityContext.seLinuxOptions` | Set SELinux options in container | `{}` |
| `waitContainer.containerSecurityContext.runAsUser` | Set APISIX containers' Security Context runAsUser | `1001` |
| `waitContainer.containerSecurityContext.runAsGroup` | Set APISIX containers' Security Context runAsGroup | `1001` |
| `waitContainer.containerSecurityContext.runAsNonRoot` | Set APISIX containers' Security Context runAsNonRoot | `true` |
| `waitContainer.containerSecurityContext.privileged` | Set container's Security Context privileged | `false` |
| `waitContainer.containerSecurityContext.readOnlyRootFilesystem` | Set APISIX containers' Security Context runAsNonRoot | `true` |
| `waitContainer.containerSecurityContext.allowPrivilegeEscalation` | Set APISIX container's privilege escalation | `false` |
| `waitContainer.containerSecurityContext.capabilities.drop` | Set APISIX container's Security Context runAsNonRoot | `["ALL"]` |
| `waitContainer.containerSecurityContext.seccompProfile.type` | Set APISIX container's Security Context seccomp profile | `RuntimeDefault` |
| `waitContainer.containerSecurityContext.runAsUser` | Set APISIX Ingress Controller containers' Security Context runAsUser | `1001` |
| `waitContainer.containerSecurityContext.runAsGroup` | Set APISIX Ingress Controller containers' Security Context runAsGroup | `1001` |
| `waitContainer.containerSecurityContext.runAsNonRoot` | Set APISIX Ingress Controller containers' Security Context runAsNonRoot | `true` |
| `waitContainer.containerSecurityContext.privileged` | Set APISIX Ingress Controller containers' Security Context privileged | `false` |
| `waitContainer.containerSecurityContext.readOnlyRootFilesystem` | Set APISIX Ingress Controller containers' Security Context readOnlyRootFilesystem | `true` |
| `waitContainer.containerSecurityContext.allowPrivilegeEscalation` | Set APISIX Ingress Controller containers' Security Context allowPrivilegeEscalation | `false` |
| `waitContainer.containerSecurityContext.capabilities.drop` | Set APISIX Ingress Controller containers' Security Context capabilities.drop | `["ALL"]` |
| `waitContainer.containerSecurityContext.seccompProfile.type` | Set APISIX Ingress Controller containers' Security Context seccompProfile.type | `RuntimeDefault` |
### External etcd settings

334
bitnami/apisix/values.yaml
View File

@@ -113,37 +113,37 @@ image:
## @section APISIX Data Plane parameters
##
dataPlane:
## @param dataPlane.enabled Enable APISIX
## @param dataPlane.enabled Enable APISIX Data Plane
##
enabled: true
## @param dataPlane.useDaemonSet Deploy as DaemonSet
## @param dataPlane.useDaemonSet Deploy Data Plane as DaemonSet
##
useDaemonSet: false
## @param dataPlane.replicaCount Number of APISIX replicas to deploy
## @param dataPlane.replicaCount Number of APISIX Data Plane replicas to deploy
##
replicaCount: 1
## @param dataPlane.hostNetwork Use hostNetwork
## @param dataPlane.hostNetwork Use hostNetwork in APISIX Data Plane
##
hostNetwork: false
## @param dataPlane.dnsPolicy DNS policy for APISIX pods
## @param dataPlane.dnsPolicy DNS policy for APISIX Data Plane pods
## ref: https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/#pod-dns-policies
## NOTE: If you set hostNetwork=true, you must set dnsPolicy=ClusterFirstWithHostNet
##
dnsPolicy: ClusterFirst
## @param dataPlane.containerPorts.http APISIX HTTP container port
## @param dataPlane.containerPorts.https APISIX HTTPS container port
## @param dataPlane.containerPorts.control APISIX control container port
## @param dataPlane.containerPorts.metrics APISIX metrics container port
## @param dataPlane.containerPorts.http APISIX Data Plane HTTP container port
## @param dataPlane.containerPorts.https APISIX Data Plane HTTPS container port
## @param dataPlane.containerPorts.control APISIX Data Plane control container port
## @param dataPlane.containerPorts.metrics APISIX Data Plane metrics container port
##
containerPorts:
http: 9080
https: 9443
control: 9090
metrics: 9099
## Configure extra options for APISIX containers' liveness and readiness probes
## Configure extra options for APISIX Data Plane containers' liveness and readiness probes
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/#configure-probes
## @param dataPlane.livenessProbe.enabled Enable livenessProbe on APISIX containers
## @param dataPlane.livenessProbe.enabled Enable livenessProbe on APISIX Data Plane containers
## @param dataPlane.livenessProbe.initialDelaySeconds Initial delay seconds for livenessProbe
## @param dataPlane.livenessProbe.periodSeconds Period seconds for livenessProbe
## @param dataPlane.livenessProbe.timeoutSeconds Timeout seconds for livenessProbe
@@ -157,7 +157,7 @@ dataPlane:
timeoutSeconds: 5
failureThreshold: 5
successThreshold: 1
## @param dataPlane.readinessProbe.enabled Enable readinessProbe on APISIX containers
## @param dataPlane.readinessProbe.enabled Enable readinessProbe on APISIX Data Plane containers
## @param dataPlane.readinessProbe.initialDelaySeconds Initial delay seconds for readinessProbe
## @param dataPlane.readinessProbe.periodSeconds Period seconds for readinessProbe
## @param dataPlane.readinessProbe.timeoutSeconds Timeout seconds for readinessProbe
@@ -171,7 +171,7 @@ dataPlane:
timeoutSeconds: 5
failureThreshold: 5
successThreshold: 1
## @param dataPlane.startupProbe.enabled Enable startupProbe on APISIX containers
## @param dataPlane.startupProbe.enabled Enable startupProbe on APISIX Data Plane containers
## @param dataPlane.startupProbe.initialDelaySeconds Initial delay seconds for startupProbe
## @param dataPlane.startupProbe.periodSeconds Period seconds for startupProbe
## @param dataPlane.startupProbe.timeoutSeconds Timeout seconds for startupProbe
@@ -194,7 +194,7 @@ dataPlane:
## @param dataPlane.customStartupProbe Custom startupProbe that overrides the default one
##
customStartupProbe: {}
## APISIX resource requests and limits
## APISIX Data Plane resource requests and limits
## ref: http://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/
## @param dataPlane.resourcesPreset Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if dataPlane.resources is set (dataPlane.resources is recommended for production).
## More information: https://github.com/bitnami/charts/blob/main/bitnami/common/templates/_resources.tpl#L15
@@ -213,11 +213,11 @@ dataPlane:
resources: {}
## Configure Pods Security Context
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod
## @param dataPlane.podSecurityContext.enabled Enabled APISIX pods' Security Context
## @param dataPlane.podSecurityContext.enabled Enabled APISIX Data Plane pods' Security Context
## @param dataPlane.podSecurityContext.fsGroupChangePolicy Set filesystem group change policy
## @param dataPlane.podSecurityContext.sysctls Set kernel settings using the sysctl interface
## @param dataPlane.podSecurityContext.supplementalGroups Set filesystem extra groups
## @param dataPlane.podSecurityContext.fsGroup Set APISIX pod's Security Context fsGroup
## @param dataPlane.podSecurityContext.fsGroup Set APISIX Data Plane pod's Security Context fsGroup
##
podSecurityContext:
enabled: true
@@ -227,16 +227,16 @@ dataPlane:
fsGroup: 1001
## Configure Container Security Context
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container
## @param dataPlane.containerSecurityContext.enabled Enabled APISIX containers' Security Context
## @param dataPlane.containerSecurityContext.enabled Enabled APISIX Data Plane containers' Security Context
## @param dataPlane.containerSecurityContext.seLinuxOptions [object,nullable] Set SELinux options in container
## @param dataPlane.containerSecurityContext.runAsUser Set APISIX containers' Security Context runAsUser
## @param dataPlane.containerSecurityContext.runAsGroup Set APISIX containers' Security Context runAsGroup
## @param dataPlane.containerSecurityContext.runAsNonRoot Set APISIX containers' Security Context runAsNonRoot
## @param dataPlane.containerSecurityContext.privileged Set APISIX containers' Security Context privileged
## @param dataPlane.containerSecurityContext.readOnlyRootFilesystem Set APISIX containers' Security Context runAsNonRoot
## @param dataPlane.containerSecurityContext.allowPrivilegeEscalation Set APISIX container's privilege escalation
## @param dataPlane.containerSecurityContext.capabilities.drop Set APISIX container's Security Context runAsNonRoot
## @param dataPlane.containerSecurityContext.seccompProfile.type Set APISIX container's Security Context seccomp profile
## @param dataPlane.containerSecurityContext.runAsUser Set APISIX Data Plane containers' Security Context runAsUser
## @param dataPlane.containerSecurityContext.runAsGroup Set APISIX Data Plane containers' Security Context runAsGroup
## @param dataPlane.containerSecurityContext.runAsNonRoot Set APISIX Data Plane containers' Security Context runAsNonRoot
## @param dataPlane.containerSecurityContext.privileged Set APISIX Data Plane containers' Security Context privileged
## @param dataPlane.containerSecurityContext.readOnlyRootFilesystem Set APISIX Data Plane containers' Security Context runAsNonRoot
## @param dataPlane.containerSecurityContext.allowPrivilegeEscalation Set APISIX Data Plane container's privilege escalation
## @param dataPlane.containerSecurityContext.capabilities.drop Set APISIX Data Plane container's Security Context runAsNonRoot
## @param dataPlane.containerSecurityContext.seccompProfile.type Set APISIX Data Plane container's Security Context seccomp profile
##
containerSecurityContext:
enabled: true
@@ -260,11 +260,11 @@ dataPlane:
## @param dataPlane.automountServiceAccountToken Mount Service Account token in pod
##
automountServiceAccountToken: true
## @param dataPlane.hostAliases APISIX pods host aliases
## @param dataPlane.hostAliases APISIX Data Plane pods host aliases
## https://kubernetes.io/docs/concepts/services-networking/add-entries-to-pod-etc-hosts-with-host-aliases/
##
hostAliases: []
## @param dataPlane.defaultConfig [string] Apisix apisix configuration (evaluated as a template)
## @param dataPlane.defaultConfig [string] APISIX Data Plane configuration (evaluated as a template)
##
defaultConfig: |
{{- if .Values.dataPlane.metrics.enabled }}
@@ -359,17 +359,17 @@ dataPlane:
token_file: /var/run/secrets/kubernetes.io/serviceaccount/token
default_weight: 50 # weight assigned to each discovered endpoint. default 50, minimum 0
## @param dataPlane.extraConfig [object] extra configuration parameters to add to the config.yaml file in APISIX Data plane
## @param dataPlane.extraConfig [object] extra configuration parameters to add to the config.yaml file in APISIX Data Plane
##
extraConfig: {}
## @param dataPlane.existingConfigMap name of a ConfigMap with existing configuration for the apisix
## @param dataPlane.existingConfigMap name of a ConfigMap with existing configuration for APISIX Data Plane
##
existingConfigMap: ""
## @param dataPlane.extraConfigExistingConfigMap name of a ConfigMap with existing configuration for the data plane
## @param dataPlane.extraConfigExistingConfigMap name of a ConfigMap with existing configuration for APISIX Data Plane
##
extraConfigExistingConfigMap: ""
tls:
## @param dataPlane.tls.enabled Enable TLS transport in Data Plane
## @param dataPlane.tls.enabled Enable TLS transport in APISIX Data Plane
##
enabled: true
## @param dataPlane.tls.autoGenerated Auto-generate self-signed certificates
@@ -396,11 +396,11 @@ dataPlane:
## @param dataPlane.tls.ca Content of the certificate CA to be added to the secret
##
ca: ""
## @param dataPlane.podLabels Extra labels for APISIX pods
## @param dataPlane.podLabels Extra labels for APISIX Data Plane pods
## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/
##
podLabels: {}
## @param dataPlane.podAnnotations Annotations for APISIX pods
## @param dataPlane.podAnnotations Annotations for APISIX Data Plane pods
## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/
##
podAnnotations: {}
@@ -439,20 +439,20 @@ dataPlane:
## - e2e-az2
##
values: []
## @param dataPlane.affinity Affinity for APISIX pods assignment
## @param dataPlane.affinity Affinity for APISIX Data Plane pods assignment
## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity
## NOTE: `apisix.podAffinityPreset`, `apisix.podAntiAffinityPreset`, and `apisix.nodeAffinityPreset` will be ignored when it's set
##
affinity: {}
## @param dataPlane.nodeSelector Node labels for APISIX pods assignment
## @param dataPlane.nodeSelector Node labels for APISIX Data Plane pods assignment
## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/
##
nodeSelector: {}
## @param dataPlane.tolerations Tolerations for APISIX pods assignment
## @param dataPlane.tolerations Tolerations for APISIX Data Plane pods assignment
## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
##
tolerations: []
## @param dataPlane.updateStrategy.type APISIX statefulset strategy type
## @param dataPlane.updateStrategy.type APISIX Data Plane statefulset strategy type
## ref: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#update-strategies
##
updateStrategy:
@@ -460,14 +460,14 @@ dataPlane:
## Can be set to RollingUpdate or OnDelete
##
type: RollingUpdate
## @param dataPlane.priorityClassName APISIX pods' priorityClassName
## @param dataPlane.priorityClassName APISIX Data Plane pods' priorityClassName
##
priorityClassName: ""
## @param dataPlane.topologySpreadConstraints Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template
## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/#spread-constraints-for-pods
##
topologySpreadConstraints: []
## @param dataPlane.schedulerName Name of the k8s scheduler (other than default) for APISIX pods
## @param dataPlane.schedulerName Name of the k8s scheduler (other than default) for APISIX Data Plane pods
## ref: https://kubernetes.io/docs/tasks/administer-cluster/configure-multiple-schedulers/
##
schedulerName: ""
@@ -475,29 +475,29 @@ dataPlane:
## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod/#termination-of-pods
##
terminationGracePeriodSeconds: ""
## @param dataPlane.lifecycleHooks for the APISIX container(s) to automate configuration before or after startup
## @param dataPlane.lifecycleHooks for the APISIX Data Plane container(s) to automate configuration before or after startup
##
lifecycleHooks: {}
## @param dataPlane.extraEnvVars Array with extra environment variables to add to APISIX nodes
## @param dataPlane.extraEnvVars Array with extra environment variables to add to APISIX Data Plane nodes
## e.g:
## extraEnvVars:
## - name: FOO
## value: "bar"
##
extraEnvVars: []
## @param dataPlane.extraEnvVarsCM Name of existing ConfigMap containing extra env vars for APISIX nodes
## @param dataPlane.extraEnvVarsCM Name of existing ConfigMap containing extra env vars for APISIX Data Plane nodes
##
extraEnvVarsCM: ""
## @param dataPlane.extraEnvVarsSecret Name of existing Secret containing extra env vars for APISIX nodes
## @param dataPlane.extraEnvVarsSecret Name of existing Secret containing extra env vars for APISIX Data Plane nodes
##
extraEnvVarsSecret: ""
## @param dataPlane.extraVolumes Optionally specify extra list of additional volumes for the APISIX pod(s)
## @param dataPlane.extraVolumes Optionally specify extra list of additional volumes for the APISIX Data Plane pod(s)
##
extraVolumes: []
## @param dataPlane.extraVolumeMounts Optionally specify extra list of additional volumeMounts for the APISIX container(s)
## @param dataPlane.extraVolumeMounts Optionally specify extra list of additional volumeMounts for the APISIX Data Plane container(s)
##
extraVolumeMounts: []
## @param dataPlane.sidecars Add additional sidecar containers to the APISIX pod(s)
## @param dataPlane.sidecars Add additional sidecar containers to the APISIX Data Plane pod(s)
## e.g:
## sidecars:
## - name: your-image-name
@@ -508,7 +508,7 @@ dataPlane:
## containerPort: 1234
##
sidecars: []
## @param dataPlane.initContainers Add additional init containers to the APISIX pod(s)
## @param dataPlane.initContainers Add additional init containers to the APISIX Data Plane pod(s)
## ref: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/
## e.g:
## initContainers:
@@ -521,12 +521,12 @@ dataPlane:
## @section APISIX Data Plane Traffic Exposure Parameters
##
service:
## @param dataPlane.service.type APISIX service type
## @param dataPlane.service.type APISIX Data Plane service type
##
type: LoadBalancer
## @param dataPlane.service.ports.http APISIX service HTTP port
## @param dataPlane.service.ports.https APISIX service HTTPS port
## @param dataPlane.service.ports.metrics APISIX service HTTPS port
## @param dataPlane.service.ports.http APISIX Data Plane service HTTP port
## @param dataPlane.service.ports.https APISIX Data Plane service HTTPS port
## @param dataPlane.service.ports.metrics APISIX Data Plane service HTTPS port
##
ports:
http: 80
@@ -542,23 +542,23 @@ dataPlane:
http: ""
https: ""
metrics: ""
## @param dataPlane.service.clusterIP APISIX service Cluster IP
## @param dataPlane.service.clusterIP APISIX Data Plane service Cluster IP
## e.g.:
## clusterIP: None
##
clusterIP: ""
## @param dataPlane.service.loadBalancerIP APISIX service Load Balancer IP
## @param dataPlane.service.loadBalancerIP APISIX Data Plane service Load Balancer IP
## ref: https://kubernetes.io/docs/concepts/services-networking/service/#type-loadbalancer
##
loadBalancerIP: ""
## @param dataPlane.service.loadBalancerSourceRanges APISIX service Load Balancer sources
## @param dataPlane.service.loadBalancerSourceRanges APISIX Data Plane service Load Balancer sources
## ref: https://kubernetes.io/docs/tasks/access-application-cluster/configure-cloud-provider-firewall/#restrict-access-for-loadbalancer-service
## e.g:
## loadBalancerSourceRanges:
## - 10.10.10.0/24
##
loadBalancerSourceRanges: []
## @param dataPlane.service.externalIPs APISIX service External IPs
## @param dataPlane.service.externalIPs APISIX Data Plane service External IPs
## https://kubernetes.io/docs/concepts/services-networking/service/#external-ips
## e.g.
## externalIPs:
@@ -566,14 +566,14 @@ dataPlane:
## - 201.22.30.1
##
externalIPs: []
## @param dataPlane.service.externalTrafficPolicy APISIX service external traffic policy
## @param dataPlane.service.externalTrafficPolicy APISIX Data Plane service external traffic policy
## ref http://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/#preserving-the-web-source-ip
##
externalTrafficPolicy: Cluster
## @param dataPlane.service.annotations Additional custom annotations for APISIX service
## @param dataPlane.service.annotations Additional custom annotations for APISIX Data Plane service
##
annotations: {}
## @param dataPlane.service.extraPorts Extra ports to expose in APISIX service (normally used with the `sidecars` value)
## @param dataPlane.service.extraPorts Extra ports to expose in APISIX Data Plane service (normally used with the `sidecars` value)
##
extraPorts: []
## @param dataPlane.service.sessionAffinity Control where web requests go, to the same pod or round-robin
@@ -648,7 +648,7 @@ dataPlane:
## ref: http://kubernetes.io/docs/concepts/services-networking/ingress/
##
ingress:
## @param dataPlane.ingress.enabled Enable ingress record generation for Apisix
## @param dataPlane.ingress.enabled Enable ingress record generation for APISIX Data Plane
##
enabled: false
## @param dataPlane.ingress.pathType Ingress path type
@@ -825,7 +825,7 @@ dataPlane:
## @param dataPlane.serviceAccount.annotations Additional Service Account annotations (evaluated as a template)
##
annotations: {}
## @param dataPlane.serviceAccount.automountServiceAccountToken Automount service account token for the apisix service account
## @param dataPlane.serviceAccount.automountServiceAccountToken Automount service account token for the APISIX Data Plane service account
##
automountServiceAccountToken: false
## @section APISIX Data Plane Metrics Parameters
@@ -837,7 +837,7 @@ dataPlane:
## @param dataPlane.metrics.enabled Enable the export of Prometheus metrics
##
enabled: false
## @param dataPlane.metrics.annotations [object] Annotations for the apisix service in order to scrape metrics
## @param dataPlane.metrics.annotations [object] Annotations for the APISIX Data Plane service in order to scrape metrics
annotations:
prometheus.io/scrape: "true"
prometheus.io/port: "{{ .Values.dataPlane.service.ports.metrics }}"
@@ -890,16 +890,16 @@ dataPlane:
## @section APISIX Control Plane Parameters
##
controlPlane:
## @param controlPlane.enabled Enable APISIX
## @param controlPlane.enabled Enable APISIX Control Plane
##
enabled: true
## @param controlPlane.replicaCount Number of APISIX replicas to deploy
## @param controlPlane.replicaCount Number of APISIX Control Plane replicas to deploy
##
replicaCount: 1
## @param controlPlane.hostNetwork Use hostNetwork
##
hostNetwork: false
## @param controlPlane.dnsPolicy DNS policy for APISIX Admin pods
## @param controlPlane.dnsPolicy DNS policy for APISIX Control Plane pods
## ref: https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/#pod-dns-policies
## NOTE: If you set hostNetwork=true, you must set dnsPolicy=ClusterFirstWithHostNet
##
@@ -907,19 +907,19 @@ controlPlane:
## @param controlPlane.useDaemonSet Deploy as DaemonSet
##
useDaemonSet: false
## @param controlPlane.containerPorts.adminAPI APISIX Admin API port
## @param controlPlane.containerPorts.configServer APISIX config port
## @param controlPlane.containerPorts.control APISIX control port
## @param controlPlane.containerPorts.metrics APISIX metrics port
## @param controlPlane.containerPorts.adminAPI APISIX Control Plane Admin API port
## @param controlPlane.containerPorts.configServer APISIX Control Plane config port
## @param controlPlane.containerPorts.control APISIX Control Plane control port
## @param controlPlane.containerPorts.metrics APISIX Control Plane metrics port
##
containerPorts:
adminAPI: 9180
configServer: 9280
control: 9090
metrics: 9099
## Configure extra options for APISIX containers' liveness and readiness probes
## Configure extra options for APISIX Control Plane containers' liveness and readiness probes
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/#configure-probes
## @param controlPlane.livenessProbe.enabled Enable livenessProbe on APISIX containers
## @param controlPlane.livenessProbe.enabled Enable livenessProbe on APISIX Control Plane containers
## @param controlPlane.livenessProbe.initialDelaySeconds Initial delay seconds for livenessProbe
## @param controlPlane.livenessProbe.periodSeconds Period seconds for livenessProbe
## @param controlPlane.livenessProbe.timeoutSeconds Timeout seconds for livenessProbe
@@ -933,7 +933,7 @@ controlPlane:
timeoutSeconds: 5
failureThreshold: 5
successThreshold: 1
## @param controlPlane.readinessProbe.enabled Enable readinessProbe on APISIX containers
## @param controlPlane.readinessProbe.enabled Enable readinessProbe on APISIX Control Plane containers
## @param controlPlane.readinessProbe.initialDelaySeconds Initial delay seconds for readinessProbe
## @param controlPlane.readinessProbe.periodSeconds Period seconds for readinessProbe
## @param controlPlane.readinessProbe.timeoutSeconds Timeout seconds for readinessProbe
@@ -947,7 +947,7 @@ controlPlane:
timeoutSeconds: 5
failureThreshold: 5
successThreshold: 1
## @param controlPlane.startupProbe.enabled Enable startupProbe on APISIX containers
## @param controlPlane.startupProbe.enabled Enable startupProbe on APISIX Control Plane containers
## @param controlPlane.startupProbe.initialDelaySeconds Initial delay seconds for startupProbe
## @param controlPlane.startupProbe.periodSeconds Period seconds for startupProbe
## @param controlPlane.startupProbe.timeoutSeconds Timeout seconds for startupProbe
@@ -970,7 +970,7 @@ controlPlane:
## @param controlPlane.customStartupProbe Custom startupProbe that overrides the default one
##
customStartupProbe: {}
## APISIX resource requests and limits
## APISIX Control Plane resource requests and limits
## ref: http://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/
## @param controlPlane.resourcesPreset Set container resources according to one common preset (allowed values: none, nano, micro, small, medium, large, xlarge, 2xlarge). This is ignored if controlPlane.resources is set (controlPlane.resources is recommended for production).
## More information: https://github.com/bitnami/charts/blob/main/bitnami/common/templates/_resources.tpl#L15
@@ -989,11 +989,11 @@ controlPlane:
resources: {}
## Configure Pods Security Context
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod
## @param controlPlane.podSecurityContext.enabled Enabled APISIX pods' Security Context
## @param controlPlane.podSecurityContext.enabled Enabled APISIX Control Plane pods' Security Context
## @param controlPlane.podSecurityContext.fsGroupChangePolicy Set filesystem group change policy
## @param controlPlane.podSecurityContext.sysctls Set kernel settings using the sysctl interface
## @param controlPlane.podSecurityContext.supplementalGroups Set filesystem extra groups
## @param controlPlane.podSecurityContext.fsGroup Set APISIX pod's Security Context fsGroup
## @param controlPlane.podSecurityContext.fsGroup Set APISIX Control Plane pod's Security Context fsGroup
##
podSecurityContext:
enabled: true
@@ -1003,16 +1003,16 @@ controlPlane:
fsGroup: 1001
## Configure Container Security Context
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container
## @param controlPlane.containerSecurityContext.enabled Enabled APISIX containers' Security Context
## @param controlPlane.containerSecurityContext.enabled Enabled APISIX Control Plane containers' Security Context
## @param controlPlane.containerSecurityContext.seLinuxOptions [object,nullable] Set SELinux options in container
## @param controlPlane.containerSecurityContext.runAsUser Set APISIX containers' Security Context runAsUser
## @param controlPlane.containerSecurityContext.runAsGroup Set APISIX containers' Security Context runAsGroup
## @param controlPlane.containerSecurityContext.runAsNonRoot Set APISIX containers' Security Context runAsNonRoot
## @param controlPlane.containerSecurityContext.privileged Set APISIX containers' Security Context privileged
## @param controlPlane.containerSecurityContext.readOnlyRootFilesystem Set APISIX containers' Security Context runAsNonRoot
## @param controlPlane.containerSecurityContext.allowPrivilegeEscalation Set APISIX container's privilege escalation
## @param controlPlane.containerSecurityContext.capabilities.drop Set APISIX container's Security Context runAsNonRoot
## @param controlPlane.containerSecurityContext.seccompProfile.type Set APISIX container's Security Context seccomp profile
## @param controlPlane.containerSecurityContext.runAsUser Set APISIX Control Plane containers' Security Context runAsUser
## @param controlPlane.containerSecurityContext.runAsGroup Set APISIX Control Plane containers' Security Context runAsGroup
## @param controlPlane.containerSecurityContext.runAsNonRoot Set APISIX Control Plane containers' Security Context runAsNonRoot
## @param controlPlane.containerSecurityContext.privileged Set APISIX Control Plane containers' Security Context privileged
## @param controlPlane.containerSecurityContext.readOnlyRootFilesystem Set APISIX Control Plane containers' Security Context runAsNonRoot
## @param controlPlane.containerSecurityContext.allowPrivilegeEscalation Set APISIX Control Plane container's privilege escalation
## @param controlPlane.containerSecurityContext.capabilities.drop Set APISIX Control Plane container's Security Context runAsNonRoot
## @param controlPlane.containerSecurityContext.seccompProfile.type Set APISIX Control Plane container's Security Context seccomp profile
##
containerSecurityContext:
enabled: true
@@ -1036,26 +1036,26 @@ controlPlane:
## @param controlPlane.automountServiceAccountToken Mount Service Account token in pod
##
automountServiceAccountToken: true
## @param controlPlane.hostAliases APISIX pods host aliases
## @param controlPlane.hostAliases APISIX Control Plane pods host aliases
## https://kubernetes.io/docs/concepts/services-networking/add-entries-to-pod-etc-hosts-with-host-aliases/
##
hostAliases: []
## @param controlPlane.apiTokenAdmin Admin API Token for APISIX control plane
## @param controlPlane.apiTokenAdmin Admin API Token for APISIX Control Plane
##
apiTokenAdmin: ""
## @param controlPlane.apiTokenViewer Viewer API Token for APISIX control plane
## @param controlPlane.apiTokenViewer Viewer API Token for APISIX Control Plane
##
apiTokenViewer: ""
## @param controlPlane.existingSecret Name of a secret containing API Tokens for APISIX control plane
## @param controlPlane.existingSecret Name of a secret containing API Tokens for APISIX Control Plane
##
existingSecret: ""
## @param controlPlane.existingSecretAdminTokenKey Key inside the secret containing the Admin API Tokens for APISIX control plane
## @param controlPlane.existingSecretAdminTokenKey Key inside the secret containing the Admin API Tokens for APISIX Control Plane
##
existingSecretAdminTokenKey: ""
## @param controlPlane.existingSecretViewerTokenKey Key inside the secret containing the Viewer API Tokens for APISIX control plane
## @param controlPlane.existingSecretViewerTokenKey Key inside the secret containing the Viewer API Tokens for APISIX Control Plane
##
existingSecretViewerTokenKey: ""
## @param controlPlane.defaultConfig [string] Apisix apisix configuration (evaluated as a template)
## @param controlPlane.defaultConfig [string] APISIX Control Plane configuration (evaluated as a template)
##
defaultConfig: |
{{- if .Values.controlPlane.metrics.enabled }}
@@ -1157,14 +1157,14 @@ controlPlane:
## @param controlPlane.extraConfig [object] extra configuration parameters to add to the config.yaml file in APISIX Control plane
##
extraConfig: {}
## @param controlPlane.existingConfigMap name of a ConfigMap with existing configuration for the apisix
## @param controlPlane.existingConfigMap name of a ConfigMap with existing configuration for APISIX Control Plane
##
existingConfigMap: ""
## @param controlPlane.extraConfigExistingConfigMap name of a ConfigMap with existing configuration for the conrol plane
## @param controlPlane.extraConfigExistingConfigMap name of a ConfigMap with existing configuration for APISIX Control Plane
##
extraConfigExistingConfigMap: ""
tls:
## @param controlPlane.tls.enabled Enable TLS transport in Control Plane
## @param controlPlane.tls.enabled Enable TLS transport in APISIX Control Plane
##
enabled: true
## @param controlPlane.tls.autoGenerated Auto-generate self-signed certificates
@@ -1191,11 +1191,11 @@ controlPlane:
## @param controlPlane.tls.ca Content of the certificate CA to be added to the secret
##
ca: ""
## @param controlPlane.podLabels Extra labels for APISIX pods
## @param controlPlane.podLabels Extra labels for APISIX Control Plane pods
## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/
##
podLabels: {}
## @param controlPlane.podAnnotations Annotations for APISIX pods
## @param controlPlane.podAnnotations Annotations for APISIX Control Plane pods
## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/
##
podAnnotations: {}
@@ -1234,20 +1234,20 @@ controlPlane:
## - e2e-az2
##
values: []
## @param controlPlane.affinity Affinity for APISIX pods assignment
## @param controlPlane.affinity Affinity for APISIX Control Plane pods assignment
## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity
## NOTE: `apisix.podAffinityPreset`, `apisix.podAntiAffinityPreset`, and `apisix.nodeAffinityPreset` will be ignored when it's set
##
affinity: {}
## @param controlPlane.nodeSelector Node labels for APISIX pods assignment
## @param controlPlane.nodeSelector Node labels for APISIX Control Plane pods assignment
## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/
##
nodeSelector: {}
## @param controlPlane.tolerations Tolerations for APISIX pods assignment
## @param controlPlane.tolerations Tolerations for APISIX Control Plane pods assignment
## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
##
tolerations: []
## @param controlPlane.updateStrategy.type APISIX statefulset strategy type
## @param controlPlane.updateStrategy.type APISIX Control Plane statefulset strategy type
## ref: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#update-strategies
##
updateStrategy:
@@ -1255,14 +1255,14 @@ controlPlane:
## Can be set to RollingUpdate or OnDelete
##
type: RollingUpdate
## @param controlPlane.priorityClassName APISIX pods' priorityClassName
## @param controlPlane.priorityClassName APISIX Control Plane pods' priorityClassName
##
priorityClassName: ""
## @param controlPlane.topologySpreadConstraints Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template
## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/#spread-constraints-for-pods
##
topologySpreadConstraints: []
## @param controlPlane.schedulerName Name of the k8s scheduler (other than default) for APISIX pods
## @param controlPlane.schedulerName Name of the k8s scheduler (other than default) for APISIX Control Plane pods
## ref: https://kubernetes.io/docs/tasks/administer-cluster/configure-multiple-schedulers/
##
schedulerName: ""
@@ -1270,29 +1270,29 @@ controlPlane:
## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod/#termination-of-pods
##
terminationGracePeriodSeconds: ""
## @param controlPlane.lifecycleHooks for the APISIX container(s) to automate configuration before or after startup
## @param controlPlane.lifecycleHooks for the APISIX Control Plane container(s) to automate configuration before or after startup
##
lifecycleHooks: {}
## @param controlPlane.extraEnvVars Array with extra environment variables to add to APISIX nodes
## @param controlPlane.extraEnvVars Array with extra environment variables to add to APISIX Control Plane nodes
## e.g:
## extraEnvVars:
## - name: FOO
## value: "bar"
##
extraEnvVars: []
## @param controlPlane.extraEnvVarsCM Name of existing ConfigMap containing extra env vars for APISIX nodes
## @param controlPlane.extraEnvVarsCM Name of existing ConfigMap containing extra env vars for APISIX Control Plane nodes
##
extraEnvVarsCM: ""
## @param controlPlane.extraEnvVarsSecret Name of existing Secret containing extra env vars for APISIX nodes
## @param controlPlane.extraEnvVarsSecret Name of existing Secret containing extra env vars for APISIX Control Plane nodes
##
extraEnvVarsSecret: ""
## @param controlPlane.extraVolumes Optionally specify extra list of additional volumes for the APISIX pod(s)
## @param controlPlane.extraVolumes Optionally specify extra list of additional volumes for the APISIX Control Plane pod(s)
##
extraVolumes: []
## @param controlPlane.extraVolumeMounts Optionally specify extra list of additional volumeMounts for the APISIX container(s)
## @param controlPlane.extraVolumeMounts Optionally specify extra list of additional volumeMounts for the APISIX Control Plane container(s)
##
extraVolumeMounts: []
## @param controlPlane.sidecars Add additional sidecar containers to the APISIX pod(s)
## @param controlPlane.sidecars Add additional sidecar containers to the APISIX Control Plane pod(s)
## e.g:
## sidecars:
## - name: your-image-name
@@ -1303,7 +1303,7 @@ controlPlane:
## containerPort: 1234
##
sidecars: []
## @param controlPlane.initContainers Add additional init containers to the APISIX pod(s)
## @param controlPlane.initContainers Add additional init containers to the APISIX Control Plane pod(s)
## ref: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/
## e.g:
## initContainers:
@@ -1316,12 +1316,12 @@ controlPlane:
## @section APISIX Control Plane Traffic Exposure Parameters
##
service:
## @param controlPlane.service.type APISIX service type
## @param controlPlane.service.type APISIX Control Plane service type
##
type: ClusterIP
## @param controlPlane.service.ports.adminAPI APISIX service Admin API port
## @param controlPlane.service.ports.configServer APISIX service Config Server port
## @param controlPlane.service.ports.metrics APISIX service metrics port
## @param controlPlane.service.ports.adminAPI APISIX Control Plane service Admin API port
## @param controlPlane.service.ports.configServer APISIX Control Plane service Config Server port
## @param controlPlane.service.ports.metrics APISIX Control Plane service metrics port
##
ports:
adminAPI: 9180
@@ -1337,23 +1337,23 @@ controlPlane:
adminAPI: ""
configServer: ""
metrics: ""
## @param controlPlane.service.clusterIP APISIX service Cluster IP
## @param controlPlane.service.clusterIP APISIX Control Plane service Cluster IP
## e.g.:
## clusterIP: None
##
clusterIP: ""
## @param controlPlane.service.loadBalancerIP APISIX service Load Balancer IP
## @param controlPlane.service.loadBalancerIP APISIX Control Plane service Load Balancer IP
## ref: https://kubernetes.io/docs/concepts/services-networking/service/#type-loadbalancer
##
loadBalancerIP: ""
## @param controlPlane.service.loadBalancerSourceRanges APISIX service Load Balancer sources
## @param controlPlane.service.loadBalancerSourceRanges APISIX Control Plane service Load Balancer sources
## ref: https://kubernetes.io/docs/tasks/access-application-cluster/configure-cloud-provider-firewall/#restrict-access-for-loadbalancer-service
## e.g:
## loadBalancerSourceRanges:
## - 10.10.10.0/24
##
loadBalancerSourceRanges: []
## @param controlPlane.service.externalIPs APISIX service External IPs
## @param controlPlane.service.externalIPs APISIX Control Plane service External IPs
## https://kubernetes.io/docs/concepts/services-networking/service/#external-ips
## e.g.
## externalIPs:
@@ -1361,14 +1361,14 @@ controlPlane:
## - 201.22.30.1
##
externalIPs: []
## @param controlPlane.service.externalTrafficPolicy APISIX service external traffic policy
## @param controlPlane.service.externalTrafficPolicy APISIX Control Plane service external traffic policy
## ref http://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/#preserving-the-web-source-ip
##
externalTrafficPolicy: Cluster
## @param controlPlane.service.annotations Additional custom annotations for APISIX service
## @param controlPlane.service.annotations Additional custom annotations for APISIX Control Plane service
##
annotations: {}
## @param controlPlane.service.extraPorts Extra ports to expose in APISIX service (normally used with the `sidecars` value)
## @param controlPlane.service.extraPorts Extra ports to expose in APISIX Control Plane service (normally used with the `sidecars` value)
##
extraPorts: []
## @param controlPlane.service.sessionAffinity Control where web requests go, to the same pod or round-robin
@@ -1443,7 +1443,7 @@ controlPlane:
## ref: http://kubernetes.io/docs/concepts/services-networking/ingress/
##
ingress:
## @param controlPlane.ingress.enabled Enable ingress record generation for Apisix
## @param controlPlane.ingress.enabled Enable ingress record generation for APISIX Control Plane
##
enabled: false
## @param controlPlane.ingress.pathType Ingress path type
@@ -1571,13 +1571,13 @@ controlPlane:
##
updateMode: Auto
hpa:
## @param controlPlane.autoscaling.hpa.enabled Enable HPA for APISIX Data Plane
## @param controlPlane.autoscaling.hpa.enabled Enable HPA for APISIX Control Plane
##
enabled: false
## @param controlPlane.autoscaling.hpa.minReplicas Minimum number of APISIX Data Plane replicas
## @param controlPlane.autoscaling.hpa.minReplicas Minimum number of APISIX Control Plane replicas
##
minReplicas: ""
## @param controlPlane.autoscaling.hpa.maxReplicas Maximum number of APISIX Data Plane replicas
## @param controlPlane.autoscaling.hpa.maxReplicas Maximum number of APISIX Control Plane replicas
##
maxReplicas: ""
## @param controlPlane.autoscaling.hpa.targetCPU Target CPU utilization percentage
@@ -1620,7 +1620,7 @@ controlPlane:
## @param controlPlane.serviceAccount.annotations Additional Service Account annotations (evaluated as a template)
##
annotations: {}
## @param controlPlane.serviceAccount.automountServiceAccountToken Automount service account token for the apisix service account
## @param controlPlane.serviceAccount.automountServiceAccountToken Automount service account token for the APISIX Control Plane service account
##
automountServiceAccountToken: false
## @section APISIX Control Plane Metrics Parameters
@@ -1632,7 +1632,7 @@ controlPlane:
## @param controlPlane.metrics.enabled Enable the export of Prometheus metrics
##
enabled: false
## @param controlPlane.metrics.annotations [object] Annotations for the apisix service in order to scrape metrics
## @param controlPlane.metrics.annotations [object] Annotations for the APISIX Control Plane service in order to scrape metrics
annotations:
prometheus.io/scrape: "true"
prometheus.io/port: "{{ .Values.controlPlane.service.ports.metrics }}"
@@ -1861,14 +1861,14 @@ dashboard:
## @param dashboard.extraConfig extra configuration settings for APISIX Dashboard
##
extraConfig: {}
## @param dashboard.existingConfigMap name of a ConfigMap with existing configuration for the Dashboard
## @param dashboard.existingConfigMap name of a ConfigMap with existing configuration for APISIX Dashboard
##
existingConfigMap: ""
## @param dashboard.extraConfigExistingConfigMap name of a ConfigMap with existing configuration for the Dashboard
## @param dashboard.extraConfigExistingConfigMap name of a ConfigMap with existing configuration for APISIX Dashboard
##
extraConfigExistingConfigMap: ""
tls:
## @param dashboard.tls.enabled Enable TLS transport in Dashboard
## @param dashboard.tls.enabled Enable TLS transport in APISIX Dashboard
##
enabled: true
## @param dashboard.tls.autoGenerated Auto-generate self-signed certificates
@@ -2019,15 +2019,15 @@ dashboard:
sysctls: []
supplementalGroups: []
fsGroup: 1001
## @param dashboard.containerPorts.http Dashboard http container port
## @param dashboard.containerPorts.https Dashboard https container port
## @param dashboard.containerPorts.http APISIX Dashboard http container port
## @param dashboard.containerPorts.https APISIX Dashboard https container port
##
containerPorts:
http: 8080
https: 8443
## Configure extra options for Dashboard container' liveness and readiness probes
## Configure extra options for APISIX Dashboard containers' liveness and readiness probes
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/#configure-probes
## @param dashboard.livenessProbe.enabled Enable livenessProbe on Dashboard container
## @param dashboard.livenessProbe.enabled Enable livenessProbe on APISIX Dashboard container
## @param dashboard.livenessProbe.initialDelaySeconds Initial delay seconds for livenessProbe
## @param dashboard.livenessProbe.periodSeconds Period seconds for livenessProbe
## @param dashboard.livenessProbe.timeoutSeconds Timeout seconds for livenessProbe
@@ -2041,7 +2041,7 @@ dashboard:
timeoutSeconds: 5
failureThreshold: 5
successThreshold: 1
## @param dashboard.readinessProbe.enabled Enable readinessProbe on Dashboard container
## @param dashboard.readinessProbe.enabled Enable readinessProbe on APISIX Dashboard container
## @param dashboard.readinessProbe.initialDelaySeconds Initial delay seconds for readinessProbe
## @param dashboard.readinessProbe.periodSeconds Period seconds for readinessProbe
## @param dashboard.readinessProbe.timeoutSeconds Timeout seconds for readinessProbe
@@ -2055,7 +2055,7 @@ dashboard:
timeoutSeconds: 5
failureThreshold: 5
successThreshold: 1
## @param dashboard.startupProbe.enabled Enable startupProbe on Dashboard container
## @param dashboard.startupProbe.enabled Enable startupProbe on APISIX Dashboard container
## @param dashboard.startupProbe.initialDelaySeconds Initial delay seconds for startupProbe
## @param dashboard.startupProbe.periodSeconds Period seconds for startupProbe
## @param dashboard.startupProbe.timeoutSeconds Timeout seconds for startupProbe
@@ -2097,16 +2097,16 @@ dashboard:
resources: {}
## Configure Container Security Context
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container
## @param dashboard.containerSecurityContext.enabled Enabled Dashboard container' Security Context
## @param dashboard.containerSecurityContext.enabled Enabled APISIX Dashboard containers' Security Context
## @param dashboard.containerSecurityContext.seLinuxOptions [object,nullable] Set SELinux options in container
## @param dashboard.containerSecurityContext.runAsUser Set Dashboard container' Security Context runAsUser
## @param dashboard.containerSecurityContext.runAsGroup Set Dashboard container' Security Context runAsGroup
## @param dashboard.containerSecurityContext.runAsNonRoot Set Dashboard container' Security Context runAsNonRoot
## @param dashboard.containerSecurityContext.privileged Set Dashboard container' Security Context privileged
## @param dashboard.containerSecurityContext.readOnlyRootFilesystem Set Dashboard container' Security Context runAsNonRoot
## @param dashboard.containerSecurityContext.allowPrivilegeEscalation Set Dashboard container's privilege escalation
## @param dashboard.containerSecurityContext.capabilities.drop Set Dashboard container's Security Context runAsNonRoot
## @param dashboard.containerSecurityContext.seccompProfile.type Set Dashboard container's Security Context seccomp profile
## @param dashboard.containerSecurityContext.runAsUser Set APISIX Dashboard containers' Security Context runAsUser
## @param dashboard.containerSecurityContext.runAsGroup Set APISIX Dashboard containers' Security Context runAsGroup
## @param dashboard.containerSecurityContext.runAsNonRoot Set APISIX Dashboard containers' Security Context runAsNonRoot
## @param dashboard.containerSecurityContext.privileged Set APISIX Dashboard containers' Security Context privileged
## @param dashboard.containerSecurityContext.readOnlyRootFilesystem Set APISIX Dashboard containers' Security Context readOnlyRootFilesystem
## @param dashboard.containerSecurityContext.allowPrivilegeEscalation Set APISIX Dashboard containers' privilege escalation
## @param dashboard.containerSecurityContext.capabilities.drop Set APISIX Dashboard containers' Security Context capabilities drop
## @param dashboard.containerSecurityContext.seccompProfile.type Set APISIX Dashboard containers' Security Context seccomp profile
##
containerSecurityContext:
enabled: true
@@ -2127,20 +2127,20 @@ dashboard:
## @param dashboard.args Override default container args (useful when using custom images)
##
args: []
## @param dashboard.lifecycleHooks for the Dashboard container(s) to automate configuration before or after startup
## @param dashboard.lifecycleHooks for the APISIX Dashboard container(s) to automate configuration before or after startup
##
lifecycleHooks: {}
## @param dashboard.extraEnvVars Array with extra environment variables to add to Dashboard nodes
## @param dashboard.extraEnvVars Array with extra environment variables to add to APISIX Dashboard nodes
## e.g:
## extraEnvVars:
## - name: FOO
## value: "bar"
##
extraEnvVars: []
## @param dashboard.extraEnvVarsCM Name of existing ConfigMap containing extra env vars for Dashboard nodes
## @param dashboard.extraEnvVarsCM Name of existing ConfigMap containing extra env vars for APISIX Dashboard nodes
##
extraEnvVarsCM: ""
## @param dashboard.extraEnvVarsSecret Name of existing Secret containing extra env vars for Dashboard nodes
## @param dashboard.extraEnvVarsSecret Name of existing Secret containing extra env vars for APISIX Dashboard nodes
##
extraEnvVarsSecret: ""
## @param dashboard.extraVolumeMounts Optionally specify extra list of additional volumeMounts for the APISIX Dashboard container
@@ -2269,7 +2269,7 @@ dashboard:
## ref: http://kubernetes.io/docs/concepts/services-networking/ingress/
##
ingress:
## @param dashboard.ingress.enabled Enable ingress record generation for Apisix
## @param dashboard.ingress.enabled Enable ingress record generation for APISIX Dashboard
##
enabled: false
## @param dashboard.ingress.pathType Ingress path type
@@ -2722,14 +2722,14 @@ ingressController:
##
initContainers: []
## @param ingressController.ingressClass.create Specifies whether a IngressClass should be created
## @param ingressController.ingressClass.name IngressClass that will be be used to implement the APISIX Ingress
## @param ingressController.ingressClass.annotations Additional annotations for the APISIX IngressClass
## @param ingressController.ingressClass.name IngressClass that will be be used to implement the APISIX Ingress Controller Ingress
## @param ingressController.ingressClass.annotations Additional annotations for the APISIX Ingress Controller IngressClass
##
ingressClass:
create: true
name: "apisix"
annotations: {}
## @param ingressController.defaultConfig [string] APISIX Dashboard configuration (evaluated as a template)
## @param ingressController.defaultConfig [string] APISIX Ingress Controller configuration (evaluated as a template)
##
defaultConfig: |
# log options
@@ -2763,14 +2763,14 @@ ingressController:
## @param ingressController.extraConfig Extra configuration parameters for APISIX Ingress Controller
##
extraConfig: {}
## @param ingressController.existingConfigMap name of a ConfigMap with existing configuration for the Dashboard
## @param ingressController.existingConfigMap name of a ConfigMap with existing configuration for the APISIX Ingress Controller
##
existingConfigMap: ""
## @param ingressController.extraConfigExistingConfigMap name of a ConfigMap with existing configuration for the Dashboard
## @param ingressController.extraConfigExistingConfigMap name of a ConfigMap with existing configuration for the APISIX Ingress Controller
##
extraConfigExistingConfigMap: ""
tls:
## @param ingressController.tls.enabled Enable TLS transport in Ingress Controller
## @param ingressController.tls.enabled Enable TLS transport in APISIX Ingress Controller
##
enabled: true
## @param ingressController.tls.autoGenerated Auto-generate self-signed certificates
@@ -2923,7 +2923,7 @@ ingressController:
## ref: http://kubernetes.io/docs/concepts/services-networking/ingress/
##
ingress:
## @param ingressController.ingress.enabled Enable ingress record generation for Apisix
## @param ingressController.ingress.enabled Enable ingress record generation for APISIX Ingress Controller
##
enabled: false
## @param ingressController.ingress.pathType Ingress path type
@@ -3109,7 +3109,7 @@ ingressController:
## @param ingressController.metrics.enabled Enable the export of Prometheus metrics
##
enabled: false
## @param ingressController.metrics.annotations [object] Annotations for the apisix service in order to scrape metrics
## @param ingressController.metrics.annotations [object] Annotations for the APISIX Ingress Controller service in order to scrape metrics
annotations:
prometheus.io/scrape: "true"
prometheus.io/port: "{{ .Values.ingressController.service.ports.http }}"
@@ -3185,16 +3185,16 @@ waitContainer:
pullSecrets: []
## Configure Container Security Context
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container
## @param waitContainer.containerSecurityContext.enabled Enabled APISIX containers' Security Context
## @param waitContainer.containerSecurityContext.enabled Enabled APISIX Ingress Controller containers' Security Context
## @param waitContainer.containerSecurityContext.seLinuxOptions [object,nullable] Set SELinux options in container
## @param waitContainer.containerSecurityContext.runAsUser Set APISIX containers' Security Context runAsUser
## @param waitContainer.containerSecurityContext.runAsGroup Set APISIX containers' Security Context runAsGroup
## @param waitContainer.containerSecurityContext.runAsNonRoot Set APISIX containers' Security Context runAsNonRoot
## @param waitContainer.containerSecurityContext.privileged Set container's Security Context privileged
## @param waitContainer.containerSecurityContext.readOnlyRootFilesystem Set APISIX containers' Security Context runAsNonRoot
## @param waitContainer.containerSecurityContext.allowPrivilegeEscalation Set APISIX container's privilege escalation
## @param waitContainer.containerSecurityContext.capabilities.drop Set APISIX container's Security Context runAsNonRoot
## @param waitContainer.containerSecurityContext.seccompProfile.type Set APISIX container's Security Context seccomp profile
## @param waitContainer.containerSecurityContext.runAsUser Set APISIX Ingress Controller containers' Security Context runAsUser
## @param waitContainer.containerSecurityContext.runAsGroup Set APISIX Ingress Controller containers' Security Context runAsGroup
## @param waitContainer.containerSecurityContext.runAsNonRoot Set APISIX Ingress Controller containers' Security Context runAsNonRoot
## @param waitContainer.containerSecurityContext.privileged Set APISIX Ingress Controller containers' Security Context privileged
## @param waitContainer.containerSecurityContext.readOnlyRootFilesystem Set APISIX Ingress Controller containers' Security Context readOnlyRootFilesystem
## @param waitContainer.containerSecurityContext.allowPrivilegeEscalation Set APISIX Ingress Controller containers' Security Context allowPrivilegeEscalation
## @param waitContainer.containerSecurityContext.capabilities.drop Set APISIX Ingress Controller containers' Security Context capabilities.drop
## @param waitContainer.containerSecurityContext.seccompProfile.type Set APISIX Ingress Controller containers' Security Context seccompProfile.type
##
containerSecurityContext:
enabled: true