mirror of
https://github.com/bitnami/charts.git
synced 2026-02-22 13:57:17 +08:00
933cba1d35
* [bitnami/apisix] Release 3.0.3 updating components versions Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update CRDs source URL to use 'v{version}' instead of '{version}' Signed-off-by: Miguel Ruiz <miruiz@vmware.com> * Update README.md with readme-generator-for-helm Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * Update CRDs automatically Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> * [bitnami/apisix] Use apisix.enable_http2 to enable HTTP/2 in APISIX Signed-off-by: David Gomez <dgomezleon@vmware.com> --------- Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> Signed-off-by: Miguel Ruiz <miruiz@vmware.com> Signed-off-by: David Gomez <dgomezleon@vmware.com> Co-authored-by: Miguel Ruiz <miruiz@vmware.com> Co-authored-by: David Gomez <dgomezleon@vmware.com>
3769 lines
182 KiB
JSON
3769 lines
182 KiB
JSON
{
|
|
"title": "Chart Values",
|
|
"type": "object",
|
|
"properties": {
|
|
"global": {
|
|
"type": "object",
|
|
"properties": {
|
|
"imageRegistry": {
|
|
"type": "string",
|
|
"description": "Global Docker image registry",
|
|
"default": ""
|
|
},
|
|
"imagePullSecrets": {
|
|
"type": "array",
|
|
"description": "Global Docker registry secret names as an array",
|
|
"default": [],
|
|
"items": {}
|
|
},
|
|
"storageClass": {
|
|
"type": "string",
|
|
"description": "Global StorageClass for Persistent Volume(s)",
|
|
"default": ""
|
|
}
|
|
}
|
|
},
|
|
"kubeVersion": {
|
|
"type": "string",
|
|
"description": "Override Kubernetes version",
|
|
"default": ""
|
|
},
|
|
"nameOverride": {
|
|
"type": "string",
|
|
"description": "String to partially override common.names.name",
|
|
"default": ""
|
|
},
|
|
"fullnameOverride": {
|
|
"type": "string",
|
|
"description": "String to fully override common.names.fullname",
|
|
"default": ""
|
|
},
|
|
"namespaceOverride": {
|
|
"type": "string",
|
|
"description": "String to fully override common.names.namespace",
|
|
"default": ""
|
|
},
|
|
"commonLabels": {
|
|
"type": "object",
|
|
"description": "Labels to add to all deployed objects",
|
|
"default": {}
|
|
},
|
|
"commonAnnotations": {
|
|
"type": "object",
|
|
"description": "Annotations to add to all deployed objects",
|
|
"default": {}
|
|
},
|
|
"clusterDomain": {
|
|
"type": "string",
|
|
"description": "Kubernetes cluster domain name",
|
|
"default": "cluster.local"
|
|
},
|
|
"extraDeploy": {
|
|
"type": "array",
|
|
"description": "Array of extra objects to deploy with the release",
|
|
"default": [],
|
|
"items": {}
|
|
},
|
|
"diagnosticMode": {
|
|
"type": "object",
|
|
"properties": {
|
|
"enabled": {
|
|
"type": "boolean",
|
|
"description": "Enable diagnostic mode (all probes will be disabled and the command will be overridden)",
|
|
"default": false
|
|
},
|
|
"command": {
|
|
"type": "array",
|
|
"description": "Command to override all containers in the deployment",
|
|
"default": [
|
|
"sleep"
|
|
],
|
|
"items": {
|
|
"type": "string"
|
|
}
|
|
},
|
|
"args": {
|
|
"type": "array",
|
|
"description": "Args to override all containers in the deployment",
|
|
"default": [
|
|
"infinity"
|
|
],
|
|
"items": {
|
|
"type": "string"
|
|
}
|
|
}
|
|
}
|
|
},
|
|
"image": {
|
|
"type": "object",
|
|
"properties": {
|
|
"registry": {
|
|
"type": "string",
|
|
"description": "APISIX image registry",
|
|
"default": "docker.io"
|
|
},
|
|
"repository": {
|
|
"type": "string",
|
|
"description": "APISIX image repository",
|
|
"default": "bitnami/apisix"
|
|
},
|
|
"tag": {
|
|
"type": "string",
|
|
"description": "APISIX image tag (immutable tags are recommended)",
|
|
"default": "3.3.0-debian-11-r3"
|
|
},
|
|
"digest": {
|
|
"type": "string",
|
|
"description": "APISIX image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag image tag (immutable tags are recommended)",
|
|
"default": ""
|
|
},
|
|
"pullPolicy": {
|
|
"type": "string",
|
|
"description": "APISIX image pull policy",
|
|
"default": "IfNotPresent"
|
|
},
|
|
"pullSecrets": {
|
|
"type": "array",
|
|
"description": "APISIX image pull secrets",
|
|
"default": [],
|
|
"items": {}
|
|
},
|
|
"debug": {
|
|
"type": "boolean",
|
|
"description": "Enable APISIX image debug mode",
|
|
"default": false
|
|
}
|
|
}
|
|
},
|
|
"dataPlane": {
|
|
"type": "object",
|
|
"properties": {
|
|
"enabled": {
|
|
"type": "boolean",
|
|
"description": "Enable APISIX",
|
|
"default": true
|
|
},
|
|
"useDaemonSet": {
|
|
"type": "boolean",
|
|
"description": "Deploy as DaemonSet",
|
|
"default": false
|
|
},
|
|
"replicaCount": {
|
|
"type": "number",
|
|
"description": "Number of APISIX replicas to deploy",
|
|
"default": 1
|
|
},
|
|
"hostNetwork": {
|
|
"type": "boolean",
|
|
"description": "Use hostNetwork",
|
|
"default": false
|
|
},
|
|
"containerPorts": {
|
|
"type": "object",
|
|
"properties": {
|
|
"http": {
|
|
"type": "number",
|
|
"description": "APISIX HTTP container port",
|
|
"default": 9080
|
|
},
|
|
"https": {
|
|
"type": "number",
|
|
"description": "APISIX HTTPS container port",
|
|
"default": 9443
|
|
},
|
|
"control": {
|
|
"type": "number",
|
|
"description": "APISIX control container port",
|
|
"default": 9090
|
|
},
|
|
"metrics": {
|
|
"type": "number",
|
|
"description": "APISIX metrics container port",
|
|
"default": 9099
|
|
}
|
|
}
|
|
},
|
|
"livenessProbe": {
|
|
"type": "object",
|
|
"properties": {
|
|
"enabled": {
|
|
"type": "boolean",
|
|
"description": "Enable livenessProbe on APISIX containers",
|
|
"default": false
|
|
},
|
|
"initialDelaySeconds": {
|
|
"type": "number",
|
|
"description": "Initial delay seconds for livenessProbe",
|
|
"default": 5
|
|
},
|
|
"periodSeconds": {
|
|
"type": "number",
|
|
"description": "Period seconds for livenessProbe",
|
|
"default": 10
|
|
},
|
|
"timeoutSeconds": {
|
|
"type": "number",
|
|
"description": "Timeout seconds for livenessProbe",
|
|
"default": 5
|
|
},
|
|
"failureThreshold": {
|
|
"type": "number",
|
|
"description": "Failure threshold for livenessProbe",
|
|
"default": 5
|
|
},
|
|
"successThreshold": {
|
|
"type": "number",
|
|
"description": "Success threshold for livenessProbe",
|
|
"default": 1
|
|
}
|
|
}
|
|
},
|
|
"readinessProbe": {
|
|
"type": "object",
|
|
"properties": {
|
|
"enabled": {
|
|
"type": "boolean",
|
|
"description": "Enable readinessProbe on APISIX containers",
|
|
"default": true
|
|
},
|
|
"initialDelaySeconds": {
|
|
"type": "number",
|
|
"description": "Initial delay seconds for readinessProbe",
|
|
"default": 5
|
|
},
|
|
"periodSeconds": {
|
|
"type": "number",
|
|
"description": "Period seconds for readinessProbe",
|
|
"default": 10
|
|
},
|
|
"timeoutSeconds": {
|
|
"type": "number",
|
|
"description": "Timeout seconds for readinessProbe",
|
|
"default": 5
|
|
},
|
|
"failureThreshold": {
|
|
"type": "number",
|
|
"description": "Failure threshold for readinessProbe",
|
|
"default": 5
|
|
},
|
|
"successThreshold": {
|
|
"type": "number",
|
|
"description": "Success threshold for readinessProbe",
|
|
"default": 1
|
|
}
|
|
}
|
|
},
|
|
"startupProbe": {
|
|
"type": "object",
|
|
"properties": {
|
|
"enabled": {
|
|
"type": "boolean",
|
|
"description": "Enable startupProbe on APISIX containers",
|
|
"default": false
|
|
},
|
|
"initialDelaySeconds": {
|
|
"type": "number",
|
|
"description": "Initial delay seconds for startupProbe",
|
|
"default": 5
|
|
},
|
|
"periodSeconds": {
|
|
"type": "number",
|
|
"description": "Period seconds for startupProbe",
|
|
"default": 10
|
|
},
|
|
"timeoutSeconds": {
|
|
"type": "number",
|
|
"description": "Timeout seconds for startupProbe",
|
|
"default": 5
|
|
},
|
|
"failureThreshold": {
|
|
"type": "number",
|
|
"description": "Failure threshold for startupProbe",
|
|
"default": 5
|
|
},
|
|
"successThreshold": {
|
|
"type": "number",
|
|
"description": "Success threshold for startupProbe",
|
|
"default": 1
|
|
}
|
|
}
|
|
},
|
|
"customLivenessProbe": {
|
|
"type": "object",
|
|
"description": "Custom livenessProbe that overrides the default one",
|
|
"default": {}
|
|
},
|
|
"customReadinessProbe": {
|
|
"type": "object",
|
|
"description": "Custom readinessProbe that overrides the default one",
|
|
"default": {}
|
|
},
|
|
"customStartupProbe": {
|
|
"type": "object",
|
|
"description": "Custom startupProbe that overrides the default one",
|
|
"default": {}
|
|
},
|
|
"resources": {
|
|
"type": "object",
|
|
"properties": {
|
|
"limits": {
|
|
"type": "object",
|
|
"description": "The resources limits for the APISIX containers",
|
|
"default": {}
|
|
},
|
|
"requests": {
|
|
"type": "object",
|
|
"description": "The requested resources for the APISIX containers",
|
|
"default": {}
|
|
}
|
|
}
|
|
},
|
|
"podSecurityContext": {
|
|
"type": "object",
|
|
"properties": {
|
|
"enabled": {
|
|
"type": "boolean",
|
|
"description": "Enabled APISIX pods' Security Context",
|
|
"default": true
|
|
},
|
|
"fsGroup": {
|
|
"type": "number",
|
|
"description": "Set APISIX pod's Security Context fsGroup",
|
|
"default": 1001
|
|
},
|
|
"seccompProfile": {
|
|
"type": "object",
|
|
"properties": {
|
|
"type": {
|
|
"type": "string",
|
|
"description": "Set APISIX container's Security Context seccomp profile",
|
|
"default": "RuntimeDefault"
|
|
}
|
|
}
|
|
}
|
|
}
|
|
},
|
|
"containerSecurityContext": {
|
|
"type": "object",
|
|
"properties": {
|
|
"enabled": {
|
|
"type": "boolean",
|
|
"description": "Enabled APISIX containers' Security Context",
|
|
"default": true
|
|
},
|
|
"runAsUser": {
|
|
"type": "number",
|
|
"description": "Set APISIX containers' Security Context runAsUser",
|
|
"default": 1001
|
|
},
|
|
"runAsNonRoot": {
|
|
"type": "boolean",
|
|
"description": "Set APISIX containers' Security Context runAsNonRoot",
|
|
"default": true
|
|
},
|
|
"readOnlyRootFilesystem": {
|
|
"type": "boolean",
|
|
"description": "Set APISIX containers' Security Context runAsNonRoot",
|
|
"default": true
|
|
},
|
|
"allowPrivilegeEscalation": {
|
|
"type": "boolean",
|
|
"description": "Set APISIX container's privilege escalation",
|
|
"default": false
|
|
},
|
|
"capabilities": {
|
|
"type": "object",
|
|
"properties": {
|
|
"drop": {
|
|
"type": "array",
|
|
"description": "Set APISIX container's Security Context runAsNonRoot",
|
|
"default": [
|
|
"ALL"
|
|
],
|
|
"items": {
|
|
"type": "string"
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
},
|
|
"command": {
|
|
"type": "array",
|
|
"description": "Override default container command (useful when using custom images)",
|
|
"default": [],
|
|
"items": {}
|
|
},
|
|
"args": {
|
|
"type": "array",
|
|
"description": "Override default container args (useful when using custom images)",
|
|
"default": [],
|
|
"items": {}
|
|
},
|
|
"hostAliases": {
|
|
"type": "array",
|
|
"description": "APISIX pods host aliases",
|
|
"default": [],
|
|
"items": {}
|
|
},
|
|
"defaultConfig": {
|
|
"type": "string",
|
|
"description": "Apisix apisix configuration (evaluated as a template)",
|
|
"default": "{{- if .Values.dataPlane.metrics.enabled }}\nplugin_attr:\n prometheus:\n export_uri: /apisix/prometheus/metrics\n metric_prefix: apisix_\n enable_export_server: true\n export_addr:\n ip: 0.0.0.0\n port: {{ .Values.dataPlane.containerPorts.metrics }}\n{{- end }}\napisix:\n node_listen: {{ .Values.dataPlane.containerPorts.http }}\n enable_admin: false\n {{- if .Values.dataPlane.tls.enabled }}\n ssl:\n enable: true\n listen:\n - port: {{ .Values.dataPlane.containerPorts.https }}\n ssl_trusted_certificate: /bitnami/certs/{{ .Values.dataPlane.tls.certCAFilename }}\n enable_http2: true\n {{- end }}\n control:\n ip: 0.0.0.0\n port: {{ .Values.dataPlane.containerPorts.control }}\nnginx_config:\n error_log: /dev/stderr\n stream:\n access_log: /dev/stdout\n http:\n access_log: /dev/stdout\n http_configuration_snippet: |\n proxy_buffering off;\ndeployment:\n role: data_plane\n role_data_plane:\n config_provider: etcd\n {{- if .Values.controlPlane.enabled }}\n control_plane:\n host:\n - {{ ternary \"https\" \"http\" .Values.controlPlane.tls.enabled }}://{{ include \"apisix.control-plane.fullname\" . }}:{{ .Values.controlPlane.service.ports.configServer }}\n prefix: /apisix\n timeout: 30\n {{- end }}\n {{- if .Values.dataPlane.tls.enabled }}\n certs:\n {{- if .Values.dataPlane.tls.enabled }}\n cert: /bitnami/certs/{{ .Values.dataPlane.tls.certFilename }}\n cert_key: /bitnami/certs/{{ .Values.dataPlane.tls.certKeyFilename }}\n {{- if .Values.dataPlane.tls.certCAFilename }}\n client_ca_cert: /bitnami/certs/{{ .Values.dataPlane.tls.certCAFilename }}\n {{- end }}\n {{- end }}\n {{- end }}\ndiscovery:\n kubernetes:\n service:\n # apiserver schema, options [http, https]\n schema: https #default https\n\n # apiserver host, options [ipv4, ipv6, domain, environment variable]\n host: ${KUBERNETES_SERVICE_HOST} #default ${KUBERNETES_SERVICE_HOST}\n\n # apiserver port, options [port number, environment variable]\n port: ${KUBERNETES_SERVICE_PORT} #default ${KUBERNETES_SERVICE_PORT}\n\n client:\n # serviceaccount token or token_file\n token_file: /var/run/secrets/kubernetes.io/serviceaccount/token\n\n default_weight: 50 # weight assigned to each discovered endpoint. default 50, minimum 0\n"
|
|
},
|
|
"existingConfigMap": {
|
|
"type": "string",
|
|
"description": "name of a ConfigMap with existing configuration for the apisix",
|
|
"default": ""
|
|
},
|
|
"extraConfigExistingConfigMap": {
|
|
"type": "string",
|
|
"description": "name of a ConfigMap with existing configuration for the data plane",
|
|
"default": ""
|
|
},
|
|
"tls": {
|
|
"type": "object",
|
|
"properties": {
|
|
"enabled": {
|
|
"type": "boolean",
|
|
"description": "Enable TLS transport in Data Plane",
|
|
"default": true
|
|
},
|
|
"autoGenerated": {
|
|
"type": "boolean",
|
|
"description": "Auto-generate self-signed certificates",
|
|
"default": true
|
|
},
|
|
"existingSecret": {
|
|
"type": "string",
|
|
"description": "Name of a secret containing the certificates",
|
|
"default": ""
|
|
},
|
|
"certFilename": {
|
|
"type": "string",
|
|
"description": "Path of the certificate file when mounted as a secret",
|
|
"default": "tls.crt"
|
|
},
|
|
"certKeyFilename": {
|
|
"type": "string",
|
|
"description": "Path of the certificate key file when mounted as a secret",
|
|
"default": "tls.key"
|
|
},
|
|
"certCAFilename": {
|
|
"type": "string",
|
|
"description": "Path of the certificate CA file when mounted as a secret",
|
|
"default": "ca.crt"
|
|
},
|
|
"cert": {
|
|
"type": "string",
|
|
"description": "Content of the certificate to be added to the secret",
|
|
"default": ""
|
|
},
|
|
"key": {
|
|
"type": "string",
|
|
"description": "Content of the certificate key to be added to the secret",
|
|
"default": ""
|
|
},
|
|
"ca": {
|
|
"type": "string",
|
|
"description": "Content of the certificate CA to be added to the secret",
|
|
"default": ""
|
|
}
|
|
}
|
|
},
|
|
"podLabels": {
|
|
"type": "object",
|
|
"description": "Extra labels for APISIX pods",
|
|
"default": {}
|
|
},
|
|
"podAnnotations": {
|
|
"type": "object",
|
|
"description": "Annotations for APISIX pods",
|
|
"default": {}
|
|
},
|
|
"podAffinityPreset": {
|
|
"type": "string",
|
|
"description": "Pod affinity preset. Ignored if `apisix.affinity` is set. Allowed values: `soft` or `hard`",
|
|
"default": ""
|
|
},
|
|
"podAntiAffinityPreset": {
|
|
"type": "string",
|
|
"description": "Pod anti-affinity preset. Ignored if `apisix.affinity` is set. Allowed values: `soft` or `hard`",
|
|
"default": "soft"
|
|
},
|
|
"pdb": {
|
|
"type": "object",
|
|
"properties": {
|
|
"create": {
|
|
"type": "boolean",
|
|
"description": "Enable/disable a Pod Disruption Budget creation",
|
|
"default": false
|
|
},
|
|
"minAvailable": {
|
|
"type": "number",
|
|
"description": "Minimum number/percentage of pods that should remain scheduled",
|
|
"default": 1
|
|
},
|
|
"maxUnavailable": {
|
|
"type": "string",
|
|
"description": "Maximum number/percentage of pods that may be made unavailable",
|
|
"default": ""
|
|
}
|
|
}
|
|
},
|
|
"nodeAffinityPreset": {
|
|
"type": "object",
|
|
"properties": {
|
|
"type": {
|
|
"type": "string",
|
|
"description": "Node affinity preset type. Ignored if `apisix.affinity` is set. Allowed values: `soft` or `hard`",
|
|
"default": ""
|
|
},
|
|
"key": {
|
|
"type": "string",
|
|
"description": "Node label key to match. Ignored if `apisix.affinity` is set",
|
|
"default": ""
|
|
},
|
|
"values": {
|
|
"type": "array",
|
|
"description": "Node label values to match. Ignored if `apisix.affinity` is set",
|
|
"default": [],
|
|
"items": {}
|
|
}
|
|
}
|
|
},
|
|
"affinity": {
|
|
"type": "object",
|
|
"description": "Affinity for APISIX pods assignment",
|
|
"default": {}
|
|
},
|
|
"nodeSelector": {
|
|
"type": "object",
|
|
"description": "Node labels for APISIX pods assignment",
|
|
"default": {}
|
|
},
|
|
"tolerations": {
|
|
"type": "array",
|
|
"description": "Tolerations for APISIX pods assignment",
|
|
"default": [],
|
|
"items": {}
|
|
},
|
|
"updateStrategy": {
|
|
"type": "object",
|
|
"properties": {
|
|
"type": {
|
|
"type": "string",
|
|
"description": "APISIX statefulset strategy type",
|
|
"default": "RollingUpdate"
|
|
}
|
|
}
|
|
},
|
|
"priorityClassName": {
|
|
"type": "string",
|
|
"description": "APISIX pods' priorityClassName",
|
|
"default": ""
|
|
},
|
|
"topologySpreadConstraints": {
|
|
"type": "array",
|
|
"description": "Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template",
|
|
"default": [],
|
|
"items": {}
|
|
},
|
|
"schedulerName": {
|
|
"type": "string",
|
|
"description": "Name of the k8s scheduler (other than default) for APISIX pods",
|
|
"default": ""
|
|
},
|
|
"terminationGracePeriodSeconds": {
|
|
"type": "string",
|
|
"description": "Seconds Redmine pod needs to terminate gracefully",
|
|
"default": ""
|
|
},
|
|
"lifecycleHooks": {
|
|
"type": "object",
|
|
"description": "for the APISIX container(s) to automate configuration before or after startup",
|
|
"default": {}
|
|
},
|
|
"extraEnvVars": {
|
|
"type": "array",
|
|
"description": "Array with extra environment variables to add to APISIX nodes",
|
|
"default": [],
|
|
"items": {}
|
|
},
|
|
"extraEnvVarsCM": {
|
|
"type": "string",
|
|
"description": "Name of existing ConfigMap containing extra env vars for APISIX nodes",
|
|
"default": ""
|
|
},
|
|
"extraEnvVarsSecret": {
|
|
"type": "string",
|
|
"description": "Name of existing Secret containing extra env vars for APISIX nodes",
|
|
"default": ""
|
|
},
|
|
"extraVolumes": {
|
|
"type": "array",
|
|
"description": "Optionally specify extra list of additional volumes for the APISIX pod(s)",
|
|
"default": [],
|
|
"items": {}
|
|
},
|
|
"extraVolumeMounts": {
|
|
"type": "array",
|
|
"description": "Optionally specify extra list of additional volumeMounts for the APISIX container(s)",
|
|
"default": [],
|
|
"items": {}
|
|
},
|
|
"sidecars": {
|
|
"type": "array",
|
|
"description": "Add additional sidecar containers to the APISIX pod(s)",
|
|
"default": [],
|
|
"items": {}
|
|
},
|
|
"initContainers": {
|
|
"type": "array",
|
|
"description": "Add additional init containers to the APISIX pod(s)",
|
|
"default": [],
|
|
"items": {}
|
|
},
|
|
"service": {
|
|
"type": "object",
|
|
"properties": {
|
|
"type": {
|
|
"type": "string",
|
|
"description": "APISIX service type",
|
|
"default": "LoadBalancer"
|
|
},
|
|
"ports": {
|
|
"type": "object",
|
|
"properties": {
|
|
"http": {
|
|
"type": "number",
|
|
"description": "APISIX service HTTP port",
|
|
"default": 80
|
|
},
|
|
"https": {
|
|
"type": "number",
|
|
"description": "APISIX service HTTPS port",
|
|
"default": 443
|
|
},
|
|
"metrics": {
|
|
"type": "number",
|
|
"description": "APISIX service HTTPS port",
|
|
"default": 8080
|
|
}
|
|
}
|
|
},
|
|
"nodePorts": {
|
|
"type": "object",
|
|
"properties": {
|
|
"http": {
|
|
"type": "string",
|
|
"description": "Node port for HTTP",
|
|
"default": ""
|
|
},
|
|
"https": {
|
|
"type": "string",
|
|
"description": "Node port for HTTPS",
|
|
"default": ""
|
|
},
|
|
"metrics": {
|
|
"type": "string",
|
|
"description": "Node port for metrics",
|
|
"default": ""
|
|
}
|
|
}
|
|
},
|
|
"clusterIP": {
|
|
"type": "string",
|
|
"description": "APISIX service Cluster IP",
|
|
"default": ""
|
|
},
|
|
"loadBalancerIP": {
|
|
"type": "string",
|
|
"description": "APISIX service Load Balancer IP",
|
|
"default": ""
|
|
},
|
|
"loadBalancerSourceRanges": {
|
|
"type": "array",
|
|
"description": "APISIX service Load Balancer sources",
|
|
"default": [],
|
|
"items": {}
|
|
},
|
|
"externalTrafficPolicy": {
|
|
"type": "string",
|
|
"description": "APISIX service external traffic policy",
|
|
"default": "Cluster"
|
|
},
|
|
"annotations": {
|
|
"type": "object",
|
|
"description": "Additional custom annotations for APISIX service",
|
|
"default": {}
|
|
},
|
|
"extraPorts": {
|
|
"type": "array",
|
|
"description": "Extra ports to expose in APISIX service (normally used with the `sidecars` value)",
|
|
"default": [],
|
|
"items": {}
|
|
},
|
|
"sessionAffinity": {
|
|
"type": "string",
|
|
"description": "Control where web requests go, to the same pod or round-robin",
|
|
"default": "None"
|
|
},
|
|
"sessionAffinityConfig": {
|
|
"type": "object",
|
|
"description": "Additional settings for the sessionAffinity",
|
|
"default": {}
|
|
}
|
|
}
|
|
},
|
|
"ingress": {
|
|
"type": "object",
|
|
"properties": {
|
|
"enabled": {
|
|
"type": "boolean",
|
|
"description": "Enable ingress record generation for Apisix",
|
|
"default": false
|
|
},
|
|
"pathType": {
|
|
"type": "string",
|
|
"description": "Ingress path type",
|
|
"default": "ImplementationSpecific"
|
|
},
|
|
"apiVersion": {
|
|
"type": "string",
|
|
"description": "Force Ingress API version (automatically detected if not set)",
|
|
"default": ""
|
|
},
|
|
"hostname": {
|
|
"type": "string",
|
|
"description": "Default host for the ingress record",
|
|
"default": "apisix-data-plane.local"
|
|
},
|
|
"ingressClassName": {
|
|
"type": "string",
|
|
"description": "IngressClass that will be be used to implement the Ingress (Kubernetes 1.18+)",
|
|
"default": ""
|
|
},
|
|
"path": {
|
|
"type": "string",
|
|
"description": "Default path for the ingress record",
|
|
"default": "/"
|
|
},
|
|
"annotations": {
|
|
"type": "object",
|
|
"description": "Additional annotations for the Ingress resource. To enable certificate autogeneration, place here your cert-manager annotations.",
|
|
"default": {}
|
|
},
|
|
"tls": {
|
|
"type": "boolean",
|
|
"description": "Enable TLS configuration for the host defined at `dataPlane.ingress.hostname` parameter",
|
|
"default": false
|
|
},
|
|
"selfSigned": {
|
|
"type": "boolean",
|
|
"description": "Create a TLS secret for this ingress record using self-signed certificates generated by Helm",
|
|
"default": false
|
|
},
|
|
"extraHosts": {
|
|
"type": "array",
|
|
"description": "An array with additional hostname(s) to be covered with the ingress record",
|
|
"default": [],
|
|
"items": {}
|
|
},
|
|
"extraPaths": {
|
|
"type": "array",
|
|
"description": "An array with additional arbitrary paths that may need to be added to the ingress under the main host",
|
|
"default": [],
|
|
"items": {}
|
|
},
|
|
"extraTls": {
|
|
"type": "array",
|
|
"description": "TLS configuration for additional hostname(s) to be covered with this ingress record",
|
|
"default": [],
|
|
"items": {}
|
|
},
|
|
"secrets": {
|
|
"type": "array",
|
|
"description": "Custom TLS certificates as secrets",
|
|
"default": [],
|
|
"items": {}
|
|
},
|
|
"extraRules": {
|
|
"type": "array",
|
|
"description": "Additional rules to be covered with this ingress record",
|
|
"default": [],
|
|
"items": {}
|
|
}
|
|
}
|
|
},
|
|
"autoscaling": {
|
|
"type": "object",
|
|
"properties": {
|
|
"vpa": {
|
|
"type": "object",
|
|
"properties": {
|
|
"enabled": {
|
|
"type": "boolean",
|
|
"description": "Enable VPA",
|
|
"default": false
|
|
},
|
|
"annotations": {
|
|
"type": "object",
|
|
"description": "Annotations for VPA resource",
|
|
"default": {}
|
|
},
|
|
"controlledResources": {
|
|
"type": "array",
|
|
"description": "VPA List of resources that the vertical pod autoscaler can control. Defaults to cpu and memory",
|
|
"default": [],
|
|
"items": {}
|
|
},
|
|
"maxAllowed": {
|
|
"type": "object",
|
|
"description": "VPA Max allowed resources for the pod",
|
|
"default": {}
|
|
},
|
|
"minAllowed": {
|
|
"type": "object",
|
|
"description": "VPA Min allowed resources for the pod",
|
|
"default": {}
|
|
},
|
|
"updatePolicy": {
|
|
"type": "object",
|
|
"properties": {
|
|
"updateMode": {
|
|
"type": "string",
|
|
"description": "Autoscaling update policy Specifies whether recommended updates are applied when a Pod is started and whether recommended updates are applied during the life of a Pod",
|
|
"default": "Auto"
|
|
}
|
|
}
|
|
}
|
|
}
|
|
},
|
|
"hpa": {
|
|
"type": "object",
|
|
"properties": {
|
|
"enabled": {
|
|
"type": "boolean",
|
|
"description": "Enable HPA for APISIX Data Plane",
|
|
"default": false
|
|
},
|
|
"minReplicas": {
|
|
"type": "string",
|
|
"description": "Minimum number of APISIX Data Plane replicas",
|
|
"default": ""
|
|
},
|
|
"maxReplicas": {
|
|
"type": "string",
|
|
"description": "Maximum number of APISIX Data Plane replicas",
|
|
"default": ""
|
|
},
|
|
"targetCPU": {
|
|
"type": "string",
|
|
"description": "Target CPU utilization percentage",
|
|
"default": ""
|
|
},
|
|
"targetMemory": {
|
|
"type": "string",
|
|
"description": "Target Memory utilization percentage",
|
|
"default": ""
|
|
}
|
|
}
|
|
}
|
|
}
|
|
},
|
|
"rbac": {
|
|
"type": "object",
|
|
"properties": {
|
|
"create": {
|
|
"type": "boolean",
|
|
"description": "Specifies whether RBAC resources should be created",
|
|
"default": true
|
|
},
|
|
"rules": {
|
|
"type": "array",
|
|
"description": "Custom RBAC rules to set",
|
|
"default": [],
|
|
"items": {}
|
|
}
|
|
}
|
|
},
|
|
"serviceAccount": {
|
|
"type": "object",
|
|
"properties": {
|
|
"create": {
|
|
"type": "boolean",
|
|
"description": "Specifies whether a ServiceAccount should be created",
|
|
"default": true
|
|
},
|
|
"name": {
|
|
"type": "string",
|
|
"description": "The name of the ServiceAccount to use.",
|
|
"default": ""
|
|
},
|
|
"annotations": {
|
|
"type": "object",
|
|
"description": "Additional Service Account annotations (evaluated as a template)",
|
|
"default": {}
|
|
},
|
|
"automountServiceAccountToken": {
|
|
"type": "boolean",
|
|
"description": "Automount service account token for the apisix service account",
|
|
"default": true
|
|
}
|
|
}
|
|
},
|
|
"metrics": {
|
|
"type": "object",
|
|
"properties": {
|
|
"enabled": {
|
|
"type": "boolean",
|
|
"description": "Enable the export of Prometheus metrics",
|
|
"default": false
|
|
},
|
|
"annotations": {
|
|
"type": "object",
|
|
"properties": {
|
|
"prometheus": {
|
|
"type": "object",
|
|
"properties": {
|
|
"io/scrape": {
|
|
"type": "string",
|
|
"description": "",
|
|
"default": "true"
|
|
},
|
|
"io/port": {
|
|
"type": "string",
|
|
"description": "",
|
|
"default": "{{ .Values.dataPlane.service.ports.metrics }}"
|
|
},
|
|
"io/path": {
|
|
"type": "string",
|
|
"description": "",
|
|
"default": "/apisix/prometheus/metrics"
|
|
}
|
|
}
|
|
}
|
|
}
|
|
},
|
|
"serviceMonitor": {
|
|
"type": "object",
|
|
"properties": {
|
|
"enabled": {
|
|
"type": "boolean",
|
|
"description": "if `true`, creates a Prometheus Operator ServiceMonitor (also requires `metrics.enabled` to be `true`)",
|
|
"default": false
|
|
},
|
|
"namespace": {
|
|
"type": "string",
|
|
"description": "Namespace in which Prometheus is running",
|
|
"default": ""
|
|
},
|
|
"annotations": {
|
|
"type": "object",
|
|
"description": "Additional custom annotations for the ServiceMonitor",
|
|
"default": {}
|
|
},
|
|
"labels": {
|
|
"type": "object",
|
|
"description": "Extra labels for the ServiceMonitor",
|
|
"default": {}
|
|
},
|
|
"jobLabel": {
|
|
"type": "string",
|
|
"description": "The name of the label on the target service to use as the job name in Prometheus",
|
|
"default": ""
|
|
},
|
|
"honorLabels": {
|
|
"type": "boolean",
|
|
"description": "honorLabels chooses the metric's labels on collisions with target labels",
|
|
"default": false
|
|
},
|
|
"interval": {
|
|
"type": "string",
|
|
"description": "Interval at which metrics should be scraped.",
|
|
"default": ""
|
|
},
|
|
"scrapeTimeout": {
|
|
"type": "string",
|
|
"description": "Timeout after which the scrape is ended",
|
|
"default": ""
|
|
},
|
|
"metricRelabelings": {
|
|
"type": "array",
|
|
"description": "Specify additional relabeling of metrics",
|
|
"default": [],
|
|
"items": {}
|
|
},
|
|
"relabelings": {
|
|
"type": "array",
|
|
"description": "Specify general relabeling",
|
|
"default": [],
|
|
"items": {}
|
|
},
|
|
"selector": {
|
|
"type": "object",
|
|
"description": "Prometheus instance selector labels",
|
|
"default": {}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
},
|
|
"controlPlane": {
|
|
"type": "object",
|
|
"properties": {
|
|
"enabled": {
|
|
"type": "boolean",
|
|
"description": "Enable APISIX",
|
|
"default": true
|
|
},
|
|
"replicaCount": {
|
|
"type": "number",
|
|
"description": "Number of APISIX replicas to deploy",
|
|
"default": 1
|
|
},
|
|
"hostNetwork": {
|
|
"type": "boolean",
|
|
"description": "Use hostNetwork",
|
|
"default": false
|
|
},
|
|
"useDaemonSet": {
|
|
"type": "boolean",
|
|
"description": "Deploy as DaemonSet",
|
|
"default": false
|
|
},
|
|
"containerPorts": {
|
|
"type": "object",
|
|
"properties": {
|
|
"adminAPI": {
|
|
"type": "number",
|
|
"description": "APISIX Admin API port",
|
|
"default": 9180
|
|
},
|
|
"configServer": {
|
|
"type": "number",
|
|
"description": "APISIX config port",
|
|
"default": 9280
|
|
},
|
|
"control": {
|
|
"type": "number",
|
|
"description": "APISIX control port",
|
|
"default": 9090
|
|
},
|
|
"metrics": {
|
|
"type": "number",
|
|
"description": "APISIX metrics port",
|
|
"default": 9099
|
|
}
|
|
}
|
|
},
|
|
"livenessProbe": {
|
|
"type": "object",
|
|
"properties": {
|
|
"enabled": {
|
|
"type": "boolean",
|
|
"description": "Enable livenessProbe on APISIX containers",
|
|
"default": false
|
|
},
|
|
"initialDelaySeconds": {
|
|
"type": "number",
|
|
"description": "Initial delay seconds for livenessProbe",
|
|
"default": 5
|
|
},
|
|
"periodSeconds": {
|
|
"type": "number",
|
|
"description": "Period seconds for livenessProbe",
|
|
"default": 10
|
|
},
|
|
"timeoutSeconds": {
|
|
"type": "number",
|
|
"description": "Timeout seconds for livenessProbe",
|
|
"default": 5
|
|
},
|
|
"failureThreshold": {
|
|
"type": "number",
|
|
"description": "Failure threshold for livenessProbe",
|
|
"default": 5
|
|
},
|
|
"successThreshold": {
|
|
"type": "number",
|
|
"description": "Success threshold for livenessProbe",
|
|
"default": 1
|
|
}
|
|
}
|
|
},
|
|
"readinessProbe": {
|
|
"type": "object",
|
|
"properties": {
|
|
"enabled": {
|
|
"type": "boolean",
|
|
"description": "Enable readinessProbe on APISIX containers",
|
|
"default": true
|
|
},
|
|
"initialDelaySeconds": {
|
|
"type": "number",
|
|
"description": "Initial delay seconds for readinessProbe",
|
|
"default": 5
|
|
},
|
|
"periodSeconds": {
|
|
"type": "number",
|
|
"description": "Period seconds for readinessProbe",
|
|
"default": 10
|
|
},
|
|
"timeoutSeconds": {
|
|
"type": "number",
|
|
"description": "Timeout seconds for readinessProbe",
|
|
"default": 5
|
|
},
|
|
"failureThreshold": {
|
|
"type": "number",
|
|
"description": "Failure threshold for readinessProbe",
|
|
"default": 5
|
|
},
|
|
"successThreshold": {
|
|
"type": "number",
|
|
"description": "Success threshold for readinessProbe",
|
|
"default": 1
|
|
}
|
|
}
|
|
},
|
|
"startupProbe": {
|
|
"type": "object",
|
|
"properties": {
|
|
"enabled": {
|
|
"type": "boolean",
|
|
"description": "Enable startupProbe on APISIX containers",
|
|
"default": false
|
|
},
|
|
"initialDelaySeconds": {
|
|
"type": "number",
|
|
"description": "Initial delay seconds for startupProbe",
|
|
"default": 5
|
|
},
|
|
"periodSeconds": {
|
|
"type": "number",
|
|
"description": "Period seconds for startupProbe",
|
|
"default": 10
|
|
},
|
|
"timeoutSeconds": {
|
|
"type": "number",
|
|
"description": "Timeout seconds for startupProbe",
|
|
"default": 5
|
|
},
|
|
"failureThreshold": {
|
|
"type": "number",
|
|
"description": "Failure threshold for startupProbe",
|
|
"default": 5
|
|
},
|
|
"successThreshold": {
|
|
"type": "number",
|
|
"description": "Success threshold for startupProbe",
|
|
"default": 1
|
|
}
|
|
}
|
|
},
|
|
"customLivenessProbe": {
|
|
"type": "object",
|
|
"description": "Custom livenessProbe that overrides the default one",
|
|
"default": {}
|
|
},
|
|
"customReadinessProbe": {
|
|
"type": "object",
|
|
"description": "Custom readinessProbe that overrides the default one",
|
|
"default": {}
|
|
},
|
|
"customStartupProbe": {
|
|
"type": "object",
|
|
"description": "Custom startupProbe that overrides the default one",
|
|
"default": {}
|
|
},
|
|
"resources": {
|
|
"type": "object",
|
|
"properties": {
|
|
"limits": {
|
|
"type": "object",
|
|
"description": "The resources limits for the APISIX containers",
|
|
"default": {}
|
|
},
|
|
"requests": {
|
|
"type": "object",
|
|
"description": "The requested resources for the APISIX containers",
|
|
"default": {}
|
|
}
|
|
}
|
|
},
|
|
"podSecurityContext": {
|
|
"type": "object",
|
|
"properties": {
|
|
"enabled": {
|
|
"type": "boolean",
|
|
"description": "Enabled APISIX pods' Security Context",
|
|
"default": true
|
|
},
|
|
"fsGroup": {
|
|
"type": "number",
|
|
"description": "Set APISIX pod's Security Context fsGroup",
|
|
"default": 1001
|
|
},
|
|
"seccompProfile": {
|
|
"type": "object",
|
|
"properties": {
|
|
"type": {
|
|
"type": "string",
|
|
"description": "Set APISIX container's Security Context seccomp profile",
|
|
"default": "RuntimeDefault"
|
|
}
|
|
}
|
|
}
|
|
}
|
|
},
|
|
"containerSecurityContext": {
|
|
"type": "object",
|
|
"properties": {
|
|
"enabled": {
|
|
"type": "boolean",
|
|
"description": "Enabled APISIX containers' Security Context",
|
|
"default": true
|
|
},
|
|
"runAsUser": {
|
|
"type": "number",
|
|
"description": "Set APISIX containers' Security Context runAsUser",
|
|
"default": 1001
|
|
},
|
|
"runAsNonRoot": {
|
|
"type": "boolean",
|
|
"description": "Set APISIX containers' Security Context runAsNonRoot",
|
|
"default": true
|
|
},
|
|
"readOnlyRootFilesystem": {
|
|
"type": "boolean",
|
|
"description": "Set APISIX containers' Security Context runAsNonRoot",
|
|
"default": true
|
|
},
|
|
"allowPrivilegeEscalation": {
|
|
"type": "boolean",
|
|
"description": "Set APISIX container's privilege escalation",
|
|
"default": false
|
|
},
|
|
"capabilities": {
|
|
"type": "object",
|
|
"properties": {
|
|
"drop": {
|
|
"type": "array",
|
|
"description": "Set APISIX container's Security Context runAsNonRoot",
|
|
"default": [
|
|
"ALL"
|
|
],
|
|
"items": {
|
|
"type": "string"
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
},
|
|
"command": {
|
|
"type": "array",
|
|
"description": "Override default container command (useful when using custom images)",
|
|
"default": [],
|
|
"items": {}
|
|
},
|
|
"args": {
|
|
"type": "array",
|
|
"description": "Override default container args (useful when using custom images)",
|
|
"default": [],
|
|
"items": {}
|
|
},
|
|
"hostAliases": {
|
|
"type": "array",
|
|
"description": "APISIX pods host aliases",
|
|
"default": [],
|
|
"items": {}
|
|
},
|
|
"apiTokenAdmin": {
|
|
"type": "string",
|
|
"description": "Admin API Token for APISIX control plane",
|
|
"default": ""
|
|
},
|
|
"apiTokenViewer": {
|
|
"type": "string",
|
|
"description": "Viewer API Token for APISIX control plane",
|
|
"default": ""
|
|
},
|
|
"existingSecret": {
|
|
"type": "string",
|
|
"description": "Name of a secret containing API Tokens for APISIX control plane",
|
|
"default": ""
|
|
},
|
|
"existingSecretAdminTokenKey": {
|
|
"type": "string",
|
|
"description": "Key inside the secret containing the Admin API Tokens for APISIX control plane",
|
|
"default": ""
|
|
},
|
|
"existingSecretViewerTokenKey": {
|
|
"type": "string",
|
|
"description": "Key inside the secret containing the Viewer API Tokens for APISIX control plane",
|
|
"default": ""
|
|
},
|
|
"defaultConfig": {
|
|
"type": "string",
|
|
"description": "Apisix apisix configuration (evaluated as a template)",
|
|
"default": "{{- if .Values.controlPlane.metrics.enabled }}\nplugin_attr:\n prometheus:\n export_uri: /apisix/prometheus/metrics\n metric_prefix: apisix_\n enable_export_server: true\n export_addr:\n ip: 0.0.0.0\n port: {{ .Values.controlPlane.containerPorts.metrics }}\n{{- end }}\nnginx_config:\n error_log: /dev/stderr\n stream:\n access_log: /dev/stdout\n http:\n access_log: /dev/stdout\n http_configuration_snippet: |\n proxy_buffering off;\napisix:\n control:\n ip: 0.0.0.0\n port: {{ .Values.controlPlane.containerPorts.control }}\ndeployment:\n role: control_plane\n role_control_plane:\n config_provider: etcd\n conf_server:\n listen: 0.0.0.0:{{ .Values.controlPlane.containerPorts.configServer }}\n cert: /bitnami/certs/{{ .Values.controlPlane.tls.certFilename }}\n cert_key: /bitnami/certs/{{ .Values.controlPlane.tls.certKeyFilename }}\n etcd:\n host:\n {{- if .Values.etcd.enabled }}\n {{- $replicas := $.Values.etcd.replicaCount | int }}\n {{- range $i, $_e := until $replicas }}\n - {{ printf \"%s://%s-%d.%s:%v\" (ternary \"https\" \"http\" $.Values.etcd.auth.client.secureTransport) (include \"apisix.etcd.fullname\" $ ) $i (include \"apisix.etcd.headlessServiceName\" $) ( include \"apisix.etcd.port\" $ ) }} {{- end }}\n {{- else }}\n {{- range $node := .Values.externalEtcd.servers }}\n - {{ ternary \"https\" \"http\" $.Values.externalEtcd.secureTransport }}://{{ printf \"%s:%v\" $node (include \"apisix.etcd.port\" $) }}\n {{- end }}\n {{- end }}\n prefix: /apisix\n timeout: 30\n use_grpc: false\n startup_retry: 60\n {{- if (include \"apisix.etcd.authEnabled\" .) }}\n user: \"{{ print \"{{APISIX_ETCD_USER}}\" }}\"\n password: \"{{ print \"{{APISIX_ETCD_PASSWORD}}\" }}\"\n {{- end }}\n {{- if .Values.controlPlane.tls.enabled }}\n certs:\n {{- if .Values.controlPlane.tls.enabled }}\n cert: /bitnami/certs/{{ .Values.controlPlane.tls.certFilename }}\n cert_key: /bitnami/certs/{{ .Values.controlPlane.tls.certKeyFilename }}\n {{- if .Values.controlPlane.tls.certCAFilename }}\n client_ca_cert: /bitnami/certs/{{ .Values.controlPlane.tls.certCAFilename }}\n {{- end }}\n {{- end }}\n {{- end }}\n admin:\n {{- if .Values.controlPlane.tls.enabled }}\n https_admin: true\n admin_api_mtls:\n admin_ssl_cert: /bitnami/certs/{{ .Values.controlPlane.tls.certFilename }}\n admin_ssl_cert_key: /bitnami/certs/{{ .Values.controlPlane.tls.certKeyFilename }}\n {{- end }}\n\n allow_admin:\n - 0.0.0.0/0\n\n admin_key:\n - name: admin\n key: \"{{ print \"{{APISIX_ADMIN_API_TOKEN}}\" }}\"\n role: admin\n - name: viewer\n key: \"{{ print \"{{APISIX_VIEWER_API_TOKEN}}\" }}\"\n role: viewer\n admin_listen:\n port: {{ .Values.controlPlane.containerPorts.adminAPI }}\n enable_admin_cors: true # Admin API support CORS response headers.\ndiscovery:\n kubernetes:\n service:\n schema: https #default https\n\n # apiserver host, options [ipv4, ipv6, domain, environment variable]\n host: ${KUBERNETES_SERVICE_HOST}\n\n # apiserver port, options [port number, environment variable]\n port: ${KUBERNETES_SERVICE_PORT}\n\n client:\n # serviceaccount token or token_file\n token_file: /var/run/secrets/kubernetes.io/serviceaccount/token\n\n default_weight: 50 # weight assigned to each discovered endpoint. default 50, minimum 0\n"
|
|
},
|
|
"existingConfigMap": {
|
|
"type": "string",
|
|
"description": "name of a ConfigMap with existing configuration for the apisix",
|
|
"default": ""
|
|
},
|
|
"extraConfigExistingConfigMap": {
|
|
"type": "string",
|
|
"description": "name of a ConfigMap with existing configuration for the conrol plane",
|
|
"default": ""
|
|
},
|
|
"tls": {
|
|
"type": "object",
|
|
"properties": {
|
|
"enabled": {
|
|
"type": "boolean",
|
|
"description": "Enable TLS transport in Control Plane",
|
|
"default": true
|
|
},
|
|
"autoGenerated": {
|
|
"type": "boolean",
|
|
"description": "Auto-generate self-signed certificates",
|
|
"default": true
|
|
},
|
|
"existingSecret": {
|
|
"type": "string",
|
|
"description": "Name of a secret containing the certificates",
|
|
"default": ""
|
|
},
|
|
"certFilename": {
|
|
"type": "string",
|
|
"description": "Path of the certificate file when mounted as a secret",
|
|
"default": "tls.crt"
|
|
},
|
|
"certKeyFilename": {
|
|
"type": "string",
|
|
"description": "Path of the certificate key file when mounted as a secret",
|
|
"default": "tls.key"
|
|
},
|
|
"certCAFilename": {
|
|
"type": "string",
|
|
"description": "Path of the certificate CA file when mounted as a secret",
|
|
"default": "ca.crt"
|
|
},
|
|
"cert": {
|
|
"type": "string",
|
|
"description": "Content of the certificate to be added to the secret",
|
|
"default": ""
|
|
},
|
|
"key": {
|
|
"type": "string",
|
|
"description": "Content of the certificate key to be added to the secret",
|
|
"default": ""
|
|
},
|
|
"ca": {
|
|
"type": "string",
|
|
"description": "Content of the certificate CA to be added to the secret",
|
|
"default": ""
|
|
}
|
|
}
|
|
},
|
|
"podLabels": {
|
|
"type": "object",
|
|
"description": "Extra labels for APISIX pods",
|
|
"default": {}
|
|
},
|
|
"podAnnotations": {
|
|
"type": "object",
|
|
"description": "Annotations for APISIX pods",
|
|
"default": {}
|
|
},
|
|
"podAffinityPreset": {
|
|
"type": "string",
|
|
"description": "Pod affinity preset. Ignored if `apisix.affinity` is set. Allowed values: `soft` or `hard`",
|
|
"default": ""
|
|
},
|
|
"podAntiAffinityPreset": {
|
|
"type": "string",
|
|
"description": "Pod anti-affinity preset. Ignored if `apisix.affinity` is set. Allowed values: `soft` or `hard`",
|
|
"default": "soft"
|
|
},
|
|
"pdb": {
|
|
"type": "object",
|
|
"properties": {
|
|
"create": {
|
|
"type": "boolean",
|
|
"description": "Enable/disable a Pod Disruption Budget creation",
|
|
"default": false
|
|
},
|
|
"minAvailable": {
|
|
"type": "number",
|
|
"description": "Minimum number/percentage of pods that should remain scheduled",
|
|
"default": 1
|
|
},
|
|
"maxUnavailable": {
|
|
"type": "string",
|
|
"description": "Maximum number/percentage of pods that may be made unavailable",
|
|
"default": ""
|
|
}
|
|
}
|
|
},
|
|
"nodeAffinityPreset": {
|
|
"type": "object",
|
|
"properties": {
|
|
"type": {
|
|
"type": "string",
|
|
"description": "Node affinity preset type. Ignored if `apisix.affinity` is set. Allowed values: `soft` or `hard`",
|
|
"default": ""
|
|
},
|
|
"key": {
|
|
"type": "string",
|
|
"description": "Node label key to match. Ignored if `apisix.affinity` is set",
|
|
"default": ""
|
|
},
|
|
"values": {
|
|
"type": "array",
|
|
"description": "Node label values to match. Ignored if `apisix.affinity` is set",
|
|
"default": [],
|
|
"items": {}
|
|
}
|
|
}
|
|
},
|
|
"affinity": {
|
|
"type": "object",
|
|
"description": "Affinity for APISIX pods assignment",
|
|
"default": {}
|
|
},
|
|
"nodeSelector": {
|
|
"type": "object",
|
|
"description": "Node labels for APISIX pods assignment",
|
|
"default": {}
|
|
},
|
|
"tolerations": {
|
|
"type": "array",
|
|
"description": "Tolerations for APISIX pods assignment",
|
|
"default": [],
|
|
"items": {}
|
|
},
|
|
"updateStrategy": {
|
|
"type": "object",
|
|
"properties": {
|
|
"type": {
|
|
"type": "string",
|
|
"description": "APISIX statefulset strategy type",
|
|
"default": "RollingUpdate"
|
|
}
|
|
}
|
|
},
|
|
"priorityClassName": {
|
|
"type": "string",
|
|
"description": "APISIX pods' priorityClassName",
|
|
"default": ""
|
|
},
|
|
"topologySpreadConstraints": {
|
|
"type": "array",
|
|
"description": "Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template",
|
|
"default": [],
|
|
"items": {}
|
|
},
|
|
"schedulerName": {
|
|
"type": "string",
|
|
"description": "Name of the k8s scheduler (other than default) for APISIX pods",
|
|
"default": ""
|
|
},
|
|
"terminationGracePeriodSeconds": {
|
|
"type": "string",
|
|
"description": "Seconds Redmine pod needs to terminate gracefully",
|
|
"default": ""
|
|
},
|
|
"lifecycleHooks": {
|
|
"type": "object",
|
|
"description": "for the APISIX container(s) to automate configuration before or after startup",
|
|
"default": {}
|
|
},
|
|
"extraEnvVars": {
|
|
"type": "array",
|
|
"description": "Array with extra environment variables to add to APISIX nodes",
|
|
"default": [],
|
|
"items": {}
|
|
},
|
|
"extraEnvVarsCM": {
|
|
"type": "string",
|
|
"description": "Name of existing ConfigMap containing extra env vars for APISIX nodes",
|
|
"default": ""
|
|
},
|
|
"extraEnvVarsSecret": {
|
|
"type": "string",
|
|
"description": "Name of existing Secret containing extra env vars for APISIX nodes",
|
|
"default": ""
|
|
},
|
|
"extraVolumes": {
|
|
"type": "array",
|
|
"description": "Optionally specify extra list of additional volumes for the APISIX pod(s)",
|
|
"default": [],
|
|
"items": {}
|
|
},
|
|
"extraVolumeMounts": {
|
|
"type": "array",
|
|
"description": "Optionally specify extra list of additional volumeMounts for the APISIX container(s)",
|
|
"default": [],
|
|
"items": {}
|
|
},
|
|
"sidecars": {
|
|
"type": "array",
|
|
"description": "Add additional sidecar containers to the APISIX pod(s)",
|
|
"default": [],
|
|
"items": {}
|
|
},
|
|
"initContainers": {
|
|
"type": "array",
|
|
"description": "Add additional init containers to the APISIX pod(s)",
|
|
"default": [],
|
|
"items": {}
|
|
},
|
|
"service": {
|
|
"type": "object",
|
|
"properties": {
|
|
"type": {
|
|
"type": "string",
|
|
"description": "APISIX service type",
|
|
"default": "ClusterIP"
|
|
},
|
|
"ports": {
|
|
"type": "object",
|
|
"properties": {
|
|
"adminAPI": {
|
|
"type": "number",
|
|
"description": "APISIX service Admin API port",
|
|
"default": 9180
|
|
},
|
|
"configServer": {
|
|
"type": "number",
|
|
"description": "APISIX service Config Server port",
|
|
"default": 9280
|
|
},
|
|
"metrics": {
|
|
"type": "number",
|
|
"description": "APISIX service metrics port",
|
|
"default": 8080
|
|
}
|
|
}
|
|
},
|
|
"nodePorts": {
|
|
"type": "object",
|
|
"properties": {
|
|
"adminAPI": {
|
|
"type": "string",
|
|
"description": "Node port for Admin API",
|
|
"default": ""
|
|
},
|
|
"configServer": {
|
|
"type": "string",
|
|
"description": "Node port for Config Server",
|
|
"default": ""
|
|
},
|
|
"metrics": {
|
|
"type": "string",
|
|
"description": "Node port for Metrics",
|
|
"default": ""
|
|
}
|
|
}
|
|
},
|
|
"clusterIP": {
|
|
"type": "string",
|
|
"description": "APISIX service Cluster IP",
|
|
"default": ""
|
|
},
|
|
"loadBalancerIP": {
|
|
"type": "string",
|
|
"description": "APISIX service Load Balancer IP",
|
|
"default": ""
|
|
},
|
|
"loadBalancerSourceRanges": {
|
|
"type": "array",
|
|
"description": "APISIX service Load Balancer sources",
|
|
"default": [],
|
|
"items": {}
|
|
},
|
|
"externalTrafficPolicy": {
|
|
"type": "string",
|
|
"description": "APISIX service external traffic policy",
|
|
"default": "Cluster"
|
|
},
|
|
"annotations": {
|
|
"type": "object",
|
|
"description": "Additional custom annotations for APISIX service",
|
|
"default": {}
|
|
},
|
|
"extraPorts": {
|
|
"type": "array",
|
|
"description": "Extra ports to expose in APISIX service (normally used with the `sidecars` value)",
|
|
"default": [],
|
|
"items": {}
|
|
},
|
|
"sessionAffinity": {
|
|
"type": "string",
|
|
"description": "Control where web requests go, to the same pod or round-robin",
|
|
"default": "None"
|
|
},
|
|
"sessionAffinityConfig": {
|
|
"type": "object",
|
|
"description": "Additional settings for the sessionAffinity",
|
|
"default": {}
|
|
}
|
|
}
|
|
},
|
|
"ingress": {
|
|
"type": "object",
|
|
"properties": {
|
|
"enabled": {
|
|
"type": "boolean",
|
|
"description": "Enable ingress record generation for Apisix",
|
|
"default": false
|
|
},
|
|
"pathType": {
|
|
"type": "string",
|
|
"description": "Ingress path type",
|
|
"default": "ImplementationSpecific"
|
|
},
|
|
"apiVersion": {
|
|
"type": "string",
|
|
"description": "Force Ingress API version (automatically detected if not set)",
|
|
"default": ""
|
|
},
|
|
"hostname": {
|
|
"type": "string",
|
|
"description": "Default host for the ingress record",
|
|
"default": "apisix-control-plane.local"
|
|
},
|
|
"ingressClassName": {
|
|
"type": "string",
|
|
"description": "IngressClass that will be be used to implement the Ingress (Kubernetes 1.18+)",
|
|
"default": ""
|
|
},
|
|
"path": {
|
|
"type": "string",
|
|
"description": "Default path for the ingress record",
|
|
"default": "/"
|
|
},
|
|
"annotations": {
|
|
"type": "object",
|
|
"description": "Additional annotations for the Ingress resource. To enable certificate autogeneration, place here your cert-manager annotations.",
|
|
"default": {}
|
|
},
|
|
"tls": {
|
|
"type": "boolean",
|
|
"description": "Enable TLS configuration for the host defined at `controlPlane.ingress.hostname` parameter",
|
|
"default": false
|
|
},
|
|
"selfSigned": {
|
|
"type": "boolean",
|
|
"description": "Create a TLS secret for this ingress record using self-signed certificates generated by Helm",
|
|
"default": false
|
|
},
|
|
"extraHosts": {
|
|
"type": "array",
|
|
"description": "An array with additional hostname(s) to be covered with the ingress record",
|
|
"default": [],
|
|
"items": {}
|
|
},
|
|
"extraPaths": {
|
|
"type": "array",
|
|
"description": "An array with additional arbitrary paths that may need to be added to the ingress under the main host",
|
|
"default": [],
|
|
"items": {}
|
|
},
|
|
"extraTls": {
|
|
"type": "array",
|
|
"description": "TLS configuration for additional hostname(s) to be covered with this ingress record",
|
|
"default": [],
|
|
"items": {}
|
|
},
|
|
"secrets": {
|
|
"type": "array",
|
|
"description": "Custom TLS certificates as secrets",
|
|
"default": [],
|
|
"items": {}
|
|
},
|
|
"extraRules": {
|
|
"type": "array",
|
|
"description": "Additional rules to be covered with this ingress record",
|
|
"default": [],
|
|
"items": {}
|
|
}
|
|
}
|
|
},
|
|
"autoscaling": {
|
|
"type": "object",
|
|
"properties": {
|
|
"vpa": {
|
|
"type": "object",
|
|
"properties": {
|
|
"enabled": {
|
|
"type": "boolean",
|
|
"description": "Enable VPA",
|
|
"default": false
|
|
},
|
|
"annotations": {
|
|
"type": "object",
|
|
"description": "Annotations for VPA resource",
|
|
"default": {}
|
|
},
|
|
"controlledResources": {
|
|
"type": "array",
|
|
"description": "VPA List of resources that the vertical pod autoscaler can control. Defaults to cpu and memory",
|
|
"default": [],
|
|
"items": {}
|
|
},
|
|
"maxAllowed": {
|
|
"type": "object",
|
|
"description": "VPA Max allowed resources for the pod",
|
|
"default": {}
|
|
},
|
|
"minAllowed": {
|
|
"type": "object",
|
|
"description": "VPA Min allowed resources for the pod",
|
|
"default": {}
|
|
},
|
|
"updatePolicy": {
|
|
"type": "object",
|
|
"properties": {
|
|
"updateMode": {
|
|
"type": "string",
|
|
"description": "Autoscaling update policy Specifies whether recommended updates are applied when a Pod is started and whether recommended updates are applied during the life of a Pod",
|
|
"default": "Auto"
|
|
}
|
|
}
|
|
}
|
|
}
|
|
},
|
|
"hpa": {
|
|
"type": "object",
|
|
"properties": {
|
|
"enabled": {
|
|
"type": "boolean",
|
|
"description": "Enable HPA for APISIX Data Plane",
|
|
"default": false
|
|
},
|
|
"minReplicas": {
|
|
"type": "string",
|
|
"description": "Minimum number of APISIX Data Plane replicas",
|
|
"default": ""
|
|
},
|
|
"maxReplicas": {
|
|
"type": "string",
|
|
"description": "Maximum number of APISIX Data Plane replicas",
|
|
"default": ""
|
|
},
|
|
"targetCPU": {
|
|
"type": "string",
|
|
"description": "Target CPU utilization percentage",
|
|
"default": ""
|
|
},
|
|
"targetMemory": {
|
|
"type": "string",
|
|
"description": "Target Memory utilization percentage",
|
|
"default": ""
|
|
}
|
|
}
|
|
}
|
|
}
|
|
},
|
|
"rbac": {
|
|
"type": "object",
|
|
"properties": {
|
|
"create": {
|
|
"type": "boolean",
|
|
"description": "Specifies whether RBAC resources should be created",
|
|
"default": true
|
|
},
|
|
"rules": {
|
|
"type": "array",
|
|
"description": "Custom RBAC rules to set",
|
|
"default": [],
|
|
"items": {}
|
|
}
|
|
}
|
|
},
|
|
"serviceAccount": {
|
|
"type": "object",
|
|
"properties": {
|
|
"create": {
|
|
"type": "boolean",
|
|
"description": "Specifies whether a ServiceAccount should be created",
|
|
"default": true
|
|
},
|
|
"name": {
|
|
"type": "string",
|
|
"description": "The name of the ServiceAccount to use.",
|
|
"default": ""
|
|
},
|
|
"annotations": {
|
|
"type": "object",
|
|
"description": "Additional Service Account annotations (evaluated as a template)",
|
|
"default": {}
|
|
},
|
|
"automountServiceAccountToken": {
|
|
"type": "boolean",
|
|
"description": "Automount service account token for the apisix service account",
|
|
"default": true
|
|
}
|
|
}
|
|
},
|
|
"metrics": {
|
|
"type": "object",
|
|
"properties": {
|
|
"enabled": {
|
|
"type": "boolean",
|
|
"description": "Enable the export of Prometheus metrics",
|
|
"default": false
|
|
},
|
|
"annotations": {
|
|
"type": "object",
|
|
"properties": {
|
|
"prometheus": {
|
|
"type": "object",
|
|
"properties": {
|
|
"io/scrape": {
|
|
"type": "string",
|
|
"description": "",
|
|
"default": "true"
|
|
},
|
|
"io/port": {
|
|
"type": "string",
|
|
"description": "",
|
|
"default": "{{ .Values.controlPlane.service.ports.metrics }}"
|
|
},
|
|
"io/path": {
|
|
"type": "string",
|
|
"description": "",
|
|
"default": "/apisix/prometheus/metrics"
|
|
}
|
|
}
|
|
}
|
|
}
|
|
},
|
|
"serviceMonitor": {
|
|
"type": "object",
|
|
"properties": {
|
|
"enabled": {
|
|
"type": "boolean",
|
|
"description": "if `true`, creates a Prometheus Operator ServiceMonitor (also requires `metrics.enabled` to be `true`)",
|
|
"default": false
|
|
},
|
|
"namespace": {
|
|
"type": "string",
|
|
"description": "Namespace in which Prometheus is running",
|
|
"default": ""
|
|
},
|
|
"annotations": {
|
|
"type": "object",
|
|
"description": "Additional custom annotations for the ServiceMonitor",
|
|
"default": {}
|
|
},
|
|
"labels": {
|
|
"type": "object",
|
|
"description": "Extra labels for the ServiceMonitor",
|
|
"default": {}
|
|
},
|
|
"jobLabel": {
|
|
"type": "string",
|
|
"description": "The name of the label on the target service to use as the job name in Prometheus",
|
|
"default": ""
|
|
},
|
|
"honorLabels": {
|
|
"type": "boolean",
|
|
"description": "honorLabels chooses the metric's labels on collisions with target labels",
|
|
"default": false
|
|
},
|
|
"interval": {
|
|
"type": "string",
|
|
"description": "Interval at which metrics should be scraped.",
|
|
"default": ""
|
|
},
|
|
"scrapeTimeout": {
|
|
"type": "string",
|
|
"description": "Timeout after which the scrape is ended",
|
|
"default": ""
|
|
},
|
|
"metricRelabelings": {
|
|
"type": "array",
|
|
"description": "Specify additional relabeling of metrics",
|
|
"default": [],
|
|
"items": {}
|
|
},
|
|
"relabelings": {
|
|
"type": "array",
|
|
"description": "Specify general relabeling",
|
|
"default": [],
|
|
"items": {}
|
|
},
|
|
"selector": {
|
|
"type": "object",
|
|
"description": "Prometheus instance selector labels",
|
|
"default": {}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
},
|
|
"dashboard": {
|
|
"type": "object",
|
|
"properties": {
|
|
"enabled": {
|
|
"type": "boolean",
|
|
"description": "Enable APISIX Dashboard",
|
|
"default": true
|
|
},
|
|
"replicaCount": {
|
|
"type": "number",
|
|
"description": "Number of APISIX Dashboard replicas to deploy",
|
|
"default": 1
|
|
},
|
|
"image": {
|
|
"type": "object",
|
|
"properties": {
|
|
"registry": {
|
|
"type": "string",
|
|
"description": "APISIX Dashboard image registry",
|
|
"default": "docker.io"
|
|
},
|
|
"repository": {
|
|
"type": "string",
|
|
"description": "APISIX Dashboard image repository",
|
|
"default": "bitnami/apisix-dashboard"
|
|
},
|
|
"tag": {
|
|
"type": "string",
|
|
"description": "APISIX Dashboard image tag (immutable tags are recommended)",
|
|
"default": "3.0.1-debian-11-r2"
|
|
},
|
|
"digest": {
|
|
"type": "string",
|
|
"description": "APISIX Dashboard image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag image tag (immutable tags are recommended)",
|
|
"default": ""
|
|
},
|
|
"pullPolicy": {
|
|
"type": "string",
|
|
"description": "APISIX Dashboard image pull policy",
|
|
"default": "IfNotPresent"
|
|
},
|
|
"pullSecrets": {
|
|
"type": "array",
|
|
"description": "APISIX Dashboard image pull secrets",
|
|
"default": [],
|
|
"items": {}
|
|
},
|
|
"debug": {
|
|
"type": "boolean",
|
|
"description": "Enable APISIX Dashboard image debug mode",
|
|
"default": false
|
|
}
|
|
}
|
|
},
|
|
"username": {
|
|
"type": "string",
|
|
"description": "APISIX Dashboard username",
|
|
"default": "user"
|
|
},
|
|
"password": {
|
|
"type": "string",
|
|
"description": "APISIX Dashboard password",
|
|
"default": ""
|
|
},
|
|
"existingSecret": {
|
|
"type": "string",
|
|
"description": "Name of a existing secret containing the password for APISIX Dashboard",
|
|
"default": ""
|
|
},
|
|
"existingSecretPasswordKey": {
|
|
"type": "string",
|
|
"description": "Key inside the secret containing the password for APISIX Dashboard",
|
|
"default": ""
|
|
},
|
|
"defaultConfig": {
|
|
"type": "string",
|
|
"description": "APISIX Dashboard configuration (evaluated as a template)",
|
|
"default": "conf:\n listen:\n host: 0.0.0.0\n port: {{ .Values.dashboard.containerPorts.http }}\n {{- if .Values.dashboard.tls.enabled }}\n ssl:\n host: 0.0.0.0\n port: {{ .Values.dashboard.containerPorts.https }}\n cert: /bitnami/certs/{{ .Values.dashboard.tls.certFilename }}\n key: /bitnami/certs/{{ .Values.dashboard.tls.certKeyFilename }}\n {{- end }}\n etcd:\n prefix: \"/apisix\"\n endpoints:\n {{- if .Values.etcd.enabled }}\n {{- $replicas := $.Values.etcd.replicaCount | int }}\n {{- range $i, $_e := until $replicas }}\n - {{ printf \"%s://%s-%d.%s:%v\" (ternary \"https\" \"http\" $.Values.etcd.auth.client.secureTransport) (include \"apisix.etcd.fullname\" $ ) $i (include \"apisix.etcd.headlessServiceName\" $) ( include \"apisix.etcd.port\" $ ) }} {{- end }}\n {{- else }}\n {{- range $node :=.Values.externalEtcd.servers }}\n - {{ printf \"%s:%v\" $node (include \"apisix.etcd.port\" $) }}\n {{- end }}\n {{- end }}\n {{- if (include \"apisix.etcd.authEnabled\" .) }}\n username: \"{{ print \"{{ APISIX_ETCD_USER }}\" }}\"\n password: \"{{ print \"{{ APISIX_ETCD_PASSWORD }}\" }}\"\n {{- end }}\n log:\n error_log:\n level: warn\n file_path: /dev/stderr\n access_log:\n file_path: /dev/stdout\nauthentication:\n secret: secret\n expire_time: 3600\n users:\n - username: \"{{ print \"{{ APISIX_DASHBOARD_USER }}\" }}\"\n password: \"{{ print \"{{ APISIX_DASHBOARD_PASSWORD }}\" }}\"\n"
|
|
},
|
|
"extraConfig": {
|
|
"type": "object",
|
|
"description": "extra configuration settings for APISIX Dashboard",
|
|
"default": {}
|
|
},
|
|
"existingConfigMap": {
|
|
"type": "string",
|
|
"description": "name of a ConfigMap with existing configuration for the Dashboard",
|
|
"default": ""
|
|
},
|
|
"extraConfigExistingConfigMap": {
|
|
"type": "string",
|
|
"description": "name of a ConfigMap with existing configuration for the Dashboard",
|
|
"default": ""
|
|
},
|
|
"tls": {
|
|
"type": "object",
|
|
"properties": {
|
|
"enabled": {
|
|
"type": "boolean",
|
|
"description": "Enable TLS transport in Dashboard",
|
|
"default": true
|
|
},
|
|
"autoGenerated": {
|
|
"type": "boolean",
|
|
"description": "Auto-generate self-signed certificates",
|
|
"default": true
|
|
},
|
|
"existingSecret": {
|
|
"type": "string",
|
|
"description": "Name of a secret containing the certificates",
|
|
"default": ""
|
|
},
|
|
"certFilename": {
|
|
"type": "string",
|
|
"description": "Path of the certificate file when mounted as a secret",
|
|
"default": "tls.crt"
|
|
},
|
|
"certKeyFilename": {
|
|
"type": "string",
|
|
"description": "Path of the certificate key file when mounted as a secret",
|
|
"default": "tls.key"
|
|
},
|
|
"certCAFilename": {
|
|
"type": "string",
|
|
"description": "Path of the certificate CA file when mounted as a secret",
|
|
"default": "ca.crt"
|
|
},
|
|
"cert": {
|
|
"type": "string",
|
|
"description": "Content of the certificate to be added to the secret",
|
|
"default": ""
|
|
},
|
|
"key": {
|
|
"type": "string",
|
|
"description": "Content of the certificate key to be added to the secret",
|
|
"default": ""
|
|
},
|
|
"ca": {
|
|
"type": "string",
|
|
"description": "Content of the certificate CA to be added to the secret",
|
|
"default": ""
|
|
}
|
|
}
|
|
},
|
|
"hostAliases": {
|
|
"type": "array",
|
|
"description": "APISIX Dashboard pods host aliases",
|
|
"default": [],
|
|
"items": {}
|
|
},
|
|
"podLabels": {
|
|
"type": "object",
|
|
"description": "Extra labels for APISIX Dashboard pods",
|
|
"default": {}
|
|
},
|
|
"podAnnotations": {
|
|
"type": "object",
|
|
"description": "Annotations for APISIX Dashboard pods",
|
|
"default": {}
|
|
},
|
|
"podAffinityPreset": {
|
|
"type": "string",
|
|
"description": "Pod affinity preset. Ignored if `dashboard.affinity` is set. Allowed values: `soft` or `hard`",
|
|
"default": ""
|
|
},
|
|
"podAntiAffinityPreset": {
|
|
"type": "string",
|
|
"description": "Pod anti-affinity preset. Ignored if `dashboard.affinity` is set. Allowed values: `soft` or `hard`",
|
|
"default": "soft"
|
|
},
|
|
"nodeAffinityPreset": {
|
|
"type": "object",
|
|
"properties": {
|
|
"type": {
|
|
"type": "string",
|
|
"description": "Node affinity preset type. Ignored if `dashboard.affinity` is set. Allowed values: `soft` or `hard`",
|
|
"default": ""
|
|
},
|
|
"key": {
|
|
"type": "string",
|
|
"description": "Node label key to match. Ignored if `dashboard.affinity` is set",
|
|
"default": ""
|
|
},
|
|
"values": {
|
|
"type": "array",
|
|
"description": "Node label values to match. Ignored if `dashboard.affinity` is set",
|
|
"default": [],
|
|
"items": {}
|
|
}
|
|
}
|
|
},
|
|
"affinity": {
|
|
"type": "object",
|
|
"description": "Affinity for APISIX Dashboard pods assignment",
|
|
"default": {}
|
|
},
|
|
"nodeSelector": {
|
|
"type": "object",
|
|
"description": "Node labels for APISIX Dashboard pods assignment",
|
|
"default": {}
|
|
},
|
|
"tolerations": {
|
|
"type": "array",
|
|
"description": "Tolerations for APISIX Dashboard pods assignment",
|
|
"default": [],
|
|
"items": {}
|
|
},
|
|
"updateStrategy": {
|
|
"type": "object",
|
|
"properties": {
|
|
"type": {
|
|
"type": "string",
|
|
"description": "APISIX Dashboard statefulset strategy type",
|
|
"default": "RollingUpdate"
|
|
}
|
|
}
|
|
},
|
|
"priorityClassName": {
|
|
"type": "string",
|
|
"description": "APISIX Dashboard pods' priorityClassName",
|
|
"default": ""
|
|
},
|
|
"topologySpreadConstraints": {
|
|
"type": "array",
|
|
"description": "Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template",
|
|
"default": [],
|
|
"items": {}
|
|
},
|
|
"schedulerName": {
|
|
"type": "string",
|
|
"description": "Name of the k8s scheduler (other than default) for APISIX Dashboard pods",
|
|
"default": ""
|
|
},
|
|
"terminationGracePeriodSeconds": {
|
|
"type": "string",
|
|
"description": "Seconds Redmine pod needs to terminate gracefully",
|
|
"default": ""
|
|
},
|
|
"extraVolumes": {
|
|
"type": "array",
|
|
"description": "Optionally specify extra list of additional volumes for the APISIX Dashboard pod(s)",
|
|
"default": [],
|
|
"items": {}
|
|
},
|
|
"sidecars": {
|
|
"type": "array",
|
|
"description": "Add additional sidecar containers to the APISIX Dashboard pod(s)",
|
|
"default": [],
|
|
"items": {}
|
|
},
|
|
"initContainers": {
|
|
"type": "array",
|
|
"description": "Add additional init containers to the APISIX Dashboard pod(s)",
|
|
"default": [],
|
|
"items": {}
|
|
},
|
|
"podSecurityContext": {
|
|
"type": "object",
|
|
"properties": {
|
|
"enabled": {
|
|
"type": "boolean",
|
|
"description": "Enabled Dashboard pods' Security Context",
|
|
"default": true
|
|
},
|
|
"fsGroup": {
|
|
"type": "number",
|
|
"description": "Set Dashboard pod's Security Context fsGroup",
|
|
"default": 1001
|
|
},
|
|
"seccompProfile": {
|
|
"type": "object",
|
|
"properties": {
|
|
"type": {
|
|
"type": "string",
|
|
"description": "Set Dashboard pod's Security Context seccomp profile",
|
|
"default": "RuntimeDefault"
|
|
}
|
|
}
|
|
}
|
|
}
|
|
},
|
|
"containerPorts": {
|
|
"type": "object",
|
|
"properties": {
|
|
"http": {
|
|
"type": "number",
|
|
"description": "Dashboard http container port",
|
|
"default": 8080
|
|
},
|
|
"https": {
|
|
"type": "number",
|
|
"description": "Dashboard https container port",
|
|
"default": 8443
|
|
}
|
|
}
|
|
},
|
|
"livenessProbe": {
|
|
"type": "object",
|
|
"properties": {
|
|
"enabled": {
|
|
"type": "boolean",
|
|
"description": "Enable livenessProbe on Dashboard container",
|
|
"default": true
|
|
},
|
|
"initialDelaySeconds": {
|
|
"type": "number",
|
|
"description": "Initial delay seconds for livenessProbe",
|
|
"default": 5
|
|
},
|
|
"periodSeconds": {
|
|
"type": "number",
|
|
"description": "Period seconds for livenessProbe",
|
|
"default": 10
|
|
},
|
|
"timeoutSeconds": {
|
|
"type": "number",
|
|
"description": "Timeout seconds for livenessProbe",
|
|
"default": 5
|
|
},
|
|
"failureThreshold": {
|
|
"type": "number",
|
|
"description": "Failure threshold for livenessProbe",
|
|
"default": 5
|
|
},
|
|
"successThreshold": {
|
|
"type": "number",
|
|
"description": "Success threshold for livenessProbe",
|
|
"default": 1
|
|
}
|
|
}
|
|
},
|
|
"readinessProbe": {
|
|
"type": "object",
|
|
"properties": {
|
|
"enabled": {
|
|
"type": "boolean",
|
|
"description": "Enable readinessProbe on Dashboard container",
|
|
"default": true
|
|
},
|
|
"initialDelaySeconds": {
|
|
"type": "number",
|
|
"description": "Initial delay seconds for readinessProbe",
|
|
"default": 5
|
|
},
|
|
"periodSeconds": {
|
|
"type": "number",
|
|
"description": "Period seconds for readinessProbe",
|
|
"default": 10
|
|
},
|
|
"timeoutSeconds": {
|
|
"type": "number",
|
|
"description": "Timeout seconds for readinessProbe",
|
|
"default": 5
|
|
},
|
|
"failureThreshold": {
|
|
"type": "number",
|
|
"description": "Failure threshold for readinessProbe",
|
|
"default": 5
|
|
},
|
|
"successThreshold": {
|
|
"type": "number",
|
|
"description": "Success threshold for readinessProbe",
|
|
"default": 1
|
|
}
|
|
}
|
|
},
|
|
"startupProbe": {
|
|
"type": "object",
|
|
"properties": {
|
|
"enabled": {
|
|
"type": "boolean",
|
|
"description": "Enable startupProbe on Dashboard container",
|
|
"default": false
|
|
},
|
|
"initialDelaySeconds": {
|
|
"type": "number",
|
|
"description": "Initial delay seconds for startupProbe",
|
|
"default": 5
|
|
},
|
|
"periodSeconds": {
|
|
"type": "number",
|
|
"description": "Period seconds for startupProbe",
|
|
"default": 10
|
|
},
|
|
"timeoutSeconds": {
|
|
"type": "number",
|
|
"description": "Timeout seconds for startupProbe",
|
|
"default": 5
|
|
},
|
|
"failureThreshold": {
|
|
"type": "number",
|
|
"description": "Failure threshold for startupProbe",
|
|
"default": 5
|
|
},
|
|
"successThreshold": {
|
|
"type": "number",
|
|
"description": "Success threshold for startupProbe",
|
|
"default": 1
|
|
}
|
|
}
|
|
},
|
|
"customLivenessProbe": {
|
|
"type": "object",
|
|
"description": "Custom livenessProbe that overrides the default one",
|
|
"default": {}
|
|
},
|
|
"customReadinessProbe": {
|
|
"type": "object",
|
|
"description": "Custom readinessProbe that overrides the default one",
|
|
"default": {}
|
|
},
|
|
"customStartupProbe": {
|
|
"type": "object",
|
|
"description": "Custom startupProbe that overrides the default one",
|
|
"default": {}
|
|
},
|
|
"resources": {
|
|
"type": "object",
|
|
"properties": {
|
|
"limits": {
|
|
"type": "object",
|
|
"description": "The resources limits for the Dashboard container",
|
|
"default": {}
|
|
},
|
|
"requests": {
|
|
"type": "object",
|
|
"description": "The requested resources for the Dashboard container",
|
|
"default": {}
|
|
}
|
|
}
|
|
},
|
|
"containerSecurityContext": {
|
|
"type": "object",
|
|
"properties": {
|
|
"enabled": {
|
|
"type": "boolean",
|
|
"description": "Enabled Dashboard container' Security Context",
|
|
"default": true
|
|
},
|
|
"runAsUser": {
|
|
"type": "number",
|
|
"description": "Set Dashboard container' Security Context runAsUser",
|
|
"default": 1001
|
|
},
|
|
"runAsNonRoot": {
|
|
"type": "boolean",
|
|
"description": "Set Dashboard container' Security Context runAsNonRoot",
|
|
"default": true
|
|
},
|
|
"readOnlyRootFilesystem": {
|
|
"type": "boolean",
|
|
"description": "Set Dashboard container' Security Context runAsNonRoot",
|
|
"default": true
|
|
},
|
|
"allowPrivilegeEscalation": {
|
|
"type": "boolean",
|
|
"description": "Set Dashboard container's privilege escalation",
|
|
"default": false
|
|
},
|
|
"capabilities": {
|
|
"type": "object",
|
|
"properties": {
|
|
"drop": {
|
|
"type": "array",
|
|
"description": "Set Dashboard container's Security Context runAsNonRoot",
|
|
"default": [
|
|
"ALL"
|
|
],
|
|
"items": {
|
|
"type": "string"
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
},
|
|
"command": {
|
|
"type": "array",
|
|
"description": "Override default container command (useful when using custom images)",
|
|
"default": [],
|
|
"items": {}
|
|
},
|
|
"args": {
|
|
"type": "array",
|
|
"description": "Override default container args (useful when using custom images)",
|
|
"default": [],
|
|
"items": {}
|
|
},
|
|
"lifecycleHooks": {
|
|
"type": "object",
|
|
"description": "for the Dashboard container(s) to automate configuration before or after startup",
|
|
"default": {}
|
|
},
|
|
"extraEnvVars": {
|
|
"type": "array",
|
|
"description": "Array with extra environment variables to add to Dashboard nodes",
|
|
"default": [],
|
|
"items": {}
|
|
},
|
|
"extraEnvVarsCM": {
|
|
"type": "string",
|
|
"description": "Name of existing ConfigMap containing extra env vars for Dashboard nodes",
|
|
"default": ""
|
|
},
|
|
"extraEnvVarsSecret": {
|
|
"type": "string",
|
|
"description": "Name of existing Secret containing extra env vars for Dashboard nodes",
|
|
"default": ""
|
|
},
|
|
"extraVolumeMounts": {
|
|
"type": "array",
|
|
"description": "Optionally specify extra list of additional volumeMounts for the APISIX Dashboard container",
|
|
"default": [],
|
|
"items": {}
|
|
},
|
|
"service": {
|
|
"type": "object",
|
|
"properties": {
|
|
"type": {
|
|
"type": "string",
|
|
"description": "APISIX Dashboard service type",
|
|
"default": "LoadBalancer"
|
|
},
|
|
"ports": {
|
|
"type": "object",
|
|
"properties": {
|
|
"http": {
|
|
"type": "number",
|
|
"description": "APISIX Dashboard service HTTP",
|
|
"default": 80
|
|
},
|
|
"https": {
|
|
"type": "number",
|
|
"description": "APISIX Dashboard service HTTPS",
|
|
"default": 443
|
|
}
|
|
}
|
|
},
|
|
"nodePorts": {
|
|
"type": "object",
|
|
"properties": {
|
|
"http": {
|
|
"type": "string",
|
|
"description": "Node port for HTTP",
|
|
"default": ""
|
|
},
|
|
"https": {
|
|
"type": "string",
|
|
"description": "Node port for HTTPS",
|
|
"default": ""
|
|
}
|
|
}
|
|
},
|
|
"clusterIP": {
|
|
"type": "string",
|
|
"description": "APISIX Dashboard service Cluster IP",
|
|
"default": ""
|
|
},
|
|
"loadBalancerIP": {
|
|
"type": "string",
|
|
"description": "APISIX Dashboard service Load Balancer IP",
|
|
"default": ""
|
|
},
|
|
"loadBalancerSourceRanges": {
|
|
"type": "array",
|
|
"description": "APISIX Dashboard service Load Balancer sources",
|
|
"default": [],
|
|
"items": {}
|
|
},
|
|
"externalTrafficPolicy": {
|
|
"type": "string",
|
|
"description": "APISIX Dashboard service external traffic policy",
|
|
"default": "Cluster"
|
|
},
|
|
"annotations": {
|
|
"type": "object",
|
|
"description": "Additional custom annotations for APISIX Dashboard service",
|
|
"default": {}
|
|
},
|
|
"extraPorts": {
|
|
"type": "array",
|
|
"description": "Extra ports to expose in APISIX Dashboard service (normally used with the `sidecars` value)",
|
|
"default": [],
|
|
"items": {}
|
|
},
|
|
"sessionAffinity": {
|
|
"type": "string",
|
|
"description": "Control where web requests go, to the same pod or round-robin",
|
|
"default": "None"
|
|
},
|
|
"sessionAffinityConfig": {
|
|
"type": "object",
|
|
"description": "Additional settings for the sessionAffinity",
|
|
"default": {}
|
|
}
|
|
}
|
|
},
|
|
"ingress": {
|
|
"type": "object",
|
|
"properties": {
|
|
"enabled": {
|
|
"type": "boolean",
|
|
"description": "Enable ingress record generation for Apisix",
|
|
"default": false
|
|
},
|
|
"pathType": {
|
|
"type": "string",
|
|
"description": "Ingress path type",
|
|
"default": "ImplementationSpecific"
|
|
},
|
|
"apiVersion": {
|
|
"type": "string",
|
|
"description": "Force Ingress API version (automatically detected if not set)",
|
|
"default": ""
|
|
},
|
|
"hostname": {
|
|
"type": "string",
|
|
"description": "Default host for the ingress record",
|
|
"default": "apisix-dashboard.local"
|
|
},
|
|
"ingressClassName": {
|
|
"type": "string",
|
|
"description": "IngressClass that will be be used to implement the Ingress (Kubernetes 1.18+)",
|
|
"default": ""
|
|
},
|
|
"path": {
|
|
"type": "string",
|
|
"description": "Default path for the ingress record",
|
|
"default": "/"
|
|
},
|
|
"annotations": {
|
|
"type": "object",
|
|
"description": "Additional annotations for the Ingress resource. To enable certificate autogeneration, place here your cert-manager annotations.",
|
|
"default": {}
|
|
},
|
|
"tls": {
|
|
"type": "boolean",
|
|
"description": "Enable TLS configuration for the host defined at `dashboard.ingress.hostname` parameter",
|
|
"default": false
|
|
},
|
|
"selfSigned": {
|
|
"type": "boolean",
|
|
"description": "Create a TLS secret for this ingress record using self-signed certificates generated by Helm",
|
|
"default": false
|
|
},
|
|
"extraHosts": {
|
|
"type": "array",
|
|
"description": "An array with additional hostname(s) to be covered with the ingress record",
|
|
"default": [],
|
|
"items": {}
|
|
},
|
|
"extraPaths": {
|
|
"type": "array",
|
|
"description": "An array with additional arbitrary paths that may need to be added to the ingress under the main host",
|
|
"default": [],
|
|
"items": {}
|
|
},
|
|
"extraTls": {
|
|
"type": "array",
|
|
"description": "TLS configuration for additional hostname(s) to be covered with this ingress record",
|
|
"default": [],
|
|
"items": {}
|
|
},
|
|
"secrets": {
|
|
"type": "array",
|
|
"description": "Custom TLS certificates as secrets",
|
|
"default": [],
|
|
"items": {}
|
|
},
|
|
"extraRules": {
|
|
"type": "array",
|
|
"description": "Additional rules to be covered with this ingress record",
|
|
"default": [],
|
|
"items": {}
|
|
}
|
|
}
|
|
},
|
|
"autoscaling": {
|
|
"type": "object",
|
|
"properties": {
|
|
"vpa": {
|
|
"type": "object",
|
|
"properties": {
|
|
"enabled": {
|
|
"type": "boolean",
|
|
"description": "Enable VPA",
|
|
"default": false
|
|
},
|
|
"annotations": {
|
|
"type": "object",
|
|
"description": "Annotations for VPA resource",
|
|
"default": {}
|
|
},
|
|
"controlledResources": {
|
|
"type": "array",
|
|
"description": "VPA List of resources that the vertical pod autoscaler can control. Defaults to cpu and memory",
|
|
"default": [],
|
|
"items": {}
|
|
},
|
|
"maxAllowed": {
|
|
"type": "object",
|
|
"description": "VPA Max allowed resources for the pod",
|
|
"default": {}
|
|
},
|
|
"minAllowed": {
|
|
"type": "object",
|
|
"description": "VPA Min allowed resources for the pod",
|
|
"default": {}
|
|
},
|
|
"updatePolicy": {
|
|
"type": "object",
|
|
"properties": {
|
|
"updateMode": {
|
|
"type": "string",
|
|
"description": "Autoscaling update policy Specifies whether recommended updates are applied when a Pod is started and whether recommended updates are applied during the life of a Pod",
|
|
"default": "Auto"
|
|
}
|
|
}
|
|
}
|
|
}
|
|
},
|
|
"hpa": {
|
|
"type": "object",
|
|
"properties": {
|
|
"enabled": {
|
|
"type": "boolean",
|
|
"description": "Enable HPA for APISIX Dashboard",
|
|
"default": false
|
|
},
|
|
"minReplicas": {
|
|
"type": "string",
|
|
"description": "Minimum number of APISIX Dashboard replicas",
|
|
"default": ""
|
|
},
|
|
"maxReplicas": {
|
|
"type": "string",
|
|
"description": "Maximum number of APISIX Dashboard replicas",
|
|
"default": ""
|
|
},
|
|
"targetCPU": {
|
|
"type": "string",
|
|
"description": "Target CPU utilization percentage",
|
|
"default": ""
|
|
},
|
|
"targetMemory": {
|
|
"type": "string",
|
|
"description": "Target Memory utilization percentage",
|
|
"default": ""
|
|
}
|
|
}
|
|
}
|
|
}
|
|
},
|
|
"serviceAccount": {
|
|
"type": "object",
|
|
"properties": {
|
|
"create": {
|
|
"type": "boolean",
|
|
"description": "Specifies whether a ServiceAccount should be created",
|
|
"default": true
|
|
},
|
|
"name": {
|
|
"type": "string",
|
|
"description": "The name of the ServiceAccount to use.",
|
|
"default": ""
|
|
},
|
|
"annotations": {
|
|
"type": "object",
|
|
"description": "Additional Service Account annotations (evaluated as a template)",
|
|
"default": {}
|
|
},
|
|
"automountServiceAccountToken": {
|
|
"type": "boolean",
|
|
"description": "Automount service account token for the server service account",
|
|
"default": true
|
|
}
|
|
}
|
|
}
|
|
}
|
|
},
|
|
"ingressController": {
|
|
"type": "object",
|
|
"properties": {
|
|
"enabled": {
|
|
"type": "boolean",
|
|
"description": "Enable APISIX Ingress Controller",
|
|
"default": true
|
|
},
|
|
"image": {
|
|
"type": "object",
|
|
"properties": {
|
|
"registry": {
|
|
"type": "string",
|
|
"description": "APISIX Ingress Controller image registry",
|
|
"default": "docker.io"
|
|
},
|
|
"repository": {
|
|
"type": "string",
|
|
"description": "APISIX Ingress Controller image repository",
|
|
"default": "bitnami/apisix-ingress-controller"
|
|
},
|
|
"tag": {
|
|
"type": "string",
|
|
"description": "APISIX Ingress Controller image tag (immutable tags are recommended)",
|
|
"default": "1.6.1-debian-11-r3"
|
|
},
|
|
"digest": {
|
|
"type": "string",
|
|
"description": "APISIX Ingress Controller image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag image tag (immutable tags are recommended)",
|
|
"default": ""
|
|
},
|
|
"pullPolicy": {
|
|
"type": "string",
|
|
"description": "APISIX Ingress Controller image pull policy",
|
|
"default": "IfNotPresent"
|
|
},
|
|
"pullSecrets": {
|
|
"type": "array",
|
|
"description": "APISIX Ingress Controller image pull secrets",
|
|
"default": [],
|
|
"items": {}
|
|
},
|
|
"debug": {
|
|
"type": "boolean",
|
|
"description": "Enable APISIX Ingress Controller image debug mode",
|
|
"default": false
|
|
}
|
|
}
|
|
},
|
|
"replicaCount": {
|
|
"type": "number",
|
|
"description": "Number of APISIX Ingress Controller replicas to deploy",
|
|
"default": 1
|
|
},
|
|
"containerPorts": {
|
|
"type": "object",
|
|
"properties": {
|
|
"http": {
|
|
"type": "number",
|
|
"description": "APISIX Ingress Controller http container port",
|
|
"default": 8080
|
|
},
|
|
"https": {
|
|
"type": "number",
|
|
"description": "APISIX Ingress Controller https container port",
|
|
"default": 8443
|
|
}
|
|
}
|
|
},
|
|
"livenessProbe": {
|
|
"type": "object",
|
|
"properties": {
|
|
"enabled": {
|
|
"type": "boolean",
|
|
"description": "Enable livenessProbe on APISIX Ingress Controller containers",
|
|
"default": true
|
|
},
|
|
"initialDelaySeconds": {
|
|
"type": "number",
|
|
"description": "Initial delay seconds for livenessProbe",
|
|
"default": 5
|
|
},
|
|
"periodSeconds": {
|
|
"type": "number",
|
|
"description": "Period seconds for livenessProbe",
|
|
"default": 10
|
|
},
|
|
"timeoutSeconds": {
|
|
"type": "number",
|
|
"description": "Timeout seconds for livenessProbe",
|
|
"default": 5
|
|
},
|
|
"failureThreshold": {
|
|
"type": "number",
|
|
"description": "Failure threshold for livenessProbe",
|
|
"default": 5
|
|
},
|
|
"successThreshold": {
|
|
"type": "number",
|
|
"description": "Success threshold for livenessProbe",
|
|
"default": 1
|
|
}
|
|
}
|
|
},
|
|
"readinessProbe": {
|
|
"type": "object",
|
|
"properties": {
|
|
"enabled": {
|
|
"type": "boolean",
|
|
"description": "Enable readinessProbe on APISIX Ingress Controller containers",
|
|
"default": true
|
|
},
|
|
"initialDelaySeconds": {
|
|
"type": "number",
|
|
"description": "Initial delay seconds for readinessProbe",
|
|
"default": 5
|
|
},
|
|
"periodSeconds": {
|
|
"type": "number",
|
|
"description": "Period seconds for readinessProbe",
|
|
"default": 10
|
|
},
|
|
"timeoutSeconds": {
|
|
"type": "number",
|
|
"description": "Timeout seconds for readinessProbe",
|
|
"default": 5
|
|
},
|
|
"failureThreshold": {
|
|
"type": "number",
|
|
"description": "Failure threshold for readinessProbe",
|
|
"default": 5
|
|
},
|
|
"successThreshold": {
|
|
"type": "number",
|
|
"description": "Success threshold for readinessProbe",
|
|
"default": 1
|
|
}
|
|
}
|
|
},
|
|
"startupProbe": {
|
|
"type": "object",
|
|
"properties": {
|
|
"enabled": {
|
|
"type": "boolean",
|
|
"description": "Enable startupProbe on APISIX Ingress Controller containers",
|
|
"default": false
|
|
},
|
|
"initialDelaySeconds": {
|
|
"type": "number",
|
|
"description": "Initial delay seconds for startupProbe",
|
|
"default": 5
|
|
},
|
|
"periodSeconds": {
|
|
"type": "number",
|
|
"description": "Period seconds for startupProbe",
|
|
"default": 10
|
|
},
|
|
"timeoutSeconds": {
|
|
"type": "number",
|
|
"description": "Timeout seconds for startupProbe",
|
|
"default": 5
|
|
},
|
|
"failureThreshold": {
|
|
"type": "number",
|
|
"description": "Failure threshold for startupProbe",
|
|
"default": 5
|
|
},
|
|
"successThreshold": {
|
|
"type": "number",
|
|
"description": "Success threshold for startupProbe",
|
|
"default": 1
|
|
}
|
|
}
|
|
},
|
|
"customLivenessProbe": {
|
|
"type": "object",
|
|
"description": "Custom livenessProbe that overrides the default one",
|
|
"default": {}
|
|
},
|
|
"customReadinessProbe": {
|
|
"type": "object",
|
|
"description": "Custom readinessProbe that overrides the default one",
|
|
"default": {}
|
|
},
|
|
"customStartupProbe": {
|
|
"type": "object",
|
|
"description": "Custom startupProbe that overrides the default one",
|
|
"default": {}
|
|
},
|
|
"resources": {
|
|
"type": "object",
|
|
"properties": {
|
|
"limits": {
|
|
"type": "object",
|
|
"description": "The resources limits for the APISIX Ingress Controller containers",
|
|
"default": {}
|
|
},
|
|
"requests": {
|
|
"type": "object",
|
|
"description": "The requested resources for the APISIX Ingress Controller containers",
|
|
"default": {}
|
|
}
|
|
}
|
|
},
|
|
"podSecurityContext": {
|
|
"type": "object",
|
|
"properties": {
|
|
"enabled": {
|
|
"type": "boolean",
|
|
"description": "Enabled APISIX Ingress Controller pods' Security Context",
|
|
"default": true
|
|
},
|
|
"fsGroup": {
|
|
"type": "number",
|
|
"description": "Set APISIX Ingress Controller pod's Security Context fsGroup",
|
|
"default": 1001
|
|
},
|
|
"seccompProfile": {
|
|
"type": "object",
|
|
"properties": {
|
|
"type": {
|
|
"type": "string",
|
|
"description": "Set APISIX Ingress Controller container's Security Context seccomp profile",
|
|
"default": "RuntimeDefault"
|
|
}
|
|
}
|
|
}
|
|
}
|
|
},
|
|
"containerSecurityContext": {
|
|
"type": "object",
|
|
"properties": {
|
|
"enabled": {
|
|
"type": "boolean",
|
|
"description": "Enabled APISIX Ingress Controller containers' Security Context",
|
|
"default": true
|
|
},
|
|
"runAsUser": {
|
|
"type": "number",
|
|
"description": "Set APISIX Ingress Controller containers' Security Context runAsUser",
|
|
"default": 1001
|
|
},
|
|
"runAsNonRoot": {
|
|
"type": "boolean",
|
|
"description": "Set APISIX Ingress Controller containers' Security Context runAsNonRoot",
|
|
"default": true
|
|
},
|
|
"readOnlyRootFilesystem": {
|
|
"type": "boolean",
|
|
"description": "Set APISIX Ingress Controller containers' Security Context runAsNonRoot",
|
|
"default": true
|
|
},
|
|
"allowPrivilegeEscalation": {
|
|
"type": "boolean",
|
|
"description": "Set APISIX Ingress Controller container's privilege escalation",
|
|
"default": false
|
|
},
|
|
"capabilities": {
|
|
"type": "object",
|
|
"properties": {
|
|
"drop": {
|
|
"type": "array",
|
|
"description": "Set APISIX Ingress Controller container's Security Context runAsNonRoot",
|
|
"default": [
|
|
"ALL"
|
|
],
|
|
"items": {
|
|
"type": "string"
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
},
|
|
"command": {
|
|
"type": "array",
|
|
"description": "Override default container command (useful when using custom images)",
|
|
"default": [],
|
|
"items": {}
|
|
},
|
|
"args": {
|
|
"type": "array",
|
|
"description": "Override default container args (useful when using custom images)",
|
|
"default": [],
|
|
"items": {}
|
|
},
|
|
"hostAliases": {
|
|
"type": "array",
|
|
"description": "APISIX Ingress Controller pods host aliases",
|
|
"default": [],
|
|
"items": {}
|
|
},
|
|
"podLabels": {
|
|
"type": "object",
|
|
"description": "Extra labels for APISIX Ingress Controller pods",
|
|
"default": {}
|
|
},
|
|
"podAnnotations": {
|
|
"type": "object",
|
|
"description": "Annotations for APISIX Ingress Controller pods",
|
|
"default": {}
|
|
},
|
|
"podAffinityPreset": {
|
|
"type": "string",
|
|
"description": "Pod affinity preset. Ignored if `injector.affinity` is set. Allowed values: `soft` or `hard`",
|
|
"default": ""
|
|
},
|
|
"podAntiAffinityPreset": {
|
|
"type": "string",
|
|
"description": "Pod anti-affinity preset. Ignored if `injector.affinity` is set. Allowed values: `soft` or `hard`",
|
|
"default": "soft"
|
|
},
|
|
"pdb": {
|
|
"type": "object",
|
|
"properties": {
|
|
"create": {
|
|
"type": "boolean",
|
|
"description": "Enable/disable a Pod Disruption Budget creation",
|
|
"default": false
|
|
},
|
|
"minAvailable": {
|
|
"type": "number",
|
|
"description": "Minimum number/percentage of pods that should remain scheduled",
|
|
"default": 1
|
|
},
|
|
"maxUnavailable": {
|
|
"type": "string",
|
|
"description": "Maximum number/percentage of pods that may be made unavailable",
|
|
"default": ""
|
|
}
|
|
}
|
|
},
|
|
"nodeAffinityPreset": {
|
|
"type": "object",
|
|
"properties": {
|
|
"type": {
|
|
"type": "string",
|
|
"description": "Node affinity preset type. Ignored if `injector.affinity` is set. Allowed values: `soft` or `hard`",
|
|
"default": ""
|
|
},
|
|
"key": {
|
|
"type": "string",
|
|
"description": "Node label key to match. Ignored if `injector.affinity` is set",
|
|
"default": ""
|
|
},
|
|
"values": {
|
|
"type": "array",
|
|
"description": "Node label values to match. Ignored if `injector.affinity` is set",
|
|
"default": [],
|
|
"items": {}
|
|
}
|
|
}
|
|
},
|
|
"affinity": {
|
|
"type": "object",
|
|
"description": "Affinity for APISIX Ingress Controller pods assignment",
|
|
"default": {}
|
|
},
|
|
"nodeSelector": {
|
|
"type": "object",
|
|
"description": "Node labels for APISIX Ingress Controller pods assignment",
|
|
"default": {}
|
|
},
|
|
"tolerations": {
|
|
"type": "array",
|
|
"description": "Tolerations for APISIX Ingress Controller pods assignment",
|
|
"default": [],
|
|
"items": {}
|
|
},
|
|
"updateStrategy": {
|
|
"type": "object",
|
|
"properties": {
|
|
"type": {
|
|
"type": "string",
|
|
"description": "APISIX Ingress Controller statefulset strategy type",
|
|
"default": "RollingUpdate"
|
|
}
|
|
}
|
|
},
|
|
"priorityClassName": {
|
|
"type": "string",
|
|
"description": "APISIX Ingress Controller pods' priorityClassName",
|
|
"default": ""
|
|
},
|
|
"topologySpreadConstraints": {
|
|
"type": "array",
|
|
"description": "Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template",
|
|
"default": [],
|
|
"items": {}
|
|
},
|
|
"schedulerName": {
|
|
"type": "string",
|
|
"description": "Name of the k8s scheduler (other than default) for APISIX Ingress Controller pods",
|
|
"default": ""
|
|
},
|
|
"terminationGracePeriodSeconds": {
|
|
"type": "string",
|
|
"description": "Seconds Redmine pod needs to terminate gracefully",
|
|
"default": ""
|
|
},
|
|
"lifecycleHooks": {
|
|
"type": "object",
|
|
"description": "for the APISIX Ingress Controller container(s) to automate configuration before or after startup",
|
|
"default": {}
|
|
},
|
|
"extraEnvVars": {
|
|
"type": "array",
|
|
"description": "Array with extra environment variables to add to APISIX Ingress Controller nodes",
|
|
"default": [],
|
|
"items": {}
|
|
},
|
|
"extraEnvVarsCM": {
|
|
"type": "string",
|
|
"description": "Name of existing ConfigMap containing extra env vars for APISIX Ingress Controller nodes",
|
|
"default": ""
|
|
},
|
|
"extraEnvVarsSecret": {
|
|
"type": "string",
|
|
"description": "Name of existing Secret containing extra env vars for APISIX Ingress Controller nodes",
|
|
"default": ""
|
|
},
|
|
"extraVolumes": {
|
|
"type": "array",
|
|
"description": "Optionally specify extra list of additional volumes for the APISIX Ingress Controller pod(s)",
|
|
"default": [],
|
|
"items": {}
|
|
},
|
|
"extraVolumeMounts": {
|
|
"type": "array",
|
|
"description": "Optionally specify extra list of additional volumeMounts for the APISIX Ingress Controller container(s)",
|
|
"default": [],
|
|
"items": {}
|
|
},
|
|
"sidecars": {
|
|
"type": "array",
|
|
"description": "Add additional sidecar containers to the APISIX Ingress Controller pod(s)",
|
|
"default": [],
|
|
"items": {}
|
|
},
|
|
"initContainers": {
|
|
"type": "array",
|
|
"description": "Add additional init containers to the APISIX Ingress Controller pod(s)",
|
|
"default": [],
|
|
"items": {}
|
|
},
|
|
"defaultConfig": {
|
|
"type": "string",
|
|
"description": "APISIX Dashboard configuration (evaluated as a template)",
|
|
"default": "# log options\nlog_level: \"info\"\nlog_output: \"stderr\"\n{{- if .Values.ingressController.tls.enabled }}\nhttps_listen: \":{{ .Values.ingressController.containerPorts.https }}\"\ncert_file: \"/bitnami/certs/{{ .Values.ingressController.tls.certFilename }}\"\nkey_file: \"/bitnami/certs/{{ .Values.ingressController.tls.certKeyFilename }}\"\n{{- end }}\nhttp_listen: \":{{ .Values.ingressController.containerPorts.http }}\"\ningress_publish_service: \"{{ include \"common.names.namespace\" . }}/{{ ternary (include \"apisix.data-plane.fullname\" .) (include \"apisix.control-plane.fullname\" .) .Values.dataPlane.enabled }}\"\nenable_profiling: true\napisix-resource-sync-interval: 1h\nkubernetes:\n kubeconfig: \"\"\n resync_interval: \"6h\"\n election_id: \"{{ include \"apisix.ingress-controller.fullname\" . }}-leader\"\n ingress_class: \"apisix\"\n ingress_version: \"networking/v1\"\n watch_endpointslices: false\n apisix_route_version: \"apisix.apache.org/v2\"\n enable_gateway_api: false\n apisix_version: \"apisix.apache.org/v2\"\n plugin_metadata_cm: \"\"\napisix:\n admin_api_version: \"v3\"\n default_cluster_base_url: {{ ternary \"https\" \"http\" .Values.controlPlane.tls.enabled }}://{{ include \"apisix.control-plane.fullname\" . }}:{{ .Values.controlPlane.service.ports.adminAPI }}/apisix/admin\n default_cluster_admin_key: \"{{ print \"{{APISIX_ADMIN_API_TOKEN}}\" }}\"\n default_cluster_name: \"default\"\n"
|
|
},
|
|
"extraConfig": {
|
|
"type": "object",
|
|
"description": "Extra configuration parameters for APISIX Ingress Controller",
|
|
"default": {}
|
|
},
|
|
"existingConfigMap": {
|
|
"type": "string",
|
|
"description": "name of a ConfigMap with existing configuration for the Dashboard",
|
|
"default": ""
|
|
},
|
|
"extraConfigExistingConfigMap": {
|
|
"type": "string",
|
|
"description": "name of a ConfigMap with existing configuration for the Dashboard",
|
|
"default": ""
|
|
},
|
|
"tls": {
|
|
"type": "object",
|
|
"properties": {
|
|
"enabled": {
|
|
"type": "boolean",
|
|
"description": "Enable TLS transport in Ingress Controller",
|
|
"default": true
|
|
},
|
|
"autoGenerated": {
|
|
"type": "boolean",
|
|
"description": "Auto-generate self-signed certificates",
|
|
"default": true
|
|
},
|
|
"existingSecret": {
|
|
"type": "string",
|
|
"description": "Name of a secret containing the certificates",
|
|
"default": ""
|
|
},
|
|
"certFilename": {
|
|
"type": "string",
|
|
"description": "Path of the certificate file when mounted as a secret",
|
|
"default": "tls.crt"
|
|
},
|
|
"certKeyFilename": {
|
|
"type": "string",
|
|
"description": "Path of the certificate key file when mounted as a secret",
|
|
"default": "tls.key"
|
|
},
|
|
"certCAFilename": {
|
|
"type": "string",
|
|
"description": "Path of the certificate CA file when mounted as a secret",
|
|
"default": "ca.crt"
|
|
},
|
|
"cert": {
|
|
"type": "string",
|
|
"description": "Content of the certificate to be added to the secret",
|
|
"default": ""
|
|
},
|
|
"key": {
|
|
"type": "string",
|
|
"description": "Content of the certificate key to be added to the secret",
|
|
"default": ""
|
|
},
|
|
"ca": {
|
|
"type": "string",
|
|
"description": "Content of the certificate CA to be added to the secret",
|
|
"default": ""
|
|
}
|
|
}
|
|
},
|
|
"service": {
|
|
"type": "object",
|
|
"properties": {
|
|
"type": {
|
|
"type": "string",
|
|
"description": "APISIX Ingress Controller service type",
|
|
"default": "ClusterIP"
|
|
},
|
|
"ports": {
|
|
"type": "object",
|
|
"properties": {
|
|
"http": {
|
|
"type": "number",
|
|
"description": "APISIX Ingress Controller service HTTP port",
|
|
"default": 80
|
|
},
|
|
"https": {
|
|
"type": "number",
|
|
"description": "APISIX Ingress Controller service HTTPS port",
|
|
"default": 443
|
|
}
|
|
}
|
|
},
|
|
"nodePorts": {
|
|
"type": "object",
|
|
"properties": {
|
|
"http": {
|
|
"type": "string",
|
|
"description": "Node port for HTTP",
|
|
"default": ""
|
|
},
|
|
"https": {
|
|
"type": "string",
|
|
"description": "Node port for HTTPS",
|
|
"default": ""
|
|
}
|
|
}
|
|
},
|
|
"clusterIP": {
|
|
"type": "string",
|
|
"description": "APISIX Ingress Controller service Cluster IP",
|
|
"default": ""
|
|
},
|
|
"loadBalancerIP": {
|
|
"type": "string",
|
|
"description": "APISIX Ingress Controller service Load Balancer IP",
|
|
"default": ""
|
|
},
|
|
"loadBalancerSourceRanges": {
|
|
"type": "array",
|
|
"description": "APISIX Ingress Controller service Load Balancer sources",
|
|
"default": [],
|
|
"items": {}
|
|
},
|
|
"externalTrafficPolicy": {
|
|
"type": "string",
|
|
"description": "APISIX Ingress Controller service external traffic policy",
|
|
"default": "Cluster"
|
|
},
|
|
"annotations": {
|
|
"type": "object",
|
|
"description": "Additional custom annotations for APISIX Ingress Controller service",
|
|
"default": {}
|
|
},
|
|
"extraPorts": {
|
|
"type": "array",
|
|
"description": "Extra ports to expose in APISIX Ingress Controller service (normally used with the `sidecars` value)",
|
|
"default": [],
|
|
"items": {}
|
|
},
|
|
"sessionAffinity": {
|
|
"type": "string",
|
|
"description": "Control where web requests go, to the same pod or round-robin",
|
|
"default": "None"
|
|
},
|
|
"sessionAffinityConfig": {
|
|
"type": "object",
|
|
"description": "Additional settings for the sessionAffinity",
|
|
"default": {}
|
|
}
|
|
}
|
|
},
|
|
"ingress": {
|
|
"type": "object",
|
|
"properties": {
|
|
"enabled": {
|
|
"type": "boolean",
|
|
"description": "Enable ingress record generation for Apisix",
|
|
"default": false
|
|
},
|
|
"pathType": {
|
|
"type": "string",
|
|
"description": "Ingress path type",
|
|
"default": "ImplementationSpecific"
|
|
},
|
|
"apiVersion": {
|
|
"type": "string",
|
|
"description": "Force Ingress API version (automatically detected if not set)",
|
|
"default": ""
|
|
},
|
|
"hostname": {
|
|
"type": "string",
|
|
"description": "Default host for the ingress record",
|
|
"default": "apisix-ingress-controller.local"
|
|
},
|
|
"ingressClassName": {
|
|
"type": "string",
|
|
"description": "IngressClass that will be be used to implement the Ingress (Kubernetes 1.18+)",
|
|
"default": ""
|
|
},
|
|
"path": {
|
|
"type": "string",
|
|
"description": "Default path for the ingress record",
|
|
"default": "/"
|
|
},
|
|
"annotations": {
|
|
"type": "object",
|
|
"description": "Additional annotations for the Ingress resource. To enable certificate autogeneration, place here your cert-manager annotations.",
|
|
"default": {}
|
|
},
|
|
"tls": {
|
|
"type": "boolean",
|
|
"description": "Enable TLS configuration for the host defined at `ingressController.ingress.hostname` parameter",
|
|
"default": false
|
|
},
|
|
"selfSigned": {
|
|
"type": "boolean",
|
|
"description": "Create a TLS secret for this ingress record using self-signed certificates generated by Helm",
|
|
"default": false
|
|
},
|
|
"extraHosts": {
|
|
"type": "array",
|
|
"description": "An array with additional hostname(s) to be covered with the ingress record",
|
|
"default": [],
|
|
"items": {}
|
|
},
|
|
"extraPaths": {
|
|
"type": "array",
|
|
"description": "An array with additional arbitrary paths that may need to be added to the ingress under the main host",
|
|
"default": [],
|
|
"items": {}
|
|
},
|
|
"extraTls": {
|
|
"type": "array",
|
|
"description": "TLS configuration for additional hostname(s) to be covered with this ingress record",
|
|
"default": [],
|
|
"items": {}
|
|
},
|
|
"secrets": {
|
|
"type": "array",
|
|
"description": "Custom TLS certificates as secrets",
|
|
"default": [],
|
|
"items": {}
|
|
},
|
|
"extraRules": {
|
|
"type": "array",
|
|
"description": "Additional rules to be covered with this ingress record",
|
|
"default": [],
|
|
"items": {}
|
|
}
|
|
}
|
|
},
|
|
"autoscaling": {
|
|
"type": "object",
|
|
"properties": {
|
|
"vpa": {
|
|
"type": "object",
|
|
"properties": {
|
|
"enabled": {
|
|
"type": "boolean",
|
|
"description": "Enable VPA",
|
|
"default": false
|
|
},
|
|
"annotations": {
|
|
"type": "object",
|
|
"description": "Annotations for VPA resource",
|
|
"default": {}
|
|
},
|
|
"controlledResources": {
|
|
"type": "array",
|
|
"description": "VPA List of resources that the vertical pod autoscaler can control. Defaults to cpu and memory",
|
|
"default": [],
|
|
"items": {}
|
|
},
|
|
"maxAllowed": {
|
|
"type": "object",
|
|
"description": "VPA Max allowed resources for the pod",
|
|
"default": {}
|
|
},
|
|
"minAllowed": {
|
|
"type": "object",
|
|
"description": "VPA Min allowed resources for the pod",
|
|
"default": {}
|
|
},
|
|
"updatePolicy": {
|
|
"type": "object",
|
|
"properties": {
|
|
"updateMode": {
|
|
"type": "string",
|
|
"description": "Autoscaling update policy Specifies whether recommended updates are applied when a Pod is started and whether recommended updates are applied during the life of a Pod",
|
|
"default": "Auto"
|
|
}
|
|
}
|
|
}
|
|
}
|
|
},
|
|
"hpa": {
|
|
"type": "object",
|
|
"properties": {
|
|
"enabled": {
|
|
"type": "boolean",
|
|
"description": "Enable HPA for APISIX Ingress Controller",
|
|
"default": false
|
|
},
|
|
"minReplicas": {
|
|
"type": "string",
|
|
"description": "Minimum number of APISIX Ingress Controller replicas",
|
|
"default": ""
|
|
},
|
|
"maxReplicas": {
|
|
"type": "string",
|
|
"description": "Maximum number of APISIX Ingress Controller replicas",
|
|
"default": ""
|
|
},
|
|
"targetCPU": {
|
|
"type": "string",
|
|
"description": "Target CPU utilization percentage",
|
|
"default": ""
|
|
},
|
|
"targetMemory": {
|
|
"type": "string",
|
|
"description": "Target Memory utilization percentage",
|
|
"default": ""
|
|
}
|
|
}
|
|
}
|
|
}
|
|
},
|
|
"rbac": {
|
|
"type": "object",
|
|
"properties": {
|
|
"create": {
|
|
"type": "boolean",
|
|
"description": "Specifies whether RBAC resources should be created",
|
|
"default": true
|
|
},
|
|
"rules": {
|
|
"type": "array",
|
|
"description": "Custom RBAC rules to set",
|
|
"default": [],
|
|
"items": {}
|
|
}
|
|
}
|
|
},
|
|
"serviceAccount": {
|
|
"type": "object",
|
|
"properties": {
|
|
"create": {
|
|
"type": "boolean",
|
|
"description": "Specifies whether a ServiceAccount should be created",
|
|
"default": true
|
|
},
|
|
"name": {
|
|
"type": "string",
|
|
"description": "The name of the ServiceAccount to use.",
|
|
"default": ""
|
|
},
|
|
"annotations": {
|
|
"type": "object",
|
|
"description": "Additional Service Account annotations (evaluated as a template)",
|
|
"default": {}
|
|
},
|
|
"automountServiceAccountToken": {
|
|
"type": "boolean",
|
|
"description": "Automount service account token for the server service account",
|
|
"default": true
|
|
}
|
|
}
|
|
},
|
|
"metrics": {
|
|
"type": "object",
|
|
"properties": {
|
|
"annotations": {
|
|
"type": "object",
|
|
"properties": {
|
|
"prometheus": {
|
|
"type": "object",
|
|
"properties": {
|
|
"io/scrape": {
|
|
"type": "string",
|
|
"description": "",
|
|
"default": "true"
|
|
},
|
|
"io/port": {
|
|
"type": "string",
|
|
"description": "",
|
|
"default": "{{ .Values.ingressController.service.ports.http }}"
|
|
}
|
|
}
|
|
}
|
|
}
|
|
},
|
|
"enabled": {
|
|
"type": "boolean",
|
|
"description": "Enable the export of Prometheus metrics",
|
|
"default": false
|
|
},
|
|
"serviceMonitor": {
|
|
"type": "object",
|
|
"properties": {
|
|
"enabled": {
|
|
"type": "boolean",
|
|
"description": "if `true`, creates a Prometheus Operator ServiceMonitor (also requires `metrics.enabled` to be `true`)",
|
|
"default": false
|
|
},
|
|
"namespace": {
|
|
"type": "string",
|
|
"description": "Namespace in which Prometheus is running",
|
|
"default": ""
|
|
},
|
|
"annotations": {
|
|
"type": "object",
|
|
"description": "Additional custom annotations for the ServiceMonitor",
|
|
"default": {}
|
|
},
|
|
"labels": {
|
|
"type": "object",
|
|
"description": "Extra labels for the ServiceMonitor",
|
|
"default": {}
|
|
},
|
|
"jobLabel": {
|
|
"type": "string",
|
|
"description": "The name of the label on the target service to use as the job name in Prometheus",
|
|
"default": ""
|
|
},
|
|
"honorLabels": {
|
|
"type": "boolean",
|
|
"description": "honorLabels chooses the metric's labels on collisions with target labels",
|
|
"default": false
|
|
},
|
|
"interval": {
|
|
"type": "string",
|
|
"description": "Interval at which metrics should be scraped.",
|
|
"default": ""
|
|
},
|
|
"scrapeTimeout": {
|
|
"type": "string",
|
|
"description": "Timeout after which the scrape is ended",
|
|
"default": ""
|
|
},
|
|
"metricRelabelings": {
|
|
"type": "array",
|
|
"description": "Specify additional relabeling of metrics",
|
|
"default": [],
|
|
"items": {}
|
|
},
|
|
"relabelings": {
|
|
"type": "array",
|
|
"description": "Specify general relabeling",
|
|
"default": [],
|
|
"items": {}
|
|
},
|
|
"selector": {
|
|
"type": "object",
|
|
"description": "Prometheus instance selector labels",
|
|
"default": {}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
},
|
|
"waitContainer": {
|
|
"type": "object",
|
|
"properties": {
|
|
"image": {
|
|
"type": "object",
|
|
"properties": {
|
|
"registry": {
|
|
"type": "string",
|
|
"description": "Init container wait-container image registry",
|
|
"default": "docker.io"
|
|
},
|
|
"repository": {
|
|
"type": "string",
|
|
"description": "Init container wait-container image name",
|
|
"default": "bitnami/os-shell"
|
|
},
|
|
"tag": {
|
|
"type": "string",
|
|
"description": "Init container wait-container image tag",
|
|
"default": "11-debian-11-r2"
|
|
},
|
|
"digest": {
|
|
"type": "string",
|
|
"description": "Init container wait-container image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag",
|
|
"default": ""
|
|
},
|
|
"pullPolicy": {
|
|
"type": "string",
|
|
"description": "Init container wait-container image pull policy",
|
|
"default": "IfNotPresent"
|
|
},
|
|
"pullSecrets": {
|
|
"type": "array",
|
|
"description": "Specify docker-registry secret names as an array",
|
|
"default": [],
|
|
"items": {}
|
|
}
|
|
}
|
|
},
|
|
"containerSecurityContext": {
|
|
"type": "object",
|
|
"properties": {
|
|
"enabled": {
|
|
"type": "boolean",
|
|
"description": "Enabled APISIX containers' Security Context",
|
|
"default": true
|
|
},
|
|
"runAsUser": {
|
|
"type": "number",
|
|
"description": "Set APISIX containers' Security Context runAsUser",
|
|
"default": 1001
|
|
},
|
|
"runAsNonRoot": {
|
|
"type": "boolean",
|
|
"description": "Set APISIX containers' Security Context runAsNonRoot",
|
|
"default": true
|
|
},
|
|
"readOnlyRootFilesystem": {
|
|
"type": "boolean",
|
|
"description": "Set APISIX containers' Security Context runAsNonRoot",
|
|
"default": true
|
|
},
|
|
"allowPrivilegeEscalation": {
|
|
"type": "boolean",
|
|
"description": "Set APISIX container's privilege escalation",
|
|
"default": false
|
|
},
|
|
"capabilities": {
|
|
"type": "object",
|
|
"properties": {
|
|
"drop": {
|
|
"type": "array",
|
|
"description": "Set APISIX container's Security Context runAsNonRoot",
|
|
"default": [
|
|
"ALL"
|
|
],
|
|
"items": {
|
|
"type": "string"
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
},
|
|
"externalEtcd": {
|
|
"type": "object",
|
|
"properties": {
|
|
"servers": {
|
|
"type": "array",
|
|
"description": "List of hostnames of the external etcd",
|
|
"default": [],
|
|
"items": {}
|
|
},
|
|
"port": {
|
|
"type": "number",
|
|
"description": "Port of the external etcd instance",
|
|
"default": 2379
|
|
},
|
|
"user": {
|
|
"type": "string",
|
|
"description": "User of the external etcd instance",
|
|
"default": "root"
|
|
},
|
|
"password": {
|
|
"type": "string",
|
|
"description": "Password of the external etcd instance",
|
|
"default": ""
|
|
},
|
|
"existingSecret": {
|
|
"type": "string",
|
|
"description": "Name of a secret containing the external etcd password",
|
|
"default": ""
|
|
},
|
|
"existingSecretPasswordKey": {
|
|
"type": "string",
|
|
"description": "Key inside the secret containing the external etcd password",
|
|
"default": "etcd-root-password"
|
|
},
|
|
"secureTransport": {
|
|
"type": "boolean",
|
|
"description": "Use TLS for client-to-server communications",
|
|
"default": false
|
|
}
|
|
}
|
|
},
|
|
"etcd": {
|
|
"type": "object",
|
|
"properties": {
|
|
"enabled": {
|
|
"type": "boolean",
|
|
"description": "Deploy etcd sub-chart",
|
|
"default": true
|
|
},
|
|
"replicaCount": {
|
|
"type": "number",
|
|
"description": "Number of etcd replicas",
|
|
"default": 3
|
|
},
|
|
"containerPorts": {
|
|
"type": "object",
|
|
"properties": {
|
|
"client": {
|
|
"type": "number",
|
|
"description": "Container port for etcd",
|
|
"default": 2379
|
|
}
|
|
}
|
|
},
|
|
"auth": {
|
|
"type": "object",
|
|
"properties": {
|
|
"rbac": {
|
|
"type": "object",
|
|
"properties": {
|
|
"create": {
|
|
"type": "boolean",
|
|
"description": "Switch to enable RBAC authentication",
|
|
"default": false
|
|
},
|
|
"rootPassword": {
|
|
"type": "string",
|
|
"description": "etcd root password",
|
|
"default": ""
|
|
}
|
|
}
|
|
},
|
|
"client": {
|
|
"type": "object",
|
|
"properties": {
|
|
"secureTransport": {
|
|
"type": "boolean",
|
|
"description": "use TLS for client-to-server communications",
|
|
"default": false
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|