From fe2e49f1bedd15ecc423a70f0e14b53512780e54 Mon Sep 17 00:00:00 2001 From: G1 Date: Fri, 16 Aug 2024 15:35:15 +0900 Subject: [PATCH] feat: Adds Control API releated Resources (#739) --- charts/apisix/README.md | 10 +++ charts/apisix/templates/configmap.yaml | 7 ++ charts/apisix/templates/deployment.yaml | 5 ++ charts/apisix/templates/ingress-control.yaml | 76 ++++++++++++++++++++ charts/apisix/templates/service-control.yaml | 58 +++++++++++++++ charts/apisix/values.yaml | 42 +++++++++++ 6 files changed, 198 insertions(+) create mode 100644 charts/apisix/templates/ingress-control.yaml create mode 100644 charts/apisix/templates/service-control.yaml diff --git a/charts/apisix/README.md b/charts/apisix/README.md index 06b7e036..62c5195f 100644 --- a/charts/apisix/README.md +++ b/charts/apisix/README.md @@ -135,6 +135,16 @@ The command removes all the Kubernetes components associated with the chart and | autoscaling.targetCPUUtilizationPercentage | int | `80` | | | autoscaling.targetMemoryUtilizationPercentage | int | `80` | | | autoscaling.version | string | `"v2"` | HPA version, the value is "v2" or "v2beta1", default "v2" | +| control.enabled | bool | `true` | Enable Control API | +| control.ingress | object | `{"annotations":{},"enabled":false,"hosts":[{"host":"apisix-control.local","paths":["/*"]}],"tls":[]}` | Using ingress access Apache APISIX Control service | +| control.ingress.annotations | object | `{}` | Ingress annotations | +| control.ingress.hosts | list | `[{"host":"apisix-control.local","paths":["/*"]}]` | Ingress Class Name className: "nginx" | +| control.service.annotations | object | `{}` | Control annotations | +| control.service.externalIPs | list | `[]` | IPs for which nodes in the cluster will also accept traffic for the servic | +| control.service.ip | string | `"127.0.0.1"` | which ip to listen on for Apache APISIX Control API | +| control.service.port | int | `9090` | which port to use for Apache APISIX Control API | +| control.service.servicePort | int | `9090` | Service port to use for Apache APISIX Control API | +| control.service.type | string | `"ClusterIP"` | Control service type | | dashboard.config.conf.etcd.endpoints | list | `["apisix-etcd:2379"]` | Supports defining multiple etcd host addresses for an etcd cluster | | dashboard.config.conf.etcd.password | string | `nil` | Specifies etcd basic auth password if enable etcd auth | | dashboard.config.conf.etcd.prefix | string | `"/apisix"` | apisix configurations prefix | diff --git a/charts/apisix/templates/configmap.yaml b/charts/apisix/templates/configmap.yaml index 2551b187..05419451 100644 --- a/charts/apisix/templates/configmap.yaml +++ b/charts/apisix/templates/configmap.yaml @@ -59,6 +59,13 @@ data: extra_lua_path: {{ .Values.apisix.customPlugins.luaPath }};{{ .Values.apisix.luaModuleHook.luaPath }} {{- end }} + enable_control: {{ .Values.control.enabled }} + {{- if .Values.control.enabled }} + control: + ip: {{ default "127.0.0.1" .Values.control.service.ip }} + port: {{ default 9090 .Values.control.service.port }} + {{- end }} + {{- if .Values.apisix.luaModuleHook.enabled }} lua_module_hook: {{ .Values.apisix.luaModuleHook.hookPoint | quote }} {{- end }} diff --git a/charts/apisix/templates/deployment.yaml b/charts/apisix/templates/deployment.yaml index 884e3b5a..6e8c9f04 100644 --- a/charts/apisix/templates/deployment.yaml +++ b/charts/apisix/templates/deployment.yaml @@ -121,6 +121,11 @@ spec: containerPort: {{ .Values.apisix.admin.port }} protocol: TCP {{- end }} + {{- if .Values.control.enabled }} + - name: control + containerPort: {{ .Values.control.service.port }} + protocol: TCP + {{- end }} {{- if .Values.apisix.prometheus.enabled }} - name: prometheus containerPort: {{ .Values.apisix.prometheus.containerPort }} diff --git a/charts/apisix/templates/ingress-control.yaml b/charts/apisix/templates/ingress-control.yaml new file mode 100644 index 00000000..a53c7f6c --- /dev/null +++ b/charts/apisix/templates/ingress-control.yaml @@ -0,0 +1,76 @@ +# +# Licensed to the Apache Software Foundation (ASF) under one or more +# contributor license agreements. See the NOTICE file distributed with +# this work for additional information regarding copyright ownership. +# The ASF licenses this file to You under the Apache License, Version 2.0 +# (the "License"); you may not use this file except in compliance with +# the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +{{- if (and .Values.control.enabled .Values.control.ingress.enabled) -}} +{{- $fullName := include "apisix.fullname" . -}} +{{- $svcPort := .Values.control.servicePort -}} +{{- if and .Values.control.ingress.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }} + {{- if not (hasKey .Values.control.ingress.annotations "kubernetes.io/ingress.class") }} + {{- $_ := set .Values.control.ingress.annotations "kubernetes.io/ingress.class" .Values.control.ingress.className}} + {{- end }} +{{- end }} +{{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.Version }} +apiVersion: networking.k8s.io/v1 +{{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.Version }} +apiVersion: networking.k8s.io/v1beta1 +{{- else -}} +apiVersion: extensions/v1beta1 +{{- end }} +kind: Ingress +metadata: + name: {{ $fullName }}-control + labels: + {{- include "apisix.labels" . | nindent 4 }} + {{- with .Values.control.ingress.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + {{- if and .Values.control.ingress.className (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion) }} + ingressClassName: {{ .Values.control.ingress.className }} + {{- end }} + {{- if .Values.control.ingress.tls }} + tls: + {{- range .Values.control.ingress.tls }} + - hosts: + {{- range .hosts }} + - {{ . | quote }} + {{- end }} + secretName: {{ .secretName }} + {{- end }} + {{- end }} + rules: + {{- range .Values.control.ingress.hosts }} + - host: {{ .host | quote }} + http: + paths: + {{- range .paths }} + - path: {{ . }} + {{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.Version }} + pathType: ImplementationSpecific + backend: + service: + name: {{ $fullName }}-control + port: + number: {{ $svcPort }} + {{- else }} + backend: + serviceName: {{ $fullName }}-control + servicePort: {{ $svcPort }} + {{- end }} + {{- end }} + {{- end }} + {{- end }} diff --git a/charts/apisix/templates/service-control.yaml b/charts/apisix/templates/service-control.yaml new file mode 100644 index 00000000..0519aed8 --- /dev/null +++ b/charts/apisix/templates/service-control.yaml @@ -0,0 +1,58 @@ +# +# Licensed to the Apache Software Foundation (ASF) under one or more +# contributor license agreements. See the NOTICE file distributed with +# this work for additional information regarding copyright ownership. +# The ASF licenses this file to You under the Apache License, Version 2.0 +# (the "License"); you may not use this file except in compliance with +# the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +{{ if (and .Values.apisix.enabled .Values.control.enabled) }} +apiVersion: v1 +kind: Service +metadata: + name: {{ include "apisix.fullname" . }}-control + namespace: {{ .Release.Namespace }} + annotations: + {{- range $key, $value := .Values.control.service.annotations }} + {{ $key }}: {{ $value | quote }} + {{- end }} + labels: + {{- include "apisix.labels" . | nindent 4 }} + app.kubernetes.io/service: apisix-control +spec: + type: {{ .Values.control.service.type }} + {{- if eq .Values.control.service.type "LoadBalancer" }} + {{- if .Values.control.service.loadBalancerIP }} + loadBalancerIP: {{ .Values.control.service.loadBalancerIP }} + {{- end }} + {{- if .Values.control.service.loadBalancerSourceRanges }} + loadBalancerSourceRanges: + {{- range $cidr := .Values.control.service.loadBalancerSourceRanges }} + - {{ $cidr }} + {{- end }} + {{- end }} + {{- end }} + {{- if gt (len .Values.control.service.externalIPs) 0 }} + externalIPs: + {{- range $ip := .Values.control.service.externalIPs }} + - {{ $ip }} + {{- end }} + {{- end }} + ports: + - name: apisix-control + port: {{ .Values.control.service.servicePort }} + targetPort: {{ .Values.control.service.port }} + {{- if (and (eq .Values.control.service.type "NodePort") (not (empty .Values.control.service.nodePort))) }} + nodePort: {{ .Values.control.service.nodePort }} + {{- end }} + protocol: TCP + selector: + {{- include "apisix.selectorLabels" . | nindent 4 }} +{{ end }} diff --git a/charts/apisix/values.yaml b/charts/apisix/values.yaml index ffe0458f..bde035e0 100644 --- a/charts/apisix/values.yaml +++ b/charts/apisix/values.yaml @@ -217,6 +217,48 @@ ingress: paths: [] tls: [] +control: + # -- Enable Control API + enabled: true + service: + # -- Control annotations + annotations: {} + # -- Control service type + type: ClusterIP + # loadBalancerIP: a.b.c.d + # loadBalancerSourceRanges: + # - "143.231.0.0/16" + # -- IPs for which nodes in the cluster will also accept traffic for the servic + externalIPs: [] + + # -- NodePort (only if control.service.type is NodePort) + # nodePort: 32000 + + # -- which ip to listen on for Apache APISIX Control API + ip: "127.0.0.1" + # -- which port to use for Apache APISIX Control API + port: 9090 + # -- Service port to use for Apache APISIX Control API + servicePort: 9090 + # -- Using ingress access Apache APISIX Control service + ingress: + enabled: false + # -- Ingress annotations + annotations: + {} + # kubernetes.io/ingress.class: nginx + # kubernetes.io/tls-acme: "true" + # -- Ingress Class Name + # className: "nginx" + hosts: + - host: apisix-control.local + paths: + - "/*" + tls: [] + # - secretName: apisix-tls + # hosts: + # - chart-example.local + # -- Observability configuration. metrics: serviceMonitor: