diff --git a/api/v1alpha1/envoygateway_helpers.go b/api/v1alpha1/envoygateway_helpers.go
index 2650ccaa78e..fed2f6fa075 100644
--- a/api/v1alpha1/envoygateway_helpers.go
+++ b/api/v1alpha1/envoygateway_helpers.go
@@ -228,20 +228,11 @@ func (r *EnvoyGatewayProvider) GetEnvoyGatewayKubeProvider() *EnvoyGatewayKubern
r.Kubernetes.LeaderElection = DefaultLeaderElection()
}
- // if RateLimitDeployment and RateLimitDaemonset are both nil, use RateLimitDeployment
- if r.Kubernetes.RateLimitDeployment == nil && r.Kubernetes.RateLimitDaemonset == nil {
+ if r.Kubernetes.RateLimitDeployment == nil {
r.Kubernetes.RateLimitDeployment = DefaultKubernetesDeployment(DefaultRateLimitImage)
}
- // if use RateLimitDeployment, set default values
- if r.Kubernetes.RateLimitDeployment != nil {
- r.Kubernetes.RateLimitDeployment.defaultKubernetesDeploymentSpec(DefaultRateLimitImage)
- }
-
- // if use RateLimitDaemonset, set default values
- if r.Kubernetes.RateLimitDaemonset != nil {
- r.Kubernetes.RateLimitDaemonset.defaultKubernetesDaemonSetSpec(DefaultRateLimitImage)
- }
+ r.Kubernetes.RateLimitDeployment.defaultKubernetesDeploymentSpec(DefaultRateLimitImage)
if r.Kubernetes.ShutdownManager == nil {
r.Kubernetes.ShutdownManager = &ShutdownManager{Image: ptr.To(DefaultShutdownManagerImage)}
diff --git a/api/v1alpha1/envoygateway_types.go b/api/v1alpha1/envoygateway_types.go
index ab76c9c443e..6cf8e334182 100644
--- a/api/v1alpha1/envoygateway_types.go
+++ b/api/v1alpha1/envoygateway_types.go
@@ -202,13 +202,6 @@ type EnvoyGatewayKubernetesProvider struct {
// +optional
RateLimitDeployment *KubernetesDeploymentSpec `json:"rateLimitDeployment,omitempty"`
- // RateLimitDaemonset defines the desired state of the Envoy ratelimit daemonset resource.
- // If unspecified, default settings for the managed Envoy ratelimit daemonset resource
- // are applied.
- //
- // +optional
- RateLimitDaemonset *KubernetesDaemonSetSpec `json:"rateLimitDaemonset,omitempty"`
-
// Watch holds configuration of which input resources should be watched and reconciled.
// +optional
Watch *KubernetesWatchMode `json:"watch,omitempty"`
diff --git a/api/v1alpha1/zz_generated.deepcopy.go b/api/v1alpha1/zz_generated.deepcopy.go
index c6dd99f41d4..a72706c33bb 100644
--- a/api/v1alpha1/zz_generated.deepcopy.go
+++ b/api/v1alpha1/zz_generated.deepcopy.go
@@ -1516,11 +1516,6 @@ func (in *EnvoyGatewayKubernetesProvider) DeepCopyInto(out *EnvoyGatewayKubernet
*out = new(KubernetesDeploymentSpec)
(*in).DeepCopyInto(*out)
}
- if in.RateLimitDaemonset != nil {
- in, out := &in.RateLimitDaemonset, &out.RateLimitDaemonset
- *out = new(KubernetesDaemonSetSpec)
- (*in).DeepCopyInto(*out)
- }
if in.Watch != nil {
in, out := &in.Watch, &out.Watch
*out = new(KubernetesWatchMode)
diff --git a/internal/infrastructure/kubernetes/ratelimit/resource.go b/internal/infrastructure/kubernetes/ratelimit/resource.go
index 669df866285..4785a700d40 100644
--- a/internal/infrastructure/kubernetes/ratelimit/resource.go
+++ b/internal/infrastructure/kubernetes/ratelimit/resource.go
@@ -138,7 +138,7 @@ func rateLimitLabels() map[string]string {
}
// expectedRateLimitContainers returns expected rateLimit containers.
-func expectedRateLimitContainers(rateLimit *egv1a1.RateLimit, rateLimitContainerSpec *egv1a1.KubernetesContainerSpec,
+func expectedRateLimitContainers(rateLimit *egv1a1.RateLimit, rateLimitDeployment *egv1a1.KubernetesDeploymentSpec,
namespace string,
) []corev1.Container {
ports := []corev1.ContainerPort{
@@ -152,16 +152,16 @@ func expectedRateLimitContainers(rateLimit *egv1a1.RateLimit, rateLimitContainer
containers := []corev1.Container{
{
Name: InfraName,
- Image: *rateLimitContainerSpec.Image,
+ Image: *rateLimitDeployment.Container.Image,
ImagePullPolicy: corev1.PullIfNotPresent,
Command: []string{
"/bin/ratelimit",
},
- Env: expectedRateLimitContainerEnv(rateLimit, rateLimitContainerSpec, namespace),
+ Env: expectedRateLimitContainerEnv(rateLimit, rateLimitDeployment, namespace),
Ports: ports,
- Resources: *rateLimitContainerSpec.Resources,
- SecurityContext: expectedRateLimitContainerSecurityContext(rateLimitContainerSpec),
- VolumeMounts: expectedContainerVolumeMounts(rateLimit, rateLimitContainerSpec),
+ Resources: *rateLimitDeployment.Container.Resources,
+ SecurityContext: expectedRateLimitContainerSecurityContext(rateLimitDeployment),
+ VolumeMounts: expectedContainerVolumeMounts(rateLimit, rateLimitDeployment),
TerminationMessagePolicy: corev1.TerminationMessageReadFile,
TerminationMessagePath: "/dev/termination-log",
StartupProbe: &corev1.Probe{
@@ -197,7 +197,7 @@ func expectedRateLimitContainers(rateLimit *egv1a1.RateLimit, rateLimitContainer
}
// expectedContainerVolumeMounts returns expected rateLimit container volume mounts.
-func expectedContainerVolumeMounts(rateLimit *egv1a1.RateLimit, rateLimitContainerSpec *egv1a1.KubernetesContainerSpec) []corev1.VolumeMount {
+func expectedContainerVolumeMounts(rateLimit *egv1a1.RateLimit, rateLimitDeployment *egv1a1.KubernetesDeploymentSpec) []corev1.VolumeMount {
var volumeMounts []corev1.VolumeMount
// mount the cert
@@ -223,11 +223,11 @@ func expectedContainerVolumeMounts(rateLimit *egv1a1.RateLimit, rateLimitContain
})
}
- return resource.ExpectedContainerVolumeMounts(rateLimitContainerSpec, volumeMounts)
+ return resource.ExpectedContainerVolumeMounts(rateLimitDeployment.Container, volumeMounts)
}
// expectedDeploymentVolumes returns expected rateLimit deployment volumes.
-func expectedDeploymentVolumes(rateLimit *egv1a1.RateLimit, rateLimitPodSpec *egv1a1.KubernetesPodSpec) []corev1.Volume {
+func expectedDeploymentVolumes(rateLimit *egv1a1.RateLimit, rateLimitDeployment *egv1a1.KubernetesDeploymentSpec) []corev1.Volume {
var volumes []corev1.Volume
if rateLimit.Backend.Redis != nil &&
@@ -269,11 +269,11 @@ func expectedDeploymentVolumes(rateLimit *egv1a1.RateLimit, rateLimitPodSpec *eg
})
}
- return resource.ExpectedVolumes(rateLimitPodSpec, volumes)
+ return resource.ExpectedVolumes(rateLimitDeployment.Pod, volumes)
}
// expectedRateLimitContainerEnv returns expected rateLimit container envs.
-func expectedRateLimitContainerEnv(rateLimit *egv1a1.RateLimit, rateLimitContainerSpec *egv1a1.KubernetesContainerSpec,
+func expectedRateLimitContainerEnv(rateLimit *egv1a1.RateLimit, rateLimitDeployment *egv1a1.KubernetesDeploymentSpec,
namespace string,
) []corev1.EnvVar {
env := []corev1.EnvVar{
@@ -445,7 +445,7 @@ func expectedRateLimitContainerEnv(rateLimit *egv1a1.RateLimit, rateLimitContain
env = append(env, tracingEnvs...)
}
- return resource.ExpectedContainerEnv(rateLimitContainerSpec, env)
+ return resource.ExpectedContainerEnv(rateLimitDeployment.Container, env)
}
// Validate the ratelimit tls secret validating.
@@ -489,9 +489,9 @@ func checkTraceEndpointScheme(url string) string {
return fmt.Sprintf("%s%s", httpScheme, url)
}
-func expectedRateLimitContainerSecurityContext(rateLimitContainerSpec *egv1a1.KubernetesContainerSpec) *corev1.SecurityContext {
- if rateLimitContainerSpec.SecurityContext != nil {
- return rateLimitContainerSpec.SecurityContext
+func expectedRateLimitContainerSecurityContext(rateLimitDeployment *egv1a1.KubernetesDeploymentSpec) *corev1.SecurityContext {
+ if rateLimitDeployment.Container.SecurityContext != nil {
+ return rateLimitDeployment.Container.SecurityContext
}
return defaultSecurityContext()
}
diff --git a/internal/infrastructure/kubernetes/ratelimit/resource_provider.go b/internal/infrastructure/kubernetes/ratelimit/resource_provider.go
index bcc9d580cfc..50c5c8bf7f2 100644
--- a/internal/infrastructure/kubernetes/ratelimit/resource_provider.go
+++ b/internal/infrastructure/kubernetes/ratelimit/resource_provider.go
@@ -196,7 +196,7 @@ func (r *ResourceRender) Deployment() (*appsv1.Deployment, error) {
return nil, er
}
- containers := expectedRateLimitContainers(r.rateLimit, r.rateLimitDeployment.Container, r.Namespace)
+ containers := expectedRateLimitContainers(r.rateLimit, r.rateLimitDeployment, r.Namespace)
selector := resource.GetSelector(rateLimitLabels())
podLabels := rateLimitLabels()
@@ -250,7 +250,7 @@ func (r *ResourceRender) Deployment() (*appsv1.Deployment, error) {
RestartPolicy: corev1.RestartPolicyAlways,
SchedulerName: "default-scheduler",
SecurityContext: r.rateLimitDeployment.Pod.SecurityContext,
- Volumes: expectedDeploymentVolumes(r.rateLimit, r.rateLimitDeployment.Pod),
+ Volumes: expectedDeploymentVolumes(r.rateLimit, r.rateLimitDeployment),
Affinity: r.rateLimitDeployment.Pod.Affinity,
Tolerations: r.rateLimitDeployment.Pod.Tolerations,
ImagePullSecrets: r.rateLimitDeployment.Pod.ImagePullSecrets,
diff --git a/site/content/en/latest/api/extension_types.md b/site/content/en/latest/api/extension_types.md
index 640feb97101..76adfb15735 100644
--- a/site/content/en/latest/api/extension_types.md
+++ b/site/content/en/latest/api/extension_types.md
@@ -1147,7 +1147,6 @@ _Appears in:_
| Field | Type | Required | Description |
| --- | --- | --- | --- |
| `rateLimitDeployment` | _[KubernetesDeploymentSpec](#kubernetesdeploymentspec)_ | false | RateLimitDeployment defines the desired state of the Envoy ratelimit deployment resource.
If unspecified, default settings for the managed Envoy ratelimit deployment resource
are applied. |
-| `rateLimitDaemonset` | _[KubernetesDaemonSetSpec](#kubernetesdaemonsetspec)_ | false | RateLimitDaemonset defines the desired state of the Envoy ratelimit daemonset resource.
If unspecified, default settings for the managed Envoy ratelimit daemonset resource
are applied. |
| `watch` | _[KubernetesWatchMode](#kuberneteswatchmode)_ | false | Watch holds configuration of which input resources should be watched and reconciled. |
| `deploy` | _[KubernetesDeployMode](#kubernetesdeploymode)_ | false | Deploy holds configuration of how output managed resources such as the Envoy Proxy data plane
should be deployed |
| `overwriteControlPlaneCerts` | _boolean_ | false | OverwriteControlPlaneCerts updates the secrets containing the control plane certs, when set. |
@@ -2433,7 +2432,6 @@ _Appears in:_
KubernetesDaemonsetSpec defines the desired state of the Kubernetes daemonset resource.
_Appears in:_
-- [EnvoyGatewayKubernetesProvider](#envoygatewaykubernetesprovider)
- [EnvoyProxyKubernetesProvider](#envoyproxykubernetesprovider)
| Field | Type | Required | Description |
diff --git a/site/content/zh/latest/api/extension_types.md b/site/content/zh/latest/api/extension_types.md
index 640feb97101..76adfb15735 100644
--- a/site/content/zh/latest/api/extension_types.md
+++ b/site/content/zh/latest/api/extension_types.md
@@ -1147,7 +1147,6 @@ _Appears in:_
| Field | Type | Required | Description |
| --- | --- | --- | --- |
| `rateLimitDeployment` | _[KubernetesDeploymentSpec](#kubernetesdeploymentspec)_ | false | RateLimitDeployment defines the desired state of the Envoy ratelimit deployment resource.
If unspecified, default settings for the managed Envoy ratelimit deployment resource
are applied. |
-| `rateLimitDaemonset` | _[KubernetesDaemonSetSpec](#kubernetesdaemonsetspec)_ | false | RateLimitDaemonset defines the desired state of the Envoy ratelimit daemonset resource.
If unspecified, default settings for the managed Envoy ratelimit daemonset resource
are applied. |
| `watch` | _[KubernetesWatchMode](#kuberneteswatchmode)_ | false | Watch holds configuration of which input resources should be watched and reconciled. |
| `deploy` | _[KubernetesDeployMode](#kubernetesdeploymode)_ | false | Deploy holds configuration of how output managed resources such as the Envoy Proxy data plane
should be deployed |
| `overwriteControlPlaneCerts` | _boolean_ | false | OverwriteControlPlaneCerts updates the secrets containing the control plane certs, when set. |
@@ -2433,7 +2432,6 @@ _Appears in:_
KubernetesDaemonsetSpec defines the desired state of the Kubernetes daemonset resource.
_Appears in:_
-- [EnvoyGatewayKubernetesProvider](#envoygatewaykubernetesprovider)
- [EnvoyProxyKubernetesProvider](#envoyproxykubernetesprovider)
| Field | Type | Required | Description |