This repository has been archived by the owner on Feb 22, 2022. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 16.8k
[NEW] nginx-ingress #399
Merged
Merged
[NEW] nginx-ingress #399
Changes from 14 commits
Commits
Show all changes
18 commits
Select commit
Hold shift + click to select a range
74f553a
Renamed nginx-lego to nginx-ingress
22adf78
nginx-ingress v0.2.8
ea7b478
NOTES & README update
393ba1d
Updated NOTES.txt
a6795cc
v0.3.0
915f637
install as Deployment or DaemonSet
319017f
PR work
59ae22a
Documentation & PR
d7de685
added externalIPs to controller & stats exporter services
b19a84f
Additional configurability
a434b19
Fixed metrics servicePort
61497b9
Use templates for fullnames
920205e
Renamed enableStats -> stats.enabled
ad2a9fb
Deprecate nginx-lego, not delete
1b8aa51
Added icon
d11422d
Use nginx.org logo
a12e4ce
No default resources
5089534
PR feedback
File filter
Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,21 @@ | ||
# Patterns to ignore when building packages. | ||
# This supports shell glob matching, relative path matching, and | ||
# negation (prefixed with !). Only one pattern per line. | ||
.DS_Store | ||
# Common VCS dirs | ||
.git/ | ||
.gitignore | ||
.bzr/ | ||
.bzrignore | ||
.hg/ | ||
.hgignore | ||
.svn/ | ||
# Common backup files | ||
*.swp | ||
*.bak | ||
*.tmp | ||
*~ | ||
# Various IDEs | ||
.project | ||
.idea/ | ||
*.tmproj |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,14 @@ | ||
name: nginx-ingress | ||
version: 0.3.0 | ||
description: An nginx Ingress controller that uses ConfigMap to store the nginx configuration. | ||
keywords: | ||
- ingress | ||
- nginx | ||
sources: | ||
- https://github.com/kubernetes/contrib/tree/master/ingress/controllers/nginx | ||
maintainers: | ||
- name: Jack Zampolin | ||
email: [email protected] | ||
- name: Michael Goodness | ||
email: [email protected] | ||
engine: gotpl |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,118 @@ | ||
# nginx-ingress | ||
|
||
[nginx-ingress](https://github.com/kubernetes/contrib/tree/master/ingress/controllers/nginx) is an Ingress controller that uses ConfigMap to store the nginx configuration. | ||
|
||
To use, add the `kubernetes.io/ingress.class: nginx` annotation to your Ingress resources. | ||
|
||
## TL;DR; | ||
|
||
```console | ||
$ helm install stable/nginx-ingress | ||
``` | ||
|
||
## Introduction | ||
|
||
This chart bootstraps an nginx-ingress deployment on a [Kubernetes](http://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager. | ||
|
||
## Prerequisites | ||
- Kubernetes 1.4+ with Beta APIs enabled | ||
|
||
## Installing the Chart | ||
|
||
To install the chart with the release name `my-release`: | ||
|
||
```console | ||
$ helm install --name my-release stable/nginx-ingress | ||
``` | ||
|
||
The command deploys nginx-ingress on the Kubernetes cluster in the default configuration. The [configuration](#configuration) section lists the parameters that can be configured during installation. | ||
|
||
> **Tip**: List all releases using `helm list` | ||
|
||
## Uninstalling the Chart | ||
|
||
To uninstall/delete the `my-release` deployment: | ||
|
||
```console | ||
$ helm delete my-release | ||
``` | ||
|
||
The command removes all the Kubernetes components associated with the chart and deletes the release. | ||
|
||
## Configuration | ||
|
||
The following tables lists the configurable parameters of the aws-cluster-autoscaler chart and their default values. | ||
|
||
Parameter | Description | Default | ||
--- | --- | --- | ||
`controller.name` | name of the controller component | `controller` | ||
`controller.image.repository` | controller container image repository | `gcr.io/google_containers/nginx-ingress-controller` | ||
`controller.image.tag` | controller container image tag | `0.8.3` | ||
`controller.image.pullPolicy` | controller container image pull policy | `IfNotPresent` | ||
`controller.config` | nginx ConfigMap entries | none | ||
`controller.defaultBackendService` | default 404 backend service; required only if `defaultBackend.enabled = false` | `""` | ||
`controller.extraArgs` | Additional controller container arguments | `{}` | ||
`controller.kind` | install as Deployment or DaemonSet | `Deployment` | ||
`controller.nodeSelector` | node labels for pod assignment | `{}` | ||
`controller.podAnnotations` | annotations to be added to pods | `{}` | ||
`controller.replicaCount` | desired number of controller pods | `1` | ||
`controller.resources` | controller pod resource requests & limits | `requests: {cpu: 100m, memory: 64Mi}` | ||
`controller.service.annotations` | annotations for controller service | `{}` | ||
`controller.service.clusterIP` | internal controller cluster service IP | `""` | ||
`controller.service.externalIPs` | controller service external IP addresses | `[]` | ||
`controller.service.loadBalancerIP` | IP address to assign to load balancer (if supported) | `""` | ||
`controller.service.loadBalancerSourceRanges` | list of IP CIDRs allowed access to load balancer (if supported) | `[]` | ||
`controller.service.type` | type of controller service to create | `LoadBalancer` | ||
`controller.stats.enabled` | if true, enable "vts-status" page & Prometheus metrics | `false` | ||
`controller.stats.service.annotations` | annotations for controller stats service | `{}` | ||
`controller.stats.service.clusterIP` | internal controller stats cluster service IP | `""` | ||
`controller.stats.service.externalIPs` | controller service stats external IP addresses | `[]` | ||
`controller.stats.service.loadBalancerIP` | IP address to assign to load balancer (if supported) | `""` | ||
`controller.stats.service.loadBalancerSourceRanges` | list of IP CIDRs allowed access to load balancer (if supported) | `[]` | ||
`controller.service.type` | type of controller stats service to create | `ClusterIP` | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. should this be |
||
`defaultBackend.name` | name of the default backend component | `default-backend` | ||
`defaultBackend.image.repository` | default backend container image repository | `gcr.io/google_containers/defaultbackend` | ||
`defaultBackend.image.tag` | default backend container image tag | `1.2` | ||
`defaultBackend.image.pullPolicy` | default backend container image pull policy | `IfNotPresent` | ||
`defaultBackend.extraArgs` | Additional default backend container arguments | `{}` | ||
`defaultBackend.nodeSelector` | node labels for pod assignment | `{}` | ||
`defaultBackend.podAnnotations` | annotations to be added to pods | `{}` | ||
`defaultBackend.replicaCount` | desired number of default backend pods | `1` | ||
`defaultBackend.resources` | default backend pod resource requests & limits | `limits: {cpu: 10m, memory: 20Mi}, requests: {cpu: 10m, memory: 20Mi}` | ||
`defaultBackend.service.annotations` | annotations for default backend service | `{}` | ||
`defaultBackend.service.clusterIP` | internal default backend cluster service IP | `""` | ||
`defaultBackend.service.externalIPs` | default backend service external IP addresses | `[]` | ||
`defaultBackend.service.loadBalancerIP` | IP address to assign to load balancer (if supported) | `""` | ||
`defaultBackend.service.loadBalancerSourceRanges` | list of IP CIDRs allowed access to load balancer (if supported) | `[]` | ||
`controller.service.type` | type of default backend service to create | `ClusterIP` | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. defaultBackend.service.type? |
||
`statsExporter.name` | name of the Prometheus metrics exporter component | `stats-exporter` | ||
`statsExporter.image.repository` | Prometheus metrics exporter container image repository | `quay.io/cy-play/vts-nginx-exporter` | ||
`statsExporter.image.tag` | Prometheus metrics exporter image tag | `v0.0.3` | ||
`statsExporter.image.pullPolicy` | Prometheus metrics exporter image pull policy | `IfNotPresent` | ||
`statsExporter.endpoint` | path at which Prometheus metrics are exposed | `/metrics` | ||
`statsExporter.extraArgs` | Additional Prometheus metrics exporter container arguments | `{}` | ||
`statsExporter.metricsNamespace` | namespace used for metrics labeling | `nginx` | ||
`statsExporter.statusPage` | URL of "vts-stats" page exposed by controller | `http://localhost:18080/nginx_status/format/json` | ||
`statsExporter.resources` | Prometheus metrics exporter resource requests & limits | `requests: {cpu: 10m, memory: 20Mi}` | ||
`statsExporter.service.annotations` | annotations for Prometheus metrics exporter service | `{}` | ||
`statsExporter.service.clusterIP` | cluster IP address to assign to service | `""` | ||
`statsExporter.service.externalIPs` | Prometheus metrics exporter service external IP addresses | `[]` | ||
`statsExporter.service.loadBalancerIP` | IP address to assign to load balancer (if supported) | `""` | ||
`statsExporter.service.loadBalancerSourceRanges` | list of IP CIDRs allowed access to load balancer (if supported) | `[]` | ||
`statsExporter.service.servicePort` | Prometheus metrics exporter service port | `9913` | ||
`statsExporter.service.type` | type of Prometheus metrics exporter service to create | `ClusterIP` | ||
`tcp` | TCP service key:value pairs | `{}` | ||
`udp` | UDP service key:value pairs | `{}` | ||
|
||
```console | ||
$ helm install stable/nginx-ingress --name my-release \ | ||
--set controller.stats.enabled=true | ||
``` | ||
|
||
Alternatively, a YAML file that specifies the values for the parameters can be provided while installing the chart. For example, | ||
|
||
```console | ||
$ helm install stable/nginx-ingress --name my-release -f values.yaml | ||
``` | ||
|
||
> **Tip**: You can use the default [values.yaml](values.yaml) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,52 @@ | ||
The nginx-ingress controller has been installed. | ||
|
||
{{- if contains "NodePort" .Values.controller.service.type }} | ||
Get the application URL by running these commands: | ||
export NODE_PORT=$(kubectl --namespace {{ .Release.Namespace }} get services -o jsonpath="{.spec.ports[0].nodePort}" {{ template "controller.fullname" . }}) | ||
export NODE_IP=$(kubectl --namespace {{ .Release.Namespace }} get nodes -o jsonpath="{.items[0].status.addresses[1].address}") | ||
echo "Visit http://$NODE_IP:$NODE_PORT to access your application." | ||
{{- else if contains "LoadBalancer" .Values.controller.service.type }} | ||
It may take a few minutes for the LoadBalancer IP to be available. | ||
You can watch the status by running 'kubectl --namespace {{ .Release.Namespace }} get services -o wide -w {{ template "controller.fullname" . }}' | ||
{{- else if contains "ClusterIP" .Values.controller.service.type }} | ||
Get the application URL by running these commands: | ||
export POD_NAME=$(kubectl --namespace {{ .Release.Namespace }} get pods -o jsonpath="{.items[0].metadata.name}" -l "app={{ template "name" . }},component={{ .Values.controller.name }},release={{ .Release.Name }}") | ||
kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:80 | ||
echo "Visit http://127.0.0.1:8080 to access your application." | ||
{{- end }} | ||
|
||
An example Ingress that makes use of the controller: | ||
|
||
apiVersion: extensions/v1beta1 | ||
kind: Ingress | ||
metadata: | ||
annotations: | ||
kubernetes.io/ingress.class: nginx | ||
name: example | ||
namespace: foo | ||
spec: | ||
rules: | ||
- host: www.example.com | ||
http: | ||
paths: | ||
- backend: | ||
serviceName: exampleService | ||
servicePort: 80 | ||
path: / | ||
# This section is only required if TLS is to be enabled for the Ingress | ||
tls: | ||
- hosts: | ||
- www.example.com | ||
secretName: example-tls | ||
|
||
If TLS is enabled for the Ingress, a Secret containing the certificate and key must also be provided: | ||
|
||
apiVersion: v1 | ||
kind: Secret | ||
metadata: | ||
name: example-tls | ||
namespace: foo | ||
data: | ||
tls.crt: <base64 encoded cert> | ||
tls.key: <base64 encoded key> | ||
type: kubernetes.io/tls |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,34 @@ | ||
{{/* vim: set filetype=mustache: */}} | ||
{{/* | ||
Expand the name of the chart. | ||
*/}} | ||
{{- define "name" -}} | ||
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} | ||
{{- end -}} | ||
|
||
{{/* | ||
Create a default fully qualified app name. | ||
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). | ||
*/}} | ||
{{- define "fullname" -}} | ||
{{- $name := default .Chart.Name .Values.nameOverride -}} | ||
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} | ||
{{- end -}} | ||
|
||
{{/* | ||
Create a default fully qualified controller name. | ||
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). | ||
*/}} | ||
{{- define "controller.fullname" -}} | ||
{{- $name := default .Chart.Name .Values.nameOverride -}} | ||
{{- printf "%s-%s-%s" .Release.Name $name .Values.controller.name | trunc 63 | trimSuffix "-" -}} | ||
{{- end -}} | ||
|
||
{{/* | ||
Create a default fully qualified default backend name. | ||
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). | ||
*/}} | ||
{{- define "defaultBackend.fullname" -}} | ||
{{- $name := default .Chart.Name .Values.nameOverride -}} | ||
{{- printf "%s-%s-%s" .Release.Name $name .Values.defaultBackend.name | trunc 63 | trimSuffix "-" -}} | ||
{{- end -}} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,15 @@ | ||
apiVersion: v1 | ||
kind: ConfigMap | ||
metadata: | ||
labels: | ||
app: {{ template "name" . }} | ||
chart: {{ .Chart.Name }}-{{ .Chart.Version }} | ||
component: "{{ .Values.controller.name }}" | ||
heritage: {{ .Release.Service }} | ||
release: {{ .Release.Name }} | ||
name: {{ template "controller.fullname" . }} | ||
data: | ||
enable-vts-status: "{{ .Values.controller.stats.enabled }}" | ||
{{- if .Values.controller.config }} | ||
{{ toYaml .Values.controller.config | indent 2 }} | ||
{{- end }} |
108 changes: 108 additions & 0 deletions
108
stable/nginx-ingress/templates/controller-daemonset.yaml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,108 @@ | ||
{{- if eq .Values.controller.kind "DaemonSet" }} | ||
apiVersion: extensions/v1beta1 | ||
kind: DaemonSet | ||
metadata: | ||
labels: | ||
app: {{ template "name" . }} | ||
chart: {{ .Chart.Name }}-{{ .Chart.Version }} | ||
component: "{{ .Values.controller.name }}" | ||
heritage: {{ .Release.Service }} | ||
release: {{ .Release.Name }} | ||
name: {{ template "controller.fullname" . }} | ||
spec: | ||
template: | ||
metadata: | ||
{{- if .Values.controller.podAnnotations }} | ||
annotations: | ||
{{ toYaml .Values.controller.podAnnotations | indent 8}} | ||
{{- end }} | ||
labels: | ||
app: {{ template "name" . }} | ||
component: "{{ .Values.controller.name }}" | ||
release: {{ .Release.Name }} | ||
spec: | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Needs an optional nodeSelector section from values. Otherwise, it may land ingress controllers on unsuitable nodes. |
||
containers: | ||
- name: {{ template "name" . }}-{{ .Values.controller.name }} | ||
image: "{{ .Values.controller.image.repository }}:{{ .Values.controller.image.tag }}" | ||
imagePullPolicy: "{{ .Values.controller.image.pullPolicy }}" | ||
args: | ||
- /nginx-ingress-controller | ||
- --default-backend-service={{ if .Values.defaultBackend.enabled }}{{ .Release.Namespace }}/{{ template "defaultBackend.fullname" . }}{{ else }}{{ .Values.controller.defaultBackendService }}{{ end }} | ||
- --nginx-configmap={{ .Release.Namespace }}/{{ template "controller.fullname" . }} | ||
- --tcp-services-configmap={{ .Release.Namespace }}/{{ template "fullname" . }}-tcp | ||
- --udp-services-configmap={{ .Release.Namespace }}/{{ template "fullname" . }}-udp | ||
{{- range $key, $value := .Values.controller.extraArgs }} | ||
- --{{ $key }}={{ $value }} | ||
{{- end }} | ||
env: | ||
- name: POD_NAME | ||
valueFrom: | ||
fieldRef: | ||
fieldPath: metadata.name | ||
- name: POD_NAMESPACE | ||
valueFrom: | ||
fieldRef: | ||
fieldPath: metadata.namespace | ||
livenessProbe: | ||
httpGet: | ||
path: /healthz | ||
port: 10254 | ||
scheme: HTTP | ||
initialDelaySeconds: 10 | ||
timeoutSeconds: 1 | ||
ports: | ||
- name: http | ||
containerPort: 80 | ||
protocol: TCP | ||
- name: https | ||
containerPort: 443 | ||
protocol: TCP | ||
{{- if .Values.controller.stats.enabled }} | ||
- name: stats | ||
containerPort: 18080 | ||
protocol: TCP | ||
{{- end }} | ||
{{- range $key, $value := .Values.tcp }} | ||
- name: "{{ $key }}-tcp" | ||
containerPort: {{ $key }} | ||
protocol: TCP | ||
{{- end }} | ||
{{- range $key, $value := .Values.udp }} | ||
- name: "{{ $key }}-udp" | ||
containerPort: {{ $key }} | ||
protocol: UDP | ||
{{- end }} | ||
readinessProbe: | ||
httpGet: | ||
path: /healthz | ||
port: 10254 | ||
scheme: HTTP | ||
resources: | ||
{{ toYaml .Values.controller.resources | indent 12 }} | ||
|
||
{{- if .Values.controller.stats.enabled }} | ||
- name: {{ template "name" . }}-{{ .Values.statsExporter.name }} | ||
image: "{{ .Values.statsExporter.image.repository }}:{{ .Values.statsExporter.image.tag }}" | ||
imagePullPolicy: "{{ .Values.statsExporter.image.pullPolicy }}" | ||
env: | ||
- name: METRICS_ADDR | ||
value: ":9913" | ||
- name: METRICS_ENDPOINT | ||
value: "{{ .Values.statsExporter.endpoint }}" | ||
- name: METRICS_NS | ||
value: "{{ .Values.statsExporter.metricsNamespace }}" | ||
- name: NGINX_STATUS | ||
value: "{{ .Values.statsExporter.statusPage }}" | ||
ports: | ||
- name: metrics | ||
containerPort: 9913 | ||
protocol: TCP | ||
resources: | ||
{{ toYaml .Values.statsExporter.resources | indent 12 }} | ||
{{- end }} | ||
{{- if .Values.controller.nodeSelector }} | ||
nodeSelector: | ||
{{ toYaml .Values.controller.nodeSelector | indent 8 }} | ||
{{- end }} | ||
terminationGracePeriodSeconds: 60 | ||
{{- end }} |
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Can we add an icon here? e.g. pointing to https://cdn.wp.nginx.com/wp-content/themes/nginx-theme/assets/img/logo.png?