diff --git a/bundle/manifests/nginx-ingress-operator-nginx-ingress-admin_rbac.authorization.k8s.io_v1_clusterrole.yaml b/bundle/manifests/nginx-ingress-operator-nginx-ingress-admin_rbac.authorization.k8s.io_v1_clusterrole.yaml index 39bd2f9f..1cafce01 100644 --- a/bundle/manifests/nginx-ingress-operator-nginx-ingress-admin_rbac.authorization.k8s.io_v1_clusterrole.yaml +++ b/bundle/manifests/nginx-ingress-operator-nginx-ingress-admin_rbac.authorization.k8s.io_v1_clusterrole.yaml @@ -135,3 +135,20 @@ rules: - update - create - delete +- apiGroups: + - externaldns.nginx.org + resources: + - dnsendpoints + verbs: + - list + - watch + - get + - update + - create + - delete +- apiGroups: + - externaldns.nginx.org + resources: + - dnsendpoints/status + verbs: + - update diff --git a/config/manifests/bases/nginx-ingress-operator.clusterserviceversion.yaml b/config/manifests/bases/nginx-ingress-operator.clusterserviceversion.yaml index 811ebc0f..383cc984 100644 --- a/config/manifests/bases/nginx-ingress-operator.clusterserviceversion.yaml +++ b/config/manifests/bases/nginx-ingress-operator.clusterserviceversion.yaml @@ -33,6 +33,7 @@ metadata: }, "enableCertManager": false, "enableCustomResources": true, + "enableExternalDNS": false, "enableLatencyMetrics": false, "enableOIDC": false, "enablePreviewPolicies": false, @@ -48,7 +49,7 @@ metadata: "image": { "pullPolicy": "IfNotPresent", "repository": "nginx/nginx-ingress", - "tag": "2.2.0-ubi" + "tag": "2.3.0-ubi" }, "ingressClass": "nginx", "initContainers": [], @@ -131,7 +132,7 @@ metadata: capabilities: Basic Install categories: Monitoring, Networking certified: "true" - containerImage: nginx/nginx-ingress-operator:1.0.0 + containerImage: nginx/nginx-ingress-operator:1.1.0 createdAt: placeholder description: The NGINX Ingress Operator is a Kubernetes/OpenShift component which deploys and manages one or more NGINX/NGINX Plus Ingress Controllers @@ -407,4 +408,4 @@ spec: minKubeVersion: 1.19.0 provider: name: NGINX Inc - version: 1.0.0 + version: 1.1.0 diff --git a/config/rbac/role.yaml b/config/rbac/role.yaml index 5b1b5cdd..271051bc 100644 --- a/config/rbac/role.yaml +++ b/config/rbac/role.yaml @@ -253,3 +253,20 @@ rules: - update - create - delete +- apiGroups: + - externaldns.nginx.org + resources: + - dnsendpoints + verbs: + - list + - watch + - get + - update + - create + - delete +- apiGroups: + - externaldns.nginx.org + resources: + - dnsendpoints/status + verbs: + - update diff --git a/config/samples/charts_v1alpha1_nginxingress.yaml b/config/samples/charts_v1alpha1_nginxingress.yaml index cdba866e..2961fcac 100644 --- a/config/samples/charts_v1alpha1_nginxingress.yaml +++ b/config/samples/charts_v1alpha1_nginxingress.yaml @@ -37,7 +37,7 @@ spec: image: pullPolicy: IfNotPresent repository: nginx/nginx-ingress - tag: 2.2.0-ubi + tag: 2.3.0-ubi ingressClass: nginx initContainers: [] kind: deployment diff --git a/helm-charts/nginx-ingress/Chart.yaml b/helm-charts/nginx-ingress/Chart.yaml index 6f100170..b6fd2502 100644 --- a/helm-charts/nginx-ingress/Chart.yaml +++ b/helm-charts/nginx-ingress/Chart.yaml @@ -1,5 +1,5 @@ apiVersion: v1 -appVersion: 2.2.0 +appVersion: 2.3.0 description: NGINX Ingress Controller home: https://github.com/nginxinc/kubernetes-ingress icon: https://raw.githubusercontent.com/nginxinc/kubernetes-ingress/v2.2.0/deployments/helm-chart/chart-icon.png @@ -13,4 +13,4 @@ maintainers: name: nginx-ingress sources: - https://github.com/nginxinc/kubernetes-ingress/tree/v2.2.0/deployments/helm-chart -version: 0.13.0 +version: 0.14.0 diff --git a/helm-charts/nginx-ingress/README.md b/helm-charts/nginx-ingress/README.md index e161ba74..38bb5f57 100644 --- a/helm-charts/nginx-ingress/README.md +++ b/helm-charts/nginx-ingress/README.md @@ -23,7 +23,7 @@ This step is required if you're installing the chart using its sources. Addition 1. Clone the Ingress Controller repo: ```console - $ git clone https://github.com/nginxinc/kubernetes-ingress --branch v2.2.0 + $ git clone https://github.com/nginxinc/kubernetes-ingress --branch v2.3.0 ``` **Note**: If you want to use the experimental repository (`edge`), remove the `--branch` flag and value. @@ -156,7 +156,7 @@ Parameter | Description | Default `controller.nginxDebug` | Enables debugging for NGINX. Uses the `nginx-debug` binary. Requires `error-log-level: debug` in the ConfigMap via `controller.config.entries`. | false `controller.logLevel` | The log level of the Ingress Controller. | 1 `controller.image.repository` | The image repository of the Ingress Controller. | nginx/nginx-ingress -`controller.image.tag` | The tag of the Ingress Controller image. | 2.2.0 +`controller.image.tag` | The tag of the Ingress Controller image. | 2.3.0 `controller.image.pullPolicy` | The pull policy for the Ingress Controller image. | IfNotPresent `controller.config.name` | The name of the ConfigMap used by the Ingress Controller. | Autogenerated `controller.config.annotations` | The annotations of the Ingress Controller configmap. | {} @@ -172,6 +172,7 @@ Parameter | Description | Default `controller.terminationGracePeriodSeconds` | The termination grace period of the Ingress Controller pod. | 30 `controller.tolerations` | The tolerations of the Ingress Controller pods. | [] `controller.affinity` | The affinity of the Ingress Controller pods. | {} +`controller.topologySpreadConstraints` | The topology spread constraints of the Ingress controller pods. | {} `controller.volumes` | The volumes of the Ingress Controller pods. | [] `controller.volumeMounts` | The volumeMounts of the Ingress Controller pods. | [] `controller.initContainers` | InitContainers for the Ingress Controller pods. | [] @@ -186,6 +187,7 @@ Parameter | Description | Default `controller.enableOIDC` | Enable OIDC policies. | false `controller.enableTLSPassthrough` | Enable TLS Passthrough on port 443. Requires `controller.enableCustomResources`. | false `controller.enableCertManager` | Enable x509 automated certificate management for VirtualServer resources using cert-manager (cert-manager.io). Requires `controller.enableCustomResources`. | false +`controller.enableExternalDNS` | Enable integration with ExternalDNS for configuring public DNS entries for VirtualServer resources using [ExternalDNS](https://github.com/kubernetes-sigs/external-dns). Requires `controller.enableCustomResources`. | false `controller.globalConfiguration.create` | Creates the GlobalConfiguration custom resource. Requires `controller.enableCustomResources`. | false `controller.globalConfiguration.spec` | The spec of the GlobalConfiguration for defining the global configuration parameters of the Ingress Controller. | {} `controller.enableSnippets` | Enable custom NGINX configuration snippets in Ingress, VirtualServer, VirtualServerRoute and TransportServer resources. | false @@ -232,6 +234,8 @@ Parameter | Description | Default `controller.readyStatus.enable` | Enables the readiness endpoint `"/nginx-ready"`. The endpoint returns a success code when NGINX has loaded all the config after the startup. This also configures a readiness probe for the Ingress Controller pods that uses the readiness endpoint. | true `controller.readyStatus.port` | The HTTP port for the readiness endpoint. | 8081 `controller.enableLatencyMetrics` | Enable collection of latency metrics for upstreams. Requires `prometheus.create`. | false +`controller.minReadySeconds` | Specifies the minimum number of seconds for which a newly created Pod should be ready without any of its containers crashing, for it to be considered available. [docs](https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#min-ready-seconds) | 0 +`controller.strategy` | Specifies the strategy used to replace old Pods by new ones. [docs](https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#strategy) | {} `rbac.create` | Configures RBAC. | true `prometheus.create` | Expose NGINX or NGINX Plus metrics in the Prometheus format. | false `prometheus.port` | Configures the port to scrape the metrics. | 9113 diff --git a/helm-charts/nginx-ingress/crds/appprotect.f5.com_aplogconfs.yaml b/helm-charts/nginx-ingress/crds/appprotect.f5.com_aplogconfs.yaml index c06e46cb..bf294928 100644 --- a/helm-charts/nginx-ingress/crds/appprotect.f5.com_aplogconfs.yaml +++ b/helm-charts/nginx-ingress/crds/appprotect.f5.com_aplogconfs.yaml @@ -33,6 +33,15 @@ spec: properties: content: properties: + escaping_characters: + items: + properties: + from: + type: string + to: + type: string + type: object + type: array format: enum: - splunk @@ -43,6 +52,12 @@ spec: type: string format_string: type: string + list_delimiter: + type: string + list_prefix: + type: string + list_suffix: + type: string max_message_size: pattern: ^([1-9]|[1-5][0-9]|6[0-4])k$ type: string diff --git a/helm-charts/nginx-ingress/crds/appprotectdos.f5.com_dosprotectedresources.yaml b/helm-charts/nginx-ingress/crds/appprotectdos.f5.com_dosprotectedresources.yaml index 0c6f16b9..275438cc 100644 --- a/helm-charts/nginx-ingress/crds/appprotectdos.f5.com_dosprotectedresources.yaml +++ b/helm-charts/nginx-ingress/crds/appprotectdos.f5.com_dosprotectedresources.yaml @@ -31,7 +31,7 @@ spec: metadata: type: object spec: - description: DosProtectedResourceSpec deines the properties and values a DosProtectedResource can have. + description: DosProtectedResourceSpec defines the properties and values a DosProtectedResource can have. type: object properties: apDosMonitor: diff --git a/helm-charts/nginx-ingress/crds/externaldns.nginx.org_dnsendpoints.yaml b/helm-charts/nginx-ingress/crds/externaldns.nginx.org_dnsendpoints.yaml new file mode 100644 index 00000000..409e36a7 --- /dev/null +++ b/helm-charts/nginx-ingress/crds/externaldns.nginx.org_dnsendpoints.yaml @@ -0,0 +1,87 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.8.0 + creationTimestamp: null + name: dnsendpoints.externaldns.nginx.org +spec: + group: externaldns.nginx.org + names: + kind: DNSEndpoint + listKind: DNSEndpointList + plural: dnsendpoints + singular: dnsendpoint + scope: Namespaced + versions: + - name: v1 + schema: + openAPIV3Schema: + description: DNSEndpoint is the CRD wrapper for Endpoint + type: object + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + type: object + properties: + endpoints: + type: array + items: + type: object + properties: + dnsName: + description: The hostname for the DNS record + type: string + labels: + description: Labels stores labels defined for the Endpoint + type: object + additionalProperties: + type: string + providerSpecific: + description: ProviderSpecific stores provider specific config + type: array + items: + type: object + properties: + name: + description: Name of the property + type: string + value: + description: Value of the property + type: string + recordTTL: + description: TTL for the record + type: integer + format: int64 + recordType: + description: RecordType type of record, e.g. CNAME, A, SRV, TXT, MX + type: string + targets: + description: The targets the DNS service points to + type: array + items: + type: string + status: + type: object + properties: + observedGeneration: + description: The generation observed by by the external-dns controller. + type: integer + format: int64 + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/helm-charts/nginx-ingress/crds/k8s.nginx.org_policies.yaml b/helm-charts/nginx-ingress/crds/k8s.nginx.org_policies.yaml index 05587bd0..5a31f54b 100644 --- a/helm-charts/nginx-ingress/crds/k8s.nginx.org_policies.yaml +++ b/helm-charts/nginx-ingress/crds/k8s.nginx.org_policies.yaml @@ -54,6 +54,14 @@ spec: type: array items: type: string + basicAuth: + description: 'BasicAuth holds HTTP Basic authentication configuration policy status: preview' + type: object + properties: + realm: + type: string + secret: + type: string egressMTLS: description: EgressMTLS defines an Egress MTLS policy. type: object @@ -116,6 +124,8 @@ spec: type: string tokenEndpoint: type: string + zoneSyncLeeway: + type: integer rateLimit: description: RateLimit defines a rate limit policy. type: object @@ -156,6 +166,18 @@ spec: type: boolean logDest: type: string + securityLogs: + type: array + items: + description: SecurityLog defines the security log of a WAF policy. + type: object + properties: + apLogConf: + type: string + enable: + type: boolean + logDest: + type: string status: description: PolicyStatus is the status of the policy resource type: object diff --git a/helm-charts/nginx-ingress/crds/k8s.nginx.org_virtualserverroutes.yaml b/helm-charts/nginx-ingress/crds/k8s.nginx.org_virtualserverroutes.yaml index f5c49feb..476e401c 100644 --- a/helm-charts/nginx-ingress/crds/k8s.nginx.org_virtualserverroutes.yaml +++ b/helm-charts/nginx-ingress/crds/k8s.nginx.org_virtualserverroutes.yaml @@ -27,6 +27,10 @@ spec: - jsonPath: .status.externalEndpoints[*].ip name: IP type: string + - jsonPath: .status.externalEndpoints[*].hostname + name: ExternalHostname + priority: 1 + type: string - jsonPath: .status.externalEndpoints[*].ports name: Ports type: string @@ -608,9 +612,11 @@ spec: externalEndpoints: type: array items: - description: ExternalEndpoint defines the IP and ports used to connect to this resource. + description: ExternalEndpoint defines the IP/ Hostname and ports used to connect to this resource. type: object properties: + hostname: + type: string ip: type: string ports: diff --git a/helm-charts/nginx-ingress/crds/k8s.nginx.org_virtualservers.yaml b/helm-charts/nginx-ingress/crds/k8s.nginx.org_virtualservers.yaml index 9c73d466..dba839c3 100644 --- a/helm-charts/nginx-ingress/crds/k8s.nginx.org_virtualservers.yaml +++ b/helm-charts/nginx-ingress/crds/k8s.nginx.org_virtualservers.yaml @@ -27,6 +27,10 @@ spec: - jsonPath: .status.externalEndpoints[*].ip name: IP type: string + - jsonPath: .status.externalEndpoints[*].hostname + name: ExternalHostname + priority: 1 + type: string - jsonPath: .status.externalEndpoints[*].ports name: Ports type: string @@ -53,6 +57,36 @@ spec: properties: dos: type: string + externalDNS: + description: ExternalDNS defines externaldns sub-resource of a virtual server. + type: object + properties: + enable: + type: boolean + labels: + description: Labels stores labels defined for the Endpoint + type: object + additionalProperties: + type: string + providerSpecific: + description: ProviderSpecific stores provider specific config + type: array + items: + description: ProviderSpecificProperty defines specific property for using with ExternalDNS sub-resource. + type: object + properties: + name: + description: Name of the property + type: string + value: + description: Value of the property + type: string + recordTTL: + description: TTL for the record + type: integer + format: int64 + recordType: + type: string host: type: string http-snippets: @@ -660,9 +694,11 @@ spec: externalEndpoints: type: array items: - description: ExternalEndpoint defines the IP and ports used to connect to this resource. + description: ExternalEndpoint defines the IP/ Hostname and ports used to connect to this resource. type: object properties: + hostname: + type: string ip: type: string ports: diff --git a/helm-charts/nginx-ingress/templates/controller-daemonset.yaml b/helm-charts/nginx-ingress/templates/controller-daemonset.yaml index 6c8a87c0..259567b2 100644 --- a/helm-charts/nginx-ingress/templates/controller-daemonset.yaml +++ b/helm-charts/nginx-ingress/templates/controller-daemonset.yaml @@ -97,6 +97,7 @@ spec: securityContext: allowPrivilegeEscalation: true runAsUser: 101 #nginx + runAsNonRoot: true capabilities: drop: - ALL @@ -121,6 +122,12 @@ spec: valueFrom: fieldRef: fieldPath: metadata.name +{{- if .Values.nginxServiceMesh.enable }} + - name: POD_SERVICEACCOUNT + valueFrom: + fieldRef: + fieldPath: spec.serviceAccountName +{{- end }} resources: {{ toYaml .Values.controller.resources | indent 10 }} args: @@ -183,6 +190,7 @@ spec: - -enable-preview-policies={{ .Values.controller.enablePreviewPolicies }} - -enable-cert-manager={{ .Values.controller.enableCertManager }} - -enable-oidc={{ .Values.controller.enableOIDC }} + - -enable-external-dns={{ .Values.controller.enableExternalDNS }} {{- if .Values.controller.globalConfiguration.create }} - -global-configuration=$(POD_NAMESPACE)/{{ include "nginx-ingress.name" . }} {{- end }} @@ -201,3 +209,10 @@ spec: initContainers: {{ toYaml .Values.controller.initContainers | nindent 8 }} {{- end }} {{- end }} +{{- if .Values.controller.strategy }} + updateStrategy: +{{ toYaml .Values.controller.strategy | indent 4 }} +{{- end }} +{{- if .Values.controller.minReadySeconds }} + minReadySeconds: {{ .Values.controller.minReadySeconds }} +{{- end }} diff --git a/helm-charts/nginx-ingress/templates/controller-deployment.yaml b/helm-charts/nginx-ingress/templates/controller-deployment.yaml index 7990b046..e0770143 100644 --- a/helm-charts/nginx-ingress/templates/controller-deployment.yaml +++ b/helm-charts/nginx-ingress/templates/controller-deployment.yaml @@ -50,6 +50,10 @@ spec: affinity: {{ toYaml .Values.controller.affinity | indent 8 }} {{- end }} +{{- if .Values.controller.topologySpreadConstraints }} + topologySpreadConstraints: +{{ toYaml .Values.controller.topologySpreadConstraints | indent 8 }} +{{- end }} {{- if or (.Values.controller.volumes) (.Values.nginxServiceMesh.enable) }} volumes: {{- end }} @@ -66,6 +70,7 @@ spec: priorityClassName: {{ .Values.controller.priorityClassName }} {{- end }} serviceAccountName: {{ include "nginx-ingress.serviceAccountName" . }} + terminationGracePeriodSeconds: {{ .Values.controller.terminationGracePeriodSeconds }} hostNetwork: {{ .Values.controller.hostNetwork }} containers: - image: "{{ .Values.controller.image.repository }}:{{ .Values.controller.image.tag }}" @@ -97,6 +102,7 @@ spec: securityContext: allowPrivilegeEscalation: true runAsUser: 101 #nginx + runAsNonRoot: true capabilities: drop: - ALL @@ -121,6 +127,12 @@ spec: valueFrom: fieldRef: fieldPath: metadata.name +{{- if .Values.nginxServiceMesh.enable }} + - name: POD_SERVICEACCOUNT + valueFrom: + fieldRef: + fieldPath: spec.serviceAccountName +{{- end }} args: - -nginx-plus={{ .Values.controller.nginxplus }} - -nginx-reload-timeout={{ .Values.controller.nginxReloadTimeout }} @@ -181,6 +193,7 @@ spec: - -enable-preview-policies={{ .Values.controller.enablePreviewPolicies }} - -enable-cert-manager={{ .Values.controller.enableCertManager }} - -enable-oidc={{ .Values.controller.enableOIDC }} + - -enable-external-dns={{ .Values.controller.enableExternalDNS }} {{- if .Values.controller.globalConfiguration.create }} - -global-configuration=$(POD_NAMESPACE)/{{ include "nginx-ingress.name" . }} {{- end }} @@ -199,3 +212,10 @@ spec: initContainers: {{ toYaml .Values.controller.initContainers | nindent 8 }} {{- end }} {{- end }} +{{- if .Values.controller.strategy }} + strategy: +{{ toYaml .Values.controller.strategy | indent 4 }} +{{- end }} +{{- if .Values.controller.minReadySeconds }} + minReadySeconds: {{ .Values.controller.minReadySeconds }} +{{- end }} diff --git a/helm-charts/nginx-ingress/templates/controller-service.yaml b/helm-charts/nginx-ingress/templates/controller-service.yaml index 11d54227..a1340b86 100644 --- a/helm-charts/nginx-ingress/templates/controller-service.yaml +++ b/helm-charts/nginx-ingress/templates/controller-service.yaml @@ -20,6 +20,9 @@ spec: {{- end }} {{- end }} {{- if eq .Values.controller.service.type "LoadBalancer" }} + {{- if and (semverCompare ">=1.22.0-0" .Capabilities.KubeVersion.Version) (.Values.controller.service.allocateLoadBalancerNodePorts) }} + allocateLoadBalancerNodePorts: {{ .Values.controller.service.allocateLoadBalancerNodePorts }} + {{- end }} {{- if .Values.controller.service.loadBalancerIP }} loadBalancerIP: {{ .Values.controller.service.loadBalancerIP }} {{- end }} @@ -29,6 +32,14 @@ spec: {{- end }} {{- end }} type: {{ .Values.controller.service.type }} + {{- if semverCompare ">=1.21.0-0" .Capabilities.KubeVersion.Version }} + {{- if .Values.controller.service.ipFamilyPolicy }} + ipFamilyPolicy: {{ .Values.controller.service.ipFamilyPolicy }} + {{- end }} + {{- if .Values.controller.service.ipFamilies }} + ipFamilies: {{ .Values.controller.service.ipFamilies }} + {{- end }} + {{- end }} ports: {{- if .Values.controller.service.customPorts }} {{ toYaml .Values.controller.service.customPorts | indent 2 }} @@ -52,7 +63,7 @@ spec: {{- end }} {{- end }} selector: - app: {{ include "nginx-ingress.appName" . }} + app: {{ include "nginx-ingress.appName" . }} {{- if .Values.controller.service.externalIPs }} externalIPs: {{ toYaml .Values.controller.service.externalIPs | indent 4 }} diff --git a/helm-charts/nginx-ingress/values-icp.yaml b/helm-charts/nginx-ingress/values-icp.yaml index 36e488e0..e9669239 100644 --- a/helm-charts/nginx-ingress/values-icp.yaml +++ b/helm-charts/nginx-ingress/values-icp.yaml @@ -3,7 +3,7 @@ controller: nginxplus: true image: repository: mycluster.icp:8500/kube-system/nginx-plus-ingress - tag: "2.2.0" + tag: "2.3.0" nodeSelector: beta.kubernetes.io/arch: "amd64" proxy: true diff --git a/helm-charts/nginx-ingress/values-nsm.yaml b/helm-charts/nginx-ingress/values-nsm.yaml index 93b25893..82f184a8 100644 --- a/helm-charts/nginx-ingress/values-nsm.yaml +++ b/helm-charts/nginx-ingress/values-nsm.yaml @@ -2,7 +2,7 @@ controller: nginxplus: true image: repository: nginx-plus-ingress - tag: "2.2.0" + tag: "2.3.0" enableLatencyMetrics: true nginxServiceMesh: enable: true diff --git a/helm-charts/nginx-ingress/values-plus.yaml b/helm-charts/nginx-ingress/values-plus.yaml index d983927c..d2846101 100644 --- a/helm-charts/nginx-ingress/values-plus.yaml +++ b/helm-charts/nginx-ingress/values-plus.yaml @@ -2,4 +2,4 @@ controller: nginxplus: true image: repository: nginx-plus-ingress - tag: "2.2.0" + tag: "2.3.0" diff --git a/helm-charts/nginx-ingress/values.yaml b/helm-charts/nginx-ingress/values.yaml index c0642de4..926eac1c 100644 --- a/helm-charts/nginx-ingress/values.yaml +++ b/helm-charts/nginx-ingress/values.yaml @@ -49,7 +49,7 @@ controller: repository: nginx/nginx-ingress ## The tag of the Ingress Controller image. - tag: "2.2.0" + tag: "2.3.0" ## The pull policy for the Ingress Controller image. pullPolicy: IfNotPresent @@ -111,12 +111,16 @@ controller: # cpu: 1 # memory: 1Gi + ## The tolerations of the Ingress Controller pods. tolerations: [] ## The affinity of the Ingress Controller pods. affinity: {} + ## The topology spread constraints of the Ingress controller pods. + topologySpreadConstraints: {} + ## The volumes of the Ingress Controller pods. volumes: [] # - name: extra-conf @@ -135,6 +139,12 @@ controller: # image: busybox:1.34 # command: ['sh', '-c', 'echo this is initial setup!'] + ## The minimum number of seconds for which a newly created Pod should be ready without any of its containers crashing, for it to be considered available. + minReadySeconds: 0 + + ## Strategy used to replace old Pods by new ones. .spec.strategy.type can be "Recreate" or "RollingUpdate". "RollingUpdate" is the default value. + strategy: {} + ## Extra containers for the Ingress Controller pods. extraContainers: [] # - name: container @@ -174,6 +184,9 @@ controller: ## Enable cert manager for Virtual Server resources. Requires controller.enableCustomResources. enableCertManager: false + ## Enable external DNS for Virtual Server resources. Requires controller.enableCustomResources. + enableExternalDNS: false + globalConfiguration: ## Creates the GlobalConfiguration custom resource. Requires controller.enableCustomResources. create: false @@ -237,6 +250,18 @@ controller: ## Autogenerated if not set or set to "". # name: nginx-ingress + ## Whether to automatically allocate NodePorts (only for LoadBalancers). + # allocateLoadBalancerNodePorts: false + + ## Dual stack preference. + ## Valid values: SingleStack, PreferDualStack, RequireDualStack + # ipFamilyPolicy: SingleStack + + ## List of IP families assigned to this service. + ## Valid values: IPv4, IPv6 + # ipFamilies: + # - IPv6 + httpPort: ## Enables the HTTP port for the Ingress Controller service. enable: true