| # |
| # Licensed to the Apache Software Foundation (ASF) under one or more |
| # contributor license agreements. See the NOTICE file distributed with |
| # this work for additional information regarding copyright ownership. |
| # The ASF licenses this file to You under the Apache License, Version 2.0 |
| # (the "License"); you may not use this file except in compliance with |
| # the License. You may obtain a copy of the License at |
| # |
| # http://www.apache.org/licenses/LICENSE-2.0 |
| # |
| # Unless required by applicable law or agreed to in writing, software |
| # distributed under the License is distributed on an "AS IS" BASIS, |
| # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| # See the License for the specific language governing permissions and |
| # limitations under the License. |
| |
| global: |
| imagePullSecrets: [] |
| |
| |
| apisix: |
| # Enable or disable Apache APISIX itself |
| # Set it to flase and ingress-controller.enabled=true will deploy only ingress-controller |
| enabled: true |
| |
| image: |
| repository: apache/apisix |
| pullPolicy: IfNotPresent |
| # Overrides the image tag whose default is the chart appVersion. |
| tag: 2.7-alpine |
| |
| replicaCount: 1 |
| |
| podAnnotations: {} |
| podSecurityContext: {} |
| # fsGroup: 2000 |
| securityContext: {} |
| # capabilities: |
| # drop: |
| # - ALL |
| # readOnlyRootFilesystem: true |
| # runAsNonRoot: true |
| # runAsUser: 1000 |
| |
| resources: {} |
| # We usually recommend not to specify default resources and to leave this as a conscious |
| # choice for the user. This also increases chances charts run on environments with little |
| # resources, such as Minikube. If you do want to specify resources, uncomment the following |
| # lines, adjust them as necessary, and remove the curly braces after 'resources:'. |
| # limits: |
| # cpu: 100m |
| # memory: 128Mi |
| # requests: |
| # cpu: 100m |
| # memory: 128Mi |
| |
| nodeSelector: {} |
| tolerations: [] |
| affinity: {} |
| # If true, it will sets the anti-affinity of the Pod. |
| podAntiAffinity: |
| enabled: false |
| |
| |
| nameOverride: "" |
| fullnameOverride: "" |
| |
| |
| gateway: |
| type: NodePort |
| # If you want to keep the client source IP, you can set this to Local. |
| # ref: https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/#preserving-the-client-source-ip |
| externalTrafficPolicy: Cluster |
| # type: LoadBalancer |
| # annotations: |
| # service.beta.kubernetes.io/aws-load-balancer-type: nlb |
| http: |
| enabled: true |
| servicePort: 80 |
| containerPort: 9080 |
| tls: |
| enabled: false |
| servicePort: 443 |
| containerPort: 9443 |
| http2: |
| enabled: true |
| stream: # L4 proxy (TCP/UDP) |
| enabled: false |
| tcp: [] |
| udp: [] |
| ingress: |
| enabled: false |
| annotations: {} |
| # kubernetes.io/ingress.class: nginx |
| # kubernetes.io/tls-acme: "true" |
| hosts: |
| - host: apisix.local |
| paths: [] |
| tls: [] |
| # - secretName: apisix-tls |
| # hosts: |
| # - chart-example.local |
| |
| |
| admin: |
| # Enable Admin API |
| enabled: true |
| # admin service type |
| type: ClusterIP |
| # loadBalancerIP: a.b.c.d |
| # loadBalancerSourceRanges: |
| # - "143.231.0.0/16" |
| externalIPs: [] |
| # |
| port: 9180 |
| servicePort: 9180 |
| # Admin API support CORS response headers |
| cors: true |
| # Admin API credentials |
| credentials: |
| admin: edd1c9f034335f136f87ad84b625c8f1 |
| viewer: 4054f7cf07e344346cd3f287985e76a2 |
| |
| allow: |
| # The ip range for allowing access to Apache APISIX |
| ipList: |
| - 127.0.0.1/24 |
| |
| |
| # APISIX plugins to be enabled |
| plugins: |
| - api-breaker |
| - authz-keycloak |
| - basic-auth |
| - batch-requests |
| - consumer-restriction |
| - cors |
| - echo |
| - fault-injection |
| - grpc-transcode |
| - hmac-auth |
| - http-logger |
| - ip-restriction |
| - jwt-auth |
| - kafka-logger |
| - key-auth |
| - limit-conn |
| - limit-count |
| - limit-req |
| - node-status |
| - openid-connect |
| - prometheus |
| - proxy-cache |
| - proxy-mirror |
| - proxy-rewrite |
| - redirect |
| - referer-restriction |
| - request-id |
| - request-validation |
| - response-rewrite |
| - serverless-post-function |
| - serverless-pre-function |
| - sls-logger |
| - syslog |
| - tcp-logger |
| - udp-logger |
| - uri-blocker |
| - wolf-rbac |
| - zipkin |
| - traffic-split |
| stream_plugins: |
| - mqtt-proxy |
| |
| |
| dns: |
| resolvers: |
| - 127.0.0.1 |
| - 172.20.0.10 |
| - 114.114.114.114 |
| - 223.5.5.5 |
| - 1.1.1.1 |
| - 8.8.8.8 |
| validity: 30 |
| timeout: 5 |
| |
| |
| autoscaling: |
| enabled: false |
| minReplicas: 1 |
| maxReplicas: 100 |
| targetCPUUtilizationPercentage: 80 |
| targetMemoryUtilizationPercentage: 80 |
| |
| |
| # etcd configuration |
| # use the FQDN address or the IP of the etcd |
| etcd: |
| # install etcd(v3) by default, set false if do not want to install etcd(v3) together |
| enabled: true |
| host: |
| - http://etcd.host:2379 # host or ip e.g. http://172.20.128.89:2379 |
| prefix: "/apisix" |
| timeout: 30 |
| |
| # if etcd.enabled is true, set more values of bitnami/etcd helm chart |
| auth: |
| rbac: |
| # No authentication by default |
| enabled: false |
| |
| service: |
| port: 2379 |
| |
| replicaCount: 3 |
| |
| |
| dashboard: |
| enabled: false |
| |
| |
| ingress-controller: |
| enabled: false |