feat: upgrade apisix-ingress-controller to 1.5.0-rc1 (#331)
Co-authored-by: Jintao Zhang <zhangjintao9020@gmail.com>
diff --git a/charts/apisix-ingress-controller/Chart.yaml b/charts/apisix-ingress-controller/Chart.yaml
index 69291fa..870a18d 100644
--- a/charts/apisix-ingress-controller/Chart.yaml
+++ b/charts/apisix-ingress-controller/Chart.yaml
@@ -24,8 +24,14 @@
- nginx
- crd
type: application
-version: 0.9.3
-appVersion: 1.4.1
+version: 0.10.0-rc1
+appVersion: 1.5.0-rc1
+sources:
+ - https://github.com/apache/apisix-helm-chart
maintainers:
- name: tao12345666333
+
+# ref: https://artifacthub.io/docs/topics/annotations/helm/
+annotations:
+ artifacthub.io/prerelease: "true"
diff --git a/charts/apisix-ingress-controller/crds/customresourcedefinitions.yaml b/charts/apisix-ingress-controller/crds/customresourcedefinitions.yaml
index 399fe93..3c0d034 100644
--- a/charts/apisix-ingress-controller/crds/customresourcedefinitions.yaml
+++ b/charts/apisix-ingress-controller/crds/customresourcedefinitions.yaml
@@ -31,6 +31,45 @@
preserveUnknownFields: false
scope: Cluster
versions:
+ - name: v2
+ served: true
+ storage: true
+ subresources:
+ status: {}
+ schema:
+ openAPIV3Schema:
+ type: object
+ properties:
+ spec:
+ type: object
+ properties:
+ admin:
+ type: object
+ required:
+ - baseURL
+ properties:
+ baseURL:
+ type: string
+ pattern: "https?://[^:]+:(\\d+)"
+ adminKey:
+ type: string
+ monitoring:
+ type: object
+ properties:
+ prometheus:
+ type: object
+ properties:
+ enable:
+ type: boolean
+ skywalking:
+ type: object
+ properties:
+ enable:
+ type: boolean
+ sampleRatio:
+ type: number
+ minimum: 0.00001
+ maximum: 1
- name: v2beta3
schema:
openAPIV3Schema:
@@ -67,7 +106,8 @@
type: object
type: object
served: true
- storage: true
+ storage: false
+ deprecated: true
subresources:
status: {}
- name: v2alpha1
@@ -128,6 +168,174 @@
preserveUnknownFields: false
scope: Namespaced
versions:
+ - name: v2
+ served: true
+ storage: true
+ subresources:
+ status: {}
+ schema:
+ openAPIV3Schema:
+ type: object
+ properties:
+ spec:
+ type: object
+ required:
+ - authParameter
+ properties:
+ authParameter:
+ type: object
+ oneOf:
+ - required: ["basicAuth"]
+ - required: ["keyAuth"]
+ - required: ["wolfRBAC"]
+ - required: ["jwtAuth"]
+ - required: ["hmacAuth"]
+ properties:
+ basicAuth:
+ type: object
+ oneOf:
+ - required: ["value"]
+ - required: ["secretRef"]
+ properties:
+ value:
+ type: object
+ properties:
+ username:
+ type: string
+ minLength: 1
+ password:
+ type: string
+ minLength: 1
+ required:
+ - username
+ - password
+ secretRef:
+ type: object
+ properties:
+ name:
+ type: string
+ minLength: 1
+ required:
+ - name
+ keyAuth:
+ type: object
+ oneOf:
+ - required: ["value"]
+ - required: ["secretRef"]
+ properties:
+ value:
+ type: object
+ properties:
+ key:
+ type: string
+ minLength: 1
+ required:
+ - key
+ secretRef:
+ type: object
+ properties:
+ name:
+ type: string
+ minLength: 1
+ required:
+ - name
+ jwtAuth:
+ type: object
+ oneOf:
+ - required: ["value"]
+ - required: ["secretRef"]
+ properties:
+ value:
+ type: object
+ properties:
+ key:
+ type: string
+ minLength: 1
+ secret:
+ type: string
+ public_key:
+ type: string
+ private_key:
+ type: string
+ algorithm:
+ type: string
+ exp:
+ type: integer
+ base64_secret:
+ type: boolean
+ required:
+ - key
+ secretRef:
+ type: object
+ properties:
+ name:
+ type: string
+ minLength: 1
+ required:
+ - name
+ wolfRBAC:
+ type: object
+ oneOf:
+ - required: ["value"]
+ - required: ["secretRef"]
+ properties:
+ value:
+ type: object
+ properties:
+ server:
+ type: string
+ appid:
+ type: string
+ header_prefix:
+ type: string
+ secretRef:
+ type: object
+ properties:
+ name:
+ type: string
+ minLength: 1
+ required:
+ - name
+ hmacAuth:
+ type: object
+ oneOf:
+ - required: ["value"]
+ - required: ["secretRef"]
+ properties:
+ value:
+ type: object
+ properties:
+ access_key:
+ type: string
+ secret_key:
+ type: string
+ algorithm:
+ type: string
+ clock_skew:
+ type: integer
+ signed_headers:
+ type: array
+ items:
+ type: string
+ keep_headers:
+ type: boolean
+ encode_uri_params:
+ type: boolean
+ validate_request_body:
+ type: boolean
+ max_req_body:
+ type: integer
+ required:
+ - access_key
+ - secret_key
+ secretRef:
+ type: object
+ properties:
+ name:
+ type: string
+ minLength: 1
+ required:
+ - name
- name: v2beta3
schema:
openAPIV3Schema:
@@ -199,7 +407,8 @@
type: object
type: object
served: true
- storage: true
+ storage: false
+ deprecated: true
subresources:
status: {}
- name: v2alpha1
@@ -294,12 +503,65 @@
singular: apisixpluginconfig
scope: Namespaced
versions:
- - additionalPrinterColumns:
+ - name: v2
+ served: true
+ storage: true
+ subresources:
+ status: {}
+ additionalPrinterColumns:
+ - jsonPath: .metadata.creationTimestamp
+ name: Age
+ type: date
+ priority: 0
+ schema:
+ openAPIV3Schema:
+ type: object
+ properties:
+ spec:
+ type: object
+ required:
+ - plugins
+ properties:
+ plugins:
+ type: array
+ items:
+ type: object
+ properties:
+ name:
+ type: string
+ minLength: 1
+ enable:
+ type: boolean
+ config:
+ type: object
+ x-kubernetes-preserve-unknown-fields: true # we have to enable it since plugin config
+ required:
+ - name
+ - enable
+ status:
+ type: object
+ properties:
+ conditions:
+ type: array
+ items:
+ type: object
+ properties:
+ "type":
+ type: string
+ reason:
+ type: string
+ status:
+ type: string
+ message:
+ type: string
+ observedGeneration:
+ type: integer
+ - name: v2beta3
+ additionalPrinterColumns:
- jsonPath: .metadata.creationTimestamp
name: Age
priority: 0
type: date
- name: v2beta3
schema:
openAPIV3Schema:
properties:
@@ -344,7 +606,8 @@
type: object
type: object
served: true
- storage: true
+ storage: false
+ deprecated: true
subresources:
status: {}
---
@@ -364,7 +627,8 @@
singular: apisixroute
scope: Namespaced
versions:
- - additionalPrinterColumns:
+ - name: v2beta1
+ additionalPrinterColumns:
- jsonPath: .spec.http[].match.hosts
name: Hosts
priority: 0
@@ -389,8 +653,6 @@
name: Age
priority: 0
type: date
- deprecated: true
- name: v2beta1
schema:
openAPIV3Schema:
properties:
@@ -716,11 +978,13 @@
type: array
type: object
type: object
- served: true
+ served: false
storage: false
+ deprecated: true
subresources:
status: {}
- - additionalPrinterColumns:
+ - name: v2beta2
+ additionalPrinterColumns:
- jsonPath: .spec.http[].match.hosts
name: Hosts
priority: 0
@@ -745,7 +1009,6 @@
name: Age
priority: 0
type: date
- name: v2beta2
schema:
openAPIV3Schema:
properties:
@@ -999,9 +1262,11 @@
type: object
served: true
storage: false
+ deprecated: true
subresources:
status: {}
- - additionalPrinterColumns:
+ - name: v2beta3
+ additionalPrinterColumns:
- jsonPath: .spec.http[].match.hosts
name: Hosts
priority: 0
@@ -1026,7 +1291,6 @@
name: Age
priority: 0
type: date
- name: v2beta3
schema:
openAPIV3Schema:
properties:
@@ -1282,9 +1546,302 @@
type: object
type: object
served: true
+ storage: false
+ deprecated: true
+ subresources:
+ status: {}
+ - name: v2
+ served: true
storage: true
subresources:
status: {}
+ additionalPrinterColumns:
+ - jsonPath: .spec.http[].match.hosts
+ name: Hosts
+ type: string
+ priority: 0
+ - jsonPath: .spec.http[].match.paths
+ name: URIs
+ type: string
+ priority: 0
+ - jsonPath: .spec.http[].backends[].serviceName
+ name: Target Service(HTTP)
+ type: string
+ priority: 1
+ - jsonPath: .spec.tcp[].match.ingressPort
+ name: Ingress Server Port(TCP)
+ type: integer
+ priority: 1
+ - jsonPath: .spec.tcp[].match.backend.serviceName
+ name: Target Service(TCP)
+ type: string
+ priority: 1
+ - jsonPath: .metadata.creationTimestamp
+ name: Age
+ type: date
+ priority: 0
+ schema:
+ openAPIV3Schema:
+ type: object
+ properties:
+ spec:
+ type: object
+ anyOf:
+ - required: ["http"]
+ - required: ["stream"]
+ properties:
+ http:
+ type: array
+ minItems: 1
+ items:
+ type: object
+ required: ["name", "match", "backends"]
+ properties:
+ name:
+ type: string
+ minLength: 1
+ priority:
+ type: integer
+ timeout:
+ type: object
+ properties:
+ connect:
+ type: string
+ send:
+ type: string
+ read:
+ type: string
+ match:
+ type: object
+ required:
+ - paths
+ properties:
+ paths:
+ type: array
+ minItems: 1
+ items:
+ type: string
+ pattern: "^/[a-zA-Z0-9\\-._~%!$&'()+,;=:@/]*\\*?$"
+ hosts:
+ type: array
+ minItems: 1
+ items:
+ type: string
+ pattern: "^\\*?[0-9a-zA-Z-._]+$"
+ methods:
+ type: array
+ minItems: 1
+ items:
+ type: string
+ enum:
+ - "CONNECT"
+ - "DELETE"
+ - "GET"
+ - "HEAD"
+ - "OPTIONS"
+ - "PATCH"
+ - "POST"
+ - "PUT"
+ - "TRACE"
+ remoteAddrs:
+ type: array
+ minItems: 1
+ items:
+ type: string
+ exprs:
+ type: array
+ minItems: 1
+ items:
+ type: object
+ properties:
+ subject:
+ type: object
+ properties:
+ scope:
+ type: string
+ enum:
+ - "Cookie"
+ - "Header"
+ - "Path"
+ - "Query"
+ name:
+ type: string
+ minLength: 1
+ required:
+ - scope
+ op:
+ type: string
+ enum:
+ - Equal
+ - NotEqual
+ - GreaterThan
+ - LessThan
+ - In
+ - NotIn
+ - RegexMatch
+ - RegexNotMatch
+ - RegexMatchCaseInsensitive
+ - RegexNotMatchCaseInsensitive
+ value:
+ type: string
+ set:
+ type: array
+ items:
+ type: string
+ oneOf:
+ - required: ["subject", "op", "value"]
+ - required: ["subject", "op", "set"]
+ websocket:
+ type: boolean
+ plugin_config_name:
+ type: string
+ minLength: 1
+ backends:
+ type: array
+ minItems: 1
+ items:
+ type: object
+ properties:
+ serviceName:
+ type: string
+ minLength: 1
+ servicePort:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ resolveGranularity:
+ type: string
+ enum: ["endpoint", "service"]
+ weight:
+ type: integer
+ minimum: 0
+ subset:
+ type: string
+ required:
+ - serviceName
+ - servicePort
+ plugins:
+ type: array
+ items:
+ type: object
+ properties:
+ name:
+ type: string
+ minLength: 1
+ enable:
+ type: boolean
+ config:
+ type: object
+ x-kubernetes-preserve-unknown-fields: true # we have to enable it since plugin config
+ required:
+ - name
+ - enable
+ authentication:
+ type: object
+ properties:
+ enable:
+ type: boolean
+ type:
+ type: string
+ enum:
+ - "basicAuth"
+ - "keyAuth"
+ - "jwtAuth"
+ - "wolfRBAC"
+ - "hmacAuth"
+ keyAuth:
+ type: object
+ properties:
+ header:
+ type: string
+ jwtAuth:
+ type: object
+ properties:
+ header:
+ type: string
+ query:
+ type: string
+ cookie:
+ type: string
+ required:
+ - enable
+ stream:
+ type: array
+ minItems: 1
+ items:
+ type: object
+ required: ["name", "match", "backend", "protocol"]
+ properties:
+ "protocol":
+ type: string
+ enum: ["TCP", "UDP"]
+ name:
+ type: string
+ minLength: 1
+ match:
+ type: object
+ properties:
+ ingressPort:
+ type: integer
+ minimum: 1
+ maximum: 65535
+ required:
+ - ingressPort
+ backend:
+ type: object
+ properties:
+ serviceName:
+ type: string
+ minLength: 1
+ servicePort:
+ anyOf:
+ - type: integer
+ - type: string
+ x-kubernetes-int-or-string: true
+ resolveGranularity:
+ type: string
+ enum: ["endpoint", "service"]
+ subset:
+ type: string
+ required:
+ - serviceName
+ - servicePort
+ plugins:
+ type: array
+ items:
+ type: object
+ properties:
+ name:
+ type: string
+ minLength: 1
+ enable:
+ type: boolean
+ config:
+ type: object
+ x-kubernetes-preserve-unknown-fields: true # we have to enable it since plugin config
+ required:
+ - name
+ - enable
+ status:
+ type: object
+ properties:
+ conditions:
+ type: array
+ items:
+ type: object
+ properties:
+ "type":
+ type: string
+ reason:
+ type: string
+ status:
+ type: string
+ message:
+ type: string
+ observedGeneration:
+ type: integer
+
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
@@ -1303,7 +1860,12 @@
preserveUnknownFields: false
scope: Namespaced
versions:
- - additionalPrinterColumns:
+ - name: v2
+ served: true
+ storage: true
+ subresources:
+ status: {}
+ additionalPrinterColumns:
- jsonPath: .spec.hosts
name: SNIs
type: string
@@ -1316,7 +1878,157 @@
- jsonPath: .metadata.creationTimestamp
name: Age
type: date
- name: v2beta3
+ schema:
+ openAPIV3Schema:
+ description: ApisixTls defines SSL resource in APISIX.
+ type: object
+ properties:
+ apiVersion:
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+ type: string
+ kind:
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: ApisixTlsSpec is the specification of ApisixSSL.
+ type: object
+ required:
+ - hosts
+ - secret
+ properties:
+ client:
+ description: ApisixMutualTlsClientConfig describes the mutual TLS CA
+ and verify depth
+ type: object
+ properties:
+ caSecret:
+ description: ApisixSecret describes the Kubernetes Secret name and
+ namespace.
+ type: object
+ required:
+ - name
+ - namespace
+ properties:
+ name:
+ type: string
+ minLength: 1
+ namespace:
+ type: string
+ minLength: 1
+ depth:
+ type: integer
+ hosts:
+ type: array
+ minItems: 1
+ items:
+ type: string
+ pattern: ^\*?[0-9a-zA-Z-.]+$
+ secret:
+ description: ApisixSecret describes the Kubernetes Secret name and namespace.
+ type: object
+ required:
+ - name
+ - namespace
+ properties:
+ name:
+ type: string
+ minLength: 1
+ namespace:
+ type: string
+ minLength: 1
+ status:
+ description: ApisixStatus is the status report for Apisix ingress Resources
+ type: object
+ properties:
+ conditions:
+ type: array
+ items:
+ description: "Condition contains details for one aspect of the current
+ state of this API Resource. --- This struct is intended for direct
+ use as an array at the field path .status.conditions. For example,
+ type FooStatus struct{ // Represents the observations of a foo's
+ current state. // Known .status.conditions.type are: \"Available\",
+ \"Progressing\", and \"Degraded\" // +patchMergeKey=type //
+ +patchStrategy=merge // +listType=map // +listMapKey=type
+ \ Conditions []metav1.Condition `json:\"conditions,omitempty\"
+ patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`
+ \n // other fields }"
+ type: object
+ required:
+ - lastTransitionTime
+ - message
+ - reason
+ - status
+ - type
+ properties:
+ lastTransitionTime:
+ description: lastTransitionTime is the last time the condition
+ transitioned from one status to another. This should be when
+ the underlying condition changed. If that is not known, then
+ using the time when the API field changed is acceptable.
+ type: string
+ format: date-time
+ message:
+ description: message is a human readable message indicating details
+ about the transition. This may be an empty string.
+ type: string
+ maxLength: 32768
+ observedGeneration:
+ description: observedGeneration represents the .metadata.generation
+ that the condition was set based upon. For instance, if .metadata.generation
+ is currently 12, but the .status.conditions[x].observedGeneration
+ is 9, the condition is out of date with respect to the current
+ state of the instance.
+ type: integer
+ format: int64
+ minimum: 0
+ reason:
+ description: reason contains a programmatic identifier indicating
+ the reason for the condition's last transition. Producers of
+ specific condition types may define expected values and meanings
+ for this field, and whether the values are considered a guaranteed
+ API. The value should be a CamelCase string. This field may
+ not be empty.
+ type: string
+ maxLength: 1024
+ minLength: 1
+ pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
+ status:
+ description: status of the condition, one of True, False, Unknown.
+ type: string
+ enum:
+ - "True"
+ - "False"
+ - Unknown
+ type:
+ description: type of condition in CamelCase or in foo.example.com/CamelCase.
+ --- Many .condition.type values are consistent across resources
+ like Available, but because arbitrary conditions can be useful
+ (see .node.status.conditions), the ability to deconflict is
+ important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
+ type: string
+ maxLength: 316
+ pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
+ - name: v2beta3
+ additionalPrinterColumns:
+ - jsonPath: .spec.hosts
+ name: SNIs
+ type: string
+ - jsonPath: .spec.secret.name
+ name: Secret Name
+ type: string
+ - jsonPath: .spec.secret.namespace
+ name: Secret Namespace
+ type: string
+ - jsonPath: .metadata.creationTimestamp
+ name: Age
+ type: date
schema:
openAPIV3Schema:
description: ApisixTls defines SSL resource in APISIX.
@@ -1456,10 +2168,12 @@
type: object
type: object
served: true
- storage: true
+ storage: false
+ deprecated: true
subresources:
status: {}
- - additionalPrinterColumns:
+ - name: v1
+ additionalPrinterColumns:
- jsonPath: .spec.hosts
name: SNIs
type: string
@@ -1472,7 +2186,6 @@
- jsonPath: .metadata.creationTimestamp
name: Age
type: date
- name: v1
schema:
openAPIV3Schema:
description: ApisixTls defines SSL resource in APISIX.
@@ -1633,6 +2346,378 @@
singular: apisixupstream
scope: Namespaced
versions:
+ - name: v2
+ served: true
+ storage: true
+ subresources:
+ status: {}
+ schema:
+ openAPIV3Schema:
+ type: object
+ properties:
+ spec:
+ type: object
+ properties:
+ subsets:
+ type: array
+ items:
+ type: object
+ properties:
+ name:
+ type: string
+ minLength: 1
+ labels:
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ required: ["name", "labels"]
+ loadbalancer:
+ type: object
+ properties:
+ type:
+ type: string
+ enum:
+ - roundrobin
+ - chash
+ - ewma
+ - least_conn
+ hashOn:
+ type: string
+ enum:
+ - vars
+ - vars_combinations
+ - header
+ - cookie
+ - consumer
+ key:
+ type: string
+ required:
+ - type
+ scheme:
+ type: string
+ enum:
+ - http
+ - grpc
+ - https
+ - grpcs
+ retries:
+ type: integer
+ minimum: 0
+ timeout:
+ type: object
+ properties:
+ connect:
+ type: string
+ read:
+ type: string
+ send:
+ type: string
+ tlsSecret:
+ description: ApisixSecret describes the Kubernetes Secret name and namespace.
+ type: object
+ required:
+ - name
+ - namespace
+ properties:
+ name:
+ type: string
+ minLength: 1
+ namespace:
+ type: string
+ minLength: 1
+ healthCheck:
+ type: object
+ anyOf:
+ - required:
+ - active
+ - required:
+ - active
+ - passive
+ properties:
+ active:
+ type: object
+ properties:
+ type:
+ type: string
+ enum:
+ - http
+ - https
+ - tcp
+ timeout:
+ type: number
+ minimum: 0
+ concurrency:
+ type: integer
+ minimum: 1
+ host:
+ type: string
+ pattern: "^\\*?[0-9a-zA-Z-._]+$"
+ port:
+ type: integer
+ minimum: 1
+ maximum: 65535
+ httpPath:
+ type: string
+ minLength: 1
+ strictTLS:
+ type: boolean
+ requestHeaders:
+ type: array
+ minItems: 1
+ items:
+ type: string
+ healthy:
+ type: object
+ properties:
+ interval:
+ type: string
+ httpCodes:
+ type: array
+ minItems: 1
+ items:
+ type: integer
+ minimum: 200
+ maximum: 599
+ successes:
+ type: integer
+ minimum: 1
+ maximum: 254
+ unhealthy:
+ type: object
+ properties:
+ interval:
+ type: string
+ httpCodes:
+ type: array
+ minItems: 1
+ items:
+ type: integer
+ minimum: 200
+ maximum: 599
+ httpFailures:
+ type: integer
+ minimum: 1
+ maximum: 254
+ tcpFailures:
+ type: integer
+ minimum: 1
+ maximum: 254
+ timeouts:
+ type: integer
+ minimum: 0
+ passive:
+ type: object
+ properties:
+ type:
+ type: string
+ enum:
+ - http
+ - https
+ - tcp
+ healthy:
+ type: object
+ properties:
+ httpCodes:
+ type: array
+ minItems: 1
+ items:
+ type: integer
+ minimum: 200
+ maximum: 599
+ successes:
+ type: integer
+ minimum: 1
+ maximum: 254
+ unhealthy:
+ type: object
+ properties:
+ httpCodes:
+ type: array
+ minItems: 1
+ items:
+ type: integer
+ minimum: 200
+ maximum: 599
+ httpFailures:
+ type: integer
+ minimum: 1
+ maximum: 254
+ tcpFailures:
+ type: integer
+ minimum: 1
+ maximum: 254
+ timeouts:
+ type: integer
+ minimum: 0
+ portLevelSettings:
+ type: array
+ items:
+ type: object
+ properties:
+ port:
+ type: integer
+ minimum: 1
+ maximum: 65535
+ loadbalancer:
+ type: object
+ properties:
+ type:
+ type: string
+ enum:
+ - roundrobin
+ - chash
+ - ewma
+ - least_conn
+ hashOn:
+ type: string
+ enum:
+ - vars
+ - vars_combinations
+ - header
+ - cookie
+ - consumer
+ key:
+ type: string
+ required:
+ - type
+ scheme:
+ type: string
+ enum:
+ - http
+ - grpc
+ retries:
+ type: integer
+ minimum: 0
+ timeout:
+ type: object
+ properties:
+ connect:
+ type: string
+ read:
+ type: string
+ send:
+ type: string
+ healthCheck:
+ type: object
+ anyOf:
+ - required:
+ - active
+ - required:
+ - active
+ - passive
+ properties:
+ active:
+ type: object
+ properties:
+ type:
+ type: string
+ enum:
+ - http
+ - https
+ - tcp
+ timeout:
+ type: number
+ minimum: 0
+ concurrency:
+ type: integer
+ minimum: 1
+ host:
+ type: string
+ pattern: "^\\*?[0-9a-zA-Z-._]+$"
+ port:
+ type: integer
+ minimum: 1
+ maximum: 65535
+ httpPath:
+ type: string
+ minLength: 1
+ strictTLS:
+ type: boolean
+ requestHeaders:
+ type: array
+ minItems: 1
+ items:
+ type: string
+ healthy:
+ type: object
+ properties:
+ interval:
+ type: string
+ httpCodes:
+ type: array
+ minItems: 1
+ items:
+ type: integer
+ minimum: 200
+ maximum: 599
+ successes:
+ type: integer
+ minimum: 1
+ maximum: 254
+ unhealthy:
+ type: object
+ properties:
+ interval:
+ type: string
+ httpCodes:
+ type: array
+ minItems: 1
+ items:
+ type: integer
+ minimum: 200
+ maximum: 599
+ httpFailures:
+ type: integer
+ minimum: 1
+ maximum: 254
+ tcpFailures:
+ type: integer
+ minimum: 1
+ maximum: 254
+ timeout:
+ type: string
+ passive:
+ type: object
+ properties:
+ type:
+ type: string
+ enum:
+ - http
+ - https
+ - tcp
+ healthy:
+ type: object
+ properties:
+ httpCodes:
+ type: array
+ minItems: 1
+ items:
+ type: integer
+ minimum: 200
+ maximum: 599
+ successes:
+ type: integer
+ minimum: 1
+ maximum: 254
+ unhealthy:
+ type: object
+ properties:
+ httpCodes:
+ type: array
+ minItems: 1
+ items:
+ type: integer
+ minimum: 200
+ maximum: 599
+ httpFailures:
+ type: integer
+ minimum: 1
+ maximum: 254
+ tcpFailures:
+ type: integer
+ minimum: 1
+ maximum: 254
+ timeout:
+ type: string
- name: v2beta3
schema:
openAPIV3Schema:
@@ -2005,7 +3090,8 @@
type: object
type: object
served: true
- storage: true
+ storage: false
+ deprecated: true
subresources:
status: {}
- name: v1
diff --git a/charts/apisix-ingress-controller/templates/configmap.yaml b/charts/apisix-ingress-controller/templates/configmap.yaml
index 2380117..9b67b27 100644
--- a/charts/apisix-ingress-controller/templates/configmap.yaml
+++ b/charts/apisix-ingress-controller/templates/configmap.yaml
@@ -32,6 +32,7 @@
{{- end }}
{{- end }}
enable_profiling: {{ .Values.config.enableProfiling }}
+ apisix-resource-sync-interval: {{ .Values.config.apisixResourceSyncInterval }}
kubernetes:
kubeconfig: {{ .Values.config.kubernetes.kubeconfig | quote }}
resync_interval: {{ .Values.config.kubernetes.resyncInterval | quote }}
diff --git a/charts/apisix-ingress-controller/templates/rbac.yaml b/charts/apisix-ingress-controller/templates/rbac.yaml
index fd30dae..4af2082 100644
--- a/charts/apisix-ingress-controller/templates/rbac.yaml
+++ b/charts/apisix-ingress-controller/templates/rbac.yaml
@@ -25,17 +25,13 @@
resources:
- events
verbs:
- - '*'
+ - "*"
- apiGroups:
- ""
resources:
- configmaps
- endpoints
- - persistentvolumeclaims
- pods
- - replicationcontrollers
- - replicationcontrollers/scale
- - serviceaccounts
- services
- secrets
verbs:
@@ -45,75 +41,15 @@
- apiGroups:
- ""
resources:
- - bindings
- - limitranges
- - namespaces/status
- - pods/log
- - pods/status
- - replicationcontrollers/status
- - resourcequotas
- - resourcequotas/status
- verbs:
- - get
- - list
- - watch
- - apiGroups:
- - ""
- resources:
- namespaces
verbs:
- get
- list
- watch
- apiGroups:
- - apps
- resources:
- - controllerrevisions
- - daemonsets
- - deployments
- - deployments/scale
- - replicasets
- - replicasets/scale
- - statefulsets
- - statefulsets/scale
- verbs:
- - get
- - list
- - watch
- - apiGroups:
- - autoscaling
- resources:
- - horizontalpodautoscalers
- verbs:
- - get
- - list
- - watch
- - apiGroups:
- - batch
- resources:
- - cronjobs
- - jobs
- verbs:
- - get
- - list
- - watch
- - apiGroups:
- extensions
resources:
- - daemonsets
- - deployments
- - deployments/scale
- ingresses
- - networkpolicies
- - replicasets
- - replicasets/scale
- - replicationcontrollers/scale
- verbs:
- - '*'
- - apiGroups:
- - policy
- resources:
- - poddisruptionbudgets
verbs:
- get
- list
@@ -122,19 +58,17 @@
- networking.k8s.io
resources:
- ingresses
- - ingresses/status
- - networkpolicies
- verbs:
- - '*'
- - apiGroups:
- - metrics.k8s.io
- resources:
- - pods
verbs:
- get
- list
- watch
- apiGroups:
+ - networking.k8s.io
+ resources:
+ - ingresses/status
+ verbs:
+ - update
+ - apiGroups:
- apisix.apache.org
resources:
- apisixroutes
@@ -165,6 +99,26 @@
- get
- list
- watch
+ - apiGroups:
+ - gateway.networking.k8s.io
+ resources:
+ - httproutes
+ - tlsroutes
+ - gateways
+ - gatewayclasses
+ verbs:
+ - get
+ - list
+ - watch
+ - apiGroups:
+ - gateway.networking.k8s.io
+ resources:
+ - httproutes/status
+ - tlsroutes/status
+ - gateways/status
+ - gatewayclasses/status
+ verbs:
+ - update
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
diff --git a/charts/apisix-ingress-controller/values.yaml b/charts/apisix-ingress-controller/values.yaml
index 456e108..7e0c4c1 100644
--- a/charts/apisix-ingress-controller/values.yaml
+++ b/charts/apisix-ingress-controller/values.yaml
@@ -42,7 +42,7 @@
image:
repository: apache/apisix-ingress-controller
pullPolicy: IfNotPresent
- tag: "1.4.1"
+ tag: "1.5.0-rc1"
podAnnotations: {}
@@ -83,6 +83,8 @@
ingressStatusAddress: []
# enable profiling via web interfaces host:port/debug/pprof, default is true.
enableProfiling: true
+ # Default interval for synchronizing Kubernetes resources to APISIX
+ apisixResourceSyncInterval: "300s"
# Kubernetes related configurations.
kubernetes:
# the Kubernetes configuration file path, default is "", so the in-cluster
@@ -112,9 +114,9 @@
ingressVersion: "networking/v1"
# whether to watch EndpointSlices rather than Endpoints.
watchEndpointSlices: false
- # the supported apisixroute api group version, can be "apisix.apache.org/v2beta1"
- # "apisix.apache.org/v2beta2" or "apisix.apache.org/v2beta3"
- apisixRouteVersion: "apisix.apache.org/v2beta3"
+ # the supported apisixroute api group version, can be "apisix.apache.org/v2"
+ # "apisix.apache.org/v2beta3" or "apisix.apache.org/v2beta2"
+ apisixRouteVersion: "apisix.apache.org/v2"
# whether to enable support for Gateway API.
# Note: This feature is currently under development and may not work as expected.
# It is not recommended to use it in a production environment.
