chore: release APISIX Ingress controller v1.6.0-rc1 (#420)
diff --git a/charts/apisix-ingress-controller/Chart.yaml b/charts/apisix-ingress-controller/Chart.yaml
index 6565f35..926005c 100644
--- a/charts/apisix-ingress-controller/Chart.yaml
+++ b/charts/apisix-ingress-controller/Chart.yaml
@@ -24,8 +24,8 @@
- nginx
- crd
type: application
-version: 0.10.2
-appVersion: 1.5.1
+version: 0.11.0
+appVersion: 1.6.0-rc1
sources:
- https://github.com/apache/apisix-helm-chart
@@ -34,4 +34,4 @@
# ref: https://artifacthub.io/docs/topics/annotations/helm/
annotations:
- artifacthub.io/prerelease: "false"
+ artifacthub.io/prerelease: "true"
diff --git a/charts/apisix-ingress-controller/README.md b/charts/apisix-ingress-controller/README.md
index 0222224..756ff2a 100644
--- a/charts/apisix-ingress-controller/README.md
+++ b/charts/apisix-ingress-controller/README.md
@@ -112,6 +112,7 @@
| clusterDomain | string | `"cluster.local"` | |
| config.apisix | object | `{"adminKey":"edd1c9f034335f136f87ad84b625c8f1","clusterName":"default","serviceName":"apisix-admin","serviceNamespace":"ingress-apisix","servicePort":9180}` | APISIX related configurations. |
| config.apisix.serviceName | string | `"apisix-admin"` | Enabling this value, overrides serviceName and serviceNamespace. serviceFullname: "apisix-admin.apisix.svc.local" |
+| config.apisixAdminAPIVersion | string | `"v3"` | the APISIX admin API version. can be "v2" or "v3", default is "v3". |
| config.apisixResourceSyncInterval | string | `"300s"` | Default interval for synchronizing Kubernetes resources to APISIX |
| config.certFile | string | `"/etc/webhook/certs/cert.pem"` | the TLS certificate file path. |
| config.enableProfiling | bool | `true` | enable profiling via web interfaces host:port/debug/pprof, default is true. |
@@ -120,15 +121,16 @@
| config.ingressPublishService | string | `""` | the controller will use the Endpoint of this Service to update the status information of the Ingress resource. The format is "namespace/svc-name" to solve the situation that the data plane and the controller are not deployed in the same namespace. |
| config.ingressStatusAddress | list | `[]` | |
| config.keyFile | string | `"/etc/webhook/certs/key.pem"` | the TLS key file path. |
-| config.kubernetes | object | `{"apisixRouteVersion":"apisix.apache.org/v2","appNamespaces":["*"],"electionId":"ingress-apisix-leader","enableGatewayAPI":false,"ingressClass":"apisix","ingressVersion":"networking/v1","kubeconfig":"","namespaceSelector":[""],"resyncInterval":"6h","watchEndpointSlices":false}` | Kubernetes related configurations. |
+| config.kubernetes | object | `{"apiVersion":"apisix.apache.org/v2","apisixRouteVersion":"apisix.apache.org/v2","electionId":"ingress-apisix-leader","enableGatewayAPI":false,"ingressClass":"apisix","ingressVersion":"networking/v1","kubeconfig":"","namespaceSelector":[""],"pluginMetadataCM":"","resyncInterval":"6h","watchEndpointSlices":false}` | Kubernetes related configurations. |
+| config.kubernetes.apiVersion | string | `"apisix.apache.org/v2"` | the resource API version, support "apisix.apache.org/v2beta3" and "apisix.apache.org/v2". default is "apisix.apache.org/v2" |
| config.kubernetes.apisixRouteVersion | string | `"apisix.apache.org/v2"` | the supported apisixroute api group version, can be "apisix.apache.org/v2" "apisix.apache.org/v2beta3" or "apisix.apache.org/v2beta2" |
-| config.kubernetes.appNamespaces | list | `["*"]` | namespace list that controller will watch for resources, by default all namespaces (represented by "*") are watched. |
| config.kubernetes.electionId | string | `"ingress-apisix-leader"` | the election id for the controller leader campaign, only the leader will watch and delivery resource changes, other instances (as candidates) stand by. |
| config.kubernetes.enableGatewayAPI | bool | `false` | whether to enable support for Gateway API. Note: This feature is currently under development and may not work as expected. It is not recommended to use it in a production environment. Before we announce support for it to reach Beta level or GA. |
| config.kubernetes.ingressClass | string | `"apisix"` | The class of an Ingress object is set using the field IngressClassName in Kubernetes clusters version v1.18.0 or higher or the annotation "kubernetes.io/ingress.class" (deprecated). |
| config.kubernetes.ingressVersion | string | `"networking/v1"` | the supported ingress api group version, can be "networking/v1beta1", "networking/v1" (for Kubernetes version v1.19.0 or higher), and "extensions/v1beta1", default is "networking/v1". |
| config.kubernetes.kubeconfig | string | `""` | the Kubernetes configuration file path, default is "", so the in-cluster configuration will be used. |
| config.kubernetes.namespaceSelector | list | `[""]` | namespace_selector represent basis for selecting managed namespaces. the field is support since version 1.4.0 For example, "apisix.ingress=watching", so ingress will watching the namespaces which labels "apisix.ingress=watching" |
+| config.kubernetes.pluginMetadataCM | string | `""` | Pluginmetadata in APISIX can be controlled through ConfigMap. default is "" |
| config.kubernetes.resyncInterval | string | `"6h"` | how long should apisix-ingress-controller re-synchronizes with Kubernetes, default is 6h, |
| config.kubernetes.watchEndpointSlices | bool | `false` | whether to watch EndpointSlices rather than Endpoints. |
| config.logLevel | string | `"info"` | the error log level, default is info, optional values are: debug, info, warn, error, panic, fatal |
@@ -136,7 +138,7 @@
| fullnameOverride | string | `""` | |
| image.pullPolicy | string | `"IfNotPresent"` | |
| image.repository | string | `"apache/apisix-ingress-controller"` | |
-| image.tag | string | `"1.5.1"` | |
+| image.tag | string | `"1.6.0-rc1"` | |
| imagePullSecrets | list | `[]` | |
| initContainer.image | string | `"busybox"` | |
| initContainer.tag | float | `1.28` | |
diff --git a/charts/apisix-ingress-controller/crds/customresourcedefinitions.yaml b/charts/apisix-ingress-controller/crds/customresourcedefinitions.yaml
index 3c0d034..0981fcc 100644
--- a/charts/apisix-ingress-controller/crds/customresourcedefinitions.yaml
+++ b/charts/apisix-ingress-controller/crds/customresourcedefinitions.yaml
@@ -31,45 +31,6 @@
preserveUnknownFields: false
scope: Cluster
versions:
- - name: v2
- served: true
- storage: true
- subresources:
- status: {}
- schema:
- openAPIV3Schema:
- type: object
- properties:
- spec:
- type: object
- properties:
- admin:
- type: object
- required:
- - baseURL
- properties:
- baseURL:
- type: string
- pattern: "https?://[^:]+:(\\d+)"
- adminKey:
- type: string
- monitoring:
- type: object
- properties:
- prometheus:
- type: object
- properties:
- enable:
- type: boolean
- skywalking:
- type: object
- properties:
- enable:
- type: boolean
- sampleRatio:
- type: number
- minimum: 0.00001
- maximum: 1
- name: v2beta3
schema:
openAPIV3Schema:
@@ -110,7 +71,7 @@
deprecated: true
subresources:
status: {}
- - name: v2alpha1
+ - name: v2
schema:
openAPIV3Schema:
properties:
@@ -145,9 +106,8 @@
type: object
type: object
type: object
- served: false
- storage: false
- deprecated: true
+ served: true
+ storage: true
subresources:
status: {}
---
@@ -168,174 +128,6 @@
preserveUnknownFields: false
scope: Namespaced
versions:
- - name: v2
- served: true
- storage: true
- subresources:
- status: {}
- schema:
- openAPIV3Schema:
- type: object
- properties:
- spec:
- type: object
- required:
- - authParameter
- properties:
- authParameter:
- type: object
- oneOf:
- - required: ["basicAuth"]
- - required: ["keyAuth"]
- - required: ["wolfRBAC"]
- - required: ["jwtAuth"]
- - required: ["hmacAuth"]
- properties:
- basicAuth:
- type: object
- oneOf:
- - required: ["value"]
- - required: ["secretRef"]
- properties:
- value:
- type: object
- properties:
- username:
- type: string
- minLength: 1
- password:
- type: string
- minLength: 1
- required:
- - username
- - password
- secretRef:
- type: object
- properties:
- name:
- type: string
- minLength: 1
- required:
- - name
- keyAuth:
- type: object
- oneOf:
- - required: ["value"]
- - required: ["secretRef"]
- properties:
- value:
- type: object
- properties:
- key:
- type: string
- minLength: 1
- required:
- - key
- secretRef:
- type: object
- properties:
- name:
- type: string
- minLength: 1
- required:
- - name
- jwtAuth:
- type: object
- oneOf:
- - required: ["value"]
- - required: ["secretRef"]
- properties:
- value:
- type: object
- properties:
- key:
- type: string
- minLength: 1
- secret:
- type: string
- public_key:
- type: string
- private_key:
- type: string
- algorithm:
- type: string
- exp:
- type: integer
- base64_secret:
- type: boolean
- required:
- - key
- secretRef:
- type: object
- properties:
- name:
- type: string
- minLength: 1
- required:
- - name
- wolfRBAC:
- type: object
- oneOf:
- - required: ["value"]
- - required: ["secretRef"]
- properties:
- value:
- type: object
- properties:
- server:
- type: string
- appid:
- type: string
- header_prefix:
- type: string
- secretRef:
- type: object
- properties:
- name:
- type: string
- minLength: 1
- required:
- - name
- hmacAuth:
- type: object
- oneOf:
- - required: ["value"]
- - required: ["secretRef"]
- properties:
- value:
- type: object
- properties:
- access_key:
- type: string
- secret_key:
- type: string
- algorithm:
- type: string
- clock_skew:
- type: integer
- signed_headers:
- type: array
- items:
- type: string
- keep_headers:
- type: boolean
- encode_uri_params:
- type: boolean
- validate_request_body:
- type: boolean
- max_req_body:
- type: integer
- required:
- - access_key
- - secret_key
- secretRef:
- type: object
- properties:
- name:
- type: string
- minLength: 1
- required:
- - name
- name: v2beta3
schema:
openAPIV3Schema:
@@ -348,6 +140,12 @@
- basicAuth
- required:
- keyAuth
+ - required:
+ - wolfRBAC
+ - required:
+ - jwtAuth
+ - required:
+ - hmacAuth
properties:
basicAuth:
oneOf:
@@ -377,6 +175,84 @@
- password
type: object
type: object
+ hmacAuth:
+ oneOf:
+ - required:
+ - value
+ - required:
+ - secretRef
+ properties:
+ secretRef:
+ properties:
+ name:
+ minLength: 1
+ type: string
+ required:
+ - name
+ type: object
+ value:
+ properties:
+ access_key:
+ type: string
+ algorithm:
+ type: string
+ clock_skew:
+ type: integer
+ encode_uri_params:
+ type: boolean
+ keep_headers:
+ type: boolean
+ max_req_body:
+ type: integer
+ secret_key:
+ type: string
+ signed_headers:
+ items:
+ type: string
+ type: array
+ validate_request_body:
+ type: boolean
+ required:
+ - access_key
+ - secret_key
+ type: object
+ type: object
+ jwtAuth:
+ oneOf:
+ - required:
+ - value
+ - required:
+ - secretRef
+ properties:
+ secretRef:
+ properties:
+ name:
+ minLength: 1
+ type: string
+ required:
+ - name
+ type: object
+ value:
+ properties:
+ algorithm:
+ type: string
+ base64_secret:
+ type: boolean
+ exp:
+ type: integer
+ key:
+ minLength: 1
+ type: string
+ private_key:
+ type: string
+ public_key:
+ type: string
+ secret:
+ type: string
+ required:
+ - key
+ type: object
+ type: object
keyAuth:
oneOf:
- required:
@@ -401,6 +277,31 @@
- key
type: object
type: object
+ wolfRBAC:
+ oneOf:
+ - required:
+ - value
+ - required:
+ - secretRef
+ properties:
+ secretRef:
+ properties:
+ name:
+ minLength: 1
+ type: string
+ required:
+ - name
+ type: object
+ value:
+ properties:
+ appid:
+ type: string
+ header_prefix:
+ type: string
+ server:
+ type: string
+ type: object
+ type: object
type: object
required:
- authParameter
@@ -411,7 +312,7 @@
deprecated: true
subresources:
status: {}
- - name: v2alpha1
+ - name: v2
schema:
openAPIV3Schema:
properties:
@@ -423,6 +324,12 @@
- basicAuth
- required:
- keyAuth
+ - required:
+ - wolfRBAC
+ - required:
+ - jwtAuth
+ - required:
+ - hmacAuth
properties:
basicAuth:
oneOf:
@@ -452,6 +359,84 @@
- password
type: object
type: object
+ hmacAuth:
+ oneOf:
+ - required:
+ - value
+ - required:
+ - secretRef
+ properties:
+ secretRef:
+ properties:
+ name:
+ minLength: 1
+ type: string
+ required:
+ - name
+ type: object
+ value:
+ properties:
+ access_key:
+ type: string
+ algorithm:
+ type: string
+ clock_skew:
+ type: integer
+ encode_uri_params:
+ type: boolean
+ keep_headers:
+ type: boolean
+ max_req_body:
+ type: integer
+ secret_key:
+ type: string
+ signed_headers:
+ items:
+ type: string
+ type: array
+ validate_request_body:
+ type: boolean
+ required:
+ - access_key
+ - secret_key
+ type: object
+ type: object
+ jwtAuth:
+ oneOf:
+ - required:
+ - value
+ - required:
+ - secretRef
+ properties:
+ secretRef:
+ properties:
+ name:
+ minLength: 1
+ type: string
+ required:
+ - name
+ type: object
+ value:
+ properties:
+ algorithm:
+ type: string
+ base64_secret:
+ type: boolean
+ exp:
+ type: integer
+ key:
+ minLength: 1
+ type: string
+ private_key:
+ type: string
+ public_key:
+ type: string
+ secret:
+ type: string
+ required:
+ - key
+ type: object
+ type: object
keyAuth:
oneOf:
- required:
@@ -476,14 +461,38 @@
- key
type: object
type: object
+ wolfRBAC:
+ oneOf:
+ - required:
+ - value
+ - required:
+ - secretRef
+ properties:
+ secretRef:
+ properties:
+ name:
+ minLength: 1
+ type: string
+ required:
+ - name
+ type: object
+ value:
+ properties:
+ appid:
+ type: string
+ header_prefix:
+ type: string
+ server:
+ type: string
+ type: object
+ type: object
type: object
required:
- authParameter
type: object
type: object
- served: false
- storage: false
- deprecated: true
+ served: true
+ storage: true
subresources:
status: {}
---
@@ -503,65 +512,12 @@
singular: apisixpluginconfig
scope: Namespaced
versions:
- - name: v2
- served: true
- storage: true
- subresources:
- status: {}
- additionalPrinterColumns:
- - jsonPath: .metadata.creationTimestamp
- name: Age
- type: date
- priority: 0
- schema:
- openAPIV3Schema:
- type: object
- properties:
- spec:
- type: object
- required:
- - plugins
- properties:
- plugins:
- type: array
- items:
- type: object
- properties:
- name:
- type: string
- minLength: 1
- enable:
- type: boolean
- config:
- type: object
- x-kubernetes-preserve-unknown-fields: true # we have to enable it since plugin config
- required:
- - name
- - enable
- status:
- type: object
- properties:
- conditions:
- type: array
- items:
- type: object
- properties:
- "type":
- type: string
- reason:
- type: string
- status:
- type: string
- message:
- type: string
- observedGeneration:
- type: integer
- - name: v2beta3
- additionalPrinterColumns:
+ - additionalPrinterColumns:
- jsonPath: .metadata.creationTimestamp
name: Age
priority: 0
type: date
+ name: v2beta3
schema:
openAPIV3Schema:
properties:
@@ -610,6 +566,61 @@
deprecated: true
subresources:
status: {}
+ - additionalPrinterColumns:
+ - jsonPath: .metadata.creationTimestamp
+ name: Age
+ priority: 0
+ type: date
+ name: v2
+ schema:
+ openAPIV3Schema:
+ properties:
+ spec:
+ properties:
+ plugins:
+ items:
+ properties:
+ config:
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enable:
+ type: boolean
+ name:
+ minLength: 1
+ type: string
+ secretRef:
+ type: string
+ type: object
+ required:
+ - name
+ - enable
+ type: array
+ required:
+ - plugins
+ type: object
+ status:
+ properties:
+ conditions:
+ items:
+ properties:
+ message:
+ type: string
+ observedGeneration:
+ type: integer
+ reason:
+ type: string
+ status:
+ type: string
+ type:
+ type: string
+ type: object
+ type: array
+ type: object
+ type: object
+ served: true
+ storage: true
+ subresources:
+ status: {}
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
@@ -1265,8 +1276,7 @@
deprecated: true
subresources:
status: {}
- - name: v2beta3
- additionalPrinterColumns:
+ - additionalPrinterColumns:
- jsonPath: .spec.http[].match.hosts
name: Hosts
priority: 0
@@ -1291,6 +1301,7 @@
name: Age
priority: 0
type: date
+ name: v2beta3
schema:
openAPIV3Schema:
properties:
@@ -1308,6 +1319,15 @@
properties:
enable:
type: boolean
+ jwtAuth:
+ properties:
+ cookie:
+ type: string
+ header:
+ type: string
+ query:
+ type: string
+ type: object
keyAuth:
properties:
header:
@@ -1317,6 +1337,9 @@
enum:
- basicAuth
- keyAuth
+ - jwtAuth
+ - wolfRBAC
+ - hmacAuth
type: string
required:
- enable
@@ -1550,298 +1573,344 @@
deprecated: true
subresources:
status: {}
- - name: v2
- served: true
- storage: true
- subresources:
- status: {}
- additionalPrinterColumns:
+ - additionalPrinterColumns:
- jsonPath: .spec.http[].match.hosts
name: Hosts
- type: string
priority: 0
+ type: string
- jsonPath: .spec.http[].match.paths
name: URIs
- type: string
priority: 0
+ type: string
- jsonPath: .spec.http[].backends[].serviceName
name: Target Service(HTTP)
- type: string
priority: 1
+ type: string
- jsonPath: .spec.tcp[].match.ingressPort
name: Ingress Server Port(TCP)
- type: integer
priority: 1
+ type: integer
- jsonPath: .spec.tcp[].match.backend.serviceName
name: Target Service(TCP)
- type: string
priority: 1
+ type: string
- jsonPath: .metadata.creationTimestamp
name: Age
- type: date
priority: 0
+ type: date
+ name: v2
schema:
openAPIV3Schema:
- type: object
properties:
spec:
- type: object
anyOf:
- - required: ["http"]
- - required: ["stream"]
+ - required:
+ - http
+ - required:
+ - stream
properties:
http:
- type: array
- minItems: 1
items:
- type: object
- required: ["name", "match", "backends"]
+ anyOf:
+ - required:
+ - name
+ - match
+ - backends
+ - required:
+ - name
+ - match
+ - upstreams
properties:
- name:
- type: string
- minLength: 1
- priority:
- type: integer
- timeout:
- type: object
+ authentication:
properties:
- connect:
+ enable:
+ type: boolean
+ jwtAuth:
+ properties:
+ cookie:
+ type: string
+ header:
+ type: string
+ query:
+ type: string
+ type: object
+ keyAuth:
+ properties:
+ header:
+ type: string
+ type: object
+ type:
+ enum:
+ - basicAuth
+ - keyAuth
+ - jwtAuth
+ - wolfRBAC
+ - hmacAuth
type: string
- send:
- type: string
- read:
- type: string
- match:
- type: object
required:
- - paths
- properties:
- paths:
- type: array
- minItems: 1
- items:
- type: string
- pattern: "^/[a-zA-Z0-9\\-._~%!$&'()+,;=:@/]*\\*?$"
- hosts:
- type: array
- minItems: 1
- items:
- type: string
- pattern: "^\\*?[0-9a-zA-Z-._]+$"
- methods:
- type: array
- minItems: 1
- items:
- type: string
- enum:
- - "CONNECT"
- - "DELETE"
- - "GET"
- - "HEAD"
- - "OPTIONS"
- - "PATCH"
- - "POST"
- - "PUT"
- - "TRACE"
- remoteAddrs:
- type: array
- minItems: 1
- items:
- type: string
- exprs:
- type: array
- minItems: 1
- items:
- type: object
- properties:
- subject:
- type: object
- properties:
- scope:
- type: string
- enum:
- - "Cookie"
- - "Header"
- - "Path"
- - "Query"
- name:
- type: string
- minLength: 1
- required:
- - scope
- op:
- type: string
- enum:
- - Equal
- - NotEqual
- - GreaterThan
- - LessThan
- - In
- - NotIn
- - RegexMatch
- - RegexNotMatch
- - RegexMatchCaseInsensitive
- - RegexNotMatchCaseInsensitive
- value:
- type: string
- set:
- type: array
- items:
- type: string
- oneOf:
- - required: ["subject", "op", "value"]
- - required: ["subject", "op", "set"]
- websocket:
- type: boolean
- plugin_config_name:
- type: string
- minLength: 1
+ - enable
+ type: object
backends:
- type: array
- minItems: 1
items:
- type: object
properties:
- serviceName:
+ resolveGranularity:
+ enum:
+ - endpoint
+ - service
type: string
+ serviceName:
minLength: 1
+ type: string
servicePort:
anyOf:
- type: integer
- type: string
x-kubernetes-int-or-string: true
- resolveGranularity:
- type: string
- enum: ["endpoint", "service"]
- weight:
- type: integer
- minimum: 0
subset:
type: string
- required:
- - serviceName
- - servicePort
- plugins:
- type: array
- items:
+ weight:
+ minimum: 0
+ type: integer
type: object
+ minItems: 1
+ required:
+ - serviceName
+ - servicePort
+ type: array
+ match:
+ properties:
+ exprs:
+ items:
+ oneOf:
+ - required:
+ - subject
+ - op
+ - value
+ - required:
+ - subject
+ - op
+ - set
+ properties:
+ op:
+ enum:
+ - Equal
+ - NotEqual
+ - GreaterThan
+ - GreaterThanEqual
+ - LessThan
+ - LessThanEqual
+ - In
+ - NotIn
+ - RegexMatch
+ - RegexNotMatch
+ - RegexMatchCaseInsensitive
+ - RegexNotMatchCaseInsensitive
+ type: string
+ set:
+ items:
+ type: string
+ type: array
+ subject:
+ properties:
+ name:
+ minLength: 1
+ type: string
+ scope:
+ enum:
+ - Cookie
+ - Header
+ - Path
+ - Query
+ - Variable
+ type: string
+ required:
+ - scope
+ type: object
+ value:
+ type: string
+ type: object
+ minItems: 1
+ type: array
+ hosts:
+ items:
+ pattern: ^\*?[0-9a-zA-Z-._]+$
+ type: string
+ minItems: 1
+ type: array
+ methods:
+ items:
+ enum:
+ - CONNECT
+ - DELETE
+ - GET
+ - HEAD
+ - OPTIONS
+ - PATCH
+ - POST
+ - PUT
+ - TRACE
+ type: string
+ minItems: 1
+ type: array
+ paths:
+ items:
+ pattern: ^/[a-zA-Z0-9\-._~%!$&'()+,;=:@/]*\*?$
+ type: string
+ minItems: 1
+ type: array
+ remoteAddrs:
+ items:
+ type: string
+ minItems: 1
+ type: array
+ required:
+ - paths
+ type: object
+ name:
+ minLength: 1
+ type: string
+ plugin_config_name:
+ minLength: 1
+ type: string
+ plugins:
+ items:
+ properties:
+ config:
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ enable:
+ type: boolean
+ name:
+ minLength: 1
+ type: string
+ secretRef:
+ type: string
+ type: object
+ required:
+ - name
+ - enable
+ type: array
+ priority:
+ type: integer
+ timeout:
+ properties:
+ connect:
+ type: string
+ read:
+ type: string
+ send:
+ type: string
+ type: object
+ upstreams:
+ description: Upstreams refer to ApisixUpstream CRD
+ items:
+ description: ApisixRouteUpstreamReference contains a ApisixUpstream
+ CRD reference
properties:
name:
type: string
- minLength: 1
- enable:
- type: boolean
- config:
- type: object
- x-kubernetes-preserve-unknown-fields: true # we have to enable it since plugin config
- required:
- - name
- - enable
- authentication:
- type: object
- properties:
- enable:
- type: boolean
- type:
- type: string
- enum:
- - "basicAuth"
- - "keyAuth"
- - "jwtAuth"
- - "wolfRBAC"
- - "hmacAuth"
- keyAuth:
- type: object
- properties:
- header:
- type: string
- jwtAuth:
- type: object
- properties:
- header:
- type: string
- query:
- type: string
- cookie:
- type: string
- required:
- - enable
- stream:
- type: array
- minItems: 1
- items:
+ weight:
+ type: integer
+ type: object
+ type: array
+ websocket:
+ type: boolean
type: object
- required: ["name", "match", "backend", "protocol"]
+ minItems: 1
+ type: array
+ stream:
+ items:
properties:
- "protocol":
- type: string
- enum: ["TCP", "UDP"]
- name:
- type: string
- minLength: 1
- match:
- type: object
- properties:
- ingressPort:
- type: integer
- minimum: 1
- maximum: 65535
- required:
- - ingressPort
backend:
- type: object
properties:
- serviceName:
+ resolveGranularity:
+ enum:
+ - endpoint
+ - service
type: string
+ serviceName:
minLength: 1
+ type: string
servicePort:
anyOf:
- type: integer
- type: string
x-kubernetes-int-or-string: true
- resolveGranularity:
- type: string
- enum: ["endpoint", "service"]
subset:
type: string
required:
- - serviceName
- - servicePort
+ - serviceName
+ - servicePort
+ type: object
+ match:
+ properties:
+ host:
+ type: string
+ ingressPort:
+ maximum: 65535
+ minimum: 1
+ type: integer
+ required:
+ - ingressPort
+ type: object
+ name:
+ minLength: 1
+ type: string
plugins:
- type: array
items:
- type: object
properties:
- name:
- type: string
- minLength: 1
- enable:
- type: boolean
config:
type: object
- x-kubernetes-preserve-unknown-fields: true # we have to enable it since plugin config
+ x-kubernetes-preserve-unknown-fields: true
+ enable:
+ type: boolean
+ name:
+ minLength: 1
+ type: string
+ secretRef:
+ type: string
+ type: object
required:
- - name
- - enable
- status:
+ - name
+ - enable
+ type: array
+ protocol:
+ enum:
+ - TCP
+ - UDP
+ type: string
+ required:
+ - name
+ - match
+ - backend
+ - protocol
+ type: object
+ minItems: 1
+ type: array
type: object
+ status:
properties:
conditions:
- type: array
items:
- type: object
properties:
- "type":
- type: string
- reason:
- type: string
- status:
- type: string
message:
type: string
observedGeneration:
type: integer
-
+ reason:
+ type: string
+ status:
+ type: string
+ type:
+ type: string
+ type: object
+ type: array
+ type: object
+ type: object
+ served: true
+ storage: true
+ subresources:
+ status: {}
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
@@ -1860,475 +1929,319 @@
preserveUnknownFields: false
scope: Namespaced
versions:
- - name: v2
+ - additionalPrinterColumns:
+ - jsonPath: .spec.hosts
+ name: SNIs
+ type: string
+ - jsonPath: .spec.secret.name
+ name: Secret Name
+ type: string
+ - jsonPath: .spec.secret.namespace
+ name: Secret Namespace
+ type: string
+ - jsonPath: .metadata.creationTimestamp
+ name: Age
+ type: date
+ name: v2beta3
+ schema:
+ openAPIV3Schema:
+ description: ApisixTls defines SSL resource in APISIX.
+ properties:
+ apiVersion:
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+ type: string
+ kind:
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: ApisixTlsSpec is the specification of ApisixSSL.
+ properties:
+ client:
+ description: ApisixMutualTlsClientConfig describes the mutual TLS
+ CA and verify depth
+ properties:
+ caSecret:
+ description: ApisixSecret describes the Kubernetes Secret name
+ and namespace.
+ properties:
+ name:
+ minLength: 1
+ type: string
+ namespace:
+ minLength: 1
+ type: string
+ required:
+ - name
+ - namespace
+ type: object
+ depth:
+ type: integer
+ type: object
+ hosts:
+ items:
+ pattern: ^\*?[0-9a-zA-Z-.]+$
+ type: string
+ minItems: 1
+ type: array
+ secret:
+ description: ApisixSecret describes the Kubernetes Secret name and
+ namespace.
+ properties:
+ name:
+ minLength: 1
+ type: string
+ namespace:
+ minLength: 1
+ type: string
+ required:
+ - name
+ - namespace
+ type: object
+ required:
+ - hosts
+ - secret
+ type: object
+ status:
+ description: ApisixStatus is the status report for Apisix ingress Resources
+ properties:
+ conditions:
+ items:
+ description: "Condition contains details for one aspect of the current
+ state of this API Resource. --- This struct is intended for direct
+ use as an array at the field path .status.conditions. For example,
+ type FooStatus struct{ // Represents the observations of a
+ foo's current state. // Known .status.conditions.type are:
+ \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type
+ \ // +patchStrategy=merge // +listType=map // +listMapKey=type
+ \ Conditions []metav1.Condition `json:\"conditions,omitempty\"
+ patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`
+ \n // other fields }"
+ properties:
+ lastTransitionTime:
+ description: lastTransitionTime is the last time the condition
+ transitioned from one status to another. This should be when
+ the underlying condition changed. If that is not known, then
+ using the time when the API field changed is acceptable.
+ format: date-time
+ type: string
+ message:
+ description: message is a human readable message indicating
+ details about the transition. This may be an empty string.
+ maxLength: 32768
+ type: string
+ observedGeneration:
+ description: observedGeneration represents the .metadata.generation
+ that the condition was set based upon. For instance, if .metadata.generation
+ is currently 12, but the .status.conditions[x].observedGeneration
+ is 9, the condition is out of date with respect to the current
+ state of the instance.
+ format: int64
+ minimum: 0
+ type: integer
+ reason:
+ description: reason contains a programmatic identifier indicating
+ the reason for the condition's last transition. Producers
+ of specific condition types may define expected values and
+ meanings for this field, and whether the values are considered
+ a guaranteed API. The value should be a CamelCase string.
+ This field may not be empty.
+ maxLength: 1024
+ minLength: 1
+ pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
+ type: string
+ status:
+ description: status of the condition, one of True, False, Unknown.
+ enum:
+ - "True"
+ - "False"
+ - Unknown
+ type: string
+ type:
+ description: type of condition in CamelCase or in foo.example.com/CamelCase.
+ --- Many .condition.type values are consistent across resources
+ like Available, but because arbitrary conditions can be useful
+ (see .node.status.conditions), the ability to deconflict is
+ important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
+ maxLength: 316
+ pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
+ type: string
+ required:
+ - lastTransitionTime
+ - message
+ - reason
+ - status
+ - type
+ type: object
+ type: array
+ type: object
+ type: object
+ served: true
+ storage: false
+ deprecated: true
+ subresources:
+ status: {}
+ - additionalPrinterColumns:
+ - jsonPath: .spec.hosts
+ name: SNIs
+ type: string
+ - jsonPath: .spec.secret.name
+ name: Secret Name
+ type: string
+ - jsonPath: .spec.secret.namespace
+ name: Secret Namespace
+ type: string
+ - jsonPath: .metadata.creationTimestamp
+ name: Age
+ type: date
+ name: v2
+ schema:
+ openAPIV3Schema:
+ description: ApisixTls defines SSL resource in APISIX.
+ properties:
+ apiVersion:
+ description: 'APIVersion defines the versioned schema of this representation
+ of an object. Servers should convert recognized schemas to the latest
+ internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+ type: string
+ kind:
+ description: 'Kind is a string value representing the REST resource this
+ object represents. Servers may infer this from the endpoint the client
+ submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: ApisixTlsSpec is the specification of ApisixSSL.
+ properties:
+ client:
+ description: ApisixMutualTlsClientConfig describes the mutual TLS
+ CA and verify depth
+ properties:
+ caSecret:
+ description: ApisixSecret describes the Kubernetes Secret name
+ and namespace.
+ properties:
+ name:
+ minLength: 1
+ type: string
+ namespace:
+ minLength: 1
+ type: string
+ required:
+ - name
+ - namespace
+ type: object
+ depth:
+ type: integer
+ type: object
+ hosts:
+ items:
+ pattern: ^\*?[0-9a-zA-Z-.]+$
+ type: string
+ minItems: 1
+ type: array
+ secret:
+ description: ApisixSecret describes the Kubernetes Secret name and
+ namespace.
+ properties:
+ name:
+ minLength: 1
+ type: string
+ namespace:
+ minLength: 1
+ type: string
+ required:
+ - name
+ - namespace
+ type: object
+ required:
+ - hosts
+ - secret
+ type: object
+ status:
+ description: ApisixStatus is the status report for Apisix ingress Resources
+ properties:
+ conditions:
+ items:
+ description: "Condition contains details for one aspect of the current
+ state of this API Resource. --- This struct is intended for direct
+ use as an array at the field path .status.conditions. For example,
+ type FooStatus struct{ // Represents the observations of a
+ foo's current state. // Known .status.conditions.type are:
+ \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type
+ \ // +patchStrategy=merge // +listType=map // +listMapKey=type
+ \ Conditions []metav1.Condition `json:\"conditions,omitempty\"
+ patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`
+ \n // other fields }"
+ properties:
+ lastTransitionTime:
+ description: lastTransitionTime is the last time the condition
+ transitioned from one status to another. This should be when
+ the underlying condition changed. If that is not known, then
+ using the time when the API field changed is acceptable.
+ format: date-time
+ type: string
+ message:
+ description: message is a human readable message indicating
+ details about the transition. This may be an empty string.
+ maxLength: 32768
+ type: string
+ observedGeneration:
+ description: observedGeneration represents the .metadata.generation
+ that the condition was set based upon. For instance, if .metadata.generation
+ is currently 12, but the .status.conditions[x].observedGeneration
+ is 9, the condition is out of date with respect to the current
+ state of the instance.
+ format: int64
+ minimum: 0
+ type: integer
+ reason:
+ description: reason contains a programmatic identifier indicating
+ the reason for the condition's last transition. Producers
+ of specific condition types may define expected values and
+ meanings for this field, and whether the values are considered
+ a guaranteed API. The value should be a CamelCase string.
+ This field may not be empty.
+ maxLength: 1024
+ minLength: 1
+ pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
+ type: string
+ status:
+ description: status of the condition, one of True, False, Unknown.
+ enum:
+ - "True"
+ - "False"
+ - Unknown
+ type: string
+ type:
+ description: type of condition in CamelCase or in foo.example.com/CamelCase.
+ --- Many .condition.type values are consistent across resources
+ like Available, but because arbitrary conditions can be useful
+ (see .node.status.conditions), the ability to deconflict is
+ important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
+ maxLength: 316
+ pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
+ type: string
+ required:
+ - lastTransitionTime
+ - message
+ - reason
+ - status
+ - type
+ type: object
+ type: array
+ type: object
+ type: object
served: true
storage: true
subresources:
status: {}
- additionalPrinterColumns:
- - jsonPath: .spec.hosts
- name: SNIs
- type: string
- - jsonPath: .spec.secret.name
- name: Secret Name
- type: string
- - jsonPath: .spec.secret.namespace
- name: Secret Namespace
- type: string
- - jsonPath: .metadata.creationTimestamp
- name: Age
- type: date
- schema:
- openAPIV3Schema:
- description: ApisixTls defines SSL resource in APISIX.
- type: object
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: ApisixTlsSpec is the specification of ApisixSSL.
- type: object
- required:
- - hosts
- - secret
- properties:
- client:
- description: ApisixMutualTlsClientConfig describes the mutual TLS CA
- and verify depth
- type: object
- properties:
- caSecret:
- description: ApisixSecret describes the Kubernetes Secret name and
- namespace.
- type: object
- required:
- - name
- - namespace
- properties:
- name:
- type: string
- minLength: 1
- namespace:
- type: string
- minLength: 1
- depth:
- type: integer
- hosts:
- type: array
- minItems: 1
- items:
- type: string
- pattern: ^\*?[0-9a-zA-Z-.]+$
- secret:
- description: ApisixSecret describes the Kubernetes Secret name and namespace.
- type: object
- required:
- - name
- - namespace
- properties:
- name:
- type: string
- minLength: 1
- namespace:
- type: string
- minLength: 1
- status:
- description: ApisixStatus is the status report for Apisix ingress Resources
- type: object
- properties:
- conditions:
- type: array
- items:
- description: "Condition contains details for one aspect of the current
- state of this API Resource. --- This struct is intended for direct
- use as an array at the field path .status.conditions. For example,
- type FooStatus struct{ // Represents the observations of a foo's
- current state. // Known .status.conditions.type are: \"Available\",
- \"Progressing\", and \"Degraded\" // +patchMergeKey=type //
- +patchStrategy=merge // +listType=map // +listMapKey=type
- \ Conditions []metav1.Condition `json:\"conditions,omitempty\"
- patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`
- \n // other fields }"
- type: object
- required:
- - lastTransitionTime
- - message
- - reason
- - status
- - type
- properties:
- lastTransitionTime:
- description: lastTransitionTime is the last time the condition
- transitioned from one status to another. This should be when
- the underlying condition changed. If that is not known, then
- using the time when the API field changed is acceptable.
- type: string
- format: date-time
- message:
- description: message is a human readable message indicating details
- about the transition. This may be an empty string.
- type: string
- maxLength: 32768
- observedGeneration:
- description: observedGeneration represents the .metadata.generation
- that the condition was set based upon. For instance, if .metadata.generation
- is currently 12, but the .status.conditions[x].observedGeneration
- is 9, the condition is out of date with respect to the current
- state of the instance.
- type: integer
- format: int64
- minimum: 0
- reason:
- description: reason contains a programmatic identifier indicating
- the reason for the condition's last transition. Producers of
- specific condition types may define expected values and meanings
- for this field, and whether the values are considered a guaranteed
- API. The value should be a CamelCase string. This field may
- not be empty.
- type: string
- maxLength: 1024
- minLength: 1
- pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
- status:
- description: status of the condition, one of True, False, Unknown.
- type: string
- enum:
- - "True"
- - "False"
- - Unknown
- type:
- description: type of condition in CamelCase or in foo.example.com/CamelCase.
- --- Many .condition.type values are consistent across resources
- like Available, but because arbitrary conditions can be useful
- (see .node.status.conditions), the ability to deconflict is
- important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
- type: string
- maxLength: 316
- pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
- - name: v2beta3
- additionalPrinterColumns:
- - jsonPath: .spec.hosts
- name: SNIs
- type: string
- - jsonPath: .spec.secret.name
- name: Secret Name
- type: string
- - jsonPath: .spec.secret.namespace
- name: Secret Namespace
- type: string
- - jsonPath: .metadata.creationTimestamp
- name: Age
- type: date
- schema:
- openAPIV3Schema:
- description: ApisixTls defines SSL resource in APISIX.
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: ApisixTlsSpec is the specification of ApisixSSL.
- properties:
- client:
- description: ApisixMutualTlsClientConfig describes the mutual TLS
- CA and verify depth
- properties:
- caSecret:
- description: ApisixSecret describes the Kubernetes Secret name
- and namespace.
- properties:
- name:
- minLength: 1
- type: string
- namespace:
- minLength: 1
- type: string
- required:
- - name
- - namespace
- type: object
- depth:
- type: integer
- type: object
- hosts:
- items:
- pattern: ^\*?[0-9a-zA-Z-.]+$
- type: string
- minItems: 1
- type: array
- secret:
- description: ApisixSecret describes the Kubernetes Secret name and
- namespace.
- properties:
- name:
- minLength: 1
- type: string
- namespace:
- minLength: 1
- type: string
- required:
- - name
- - namespace
- type: object
- required:
- - hosts
- - secret
- type: object
- status:
- description: ApisixStatus is the status report for Apisix ingress Resources
- properties:
- conditions:
- items:
- description: "Condition contains details for one aspect of the current
- state of this API Resource. --- This struct is intended for direct
- use as an array at the field path .status.conditions. For example,
- type FooStatus struct{ // Represents the observations of a
- foo's current state. // Known .status.conditions.type are:
- \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type
- \ // +patchStrategy=merge // +listType=map // +listMapKey=type
- \ Conditions []metav1.Condition `json:\"conditions,omitempty\"
- patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`
- \n // other fields }"
- properties:
- lastTransitionTime:
- description: lastTransitionTime is the last time the condition
- transitioned from one status to another. This should be when
- the underlying condition changed. If that is not known, then
- using the time when the API field changed is acceptable.
- format: date-time
- type: string
- message:
- description: message is a human readable message indicating
- details about the transition. This may be an empty string.
- maxLength: 32768
- type: string
- observedGeneration:
- description: observedGeneration represents the .metadata.generation
- that the condition was set based upon. For instance, if .metadata.generation
- is currently 12, but the .status.conditions[x].observedGeneration
- is 9, the condition is out of date with respect to the current
- state of the instance.
- format: int64
- minimum: 0
- type: integer
- reason:
- description: reason contains a programmatic identifier indicating
- the reason for the condition's last transition. Producers
- of specific condition types may define expected values and
- meanings for this field, and whether the values are considered
- a guaranteed API. The value should be a CamelCase string.
- This field may not be empty.
- maxLength: 1024
- minLength: 1
- pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
- type: string
- status:
- description: status of the condition, one of True, False, Unknown.
- enum:
- - "True"
- - "False"
- - Unknown
- type: string
- type:
- description: type of condition in CamelCase or in foo.example.com/CamelCase.
- --- Many .condition.type values are consistent across resources
- like Available, but because arbitrary conditions can be useful
- (see .node.status.conditions), the ability to deconflict is
- important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
- maxLength: 316
- pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
- type: string
- required:
- - lastTransitionTime
- - message
- - reason
- - status
- - type
- type: object
- type: array
- type: object
- type: object
- served: true
- storage: false
- deprecated: true
- subresources:
- status: {}
- - name: v1
- additionalPrinterColumns:
- - jsonPath: .spec.hosts
- name: SNIs
- type: string
- - jsonPath: .spec.secret.name
- name: Secret Name
- type: string
- - jsonPath: .spec.secret.namespace
- name: Secret Namespace
- type: string
- - jsonPath: .metadata.creationTimestamp
- name: Age
- type: date
- schema:
- openAPIV3Schema:
- description: ApisixTls defines SSL resource in APISIX.
- properties:
- apiVersion:
- description: 'APIVersion defines the versioned schema of this representation
- of an object. Servers should convert recognized schemas to the latest
- internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
- type: string
- kind:
- description: 'Kind is a string value representing the REST resource this
- object represents. Servers may infer this from the endpoint the client
- submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
- type: string
- metadata:
- type: object
- spec:
- description: ApisixTlsSpec is the specification of ApisixSSL.
- properties:
- client:
- description: ApisixMutualTlsClientConfig describes the mutual TLS
- CA and verify depth
- properties:
- caSecret:
- description: ApisixSecret describes the Kubernetes Secret name
- and namespace.
- properties:
- name:
- minLength: 1
- type: string
- namespace:
- minLength: 1
- type: string
- required:
- - name
- - namespace
- type: object
- depth:
- type: integer
- type: object
- hosts:
- items:
- pattern: ^\*?[0-9a-zA-Z-.]+$
- type: string
- minItems: 1
- type: array
- secret:
- description: ApisixSecret describes the Kubernetes Secret name and
- namespace.
- properties:
- name:
- minLength: 1
- type: string
- namespace:
- minLength: 1
- type: string
- required:
- - name
- - namespace
- type: object
- required:
- - hosts
- - secret
- type: object
- status:
- description: ApisixStatus is the status report for Apisix ingress Resources
- properties:
- conditions:
- items:
- description: "Condition contains details for one aspect of the current
- state of this API Resource. --- This struct is intended for direct
- use as an array at the field path .status.conditions. For example,
- type FooStatus struct{ // Represents the observations of a
- foo's current state. // Known .status.conditions.type are:
- \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type
- \ // +patchStrategy=merge // +listType=map // +listMapKey=type
- \ Conditions []metav1.Condition `json:\"conditions,omitempty\"
- patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`
- \n // other fields }"
- properties:
- lastTransitionTime:
- description: lastTransitionTime is the last time the condition
- transitioned from one status to another. This should be when
- the underlying condition changed. If that is not known, then
- using the time when the API field changed is acceptable.
- format: date-time
- type: string
- message:
- description: message is a human readable message indicating
- details about the transition. This may be an empty string.
- maxLength: 32768
- type: string
- observedGeneration:
- description: observedGeneration represents the .metadata.generation
- that the condition was set based upon. For instance, if .metadata.generation
- is currently 12, but the .status.conditions[x].observedGeneration
- is 9, the condition is out of date with respect to the current
- state of the instance.
- format: int64
- minimum: 0
- type: integer
- reason:
- description: reason contains a programmatic identifier indicating
- the reason for the condition's last transition. Producers
- of specific condition types may define expected values and
- meanings for this field, and whether the values are considered
- a guaranteed API. The value should be a CamelCase string.
- This field may not be empty.
- maxLength: 1024
- minLength: 1
- pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
- type: string
- status:
- description: status of the condition, one of True, False, Unknown.
- enum:
- - "True"
- - "False"
- - Unknown
- type: string
- type:
- description: type of condition in CamelCase or in foo.example.com/CamelCase.
- --- Many .condition.type values are consistent across resources
- like Available, but because arbitrary conditions can be useful
- (see .node.status.conditions), the ability to deconflict is
- important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
- maxLength: 316
- pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
- type: string
- required:
- - lastTransitionTime
- - message
- - reason
- - status
- - type
- type: object
- type: array
- type: object
- type: object
- served: false
- storage: false
- deprecated: true
- subresources:
- status: {}
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
@@ -2346,378 +2259,6 @@
singular: apisixupstream
scope: Namespaced
versions:
- - name: v2
- served: true
- storage: true
- subresources:
- status: {}
- schema:
- openAPIV3Schema:
- type: object
- properties:
- spec:
- type: object
- properties:
- subsets:
- type: array
- items:
- type: object
- properties:
- name:
- type: string
- minLength: 1
- labels:
- type: object
- x-kubernetes-preserve-unknown-fields: true
- required: ["name", "labels"]
- loadbalancer:
- type: object
- properties:
- type:
- type: string
- enum:
- - roundrobin
- - chash
- - ewma
- - least_conn
- hashOn:
- type: string
- enum:
- - vars
- - vars_combinations
- - header
- - cookie
- - consumer
- key:
- type: string
- required:
- - type
- scheme:
- type: string
- enum:
- - http
- - grpc
- - https
- - grpcs
- retries:
- type: integer
- minimum: 0
- timeout:
- type: object
- properties:
- connect:
- type: string
- read:
- type: string
- send:
- type: string
- tlsSecret:
- description: ApisixSecret describes the Kubernetes Secret name and namespace.
- type: object
- required:
- - name
- - namespace
- properties:
- name:
- type: string
- minLength: 1
- namespace:
- type: string
- minLength: 1
- healthCheck:
- type: object
- anyOf:
- - required:
- - active
- - required:
- - active
- - passive
- properties:
- active:
- type: object
- properties:
- type:
- type: string
- enum:
- - http
- - https
- - tcp
- timeout:
- type: number
- minimum: 0
- concurrency:
- type: integer
- minimum: 1
- host:
- type: string
- pattern: "^\\*?[0-9a-zA-Z-._]+$"
- port:
- type: integer
- minimum: 1
- maximum: 65535
- httpPath:
- type: string
- minLength: 1
- strictTLS:
- type: boolean
- requestHeaders:
- type: array
- minItems: 1
- items:
- type: string
- healthy:
- type: object
- properties:
- interval:
- type: string
- httpCodes:
- type: array
- minItems: 1
- items:
- type: integer
- minimum: 200
- maximum: 599
- successes:
- type: integer
- minimum: 1
- maximum: 254
- unhealthy:
- type: object
- properties:
- interval:
- type: string
- httpCodes:
- type: array
- minItems: 1
- items:
- type: integer
- minimum: 200
- maximum: 599
- httpFailures:
- type: integer
- minimum: 1
- maximum: 254
- tcpFailures:
- type: integer
- minimum: 1
- maximum: 254
- timeouts:
- type: integer
- minimum: 0
- passive:
- type: object
- properties:
- type:
- type: string
- enum:
- - http
- - https
- - tcp
- healthy:
- type: object
- properties:
- httpCodes:
- type: array
- minItems: 1
- items:
- type: integer
- minimum: 200
- maximum: 599
- successes:
- type: integer
- minimum: 1
- maximum: 254
- unhealthy:
- type: object
- properties:
- httpCodes:
- type: array
- minItems: 1
- items:
- type: integer
- minimum: 200
- maximum: 599
- httpFailures:
- type: integer
- minimum: 1
- maximum: 254
- tcpFailures:
- type: integer
- minimum: 1
- maximum: 254
- timeouts:
- type: integer
- minimum: 0
- portLevelSettings:
- type: array
- items:
- type: object
- properties:
- port:
- type: integer
- minimum: 1
- maximum: 65535
- loadbalancer:
- type: object
- properties:
- type:
- type: string
- enum:
- - roundrobin
- - chash
- - ewma
- - least_conn
- hashOn:
- type: string
- enum:
- - vars
- - vars_combinations
- - header
- - cookie
- - consumer
- key:
- type: string
- required:
- - type
- scheme:
- type: string
- enum:
- - http
- - grpc
- retries:
- type: integer
- minimum: 0
- timeout:
- type: object
- properties:
- connect:
- type: string
- read:
- type: string
- send:
- type: string
- healthCheck:
- type: object
- anyOf:
- - required:
- - active
- - required:
- - active
- - passive
- properties:
- active:
- type: object
- properties:
- type:
- type: string
- enum:
- - http
- - https
- - tcp
- timeout:
- type: number
- minimum: 0
- concurrency:
- type: integer
- minimum: 1
- host:
- type: string
- pattern: "^\\*?[0-9a-zA-Z-._]+$"
- port:
- type: integer
- minimum: 1
- maximum: 65535
- httpPath:
- type: string
- minLength: 1
- strictTLS:
- type: boolean
- requestHeaders:
- type: array
- minItems: 1
- items:
- type: string
- healthy:
- type: object
- properties:
- interval:
- type: string
- httpCodes:
- type: array
- minItems: 1
- items:
- type: integer
- minimum: 200
- maximum: 599
- successes:
- type: integer
- minimum: 1
- maximum: 254
- unhealthy:
- type: object
- properties:
- interval:
- type: string
- httpCodes:
- type: array
- minItems: 1
- items:
- type: integer
- minimum: 200
- maximum: 599
- httpFailures:
- type: integer
- minimum: 1
- maximum: 254
- tcpFailures:
- type: integer
- minimum: 1
- maximum: 254
- timeout:
- type: string
- passive:
- type: object
- properties:
- type:
- type: string
- enum:
- - http
- - https
- - tcp
- healthy:
- type: object
- properties:
- httpCodes:
- type: array
- minItems: 1
- items:
- type: integer
- minimum: 200
- maximum: 599
- successes:
- type: integer
- minimum: 1
- maximum: 254
- unhealthy:
- type: object
- properties:
- httpCodes:
- type: array
- minItems: 1
- items:
- type: integer
- minimum: 200
- maximum: 599
- httpFailures:
- type: integer
- minimum: 1
- maximum: 254
- tcpFailures:
- type: integer
- minimum: 1
- maximum: 254
- timeout:
- type: string
- name: v2beta3
schema:
openAPIV3Schema:
@@ -3094,12 +2635,41 @@
deprecated: true
subresources:
status: {}
- - name: v1
+ - name: v2
schema:
openAPIV3Schema:
properties:
spec:
properties:
+ discovery:
+ description: Discovery is used to configure service discovery for
+ upstream
+ properties:
+ args:
+ type: object
+ x-kubernetes-preserve-unknown-fields: true
+ serviceName:
+ type: string
+ type:
+ type: string
+ type: object
+ externalNodes:
+ description: ExternalNodes contains external nodes the Upstream should
+ use If this field is set, the upstream will use these nodes directly
+ without any further resolves
+ items:
+ description: ApisixUpstreamExternalNode is the external node conf
+ properties:
+ name:
+ type: string
+ port:
+ type: integer
+ type:
+ type: string
+ weight:
+ type: integer
+ type: object
+ type: array
healthCheck:
anyOf:
- required:
@@ -3465,8 +3035,7 @@
type: object
type: object
type: object
- served: false
- storage: false
- deprecated: true
+ served: true
+ storage: true
subresources:
status: {}
diff --git a/charts/apisix-ingress-controller/templates/configmap.yaml b/charts/apisix-ingress-controller/templates/configmap.yaml
index 9b67b27..1beab28 100644
--- a/charts/apisix-ingress-controller/templates/configmap.yaml
+++ b/charts/apisix-ingress-controller/templates/configmap.yaml
@@ -32,16 +32,11 @@
{{- end }}
{{- end }}
enable_profiling: {{ .Values.config.enableProfiling }}
+ apisix-admin-api-version: {{ .Values.config.apisixAdminAPIVersion }}
apisix-resource-sync-interval: {{ .Values.config.apisixResourceSyncInterval }}
kubernetes:
kubeconfig: {{ .Values.config.kubernetes.kubeconfig | quote }}
resync_interval: {{ .Values.config.kubernetes.resyncInterval | quote }}
- {{- if gt (len .Values.config.kubernetes.appNamespaces) 0 }}
- app_namespaces:
- {{- range .Values.config.kubernetes.appNamespaces }}
- - {{ . | quote }}
- {{- end }}
- {{- end }}
{{- if gt (len .Values.config.kubernetes.namespaceSelector) 0 }}
namespace_selector:
@@ -55,6 +50,8 @@
watch_endpointslices: {{ .Values.config.kubernetes.watchEndpointSlices }}
apisix_route_version: {{ .Values.config.kubernetes.apisixRouteVersion | quote }}
enable_gateway_api: {{ .Values.config.kubernetes.enableGatewayAPI }}
+ apisix_version: {{ .Values.config.kubernetes.apiVersion | quote }}
+ plugin_metadata_cm: {{ .Values.config.kubernetes.pluginMetadataCM | quote }}
apisix:
{{ if .Values.config.apisix.serviceFullname }}
default_cluster_base_url: http://{{ .Values.config.apisix.serviceFullname }}:{{ .Values.config.apisix.servicePort }}/apisix/admin
diff --git a/charts/apisix-ingress-controller/values.yaml b/charts/apisix-ingress-controller/values.yaml
index a175acd..f13dc73 100644
--- a/charts/apisix-ingress-controller/values.yaml
+++ b/charts/apisix-ingress-controller/values.yaml
@@ -42,7 +42,7 @@
image:
repository: apache/apisix-ingress-controller
pullPolicy: IfNotPresent
- tag: "1.5.1"
+ tag: "1.6.0-rc1"
podAnnotations: {}
@@ -79,6 +79,8 @@
ingressStatusAddress: []
# -- enable profiling via web interfaces host:port/debug/pprof, default is true.
enableProfiling: true
+ # -- the APISIX admin API version. can be "v2" or "v3", default is "v3".
+ apisixAdminAPIVersion: "v3"
# -- Default interval for synchronizing Kubernetes resources to APISIX
apisixResourceSyncInterval: "300s"
# -- Kubernetes related configurations.
@@ -89,9 +91,6 @@
# -- how long should apisix-ingress-controller re-synchronizes with Kubernetes,
# default is 6h,
resyncInterval: "6h"
- # -- namespace list that controller will watch for resources,
- # by default all namespaces (represented by "*") are watched.
- appNamespaces: ["*"]
# -- namespace_selector represent basis for selecting managed namespaces.
# the field is support since version 1.4.0
# For example, "apisix.ingress=watching", so ingress will watching the namespaces which labels "apisix.ingress=watching"
@@ -118,6 +117,12 @@
# It is not recommended to use it in a production environment.
# Before we announce support for it to reach Beta level or GA.
enableGatewayAPI: false
+ # -- the resource API version, support "apisix.apache.org/v2beta3" and "apisix.apache.org/v2".
+ # default is "apisix.apache.org/v2"
+ apiVersion: "apisix.apache.org/v2"
+ # -- Pluginmetadata in APISIX can be controlled through ConfigMap. default is ""
+ pluginMetadataCM: ""
+
# -- APISIX related configurations.
apisix:
# -- Enabling this value, overrides serviceName and serviceNamespace.
