From 24f7a9c9549024018871b5622faee4243d534c30 Mon Sep 17 00:00:00 2001 From: Julien Cavoizy <24271008+j-cavoizy@users.noreply.github.com> Date: Tue, 4 Jul 2023 12:06:38 +0200 Subject: [PATCH 1/8] Add appProtocol2 feature in service --- charts/ingress-nginx/templates/controller-service.yaml | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/charts/ingress-nginx/templates/controller-service.yaml b/charts/ingress-nginx/templates/controller-service.yaml index b2735d2e8f..13e5f92f2d 100644 --- a/charts/ingress-nginx/templates/controller-service.yaml +++ b/charts/ingress-nginx/templates/controller-service.yaml @@ -64,14 +64,18 @@ spec: nodePort: {{ .Values.controller.service.nodePorts.http }} {{- end }} {{- end }} - {{- if .Values.controller.service.enableHttps }} + {{- if or (.Values.controller.service.enableHttps) (.Values.controller.service.enableHttp2) }} - name: https port: {{ .Values.controller.service.ports.https }} protocol: TCP targetPort: {{ .Values.controller.service.targetPorts.https }} {{- if and (semverCompare ">=1.20" .Capabilities.KubeVersion.Version) (.Values.controller.service.appProtocol) }} + {{- if (.Values.controller.service.enableHttp2) }} + appProtocol: http2 + {{- else }} appProtocol: https {{- end }} + {{- end }} {{- if (and $setNodePorts (not (empty .Values.controller.service.nodePorts.https))) }} nodePort: {{ .Values.controller.service.nodePorts.https }} {{- end }} From c24aae4039513b087c4480cc5c3737050b518ee5 Mon Sep 17 00:00:00 2001 From: Julien Cavoizy <24271008+j-cavoizy@users.noreply.github.com> Date: Tue, 4 Jul 2023 12:10:26 +0200 Subject: [PATCH 2/8] Update README.md --- charts/ingress-nginx/README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/charts/ingress-nginx/README.md b/charts/ingress-nginx/README.md index 9550918732..a5884f15d7 100644 --- a/charts/ingress-nginx/README.md +++ b/charts/ingress-nginx/README.md @@ -403,6 +403,7 @@ As of version `1.26.0` of this chart, by simply not providing any clusterIP valu | controller.service.appProtocol | bool | `true` | If enabled is adding an appProtocol option for Kubernetes service. An appProtocol field replacing annotations that were using for setting a backend protocol. Here is an example for AWS: service.beta.kubernetes.io/aws-load-balancer-backend-protocol: http It allows choosing the protocol for each backend specified in the Kubernetes service. See the following GitHub issue for more details about the purpose: https://github.com/kubernetes/kubernetes/issues/40244 Will be ignored for Kubernetes versions older than 1.20 # | | controller.service.enableHttp | bool | `true` | | | controller.service.enableHttps | bool | `true` | | +| controller.service.enableHttp2 | bool | `false` | | | controller.service.enabled | bool | `true` | | | controller.service.external.enabled | bool | `true` | | | controller.service.externalIPs | list | `[]` | List of IP addresses at which the controller services are available # Ref: https://kubernetes.io/docs/concepts/services-networking/service/#external-ips # | From 753b4d1fedaea821ca2e2a598a9be367056ab17a Mon Sep 17 00:00:00 2001 From: Julien Cavoizy <24271008+j-cavoizy@users.noreply.github.com> Date: Tue, 4 Jul 2023 12:12:01 +0200 Subject: [PATCH 3/8] Update values.yaml --- charts/ingress-nginx/values.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/charts/ingress-nginx/values.yaml b/charts/ingress-nginx/values.yaml index d091391a8c..4e5b3f1090 100644 --- a/charts/ingress-nginx/values.yaml +++ b/charts/ingress-nginx/values.yaml @@ -430,6 +430,7 @@ controller: loadBalancerClass: "" enableHttp: true enableHttps: true + enableHttp2: false ## Set external traffic policy to: "Local" to preserve source IP on providers supporting it. ## Ref: https://kubernetes.io/docs/tutorials/services/source-ip/#source-ip-for-services-with-typeloadbalancer # externalTrafficPolicy: "" From 0cacc7e078f9f9b17a94055431c2b2ee99e4bbf5 Mon Sep 17 00:00:00 2001 From: Julien Cavoizy <24271008+j-cavoizy@users.noreply.github.com> Date: Tue, 4 Jul 2023 14:08:58 +0200 Subject: [PATCH 4/8] Update helm.go --- magefiles/helm.go | 1 + 1 file changed, 1 insertion(+) diff --git a/magefiles/helm.go b/magefiles/helm.go index 585a934134..5f29890681 100644 --- a/magefiles/helm.go +++ b/magefiles/helm.go @@ -374,6 +374,7 @@ type IngressChartValue struct { LoadBalancerSourceRanges []interface{} `yaml:"loadBalancerSourceRanges"` EnableHTTP bool `yaml:"enableHttp"` EnableHTTPS bool `yaml:"enableHttps"` + EnableHTTP2 bool `yaml:"enableHttp2"` IPFamilyPolicy string `yaml:"ipFamilyPolicy"` IPFamilies []string `yaml:"ipFamilies"` Ports struct { From 802e9c357c020cfa25212312edf70c898c3d5e39 Mon Sep 17 00:00:00 2001 From: Julien Cavoizy Date: Tue, 4 Jul 2023 14:36:54 +0200 Subject: [PATCH 5/8] Revert "Update README.md" This reverts commit c24aae4039513b087c4480cc5c3737050b518ee5. --- charts/ingress-nginx/README.md | 1 - 1 file changed, 1 deletion(-) diff --git a/charts/ingress-nginx/README.md b/charts/ingress-nginx/README.md index a5884f15d7..9550918732 100644 --- a/charts/ingress-nginx/README.md +++ b/charts/ingress-nginx/README.md @@ -403,7 +403,6 @@ As of version `1.26.0` of this chart, by simply not providing any clusterIP valu | controller.service.appProtocol | bool | `true` | If enabled is adding an appProtocol option for Kubernetes service. An appProtocol field replacing annotations that were using for setting a backend protocol. Here is an example for AWS: service.beta.kubernetes.io/aws-load-balancer-backend-protocol: http It allows choosing the protocol for each backend specified in the Kubernetes service. See the following GitHub issue for more details about the purpose: https://github.com/kubernetes/kubernetes/issues/40244 Will be ignored for Kubernetes versions older than 1.20 # | | controller.service.enableHttp | bool | `true` | | | controller.service.enableHttps | bool | `true` | | -| controller.service.enableHttp2 | bool | `false` | | | controller.service.enabled | bool | `true` | | | controller.service.external.enabled | bool | `true` | | | controller.service.externalIPs | list | `[]` | List of IP addresses at which the controller services are available # Ref: https://kubernetes.io/docs/concepts/services-networking/service/#external-ips # | From 109a29cbedeb6a61859f73673455c40a8c4eb85b Mon Sep 17 00:00:00 2001 From: Julien Cavoizy Date: Tue, 4 Jul 2023 14:37:29 +0200 Subject: [PATCH 6/8] SRE-1334 fix README.md --- charts/ingress-nginx/README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/charts/ingress-nginx/README.md b/charts/ingress-nginx/README.md index 9550918732..b03ad200cb 100644 --- a/charts/ingress-nginx/README.md +++ b/charts/ingress-nginx/README.md @@ -402,6 +402,7 @@ As of version `1.26.0` of this chart, by simply not providing any clusterIP valu | controller.service.annotations | object | `{}` | | | controller.service.appProtocol | bool | `true` | If enabled is adding an appProtocol option for Kubernetes service. An appProtocol field replacing annotations that were using for setting a backend protocol. Here is an example for AWS: service.beta.kubernetes.io/aws-load-balancer-backend-protocol: http It allows choosing the protocol for each backend specified in the Kubernetes service. See the following GitHub issue for more details about the purpose: https://github.com/kubernetes/kubernetes/issues/40244 Will be ignored for Kubernetes versions older than 1.20 # | | controller.service.enableHttp | bool | `true` | | +| controller.service.enableHttp2 | bool | `false` | | | controller.service.enableHttps | bool | `true` | | | controller.service.enabled | bool | `true` | | | controller.service.external.enabled | bool | `true` | | From 8a645afba7b68349f9c790b8291667752dc3da29 Mon Sep 17 00:00:00 2001 From: Julien Cavoizy Date: Tue, 4 Jul 2023 14:37:47 +0200 Subject: [PATCH 7/8] Revert "SRE-1334 fix README.md" This reverts commit 109a29cbedeb6a61859f73673455c40a8c4eb85b. --- charts/ingress-nginx/README.md | 1 - 1 file changed, 1 deletion(-) diff --git a/charts/ingress-nginx/README.md b/charts/ingress-nginx/README.md index b03ad200cb..9550918732 100644 --- a/charts/ingress-nginx/README.md +++ b/charts/ingress-nginx/README.md @@ -402,7 +402,6 @@ As of version `1.26.0` of this chart, by simply not providing any clusterIP valu | controller.service.annotations | object | `{}` | | | controller.service.appProtocol | bool | `true` | If enabled is adding an appProtocol option for Kubernetes service. An appProtocol field replacing annotations that were using for setting a backend protocol. Here is an example for AWS: service.beta.kubernetes.io/aws-load-balancer-backend-protocol: http It allows choosing the protocol for each backend specified in the Kubernetes service. See the following GitHub issue for more details about the purpose: https://github.com/kubernetes/kubernetes/issues/40244 Will be ignored for Kubernetes versions older than 1.20 # | | controller.service.enableHttp | bool | `true` | | -| controller.service.enableHttp2 | bool | `false` | | | controller.service.enableHttps | bool | `true` | | | controller.service.enabled | bool | `true` | | | controller.service.external.enabled | bool | `true` | | From bec052f5413127c663d236737fa4d5bf24b9f830 Mon Sep 17 00:00:00 2001 From: Julien Cavoizy Date: Tue, 4 Jul 2023 14:38:21 +0200 Subject: [PATCH 8/8] fix README.md --- charts/ingress-nginx/README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/charts/ingress-nginx/README.md b/charts/ingress-nginx/README.md index 9550918732..b03ad200cb 100644 --- a/charts/ingress-nginx/README.md +++ b/charts/ingress-nginx/README.md @@ -402,6 +402,7 @@ As of version `1.26.0` of this chart, by simply not providing any clusterIP valu | controller.service.annotations | object | `{}` | | | controller.service.appProtocol | bool | `true` | If enabled is adding an appProtocol option for Kubernetes service. An appProtocol field replacing annotations that were using for setting a backend protocol. Here is an example for AWS: service.beta.kubernetes.io/aws-load-balancer-backend-protocol: http It allows choosing the protocol for each backend specified in the Kubernetes service. See the following GitHub issue for more details about the purpose: https://github.com/kubernetes/kubernetes/issues/40244 Will be ignored for Kubernetes versions older than 1.20 # | | controller.service.enableHttp | bool | `true` | | +| controller.service.enableHttp2 | bool | `false` | | | controller.service.enableHttps | bool | `true` | | | controller.service.enabled | bool | `true` | | | controller.service.external.enabled | bool | `true` | |