From 904bd5554734996505df42e7dc3928ea15eda2c8 Mon Sep 17 00:00:00 2001 From: Milos <16776599+hau21um@users.noreply.github.com> Date: Tue, 18 Jul 2023 21:22:11 +0200 Subject: [PATCH 1/5] controller-service.yaml - option for uppercase/lowercase appProtocol values.yaml - adding default as lowercase value for appProtocol http/https --- charts/ingress-nginx/Chart.yaml | 8 +++----- charts/ingress-nginx/templates/controller-service.yaml | 8 ++++---- charts/ingress-nginx/values.yaml | 2 ++ 3 files changed, 9 insertions(+), 9 deletions(-) diff --git a/charts/ingress-nginx/Chart.yaml b/charts/ingress-nginx/Chart.yaml index de5fe4df08..30a0bfa87f 100644 --- a/charts/ingress-nginx/Chart.yaml +++ b/charts/ingress-nginx/Chart.yaml @@ -1,9 +1,7 @@ annotations: artifacthub.io/changes: | - - "Added a doc line to the missing helm value service.internal.loadBalancerIP (#9406)" - - "feat(helm): Add loadBalancerClass (#9562)" - - "added helmshowvalues example (#10019)" - - "Update Ingress-Nginx version controller-v1.8.1" + - "Optional uppercase falue of appProtocol for controller service" + - "Making appProtocol available also on GKE k8s" artifacthub.io/prerelease: "false" apiVersion: v2 appVersion: 1.8.1 @@ -23,4 +21,4 @@ maintainers: name: ingress-nginx sources: - https://github.com/kubernetes/ingress-nginx -version: 4.7.1 +version: 4.7.2 diff --git a/charts/ingress-nginx/templates/controller-service.yaml b/charts/ingress-nginx/templates/controller-service.yaml index b2735d2e8f..e286ddd2b6 100644 --- a/charts/ingress-nginx/templates/controller-service.yaml +++ b/charts/ingress-nginx/templates/controller-service.yaml @@ -57,8 +57,8 @@ spec: port: {{ .Values.controller.service.ports.http }} protocol: TCP targetPort: {{ .Values.controller.service.targetPorts.http }} - {{- if and (semverCompare ">=1.20" .Capabilities.KubeVersion.Version) (.Values.controller.service.appProtocol) }} - appProtocol: http + {{- if and (semverCompare ">=1.20.0-0" .Capabilities.KubeVersion.Version) (.Values.controller.service.appProtocol) }} + appProtocol: {{- if .Values.controller.service.appProtocolInUpperCase }} HTTP {{- else }} http {{ end }} {{- end }} {{- if (and $setNodePorts (not (empty .Values.controller.service.nodePorts.http))) }} nodePort: {{ .Values.controller.service.nodePorts.http }} @@ -69,8 +69,8 @@ spec: port: {{ .Values.controller.service.ports.https }} protocol: TCP targetPort: {{ .Values.controller.service.targetPorts.https }} - {{- if and (semverCompare ">=1.20" .Capabilities.KubeVersion.Version) (.Values.controller.service.appProtocol) }} - appProtocol: https + {{- if and (semverCompare ">=1.20.0-0" .Capabilities.KubeVersion.Version) (.Values.controller.service.appProtocol) }} + appProtocol: {{- if .Values.controller.service.appProtocolInUpperCase }} HTTPS {{- else }} https {{ end }} {{- end }} {{- if (and $setNodePorts (not (empty .Values.controller.service.nodePorts.https))) }} nodePort: {{ .Values.controller.service.nodePorts.https }} diff --git a/charts/ingress-nginx/values.yaml b/charts/ingress-nginx/values.yaml index d091391a8c..552d1b10be 100644 --- a/charts/ingress-nginx/values.yaml +++ b/charts/ingress-nginx/values.yaml @@ -413,8 +413,10 @@ controller: # It allows choosing the protocol for each backend specified in the Kubernetes service. # See the following GitHub issue for more details about the purpose: https://github.com/kubernetes/kubernetes/issues/40244 # Will be ignored for Kubernetes versions older than 1.20 + # For GatewayAPI in GKE uppercase values are expected, otherwise LB healthchecks will be allways http. ## appProtocol: true + appProtocolInUpperCase: false annotations: {} labels: {} # clusterIP: "" From 318667fadee5064a78766b4ac072285f4cc431a8 Mon Sep 17 00:00:00 2001 From: Milos <16776599+hau21um@users.noreply.github.com> Date: Tue, 18 Jul 2023 21:38:39 +0200 Subject: [PATCH 2/5] Commenting value file --- charts/ingress-nginx/values.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/charts/ingress-nginx/values.yaml b/charts/ingress-nginx/values.yaml index 552d1b10be..ea64cdeefe 100644 --- a/charts/ingress-nginx/values.yaml +++ b/charts/ingress-nginx/values.yaml @@ -413,9 +413,9 @@ controller: # It allows choosing the protocol for each backend specified in the Kubernetes service. # See the following GitHub issue for more details about the purpose: https://github.com/kubernetes/kubernetes/issues/40244 # Will be ignored for Kubernetes versions older than 1.20 - # For GatewayAPI in GKE uppercase values are expected, otherwise LB healthchecks will be allways http. ## appProtocol: true + # -- For GatewayAPI in GKE uppercase values are expected, otherwise LB healthchecks will be allways http. appProtocolInUpperCase: false annotations: {} labels: {} From c136dda909c75e5376a8e9f3169d63cd89800753 Mon Sep 17 00:00:00 2001 From: Milos <16776599+hau21um@users.noreply.github.com> Date: Wed, 19 Jul 2023 07:39:12 +0200 Subject: [PATCH 3/5] Comments for new paremeter of value file --- charts/ingress-nginx/README.md | 1 + charts/ingress-nginx/values.yaml | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/charts/ingress-nginx/README.md b/charts/ingress-nginx/README.md index 9550918732..4baf63b904 100644 --- a/charts/ingress-nginx/README.md +++ b/charts/ingress-nginx/README.md @@ -401,6 +401,7 @@ As of version `1.26.0` of this chart, by simply not providing any clusterIP valu | controller.scope.namespaceSelector | string | `""` | When scope.enabled == false, instead of watching all namespaces, we watching namespaces whose labels only match with namespaceSelector. Format like foo=bar. Defaults to empty, means watching all namespaces. | | controller.service.annotations | object | `{}` | | | controller.service.appProtocol | bool | `true` | If enabled is adding an appProtocol option for Kubernetes service. An appProtocol field replacing annotations that were using for setting a backend protocol. Here is an example for AWS: service.beta.kubernetes.io/aws-load-balancer-backend-protocol: http It allows choosing the protocol for each backend specified in the Kubernetes service. See the following GitHub issue for more details about the purpose: https://github.com/kubernetes/kubernetes/issues/40244 Will be ignored for Kubernetes versions older than 1.20 # | +| controller.service.appProtocolInUpperCase | bool | `false` | If enabled, appProtocol values will be in uppercase. (This is needed for example with [GKE GatewayAPI](https://cloud.google.com/kubernetes-engine/docs/how-to/secure-gateway#restrictions_and_limitations)) | | controller.service.enableHttp | bool | `true` | | | controller.service.enableHttps | bool | `true` | | | controller.service.enabled | bool | `true` | | diff --git a/charts/ingress-nginx/values.yaml b/charts/ingress-nginx/values.yaml index ea64cdeefe..22d69203ac 100644 --- a/charts/ingress-nginx/values.yaml +++ b/charts/ingress-nginx/values.yaml @@ -415,7 +415,7 @@ controller: # Will be ignored for Kubernetes versions older than 1.20 ## appProtocol: true - # -- For GatewayAPI in GKE uppercase values are expected, otherwise LB healthchecks will be allways http. + # -- If enabled, appProtocol values will be in uppercase. (This is needed for example with GKE GatewayAPI - https://cloud.google.com/kubernetes-engine/docs/how-to/secure-gateway#restrictions_and_limitations) appProtocolInUpperCase: false annotations: {} labels: {} From 7fffd8807714a70845d20e2907ac0e332ac0ca10 Mon Sep 17 00:00:00 2001 From: Milos <16776599+hau21um@users.noreply.github.com> Date: Wed, 19 Jul 2023 07:54:27 +0200 Subject: [PATCH 4/5] charts README.md update --- charts/ingress-nginx/README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/charts/ingress-nginx/README.md b/charts/ingress-nginx/README.md index 4baf63b904..eead18fe1a 100644 --- a/charts/ingress-nginx/README.md +++ b/charts/ingress-nginx/README.md @@ -2,7 +2,7 @@ [ingress-nginx](https://github.com/kubernetes/ingress-nginx) Ingress controller for Kubernetes using NGINX as a reverse proxy and load balancer -![Version: 4.7.1](https://img.shields.io/badge/Version-4.7.1-informational?style=flat-square) ![AppVersion: 1.8.1](https://img.shields.io/badge/AppVersion-1.8.1-informational?style=flat-square) +![Version: 4.7.2](https://img.shields.io/badge/Version-4.7.2-informational?style=flat-square) ![AppVersion: 1.8.1](https://img.shields.io/badge/AppVersion-1.8.1-informational?style=flat-square) To use, add `ingressClassName: nginx` spec field or the `kubernetes.io/ingress.class: nginx` annotation to your Ingress resources. @@ -401,7 +401,7 @@ As of version `1.26.0` of this chart, by simply not providing any clusterIP valu | controller.scope.namespaceSelector | string | `""` | When scope.enabled == false, instead of watching all namespaces, we watching namespaces whose labels only match with namespaceSelector. Format like foo=bar. Defaults to empty, means watching all namespaces. | | controller.service.annotations | object | `{}` | | | controller.service.appProtocol | bool | `true` | If enabled is adding an appProtocol option for Kubernetes service. An appProtocol field replacing annotations that were using for setting a backend protocol. Here is an example for AWS: service.beta.kubernetes.io/aws-load-balancer-backend-protocol: http It allows choosing the protocol for each backend specified in the Kubernetes service. See the following GitHub issue for more details about the purpose: https://github.com/kubernetes/kubernetes/issues/40244 Will be ignored for Kubernetes versions older than 1.20 # | -| controller.service.appProtocolInUpperCase | bool | `false` | If enabled, appProtocol values will be in uppercase. (This is needed for example with [GKE GatewayAPI](https://cloud.google.com/kubernetes-engine/docs/how-to/secure-gateway#restrictions_and_limitations)) | +| controller.service.appProtocolInUpperCase | bool | `false` | If enabled, appProtocol values will be in uppercase. (This is needed for example with GKE GatewayAPI - https://cloud.google.com/kubernetes-engine/docs/how-to/secure-gateway#restrictions_and_limitations) | | controller.service.enableHttp | bool | `true` | | | controller.service.enableHttps | bool | `true` | | | controller.service.enabled | bool | `true` | | From 017c5d9289c1c510a0482dc7113d4b5bea75f503 Mon Sep 17 00:00:00 2001 From: Milos Hauser <16776599+hau21um@users.noreply.github.com> Date: Mon, 11 Sep 2023 14:03:33 +0200 Subject: [PATCH 5/5] Update README.md --- charts/ingress-nginx/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/charts/ingress-nginx/README.md b/charts/ingress-nginx/README.md index a3b955a882..5d52300feb 100644 --- a/charts/ingress-nginx/README.md +++ b/charts/ingress-nginx/README.md @@ -2,7 +2,7 @@ [ingress-nginx](https://github.com/kubernetes/ingress-nginx) Ingress controller for Kubernetes using NGINX as a reverse proxy and load balancer -![Version: 4.7.3](https://img.shields.io/badge/Version-4.7.2-informational?style=flat-square) ![AppVersion: 1.8.2](https://img.shields.io/badge/AppVersion-1.8.2-informational?style=flat-square) +![Version: 4.7.3](https://img.shields.io/badge/Version-4.7.3-informational?style=flat-square) ![AppVersion: 1.8.2](https://img.shields.io/badge/AppVersion-1.8.2-informational?style=flat-square) To use, add `ingressClassName: nginx` spec field or the `kubernetes.io/ingress.class: nginx` annotation to your Ingress resources.