From 97da5d3695333f28f16cdc443170ca2231637b7a Mon Sep 17 00:00:00 2001 From: Jared Byers Date: Thu, 6 Apr 2023 02:22:03 -0700 Subject: [PATCH] Updated NGINX Service Mesh references in Helm templates (#3602) Update NGINX Service Mesh Helm templates refs Signed-off-by: Jared Byers --- .../templates/controller-daemonset.yaml | 31 +++++-------------- .../templates/controller-deployment.yaml | 27 +++------------- 2 files changed, 12 insertions(+), 46 deletions(-) diff --git a/deployments/helm-chart/templates/controller-daemonset.yaml b/deployments/helm-chart/templates/controller-daemonset.yaml index 5d69a93645..4133f1cd96 100644 --- a/deployments/helm-chart/templates/controller-daemonset.yaml +++ b/deployments/helm-chart/templates/controller-daemonset.yaml @@ -18,23 +18,20 @@ spec: labels: {{- include "nginx-ingress.selectorLabels" . | nindent 8 }} {{- if .Values.nginxServiceMesh.enable }} + nsm.nginx.com/enable-ingress: "true" + nsm.nginx.com/enable-egress: "{{ .Values.nginxServiceMesh.enableEgress }}" nsm.nginx.com/daemonset: {{ include "nginx-ingress.controller.fullname" . }} - spiffe.io/spiffeid: "true" {{- end }} {{- if .Values.controller.pod.extraLabels }} {{ toYaml .Values.controller.pod.extraLabels | indent 8 }} {{- end }} -{{- if or .Values.prometheus.create (or .Values.controller.pod.annotations .Values.nginxServiceMesh.enable) }} +{{- if or .Values.prometheus.create .Values.controller.pod.annotations }} annotations: {{- if .Values.prometheus.create }} prometheus.io/scrape: "true" prometheus.io/port: "{{ .Values.prometheus.port }}" prometheus.io/scheme: "{{ .Values.prometheus.scheme }}" {{- end }} -{{- if .Values.nginxServiceMesh.enable }} - nsm.nginx.com/enable-ingress: "true" - nsm.nginx.com/enable-egress: "{{ .Values.nginxServiceMesh.enableEgress }}" -{{- end }} {{- if .Values.controller.pod.annotations }} {{ toYaml .Values.controller.pod.annotations | indent 8 }} {{- end }} @@ -64,7 +61,7 @@ spec: affinity: {{ toYaml .Values.controller.affinity | indent 8 }} {{- end }} -{{- if or .Values.controller.readOnlyRootFilesystem .Values.nginxServiceMesh.enable .Values.controller.volumes }} +{{- if or .Values.controller.readOnlyRootFilesystem .Values.controller.volumes }} volumes: {{- end }} {{- if .Values.controller.readOnlyRootFilesystem }} @@ -77,12 +74,6 @@ spec: - name: nginx-log emptyDir: {} {{- end }} -{{- if .Values.nginxServiceMesh.enable }} - - hostPath: - path: /run/spire/sockets - type: DirectoryOrCreate - name: spire-agent-socket -{{- end }} {{- if .Values.controller.volumes }} {{ toYaml .Values.controller.volumes | indent 6 }} {{- end }} @@ -135,7 +126,7 @@ spec: capabilities: drop: - ALL -{{- if or .Values.controller.readOnlyRootFilesystem .Values.nginxServiceMesh.enable .Values.controller.volumeMounts }} +{{- if or .Values.controller.readOnlyRootFilesystem .Values.controller.volumeMounts }} volumeMounts: {{- end }} {{- if .Values.controller.readOnlyRootFilesystem }} @@ -148,10 +139,6 @@ spec: - mountPath: /var/log/nginx name: nginx-log {{- end }} -{{- if .Values.nginxServiceMesh.enable }} - - mountPath: /run/spire/sockets - name: spire-agent-socket -{{- end }} {{- if .Values.controller.volumeMounts }} {{ toYaml .Values.controller.volumeMounts | indent 8 }} {{- end }} @@ -225,9 +212,9 @@ spec: {{- end }} {{- end }} - -enable-leader-election={{ .Values.controller.reportIngressStatus.enableLeaderElection }} - {{- if .Values.controller.reportIngressStatus.enableLeaderElection }} +{{- if .Values.controller.reportIngressStatus.enableLeaderElection }} - -leader-election-lock-name={{ include "nginx-ingress.leaderElectionName" . }} - {{- end }} +{{- end }} {{- if .Values.controller.wildcardTLS.secret }} - -wildcard-tls-secret={{ .Values.controller.wildcardTLS.secret }} {{- else if and .Values.controller.wildcardTLS.cert .Values.controller.wildcardTLS.key }} @@ -256,10 +243,6 @@ spec: - -ready-status={{ .Values.controller.readyStatus.enable }} - -ready-status-port={{ .Values.controller.readyStatus.port }} - -enable-latency-metrics={{ .Values.controller.enableLatencyMetrics }} -{{- if .Values.nginxServiceMesh.enable }} - - -spire-agent-address=/run/spire/sockets/agent.sock - - -enable-internal-routes={{ .Values.nginxServiceMesh.enableEgress }} -{{- end }} {{- if .Values.controller.extraContainers }} {{ toYaml .Values.controller.extraContainers | nindent 6 }} {{- end }} diff --git a/deployments/helm-chart/templates/controller-deployment.yaml b/deployments/helm-chart/templates/controller-deployment.yaml index e6c182dc49..857d9ac303 100644 --- a/deployments/helm-chart/templates/controller-deployment.yaml +++ b/deployments/helm-chart/templates/controller-deployment.yaml @@ -19,23 +19,20 @@ spec: labels: {{- include "nginx-ingress.selectorLabels" . | nindent 8 }} {{- if .Values.nginxServiceMesh.enable }} + nsm.nginx.com/enable-ingress: "true" + nsm.nginx.com/enable-egress: "{{ .Values.nginxServiceMesh.enableEgress }}" nsm.nginx.com/deployment: {{ include "nginx-ingress.controller.fullname" . }} - spiffe.io/spiffeid: "true" {{- end }} {{- if .Values.controller.pod.extraLabels }} {{ toYaml .Values.controller.pod.extraLabels | indent 8 }} {{- end }} -{{- if or .Values.prometheus.create (or .Values.controller.pod.annotations .Values.nginxServiceMesh.enable) }} +{{- if or .Values.prometheus.create .Values.controller.pod.annotations }} annotations: {{- if .Values.prometheus.create }} prometheus.io/scrape: "true" prometheus.io/port: "{{ .Values.prometheus.port }}" prometheus.io/scheme: "{{ .Values.prometheus.scheme }}" {{- end }} -{{- if .Values.nginxServiceMesh.enable }} - nsm.nginx.com/enable-ingress: "true" - nsm.nginx.com/enable-egress: "{{ .Values.nginxServiceMesh.enableEgress }}" -{{- end }} {{- if .Values.controller.pod.annotations }} {{ toYaml .Values.controller.pod.annotations | indent 8 }} {{- end }} @@ -57,7 +54,7 @@ spec: topologySpreadConstraints: {{ toYaml .Values.controller.topologySpreadConstraints | indent 8 }} {{- end }} -{{- if or .Values.controller.readOnlyRootFilesystem .Values.nginxServiceMesh.enable .Values.controller.volumes }} +{{- if or .Values.controller.readOnlyRootFilesystem .Values.controller.volumes }} volumes: {{- end }} {{- if .Values.controller.readOnlyRootFilesystem }} @@ -70,12 +67,6 @@ spec: - name: nginx-log emptyDir: {} {{- end }} -{{- if .Values.nginxServiceMesh.enable }} - - hostPath: - path: /run/spire/sockets - type: DirectoryOrCreate - name: spire-agent-socket -{{- end }} {{- if .Values.controller.volumes }} {{ toYaml .Values.controller.volumes | indent 6 }} {{- end }} @@ -140,7 +131,7 @@ spec: capabilities: drop: - ALL -{{- if or .Values.controller.readOnlyRootFilesystem .Values.nginxServiceMesh.enable .Values.controller.volumeMounts }} +{{- if or .Values.controller.readOnlyRootFilesystem .Values.controller.volumeMounts }} volumeMounts: {{- end }} {{- if .Values.controller.readOnlyRootFilesystem }} @@ -153,10 +144,6 @@ spec: - mountPath: /var/log/nginx name: nginx-log {{- end }} -{{- if .Values.nginxServiceMesh.enable }} - - mountPath: /run/spire/sockets - name: spire-agent-socket -{{- end }} {{- if .Values.controller.volumeMounts}} {{ toYaml .Values.controller.volumeMounts | indent 8 }} {{- end }} @@ -259,10 +246,6 @@ spec: - -ready-status={{ .Values.controller.readyStatus.enable }} - -ready-status-port={{ .Values.controller.readyStatus.port }} - -enable-latency-metrics={{ .Values.controller.enableLatencyMetrics }} -{{- if .Values.nginxServiceMesh.enable }} - - -spire-agent-address=/run/spire/sockets/agent.sock - - -enable-internal-routes={{ .Values.nginxServiceMesh.enableEgress }} -{{- end }} {{- if .Values.controller.extraContainers }} {{ toYaml .Values.controller.extraContainers | nindent 6 }} {{- end }}