Add report-status & leader-election to Helm chart #335
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Dean-Coakley
added
the
enhancement
Dean-Coakley
force-pushed
the
update-helm-chart
branch
from
d5b205d to
85749e4
Compare
isaachawley
suggested changes
Aug 14, 2018
| @@ -69,6 +69,12 @@ spec: | |||
| {{- if .Values.controller.healthStatus }} | |||
| - -health-status | |||
| {{- end }} | |||
| {{- if and (.Values.controller.reportIngressStatus.enable) (.Values.controller.reportIngressStatus.externalService) }} | |||
| - -external-service={{ .Values.controller.reportIngressStatus.externalService }} | |||
| {{- end }} | |||
There was a problem hiding this comment.
Here we need to add the flag -report-ingress-status.
Something like:
{{- if .Values.controller.reportIngressStatus.enable }}
- -report-ingress-status
{{- end }}
Without that flag, status reporting is not actually turned on.
Dean-Coakley
force-pushed
the
update-helm-chart
branch
4 times, most recently
from
ec60483 to
029f666
Compare
pleshakov
suggested changes
Aug 14, 2018
There was a problem hiding this comment.
Additionally,
could you make sure the following lines https://github.com/nginxinc/kubernetes-ingress/blob/master/install/rbac/rbac.yaml#L53-L59 are present in the helm RBAC? Also, could you make them depend on controller.reportIngressStatus.enable?
helm-chart/values-plus.yaml
Outdated
| @@ -14,6 +14,7 @@ controller: | |||
| secret: # <namespace>/<secret_name> | |||
| config: | |||
| entries: {} | |||
| # external-status-address: "1.2.3.4" | |||
helm-chart/values.yaml
Outdated
| @@ -9,6 +9,7 @@ controller: | |||
| pullPolicy: IfNotPresent | |||
| config: | |||
| entries: {} | |||
| # external-status-address: "1.2.3.4" | |||
helm-chart/README.md
Outdated
| @@ -81,6 +81,9 @@ Parameter | Description | Default | |||
| `controller.useIngressClassOnly` | Ignore Ingress resources without the `"kubernetes.io/ingress.class"` annotation. | false | |||
| `controller.watchNamespace` | Namespace to watch for Ingress resources. By default the Ingress controller watches all namespaces. | "" | |||
| `controller.healthStatus` | Add a location "/nginx-health" to the default server. The location responds with the 200 status code for any request. Useful for external health-checking of the Ingress controller. | false | |||
| `controller.reportIngressStatus.enable` | Update the address field in the status of Ingresses resources. Requires `controller.reportIngressStatus.externalService`, or `controller.config.entries.external-status-address`. | false | |||
There was a problem hiding this comment.
-> Update the address field in the status of Ingresses resources with an external address of the Ingress controller. You must also specify the source of the external address either through an external service via controller.reportIngressStatus.externalService or the external-status-address entry in the ConfigMap via controller.config.entries.
There was a problem hiding this comment.
Ok. Adding a note **Note:** controller.reportIngressStatus.externalService takes precedence if both are set.
There was a problem hiding this comment.
external-status-address takes precedence
helm-chart/README.md
Outdated
| @@ -81,6 +81,9 @@ Parameter | Description | Default | |||
| `controller.useIngressClassOnly` | Ignore Ingress resources without the `"kubernetes.io/ingress.class"` annotation. | false | |||
| `controller.watchNamespace` | Namespace to watch for Ingress resources. By default the Ingress controller watches all namespaces. | "" | |||
| `controller.healthStatus` | Add a location "/nginx-health" to the default server. The location responds with the 200 status code for any request. Useful for external health-checking of the Ingress controller. | false | |||
| `controller.reportIngressStatus.enable` | Update the address field in the status of Ingresses resources. Requires `controller.reportIngressStatus.externalService`, or `controller.config.entries.external-status-address`. | false | |||
| `controller.reportIngressStatus.externalService` | Specifies the name of the service with the type LoadBalancer through which the Ingress controller pods are exposed externally. The external address of the service is used when reporting the status of Ingress resources. Requires `controller.reportIngressStatus.enable`. | nginx-ingress | |||
| `controller.reportIngressStatus.enableLeaderElection` | Enable Leader election to avoid multiple replicas of the controller reporting the status of Ingress resources. | true | |||
There was a problem hiding this comment.
--> Enable Leader election to avoid multiple replicas of the controller reporting the status of Ingress resources. Requires controller.reportIngressStatus.enable.
| {{- if .Values.controller.reportIngressStatus.enable }} | ||
| - -report-ingress-status | ||
| {{- if .Values.controller.reportIngressStatus.externalService }} | ||
| - -external-service="{{ .Values.controller.reportIngressStatus.externalService }}" |
| {{- if .Values.controller.reportIngressStatus.enable }} | ||
| - -report-ingress-status | ||
| {{- if .Values.controller.reportIngressStatus.externalService }} | ||
| - -external-service="{{ .Values.controller.reportIngressStatus.externalService }}" |
Dean-Coakley
force-pushed
the
update-helm-chart
branch
from
d302211 to
2d6df63
Compare
isaachawley
suggested changes
Aug 14, 2018
helm-chart/README.md
Outdated
| @@ -81,6 +81,9 @@ Parameter | Description | Default | |||
| `controller.useIngressClassOnly` | Ignore Ingress resources without the `"kubernetes.io/ingress.class"` annotation. | false | |||
| `controller.watchNamespace` | Namespace to watch for Ingress resources. By default the Ingress controller watches all namespaces. | "" | |||
| `controller.healthStatus` | Add a location "/nginx-health" to the default server. The location responds with the 200 status code for any request. Useful for external health-checking of the Ingress controller. | false | |||
| `controller.reportIngressStatus.enable` | Update the address field in the status of Ingresses resources. Requires `controller.reportIngressStatus.externalService`, or `controller.config.entries.external-status-address` to be set. **Note:** `controller.reportIngressStatus.externalService` takes preference if both are set. | false | |||
There was a problem hiding this comment.
controller.config.entries.external-status-address takes precedence if both are set.
helm-chart/README.md
Outdated
| @@ -81,6 +81,9 @@ Parameter | Description | Default | |||
| `controller.useIngressClassOnly` | Ignore Ingress resources without the `"kubernetes.io/ingress.class"` annotation. | false | |||
| `controller.watchNamespace` | Namespace to watch for Ingress resources. By default the Ingress controller watches all namespaces. | "" | |||
| `controller.healthStatus` | Add a location "/nginx-health" to the default server. The location responds with the 200 status code for any request. Useful for external health-checking of the Ingress controller. | false | |||
| `controller.reportIngressStatus.enable` | Update the address field in the status of Ingresses resources. Requires `controller.reportIngressStatus.externalService`, or `controller.config.entries.external-status-address` to be set. **Note:** `controller.reportIngressStatus.externalService` takes preference if both are set. | false | |||
| `controller.reportIngressStatus.externalService` | Specifies the name of the service with the type LoadBalancer through which the Ingress controller pods are exposed externally. The external address of the service is used when reporting the status of Ingress resources. `controller.reportIngressStatus.enable` must be set to `true`. | nginx-ingress | |||
There was a problem hiding this comment.
I would just say "through which the Ingress controller is exposed externally" and not mention pods.
Dean-Coakley
force-pushed
the
update-helm-chart
branch
from
0b09b0b to
f6245bd
Compare
isaachawley
approved these changes
Aug 14, 2018
pleshakov
suggested changes
Aug 15, 2018
helm-chart/templates/rbac.yaml
Outdated
| @@ -56,12 +56,14 @@ rules: | |||
| verbs: | |||
| - list | |||
| - watch | |||
| {{- if .Values.controller.reportIngressStatus.enable }} | |||
There was a problem hiding this comment.
we need get as well for Ingress resources
There was a problem hiding this comment.
thought i added that weeks ago
helm-chart/README.md
Outdated
| @@ -81,6 +81,9 @@ Parameter | Description | Default | |||
| `controller.useIngressClassOnly` | Ignore Ingress resources without the `"kubernetes.io/ingress.class"` annotation. | false | |||
| `controller.watchNamespace` | Namespace to watch for Ingress resources. By default the Ingress controller watches all namespaces. | "" | |||
| `controller.healthStatus` | Add a location "/nginx-health" to the default server. The location responds with the 200 status code for any request. Useful for external health-checking of the Ingress controller. | false | |||
| `controller.reportIngressStatus.enable` | Update the address field in the status of Ingresses resources with an external address of the Ingress controller. You must also specify the source of the external address either through an external service via `controller.reportIngressStatus.externalService` or the `external-status-address` entry in the ConfigMap via `controller.config.entries`. **Note:** `controller.config.entries.external-status-address` takes precedence if both are set. | false | |||
There was a problem hiding this comment.
since by default we set controller.service.create to true, perhaps this should be enabled by default as well?
* Added report-ingress-status to both templates * Fixed leader-election to only be set when report-ingress-status is enabled
* Fix external-status-address to use example ip 1.2.3.4 * Fix externalService default to be nginx-ingress as this will be the most common default * Removed quotes from externalService in values files and moved to templates to follow existing code style
* Added documentation for report-ingress-status related values * Added documentation for leader-election
The IC only requires ingress/status update permissions if report-ingress-status is enabled.
isaachawley
force-pushed
the
update-helm-chart
branch
from
9e3767c to
6a568b8
Compare
Also add get permissions on ingress resources, needed when the status updater is retrying a status update.
isaachawley
force-pushed
the
update-helm-chart
branch
from
6a568b8 to
46500c1
Compare
pleshakov
approved these changes
Aug 16, 2018
pleshakov
changed the title
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Proposed changes
Checklist
Note: I will update documentation once my changes are reviewed