@helm-charts/bitnami-nginx-ingress-controller v3.4.5-0.1.0
@helm-charts/bitnami-nginx-ingress-controller
Chart for the nginx Ingress controller
Field | Value |
---|---|
Repository Name | bitnami |
Chart Name | nginx-ingress-controller |
Chart Version | 3.4.5 |
NPM Package Version | 0.1.0 |
## Global Docker image parameters
## Please, note that this will override the image parameters, including dependencies, configured to use the global value
## Current available global Docker image parameters: imageRegistry and imagePullSecrets
##
# global:
# imageRegistry: myRegistryName
# imagePullSecrets:
# - myRegistryKeySecretName
## Bitnami NGINX Ingress controller image version
## ref: https://hub.docker.com/r/bitnami/nginx-ingress-controller/tags/
name: controller
image:
registry: docker.io
repository: bitnami/nginx-ingress-controller
tag: 0.24.1
## Specify a imagePullPolicy
## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images
##
pullPolicy: IfNotPresent
## Optionally specify an array of imagePullSecrets.
## Secrets must be manually created in the namespace.
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
##
# pullSecrets:
# - myRegistryKeySecretName
config:
use-geoip: 'false'
use-geoip2: 'true'
# Will add custom header to Nginx https://github.com/kubernetes/ingress-nginx/tree/master/docs/examples/customization/custom-headers
headers: {}
# Required for use with CNI based kubernetes installations (such as ones set up by kubeadm),
# since CNI and hostport don't mix yet. Can be deprecated once https://github.com/kubernetes/kubernetes/issues/23920
# is merged
hostNetwork: false
# Optionally change this to ClusterFirstWithHostNet in case you have 'hostNetwork: true'.
# By default, while using host network, name resolution uses the host's DNS. If you wish nginx-controller
# to keep resolving names inside the k8s network, use ClusterFirstWithHostNet.
dnsPolicy: ClusterFirst
## Use host ports 80 and 443
daemonset:
useHostPort: false
hostPorts:
http: 80
https: 443
## Required only if defaultBackend.enabled = false
## Must be <namespace>/<service_name>
##
defaultBackendService: ''
## Election ID to use for status update
##
electionID: ingress-controller-leader
## Name of the ingress class to route through this controller
##
ingressClass: nginx
# labels to add to the pod container metadata
podLabels: {}
# key: value
## Allows customization of the external service
## the ingress will be bound to via DNS
publishService:
enabled: false
## Allows overriding of the publish service to bind to
## Must be <namespace>/<service_name>
##
pathOverride: ''
## Limit the scope of the controller
##
scope:
enabled: false
namespace: '' # defaults to .Release.Namespace
## Additional command line arguments to pass to nginx-ingress-controller
## E.g. to specify the default SSL certificate you can use
## extraArgs:
## default-ssl-certificate: "<namespace>/<secret_name>"
extraArgs: {}
## Additional environment variables to set
extraEnvs: []
# extraEnvs:
# - name: FOO
# valueFrom:
# secretKeyRef:
# key: FOO
# name: secret-resource
## DaemonSet or Deployment
##
kind: Deployment
# The update strategy to apply to the Deployment or DaemonSet
##
updateStrategy: {}
# rollingUpdate:
# maxUnavailable: 1
# type: RollingUpdate
# minReadySeconds to avoid killing pods before we are ready
##
minReadySeconds: 0
## Node tolerations for server scheduling to nodes with taints
## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/
##
tolerations: []
# - key: "key"
# operator: "Equal|Exists"
# value: "value"
# effect: "NoSchedule|PreferNoSchedule|NoExecute(1.6 only)"
affinity: {}
## Node labels for controller pod assignment
## Ref: https://kubernetes.io/docs/user-guide/node-selection/
##
nodeSelector: {}
## Liveness and readiness probe values
## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes
##
livenessProbe:
failureThreshold: 3
initialDelaySeconds: 10
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 1
port: 10254
readinessProbe:
failureThreshold: 3
initialDelaySeconds: 10
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 1
port: 10254
## Annotations to be added to controller pods
##
podAnnotations: {}
replicaCount: 1
minAvailable: 1
resources: {}
# limits:
# cpu: 100m
# memory: 64Mi
# requests:
# cpu: 100m
# memory: 64Mi
autoscaling:
enabled: false
# minReplicas: 1
# maxReplicas: 11
# targetCPUUtilizationPercentage: 50
# targetMemoryUtilizationPercentage: 50
## Override NGINX template
customTemplate:
configMapName: ''
configMapKey: ''
service:
annotations: {}
labels: {}
clusterIP: ''
## List of IP addresses at which the controller services are available
## Ref: https://kubernetes.io/docs/user-guide/services/#external-ips
##
externalIPs: []
loadBalancerIP: ''
loadBalancerSourceRanges: []
enableHttp: true
enableHttps: true
## Set external traffic policy to: "Local" to preserve source IP on
## providers supporting it
## Ref: https://kubernetes.io/docs/tutorials/services/source-ip/#source-ip-for-services-with-typeloadbalancer
externalTrafficPolicy: ''
healthCheckNodePort: 0
targetPorts:
http: http
https: https
type: LoadBalancer
# type: NodePort
# nodePorts:
# http: 32080
# https: 32443
nodePorts:
http: ''
https: ''
extraContainers: []
## Additional containers to be added to the controller pod.
## See https://github.com/lemonldap-ng-controller/lemonldap-ng-controller as example.
# - name: my-sidecar
# image: nginx:latest
# - name: lemonldap-ng-controller
# image: lemonldapng/lemonldap-ng-controller:0.2.0
# args:
# - /lemonldap-ng-controller
# - --alsologtostderr
# - --configmap=$(POD_NAMESPACE)/lemonldap-ng-configuration
# env:
# - name: POD_NAME
# valueFrom:
# fieldRef:
# fieldPath: metadata.name
# - name: POD_NAMESPACE
# valueFrom:
# fieldRef:
# fieldPath: metadata.namespace
# volumeMounts:
# - name: copy-portal-skins
# mountPath: /srv/var/lib/lemonldap-ng/portal/skins
extraVolumeMounts: []
## Additional volumeMounts to the controller main container.
# - name: copy-portal-skins
# mountPath: /var/lib/lemonldap-ng/portal/skins
extraVolumes: []
## Additional volumes to the controller pod.
# - name: copy-portal-skins
# emptyDir: {}
extraInitContainers: []
## Containers, which are run before the app containers are started.
# - name: init-myservice
# image: bitnami/minideb
# command: ['sh', '-c', 'install_packages dnsutils && until nslookup myservice; do echo waiting for myservice; sleep 2; done;']
stats:
enabled: false
service:
annotations: {}
clusterIP: ''
## List of IP addresses at which the stats service is available
## Ref: https://kubernetes.io/docs/user-guide/services/#external-ips
##
externalIPs: []
loadBalancerIP: ''
loadBalancerSourceRanges: []
port: 18080
type: ClusterIP
## If controller.stats.enabled = true and controller.metrics.enabled = true, Prometheus metrics will be exported
##
metrics:
enabled: false
service:
annotations:
prometheus.io/scrape: 'true'
prometheus.io/port: '10254'
clusterIP: ''
## List of IP addresses at which the stats-exporter service is available
## Ref: https://kubernetes.io/docs/user-guide/services/#external-ips
##
externalIPs: []
loadBalancerIP: ''
loadBalancerSourceRanges: []
port: 9913
type: ClusterIP
lifecycle: {}
priorityClassName: ''
## Rollback limit
##
revisionHistoryLimit: 10
## Default 404 backend
##
defaultBackend:
## If false, controller.defaultBackendService must be provided
##
enabled: true
name: default-backend
image:
registry: docker.io
repository: bitnami/nginx
tag: latest
pullPolicy: Always
## Optionally specify an array of imagePullSecrets.
## Secrets must be manually created in the namespace.
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
##
# pullSecrets:
# - myRegistryKeySecretName
extraArgs: {}
port: 8080
## Node tolerations for server scheduling to nodes with taints
## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/
##
tolerations: []
# - key: "key"
# operator: "Equal|Exists"
# value: "value"
# effect: "NoSchedule|PreferNoSchedule|NoExecute(1.6 only)"
affinity: {}
# labels to add to the pod container metadata
podLabels: {}
# key: value
## Node labels for default backend pod assignment
## Ref: https://kubernetes.io/docs/user-guide/node-selection/
##
nodeSelector: {}
## Annotations to be added to default backend pods
##
podAnnotations: {}
replicaCount: 1
minAvailable: 1
resources: {}
# limits:
# cpu: 10m
# memory: 20Mi
# requests:
# cpu: 10m
# memory: 20Mi
service:
annotations: {}
clusterIP: ''
## List of IP addresses at which the default backend service is available
## Ref: https://kubernetes.io/docs/user-guide/services/#external-ips
##
externalIPs: []
loadBalancerIP: ''
loadBalancerSourceRanges: []
port: 80
type: ClusterIP
priorityClassName: ''
## Enable RBAC as per https://github.com/kubernetes/ingress/tree/master/examples/rbac/nginx and https://github.com/kubernetes/ingress/issues/266
rbac:
create: true
## Kubernetes Security Context
## https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
##
securityContext:
fsGroup: 1001
runAsUser: 1001
# If true, create & use Pod Security Policy resources
# https://kubernetes.io/docs/concepts/policy/pod-security-policy/
podSecurityPolicy:
enabled: false
serviceAccount:
create: true
name:
# TCP service key:value pairs
# Ref: https://github.com/kubernetes/contrib/tree/master/ingress/controllers/nginx/examples/tcp
##
tcp: {}
# 8080: "default/example-tcp-svc:9000"
# UDP service key:value pairs
# Ref: https://github.com/kubernetes/contrib/tree/master/ingress/controllers/nginx/examples/udp
##
udp: {}
# 53: "kube-system/kube-dns:53"
Nginx Ingress Controller
nginx-ingress is an Ingress controller that uses NGINX to manage external access to HTTP services in a Kubernetes cluster.
TL;DR;
$ helm install bitnami/nginx-ingress-controller
Introduction
Bitnami charts for Helm are carefully engineered, actively maintained and are the quickest and easiest way to deploy containers on a Kubernetes cluster that are ready to handle production workloads.
This chart bootstraps a nginx-ingress deployment on a Kubernetes cluster using the Helm package manager.
Bitnami charts can be used with Kubeapps for deployment and management of Helm Charts in clusters. This Helm chart has been tested on top of Bitnami Kubernetes Production Runtime (BKPR). Deploy BKPR to get automated TLS certificates, logging and monitoring for your applications.
Prerequisites
- Kubernetes 1.6+
Installing the Chart
To install the chart with the release name my-release
:
$ helm install --name my-release bitnami/nginx-ingress-controller
The command deploys nginx-ingress-controller on the Kubernetes cluster in the default configuration.
Tip: List all releases using
helm list
Uninstalling the Chart
To uninstall/delete the my-release
deployment:
$ helm delete my-release
The command removes all the Kubernetes components associated with the chart and deletes the release.
Configuration
The following tables lists the configurable parameters of the nginx-ingress-controller chart and their default values.
Parameter | Description | Default |
---|---|---|
global.imageRegistry | Global Docker image registry | nil |
global.imagePullSecrets | Global Docker registry secret names as an array | [] (does not add image pull secrets to deployed pods) |
name | name of the controller component | controller |
image.registry | name of the container image registry | docker.io |
image.repository | controller container image repository | bitnami/nginx-ingress-controller |
image.tag | controller container image tag | {VERSION} |
image.pullPolicy | controller container image pull policy | IfNotPresent |
config | nginx ConfigMap entries | use-geoip: "false", use-geoip2: "true" |
hostNetwork | If the nginx deployment / daemonset should run on the host's network namespace. Do not set this when controller.service.externalIPs is set and kube-proxy is used as there will be a port-conflict for port 80 | false |
defaultBackendService | default 404 backend service; required only if defaultBackend.enabled = false | "" |
electionID | election ID to use for the status update | ingress-controller-leader |
extraEnvs | any additional environment variables to set in the pods | {} |
extraContainers | Sidecar containers to add to the controller pod. See LemonLDAP::NG controller as example | {} |
extraVolumeMounts | Additional volumeMounts to the controller main container | {} |
extraVolumes | Additional volumes to the controller pod | {} |
extraInitContainers | Containers, which are run before the app containers are started | [] |
ingressClass | name of the ingress class to route through this controller | nginx |
scope.enabled | limit the scope of the ingress controller | false (watch all namespaces) |
scope.namespace | namespace to watch for ingress | "" (use the release namespace) |
extraArgs | Additional controller container arguments | {} |
kind | install as Deployment or DaemonSet | Deployment |
daemonset.useHostPort | If controller.kind is DaemonSet , this will enable hostPort for TCP/80 and TCP/443 | false |
daemonset.hostPorts.http | If controller.daemonset.useHostPort is true and this is non-empty, it sets the hostPort | "80" |
daemonset.hostPorts.https | If controller.daemonset.useHostPort is true and this is non-empty, it sets the hostPort | "443" |
tolerations | node taints to tolerate (requires Kubernetes >=1.6) | [] |
affinity | node/pod affinities (requires Kubernetes >=1.6) | {} |
minReadySeconds | how many seconds a pod needs to be ready before killing the next, during update | 0 |
nodeSelector | node labels for pod assignment | {} |
podAnnotations | annotations to be added to pods | {} |
podLabels | labels to add to the pod container metadata | {} |
replicaCount | desired number of controller pods | 1 |
minAvailable | minimum number of available controller pods for PodDisruptionBudget | 1 |
resources | controller pod resource requests & limits | {} |
priorityClassName | controller priorityClassName | nil |
lifecycle | controller pod lifecycle hooks | {} |
service.annotations | annotations for controller service | {} |
service.labels | labels for controller service | {} |
publishService.enabled | if true, the controller will set the endpoint records on the ingress objects to reflect those on the service | false |
publishService.pathOverride | override of the default publish-service name | "" |
service.clusterIP | internal controller cluster service IP | "" |
service.externalIPs | controller service external IP addresses. Do not set this when controller.hostNetwork is set to true and kube-proxy is used as there will be a port-conflict for port 80 | [] |
service.externalTrafficPolicy | If controller.service.type is NodePort or LoadBalancer , set this to Local to enable source IP preservation | "Cluster" |
service.healthCheckNodePort | If controller.service.type is NodePort or LoadBalancer and controller.service.externalTrafficPolicy is set to Local , set this to the managed health-check port the kube-proxy will expose. If blank, a random port in the NodePort range will be assigned | "" |
service.loadBalancerIP | IP address to assign to load balancer (if supported) | "" |
service.loadBalancerSourceRanges | list of IP CIDRs allowed access to load balancer (if supported) | [] |
service.enableHttp | if port 80 should be opened for service | true |
service.enableHttps | if port 443 should be opened for service | true |
service.targetPorts.http | Sets the targetPort that maps to the Ingress' port 80 | 80 |
service.targetPorts.https | Sets the targetPort that maps to the Ingress' port 443 | 443 |
service.type | type of controller service to create | LoadBalancer |
service.nodePorts.http | If controller.service.type is NodePort and this is non-empty, it sets the nodePort that maps to the Ingress' port 80 | "" |
service.nodePorts.https | If controller.service.type is NodePort and this is non-empty, it sets the nodePort that maps to the Ingress' port 443 | "" |
livenessProbe.initialDelaySeconds | Delay before liveness probe is initiated | 10 |
livenessProbe.periodSeconds | How often to perform the probe | 10 |
livenessProbe.timeoutSeconds | When the probe times out | 5 |
livenessProbe.successThreshold | Minimum consecutive successes for the probe to be considered successful after having failed. | 1 |
livenessProbe.failureThreshold | Minimum consecutive failures for the probe to be considered failed after having succeeded. | 3 |
livenessProbe.port | The port number that the liveness probe will listen on. | 10254 |
readinessProbe.initialDelaySeconds | Delay before readiness probe is initiated | 10 |
readinessProbe.periodSeconds | How often to perform the probe | 10 |
readinessProbe.timeoutSeconds | When the probe times out | 1 |
readinessProbe.successThreshold | Minimum consecutive successes for the probe to be considered successful after having failed. | 1 |
readinessProbe.failureThreshold | Minimum consecutive failures for the probe to be considered failed after having succeeded. | 3 |
readinessProbe.port | The port number that the readiness probe will listen on. | 10254 |
stats.enabled | if true , enable "vts-status" page | false |
stats.service.annotations | annotations for controller stats service | {} |
stats.service.clusterIP | internal controller stats cluster service IP | "" |
stats.service.externalIPs | controller service stats external IP addresses | [] |
stats.service.loadBalancerIP | IP address to assign to load balancer (if supported) | "" |
stats.service.loadBalancerSourceRanges | list of IP CIDRs allowed access to load balancer (if supported) | [] |
stats.service.type | type of controller stats service to create | ClusterIP |
metrics.enabled | if true , enable Prometheus metrics (controller.stats.enabled must be true as well) | false |
metrics.service.annotations | annotations for Prometheus metrics service | {} |
metrics.service.clusterIP | cluster IP address to assign to service | "" |
metrics.service.externalIPs | Prometheus metrics service external IP addresses | [] |
metrics.service.loadBalancerIP | IP address to assign to load balancer (if supported) | "" |
metrics.service.loadBalancerSourceRanges | list of IP CIDRs allowed access to load balancer (if supported) | [] |
metrics.service.port | Prometheus metrics service port | 9913 |
metrics.service.type | type of Prometheus metrics service to create | ClusterIP |
customTemplate.configMapName | configMap containing a custom nginx template | "" |
customTemplate.configMapKey | configMap key containing the nginx template | "" |
headers | configMap key:value pairs containing the custom headers for Nginx | {} |
updateStrategy | allows setting of RollingUpdate strategy | {} |
defaultBackend.enabled | If false, controller.defaultBackendService must be provided | true |
defaultBackend.name | name of the default backend component | default-backend |
defaultBackend.image.repository | default backend container image repository | k8s.gcr.io/defaultbackend |
defaultBackend.image.tag | default backend container image tag | 1.4 |
defaultBackend.image.pullPolicy | default backend container image pull policy | IfNotPresent |
defaultBackend.extraArgs | Additional default backend container arguments | {} |
defaultBackend.port | Http port number | 8080 |
defaultBackend.tolerations | node taints to tolerate (requires Kubernetes >=1.6) | [] |
defaultBackend.affinity | node/pod affinities (requires Kubernetes >=1.6) | {} |
defaultBackend.nodeSelector | node labels for pod assignment | {} |
defaultBackend.podAnnotations | annotations to be added to pods | {} |
defaultBackend.podLabels | labels to add to the pod container metadata | {} |
defaultBackend.replicaCount | desired number of default backend pods | 1 |
defaultBackend.minAvailable | minimum number of available default backend pods for PodDisruptionBudget | 1 |
defaultBackend.resources | default backend pod resource requests & limits | {} |
defaultBackend.priorityClassName | default backend priorityClassName | nil |
defaultBackend.service.annotations | annotations for default backend service | {} |
defaultBackend.service.clusterIP | internal default backend cluster service IP | "" |
defaultBackend.service.externalIPs | default backend service external IP addresses | [] |
defaultBackend.service.loadBalancerIP | IP address to assign to load balancer (if supported) | "" |
defaultBackend.service.loadBalancerSourceRanges | list of IP CIDRs allowed access to load balancer (if supported) | [] |
defaultBackend.service.type | type of default backend service to create | ClusterIP |
imagePullSecrets | name of Secret resource containing private registry credentials | nil |
rbac.create | if true , create & use RBAC resources | true |
securityContext.fsGroup | Group ID for the container | 1001 |
securityContext.runAsUser | User ID for the container | 1001 |
podSecurityPolicy.enabled | if true , create & use Pod Security Policy resources |
5 years ago
5 years ago
5 years ago
5 years ago
5 years ago
5 years ago
5 years ago
5 years ago
5 years ago
5 years ago
5 years ago
5 years ago
5 years ago
5 years ago
5 years ago
5 years ago
5 years ago
5 years ago
5 years ago
5 years ago
5 years ago
5 years ago
5 years ago
5 years ago
5 years ago
5 years ago
5 years ago
5 years ago