-
Notifications
You must be signed in to change notification settings - Fork 1
/
values-admin-https.yaml
executable file
·214 lines (185 loc) · 5.5 KB
/
values-admin-https.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
# Default values for kong.
# Declare variables to be passed into your templates.
image:
repository: kong
tag: 1.1
pullPolicy: IfNotPresent
## Optionally specify an array of imagePullSecrets.
## Secrets must be manually created in the namespace.
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
##
# pullSecrets:
# - myRegistrKeySecretName
waitImage:
repository: busybox
tag: latest
# Specify Kong admin and proxy services configurations
admin:
# If you want to specify annotations for the admin service, uncomment the following
# line, add additional or adjust as needed, and remove the curly braces after 'annotations:'.
annotations: {}
# service.beta.kubernetes.io/aws-load-balancer-proxy-protocol: "*"
# HTTPS traffic on the admin port
# if set to false also set readinessProbe and livenessProbe httpGet scheme's to 'HTTP'
useTLS: true
servicePort: 8444
nodePort: 32344
containerPort: 8444
# Kong admin service type
type: NodePort
# Set a nodePort which is available
# nodePort: 32444
# Kong admin ingress settings.
ingress:
# Enable/disable exposure using ingress.
enabled: false
# TLS secret name.
# tls: kong-admin.example.com-tls
# Array of ingress hosts.
hosts: []
# Map of ingress annotations.
annotations: {}
# Ingress path.
path: /
proxy:
# If you want to specify annotations for the proxy service, uncomment the following
# line, add additional or adjust as needed, and remove the curly braces after 'annotations:'.
annotations: {}
# service.beta.kubernetes.io/aws-load-balancer-proxy-protocol: "*"
# HTTP plain-text traffic
http:
enabled: true
servicePort: 80
nodePort: 32380
containerPort: 8000
# Set a nodePort which is available if service type is NodePort
# nodePort: 32080
tls:
enabled: true
servicePort: 443
nodePort: 32343
containerPort: 8443
# Set a nodePort which is available if service type is NodePort
# nodePort: 32443
type: NodePort
# Kong proxy ingress settings.
ingress:
# Enable/disable exposure using ingress.
enabled: false
# TLS secret name.
# tls: kong-proxy.example.com-tls
# Array of ingress hosts.
hosts: []
# Map of ingress annotations.
annotations: {}
# Ingress path.
path: /
externalIPs: []
# Set runMigrations to run Kong migrations
runMigrations: true
# Specify Kong configurations
# Kong configurations guide https://getkong.org/docs/latest/configuration/
env:
database: postgres
# If you want to specify resources, uncomment the following
# lines, adjust them as necessary, and remove the curly braces after 'resources:'.
resources: {}
# limits:
# cpu: 100m
# memory: 128Mi
# requests:
# cpu: 100m
# memory: 128Mi
# readinessProbe for Kong pods
readinessProbe:
httpGet:
path: "/status"
port: admin
scheme: HTTPS
initialDelaySeconds: 30
timeoutSeconds: 1
periodSeconds: 10
successThreshold: 1
failureThreshold: 5
# livenessProbe for Kong pods
livenessProbe:
httpGet:
path: "/status"
port: admin
scheme: HTTPS
initialDelaySeconds: 30
timeoutSeconds: 5
periodSeconds: 30
successThreshold: 1
failureThreshold: 5
# Affinity for pod assignment
# Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity
# affinity: {}
# Tolerations for pod assignment
# Ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
tolerations: []
# Node labels for pod assignment
# Ref: https://kubernetes.io/docs/user-guide/node-selection/
nodeSelector: {}
# Annotation to be added to Kong pods
podAnnotations: {}
# Kong pod count
replicaCount: 1
# Kong has a choice of either Postgres or Cassandra as a backend datatstore.
# This chart allows you to choose either of them with the `database.type`
# parameter. Postgres is chosen by default.
# Additionally, this chart allows you to use your own database or spin up a new
# instance by using the `postgres.enabled` or `cassandra.enabled` parameters.
# Enabling both will create both databases in your cluster, but only one
# will be used by Kong based on the `env.database` parameter.
# Postgres is enabled by default.
# Cassandra chart configs
cassandra:
enabled: false
# PostgreSQL chart configs
postgresql:
enabled: true
postgresqlUsername: kong
postgresqlDatabase: kong
service:
port: 5432
# Kong Ingress Controller's primary purpose is to satisfy Ingress resources
# created in k8s. It uses CRDs for more fine grained control over routing and
# for Kong specific configuration.
ingressController:
enabled: true
image:
repository: kong-docker-kubernetes-ingress-controller.bintray.io/kong-ingress-controller
tag: 0.3.0
replicaCount: 1
livenessProbe:
failureThreshold: 3
httpGet:
path: "/healthz"
port: 10254
scheme: HTTP
initialDelaySeconds: 30
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 5
readinessProbe:
failureThreshold: 3
httpGet:
path: "/healthz"
port: 10254
scheme: HTTP
initialDelaySeconds: 30
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 5
installCRDs: true
rbac:
# Specifies whether RBAC resources should be created
create: true
serviceAccount:
# Specifies whether a ServiceAccount should be created
create: true
# The name of the ServiceAccount to use.
# If not set and create is true, a name is generated using the fullname template
name:
ingressClass: kong