diff --git a/charts/gateway/Chart.yaml b/charts/gateway/Chart.yaml index ef5d759..8cab70f 100644 --- a/charts/gateway/Chart.yaml +++ b/charts/gateway/Chart.yaml @@ -14,7 +14,7 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.2.24 +version: 0.2.25 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to diff --git a/charts/gateway/README.md b/charts/gateway/README.md index 546176e..643a6a1 100644 --- a/charts/gateway/README.md +++ b/charts/gateway/README.md @@ -172,18 +172,20 @@ The command removes all the Kubernetes components associated with the chart and | fullnameOverride | string | `""` | | | gateway.externalIPs | list | `[]` | IPs for which nodes in the cluster will also accept traffic for the servic annotations: service.beta.kubernetes.io/aws-load-balancer-type: nlb | | gateway.externalTrafficPolicy | string | `"Cluster"` | | -| gateway.http | object | `{"additionalContainerPorts":[],"containerPort":9080,"enabled":true,"servicePort":80}` | API7 Gateway service settings for http | +| gateway.http | object | `{"additionalContainerPorts":[],"containerPort":9080,"enabled":true,"ip":"0.0.0.0","servicePort":80}` | API7 Gateway service settings for http | | gateway.http.additionalContainerPorts | list | `[]` | Support multiple http ports, See [Configuration](https://github.com/apache/apisix/blob/0bc65ea9acd726f79f80ae0abd8f50b7eb172e3d/conf/config-default.yaml#L24) | +| gateway.http.ip | string | `"0.0.0.0"` | which ip to listen on for API7 Gateway http service. | | gateway.ingress | object | `{"annotations":{},"enabled":false,"hosts":[{"host":"apisix.local","paths":[]}],"tls":[]}` | Using ingress access API7 Gateway service | | gateway.ingress.annotations | object | `{}` | Ingress annotations | | gateway.labelsOverride | object | `{}` | Override default labels assigned to API7 Gateway gateway resources | | gateway.livenessProbe | object | `{}` | kubernetes liveness probe. | | gateway.readinessProbe | object | `{}` | kubernetes readiness probe, we will provide a probe based on tcpSocket to gateway's HTTP port by default. | | gateway.stream | object | `{"enabled":false,"only":false,"tcp":[],"udp":[]}` | API7 Gateway service settings for stream. L4 proxy (TCP/UDP) | -| gateway.tls | object | `{"additionalContainerPorts":[],"certCAFilename":"","containerPort":9443,"enabled":true,"existingCASecret":"","http2":{"enabled":true},"servicePort":443,"sslProtocols":"TLSv1.2 TLSv1.3"}` | API7 Gateway service settings for tls | +| gateway.tls | object | `{"additionalContainerPorts":[],"certCAFilename":"","containerPort":9443,"enabled":true,"existingCASecret":"","http2":{"enabled":true},"ip":"0.0.0.0","servicePort":443,"sslProtocols":"TLSv1.2 TLSv1.3"}` | API7 Gateway service settings for tls | | gateway.tls.additionalContainerPorts | list | `[]` | Support multiple https ports, See [Configuration](https://github.com/apache/apisix/blob/0bc65ea9acd726f79f80ae0abd8f50b7eb172e3d/conf/config-default.yaml#L99) | | gateway.tls.certCAFilename | string | `""` | Filename be used in the gateway.tls.existingCASecret | | gateway.tls.existingCASecret | string | `""` | Specifies the name of Secret contains trusted CA certificates in the PEM format used to verify the certificate when APISIX needs to do SSL/TLS handshaking with external services (e.g. etcd) | +| gateway.tls.ip | string | `"0.0.0.0"` | which ip to listen on for API7 Gateway https service. | | gateway.tls.sslProtocols | string | `"TLSv1.2 TLSv1.3"` | TLS protocols allowed to use. | | gateway.type | string | `"NodePort"` | API7 Gateway service type for user access itself | | global.imagePullSecrets | list | `[]` | Global Docker registry secret names as an array | diff --git a/charts/gateway/templates/configmap.yaml b/charts/gateway/templates/configmap.yaml index 805e608..fb54a88 100644 --- a/charts/gateway/templates/configmap.yaml +++ b/charts/gateway/templates/configmap.yaml @@ -18,7 +18,8 @@ data: {{- end }} apisix: # universal configurations node_listen: # APISIX listening port - - {{ .Values.gateway.http.containerPort }} + - ip: {{ .Values.gateway.http.ip }} + port: {{ .Values.gateway.http.containerPort }} {{- with .Values.gateway.http.additionalContainerPorts }} {{- toYaml . | nindent 8}} {{- end }} @@ -114,7 +115,8 @@ data: ssl: enable: {{ .Values.gateway.tls.enabled }} listen: - - port: {{ .Values.gateway.tls.containerPort }} + - ip: {{ .Values.gateway.tls.ip }} + port: {{ .Values.gateway.tls.containerPort }} enable_http2: {{ .Values.gateway.tls.http2.enabled }} {{- with .Values.gateway.tls.additionalContainerPorts }} {{- toYaml . | nindent 10}} diff --git a/charts/gateway/values.yaml b/charts/gateway/values.yaml index fc40e74..458bca9 100644 --- a/charts/gateway/values.yaml +++ b/charts/gateway/values.yaml @@ -259,6 +259,8 @@ gateway: # -- API7 Gateway service settings for http http: enabled: true + # -- which ip to listen on for API7 Gateway http service. + ip: 0.0.0.0 servicePort: 80 containerPort: 9080 # -- Support multiple http ports, See [Configuration](https://github.com/apache/apisix/blob/0bc65ea9acd726f79f80ae0abd8f50b7eb172e3d/conf/config-default.yaml#L24) @@ -271,6 +273,8 @@ gateway: # -- API7 Gateway service settings for tls tls: enabled: true + # -- which ip to listen on for API7 Gateway https service. + ip: 0.0.0.0 servicePort: 443 containerPort: 9443 # -- Support multiple https ports, See [Configuration](https://github.com/apache/apisix/blob/0bc65ea9acd726f79f80ae0abd8f50b7eb172e3d/conf/config-default.yaml#L99)