From 246d4d3f2106861c613d2ba54965b8b56f5a48c3 Mon Sep 17 00:00:00 2001 From: Jarvis Date: Mon, 29 Jun 2026 17:25:11 +0800 Subject: [PATCH] release(aisix-cp): 0.2.0 Sync the accumulated CP-chart delta into the public chart for the 0.2.0 release and pin to the published 0.2.0 images. - bump version + appVersion 0.1.0 -> 0.2.0 (appVersion pins the docker.io/api7/* image tags) - dpm: add the kubelet-probeable /healthz health listener (AISIX_DPMGR_HEALTH_LISTEN, default :7946) with httpGet readiness + liveness probes; fall back to a TCP check on the mTLS port when healthListen="" (synced from control-plane/helm/aisix-cp) - regenerate README via helm-docs Public adaptations preserved: docker.io registries, empty tag -> .Chart.AppVersion, dpImage default, README. --- charts/aisix-cp/Chart.yaml | 4 +-- charts/aisix-cp/README.md | 3 +- charts/aisix-cp/templates/dpm-deployment.yaml | 30 +++++++++++++++++++ charts/aisix-cp/values.yaml | 5 ++++ 4 files changed, 39 insertions(+), 3 deletions(-) diff --git a/charts/aisix-cp/Chart.yaml b/charts/aisix-cp/Chart.yaml index 66e2e51..ea8b2a9 100644 --- a/charts/aisix-cp/Chart.yaml +++ b/charts/aisix-cp/Chart.yaml @@ -2,8 +2,8 @@ apiVersion: v2 name: aisix-cp description: Helm chart for AISIX control plane (cp-api, dp-manager, dashboard) type: application -version: 0.1.0 -appVersion: "0.1.0" +version: 0.2.0 +appVersion: "0.2.0" maintainers: - name: API7 diff --git a/charts/aisix-cp/README.md b/charts/aisix-cp/README.md index 902c268..57ae370 100644 --- a/charts/aisix-cp/README.md +++ b/charts/aisix-cp/README.md @@ -1,6 +1,6 @@ # aisix-cp -![Version: 0.1.0](https://img.shields.io/badge/Version-0.1.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.1.0](https://img.shields.io/badge/AppVersion-0.1.0-informational?style=flat-square) +![Version: 0.2.0](https://img.shields.io/badge/Version-0.2.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.2.0](https://img.shields.io/badge/AppVersion-0.2.0-informational?style=flat-square) Helm chart for AISIX control plane (cp-api, dp-manager, dashboard) @@ -65,6 +65,7 @@ Helm chart for AISIX control plane (cp-api, dp-manager, dashboard) | dpm.securityContext.allowPrivilegeEscalation | bool | `false` | | | dpm.securityContext.capabilities.drop[0] | string | `"ALL"` | | | dpm.securityContext.readOnlyRootFilesystem | bool | `true` | | +| dpm.service.healthListen | string | `":7946"` | | | dpm.service.nodePort | string | `""` | | | dpm.service.port | int | `7944` | | | dpm.service.type | string | `"ClusterIP"` | | diff --git a/charts/aisix-cp/templates/dpm-deployment.yaml b/charts/aisix-cp/templates/dpm-deployment.yaml index 57a547c..4ca5edf 100644 --- a/charts/aisix-cp/templates/dpm-deployment.yaml +++ b/charts/aisix-cp/templates/dpm-deployment.yaml @@ -36,6 +36,11 @@ spec: - name: tls containerPort: 7944 protocol: TCP + {{- if .Values.dpm.service.healthListen }} + - name: health + containerPort: {{ trimPrefix ":" .Values.dpm.service.healthListen | int }} + protocol: TCP + {{- end }} env: - name: PGPASSWORD valueFrom: @@ -44,6 +49,8 @@ spec: key: {{ include "aisix-cp.pgPasswordSecretKey" . }} - name: AISIX_DPMGR_LISTEN value: ":7944" + - name: AISIX_DPMGR_HEALTH_LISTEN + value: {{ .Values.dpm.service.healthListen | quote }} - name: AISIX_DPMGR_DATABASE_URL value: {{ include "aisix-cp.databaseURL" . }} - name: AISIX_DPMGR_MASTER_KEY @@ -56,6 +63,28 @@ spec: {{- with .Values.dpm.extraEnvVars }} {{- toYaml . | nindent 12 }} {{- end }} + # Probe the plain-HTTP /healthz (poller liveness), not the + # mTLS port: a kubelet cannot present a client cert, and a + # TCP check on 7944 stays green even if the outbox poller is + # dead/wedged. A stale poller fails readiness (removed from the + # Service) and liveness (pod restarted). When the health + # listener is disabled (healthListen=""), the dp-manager serves + # no /healthz, so fall back to a TCP check on the mTLS port. + {{- if .Values.dpm.service.healthListen }} + readinessProbe: + httpGet: + path: /healthz + port: health + initialDelaySeconds: 5 + periodSeconds: 5 + livenessProbe: + httpGet: + path: /healthz + port: health + initialDelaySeconds: 10 + periodSeconds: 10 + failureThreshold: 3 + {{- else }} readinessProbe: tcpSocket: port: tls @@ -66,6 +95,7 @@ spec: port: tls initialDelaySeconds: 10 periodSeconds: 10 + {{- end }} {{- with .Values.dpm.resources }} resources: {{- toYaml . | nindent 12 }} diff --git a/charts/aisix-cp/values.yaml b/charts/aisix-cp/values.yaml index 7cf1ae5..1832da3 100644 --- a/charts/aisix-cp/values.yaml +++ b/charts/aisix-cp/values.yaml @@ -52,6 +52,11 @@ dpm: service: type: ClusterIP port: 7944 + # Plain-HTTP listen address for /healthz (outbox-poller liveness), + # probed by the kubelet (the mTLS port 7944 cannot be probed). Set to + # "" to disable the health server + httpGet probes (the probes then + # fall back to a TCP check on the mTLS port). + healthListen: ":7946" nodePort: "" resources: requests: