Skip to content
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 2 additions & 2 deletions charts/aisix-cp/Chart.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -2,8 +2,8 @@ apiVersion: v2
name: aisix-cp
description: Helm chart for AISIX control plane (cp-api, dp-manager, dashboard)
type: application
version: 0.1.0
appVersion: "0.1.0"
version: 0.2.0
appVersion: "0.2.0"

maintainers:
- name: API7
Expand Down
3 changes: 2 additions & 1 deletion charts/aisix-cp/README.md
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
# aisix-cp

![Version: 0.1.0](https://img.shields.io/badge/Version-0.1.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.1.0](https://img.shields.io/badge/AppVersion-0.1.0-informational?style=flat-square)
![Version: 0.2.0](https://img.shields.io/badge/Version-0.2.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.2.0](https://img.shields.io/badge/AppVersion-0.2.0-informational?style=flat-square)

Helm chart for AISIX control plane (cp-api, dp-manager, dashboard)

Expand Down Expand Up @@ -65,6 +65,7 @@ Helm chart for AISIX control plane (cp-api, dp-manager, dashboard)
| dpm.securityContext.allowPrivilegeEscalation | bool | `false` | |
| dpm.securityContext.capabilities.drop[0] | string | `"ALL"` | |
| dpm.securityContext.readOnlyRootFilesystem | bool | `true` | |
| dpm.service.healthListen | string | `":7946"` | |
| dpm.service.nodePort | string | `""` | |
| dpm.service.port | int | `7944` | |
| dpm.service.type | string | `"ClusterIP"` | |
Expand Down
30 changes: 30 additions & 0 deletions charts/aisix-cp/templates/dpm-deployment.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -36,6 +36,11 @@ spec:
- name: tls
containerPort: 7944
protocol: TCP
{{- if .Values.dpm.service.healthListen }}
- name: health
containerPort: {{ trimPrefix ":" .Values.dpm.service.healthListen | int }}
protocol: TCP
{{- end }}
env:
- name: PGPASSWORD
valueFrom:
Expand All @@ -44,6 +49,8 @@ spec:
key: {{ include "aisix-cp.pgPasswordSecretKey" . }}
- name: AISIX_DPMGR_LISTEN
value: ":7944"
- name: AISIX_DPMGR_HEALTH_LISTEN
value: {{ .Values.dpm.service.healthListen | quote }}
- name: AISIX_DPMGR_DATABASE_URL
value: {{ include "aisix-cp.databaseURL" . }}
- name: AISIX_DPMGR_MASTER_KEY
Expand All @@ -56,6 +63,28 @@ spec:
{{- with .Values.dpm.extraEnvVars }}
{{- toYaml . | nindent 12 }}
{{- end }}
# Probe the plain-HTTP /healthz (poller liveness), not the
# mTLS port: a kubelet cannot present a client cert, and a
# TCP check on 7944 stays green even if the outbox poller is
# dead/wedged. A stale poller fails readiness (removed from the
# Service) and liveness (pod restarted). When the health
# listener is disabled (healthListen=""), the dp-manager serves
# no /healthz, so fall back to a TCP check on the mTLS port.
{{- if .Values.dpm.service.healthListen }}
readinessProbe:
httpGet:
path: /healthz
port: health
initialDelaySeconds: 5
periodSeconds: 5
livenessProbe:
httpGet:
path: /healthz
port: health
initialDelaySeconds: 10
periodSeconds: 10
failureThreshold: 3
{{- else }}
readinessProbe:
tcpSocket:
port: tls
Expand All @@ -66,6 +95,7 @@ spec:
port: tls
initialDelaySeconds: 10
periodSeconds: 10
{{- end }}
{{- with .Values.dpm.resources }}
resources:
{{- toYaml . | nindent 12 }}
Expand Down
5 changes: 5 additions & 0 deletions charts/aisix-cp/values.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -52,6 +52,11 @@ dpm:
service:
type: ClusterIP
port: 7944
# Plain-HTTP listen address for /healthz (outbox-poller liveness),
# probed by the kubelet (the mTLS port 7944 cannot be probed). Set to
# "" to disable the health server + httpGet probes (the probes then
# fall back to a TCP check on the mTLS port).
healthListen: ":7946"
nodePort: ""
resources:
requests:
Expand Down
Loading