diff --git a/charts/kubezero-istio/templates/istio.yaml b/charts/kubezero-istio/templates/istio.yaml index b9da6234..8fcc2eda 100644 --- a/charts/kubezero-istio/templates/istio.yaml +++ b/charts/kubezero-istio/templates/istio.yaml @@ -36,8 +36,10 @@ spec: value: '"1"' - name: ISTIO_META_ROUTER_MODE value: standard + {{- if eq .Values.ingress.type "NodePort" }} nodeSelector: node.kubernetes.io/ingress.public: "30080_30443" + {{- end }} resources: limits: cpu: 2000m @@ -91,14 +93,18 @@ spec: operator: In topologyKey: kubernetes.io/hostname values: istio-ingressgateway + type: {{ default "NodePort" .Values.ingress.type }} ports: - name: http2 - nodePort: 30080 port: 80 - targetPort: 80 + {{- if eq .Values.ingress.type "NodePort" }} + nodePort: 30080 + {{- end }} - name: https - nodePort: 30443 port: 443 + {{- if eq .Values.ingress.type "NodePort" }} + nodePort: 30443 + {{- end }} sds: enabled: true image: node-agent-k8s @@ -116,7 +122,6 @@ spec: - mountPath: /etc/istio/ingressgateway-ca-certs name: ingressgateway-ca-certs secretName: istio-ingressgateway-ca-certs - type: NodePort meshConfig: accessLogFile: /dev/stdout disablePolicyChecks: false diff --git a/charts/kubezero-istio/values.yaml b/charts/kubezero-istio/values.yaml index 45a3ce56..002b2605 100644 --- a/charts/kubezero-istio/values.yaml +++ b/charts/kubezero-istio/values.yaml @@ -5,6 +5,7 @@ istiod: ingress: autoscaleEnabled: false replicaCount: 2 + type: NodePort #dnsNames: #- "*.example.com" diff --git a/deploy/templates/values.yaml b/deploy/templates/values.yaml index a3f6796f..88a8000d 100644 --- a/deploy/templates/values.yaml +++ b/deploy/templates/values.yaml @@ -10,14 +10,13 @@ kubezero: migration: {{ default false .Values.calico.migration }} prometheus: false # prometheus: {{ .Values.prometheus.enabled }} - {{- if .Values.calico.network }} - network: {{ .Values.calico.network }} - {{- end }} + network: {{ default "vxlan" .Values.calico.network }} + mtu: {{ default "8941" .Values.calico.mtu }} cert-manager: enabled: {{ index .Values "cert-manager" "enabled" }} - values: {{- if not .Values.bootstrap }} - {{- if .Values.aws }} + values: + {{- if eq .Values.platform "aws" }} cert-manager: podAnnotations: iam.amazonaws.com/role: "{{ index .Values "cert-manager" "IamArn" }}" @@ -33,13 +32,17 @@ kubezero: {{- . | toYaml | nindent 14 }} {{- end }} dns01: - {{- if .Values.aws }} + {{- if eq .Values.platform "aws" }} route53: region: {{ .Values.region }} + {{- else }} + {{- with index .Values "cert-manager" "solvers" }} + {{- . | toYaml | nindent 14 }} + {{- end }} {{- end }} # AWS only components - {{- if .Values.aws }} + {{- if eq .Values.platform "aws" }} aws-ebs-csi-driver: enabled: {{ index .Values "aws-ebs-csi-driver" "enabled" }} values: @@ -68,6 +71,7 @@ kubezero: istiod: replicaCount: {{ ternary 2 1 .Values.HighAvailableControlplane }} ingress: + type: {{ default "NodePort" .Values.istio.ingress.type }} dnsNames: {{- with .Values.istio.ingress.dnsNames }} {{- . | toYaml | nindent 8 }}