From e94142b2d7de1b9713aeede0282cd1b7c17e8b92 Mon Sep 17 00:00:00 2001
From: Daniele Monti <62102073+Monska85@users.noreply.github.com>
Date: Mon, 13 May 2024 10:18:21 +0200
Subject: [PATCH] feat: add podAntiaffinity
---
CHANGELOG.md | 11 +++++++
README.md | 16 +++++++----
files/values.yaml | 33 ---------------------
files/values.yaml.tftpl | 63 +++++++++++++++++++++++++++++++++++++++++
main.tf | 12 +++++++-
variables.tf | 43 ++++++++++++++++++++++------
6 files changed, 129 insertions(+), 49 deletions(-)
delete mode 100644 files/values.yaml
create mode 100644 files/values.yaml.tftpl
diff --git a/CHANGELOG.md b/CHANGELOG.md
index 928c320..081b8b2 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -8,6 +8,17 @@ to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
## [Unreleased]
+## [0.5.0] - 2024-05-13
+
+[Compare with previous version](https://github.com/sparkfabrik/terraform-helm-ingress-nginx/compare/0.4.0...0.5.0)
+
+### Added
+
+- Default value for chart version. The values file shipped with the module refers to the declared version of the chart.
+- `podAntiAffinity` configuration enabled by default. It is possible to disable it by setting the new `set_default_pod_anti_affinity` variable to `false`.
+- Add the `common_labels` variable to allow the user to set common labels for all resources created by the chart.
+- Add the `ingress_nginx_controller_min_replicas` and `ingress_nginx_controller_max_replicas` variables to easily set the minimum and maximum number of replicas for the controller pods.
+
## [0.4.0] - 2023-12-22
[Compare with previous version](https://github.com/sparkfabrik/terraform-helm-ingress-nginx/compare/0.3.0...0.4.0)
diff --git a/README.md b/README.md
index 69ca719..bbb7268 100644
--- a/README.md
+++ b/README.md
@@ -23,12 +23,16 @@ This is Terraform module to install and configure the Nginx Ingress Controller.
| Name | Description | Type | Default | Required |
|------|-------------|------|---------|:--------:|
-| [additional\_values](#input\_additional\_values) | Additional values to pass to the helm chart | `list(string)` | `[]` | no |
-| [chart\_version](#input\_chart\_version) | Chart version of the ingress controller | `string` | n/a | yes |
-| [create\_namespace](#input\_create\_namespace) | Create namespace for the ingress controller. If false, the namespace must be created before using this module | `bool` | `true` | no |
-| [helm\_release\_name](#input\_helm\_release\_name) | Name of the helm release | `string` | `"ingress-nginx"` | no |
-| [namespace](#input\_namespace) | Namespace of the ingress controller | `string` | n/a | yes |
-| [namespace\_additional\_labels](#input\_namespace\_additional\_labels) | Additional labels for the namespace of the ingress controller | `map(string)` | `{}` | no |
+| [additional\_values](#input\_additional\_values) | Additional values to pass to the helm chart. | `list(string)` | `[]` | no |
+| [chart\_version](#input\_chart\_version) | Chart version of the ingress controller. Consider the default value the reference version of the module and the base of the values.yaml.tftpl file. | `string` | `"4.10.1"` | no |
+| [common\_labels](#input\_common\_labels) | Set of labels to apply to all resources. | `map(string)` | `{}` | no |
+| [create\_namespace](#input\_create\_namespace) | Create namespace for the ingress controller. If false, the namespace must be created before using this module. | `bool` | `true` | no |
+| [helm\_release\_name](#input\_helm\_release\_name) | Name of the helm release. | `string` | `"ingress-nginx"` | no |
+| [ingress\_nginx\_controller\_max\_replicas](#input\_ingress\_nginx\_controller\_max\_replicas) | Maximum number of replicas for the ingress controller. | `number` | `3` | no |
+| [ingress\_nginx\_controller\_min\_replicas](#input\_ingress\_nginx\_controller\_min\_replicas) | Minimum number of replicas for the ingress controller. | `number` | `1` | no |
+| [namespace](#input\_namespace) | Namespace of the ingress controller. | `string` | n/a | yes |
+| [namespace\_additional\_labels](#input\_namespace\_additional\_labels) | Additional labels for the namespace of the ingress controller. | `map(string)` | `{}` | no |
+| [set\_controller\_default\_pod\_anti\_affinity](#input\_set\_controller\_default\_pod\_anti\_affinity) | Set the podAntiAffinity for the ingress controller. | `bool` | `true` | no |
## Outputs
diff --git a/files/values.yaml b/files/values.yaml
deleted file mode 100644
index 2c7e85e..0000000
--- a/files/values.yaml
+++ /dev/null
@@ -1,33 +0,0 @@
-# https://github.com/kubernetes/ingress-nginx/blob/helm-chart-4.10.0/charts/ingress-nginx/values.yaml
-controller:
- resources:
- requests:
- cpu: 50m
- memory: 64Mi
- autoscaling:
- enabled: "true"
- minReplicas: 1
- maxReplicas: 3
- targetCPUUtilizationPercentage: 80
- targetMemoryUtilizationPercentage: 80
- config:
- body-size: "0"
- hsts-include-subdomains: "true"
- hsts-max-age: "63072000"
- hsts-preload: "true"
- proxy-body-size: "0"
- proxy-buffer-size: "128k"
- proxy-connect-timeout: "15"
- proxy-read-timeout: "600"
- proxy-send-timeout: "600"
- server-name-hash-bucket-size: "256"
- ssl-redirect: "true"
- ssl-reject-handshake: "true"
- service:
- externalTrafficPolicy: "Local"
-defaultBackend:
- enabled: true
- resources:
- requests:
- cpu: 10m
- memory: 20Mi
diff --git a/files/values.yaml.tftpl b/files/values.yaml.tftpl
new file mode 100644
index 0000000..0ac971a
--- /dev/null
+++ b/files/values.yaml.tftpl
@@ -0,0 +1,63 @@
+# https://github.com/kubernetes/ingress-nginx/blob/helm-chart-4.10.1/charts/ingress-nginx/values.yaml
+
+%{~ if length(common_labels) > 0 }
+%{~ for lbl_key, lbl_value in common_labels }
+commonLabels:
+ ${lbl_key}: "${lbl_value}"
+%{~ endfor ~}
+%{~ endif ~}
+
+controller:
+ resources:
+ requests:
+ cpu: 50m
+ memory: 64Mi
+ autoscaling:
+ enabled: "true"
+ minReplicas: ${ingress_nginx_controller_min_replicas}
+ maxReplicas: ${ingress_nginx_controller_max_replicas}
+ targetCPUUtilizationPercentage: 80
+ targetMemoryUtilizationPercentage: 80
+ config:
+ body-size: "0"
+ hsts-include-subdomains: "true"
+ hsts-max-age: "63072000"
+ hsts-preload: "true"
+ proxy-body-size: "0"
+ proxy-buffer-size: "128k"
+ proxy-connect-timeout: "15"
+ proxy-read-timeout: "600"
+ proxy-send-timeout: "600"
+ server-name-hash-bucket-size: "256"
+ ssl-redirect: "true"
+ ssl-reject-handshake: "true"
+ service:
+ externalTrafficPolicy: "Local"
+ %{~ if set_controller_default_pod_anti_affinity }
+ # Set the default antiaffinity. If you eneable the hpa, the pods will be distributed in different nodes.
+ affinity:
+ podAntiAffinity:
+ requiredDuringSchedulingIgnoredDuringExecution:
+ - labelSelector:
+ matchExpressions:
+ - key: app.kubernetes.io/name
+ operator: In
+ values:
+ - ingress-nginx
+ - key: app.kubernetes.io/instance
+ operator: In
+ values:
+ - ingress-nginx
+ - key: app.kubernetes.io/component
+ operator: In
+ values:
+ - controller
+ topologyKey: "kubernetes.io/hostname"
+ %{~ endif ~}
+
+defaultBackend:
+ enabled: true
+ resources:
+ requests:
+ cpu: 10m
+ memory: 20Mi
diff --git a/main.tf b/main.tf
index f4c95d3..fe78b6d 100644
--- a/main.tf
+++ b/main.tf
@@ -28,7 +28,17 @@ resource "helm_release" "this" {
namespace = var.create_namespace ? kubernetes_namespace_v1.this[0].metadata[0].name : data.kubernetes_namespace_v1.this[0].metadata[0].name
values = concat(
- [file("${path.module}/files/values.yaml")],
+ [
+ templatefile(
+ "${path.module}/files/values.yaml.tftpl",
+ {
+ common_labels = var.common_labels
+ ingress_nginx_controller_min_replicas = var.ingress_nginx_controller_min_replicas
+ ingress_nginx_controller_max_replicas = var.ingress_nginx_controller_max_replicas
+ set_controller_default_pod_anti_affinity = var.set_controller_default_pod_anti_affinity
+ }
+ )
+ ],
var.additional_values
)
}
diff --git a/variables.tf b/variables.tf
index 8b98c8f..bc7acec 100644
--- a/variables.tf
+++ b/variables.tf
@@ -1,33 +1,58 @@
+variable "helm_release_name" {
+ description = "Name of the helm release."
+ type = string
+ default = "ingress-nginx"
+}
+
variable "chart_version" {
- description = "Chart version of the ingress controller"
+ description = "Chart version of the ingress controller. Consider the default value the reference version of the module and the base of the values.yaml.tftpl file."
type = string
+ default = "4.10.1"
}
variable "create_namespace" {
- description = "Create namespace for the ingress controller. If false, the namespace must be created before using this module"
+ description = "Create namespace for the ingress controller. If false, the namespace must be created before using this module."
type = bool
default = true
}
variable "namespace" {
- description = "Namespace of the ingress controller"
+ description = "Namespace of the ingress controller."
type = string
}
variable "namespace_additional_labels" {
- description = "Additional labels for the namespace of the ingress controller"
+ description = "Additional labels for the namespace of the ingress controller."
type = map(string)
default = {}
}
variable "additional_values" {
- description = "Additional values to pass to the helm chart"
+ description = "Additional values to pass to the helm chart."
type = list(string)
default = []
}
-variable "helm_release_name" {
- description = "Name of the helm release"
- type = string
- default = "ingress-nginx"
+variable "common_labels" {
+ description = "Set of labels to apply to all resources."
+ type = map(string)
+ default = {}
+}
+
+variable "ingress_nginx_controller_min_replicas" {
+ description = "Minimum number of replicas for the ingress controller."
+ type = number
+ default = 1
+}
+
+variable "ingress_nginx_controller_max_replicas" {
+ description = "Maximum number of replicas for the ingress controller."
+ type = number
+ default = 3
+}
+
+variable "set_controller_default_pod_anti_affinity" {
+ description = "Set the podAntiAffinity for the ingress controller."
+ type = bool
+ default = true
}