diff --git a/charts/nginx-ingress/templates/controller-service.yaml b/charts/nginx-ingress/templates/controller-service.yaml index 2e3c0a186d..3b708ba92b 100644 --- a/charts/nginx-ingress/templates/controller-service.yaml +++ b/charts/nginx-ingress/templates/controller-service.yaml @@ -29,6 +29,9 @@ spec: {{- if .Values.controller.service.loadBalancerIP }} loadBalancerIP: {{ .Values.controller.service.loadBalancerIP }} {{- end }} + {{- if .Values.controller.service.loadBalancerClass }} + loadBalancerClass: {{ .Values.controller.service.loadBalancerClass }} + {{- end }} {{- if .Values.controller.service.loadBalancerSourceRanges }} loadBalancerSourceRanges: {{ toYaml .Values.controller.service.loadBalancerSourceRanges | indent 4 }} diff --git a/charts/nginx-ingress/values.schema.json b/charts/nginx-ingress/values.schema.json index 29888fbe03..21599e8c3d 100644 --- a/charts/nginx-ingress/values.schema.json +++ b/charts/nginx-ingress/values.schema.json @@ -1332,6 +1332,11 @@ "title": "The loadBalancerIP", "$ref": "https://raw.githubusercontent.com/nginxinc/kubernetes-json-schema/master/v1.34.0/_definitions.json#/definitions/io.k8s.api.core.v1.ServiceSpec/properties/loadBalancerIP" }, + "loadBalancerClass": { + "default": "", + "title": "The loadBalancerClass", + "$ref": "https://raw.githubusercontent.com/nginxinc/kubernetes-json-schema/master/v1.34.0/_definitions.json#/definitions/io.k8s.api.core.v1.ServiceSpec/properties/loadBalancerClass" + }, "externalIPs": { "default": [], "title": "The externalIPs", diff --git a/charts/tests/__snapshots__/helmunit_test.snap b/charts/tests/__snapshots__/helmunit_test.snap index 9ea1b34bbc..54071ac89b 100755 --- a/charts/tests/__snapshots__/helmunit_test.snap +++ b/charts/tests/__snapshots__/helmunit_test.snap @@ -13760,3 +13760,448 @@ metadata: app.kubernetes.io/version: "5.3.0" app.kubernetes.io/managed-by: Helm --- + +[TestHelmNICTemplate/loadBalancerClass - 1] +/-/-/-/ +# Source: nginx-ingress/templates/controller-serviceaccount.yaml +apiVersion: v1 +kind: ServiceAccount +metadata: + name: loadbalancerclass-nginx-ingress + namespace: default + labels: + helm.sh/chart: nginx-ingress-2.4.0 + app.kubernetes.io/name: nginx-ingress + app.kubernetes.io/instance: loadbalancerclass + app.kubernetes.io/version: "5.3.0" + app.kubernetes.io/managed-by: Helm +/-/-/-/ +# Source: nginx-ingress/templates/controller-configmap.yaml +apiVersion: v1 +kind: ConfigMap +metadata: + name: loadbalancerclass-nginx-ingress + namespace: default + labels: + helm.sh/chart: nginx-ingress-2.4.0 + app.kubernetes.io/name: nginx-ingress + app.kubernetes.io/instance: loadbalancerclass + app.kubernetes.io/version: "5.3.0" + app.kubernetes.io/managed-by: Helm +data: + {} +/-/-/-/ +# Source: nginx-ingress/templates/controller-leader-election-configmap.yaml +apiVersion: v1 +kind: ConfigMap +metadata: + name: loadbalancerclass-nginx-ingress-leader-election + namespace: default + labels: + helm.sh/chart: nginx-ingress-2.4.0 + app.kubernetes.io/name: nginx-ingress + app.kubernetes.io/instance: loadbalancerclass + app.kubernetes.io/version: "5.3.0" + app.kubernetes.io/managed-by: Helm +/-/-/-/ +# Source: nginx-ingress/templates/clusterrole.yaml +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: loadbalancerclass-nginx-ingress + labels: + helm.sh/chart: nginx-ingress-2.4.0 + app.kubernetes.io/name: nginx-ingress + app.kubernetes.io/instance: loadbalancerclass + app.kubernetes.io/version: "5.3.0" + app.kubernetes.io/managed-by: Helm +rules: +- apiGroups: + - "" + resources: + - configmaps + - namespaces + - pods + - secrets + verbs: + - get + - list + - watch +- apiGroups: + - "" + resources: + - events + verbs: + - create + - patch + - list +- apiGroups: + - "" + resources: + - services + verbs: + - get + - list + - watch + - create + - update + - patch + - delete +- apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - list + - watch +- apiGroups: + - discovery.k8s.io + resources: + - endpointslices + verbs: + - get + - list + - watch +- apiGroups: + - networking.k8s.io + resources: + - ingresses + verbs: + - get + - list + - watch +- apiGroups: + - "" + resources: + - nodes + verbs: + - list +- apiGroups: + - "apps" + resources: + - replicasets + - daemonsets + - statefulsets + verbs: + - get +- apiGroups: + - networking.k8s.io + resources: + - ingressclasses + verbs: + - get + - list +- apiGroups: + - networking.k8s.io + resources: + - ingresses/status + verbs: + - update +- apiGroups: + - k8s.nginx.org + resources: + - virtualservers + - virtualserverroutes + - globalconfigurations + - transportservers + - policies + verbs: + - list + - watch + - get +- apiGroups: + - k8s.nginx.org + resources: + - virtualservers/status + - virtualserverroutes/status + - policies/status + - transportservers/status + verbs: + - update +/-/-/-/ +# Source: nginx-ingress/templates/clusterrolebinding.yaml +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: loadbalancerclass-nginx-ingress + labels: + helm.sh/chart: nginx-ingress-2.4.0 + app.kubernetes.io/name: nginx-ingress + app.kubernetes.io/instance: loadbalancerclass + app.kubernetes.io/version: "5.3.0" + app.kubernetes.io/managed-by: Helm +subjects: +- kind: ServiceAccount + name: loadbalancerclass-nginx-ingress + namespace: default +roleRef: + kind: ClusterRole + name: loadbalancerclass-nginx-ingress + apiGroup: rbac.authorization.k8s.io +/-/-/-/ +# Source: nginx-ingress/templates/controller-role.yaml +kind: Role +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: loadbalancerclass-nginx-ingress + labels: + helm.sh/chart: nginx-ingress-2.4.0 + app.kubernetes.io/name: nginx-ingress + app.kubernetes.io/instance: loadbalancerclass + app.kubernetes.io/version: "5.3.0" + app.kubernetes.io/managed-by: Helm + namespace: default +rules: +- apiGroups: + - "" + resources: + - configmaps + - pods + - secrets + - services + verbs: + - get + - list + - watch +- apiGroups: + - "" + resources: + - namespaces + verbs: + - get +- apiGroups: + - "" + resources: + - pods + verbs: + - update +- apiGroups: + - "" + resources: + - events + verbs: + - create + - patch + - list +- apiGroups: + - coordination.k8s.io + resources: + - leases + resourceNames: + - loadbalancerclass-nginx-ingress-leader-election + verbs: + - get + - update +- apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - create +/-/-/-/ +# Source: nginx-ingress/templates/controller-rolebinding.yaml +kind: RoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: loadbalancerclass-nginx-ingress + labels: + helm.sh/chart: nginx-ingress-2.4.0 + app.kubernetes.io/name: nginx-ingress + app.kubernetes.io/instance: loadbalancerclass + app.kubernetes.io/version: "5.3.0" + app.kubernetes.io/managed-by: Helm + namespace: default +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: loadbalancerclass-nginx-ingress +subjects: +- kind: ServiceAccount + name: loadbalancerclass-nginx-ingress + namespace: default +/-/-/-/ +# Source: nginx-ingress/templates/controller-service.yaml +apiVersion: v1 +kind: Service +metadata: + name: loadbalancerclass-nginx-ingress-controller + namespace: default + labels: + helm.sh/chart: nginx-ingress-2.4.0 + app.kubernetes.io/name: nginx-ingress + app.kubernetes.io/instance: loadbalancerclass + app.kubernetes.io/version: "5.3.0" + app.kubernetes.io/managed-by: Helm +spec: + externalTrafficPolicy: Local + loadBalancerClass: antrea + type: LoadBalancer + ports: + - port: 80 + targetPort: 80 + protocol: TCP + name: http + nodePort: + - port: 443 + targetPort: 443 + protocol: TCP + name: https + nodePort: + selector: + app.kubernetes.io/name: nginx-ingress + app.kubernetes.io/instance: loadbalancerclass +/-/-/-/ +# Source: nginx-ingress/templates/controller-deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + name: loadbalancerclass-nginx-ingress-controller + namespace: default + labels: + helm.sh/chart: nginx-ingress-2.4.0 + app.kubernetes.io/name: nginx-ingress + app.kubernetes.io/instance: loadbalancerclass + app.kubernetes.io/version: "5.3.0" + app.kubernetes.io/managed-by: Helm +spec: + replicas: 1 + selector: + matchLabels: + app.kubernetes.io/name: nginx-ingress + app.kubernetes.io/instance: loadbalancerclass + template: + metadata: + labels: + app.kubernetes.io/name: nginx-ingress + app.kubernetes.io/instance: loadbalancerclass + annotations: + prometheus.io/scrape: "true" + prometheus.io/port: "9113" + prometheus.io/scheme: "http" + spec: + volumes: [] + serviceAccountName: loadbalancerclass-nginx-ingress + automountServiceAccountToken: true + securityContext: + seccompProfile: + type: RuntimeDefault + terminationGracePeriodSeconds: 30 + hostNetwork: false + dnsPolicy: ClusterFirst + containers: + - image: nginx/nginx-ingress:5.3.0 + name: nginx-ingress + imagePullPolicy: "IfNotPresent" + ports: + - name: http + containerPort: 80 + protocol: TCP + - name: https + containerPort: 443 + protocol: TCP + - name: prometheus + containerPort: 9113 + - name: readiness-port + containerPort: 8081 + readinessProbe: + httpGet: + path: /nginx-ready + port: readiness-port + periodSeconds: 1 + initialDelaySeconds: 0 + resources: + requests: + cpu: 100m + memory: 128Mi + securityContext: + allowPrivilegeEscalation: false + readOnlyRootFilesystem: false + runAsUser: 101 #nginx + runAsNonRoot: true + capabilities: + drop: + - ALL + add: + - NET_BIND_SERVICE + volumeMounts: [] + env: + - name: POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + args: + + - -nginx-plus=false + - -nginx-reload-timeout=60000 + - -enable-app-protect=false + - -enable-app-protect-dos=false + - -nginx-configmaps=$(POD_NAMESPACE)/loadbalancerclass-nginx-ingress + - -ingress-class=nginx + - -health-status=false + - -health-status-uri=/nginx-health + - -nginx-debug=false + - -log-level=info + - -log-format=glog + - -nginx-status=true + - -nginx-status-port=8080 + - -nginx-status-allow-cidrs=127.0.0.1 + - -report-ingress-status + - -external-service=loadbalancerclass-nginx-ingress-controller + - -enable-leader-election=true + - -leader-election-lock-name=loadbalancerclass-nginx-ingress-leader-election + - -enable-prometheus-metrics=true + - -prometheus-metrics-listen-port=9113 + - -prometheus-tls-secret= + - -enable-service-insight=false + - -service-insight-listen-port=9114 + - -service-insight-tls-secret= + - -enable-custom-resources=true + - -enable-snippets=false + - -disable-ipv6=false + - -enable-tls-passthrough=false + - -enable-cert-manager=false + - -enable-oidc=false + - -enable-external-dns=false + - -default-http-listener-port=80 + - -default-https-listener-port=443 + - -ready-status=true + - -ready-status-port=8081 + - -enable-latency-metrics=false + - -ssl-dynamic-reload=true + - -enable-telemetry-reporting=true + - -weight-changes-dynamic-reload=false +/-/-/-/ +# Source: nginx-ingress/templates/controller-ingress-class.yaml +apiVersion: networking.k8s.io/v1 +kind: IngressClass +metadata: + name: nginx + labels: + helm.sh/chart: nginx-ingress-2.4.0 + app.kubernetes.io/name: nginx-ingress + app.kubernetes.io/instance: loadbalancerclass + app.kubernetes.io/version: "5.3.0" + app.kubernetes.io/managed-by: Helm +spec: + controller: nginx.org/ingress-controller +/-/-/-/ +# Source: nginx-ingress/templates/controller-configmap.yaml +/-/-/-/ +/-/-/-/ +# Source: nginx-ingress/templates/controller-lease.yaml +apiVersion: coordination.k8s.io/v1 +kind: Lease +metadata: + name: loadbalancerclass-nginx-ingress-leader-election + namespace: default + labels: + helm.sh/chart: nginx-ingress-2.4.0 + app.kubernetes.io/name: nginx-ingress + app.kubernetes.io/instance: loadbalancerclass + app.kubernetes.io/version: "5.3.0" + app.kubernetes.io/managed-by: Helm +--- diff --git a/charts/tests/helmunit_test.go b/charts/tests/helmunit_test.go index 370df6175f..87ffef8905 100644 --- a/charts/tests/helmunit_test.go +++ b/charts/tests/helmunit_test.go @@ -176,6 +176,11 @@ func TestHelmNICTemplate(t *testing.T) { releaseName: "startupstatus", namespace: "default", }, + "loadBalancerClass": { + valuesFile: "testdata/service-loadbalancerclass.yaml", + releaseName: "loadbalancerclass", + namespace: "default", + }, } // Path to the helm chart we will test diff --git a/charts/tests/testdata/service-loadbalancerclass.yaml b/charts/tests/testdata/service-loadbalancerclass.yaml new file mode 100644 index 0000000000..7de642c159 --- /dev/null +++ b/charts/tests/testdata/service-loadbalancerclass.yaml @@ -0,0 +1,3 @@ +controller: + service: + loadBalancerClass: antrea