Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

helm: remove kube-rbac-proxy and update metrics service #2108

Merged
merged 5 commits into from
Nov 1, 2023
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
17 changes: 0 additions & 17 deletions charts/gateway-helm/templates/envoy-gateway-deployment.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -71,23 +71,6 @@ spec:
- mountPath: /certs
name: certs
readOnly: true
- args:
- --secure-listen-address=0.0.0.0:8443
- --upstream=http://127.0.0.1:8080/
- --logtostderr=true
- --v=0
env:
- name: KUBERNETES_CLUSTER_DOMAIN
value: {{ .Values.kubernetesClusterDomain }}
image: {{ .Values.deployment.kubeRbacProxy.image.repository }}:{{ .Values.deployment.kubeRbacProxy.image.tag | default .Chart.AppVersion }}
imagePullPolicy: {{ .Values.deployment.kubeRbacProxy.imagePullPolicy }}
name: kube-rbac-proxy
ports:
- containerPort: 8443
name: https
protocol: TCP
resources: {{- toYaml .Values.deployment.kubeRbacProxy.resources | nindent 10
}}
securityContext:
runAsNonRoot: true
serviceAccountName: envoy-gateway
Expand Down
12 changes: 0 additions & 12 deletions charts/gateway-helm/templates/metrics-reader-rbac.yaml

This file was deleted.

18 changes: 3 additions & 15 deletions charts/gateway-helm/values.tmpl.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -13,18 +13,6 @@ deployment:
requests:
cpu: 100m
memory: 256Mi
kubeRbacProxy:
image:
repository: gcr.io/kubebuilder/kube-rbac-proxy
tag: v0.14.1
imagePullPolicy: IfNotPresent
resources:
limits:
cpu: 500m
memory: 128Mi
requests:
cpu: 5m
memory: 64Mi
ports:
- name: grpc
port: 18000
Expand All @@ -49,10 +37,10 @@ config:

envoyGatewayMetricsService:
ports:
- name: https
port: 8443
- name: http
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

it looks like this was pointing to the controller runtime metrics endpoint earlier
https://book.kubebuilder.io/reference/metrics

are we disabling that now ?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We have collected them together, we have the controller runtime metrics and also our own metrics. They are exposing at 19001 together.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

do we then need to delete the above listen address in L75 ?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

let me check.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Do not need it anymore.

port: 19001
protocol: TCP
targetPort: https
targetPort: 19001

createNamespace: false

Expand Down
13 changes: 3 additions & 10 deletions site/content/en/latest/install/api.md
Original file line number Diff line number Diff line change
Expand Up @@ -40,13 +40,6 @@ The Helm chart for Envoy Gateway
| deployment.envoyGateway.resources.limits.memory | string | `"1024Mi"` | |
| deployment.envoyGateway.resources.requests.cpu | string | `"100m"` | |
| deployment.envoyGateway.resources.requests.memory | string | `"256Mi"` | |
| deployment.kubeRbacProxy.image.repository | string | `"gcr.io/kubebuilder/kube-rbac-proxy"` | |
| deployment.kubeRbacProxy.image.tag | string | `"v0.14.1"` | |
| deployment.kubeRbacProxy.imagePullPolicy | string | `"IfNotPresent"` | |
| deployment.kubeRbacProxy.resources.limits.cpu | string | `"500m"` | |
| deployment.kubeRbacProxy.resources.limits.memory | string | `"128Mi"` | |
| deployment.kubeRbacProxy.resources.requests.cpu | string | `"5m"` | |
| deployment.kubeRbacProxy.resources.requests.memory | string | `"64Mi"` | |
| deployment.pod.annotations | object | `{}` | |
| deployment.pod.labels | object | `{}` | |
| deployment.ports[0].name | string | `"grpc"` | |
Expand All @@ -56,9 +49,9 @@ The Helm chart for Envoy Gateway
| deployment.ports[1].port | int | `18001` | |
| deployment.ports[1].targetPort | int | `18001` | |
| deployment.replicas | int | `1` | |
| envoyGatewayMetricsService.ports[0].name | string | `"https"` | |
| envoyGatewayMetricsService.ports[0].port | int | `8443` | |
| envoyGatewayMetricsService.ports[0].name | string | `"http"` | |
| envoyGatewayMetricsService.ports[0].port | int | `19001` | |
| envoyGatewayMetricsService.ports[0].protocol | string | `"TCP"` | |
| envoyGatewayMetricsService.ports[0].targetPort | string | `"https"` | |
| envoyGatewayMetricsService.ports[0].targetPort | int | `19001` | |
| kubernetesClusterDomain | string | `"cluster.local"` | |