From af789b26d31c2442992658eb034cc02499e5ef62 Mon Sep 17 00:00:00 2001 From: Rory Z Date: Mon, 12 Dec 2022 15:45:51 +0800 Subject: [PATCH] chore: helm chart support externalTrafficPolicy Fix https://github.com/emqx/emqx/issues/9515 --- changes/v4.4.12-en.md | 2 ++ changes/v4.4.12-zh.md | 2 ++ deploy/charts/emqx/README.md | 1 + deploy/charts/emqx/templates/service.yaml | 3 +++ deploy/charts/emqx/values.yaml | 6 ++++++ 5 files changed, 14 insertions(+) diff --git a/changes/v4.4.12-en.md b/changes/v4.4.12-en.md index f344de986..e767d929c 100644 --- a/changes/v4.4.12-en.md +++ b/changes/v4.4.12-en.md @@ -4,6 +4,8 @@ - Add more PSK ciphers support [#9493](https://github.com/emqx/emqx/pull/9493). +- Users can define the `externalTrafficPolicy` of service in EMQX Helm Chart [#9527](https://github.com/emqx/emqx/pull/9527). + ### Bug Fixes - Fixed load bootstrap file when no bootstrap user in `mqtt_app` [#9474](https://github.com/emqx/emqx/pull/9474). diff --git a/changes/v4.4.12-zh.md b/changes/v4.4.12-zh.md index d46b846e1..9c532c6b6 100644 --- a/changes/v4.4.12-zh.md +++ b/changes/v4.4.12-zh.md @@ -4,6 +4,8 @@ - 支持更多的 PSK 密码套件[#9493](https://github.com/emqx/emqx/pull/9493)。 +- 用户可以在 EMQX Helm Chart 中自定义 service 资源的 `externalTrafficPolicy` [#9527](https://github.com/emqx/emqx/pull/9527)。 + ### 修复 - 修复 mqtt_app 表内没有 boostrap user 里未导入用户的问题 [#9474](https://github.com/emqx/emqx/pull/9474). diff --git a/deploy/charts/emqx/README.md b/deploy/charts/emqx/README.md index 2c00d86ec..2882f9e0d 100644 --- a/deploy/charts/emqx/README.md +++ b/deploy/charts/emqx/README.md @@ -68,6 +68,7 @@ Parameter | Description | Default Value `service.loadBalancerIP` | loadBalancerIP for Service | `nil` `service.loadBalancerSourceRanges` | Address(es) that are allowed when service is LoadBalancer | `[]` `service.externalIPs` | ExternalIPs for the service | `[]` +`service.externalTrafficPolicy` | External Traffic Policy for the service | `Cluster` `service.annotations` | Service annotations (evaluated as a template) | `{}` `ingress.dashboard.enabled` | Enable ingress for EMQX Dashboard | false `ingress.dashboard.ingressClassName` | Set the ingress class for EMQX Dashboard diff --git a/deploy/charts/emqx/templates/service.yaml b/deploy/charts/emqx/templates/service.yaml index 8a1a6a212..0f374b334 100644 --- a/deploy/charts/emqx/templates/service.yaml +++ b/deploy/charts/emqx/templates/service.yaml @@ -14,6 +14,9 @@ metadata: {{- end }} spec: type: {{ .Values.service.type }} + {{- if or (eq .Values.service.type "LoadBalancer") (eq .Values.service.type "NodePort") }} + externalTrafficPolicy: {{ .Values.service.externalTrafficPolicy | default "Cluster" }} + {{- end }} {{- if eq .Values.service.type "LoadBalancer" }} {{- if .Values.service.loadBalancerIP }} loadBalancerIP: {{ .Values.service.loadBalancerIP }} diff --git a/deploy/charts/emqx/values.yaml b/deploy/charts/emqx/values.yaml index eb8bcc97a..1df94e42d 100644 --- a/deploy/charts/emqx/values.yaml +++ b/deploy/charts/emqx/values.yaml @@ -174,6 +174,12 @@ service: ## Set the ExternalIPs ## externalIPs: [] + ## Denotes if this Service desires to route external traffic to node-local or cluster-wide endpoints. + ## There are two available options: Cluster (default) and Local. + ## Cluster obscures the client source IP and may cause a second hop to another node, but should have good overall load-spreading. + ## Local preserves the client source IP and avoids a second hop for LoadBalancer and NodePort type Services, but risks potentially imbalanced traffic spreading. + ## + externalTrafficPolicy: "Cluster" ## Provide any additional annotations which may be required. Evaluated as a template ## annotations: {}