diff --git a/citrix-cloud-native/Chart.yaml b/citrix-cloud-native/Chart.yaml index 2137c3e..95d2366 100644 --- a/citrix-cloud-native/Chart.yaml +++ b/citrix-cloud-native/Chart.yaml @@ -14,15 +14,15 @@ maintainers: email: subash.dangol@cloud.com dependencies: - name: citrix-ingress-controller - version: "1.42.12" + version: "1.43.7" condition: cic.enabled alias: cic - name: citrix-cpx-with-ingress-controller - version: "1.42.12" + version: "1.43.7" condition: cpx.enabled alias: cpx - name: citrix-gslb-controller - version: "1.42.12" + version: "1.43.7" condition: gslb.enabled alias: gslb - name: citrix-node-controller diff --git a/citrix-cloud-native/charts/citrix-cpx-with-ingress-controller/Chart.yaml b/citrix-cloud-native/charts/citrix-cpx-with-ingress-controller/Chart.yaml index e2dab72..9332dd0 100644 --- a/citrix-cloud-native/charts/citrix-cpx-with-ingress-controller/Chart.yaml +++ b/citrix-cloud-native/charts/citrix-cpx-with-ingress-controller/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: "1.42.12" +appVersion: "1.43.7" kubeVersion: ">=v1.16.0-0" description: A Helm chart for NetScaler CPX with NetScaler ingress Controller running as sidecar. name: citrix-cpx-with-ingress-controller -version: 1.42.12 +version: 1.43.7 icon: https://raw.githubusercontent.com/netscaler/netscaler-helm-charts/gh-pages/netscaler.png home: https://www.cloud.com sources: diff --git a/citrix-cloud-native/charts/citrix-cpx-with-ingress-controller/README.md b/citrix-cloud-native/charts/citrix-cpx-with-ingress-controller/README.md index b689afd..c023ba7 100644 --- a/citrix-cloud-native/charts/citrix-cpx-with-ingress-controller/README.md +++ b/citrix-cloud-native/charts/citrix-cpx-with-ingress-controller/README.md @@ -614,15 +614,19 @@ The following table lists the configurable parameters of the NetScaler CPX with | cpx.license.accept | Mandatory | no | Set `yes` to accept the NetScaler ingress controller end user license agreement. | | cpx.imageRegistry | Mandatory | `quay.io` | The NetScaler CPX image registry | | cpx.imageRepository | Mandatory | `citrix/citrix-k8s-cpx-ingress` | The NetScaler CPX image repository | -| cpx.imageTag | Mandatory | `14.1-17.101` | The NetScaler CPX image tag | +| cpx.imageTag | Mandatory | `14.1-25.109` | The NetScaler CPX image tag | | cpx.pullPolicy | Mandatory | IfNotPresent | The NetScaler CPX image pull policy. | | cpx.hostName | Optional | N/A | This entity will be used to set Hostname of the CPX | | cpx.daemonSet | Optional | False | Set this to true if NetScaler CPX needs to be deployed as DaemonSet. | | cpx.cic.imageRegistry | Mandatory | `quay.io` | The NetScaler ingress controller image registry | | cpx.cic.imageRepository | Mandatory | `citrix/citrix-k8s-ingress-controller` | The NetScaler ingress controller image repository | -| cpx.cic.imageTag | Mandatory | `1.42.12` | The NetScaler ingress controller image tag | +| cpx.cic.imageTag | Mandatory | `1.43.7` | The NetScaler ingress controller image tag | | cpx.cic.pullPolicy | Mandatory | IfNotPresent | The NetScaler ingress controller image pull policy. | | cpx.cic.required | Mandatory | true | NSIC to be run as sidecar with NetScaler CPX | +| cpx.cic.enableLivenessProbe | Optional | True | Enable livenessProbe settings for Citrix Ingress Controller | +| cpx.cic.enableReadinessProbe | Optional | True | Enable readinessProbe settings | +| cpx.cic.livenessProbe | Optional | N/A | Set livenessProbe settings for Citrix Ingress Controller | +| cpx.cic.readinessProbe | Optional | N/A | Set readinessProbe settings | | cpx.cic.resources | Optional | {} | CPU/Memory resource requests/limits for NetScaler Ingress Controller container | | cpx.cic.rbacRole | Optional | false | To deploy NSIC with RBAC Role set rbacRole=true; by default NSIC gets installed with RBAC ClusterRole(rbacRole=false)) | | cpx.cic.prometheusCredentialSecret | Optional | N/A | The secret key required to create read only user for native export of metrics using Prometheus. | @@ -717,6 +721,11 @@ The following table lists the configurable parameters of the NetScaler CPX with | cpx.nsLbHashAlgo.hashAlgorithm | Optional | 'default' | Specifies the supported algorithm. Supported algorithms are "default", "jarh", "prac", Default value is 'default' | | cpx.cpxCommands| Optional | N/A | This argument accepts user-provided bootup NetScaler config that is applied as soon as the CPX is instantiated. Please note that this is not a dynamic config, and any subsequent changes to the configmap don't reflect in the CPX config unless the pod is restarted. For more info, please refer the [documentation](https://docs.netscaler.com/en-us/citrix-adc-cpx/current-release/configure-cpx-kubernetes-using-configmaps.html). | | cpx.cpxShellCommands| Optional | N/A | This argument accepts user-provided bootup config that is applied as soon as the CPX is instantiated. Please note that this is not a dynamic config, and any subsequent changes to the configmap don't reflect in the CPX config unless the pod is restarted. For more info, please refer the [documentation](https://docs.netscaler.com/en-us/citrix-adc-cpx/current-release/configure-cpx-kubernetes-using-configmaps.html). | +| cpx.enableStartupProbe | Optional | True | Enable startupProbe settings for CPX | +| cpx.enableLivenessProbe | Optional | True | Enable livenessProbe settings for CPX | +| cpx.startupProbe | Optional | N/A | Set startupProbe settings for CPX | +| cpx.livenessProbe | Optional | N/A | Set livenessProbe settings for CPX | + > **Note:** > diff --git a/citrix-cloud-native/charts/citrix-cpx-with-ingress-controller/templates/citrix-k8s-cpx-ingress.yaml b/citrix-cloud-native/charts/citrix-cpx-with-ingress-controller/templates/citrix-k8s-cpx-ingress.yaml index 51d2b37..6f1a1b9 100644 --- a/citrix-cloud-native/charts/citrix-cpx-with-ingress-controller/templates/citrix-k8s-cpx-ingress.yaml +++ b/citrix-cloud-native/charts/citrix-cpx-with-ingress-controller/templates/citrix-k8s-cpx-ingress.yaml @@ -140,12 +140,24 @@ spec: name: cpx-volume-conf - mountPath: /cpx/bootup_conf name: bootupconfig-volume +{{- if .Values.enableStartupProbe }} + startupProbe: + {{- toYaml .Values.startupProbe | nindent 12 }} +{{- end }} +{{- if .Values.enableLivenessProbe }} + livenessProbe: + {{- toYaml .Values.livenessProbe | nindent 12 }} +{{- end }} {{- if .Values.cic.required }} # Add cic as a sidecar - name: cic image: "{{ tpl .Values.cic.image . }}" imagePullPolicy: {{ .Values.cic.pullPolicy }} env: +{{- if .Values.cic.enableLivenessProbe }} + - name: "LIVENESS_FILE_PATH" + value: '/tmp/liveness_path.log' +{{- end }} {{- if .Values.analyticsConfig.timeseries.metrics.enableNativeScrape }} - name: "PROM_USER" valueFrom: @@ -320,6 +332,14 @@ spec: volumeMounts: - mountPath: /var/deviceinfo name: shared-data +{{- if .Values.cic.enableReadinessProbe}} + readinessProbe: + {{- toYaml .Values.cic.readinessProbe | nindent 12 }} +{{- end }} +{{- if .Values.cic.enableLivenessProbe }} + livenessProbe: + {{- toYaml .Values.cic.livenessProbe | nindent 12 }} +{{- end }} resources: {{- toYaml .Values.exporter.resources | nindent 12 }} {{- end }} diff --git a/citrix-cloud-native/charts/citrix-cpx-with-ingress-controller/values.yaml b/citrix-cloud-native/charts/citrix-cpx-with-ingress-controller/values.yaml index 7ed0e76..92509d3 100644 --- a/citrix-cloud-native/charts/citrix-cpx-with-ingress-controller/values.yaml +++ b/citrix-cloud-native/charts/citrix-cpx-with-ingress-controller/values.yaml @@ -5,7 +5,7 @@ # NetScaler CPX config details imageRegistry: quay.io imageRepository: citrix/citrix-k8s-cpx-ingress -imageTag: 14.1-17.101 +imageTag: 14.1-25.109 image: "{{ .Values.imageRegistry }}/{{ .Values.imageRepository }}:{{ .Values.imageTag }}" pullPolicy: IfNotPresent imagePullSecrets: [] @@ -84,7 +84,7 @@ servicePorts: [] cic: imageRegistry: quay.io imageRepository: citrix/citrix-k8s-ingress-controller - imageTag: 1.42.12 + imageTag: 1.43.7 image: "{{ .Values.cic.imageRegistry }}/{{ .Values.cic.imageRepository }}:{{ .Values.cic.imageTag }}" pullPolicy: IfNotPresent required: true @@ -104,6 +104,27 @@ cic: # cpu: 1000m # memory: 1000Mi prometheusCredentialSecret: # K8s Secret Name for read only user creation for native Prometheus support + enableLivenessProbe: True + livenessProbe: + exec: + command: + - /bin/sh + - -c + - | + FILE_PATH="$LIVENESS_FILE_PATH" + [ -f "$FILE_PATH" ] && [ $(( $(date +%s) - $(stat -c %Y "$FILE_PATH") )) -lt 60 ] && exit 0 || exit 1 + initialDelaySeconds: 30 + periodSeconds: 60 + enableReadinessProbe: True + readinessProbe: + exec: + command: + - cat + - /tmp/readiness + initialDelaySeconds: 50 + periodSeconds: 60 + failureThreshold: 3 + successThreshold: 1 entityPrefix: license: @@ -244,6 +265,28 @@ resources: affinity: {} +enableStartupProbe: True +startupProbe: + initialDelaySeconds: 30 + periodSeconds: 5 + failureThreshold: 20 + successThreshold: 1 + exec: + command: + - /bin/ping + - -c 1 + - 192.0.0.1 + +enableLivenessProbe: True +livenessProbe: + exec: + command: + - ls + - /tmp/cpx_started + periodSeconds: 5 + failureThreshold: 3 + successThreshold: 1 + # cpxCommands: to provide global config to be applied in CPX. The commands will be executed in order. For e.g. # add rewrite action rw_act_x_forwarded_proto insert_http_header X-Forwarded-Proto "\"https\"" # add rewrite policy rw_pol_x_forwarded_proto CLIENT.SSL.IS_SSL rw_act_x_forwarded_proto diff --git a/citrix-cloud-native/charts/citrix-gslb-controller/Chart.yaml b/citrix-cloud-native/charts/citrix-gslb-controller/Chart.yaml index cb3ccb1..924e125 100644 --- a/citrix-cloud-native/charts/citrix-gslb-controller/Chart.yaml +++ b/citrix-cloud-native/charts/citrix-gslb-controller/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v1 -appVersion: "1.42.12" +appVersion: "1.43.7" description: A Helm chart for NetScaler GSLB Controller configuring MPX/VPX. name: citrix-gslb-controller -version: 1.42.12 +version: 1.43.7 icon: https://raw.githubusercontent.com/netscaler/netscaler-helm-charts/gh-pages/netscaler.png home: https://www.cloud.com maintainers: diff --git a/citrix-cloud-native/charts/citrix-gslb-controller/README.md b/citrix-cloud-native/charts/citrix-gslb-controller/README.md index 76fb8a9..39eb128 100644 --- a/citrix-cloud-native/charts/citrix-gslb-controller/README.md +++ b/citrix-cloud-native/charts/citrix-gslb-controller/README.md @@ -199,7 +199,7 @@ The following table lists the mandatory and optional parameters that you can con | gslb.license.accept | Mandatory | no | Set `yes` to accept the NSIC end user license agreement. | | gslb.imageRegistry | Optional | `quay.io` | The NetScaler ingress controller image registry | | gslb.imageRepository | Optional | `citrix/citrix-k8s-ingress-controller` | The NetScaler ingress controller image repository | -| gslb.imageTag | Optional | `1.42.12` | The NetScaler ingress controller image tag | +| gslb.imageTag | Optional | `1.43.7` | The NetScaler ingress controller image tag | | gslb.pullPolicy | Optional | Always | The NSIC image pull policy. | | gslb.imagePullSecrets | Optional | N/A | Provide list of Kubernetes secrets to be used for pulling the images from a private Docker registry or repository. For more information on how to create this secret please see [Pull an Image from a Private Registry](https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/). | | gslb.adcCredentialSecret | Optional | N/A | The kubernetes secret containing login credentials for the NetScaler VPX or MPX. For information on how to create the secret keys, see [Prerequisites](#prerequistes). | diff --git a/citrix-cloud-native/charts/citrix-gslb-controller/templates/citrix-k8s-gslbcontroller.yaml b/citrix-cloud-native/charts/citrix-gslb-controller/templates/citrix-k8s-gslbcontroller.yaml index 995e33d..aa0d869 100644 --- a/citrix-cloud-native/charts/citrix-gslb-controller/templates/citrix-k8s-gslbcontroller.yaml +++ b/citrix-cloud-native/charts/citrix-gslb-controller/templates/citrix-k8s-gslbcontroller.yaml @@ -1,33 +1,17 @@ -{{- if .Values.openshift }} -apiVersion: apps.openshift.io/v1 -kind: DeploymentConfig -{{- else }} apiVersion: apps/v1 kind: Deployment -{{- end}} metadata: name: {{ include "citrix-gslb-controller.fullname" . }} namespace: {{ .Release.Namespace }} spec: selector: + matchLabels: {{- if .Values.openshift }} - router: {{ include "citrix-gslb-controller.fullname" . }} + router: {{ include "citrix-gslb-controller.fullname" . }} {{- else }} - matchLabels: app: {{ include "citrix-gslb-controller.fullname" . }} {{- end }} replicas: 1 -{{- if .Values.openshift }} - strategy: - resources: {} - rollingParams: - intervalSeconds: 1 - maxSurge: 0 - maxUnavailable: 25% - timeoutSeconds: 600 - updatePeriodSeconds: 1 - type: Rolling -{{- end}} template: metadata: name: {{ include "citrix-gslb-controller.name" . }} diff --git a/citrix-cloud-native/charts/citrix-gslb-controller/values.yaml b/citrix-cloud-native/charts/citrix-gslb-controller/values.yaml index fd76436..c4cf951 100644 --- a/citrix-cloud-native/charts/citrix-gslb-controller/values.yaml +++ b/citrix-cloud-native/charts/citrix-gslb-controller/values.yaml @@ -5,7 +5,7 @@ # image contains information needed to fetch NSIC image imageRegistry: quay.io imageRepository: citrix/citrix-k8s-ingress-controller -imageTag: 1.42.12 +imageTag: 1.43.7 image: "{{ .Values.imageRegistry }}/{{ .Values.imageRepository }}:{{ .Values.imageTag }}" pullPolicy: IfNotPresent imagePullSecrets: [] diff --git a/citrix-cloud-native/charts/citrix-ingress-controller/Chart.yaml b/citrix-cloud-native/charts/citrix-ingress-controller/Chart.yaml index 7637826..6846781 100644 --- a/citrix-cloud-native/charts/citrix-ingress-controller/Chart.yaml +++ b/citrix-cloud-native/charts/citrix-ingress-controller/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: "1.42.12" +appVersion: "1.43.7" kubeVersion: ">=v1.16.0-0" description: A Helm chart for NetScaler Ingress Controller configuring MPX/VPX. name: citrix-ingress-controller -version: 1.42.12 +version: 1.43.7 icon: https://raw.githubusercontent.com/netscaler/netscaler-helm-charts/gh-pages/netscaler.png home: https://www.cloud.com sources: diff --git a/citrix-cloud-native/charts/citrix-ingress-controller/README.md b/citrix-cloud-native/charts/citrix-ingress-controller/README.md index 652cfb1..cddf867 100644 --- a/citrix-cloud-native/charts/citrix-ingress-controller/README.md +++ b/citrix-cloud-native/charts/citrix-ingress-controller/README.md @@ -352,7 +352,7 @@ The following table lists the mandatory and optional parameters that you can con | cic.license.accept | Mandatory | no | Set `yes` to accept the NSIC end user license agreement. | | cic.imageRegistry | Mandatory | `quay.io` | The NetScaler ingress controller image registry | | cic.imageRepository | Mandatory | `citrix/citrix-k8s-ingress-controller` | The NetScaler ingress controller image repository | -| cic.imageTag | Mandatory | `1.42.12` | The NetScaler ingress controller image tag | +| cic.imageTag | Mandatory | `1.43.7 | The NetScaler ingress controller image tag | | cic.pullPolicy | Mandatory | IfNotPresent | The NSIC image pull policy. | | cic.imagePullSecrets | Optional | N/A | Provide list of Kubernetes secrets to be used for pulling the images from a private Docker registry or repository. For more information on how to create this secret please see [Pull an Image from a Private Registry](https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/). | | cic.nameOverride | Optional | N/A | String to partially override deployment fullname template with a string (will prepend the release name) | @@ -435,6 +435,11 @@ The following table lists the mandatory and optional parameters that you can con | cic.extraVolumeMounts | Optional | [] | Specify the Additional VolumeMounts to be mounted in NSIC container | | cic.extraVolumes | Optional | [] | Specify the Additional Volumes for additional volumeMounts | | cic.rbacRole | Optional | false | To deploy NSIC with RBAC Role set rbacRole=true; by default NSIC gets installed with RBAC ClusterRole(rbacRole=false) | +| cic.bgpAdvertisement | Optional | false | To advertise VIP using BGP from NetScaler | +| cic.enableReadinessProbe | Optional | True | Enable readinessProbe settings Citrix Ingress Controller | +| cic.enableLivenessProbe| Optional | True | Enable livenessPorbe settings for Citrix Ingress Controller | +| cic.readinessProbe | Optional | N/A | Set readinessProbe settings Citrix Ingress Controller | +| cic.livenessProbe| Optional | N/A | Set livenessPorbe settings for Citrix Ingress Controller | Alternatively, you can define a YAML file with the values for the parameters and pass the values while installing the chart. diff --git a/citrix-cloud-native/charts/citrix-ingress-controller/templates/citrix-k8s-ingress.yaml b/citrix-cloud-native/charts/citrix-ingress-controller/templates/citrix-k8s-ingress.yaml index d3ec191..61ffb9b 100644 --- a/citrix-cloud-native/charts/citrix-ingress-controller/templates/citrix-k8s-ingress.yaml +++ b/citrix-cloud-native/charts/citrix-ingress-controller/templates/citrix-k8s-ingress.yaml @@ -1,33 +1,18 @@ -{{- if .Values.openshift }} -apiVersion: apps.openshift.io/v1 -kind: DeploymentConfig -{{- else }} apiVersion: apps/v1 kind: Deployment -{{- end }} metadata: name: {{ include "citrix-ingress-controller.fullname" . }} namespace: {{ .Release.Namespace }} spec: selector: + matchLabels: {{- if .Values.openshift }} - router: {{ include "citrix-ingress-controller.fullname" . }} + router: {{ include "citrix-ingress-controller.fullname" . }} {{- else }} - matchLabels: - app: {{ include "citrix-ingress-controller.fullname" . }} + app: {{ include "citrix-ingress-controller. + fullname" . }} {{- end }} replicas: 1 -{{- if .Values.openshift }} - strategy: - resources: {} - rollingParams: - intervalSeconds: 1 - maxSurge: 0 - maxUnavailable: 25% - timeoutSeconds: 600 - updatePeriodSeconds: 1 - type: Rolling -{{- end }} template: metadata: name: cic @@ -47,6 +32,14 @@ spec: - name: cic image: "{{ tpl .Values.image . }}" imagePullPolicy: {{ .Values.pullPolicy }} +{{- if .Values.enableReadinessProbe }} + readinessProbe: + {{- toYaml .Values.readinessProbe | nindent 10 }} +{{- end }} +{{- if .Values.enableLivenessProbe }} + livenessProbe: + {{- toYaml .Values.livenessProbe | nindent 10 }} +{{- end }} args: - --configmap {{ .Release.Namespace }}/{{ include "cicconfigmap.fullname" . }} @@ -100,6 +93,10 @@ spec: {{- if .Values.nitroReadTimeout }} - name: "NS_NITRO_READ_TIMEOUT" value: "{{ .Values.nitroReadTimeout }}" +{{- end }} +{{-f if .Values.enableLivenessProbe }} + - name: "LIVENESS_FILE_PATH" + value: '/tmp/liveness_path.log' {{- end }} - name: "NS_USER" {{- if and .Values.secretStore.enabled .Values.secretStore.username}} @@ -159,6 +156,12 @@ spec: - name: "OPTIMIZE_ENDPOINT_BINDING" value: "{{ .Values.optimizeEndpointBinding }}" {{- end }} +{{- if .Values.nodeLabels }} + - name: "NODE_LABELS" + value: "{{ .Values.nodeLabels }}" +{{- end }} + - name: "BGP_ADVERTISEMENT" + value: {{ .Values.bgpAdvertisement | quote }} resources: {{- toYaml .Values.resources | nindent 12 }} {{- if ne (len .Values.extraVolumeMounts) 0 }} diff --git a/citrix-cloud-native/charts/citrix-ingress-controller/values.yaml b/citrix-cloud-native/charts/citrix-ingress-controller/values.yaml index 7a7717a..a0c3049 100644 --- a/citrix-cloud-native/charts/citrix-ingress-controller/values.yaml +++ b/citrix-cloud-native/charts/citrix-ingress-controller/values.yaml @@ -5,7 +5,7 @@ # NetScaler Ingress Controller config details imageRegistry: quay.io imageRepository: citrix/citrix-k8s-ingress-controller -imageTag: 1.42.12 +imageTag: 1.43.7 image: "{{ .Values.imageRegistry }}/{{ .Values.imageRepository }}:{{ .Values.imageTag }}" pullPolicy: IfNotPresent imagePullSecrets: [] @@ -179,6 +179,32 @@ resources: affinity: {} +bgpAdvertisement: False +nodeLabels: "" + +enableReadinessProbe: True +readinessProbe: + exec: + command: + - cat + - /tmp/readiness + initialDelaySeconds: 10 + periodSeconds: 60 + failureThreshold: 3 + successThreshold: 1 + +enableLivenessProbe: True +livenessProbe: + exec: + command: + - /bin/sh + - -c + - | + FILE_PATH="$LIVENESS_FILE_PATH" + [ -f "$FILE_PATH" ] && [ $(( $(date +%s) - $(stat -c %Y "$FILE_PATH") )) -lt 60 ] && exit 0 || exit 1 + initialDelaySeconds: 30 + periodSeconds: 60 + extraVolumeMounts: [] # We usually recommend not to specify default resources and to leave this as a conscious # choice for the user. diff --git a/citrix-cpx-with-ingress-controller/Chart.yaml b/citrix-cpx-with-ingress-controller/Chart.yaml index ef9a8b1..d555b54 100644 --- a/citrix-cpx-with-ingress-controller/Chart.yaml +++ b/citrix-cpx-with-ingress-controller/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: "1.42.12" +appVersion: "1.43.7" kubeVersion: ">=v1.16.0-0" description: A Helm chart for NetScaler CPX with NetScaler ingress Controller running as sidecar. name: citrix-cpx-with-ingress-controller -version: 1.42.12 +version: 1.43.7 icon: https://raw.githubusercontent.com/netscaler/netscaler-helm-charts/gh-pages/netscaler.png home: https://www.cloud.com sources: diff --git a/citrix-cpx-with-ingress-controller/README.md b/citrix-cpx-with-ingress-controller/README.md index 36a9f32..941ac92 100644 --- a/citrix-cpx-with-ingress-controller/README.md +++ b/citrix-cpx-with-ingress-controller/README.md @@ -608,15 +608,19 @@ The following table lists the configurable parameters of the NetScaler CPX with | license.accept | Mandatory | no | Set `yes` to accept the NetScaler ingress controller end user license agreement. | | imageRegistry | Mandatory | `quay.io` | The NetScaler CPX image registry | | imageRepository | Mandatory | `citrix/citrix-k8s-cpx-ingress` | The NetScaler CPX image repository | -| imageTag | Mandatory | `14.1-17.101` | The NetScaler CPX image tag | +| imageTag | Mandatory | `14.1-25.109` | The NetScaler CPX image tag | | pullPolicy | Mandatory | IfNotPresent | The NetScaler CPX image pull policy. | | hostName | Optional | N/A | This entity will be used to set Hostname of the CPX | | daemonSet | Optional | False | Set this to true if NetScaler CPX needs to be deployed as DaemonSet. | | cic.imageRegistry | Mandatory | `quay.io` | The NetScaler ingress controller image registry | | cic.imageRepository | Mandatory | `citrix/citrix-k8s-ingress-controller` | The NetScaler ingress controller image repository | -| cic.imageTag | Mandatory | `1.42.12` | The NetScaler ingress controller image tag | +| cic.imageTag | Mandatory | `1.43.7` | The NetScaler ingress controller image tag | | cic.pullPolicy | Mandatory | IfNotPresent | The NetScaler ingress controller image pull policy. | | cic.required | Mandatory | true | NSIC to be run as sidecar with NetScaler CPX | +| cic.enableLivenessProbe | Optional | True | Enable livenessProbe settings for Citrix Ingress Controller | +| cic.enableReadinessProbe | Optional | True | Enable readinessProbe settings | +| cic.livenessProbe | Mandatory | N/A | Set livenessProbe settings for Citrix Ingress Controller | +| cic.readinessProbe | Mandatory | N/A | Set readinessProbe settings | | cic.resources | Optional | {} | CPU/Memory resource requests/limits for NetScaler Ingress Controller container | | cic.rbacRole | Optional | false | To deploy NSIC with RBAC Role set rbacRole=true; by default NSIC gets installed with RBAC ClusterRole(rbacRole=false)) | | cic.prometheusCredentialSecret | Optional | N/A | The secret key required to create read only user for native export of metrics using Prometheus. | @@ -711,6 +715,10 @@ The following table lists the configurable parameters of the NetScaler CPX with | nsLbHashAlgo.hashAlgorithm | Optional | 'default' | Specifies the supported algorithm. Supported algorithms are "default", "jarh", "prac", Default value is 'default' | | cpxCommands| Optional | N/A | This argument accepts user-provided bootup NetScaler config that is applied as soon as the CPX is instantiated. Please note that this is not a dynamic config, and any subsequent changes to the configmap don't reflect in the CPX config unless the pod is restarted. For more info, please refer the [documentation](https://docs.netscaler.com/en-us/citrix-adc-cpx/current-release/configure-cpx-kubernetes-using-configmaps.html). | | cpxShellCommands| Optional | N/A | This argument accepts user-provided bootup config that is applied as soon as the CPX is instantiated. Please note that this is not a dynamic config, and any subsequent changes to the configmap don't reflect in the CPX config unless the pod is restarted. For more info, please refer the [documentation](https://docs.netscaler.com/en-us/citrix-adc-cpx/current-release/configure-cpx-kubernetes-using-configmaps.html). | +| enableStartupProbe | Optional | True | Enable startupProbe settings for CPX | +| enableLivenessProbe | Optional | True | Enable livenessProbe settings for CPX | +| startupProbe | Optional | N/A | Set startupProbe settings for CPX | +| livenessProbe | Optional | N/A | Set livenessProbe settings for CPX | > **Note:** > diff --git a/citrix-cpx-with-ingress-controller/templates/citrix-k8s-cpx-ingress.yaml b/citrix-cpx-with-ingress-controller/templates/citrix-k8s-cpx-ingress.yaml index c284765..760bc9e 100644 --- a/citrix-cpx-with-ingress-controller/templates/citrix-k8s-cpx-ingress.yaml +++ b/citrix-cpx-with-ingress-controller/templates/citrix-k8s-cpx-ingress.yaml @@ -140,12 +140,24 @@ spec: name: cpx-volume-conf - mountPath: /cpx/bootup_conf name: bootupconfig-volume +{{- if .Values.enableStartupProbe }} + startupProbe: + {{- toYaml .Values.startupProbe | nindent 12 }} +{{- end }} +{{- if .Values.enableLivenessProbe}} + livenessProbe: + {{- toYaml .Values.livenessProbe | nindent 12 }} +{{- end }} {{- if .Values.cic.required }} # Add cic as a sidecar - name: cic image: "{{ tpl .Values.cic.image . }}" imagePullPolicy: {{ .Values.cic.pullPolicy }} env: +{{- if .Values.cic.enableLivenessProbe }} + - name: "LIVENESS_FILE_PATH" + value: '/tmp/liveness_path.log' +{{- end }} {{- if .Values.analyticsConfig.timeseries.metrics.enableNativeScrape }} - name: "PROM_USER" valueFrom: @@ -320,6 +332,14 @@ spec: volumeMounts: - mountPath: /var/deviceinfo name: shared-data +{{- if .Values.cic.enableReadinessProbe }} + readinessProbe: + {{- toYaml .Values.cic.readinessProbe | nindent 12 }} +{{- end }} +{{- if .Values.cic.enableLivenessProbe}} + livenessProbe: + {{- toYaml .Values.cic.livenessProbe | nindent 12 }} +{{- end }} resources: {{- toYaml .Values.exporter.resources | nindent 12 }} {{- end }} diff --git a/citrix-cpx-with-ingress-controller/values.yaml b/citrix-cpx-with-ingress-controller/values.yaml index 84e2a08..6c43ec5 100644 --- a/citrix-cpx-with-ingress-controller/values.yaml +++ b/citrix-cpx-with-ingress-controller/values.yaml @@ -5,7 +5,7 @@ # NetScaler CPX config details imageRegistry: quay.io imageRepository: citrix/citrix-k8s-cpx-ingress -imageTag: 14.1-17.101 +imageTag: 14.1-25.109 image: "{{ .Values.imageRegistry }}/{{ .Values.imageRepository }}:{{ .Values.imageTag }}" pullPolicy: IfNotPresent imagePullSecrets: [] @@ -84,7 +84,7 @@ servicePorts: [] cic: imageRegistry: quay.io imageRepository: citrix/citrix-k8s-ingress-controller - imageTag: 1.42.12 + imageTag: 1.43.7 image: "{{ .Values.cic.imageRegistry }}/{{ .Values.cic.imageRepository }}:{{ .Values.cic.imageTag }}" pullPolicy: IfNotPresent required: true @@ -104,6 +104,28 @@ cic: # cpu: 1000m # memory: 1000Mi prometheusCredentialSecret: "" # K8s Secret Name for read only user creation for native Prometheus support + enableLivenessProbe: True + livenessProbe: + exec: + command: + - /bin/sh + - -c + - | + FILE_PATH="$LIVENESS_FILE_PATH" + [ -f "$FILE_PATH" ] && [ $(( $(date +%s) - $(stat -c %Y "$FILE_PATH") )) -lt 60 ] && exit 0 || exit 1 + initialDelaySeconds: 30 + periodSeconds: 60 + + enableReadinessProbe: True + readinessProbe: + exec: + command: + - cat + - /tmp/readiness + initialDelaySeconds: 50 + periodSeconds: 60 + failureThreshold: 3 + successThreshold: 1 entityPrefix: "" license: @@ -244,6 +266,30 @@ resources: affinity: {} +enableStartupProbe: True +startupProbe: + initialDelaySeconds: 30 + periodSeconds: 5 + failureThreshold: 20 + successThreshold: 1 + exec: + command: + - /bin/ping + - -c 1 + - 192.0.0.1 + +enableLivenessProbe: True +livenessProbe: + exec: + command: + - ls + - /tmp/cpx_started + periodSeconds: 5 + failureThreshold: 3 + successThreshold: 1 + + + # cpxCommands: to provide global config to be applied in CPX. The commands will be executed in order. For e.g. # add rewrite action rw_act_x_forwarded_proto insert_http_header X-Forwarded-Proto "\"https\"" # add rewrite policy rw_pol_x_forwarded_proto CLIENT.SSL.IS_SSL rw_act_x_forwarded_proto diff --git a/citrix-gslb-controller/Chart.yaml b/citrix-gslb-controller/Chart.yaml index cb3ccb1..924e125 100644 --- a/citrix-gslb-controller/Chart.yaml +++ b/citrix-gslb-controller/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v1 -appVersion: "1.42.12" +appVersion: "1.43.7" description: A Helm chart for NetScaler GSLB Controller configuring MPX/VPX. name: citrix-gslb-controller -version: 1.42.12 +version: 1.43.7 icon: https://raw.githubusercontent.com/netscaler/netscaler-helm-charts/gh-pages/netscaler.png home: https://www.cloud.com maintainers: diff --git a/citrix-gslb-controller/README.md b/citrix-gslb-controller/README.md index 061bc3f..2a35886 100644 --- a/citrix-gslb-controller/README.md +++ b/citrix-gslb-controller/README.md @@ -198,7 +198,7 @@ The following table lists the mandatory and optional parameters that you can con | license.accept | Mandatory | no | Set `yes` to accept the NSIC end user license agreement. | | imageRegistry | Optional | `quay.io` | The NetScaler ingress controller image registry | | imageRepository | Optional | `citrix/citrix-k8s-ingress-controller` | The NetScaler ingress controller image repository | -| imageTag | Optional | `1.42.12` | The NetScaler ingress controller image tag | +| imageTag | Optional | `1.43.7` | The NetScaler ingress controller image tag | | pullPolicy | Optional | Always | The NSIC image pull policy. | | imagePullSecrets | Optional | N/A | Provide list of Kubernetes secrets to be used for pulling the images from a private Docker registry or repository. For more information on how to create this secret please see [Pull an Image from a Private Registry](https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/). | | nsIP | Optional | N/A | The IP address of the NetScaler device. For details, see [Prerequisites](#prerequistes). | diff --git a/citrix-gslb-controller/templates/citrix-k8s-gslbcontroller.yaml b/citrix-gslb-controller/templates/citrix-k8s-gslbcontroller.yaml index 3bce152..57baba8 100644 --- a/citrix-gslb-controller/templates/citrix-k8s-gslbcontroller.yaml +++ b/citrix-gslb-controller/templates/citrix-k8s-gslbcontroller.yaml @@ -1,33 +1,17 @@ -{{- if .Values.openshift }} -apiVersion: apps.openshift.io/v1 -kind: DeploymentConfig -{{- else }} apiVersion: apps/v1 kind: Deployment -{{- end}} metadata: name: {{ include "citrix-gslb-controller.fullname" . }} namespace: {{ .Release.Namespace }} spec: selector: + matchLabels: {{- if .Values.openshift }} - router: {{ include "citrix-gslb-controller.fullname" . }} + router: {{ include "citrix-gslb-controller.fullname" . }} {{- else }} - matchLabels: app: {{ include "citrix-gslb-controller.fullname" . }} {{- end }} replicas: 1 -{{- if .Values.openshift }} - strategy: - resources: {} - rollingParams: - intervalSeconds: 1 - maxSurge: 0 - maxUnavailable: 25% - timeoutSeconds: 600 - updatePeriodSeconds: 1 - type: Rolling -{{- end}} template: metadata: name: {{ include "citrix-gslb-controller.name" . }} diff --git a/citrix-gslb-controller/values.yaml b/citrix-gslb-controller/values.yaml index e37a5eb..cd88ed6 100644 --- a/citrix-gslb-controller/values.yaml +++ b/citrix-gslb-controller/values.yaml @@ -5,7 +5,7 @@ # image contains information needed to fetch NSIC image imageRegistry: quay.io imageRepository: citrix/citrix-k8s-ingress-controller -imageTag: 1.42.12 +imageTag: 1.43.7 image: "{{ .Values.imageRegistry }}/{{ .Values.imageRepository }}:{{ .Values.imageTag }}" pullPolicy: IfNotPresent imagePullSecrets: [] diff --git a/citrix-ingress-controller/Chart.yaml b/citrix-ingress-controller/Chart.yaml index 7637826..6846781 100644 --- a/citrix-ingress-controller/Chart.yaml +++ b/citrix-ingress-controller/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: "1.42.12" +appVersion: "1.43.7" kubeVersion: ">=v1.16.0-0" description: A Helm chart for NetScaler Ingress Controller configuring MPX/VPX. name: citrix-ingress-controller -version: 1.42.12 +version: 1.43.7 icon: https://raw.githubusercontent.com/netscaler/netscaler-helm-charts/gh-pages/netscaler.png home: https://www.cloud.com sources: diff --git a/citrix-ingress-controller/README.md b/citrix-ingress-controller/README.md index d22e5a4..aa41f7c 100644 --- a/citrix-ingress-controller/README.md +++ b/citrix-ingress-controller/README.md @@ -342,7 +342,7 @@ The following table lists the mandatory and optional parameters that you can con | license.accept | Mandatory | no | Set `yes` to accept the NSIC end user license agreement. | | imageRegistry | Mandatory | `quay.io` | The NetScaler ingress controller image registry | | imageRepository | Mandatory | `citrix/citrix-k8s-ingress-controller` | The NetScaler ingress controller image repository | -| imageTag | Mandatory | `1.42.12` | The NetScaler ingress controller image tag | +| imageTag | Mandatory | `1.43.7` | The NetScaler ingress controller image tag | | pullPolicy | Mandatory | IfNotPresent | The NSIC image pull policy. | | imagePullSecrets | Optional | N/A | Provide list of Kubernetes secrets to be used for pulling the images from a private Docker registry or repository. For more information on how to create this secret please see [Pull an Image from a Private Registry](https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/). | | nameOverride | Optional | N/A | String to partially override deployment fullname template with a string (will prepend the release name) | @@ -425,6 +425,12 @@ The following table lists the mandatory and optional parameters that you can con | extraVolumeMounts | Optional | [] | Specify the Additional VolumeMounts to be mounted in NSIC container | | extraVolumes | Optional | [] | Specify the Additional Volumes for additional volumeMounts | | rbacRole | Optional | false | To deploy NSIC with RBAC Role set rbacRole=true; by default NSIC gets installed with RBAC ClusterRole(rbacRole=false)) | +| nodeLabels | Optional | "" | If there are pods on nodes in the nodes with this nodeLabels, NSIC will configure NetScaler to advertises the VIP using BGP | +| bgpAdvertisement | Optional | False | To advertise VIP using BGP from NetScaler | +| enableReadinessProbe | Optional | True| Enable readinessProbe settings Citrix Ingress Controller | +| enableLivenessProbe| Optional | True | Enable livenessPorbe settings for Citrix Ingress Controller | +| readinessProbe | Optional | N/A | Set readinessProbe settings Citrix Ingress Controller | +| livenessProbe| Optional | N/A | Set livenessPorbe settings for Citrix Ingress Controller | Alternatively, you can define a YAML file with the values for the parameters and pass the values while installing the chart. diff --git a/citrix-ingress-controller/templates/citrix-k8s-ingress.yaml b/citrix-ingress-controller/templates/citrix-k8s-ingress.yaml index d3ec191..7e8f2f7 100644 --- a/citrix-ingress-controller/templates/citrix-k8s-ingress.yaml +++ b/citrix-ingress-controller/templates/citrix-k8s-ingress.yaml @@ -1,33 +1,17 @@ -{{- if .Values.openshift }} -apiVersion: apps.openshift.io/v1 -kind: DeploymentConfig -{{- else }} apiVersion: apps/v1 kind: Deployment -{{- end }} metadata: name: {{ include "citrix-ingress-controller.fullname" . }} namespace: {{ .Release.Namespace }} spec: selector: + matchLabels: {{- if .Values.openshift }} - router: {{ include "citrix-ingress-controller.fullname" . }} + router: {{ include "citrix-ingress-controller.fullname" . }} {{- else }} - matchLabels: app: {{ include "citrix-ingress-controller.fullname" . }} {{- end }} replicas: 1 -{{- if .Values.openshift }} - strategy: - resources: {} - rollingParams: - intervalSeconds: 1 - maxSurge: 0 - maxUnavailable: 25% - timeoutSeconds: 600 - updatePeriodSeconds: 1 - type: Rolling -{{- end }} template: metadata: name: cic @@ -47,6 +31,14 @@ spec: - name: cic image: "{{ tpl .Values.image . }}" imagePullPolicy: {{ .Values.pullPolicy }} +{{- if .Values.enableReadinessProbe }} + readinessProbe: + {{- toYaml .Values.readinessProbe | nindent 10 }} +{{- end }} +{{- if .Values.enableLivenessProbe }} + livenessProbe: + {{- toYaml .Values.livenessProbe | nindent 10 }} +{{- end }} args: - --configmap {{ .Release.Namespace }}/{{ include "cicconfigmap.fullname" . }} @@ -100,6 +92,10 @@ spec: {{- if .Values.nitroReadTimeout }} - name: "NS_NITRO_READ_TIMEOUT" value: "{{ .Values.nitroReadTimeout }}" +{{- end }} +{{- if .Values.enableLivenessProbe }} + - name: "LIVENESS_FILE_PATH" + value: '/tmp/liveness_path.log' {{- end }} - name: "NS_USER" {{- if and .Values.secretStore.enabled .Values.secretStore.username}} @@ -159,6 +155,12 @@ spec: - name: "OPTIMIZE_ENDPOINT_BINDING" value: "{{ .Values.optimizeEndpointBinding }}" {{- end }} +{{- if .Values.nodeLabels }} + - name: "NODE_LABELS" + value: "{{ .Values.nodeLabels }}" +{{- end }} + - name: "BGP_ADVERTISEMENT" + value: {{ .Values.bgpAdvertisement | quote }} resources: {{- toYaml .Values.resources | nindent 12 }} {{- if ne (len .Values.extraVolumeMounts) 0 }} diff --git a/citrix-ingress-controller/values.yaml b/citrix-ingress-controller/values.yaml index 691228e..5e257fe 100644 --- a/citrix-ingress-controller/values.yaml +++ b/citrix-ingress-controller/values.yaml @@ -5,7 +5,7 @@ # NetScaler Ingress Controller config details imageRegistry: quay.io imageRepository: citrix/citrix-k8s-ingress-controller -imageTag: 1.42.12 +imageTag: 1.43.7 image: "{{ .Values.imageRegistry }}/{{ .Values.imageRepository }}:{{ .Values.imageTag }}" pullPolicy: IfNotPresent imagePullSecrets: [] @@ -180,6 +180,32 @@ resources: affinity: {} +bgpAdvertisement: False +nodeLabels: "" + +enableReadinessProbe: True +readinessProbe: + exec: + command: + - cat + - /tmp/readiness + initialDelaySeconds: 10 + periodSeconds: 60 + failureThreshold: 3 + successThreshold: 1 + +enableLivenessProbe: True +livenessProbe: + exec: + command: + - /bin/sh + - -c + - | + FILE_PATH="$LIVENESS_FILE_PATH" + [ -f "$FILE_PATH" ] && [ $(( $(date +%s) - $(stat -c %Y "$FILE_PATH") )) -lt 60 ] && exit 0 || exit 1 + initialDelaySeconds: 30 + periodSeconds: 60 + extraVolumeMounts: [] # We usually recommend not to specify default resources and to leave this as a conscious # choice for the user. diff --git a/citrix_cloud_native_values.yaml b/citrix_cloud_native_values.yaml index 8536548..ab72f92 100644 --- a/citrix_cloud_native_values.yaml +++ b/citrix_cloud_native_values.yaml @@ -3,7 +3,7 @@ cic: imageRegistry: quay.io imageRepository: citrix/citrix-k8s-ingress-controller - imageTag: 1.42.12 + imageTag: 1.43.7 image: "{{ .Values.cic.imageRegistry }}/{{ .Values.cic.imageRepository }}:{{ .Values.cic.imageTag }}" pullPolicy: IfNotPresent imagePullSecrets: [] @@ -165,6 +165,32 @@ cic: # memory: 1000Mi affinity: {} + nodeLabels: "" + bgpAdvertisement: False + + enableReadinessProbe: True + readinessProbe: + exec: + command: + - cat + - /tmp/readiness + initialDelaySeconds: 10 + periodSeconds: 60 + failureThreshold: 3 + successThreshold: 1 + + enableLivenessProbe: True + livenessProbe: + exec: + command: + - /bin/sh + - -c + - | + FILE_PATH="$LIVENESS_FILE_PATH" + [ -f "$FILE_PATH" ] && [ $(( $(date +%s) - $(stat -c %Y "$FILE_PATH") )) -lt 60 ] && exit 0 || exit 1 + initialDelaySeconds: 30 + periodSeconds: 60 + extraVolumeMounts: [] # We usually recommend not to specify default resources and to leave this as a conscious @@ -192,7 +218,7 @@ gslb: imageRegistry: quay.io imageRepository: citrix/citrix-k8s-ingress-controller - imageTag: 1.42.12 + imageTag: 1.43.7 image: "{{ .Values.gslb.imageRegistry }}/{{ .Values.gslb.imageRepository }}:{{ .Values.gslb.imageTag }}" pullPolicy: IfNotPresent openshift: false @@ -237,7 +263,7 @@ cpx: imageRegistry: quay.io imageRepository: citrix/citrix-k8s-cpx-ingress - imageTag: 14.1-17.101 + imageTag: 14.1-25.109 image: "{{ .Values.cpx.imageRegistry }}/{{ .Values.cpx.imageRepository }}:{{ .Values.cpx.imageTag }}" pullPolicy: IfNotPresent @@ -298,7 +324,7 @@ cpx: cic: imageRegistry: quay.io imageRepository: citrix/citrix-k8s-ingress-controller - imageTag: 1.42.12 + imageTag: 1.43.7 image: "{{ .Values.cpx.cic.imageRegistry }}/{{ .Values.cpx.cic.imageRepository }}:{{ .Values.cpx.cic.imageTag }}" pullPolicy: IfNotPresent required: true @@ -319,7 +345,27 @@ cpx: # memory: 1000Mi rbacRole: False prometheusCredentialSecret: # K8s Secret Name for read only user creation for native Prometheus support - + enableLivenessProbe: True + livenessProbe: + exec: + command: + - /bin/sh + - -c + - | + FILE_PATH="$LIVENESS_FILE_PATH" + [ -f "$FILE_PATH" ] && [ $(( $(date +%s) - $(stat -c %Y "$FILE_PATH") )) -lt 60 ] && exit 0 || exit 1 + initialDelaySeconds: 30 + periodSeconds: 60 + enableReadinessProbe: True + readinessProbe: + exec: + command: + - cat + - /tmp/readiness + initialDelaySeconds: 50 + periodSeconds: 60 + failureThreshold: 3 + successThreshold: 1 entityPrefix: license: accept: no @@ -417,7 +463,30 @@ cpx: # cpu: 500m # memory: 512Mi affinity: {} - + enableStartupProbe: True + startupProbe: + initialDelaySeconds: 30 + periodSeconds: 5 + failureThreshold: 20 + successThreshold: 1 + exec: + command: + - /bin/ping + - -c 1 + - 192.0.0.1 + + enableLivenessProbe: True + livenessProbe: + exec: + command: + - ls + - /tmp/cpx_started + periodSeconds: 5 + failureThreshold: 3 + successThreshold: 1 + + + # cpxCommands: to provide global config to be applied in CPX. The commands will be executed in order. For e.g. # add rewrite action rw_act_x_forwarded_proto insert_http_header X-Forwarded-Proto "\"https\"" # add rewrite policy rw_pol_x_forwarded_proto CLIENT.SSL.IS_SSL rw_act_x_forwarded_proto @@ -640,7 +709,7 @@ iaSidecar: netscalerUrl: "http://127.0.0.1" imageRegistry: quay.io imageRepository: citrix/citrix-k8s-cpx-ingress - imageTag: 14.1-17.101 + imageTag: 14.1-25.109 image: "{{ .Values.iaSidecar.cpxProxy.imageRegistry }}/{{ .Values.iaSidecar.cpxProxy.imageRepository }}:{{ .Values.iaSidecar.cpxProxy.imageTag }}" imagePullPolicy: IfNotPresent EULA: NO diff --git a/examples/Servicemesh_with_GSLB_and_WAF/manifest/gslbcontroller1.yaml b/examples/Servicemesh_with_GSLB_and_WAF/manifest/gslbcontroller1.yaml index ee489ef..557a463 100644 --- a/examples/Servicemesh_with_GSLB_and_WAF/manifest/gslbcontroller1.yaml +++ b/examples/Servicemesh_with_GSLB_and_WAF/manifest/gslbcontroller1.yaml @@ -4,7 +4,7 @@ nsProtocol: HTTPS entityPrefix: gslb imageRegistry: quay.io imageRepository: citrix/citrix-k8s-ingress-controller -imageTag: 1.42.12 +imageTag: 1.43.7 image: "{{ .Values.imageRegistry }}/{{ .Values.imageRepository }}:{{ .Values.imageTag }}" pullPolicy: IfNotPresent license: diff --git a/examples/Servicemesh_with_GSLB_and_WAF/manifest/gslbcontroller2.yaml b/examples/Servicemesh_with_GSLB_and_WAF/manifest/gslbcontroller2.yaml index 57805f2..919fc7b 100644 --- a/examples/Servicemesh_with_GSLB_and_WAF/manifest/gslbcontroller2.yaml +++ b/examples/Servicemesh_with_GSLB_and_WAF/manifest/gslbcontroller2.yaml @@ -4,7 +4,7 @@ nsProtocol: HTTPS entityPrefix: gslb imageRegistry: quay.io imageRepository: citrix/citrix-k8s-ingress-controller -imageTag: 1.42.12 +imageTag: 1.43.7 image: "{{ .Values.imageRegistry }}/{{ .Values.imageRepository }}:{{ .Values.imageTag }}" pullPolicy: IfNotPresent license: diff --git a/examples/citrix-cpx-with-ingress-controller/Chart.yaml b/examples/citrix-cpx-with-ingress-controller/Chart.yaml index ef9a8b1..d555b54 100644 --- a/examples/citrix-cpx-with-ingress-controller/Chart.yaml +++ b/examples/citrix-cpx-with-ingress-controller/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: "1.42.12" +appVersion: "1.43.7" kubeVersion: ">=v1.16.0-0" description: A Helm chart for NetScaler CPX with NetScaler ingress Controller running as sidecar. name: citrix-cpx-with-ingress-controller -version: 1.42.12 +version: 1.43.7 icon: https://raw.githubusercontent.com/netscaler/netscaler-helm-charts/gh-pages/netscaler.png home: https://www.cloud.com sources: diff --git a/examples/citrix-cpx-with-ingress-controller/README.md b/examples/citrix-cpx-with-ingress-controller/README.md index 163193d..6659149 100644 --- a/examples/citrix-cpx-with-ingress-controller/README.md +++ b/examples/citrix-cpx-with-ingress-controller/README.md @@ -242,14 +242,18 @@ The following table lists the configurable parameters of the NetScaler CPX with | license.accept | Mandatory | no | Set `yes` to accept the NetScaler ingress controller end user license agreement. | | imageRegistry | Mandatory | `quay.io` | The NetScaler CPX image registry | | imageRepository | Mandatory | `citrix/citrix-k8s-cpx-ingress` | The NetScaler CPX image repository | -| imageTag | Mandatory | `14.1-17.101` | The NetScaler CPX image tag | +| imageTag | Mandatory | `14.1-25.109` | The NetScaler CPX image tag | | pullPolicy | Mandatory | IfNotPresent | The NetScaler CPX image pull policy. | | hostName | Optional | N/A | This entity will be used to set Hostname of the CPX | | cic.imageRegistry | Mandatory | `quay.io` | The NetScaler ingress controller image registry | | cic.imageRepository | Mandatory | `citrix/citrix-k8s-ingress-controller` | The NetScaler ingress controller image repository | -| cic.imageTag | Mandatory | `1.42.12` | The NetScaler ingress controller image tag | +| cic.imageTag | Mandatory | `1.43.7 | The NetScaler ingress controller image tag | | cic.pullPolicy | Mandatory | IfNotPresent | The NetScaler ingress controller image pull policy. | | cic.required | Mandatory | true | NSIC to be run as sidecar with NetScaler CPX | +| cic.enableLivenessProbe | Optional | True | Enable livenessProbe settings for NSIC | +| cic.enableReadinessProbe | Optional | True | Enable readinessProbe settings | +| cic.livenessProbe | Optional | N/A | Set livenessProbe settings for NSIC | +| cic.readinessProbe | Optional | N/A | Set readinessProbe settings | | cic.resources | Optional | {} | CPU/Memory resource requests/limits for NetScaler Ingress Controller container | | cic.prometheusCredentialSecret | Optional | N/A | The secret key required to create read only user for native export of metrics using Prometheus. | | imagePullSecrets | Optional | N/A | Provide list of Kubernetes secrets to be used for pulling the images from a private Docker registry or repository. For more information on how to create this secret please see [Pull an Image from a Private Registry](https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/). | @@ -341,6 +345,10 @@ bels | Optional | N/A | You can use this parameter to provide the route labels s | nsLbHashAlgo.hashAlgorithm | Optional | 'default' | Specifies the supported algorithm. Supported algorithms are "default", "jarh", "prac", Default value is 'default' | | cpxCommands| Optional | N/A | This argument accepts user-provided bootup NetScaler config that is applied as soon as the CPX is instantiated. Please note that this is not a dynamic config, and any subsequent changes to the configmap don't reflect in the CPX config unless the pod is restarted. For more info, please refer the [documentation](https://docs.netscaler.com/en-us/citrix-adc-cpx/current-release/configure-cpx-kubernetes-using-configmaps.html). | | cpxShellCommands| Optional | N/A | This argument accepts user-provided bootup config that is applied as soon as the CPX is instantiated. Please note that this is not a dynamic config, and any subsequent changes to the configmap don't reflect in the CPX config unless the pod is restarted. For more info, please refer the [documentation](https://docs.netscaler.com/en-us/citrix-adc-cpx/current-release/configure-cpx-kubernetes-using-configmaps.html). | +| enableStartupProbe | Optional | True | Enable startupProbe settings for CPX | +| enableLivenessProbe | Optional | True | Enable livenessProbe settings for CPX | +| startupProbe | Optional | N/A | Set startupProbe settings for CPX | +| livenessProbe | Optional | N/A | Set livenessProbe settings for CPX | > **Tip:** > diff --git a/examples/citrix-cpx-with-ingress-controller/templates/citrix-k8s-cpx-ingress.yaml b/examples/citrix-cpx-with-ingress-controller/templates/citrix-k8s-cpx-ingress.yaml index d96bab2..62ed435 100644 --- a/examples/citrix-cpx-with-ingress-controller/templates/citrix-k8s-cpx-ingress.yaml +++ b/examples/citrix-cpx-with-ingress-controller/templates/citrix-k8s-cpx-ingress.yaml @@ -140,12 +140,24 @@ spec: name: cpx-volume-conf - mountPath: /cpx/bootup_conf name: bootupconfig-volume +{{- if .Values.enableStartupProbe }} + startupProbe: + {{- toYaml .Values.startupProbe | nindent 12 }} +{{- end }}\ +{{- if .Values.enableLivenessProbe }} + livenessProbe: + {{- toYaml .Values.livenessProbe | nindent 12 }} +{{- end }} {{- if .Values.cic.required }} # Add cic as a sidecar - name: cic image: "{{ tpl .Values.cic.image . }}" imagePullPolicy: {{ .Values.cic.pullPolicy }} env: +{{- if .Values.cic.enableLivenessProbe }} + - name: "LIVENESS_FILE_PATH" + value: '/tmp/liveness_path.log' +{{- end }} {{- if .Values.analyticsConfig.timeseries.metrics.enableNativeScrape }} - name: "PROM_USER" valueFrom: @@ -320,6 +332,14 @@ spec: volumeMounts: - mountPath: /var/deviceinfo name: shared-data +{{- if .Values.cic.enableReadinessProbe }} + readinessProbe: + {{- toYaml .Values.cic.readinessProbe | nindent 12 }} +{{- end }} +{{- if .Values.cic.enableLivenessProbe }} + livenessProbe: + {{- toYaml .Values.cic.livenessProbe | nindent 12 }} +{{- end }} resources: {{- toYaml .Values.exporter.resources | nindent 12 }} {{- end }} diff --git a/examples/citrix-cpx-with-ingress-controller/values.yaml b/examples/citrix-cpx-with-ingress-controller/values.yaml index ca05cf9..dd422e8 100644 --- a/examples/citrix-cpx-with-ingress-controller/values.yaml +++ b/examples/citrix-cpx-with-ingress-controller/values.yaml @@ -5,7 +5,7 @@ # NetScaler CPX config details imageRegistry: quay.io imageRepository: citrix/citrix-k8s-cpx-ingress -imageTag: 14.1-17.101 +imageTag: 14.1-25.109 image: "{{ .Values.imageRegistry }}/{{ .Values.imageRepository }}:{{ .Values.imageTag }}" pullPolicy: IfNotPresent imagePullSecrets: [] @@ -84,7 +84,7 @@ servicePorts: [] cic: imageRegistry: quay.io imageRepository: citrix/citrix-k8s-ingress-controller - imageTag: 1.42.12 + imageTag: 1.43.7 image: "{{ .Values.cic.imageRegistry }}/{{ .Values.cic.imageRepository }}:{{ .Values.cic.imageTag }}" pullPolicy: IfNotPresent required: true @@ -104,6 +104,27 @@ cic: # cpu: 1000m # memory: 1000Mi prometheusCredentialSecret: # K8s Secret Name for read only user creation for native Prometheus support + enableLivenessProbe: True + livenessProbe: + exec: + command: + - /bin/sh + - -c + - | + FILE_PATH="$LIVENESS_FILE_PATH" + [ -f "$FILE_PATH" ] && [ $(( $(date +%s) - $(stat -c %Y "$FILE_PATH") )) -lt 60 ] && exit 0 || exit 1 + initialDelaySeconds: 30 + periodSeconds: 60 + enableReadinessProbe: True + readinessProbe: + exec: + command: + - cat + - /tmp/readiness + initialDelaySeconds: 50 + periodSeconds: 60 + failureThreshold: 3 + successThreshold: 1 entityPrefix: license: @@ -244,6 +265,30 @@ resources: affinity: {} +enableStartupProbe: True +startupProbe: + initialDelaySeconds: 30 + periodSeconds: 5 + failureThreshold: 20 + successThreshold: 1 + exec: + command: + - /bin/ping + - -c 1 + - 192.0.0.1 + +enableLivenessProbe: True +livenessProbe: + exec: + command: + - ls + - /tmp/cpx_started + periodSeconds: 5 + failureThreshold: 3 + successThreshold: 1 + + + # cpxCommands: to provide global config to be applied in CPX. The commands will be executed in order. For e.g. # add rewrite action rw_act_x_forwarded_proto insert_http_header X-Forwarded-Proto "\"https\"" # add rewrite policy rw_pol_x_forwarded_proto CLIENT.SSL.IS_SSL rw_act_x_forwarded_proto diff --git a/examples/citrix-ingress-controller/Chart.yaml b/examples/citrix-ingress-controller/Chart.yaml index 7637826..6846781 100644 --- a/examples/citrix-ingress-controller/Chart.yaml +++ b/examples/citrix-ingress-controller/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: "1.42.12" +appVersion: "1.43.7" kubeVersion: ">=v1.16.0-0" description: A Helm chart for NetScaler Ingress Controller configuring MPX/VPX. name: citrix-ingress-controller -version: 1.42.12 +version: 1.43.7 icon: https://raw.githubusercontent.com/netscaler/netscaler-helm-charts/gh-pages/netscaler.png home: https://www.cloud.com sources: diff --git a/examples/citrix-ingress-controller/README.md b/examples/citrix-ingress-controller/README.md index 97945aa..97e6429 100644 --- a/examples/citrix-ingress-controller/README.md +++ b/examples/citrix-ingress-controller/README.md @@ -125,7 +125,7 @@ The following table lists the mandatory and optional parameters that you can con | license.accept | Mandatory | no | Set `yes` to accept the NSIC end user license agreement. | | imageRegistry | Mandatory | `quay.io` | The NetScaler ingress controller image registry | | imageRepository | Mandatory | `citrix/citrix-k8s-ingress-controller` | The NetScaler ingress controller image repository | -| imageTag | Mandatory | `1.42.12` | The NetScaler ingress controller image tag | +| imageTag | Mandatory | `1.43.7` | The NetScaler ingress controller image tag | | pullPolicy | Mandatory | IfNotPresent | The NSIC image pull policy. | | imagePullSecrets | Optional | N/A | Provide list of Kubernetes secrets to be used for pulling the images from a private Docker registry or repository. For more information on how to create this secret please see [Pull an Image from a Private Registry](https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/). | | nameOverride | Optional | N/A | String to partially override deployment fullname template with a string (will prepend the release name) | @@ -208,6 +208,12 @@ The following table lists the mandatory and optional parameters that you can con | nsLbHashAlgo.hashAlgorithm | Optional | 'default' | Specifies the supported algorithm. Supported algorithms are "default", "jarh", "prac", Default value is 'default' | | extraVolumeMounts | Optional | [] | Specify the Additional VolumeMounts to be mounted in NSIC container | | extraVolumes | Optional | [] | Specify the Additional Volumes for additional volumeMounts | +| nodeLabels | Optional | "" | If there are pods on nodes in the nodes with this nodeLabels, NSIC will configure NetScaler to advertises the VIP using BGP | +| bgpAdvertisement | Optional | False | To advertise VIP using BGP from NetScaler | +| enableReadinessProbe | Optional | True | Enable readinessProbe settings Citrix Ingress Controller | +| enableLivenessProbe| Optional | True | Enable livenessPorbe settings for Citrix Ingress Controller | +| readinessProbe | Optional | N/A | Set readinessProbe settings Citrix Ingress Controller | +| livenessProbe| Optional | N/A | Set livenessPorbe settings for Citrix Ingress Controller | > **Tip:** diff --git a/examples/citrix-ingress-controller/templates/citrix-k8s-ingress.yaml b/examples/citrix-ingress-controller/templates/citrix-k8s-ingress.yaml index d3ec191..3fccf70 100644 --- a/examples/citrix-ingress-controller/templates/citrix-k8s-ingress.yaml +++ b/examples/citrix-ingress-controller/templates/citrix-k8s-ingress.yaml @@ -1,33 +1,17 @@ -{{- if .Values.openshift }} -apiVersion: apps.openshift.io/v1 -kind: DeploymentConfig -{{- else }} apiVersion: apps/v1 kind: Deployment -{{- end }} metadata: name: {{ include "citrix-ingress-controller.fullname" . }} namespace: {{ .Release.Namespace }} spec: selector: + matchLabels: {{- if .Values.openshift }} - router: {{ include "citrix-ingress-controller.fullname" . }} + router: {{ include "netscaler-ingress-controller.fullname" . }} {{- else }} - matchLabels: - app: {{ include "citrix-ingress-controller.fullname" . }} + app: {{ include "netscaler-ingress-controller.fullname" . }} {{- end }} replicas: 1 -{{- if .Values.openshift }} - strategy: - resources: {} - rollingParams: - intervalSeconds: 1 - maxSurge: 0 - maxUnavailable: 25% - timeoutSeconds: 600 - updatePeriodSeconds: 1 - type: Rolling -{{- end }} template: metadata: name: cic @@ -47,6 +31,14 @@ spec: - name: cic image: "{{ tpl .Values.image . }}" imagePullPolicy: {{ .Values.pullPolicy }} +{{- if .Values.enableReadinessProbe }} + readinessProbe: + {{- toYaml .Values.readinessProbe | nindent 10 }} +{{- end }} +{{- if .Values.enableLivenessProbe }} + livenessProbe: + {{- toYaml .Values.livenessProbe | nindent 10 }} +{{- end }} args: - --configmap {{ .Release.Namespace }}/{{ include "cicconfigmap.fullname" . }} @@ -100,6 +92,10 @@ spec: {{- if .Values.nitroReadTimeout }} - name: "NS_NITRO_READ_TIMEOUT" value: "{{ .Values.nitroReadTimeout }}" +{{- end }} +{{- if .Values.enableLivenessProbe}} + - name: "LIVENESS_FILE_PATH" + value: '/tmp/liveness_path.log' {{- end }} - name: "NS_USER" {{- if and .Values.secretStore.enabled .Values.secretStore.username}} @@ -159,6 +155,12 @@ spec: - name: "OPTIMIZE_ENDPOINT_BINDING" value: "{{ .Values.optimizeEndpointBinding }}" {{- end }} +{{- if .Values.nodeLabels }} + - name: "NODE_LABELS" + value: "{{ .Values.nodeLabels }}" +{{- end }} + - name: "BGP_ADVERTISEMENT" + value: {{ .Values.bgpAdvertisement | quote }} resources: {{- toYaml .Values.resources | nindent 12 }} {{- if ne (len .Values.extraVolumeMounts) 0 }} diff --git a/examples/citrix-ingress-controller/values.yaml b/examples/citrix-ingress-controller/values.yaml index 6b6acaf..8830597 100644 --- a/examples/citrix-ingress-controller/values.yaml +++ b/examples/citrix-ingress-controller/values.yaml @@ -5,7 +5,7 @@ # NetScaler Ingress Controller config details imageRegistry: quay.io imageRepository: citrix/citrix-k8s-ingress-controller -imageTag: 1.42.12 +imageTag: 1.43.7 image: "{{ .Values.imageRegistry }}/{{ .Values.imageRepository }}:{{ .Values.imageTag }}" pullPolicy: IfNotPresent imagePullSecrets: [] @@ -179,6 +179,32 @@ resources: affinity: {} +bgpAdvertisement: False +nodeLabels: "" + +enableReadinessProbe: True +readinessProbe: + exec: + command: + - cat + - /tmp/readiness + initialDelaySeconds: 10 + periodSeconds: 60 + failureThreshold: 3 + successThreshold: 1 + +enableLivenessProbe: True +livenessProbe: + exec: + command: + - /bin/sh + - -c + - | + FILE_PATH="$LIVENESS_FILE_PATH" + [ -f "$FILE_PATH" ] && [ $(( $(date +%s) - $(stat -c %Y "$FILE_PATH") )) -lt 60 ] && exit 0 || exit 1 + initialDelaySeconds: 30 + periodSeconds: 60 + extraVolumeMounts: [] # We usually recommend not to specify default resources and to leave this as a conscious # choice for the user. diff --git a/netscaler-cpx-with-ingress-controller/Chart.yaml b/netscaler-cpx-with-ingress-controller/Chart.yaml index 5612f59..d349ea9 100644 --- a/netscaler-cpx-with-ingress-controller/Chart.yaml +++ b/netscaler-cpx-with-ingress-controller/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: "1.42.12" +appVersion: "1.43.7" kubeVersion: ">=v1.16.0-0" description: A Helm chart for NetScaler CPX with NetScaler ingress Controller running as sidecar. name: netscaler-cpx-with-ingress-controller -version: 1.42.12 +version: 1.43.7 icon: https://raw.githubusercontent.com/netscaler/netscaler-helm-charts/gh-pages/netscaler.png home: https://www.netscaler.com sources: diff --git a/netscaler-cpx-with-ingress-controller/README.md b/netscaler-cpx-with-ingress-controller/README.md index 33ff680..eab6945 100644 --- a/netscaler-cpx-with-ingress-controller/README.md +++ b/netscaler-cpx-with-ingress-controller/README.md @@ -606,19 +606,22 @@ The following table lists the configurable parameters of the NetScaler CPX with | license.accept | Mandatory | no | Set `yes` to accept the NetScaler ingress controller end user license agreement. | | imageRegistry | Mandatory | `quay.io` | The NetScaler CPX image registry | | imageRepository | Mandatory | `netscaler/netscaler-cpx` | The NetScaler CPX image repository | -| imageTag | Mandatory | `14.1-17.101` | The NetScaler CPX image tag | +| imageTag | Mandatory | `14.1-25.109` | The NetScaler CPX image tag | | pullPolicy | Mandatory | IfNotPresent | The NetScaler CPX image pull policy. | | daemonSet | Optional | False | Set this to true if NetScaler CPX needs to be deployed as DaemonSet. | | hostName | Optional | N/A | This entity will be used to set Hostname of the CPX | | nsic.imageRegistry | Mandatory | `quay.io` | The NetScaler ingress controller image registry | | nsic.imageRepository | Mandatory | `netscaler/netscaler-k8s-ingress-controller` | The NetScaler ingress controller image repository | -| nsic.imageTag | Mandatory | `1.42.12` | The NetScaler ingress controller image tag | +| nsic.imageTag | Mandatory | `1.43.7` | The NetScaler ingress controller image tag | | nsic.pullPolicy | Mandatory | IfNotPresent | The NetScaler ingress controller image pull policy. | | nsic.required | Mandatory | true | NSIC to be run as sidecar with NetScaler CPX | +| nsic.enableLivenessProbe| Optional | True | Enable liveness probe settings for NetScaler Ingress Controller | +| nsic.enableReadinessProbe| Optional | True | Enable Readineess probe settings for NetScaler Ingress Controller | +| nsic.livenessProbe | Optional | N/A | Set livenessProbe settings for NSIC | +| nsic.readinessProbe | Optional | N/A | Set readinessProbe settings| | nsic.resources | Optional | {} | CPU/Memory resource requests/limits for NetScaler Ingress Controller container | | nsic.rbacRole | Optional | false | To deploy NSIC with RBAC Role set rbacRole=true; by default NSIC gets installed with RBAC ClusterRole(rbacRole=false)) | -| nsic.prometheusCredentialSecret | Optional | N/A | The secret key required to create read only user for nat -ive export of metrics using Prometheus. | +| nsic.prometheusCredentialSecret | Optional | N/A | The secret key required to create read only user for native export of metrics using Prometheus. | | imagePullSecrets | Optional | N/A | Provide list of Kubernetes secrets to be used for pulling the images from a private Docker registry or repository. For more information on how to create this secret please see [Pull an Image from a Private Registry](https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/). | | nameOverride | Optional | N/A | String to partially override deployment fullname template with a string (will prepend the release name) | | fullNameOverride | Optional | N/A | String to fully override deployment fullname template with a string | @@ -710,6 +713,10 @@ ive export of metrics using Prometheus. | | nsLbHashAlgo.hashAlgorithm | Optional | 'default' | Specifies the supported algorithm. Supported algorithms are "default", "jarh", "prac", Default value is 'default' | | cpxCommands| Optional | N/A | This argument accepts user-provided NetScaler bootup config that is applied as soon as the CPX is instantiated. Please note that this is not a dynamic config, and any subsequent changes to the configmap don't reflect in the CPX config unless the pod is restarted. For more info, please refer the [documentation](https://docs.netscaler.com/en-us/citrix-adc-cpx/current-release/configure-cpx-kubernetes-using-configmaps.html). | | cpxShellCommands| Optional | N/A | This argument accepts user-provided bootup config that is applied as soon as the CPX is instantiated. Please note that this is not a dynamic config, and any subsequent changes to the configmap don't reflect in the CPX config unless the pod is restarted. For more info, please refer the [documentation](https://docs.netscaler.com/en-us/citrix-adc-cpx/current-release/configure-cpx-kubernetes-using-configmaps.html). | +| enableStartupProbe | Optional | True | Enable startupProbe settings for CPX | +| enableLivenessProbe | Optional | True | Enable livenessProbe settings for CPX | +| startupProbe | Optional | N/A | Set startupProbe settings for CPX | +| livenessProbe | Optional | N/A | Set livenessProbe settings for CPX | > **Note:** > diff --git a/netscaler-cpx-with-ingress-controller/templates/deployment.yaml b/netscaler-cpx-with-ingress-controller/templates/deployment.yaml index 0330001..ac7e7ab 100644 --- a/netscaler-cpx-with-ingress-controller/templates/deployment.yaml +++ b/netscaler-cpx-with-ingress-controller/templates/deployment.yaml @@ -140,12 +140,24 @@ spec: name: cpx-volume-conf - mountPath: /cpx/bootup_conf name: bootupconfig-volume +{{- if .Values.enableStartupProbe }} + startupProbe: + {{- toYaml .Values.startupProbe | nindent 12 }} +{{- end }} +{{- if .Values.enableLivenessProbe }} + livenessProbe: + {{- toYaml .Values.livenessProbe | nindent 12 }} +{{- end }} {{- if .Values.nsic.required }} # Add nsic as a sidecar - name: nsic image: "{{ tpl .Values.nsic.image . }}" imagePullPolicy: {{ .Values.nsic.pullPolicy }} env: +{{- if .Values.nsic.enableLivenessProbe }} + - name: "LIVENESS_FILE_PATH" + value: '/tmp/liveness_path.log' +{{- end }} {{- if .Values.analyticsConfig.timeseries.metrics.enableNativeScrape }} - name: "PROM_USER" valueFrom: @@ -297,6 +309,14 @@ spec: volumeMounts: - mountPath: /var/deviceinfo name: shared-data +{{- if .Values.nsic.enableReadinessProbe }} + readinessProbe: + {{- toYaml .Values.nsic.readinessProbe | nindent 12 }} +{{- end }} +{{- if .Values.nsic.enableLivenessProbe }} + livenessProbe: + {{- toYaml .Values.nsic.livenessProbe | nindent 12 }} +{{- end }} resources: {{- toYaml .Values.nsic.resources | nindent 12 }} {{- end }} diff --git a/netscaler-cpx-with-ingress-controller/values.yaml b/netscaler-cpx-with-ingress-controller/values.yaml index 0de2ab6..ffba865 100644 --- a/netscaler-cpx-with-ingress-controller/values.yaml +++ b/netscaler-cpx-with-ingress-controller/values.yaml @@ -5,7 +5,7 @@ # NetScaler CPX config details imageRegistry: quay.io imageRepository: netscaler/netscaler-cpx -imageTag: 14.1-17.101 +imageTag: 14.1-25.109 image: "{{ .Values.imageRegistry }}/{{ .Values.imageRepository }}:{{ .Values.imageTag }}" pullPolicy: IfNotPresent imagePullSecrets: [] @@ -84,7 +84,7 @@ servicePorts: [] nsic: imageRegistry: quay.io imageRepository: netscaler/netscaler-k8s-ingress-controller - imageTag: 1.42.12 + imageTag: 1.43.7 image: "{{ .Values.nsic.imageRegistry }}/{{ .Values.nsic.imageRepository }}:{{ .Values.nsic.imageTag }}" pullPolicy: IfNotPresent required: true @@ -104,6 +104,28 @@ nsic: # cpu: 1000m # memory: 1000Mi prometheusCredentialSecret: "" # K8s Secret Name for read only user creation for native Prometheus support + enableLivenessProbe: True + livenessProbe: + exec: + command: + - /bin/sh + - -c + - | + FILE_PATH="$LIVENESS_FILE_PATH" + [ -f "$FILE_PATH" ] && [ $(( $(date +%s) - $(stat -c %Y "$FILE_PATH") )) -lt 60 ] && exit 0 || exit 1 + initialDelaySeconds: 30 + periodSeconds: 60 + + enableReadinessProbe: True + readinessProbe: + exec: + command: + - cat + - /tmp/readiness + initialDelaySeconds: 50 + periodSeconds: 60 + failureThreshold: 3 + successThreshold: 1 entityPrefix: "" license: @@ -245,6 +267,30 @@ resources: affinity: {} +enableStartupProbe: True +startupProbe: + initialDelaySeconds: 30 + periodSeconds: 5 + failureThreshold: 20 + successThreshold: 1 + exec: + command: + - /bin/ping + - -c 1 + - 192.0.0.1 + +enableLivenessProbe: True +livenessProbe: + exec: + command: + - ls + - /tmp/cpx_started + periodSeconds: 5 + failureThreshold: 3 + successThreshold: 1 + + + # cpxCommands: to provide global config to be applied in CPX. The commands will be executed in order. For e.g. # add rewrite action rw_act_x_forwarded_proto insert_http_header X-Forwarded-Proto "\"https\"" # add rewrite policy rw_pol_x_forwarded_proto CLIENT.SSL.IS_SSL rw_act_x_forwarded_proto diff --git a/netscaler-gslb-controller/Chart.yaml b/netscaler-gslb-controller/Chart.yaml index 6644110..76e2f40 100644 --- a/netscaler-gslb-controller/Chart.yaml +++ b/netscaler-gslb-controller/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v1 -appVersion: "1.42.12" +appVersion: "1.43.7" description: A Helm chart for NetScaler GSLB Controller configuring MPX/VPX. name: netscaler-gslb-controller -version: 1.42.12 +version: 1.43.7 icon: https://raw.githubusercontent.com/netscaler/netscaler-helm-charts/gh-pages/netscaler.png home: https://www.cloud.com maintainers: diff --git a/netscaler-gslb-controller/README.md b/netscaler-gslb-controller/README.md index 5c41f8d..6e9c7d7 100644 --- a/netscaler-gslb-controller/README.md +++ b/netscaler-gslb-controller/README.md @@ -198,7 +198,7 @@ The following table lists the mandatory and optional parameters that you can con | license.accept | Mandatory | no | Set `yes` to accept the NSIC end user license agreement. | | imageRegistry | Optional | `quay.io` | The NetScaler ingress controller image registry | | imageRepository | Optional | `netscaler/netscaler-k8s-ingress-controller` | The NetScaler ingress controller image repository | -| imageTag | Optional | `1.42.12` | The NetScaler ingress controller image tag | +| imageTag | Optional | `1.43.7` | The NetScaler ingress controller image tag | | pullPolicy | Optional | Always | The NSIC image pull policy. | | imagePullSecrets | Optional | N/A | Provide list of Kubernetes secrets to be used for pulling the images from a private Docker registry or repository. For more information on how to create this secret please see [Pull an Image from a Private Registry](https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/). | | nsIP | Optional | N/A | The IP address of the NetScaler device. For details, see [Prerequisites](#prerequistes). | diff --git a/netscaler-gslb-controller/templates/deployment.yaml b/netscaler-gslb-controller/templates/deployment.yaml index 1fbc750..15ec108 100644 --- a/netscaler-gslb-controller/templates/deployment.yaml +++ b/netscaler-gslb-controller/templates/deployment.yaml @@ -1,33 +1,17 @@ -{{- if .Values.openshift }} -apiVersion: apps.openshift.io/v1 -kind: DeploymentConfig -{{- else }} apiVersion: apps/v1 kind: Deployment -{{- end}} metadata: name: {{ include "netscaler-gslb-controller.fullname" . }} namespace: {{ .Release.Namespace }} spec: selector: + matchLabels: {{- if .Values.openshift }} - router: {{ include "netscaler-gslb-controller.fullname" . }} + router: {{ include "netscaler-gslb-controller.fullname" . }} {{- else }} - matchLabels: app: {{ include "netscaler-gslb-controller.fullname" . }} {{- end }} replicas: 1 -{{- if .Values.openshift }} - strategy: - resources: {} - rollingParams: - intervalSeconds: 1 - maxSurge: 0 - maxUnavailable: 25% - timeoutSeconds: 600 - updatePeriodSeconds: 1 - type: Rolling -{{- end}} template: metadata: name: {{ include "netscaler-gslb-controller.name" . }} diff --git a/netscaler-gslb-controller/values.yaml b/netscaler-gslb-controller/values.yaml index e88feb2..e38e66e 100644 --- a/netscaler-gslb-controller/values.yaml +++ b/netscaler-gslb-controller/values.yaml @@ -5,7 +5,7 @@ # image contains information needed to fetch NSIC image imageRegistry: quay.io imageRepository: netscaler/netscaler-k8s-ingress-controller -imageTag: 1.42.12 +imageTag: 1.43.7 image: "{{ .Values.imageRegistry }}/{{ .Values.imageRepository }}:{{ .Values.imageTag }}" pullPolicy: IfNotPresent imagePullSecrets: [] diff --git a/netscaler-ingress-controller/Chart.yaml b/netscaler-ingress-controller/Chart.yaml index 3501b1d..b371ca6 100644 --- a/netscaler-ingress-controller/Chart.yaml +++ b/netscaler-ingress-controller/Chart.yaml @@ -1,9 +1,9 @@ apiVersion: v2 -appVersion: "1.42.12" +appVersion: "1.43.7" kubeVersion: ">=v1.16.0-0" description: A Helm chart for NetScaler Ingress Controller configuring MPX/VPX. name: netscaler-ingress-controller -version: 1.42.12 +version: 1.43.7 icon: https://raw.githubusercontent.com/netscaler/netscaler-helm-charts/gh-pages/netscaler.png home: https://www.netscaler.com sources: diff --git a/netscaler-ingress-controller/README.md b/netscaler-ingress-controller/README.md index 62b483d..7abe5ac 100644 --- a/netscaler-ingress-controller/README.md +++ b/netscaler-ingress-controller/README.md @@ -342,7 +342,7 @@ The following table lists the mandatory and optional parameters that you can con | license.accept | Mandatory | no | Set `yes` to accept the NSIC end user license agreement. | | imageRegistry | Mandatory | `quay.io` | The NetScaler ingress controller image registry | | imageRepository | Mandatory | `netscaler/netscaler-k8s-ingress-controller` | The NetScaler ingress controller image repository | -| imageTag | Mandatory | `1.42.12` | The NetScaler ingress controller image tag | +| imageTag | Mandatory | `1.43.7` | The NetScaler ingress controller image tag | | pullPolicy | Mandatory | IfNotPresent | The NSIC image pull policy. | | imagePullSecrets | Optional | N/A | Provide list of Kubernetes secrets to be used for pulling the images from a private Docker registry or repository. For more information on how to create this secret please see [Pull an Image from a Private Registry](https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/). | | nameOverride | Optional | N/A | String to partially override deployment fullname template with a string (will prepend the release name) | @@ -425,6 +425,13 @@ The following table lists the mandatory and optional parameters that you can con | extraVolumeMounts | Optional | [] | Specify the Additional VolumeMounts to be mounted in NSIC container | | extraVolumes | Optional | [] | Specify the Additional Volumes for additional volumeMounts | | rbacRole | Optional | false | To deploy NSIC with RBAC Role set rbacRole=true; by default NSIC gets installed with RBAC ClusterRole(rbacRole=false)) | +| nodeLabels | Optional | "" | If there are pods on nodes in the nodes with this nodeLabels, NSIC will configure NetScaler to advertises the VIP using BGP | +| bgpAdvertisement | Optional | False | To advertise VIP using BGP from NetScaler | +| enableLivenessProbe | Optional | True | Enable LivenessProbes settings for NetScaler Ingress Controller | +| enableReadinessProbe | Optional | True | Enable LivenessProbes settings for NetScaler Ingress Controller | +| readinessProbe | Optional | N/A | Set readinessProbe settings NetScaler Ingress Controller | +| livenessProbe| Optional | N/A | Set livenessPorbe settings for NetScaler Ingress Controller | + Alternatively, you can define a YAML file with the values for the parameters and pass the values while installing the chart. diff --git a/netscaler-ingress-controller/templates/deployment.yaml b/netscaler-ingress-controller/templates/deployment.yaml index f06fa9a..544722a 100644 --- a/netscaler-ingress-controller/templates/deployment.yaml +++ b/netscaler-ingress-controller/templates/deployment.yaml @@ -1,33 +1,17 @@ -{{- if .Values.openshift }} -apiVersion: apps.openshift.io/v1 -kind: DeploymentConfig -{{- else }} apiVersion: apps/v1 kind: Deployment -{{- end }} metadata: name: {{ include "netscaler-ingress-controller.fullname" . }} namespace: {{ .Release.Namespace }} spec: selector: + matchLabels: {{- if .Values.openshift }} - router: {{ include "netscaler-ingress-controller.fullname" . }} + router: {{ include "netscaler-ingress-controller.fullname" . }} {{- else }} - matchLabels: app: {{ include "netscaler-ingress-controller.fullname" . }} {{- end }} replicas: 1 -{{- if .Values.openshift }} - strategy: - resources: {} - rollingParams: - intervalSeconds: 1 - maxSurge: 0 - maxUnavailable: 25% - timeoutSeconds: 600 - updatePeriodSeconds: 1 - type: Rolling -{{- end }} template: metadata: name: nsic @@ -47,6 +31,14 @@ spec: - name: nsic image: "{{ tpl .Values.image . }}" imagePullPolicy: {{ .Values.pullPolicy }} +{{- if .Values.enableReadinessProbe }} + readinessProbe: + {{- toYaml .Values.readinessProbe | nindent 10 }} +{{- end }} +{{- if .Values.enableLivenessProbe }} + livenessProbe: + {{- toYaml .Values.livenessProbe | nindent 10 }} +{{- end }} args: - --configmap {{ .Release.Namespace }}/{{ include "nsicconfigmap.fullname" . }} @@ -100,6 +92,10 @@ spec: {{- if .Values.nitroReadTimeout }} - name: "NS_NITRO_READ_TIMEOUT" value: "{{ .Values.nitroReadTimeout }}" +{{- end }} +{{- if .Values.enableLivenessProbe}} + - name: "LIVENESS_FILE_PATH" + value: '/tmp/liveness_path.log' {{- end }} - name: "NS_USER" {{- if and .Values.secretStore.enabled .Values.secretStore.username}} @@ -159,6 +155,12 @@ spec: - name: "OPTIMIZE_ENDPOINT_BINDING" value: "{{ .Values.optimizeEndpointBinding }}" {{- end }} +{{- if .Values.nodeLabels }} + - name: "NODE_LABELS" + value: "{{ .Values.nodeLabels }}" +{{- end }} + - name: "BGP_ADVERTISEMENT" + value: {{ .Values.bgpAdvertisement | quote }} resources: {{- toYaml .Values.resources | nindent 12 }} {{- if ne (len .Values.extraVolumeMounts) 0 }} @@ -195,8 +197,6 @@ spec: volumeMounts: {{- toYaml .Values.exporter.extraVolumeMounts | nindent 8 }} {{- end }} - securityContext: - readOnlyRootFilesystem: true resources: {{- toYaml .Values.exporter.resources | nindent 12 }} {{- end }} diff --git a/netscaler-ingress-controller/values.yaml b/netscaler-ingress-controller/values.yaml index 54329c2..8389618 100644 --- a/netscaler-ingress-controller/values.yaml +++ b/netscaler-ingress-controller/values.yaml @@ -5,7 +5,7 @@ # NetScaler Ingress Controller config details imageRegistry: quay.io imageRepository: netscaler/netscaler-k8s-ingress-controller -imageTag: 1.42.12 +imageTag: 1.43.7 image: "{{ .Values.imageRegistry }}/{{ .Values.imageRepository }}:{{ .Values.imageTag }}" pullPolicy: IfNotPresent imagePullSecrets: [] @@ -180,6 +180,31 @@ resources: affinity: {} +bgpAdvertisement: False +nodeLabels: "" +enableReadinessProbe: True +readinessProbe: + exec: + command: + - cat + - /tmp/readiness + initialDelaySeconds: 10 + periodSeconds: 60 + failureThreshold: 3 + successThreshold: 1 + +enableLivenessProbe: True +livenessProbe: + exec: + command: + - /bin/sh + - -c + - | + FILE_PATH="$LIVENESS_FILE_PATH" + [ -f "$FILE_PATH" ] && [ $(( $(date +%s) - $(stat -c %Y "$FILE_PATH") )) -lt 60 ] && exit 0 || exit 1 + initialDelaySeconds: 30 + periodSeconds: 60 + extraVolumeMounts: [] # We usually recommend not to specify default resources and to leave this as a conscious # choice for the user.