demos/api7-demo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update Helm values with correct API7 cluster configuration

Browse Source 
- Updated API7 gateway admin URL to use actual DP Manager service
- Changed hosts to api7-demo.commandware.it (matching wildcard ingress)
- Updated cert-manager issuer to cloudflare-acme-prod (existing in cluster)
- Added gatewayService reference to actual gateway service name
- Configured development values with API7 disabled for local testing
- Enhanced production values with proper domains and security settings
- Added support for multiple production domains
- Configured proper rate limits and auth for production
This commit is contained in:
d.viti
2025-10-03 02:21:33 +02:00
parent e9528217f8
commit cf2b786738
3 changed files with 79 additions and 27 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
helm/api7ee/values-dev.yaml
View File

@@ -62,3 +62,19 @@ securityContext:
readOnlyRootFilesystem: false readOnlyRootFilesystem: false
runAsNonRoot: false runAsNonRoot: false
runAsUser: 0 runAsUser: 0
# API7 configuration for development
api7:
enabled: false # Disable API7 ADC in dev to simplify local testing
gateway:
adminUrl: http://api7ee3-0-1759339083-dp-manager.api7ee.svc.cluster.local:7900
adminKey: "dev-admin-key" # Use different key for dev
hosts:
- api7-demo-dev.commandware.it
tls:
enabled: false # No TLS in dev
plugins:
rateLimit:
enabled: false # No rate limiting in dev
auth:
enabled: false # No auth in dev for easier testing

33
helm/api7ee/values-production.yaml
View File

@@ -70,3 +70,36 @@ metrics:
networkPolicy: networkPolicy:
enabled: true enabled: true
# API7 configuration for production
api7:
enabled: true
gateway:
adminUrl: http://api7ee3-0-1759339083-dp-manager.api7ee.svc.cluster.local:7900
adminKey: "${API7_ADMIN_KEY}" # Should be provided via secret in production
gatewayService: gateway-0-1759393614-gateway
hosts:
- api7-demo.commandware.it
- api7-demo.commandware.com # Additional production domain
tls:
enabled: true
certManager:
enabled: true
issuer: cloudflare-acme-prod
plugins:
rateLimit:
enabled: true
count: 1000 # Higher limits for production
timeWindow: 60
apiCount: 10000 # Much higher for API endpoints
cors:
enabled: true
allowOrigins: ["https://api7-demo.commandware.it", "https://api7-demo.commandware.com"]
allowCredentials: true
auth:
enabled: true # Enable auth in production
prometheus:
enabled: true
logging:
enabled: true
endpoint: http://logging-service.monitoring:8080/logs

21
helm/api7ee/values.yaml
View File

@@ -15,7 +15,7 @@ web:
image: image:
registry: gitea.server_url # Will be replaced with actual Gitea URL registry: gitea.server_url # Will be replaced with actual Gitea URL
repository: api7ee/web repository: demos/api7-demo/web
pullPolicy: IfNotPresent pullPolicy: IfNotPresent
tag: "main" # Override with specific version tag: "main" # Override with specific version
@@ -69,7 +69,7 @@ api:
image: image:
registry: gitea.server_url # Will be replaced with actual Gitea URL registry: gitea.server_url # Will be replaced with actual Gitea URL
repository: api7ee/api repository: demos/api7-demo/api
pullPolicy: IfNotPresent pullPolicy: IfNotPresent
tag: "main" # Override with specific version tag: "main" # Override with specific version
@@ -124,10 +124,10 @@ ingress:
className: "nginx" className: "nginx"
annotations: annotations:
nginx.ingress.kubernetes.io/rewrite-target: / nginx.ingress.kubernetes.io/rewrite-target: /
cert-manager.io/cluster-issuer: "letsencrypt-prod" cert-manager.io/cluster-issuer: "cloudflare-acme-prod"
hosts: hosts:
- host: demo.commandware.it - host: api7-demo.commandware.it
paths: paths:
- path: / - path: /
pathType: Prefix pathType: Prefix
@@ -139,7 +139,7 @@ ingress:
tls: tls:
- secretName: api7ee-tls - secretName: api7ee-tls
hosts: hosts:
- demo.commandware.it - api7-demo.commandware.it
# ServiceAccount configuration # ServiceAccount configuration
serviceAccount: serviceAccount:
@@ -209,9 +209,12 @@ api7:
# API7 Gateway connection # API7 Gateway connection
gateway: gateway:
adminUrl: http://api7-gateway.api7ee.svc.cluster.local:9180 # Use the actual DP Manager service for admin API
adminUrl: http://api7ee3-0-1759339083-dp-manager.api7ee.svc.cluster.local:7900
adminKey: "edd1c9f034335f136f87ad84b625c8f1" # Change this! adminKey: "edd1c9f034335f136f87ad84b625c8f1" # Change this!
group: default group: default
# Gateway service for traffic routing
gatewayService: gateway-0-1759393614-gateway
# Backend type (api7ee or apisix) # Backend type (api7ee or apisix)
backend: api7ee backend: api7ee
@@ -219,9 +222,9 @@ api7:
# Auto-publish routes after sync # Auto-publish routes after sync
autoPublish: true autoPublish: true
# Hosts for routing # Hosts for routing (using wildcard domain from existing ingress)
hosts: hosts:
- demo.commandware.it - api7-demo.commandware.it
# TLS/SSL Configuration # TLS/SSL Configuration
tls: tls:
@@ -229,7 +232,7 @@ api7:
# Option 1: Use cert-manager # Option 1: Use cert-manager
certManager: certManager:
enabled: true enabled: true
issuer: letsencrypt-prod # ClusterIssuer name issuer: cloudflare-acme-prod # ClusterIssuer name
issuerKind: ClusterIssuer # or Issuer issuerKind: ClusterIssuer # or Issuer
# Option 2: Use existing secret # Option 2: Use existing secret
secretName: "" # Name of existing TLS secret secretName: "" # Name of existing TLS secret