demos/api7-demo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
fd832e9b420bc54d624ea9dbf30fd89a0e7fd114
api7-demo/helm/api7ee/values.yaml
d.viti fd832e9b42 Add API7 ADC integration to Helm chart for automatic gateway configuration 
- Added ADC (API7 Declarative CLI) post-install job for automatic gateway setup
- Created ConfigMap with complete API7 routing and service configuration
- Integrated cert-manager for automatic TLS certificate management
- Added support for Kubernetes service discovery
- Implemented auto-publish feature for routes after deployment
- Added comprehensive API7 plugin configurations (rate limiting, CORS, auth)
- Created RBAC resources for ADC job to access cluster resources
- Secured admin credentials using Kubernetes secrets
- Updated values.yaml with extensive API7 configuration options
- Enhanced documentation with API7 setup and troubleshooting guides
2025-10-03 02:04:35 +02:00

285 lines
5.6 KiB
YAML
Raw Blame History

# Default values for api7ee.
# This is a YAML-formatted file.
# Declare variables to be passed into your templates.
global:
# Global image registry to use for all images
imageRegistry: ""
# Image pull secrets for all images
imagePullSecrets: []
# Configuration for the Web component
web:
enabled: true
replicaCount: 2
image:
registry: gitea.server_url # Will be replaced with actual Gitea URL
repository: api7ee/web
pullPolicy: IfNotPresent
tag: "main" # Override with specific version
service:
type: ClusterIP
port: 8000
targetPort: 8000
annotations: {}
resources:
limits:
cpu: 500m
memory: 512Mi
requests:
cpu: 250m
memory: 256Mi
autoscaling:
enabled: false
minReplicas: 2
maxReplicas: 10
targetCPUUtilizationPercentage: 80
targetMemoryUtilizationPercentage: 80
nodeSelector: {}
tolerations: []
affinity: {}
# Additional environment variables
env: []
# Liveness and readiness probes
livenessProbe:
httpGet:
path: /docs
port: http
initialDelaySeconds: 30
periodSeconds: 10
readinessProbe:
httpGet:
path: /docs
port: http
initialDelaySeconds: 10
periodSeconds: 5
# Configuration for the API component
api:
enabled: true
replicaCount: 3
image:
registry: gitea.server_url # Will be replaced with actual Gitea URL
repository: api7ee/api
pullPolicy: IfNotPresent
tag: "main" # Override with specific version
service:
type: ClusterIP
port: 8080
targetPort: 8080
annotations: {}
resources:
limits:
cpu: 1000m
memory: 1Gi
requests:
cpu: 500m
memory: 512Mi
autoscaling:
enabled: true
minReplicas: 3
maxReplicas: 20
targetCPUUtilizationPercentage: 70
targetMemoryUtilizationPercentage: 75
nodeSelector: {}
tolerations: []
affinity: {}
# Additional environment variables
env:
- name: LOG_LEVEL
value: "info"
# Liveness and readiness probes
livenessProbe:
httpGet:
path: /health
port: http
initialDelaySeconds: 30
periodSeconds: 10
readinessProbe:
httpGet:
path: /ready
port: http
initialDelaySeconds: 10
periodSeconds: 5
# Ingress configuration
ingress:
enabled: true
className: "nginx"
annotations:
nginx.ingress.kubernetes.io/rewrite-target: /
cert-manager.io/cluster-issuer: "letsencrypt-prod"
hosts:
- host: demo.commandware.it
paths:
- path: /
pathType: Prefix
service: web # Routes to web service
- path: /api
pathType: Prefix
service: api # Routes to API service
tls:
- secretName: api7ee-tls
hosts:
- demo.commandware.it
# ServiceAccount configuration
serviceAccount:
create: true
annotations: {}
name: ""
# Pod Security Context
podSecurityContext:
runAsNonRoot: true
runAsUser: 1000
fsGroup: 1000
# Security Context for containers
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
readOnlyRootFilesystem: true
runAsNonRoot: true
runAsUser: 1000
# Network Policies
networkPolicy:
enabled: false
policyTypes:
- Ingress
- Egress
ingress: []
egress: []
# Pod Disruption Budget
podDisruptionBudget:
enabled: true
minAvailable: 1
# maxUnavailable: 1
# Monitoring and metrics
metrics:
enabled: false
serviceMonitor:
enabled: false
interval: 30s
path: /metrics
labels: {}
# ConfigMap for shared configuration
configMap:
data: {}
# Secrets for sensitive data
secrets:
create: false
data: {}
# API7 Gateway Configuration
api7:
enabled: true # Enable API7 ADC configuration
# ADC Container settings
adc:
image: ghcr.io/api7/adc:latest
imagePullPolicy: IfNotPresent
verbose: true
tlsSkipVerify: false # Set to true for self-signed certificates
# API7 Gateway connection
gateway:
adminUrl: http://api7-gateway.api7ee.svc.cluster.local:9180
adminKey: "edd1c9f034335f136f87ad84b625c8f1" # Change this!
group: default
# Backend type (api7ee or apisix)
backend: api7ee
# Auto-publish routes after sync
autoPublish: true
# Hosts for routing
hosts:
- demo.commandware.it
# TLS/SSL Configuration
tls:
enabled: true
# Option 1: Use cert-manager
certManager:
enabled: true
issuer: letsencrypt-prod # ClusterIssuer name
issuerKind: ClusterIssuer # or Issuer
# Option 2: Use existing secret
secretName: "" # Name of existing TLS secret
# Option 3: Provide certificates directly (not recommended for production)
certificate: ""
key: ""
# Service Discovery
serviceDiscovery:
enabled: true # Use Kubernetes service discovery
namespace: "" # Leave empty to use release namespace
# API7 Plugins Configuration
plugins:
# Rate limiting
rateLimit:
enabled: true
count: 100
timeWindow: 60
apiCount: 1000 # Higher limit for API endpoints
# CORS configuration
cors:
enabled: true
allowOrigins: ["*"]
allowMethods: ["GET", "POST", "PUT", "DELETE", "OPTIONS", "HEAD", "PATCH"]
allowHeaders: ["*"]
exposeHeaders: ["*"]
maxAge: 3600
allowCredentials: false
# Authentication
auth:
enabled: false
header: X-API-Key
# Prometheus metrics
prometheus:
enabled: true
# Request logging
logging:
enabled: false
endpoint: http://logging-service:8080/logs
batchMaxSize: 1000
inactiveTimeout: 5
# API Consumers (for authentication)
consumers:
- username: demo-user
apiKey: demo-key-12345
- username: admin
apiKey: admin-key-67890
Reference in New Issue View Git Blame Copy Permalink