diff --git a/charts/nginx-ingress/README.md b/charts/nginx-ingress/README.md index 19c7961d22..0b42a54b7a 100644 --- a/charts/nginx-ingress/README.md +++ b/charts/nginx-ingress/README.md @@ -371,6 +371,7 @@ The following tables lists the configurable parameters of the NGINX Ingress Cont |`controller.initContainers` | InitContainers for the Ingress Controller pods. | [] | |`controller.extraContainers` | Extra (eg. sidecar) containers for the Ingress Controller pods. | [] | |`controller.resources` | The resources of the Ingress Controller pods. | requests: cpu=100m,memory=128Mi | +|`controller.initContainerResources` | The resources of the init container which is used when `controller.readOnlyRootFilesystem` is set to `true` | requests: cpu=100m,memory=128Mi | |`controller.replicaCount` | The number of replicas of the Ingress Controller deployment. | 1 | |`controller.ingressClass.name` | A class of the Ingress Controller. An IngressClass resource with the name equal to the class must be deployed. Otherwise, the Ingress Controller will fail to start. The Ingress Controller only processes resources that belong to its class - i.e. have the "ingressClassName" field resource equal to the class. The Ingress Controller processes all the VirtualServer/VirtualServerRoute/TransportServer resources that do not have the "ingressClassName" field for all versions of Kubernetes. | nginx | |`controller.ingressClass.create` | Creates a new IngressClass object with the name `controller.ingressClass.name`. Set to `false` to use an existing ingressClass created using `kubectl` with the same name. If you use `helm upgrade`, do not change the values from the previous release as helm will delete IngressClass objects managed by helm. If you are upgrading from a release earlier than 3.3.2, do not set the value to false. | true | diff --git a/charts/nginx-ingress/templates/controller-daemonset.yaml b/charts/nginx-ingress/templates/controller-daemonset.yaml index 22e10985aa..2d5acfe509 100644 --- a/charts/nginx-ingress/templates/controller-daemonset.yaml +++ b/charts/nginx-ingress/templates/controller-daemonset.yaml @@ -259,6 +259,10 @@ spec: image: {{ include "nginx-ingress.image" . }} imagePullPolicy: "{{ .Values.controller.image.pullPolicy }}" command: ['cp', '-vdR', '/etc/nginx/.', '/mnt/etc'] +{{- if .Values.controller.initContainerResources }} + resources: +{{ toYaml .Values.controller.initContainerResources | indent 10 }} +{{- end }} securityContext: allowPrivilegeEscalation: false readOnlyRootFilesystem: true diff --git a/charts/nginx-ingress/templates/controller-deployment.yaml b/charts/nginx-ingress/templates/controller-deployment.yaml index 2b4d7dd569..96532d8f54 100644 --- a/charts/nginx-ingress/templates/controller-deployment.yaml +++ b/charts/nginx-ingress/templates/controller-deployment.yaml @@ -266,6 +266,10 @@ spec: image: {{ include "nginx-ingress.image" . }} imagePullPolicy: "{{ .Values.controller.image.pullPolicy }}" command: ['cp', '-vdR', '/etc/nginx/.', '/mnt/etc'] +{{- if .Values.controller.initContainerResources }} + resources: +{{ toYaml .Values.controller.initContainerResources | indent 10 }} +{{- end }} securityContext: allowPrivilegeEscalation: false readOnlyRootFilesystem: true diff --git a/charts/nginx-ingress/values.schema.json b/charts/nginx-ingress/values.schema.json index 07f93660d2..9223ac148d 100644 --- a/charts/nginx-ingress/values.schema.json +++ b/charts/nginx-ingress/values.schema.json @@ -483,6 +483,12 @@ "title": "The resources Schema", "$ref": "https://raw.githubusercontent.com/nginxinc/kubernetes-json-schema/master/v1.27.4/_definitions.json#/definitions/io.k8s.api.core.v1.ResourceRequirements" }, + "initContainerResources": { + "type": "object", + "default": {}, + "title": "The resources Schema", + "$ref": "https://raw.githubusercontent.com/nginxinc/kubernetes-json-schema/master/v1.27.4/_definitions.json#/definitions/io.k8s.api.core.v1.ResourceRequirements" + }, "tolerations": { "type": "array", "default": [], @@ -1341,6 +1347,12 @@ "memory": "128Mi" } }, + "initContainerResources": { + "requests": { + "cpu": "100m", + "memory": "128Mi" + } + }, "tolerations": [], "affinity": {}, "topologySpreadConstraints": {}, @@ -1706,6 +1718,12 @@ "memory": "128Mi" } }, + "initContainerResources": { + "requests": { + "cpu": "100m", + "memory": "128Mi" + } + }, "tolerations": [], "affinity": {}, "topologySpreadConstraints": {}, diff --git a/charts/nginx-ingress/values.yaml b/charts/nginx-ingress/values.yaml index 97789b4cf0..d9e8d758fe 100644 --- a/charts/nginx-ingress/values.yaml +++ b/charts/nginx-ingress/values.yaml @@ -168,6 +168,15 @@ controller: # cpu: 1 # memory: 1Gi + ## The resources for the Ingress Controller init container which is used when readOnlyRootFilesystem is set to true. + initContainerResources: + requests: + cpu: 100m + memory: 128Mi + # limits: + # cpu: 1 + # memory: 1Gi + ## The tolerations of the Ingress Controller pods. tolerations: [] @@ -287,7 +296,6 @@ controller: # port: 5353 # protocol: TCP - ## Enable custom NGINX configuration snippets in Ingress, VirtualServer, VirtualServerRoute and TransportServer resources. enableSnippets: false @@ -490,7 +498,7 @@ prometheus: ## A list of endpoints allowed as part of this ServiceMonitor. ## Matches on the name of a Service port. endpoints: - - port: prometheus + - port: prometheus serviceInsight: ## Expose NGINX Plus Service Insight endpoint.