This is an automated email from the ASF dual-hosted git repository.
yzheng pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/polaris.git
The following commit(s) were added to refs/heads/main by this push:
new 2a47474c2 Added HttpRoute and Gateway to Helm Chart (#3314)
2a47474c2 is described below
commit 2a47474c218e1e2326ca3128f7b5d55d18267d38
Author: cccs-cat001 <[email protected]>
AuthorDate: Fri Jan 9 00:27:06 2026 -0400
Added HttpRoute and Gateway to Helm Chart (#3314)
* Added httproute and gateway
* added to readme
* updated helm site docs
* updated changelog
* Added tests
* fixed broken test
* fixed test part 2
* removed odd comment
* added check for httproute and gateway
* shuffled the gateway documentation
* better gateway instructions
* removed extra case in validateRouting
---
CHANGELOG.md | 1 +
helm/polaris/README.md | 23 +++
helm/polaris/README.md.gotmpl | 12 ++
helm/polaris/templates/_helpers.tpl | 12 ++
.../templates/{ingress.yaml => gateway.yaml} | 61 +++---
.../templates/{ingress.yaml => httproute.yaml} | 55 ++---
helm/polaris/templates/ingress.yaml | 1 +
helm/polaris/tests/gateway_test.yaml | 227 +++++++++++++++++++++
helm/polaris/tests/httproute_test.yaml | 189 +++++++++++++++++
helm/polaris/values.yaml | 42 ++++
site/content/in-dev/unreleased/helm.md | 23 +++
11 files changed, 579 insertions(+), 67 deletions(-)
diff --git a/CHANGELOG.md b/CHANGELOG.md
index c47d3697c..fd4c06d3f 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -61,6 +61,7 @@ request adding CHANGELOG notes for breaking (!) changes and
possibly other secti
- Added `topologySpreadConstraints` support in Helm chart.
- Added `priorityClassName` support in Helm chart.
- Added support for including principal name in subscoped credentials.
`INCLUDE_PRINCIPAL_NAME_IN_SUBSCOPED_CREDENTIAL` (default: false) can be used
to toggle this feature. If enabled, cached credentials issued to one principal
will no longer be available for others.
+- Added support for [Kubernetes Gateway API](https://gateway-api.sigs.k8s.io/)
to the Helm Chart.
### Changes
diff --git a/helm/polaris/README.md b/helm/polaris/README.md
index 7f20b936e..75868048b 100644
--- a/helm/polaris/README.md
+++ b/helm/polaris/README.md
@@ -189,6 +189,18 @@ export QUARKUS_DATASOURCE_JDBC_URL=$(echo
"$container_envs" | grep quarkus.datas
java -jar runtime/admin/build/quarkus-app/quarkus-run.jar bootstrap -c
POLARIS,root,pass -r POLARIS
```
+### Using the Gateway API (Advanced)
+
+You may want to use the [Kubernetes Gateway
API](https://gateway-api.sigs.k8s.io/) for more advanced network routing. In
most cases this would already be installed by your cluster admins. The
following is an example set of commands to run to install the gateway:
+```bash
+# ref:
https://gateway-api.sigs.k8s.io/guides/getting-started/#install-standard-channel
+kubectl apply -f
https://github.com/kubernetes-sigs/gateway-api/releases/latest/download/standard-install.yaml
+```
+
+With that installed, you can enable and configure the `gateway` values. This
will make it possible to use the HTTPRoute resource, enable and configure the
`httproute` values.
+[!NOTE]
+Only one of HTTPRoute or Ingress can be defined. Defining both will result in
errors.
+
### Uninstalling
```bash
@@ -299,6 +311,17 @@ ct install --namespace polaris --charts ./helm/polaris
| features.realmOverrides | object | `{}` | Features to enable or disable per
realm. This field is a map of maps. The realm name is the key, and the value is
a map of feature names to values. If a feature is not present in the map, the
default value from the 'defaults' field is used. |
| fileIo | object | `{"type":"default"}` | Polaris FileIO configuration. |
| fileIo.type | string | `"default"` | The type of file IO to use. Two
built-in types are supported: default and wasb. The wasb one translates WASB
paths to ABFS ones. |
+| gateway.addresses | list | `[]` | Optional addresses to request for the
Gateway. |
+| gateway.annotations | object | `{}` | Annotations to add to the Gateway. |
+| gateway.className | string | `""` | The name of the GatewayClass to use. |
+| gateway.enabled | bool | `false` | Specifies whether a Gateway should be
created. |
+| gateway.listeners | list | `[{"name":"http","port":80,"protocol":"HTTP"}]` |
Gateway listeners configuration. |
+| httproute.annotations | object | `{}` | Annotations to add to the HTTPRoute.
|
+| httproute.enabled | bool | `false` | Specifies whether an HTTPRoute should
be created. |
+| httproute.gatewayName | string | `""` | Name of the Gateway resource to
attach to. |
+| httproute.gatewayNamespace | string | `"default"` | Namespace where the
Gateway is deployed. |
+| httproute.hosts | list | `["chart-example.local"]` | A list of hostnames
that the HTTPRoute should match. |
+| httproute.sectionName | string | `""` | Section name within the gateway to
use (optional). |
| image.configDir | string | `"/deployments/config"` | The path to the
directory where the application.properties file, and other configuration files,
if any, should be mounted. |
| image.pullPolicy | string | `"IfNotPresent"` | The image pull policy. |
| image.repository | string | `"apache/polaris"` | The image repository to
pull from. |
diff --git a/helm/polaris/README.md.gotmpl b/helm/polaris/README.md.gotmpl
index 760801262..60a0b438c 100644
--- a/helm/polaris/README.md.gotmpl
+++ b/helm/polaris/README.md.gotmpl
@@ -192,6 +192,18 @@ export QUARKUS_DATASOURCE_JDBC_URL=$(echo
"$container_envs" | grep quarkus.datas
java -jar runtime/admin/build/quarkus-app/quarkus-run.jar bootstrap -c
POLARIS,root,pass -r POLARIS
```
+### Using the Gateway API (Advanced)
+
+You may want to use the [Kubernetes Gateway
API](https://gateway-api.sigs.k8s.io/) for more advanced network routing. In
most cases this would already be installed by your cluster admins. The
following is an example set of commands to run to install the gateway:
+```bash
+# ref:
https://gateway-api.sigs.k8s.io/guides/getting-started/#install-standard-channel
+kubectl apply -f
https://github.com/kubernetes-sigs/gateway-api/releases/latest/download/standard-install.yaml
+```
+
+With that installed, you can enable and configure the `gateway` values. This
will make it possible to use the HTTPRoute resource, enable and configure the
`httproute` values.
+[!NOTE]
+Only one of HTTPRoute or Ingress can be defined. Defining both will result in
errors.
+
### Uninstalling
```bash
diff --git a/helm/polaris/templates/_helpers.tpl
b/helm/polaris/templates/_helpers.tpl
index c979837c3..584158210 100644
--- a/helm/polaris/templates/_helpers.tpl
+++ b/helm/polaris/templates/_helpers.tpl
@@ -89,6 +89,18 @@ app.kubernetes.io/name: {{ include "polaris.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
{{- end }}
+{{/*
+Validate that only one of ingress or httproute is enabled
+*/}}
+{{- define "polaris.validateRouting" -}}
+{{- if and .Values.ingress.enabled .Values.httproute.enabled }}
+{{- fail "Cannot enable both ingress and httproute. Please enable only one." }}
+{{- end }}
+{{- if and (not .Values.httproute.enabled) .Values.gateway.enabled }}
+{{- fail "In order to use the gateway please enable the httproute and disable
the ingress."}}
+{{- end }}
+{{- end }}
+
{{/*
Create the name of the service account to use
*/}}
diff --git a/helm/polaris/templates/ingress.yaml
b/helm/polaris/templates/gateway.yaml
similarity index 52%
copy from helm/polaris/templates/ingress.yaml
copy to helm/polaris/templates/gateway.yaml
index f1909cc62..6ea65dd0a 100644
--- a/helm/polaris/templates/ingress.yaml
+++ b/helm/polaris/templates/gateway.yaml
@@ -17,47 +17,42 @@
under the License.
*/}}
-{{- if .Values.ingress.enabled }}
+{{- if .Values.gateway.enabled }}
{{- $fullName := include "polaris.fullname" . }}
-{{- $svcPort := get (first .Values.service.ports) "port" }}
-apiVersion: networking.k8s.io/v1
-kind: Ingress
+
+apiVersion: gateway.networking.k8s.io/v1
+kind: Gateway
metadata:
name: {{ $fullName }}
namespace: {{ .Release.Namespace }}
labels:
{{- include "polaris.labels" . | nindent 4 }}
- {{- if .Values.ingress.annotations }}
+ {{- with .Values.gateway.annotations }}
annotations:
- {{- tpl (toYaml .Values.ingress.annotations) . | nindent 4 }}
+ {{- toYaml . | nindent 4 }}
{{- end }}
spec:
- {{- if .Values.ingress.className }}
- ingressClassName: {{ .Values.ingress.className | quote }}
- {{- end }}
- {{- if .Values.ingress.tls }}
- tls:
- {{- range .Values.ingress.tls }}
- - hosts:
- {{- range .hosts }}
- - {{ . | quote }}
- {{- end }}
- secretName: {{ .secretName }}
+ gatewayClassName: {{ .Values.gateway.className }}
+ listeners:
+ {{- range .Values.gateway.listeners }}
+ - name: {{ .name }}
+ protocol: {{ .protocol }}
+ port: {{ .port }}
+ {{- if .hostname }}
+ hostname: {{ .hostname | quote }}
+ {{- end }}
+ {{- if .allowedRoutes }}
+ allowedRoutes:
+ {{- toYaml .allowedRoutes | nindent 8 }}
+ {{- end }}
+ {{- if and (eq .protocol "HTTPS") .tls }}
+ tls:
+ {{- toYaml .tls | nindent 8 }}
+ {{- end }}
{{- end }}
+ {{- with .Values.gateway.addresses }}
+ addresses:
+ {{- toYaml . | nindent 4 }}
{{- end }}
- rules:
- {{- range .Values.ingress.hosts }}
- - host: {{ .host | quote }}
- http:
- paths:
- {{- range .paths }}
- - path: {{ .path }}
- pathType: {{ .pathType }}
- backend:
- service:
- name: {{ $fullName }}
- port:
- number: {{ $svcPort }}
- {{- end }}
- {{- end }}
- {{- end }}
\ No newline at end of file
+
+{{- end }}
diff --git a/helm/polaris/templates/ingress.yaml
b/helm/polaris/templates/httproute.yaml
similarity index 51%
copy from helm/polaris/templates/ingress.yaml
copy to helm/polaris/templates/httproute.yaml
index f1909cc62..3d5677521 100644
--- a/helm/polaris/templates/ingress.yaml
+++ b/helm/polaris/templates/httproute.yaml
@@ -17,47 +17,34 @@
under the License.
*/}}
-{{- if .Values.ingress.enabled }}
+{{- include "polaris.validateRouting" . }}
+{{- if .Values.httproute.enabled }}
{{- $fullName := include "polaris.fullname" . }}
-{{- $svcPort := get (first .Values.service.ports) "port" }}
-apiVersion: networking.k8s.io/v1
-kind: Ingress
+
+apiVersion: gateway.networking.k8s.io/v1
+kind: HTTPRoute
metadata:
name: {{ $fullName }}
namespace: {{ .Release.Namespace }}
labels:
{{- include "polaris.labels" . | nindent 4 }}
- {{- if .Values.ingress.annotations }}
+ {{- with .Values.httproute.annotations }}
annotations:
- {{- tpl (toYaml .Values.ingress.annotations) . | nindent 4 }}
+ {{- toYaml . | nindent 4 }}
{{- end }}
spec:
- {{- if .Values.ingress.className }}
- ingressClassName: {{ .Values.ingress.className | quote }}
- {{- end }}
- {{- if .Values.ingress.tls }}
- tls:
- {{- range .Values.ingress.tls }}
- - hosts:
- {{- range .hosts }}
- - {{ . | quote }}
- {{- end }}
- secretName: {{ .secretName }}
- {{- end }}
- {{- end }}
+ hostnames: {{ .Values.httproute.hosts }}
+ parentRefs:
+ - name: {{ .Values.httproute.gatewayName}}
+ namespace: {{ .Values.httproute.gatewayNamespace }}
+ {{- if .Values.httproute.sectionName }}
+ sectionName: {{ .Values.httproute.sectionName }}
+ {{- end }}
rules:
- {{- range .Values.ingress.hosts }}
- - host: {{ .host | quote }}
- http:
- paths:
- {{- range .paths }}
- - path: {{ .path }}
- pathType: {{ .pathType }}
- backend:
- service:
- name: {{ $fullName }}
- port:
- number: {{ $svcPort }}
- {{- end }}
- {{- end }}
- {{- end }}
\ No newline at end of file
+ # We don't specify a matches block here, so the default is a prefix path
match on "/" (match every HTTP request)
+ # The backend (Service) to send matching requests to
+ - backendRefs:
+ - name: {{ $fullName }}
+ port: {{ get (first .Values.service.ports) "port" }}
+
+{{- end }}
diff --git a/helm/polaris/templates/ingress.yaml
b/helm/polaris/templates/ingress.yaml
index f1909cc62..193be2e48 100644
--- a/helm/polaris/templates/ingress.yaml
+++ b/helm/polaris/templates/ingress.yaml
@@ -17,6 +17,7 @@
under the License.
*/}}
+{{- include "polaris.validateRouting" . }}
{{- if .Values.ingress.enabled }}
{{- $fullName := include "polaris.fullname" . }}
{{- $svcPort := get (first .Values.service.ports) "port" }}
diff --git a/helm/polaris/tests/gateway_test.yaml
b/helm/polaris/tests/gateway_test.yaml
new file mode 100644
index 000000000..57cda06c0
--- /dev/null
+++ b/helm/polaris/tests/gateway_test.yaml
@@ -0,0 +1,227 @@
+#
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+#
+
+chart:
+ version: 1.2.3
+ appVersion: 4.5.6
+
+release:
+ name: polaris-release
+ namespace: polaris-ns
+
+templates:
+ - gateway.yaml
+
+tests:
+
+ # kind
+ - it: should not create gateway by default
+ asserts:
+ - containsDocument:
+ kind: Gateway
+ apiVersion: gateway.networking.k8s.io/v1
+ not: true
+ - it: should create gateway with enabled
+ set:
+ gateway.enabled: true
+ gateway.className: istio
+ asserts:
+ - containsDocument:
+ kind: Gateway
+ apiVersion: gateway.networking.k8s.io/v1
+
+ # metadata.name (with gateway enabled)
+ - it: should set gateway name
+ set:
+ gateway.enabled: true
+ gateway.className: istio
+ asserts:
+ - equal:
+ path: metadata.name
+ value: polaris-release
+ - it: should set gateway name with override
+ set:
+ gateway.enabled: true
+ gateway.className: istio
+ nameOverride: polaris-override
+ asserts:
+ - equal:
+ path: metadata.name
+ value: polaris-release-polaris-override
+ - it: should set gateway name with full override
+ set:
+ gateway.enabled: true
+ gateway.className: istio
+ fullnameOverride: polaris-override
+ asserts:
+ - equal:
+ path: metadata.name
+ value: polaris-override
+
+ # metadata.namespace (with gateway enabled)
+ - it: should set gateway namespace
+ set:
+ gateway.enabled: true
+ gateway.className: istio
+ asserts:
+ - equal:
+ path: metadata.namespace
+ value: polaris-ns
+
+ # metadata.labels (with gateway enabled)
+ - it: should set gateway default labels
+ set:
+ gateway.enabled: true
+ gateway.className: istio
+ asserts:
+ - isSubset:
+ path: metadata.labels
+ content:
+ app.kubernetes.io/name: polaris
+ app.kubernetes.io/instance: polaris-release
+ app.kubernetes.io/version: 4.5.6
+ app.kubernetes.io/managed-by: Helm
+ helm.sh/chart: polaris-1.2.3
+
+ # metadata.annotations (with gateway enabled)
+ - it: should not set gateway annotations by default
+ set:
+ gateway.enabled: true
+ gateway.className: istio
+ asserts:
+ - notExists:
+ path: metadata.annotations
+ - it: should set gateway annotations
+ set:
+ gateway.enabled: true
+ gateway.className: istio
+ gateway.annotations:
+ custom.annotation: value
+ asserts:
+ - isSubset:
+ path: metadata.annotations
+ content:
+ custom.annotation: value
+
+ # spec.gatewayClassName (with gateway enabled)
+ - it: should set gateway class name
+ set:
+ gateway.enabled: true
+ gateway.className: istio
+ asserts:
+ - equal:
+ path: spec.gatewayClassName
+ value: istio
+
+ # spec.listeners (with gateway enabled)
+ - it: should set default http listener
+ set:
+ gateway.enabled: true
+ gateway.className: istio
+ asserts:
+ - equal:
+ path: spec.listeners[0].name
+ value: http
+ - equal:
+ path: spec.listeners[0].protocol
+ value: HTTP
+ - equal:
+ path: spec.listeners[0].port
+ value: 80
+ - it: should set multiple listeners
+ set:
+ gateway.enabled: true
+ gateway.className: istio
+ gateway.listeners:
+ - name: http
+ protocol: HTTP
+ port: 80
+ - name: https
+ protocol: HTTPS
+ port: 443
+ tls:
+ mode: Terminate
+ certificateRefs:
+ - name: my-cert
+ asserts:
+ - equal:
+ path: spec.listeners
+ value:
+ - name: http
+ protocol: HTTP
+ port: 80
+ - name: https
+ protocol: HTTPS
+ port: 443
+ tls:
+ mode: Terminate
+ certificateRefs:
+ - name: my-cert
+ - it: should set listener with hostname
+ set:
+ gateway.enabled: true
+ gateway.className: istio
+ gateway.listeners:
+ - name: http
+ protocol: HTTP
+ port: 80
+ hostname: "*.example.com"
+ asserts:
+ - equal:
+ path: spec.listeners[0].hostname
+ value: "*.example.com"
+ - it: should set listener with allowed routes
+ set:
+ gateway.enabled: true
+ gateway.className: istio
+ gateway.listeners:
+ - name: http
+ protocol: HTTP
+ port: 80
+ allowedRoutes:
+ namespaces:
+ from: Same
+ asserts:
+ - equal:
+ path: spec.listeners[0].allowedRoutes
+ value:
+ namespaces:
+ from: Same
+
+ # spec.addresses (with gateway enabled)
+ - it: should not set addresses by default
+ set:
+ gateway.enabled: true
+ gateway.className: istio
+ asserts:
+ - notExists:
+ path: spec.addresses
+ - it: should set addresses when configured
+ set:
+ gateway.enabled: true
+ gateway.className: istio
+ gateway.addresses:
+ - type: IPAddress
+ value: 192.168.1.1
+ asserts:
+ - equal:
+ path: spec.addresses
+ value:
+ - type: IPAddress
+ value: 192.168.1.1
diff --git a/helm/polaris/tests/httproute_test.yaml
b/helm/polaris/tests/httproute_test.yaml
new file mode 100644
index 000000000..1d06bf55c
--- /dev/null
+++ b/helm/polaris/tests/httproute_test.yaml
@@ -0,0 +1,189 @@
+#
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+#
+
+chart:
+ version: 1.2.3
+ appVersion: 4.5.6
+
+release:
+ name: polaris-release
+ namespace: polaris-ns
+
+templates:
+ - httproute.yaml
+
+tests:
+
+ # kind
+ - it: should not create httproute by default
+ asserts:
+ - containsDocument:
+ kind: HTTPRoute
+ apiVersion: gateway.networking.k8s.io/v1
+ not: true
+ - it: should create httproute with enabled
+ set:
+ httproute.enabled: true
+ httproute.gatewayName: my-gateway
+ asserts:
+ - containsDocument:
+ kind: HTTPRoute
+ apiVersion: gateway.networking.k8s.io/v1
+
+ # metadata.name (with httproute enabled)
+ - it: should set httproute name
+ set:
+ httproute.enabled: true
+ httproute.gatewayName: my-gateway
+ asserts:
+ - equal:
+ path: metadata.name
+ value: polaris-release
+ - it: should set httproute name with override
+ set:
+ httproute.enabled: true
+ httproute.gatewayName: my-gateway
+ nameOverride: polaris-override
+ asserts:
+ - equal:
+ path: metadata.name
+ value: polaris-release-polaris-override
+ - it: should set httproute name with full override
+ set:
+ httproute.enabled: true
+ httproute.gatewayName: my-gateway
+ fullnameOverride: polaris-override
+ asserts:
+ - equal:
+ path: metadata.name
+ value: polaris-override
+
+ # metadata.namespace (with httproute enabled)
+ - it: should set httproute namespace
+ set:
+ httproute.enabled: true
+ httproute.gatewayName: my-gateway
+ asserts:
+ - equal:
+ path: metadata.namespace
+ value: polaris-ns
+
+ # metadata.labels (with httproute enabled)
+ - it: should set httproute default labels
+ set:
+ httproute.enabled: true
+ httproute.gatewayName: my-gateway
+ asserts:
+ - isSubset:
+ path: metadata.labels
+ content:
+ app.kubernetes.io/name: polaris
+ app.kubernetes.io/instance: polaris-release
+ app.kubernetes.io/version: 4.5.6
+ app.kubernetes.io/managed-by: Helm
+ helm.sh/chart: polaris-1.2.3
+
+ # metadata.annotations (with httproute enabled)
+ - it: should not set httproute annotations by default
+ set:
+ httproute.enabled: true
+ httproute.gatewayName: my-gateway
+ asserts:
+ - notExists:
+ path: metadata.annotations
+ - it: should set httproute annotations
+ set:
+ httproute.enabled: true
+ httproute.gatewayName: my-gateway
+ httproute.annotations:
+ custom.annotation: value
+ asserts:
+ - isSubset:
+ path: metadata.annotations
+ content:
+ custom.annotation: value
+
+ # spec.hostnames (with httproute enabled)
+ - it: should set httproute hostnames from values
+ set:
+ httproute.enabled: true
+ httproute.gatewayName: my-gateway
+ httproute.hosts:
+ - example.com
+ - api.example.com
+ asserts:
+ - equal:
+ path: spec.hostnames
+ value:
+ - example.com api.example.com
+
+ # spec.parentRefs (with httproute enabled)
+ - it: should set httproute parent refs with gateway name and namespace
+ set:
+ httproute.enabled: true
+ httproute.gatewayName: my-gateway
+ httproute.gatewayNamespace: gateway-ns
+ asserts:
+ - equal:
+ path: spec.parentRefs[0].name
+ value: my-gateway
+ - equal:
+ path: spec.parentRefs[0].namespace
+ value: gateway-ns
+ - it: should set httproute parent refs with section name
+ set:
+ httproute.enabled: true
+ httproute.gatewayName: my-gateway
+ httproute.gatewayNamespace: default
+ httproute.sectionName: http
+ asserts:
+ - equal:
+ path: spec.parentRefs[0].sectionName
+ value: http
+ - it: should not set section name when empty
+ set:
+ httproute.enabled: true
+ httproute.gatewayName: my-gateway
+ httproute.sectionName: ""
+ asserts:
+ - notExists:
+ path: spec.parentRefs[0].sectionName
+
+ # spec.rules (with httproute enabled)
+ - it: should set httproute rules with backend service
+ set:
+ httproute.enabled: true
+ httproute.gatewayName: my-gateway
+ asserts:
+ - equal:
+ path: spec.rules[0].backendRefs[0].name
+ value: polaris-release
+ - equal:
+ path: spec.rules[0].backendRefs[0].port
+ value: 8181
+
+ # validation
+ - it: should fail when both ingress and httproute are enabled
+ set:
+ ingress.enabled: true
+ httproute.enabled: true
+ httproute.gatewayName: my-gateway
+ asserts:
+ - failedTemplate:
+ errorMessage: "Cannot enable both ingress and httproute. Please
enable only one."
diff --git a/helm/polaris/values.yaml b/helm/polaris/values.yaml
index 33e55945e..113b82ef3 100644
--- a/helm/polaris/values.yaml
+++ b/helm/polaris/values.yaml
@@ -242,6 +242,48 @@ ingress:
# - chart-example2.local
# secretName: secret1
+# Polaris Gateway settings.
+# These settings generate a Gateway resource for Gateway API-based routing.
+# A Gateway can be shared across multiple HTTPRoutes.
+gateway:
+ # -- Specifies whether a Gateway should be created.
+ enabled: false
+ # -- Annotations to add to the Gateway.
+ annotations: {}
+ # -- The name of the GatewayClass to use.
+ className: ""
+ # -- Gateway listeners configuration.
+ listeners:
+ - name: http
+ protocol: HTTP
+ port: 80
+ # hostname: "*.example.local"
+ # allowedRoutes:
+ # namespaces:
+ # from: Same
+ # -- Optional addresses to request for the Gateway.
+ addresses: []
+ # - type: IPAddress
+ # value: 192.168.1.1
+
+# Polaris HTTPRoute settings.
+# These settings generate an HTTPRoute resource for Gateway API-based routing.
+# HTTPRoute and Ingress are mutually exclusive; only one can be enabled at a
time.
+httproute:
+ # -- Specifies whether an HTTPRoute should be created.
+ enabled: false
+ # -- Annotations to add to the HTTPRoute.
+ annotations: {}
+ # -- Name of the Gateway resource to attach to.
+ gatewayName: ""
+ # -- Namespace where the Gateway is deployed.
+ gatewayNamespace: default
+ # -- Section name within the gateway to use (optional).
+ sectionName: ""
+ # -- A list of hostnames that the HTTPRoute should match.
+ hosts:
+ - chart-example.local
+
# -- Configures the resources requests and limits for polaris pods.
# We usually recommend not to specify default resources and to leave this as a
conscious
# choice for the user. This also increases chances charts run on environments
with little
diff --git a/site/content/in-dev/unreleased/helm.md
b/site/content/in-dev/unreleased/helm.md
index 88afeed10..e15414fd8 100644
--- a/site/content/in-dev/unreleased/helm.md
+++ b/site/content/in-dev/unreleased/helm.md
@@ -175,6 +175,18 @@ export QUARKUS_DATASOURCE_JDBC_URL=$(echo
"$container_envs" | grep quarkus.datas
java -jar runtime/admin/build/quarkus-app/quarkus-run.jar bootstrap -c
POLARIS,root,pass -r POLARIS
```
+### Using the Gateway API (Advanced)
+
+You may want to use the [Kubernetes Gateway
API](https://gateway-api.sigs.k8s.io/) for more advanced network routing. In
most cases this would already be installed by your cluster admins. The
following is an example set of commands to run to install the gateway:
+```bash
+# ref:
https://gateway-api.sigs.k8s.io/guides/getting-started/#install-standard-channel
+kubectl apply -f
https://github.com/kubernetes-sigs/gateway-api/releases/latest/download/standard-install.yaml
+```
+
+With that installed, you can enable and configure the `gateway` values. This
will make it possible to use the HTTPRoute resource, enable and configure the
`httproute` values.
+[!NOTE]
+Only one of HTTPRoute or Ingress can be defined. Defining both will result in
errors.
+
### Uninstalling
```bash
@@ -285,6 +297,17 @@ ct install --namespace polaris --charts ./helm/polaris
| features.realmOverrides | object | `{}` | Features to enable or disable per
realm. This field is a map of maps. The realm name is the key, and the value is
a map of feature names to values. If a feature is not present in the map, the
default value from the 'defaults' field is used. |
| fileIo | object | `{"type":"default"}` | Polaris FileIO configuration. |
| fileIo.type | string | `"default"` | The type of file IO to use. Two
built-in types are supported: default and wasb. The wasb one translates WASB
paths to ABFS ones. |
+| gateway.addresses | list | `[]` | Optional addresses to request for the
Gateway. |
+| gateway.annotations | object | `{}` | Annotations to add to the Gateway. |
+| gateway.className | string | `""` | The name of the GatewayClass to use. |
+| gateway.enabled | bool | `false` | Specifies whether a Gateway should be
created. |
+| gateway.listeners | list | `[{"name":"http","port":80,"protocol":"HTTP"}]` |
Gateway listeners configuration. |
+| httproute.annotations | object | `{}` | Annotations to add to the HTTPRoute.
|
+| httproute.enabled | bool | `false` | Specifies whether an HTTPRoute should
be created. |
+| httproute.gatewayName | string | `""` | Name of the Gateway resource to
attach to. |
+| httproute.gatewayNamespace | string | `"default"` | Namespace where the
Gateway is deployed. |
+| httproute.hosts | list | `["chart-example.local"]` | A list of hostnames
that the HTTPRoute should match. |
+| httproute.sectionName | string | `""` | Section name within the gateway to
use (optional). |
| image.configDir | string | `"/deployments/config"` | The path to the
directory where the application.properties file, and other configuration files,
if any, should be mounted. |
| image.pullPolicy | string | `"IfNotPresent"` | The image pull policy. |
| image.repository | string | `"apache/polaris"` | The image repository to
pull from. |
