File tree Expand file tree Collapse file tree 5 files changed +18
-3
lines changed
helm/aws-load-balancer-controller Expand file tree Collapse file tree 5 files changed +18
-3
lines changed Original file line number Diff line number Diff line change 11apiVersion : v1
22name : aws-load-balancer-controller
33description : AWS Load Balancer Controller Helm chart for Kubernetes
4- version : 1.2.7
4+ version : 1.2.8
55appVersion : v2.2.4
66home : https://github.com/aws/eks-charts
77icon : https://raw.githubusercontent.com/aws/eks-charts/master/docs/logo/aws.png
Original file line number Diff line number Diff line change @@ -177,6 +177,9 @@ The default values set by the application itself can be confirmed [here](https:/
177177| ` logLevel ` | Set the controller log level - info, debug | None |
178178| ` metricsBindAddr ` | The address the metric endpoint binds to | "" |
179179| ` webhookBindPort ` | The TCP port the Webhook server binds to | None |
180+ | ` webhookTLS.caCert ` | TLS CA certificate for webhook (auto-generated if not provided) | "" |
181+ | ` webhookTLS.cert ` | TLS certificate for webhook (auto-generated if not provided) | "" |
182+ | ` webhookTLS.key ` | TLS private key for webhook (auto-generated if not provided) | "" |
180183| ` serviceMaxConcurrentReconciles ` | Maximum number of concurrently running reconcile loops for service | None |
181184| ` targetgroupbindingMaxConcurrentReconciles ` | Maximum number of concurrently running reconcile loops for targetGroupBinding | None |
182185| ` targetgroupbindingMaxExponentialBackoffDelay ` | Maximum duration of exponential backoff for targetGroupBinding reconcile failures | None |
Original file line number Diff line number Diff line change @@ -75,7 +75,12 @@ Create the name of the service account to use
7575{ {/*
7676Generate certificates for webhook
7777*/} }
78- { {- define " aws-load-balancer-controller.gen-certs" }
78+ { {- define " aws-load-balancer-controller.webhook-certs" }
79+ { {- if (and .Values.webhookTLS.caCert .Values.webhookTLS.cert .Values.webhookTLS.key) -}
80+ caCert: { { .Values.webhookTLS.caCert | b64enc }
81+ clientCert: { { .Values.webhookTLS.cert | b64enc }
82+ clientKey: { { .Values.webhookTLS.key | b64enc }
83+ { {- else -}
7984{ {- $namePrefix := ( include " aws-load-balancer-controller.namePrefix" }
8085{ {- $altNames := list ( printf " %s-%s.%s" $namePrefix " webhook-service" " %s-%s.%s.svc" $namePrefix " webhook-service" }
8186{ {- $ca := genCA " aws-load-balancer-controller-ca" }
@@ -84,6 +89,7 @@ caCert: {{ $ca.Cert | b64enc }}
8489clientCert: { { $cert .Cert | b64enc }
8590clientKey: { { $cert .Key | b64enc }
8691{ {- end -}
92+ { {- end -}
8793
8894{ {/*
8995Convert map to comma separated key= value string
Original file line number Diff line number Diff line change 1- {{ $tls := fromYaml ( include "aws-load-balancer-controller.gen -certs" . ) }}
1+ {{ $tls := fromYaml ( include "aws-load-balancer-controller.webhook -certs" . ) }}
22---
33{{- if .Capabilities.APIVersions.Has "admissionregistration.k8s.io/v1" }}
44apiVersion : admissionregistration.k8s.io/v1
Original file line number Diff line number Diff line change @@ -117,6 +117,12 @@ metricsBindAddr: ""
117117# The TCP port the Webhook server binds to. (default 9443)
118118webhookBindPort :
119119
120+ # webhookTLS specifies TLS cert/key for the webhook
121+ webhookTLS :
122+ caCert :
123+ cert :
124+ key :
125+
120126# Maximum number of concurrently running reconcile loops for service (default 3)
121127serviceMaxConcurrentReconciles :
122128
You can’t perform that action at this time.
0 commit comments