From 38d9d2ea0e727634453247eab4b655e3e145e20c Mon Sep 17 00:00:00 2001 From: Ian Martin Date: Thu, 22 Apr 2021 01:22:31 -0600 Subject: [PATCH] Ambassador can watch multiple namespaces (#7516) * Ambassador can watch multiple namespaces * update variable name per PR review --- inventory/sample/group_vars/k8s-cluster/addons.yml | 1 + roles/kubernetes-apps/ingress_controller/ambassador/README.md | 4 ++++ .../ingress_controller/ambassador/defaults/main.yml | 3 ++- .../ambassador/templates/deploy-ambassador.yml.j2 | 4 ++++ 4 files changed, 11 insertions(+), 1 deletion(-) diff --git a/inventory/sample/group_vars/k8s-cluster/addons.yml b/inventory/sample/group_vars/k8s-cluster/addons.yml index 73528c168..642ebea43 100644 --- a/inventory/sample/group_vars/k8s-cluster/addons.yml +++ b/inventory/sample/group_vars/k8s-cluster/addons.yml @@ -115,6 +115,7 @@ ingress_publish_status_address: "" ingress_ambassador_enabled: false # ingress_ambassador_namespace: "ambassador" # ingress_ambassador_version: "*" +# ingress_ambassador_multi_namespaces: false # ALB ingress controller deployment ingress_alb_enabled: false diff --git a/roles/kubernetes-apps/ingress_controller/ambassador/README.md b/roles/kubernetes-apps/ingress_controller/ambassador/README.md index 3602aaa34..98637a216 100644 --- a/roles/kubernetes-apps/ingress_controller/ambassador/README.md +++ b/roles/kubernetes-apps/ingress_controller/ambassador/README.md @@ -29,6 +29,10 @@ versions of Ambassador as they become available. for specifying when the Operator should try to update the Ambassador API Gateway. - `ingress_ambassador_version` (defaulkt: `*`): SemVer rule for versions allowed for installation/updates. +- `ingress_ambassador_multi_namespaces` (default `false`): By default, Ambassador will only + watch the `ingress_ambassador_namespace` namespace for `AmbassadorInstallation` CRD resources. + When set to `true`, this value will tell the Ambassador Operator to watch **all** namespaces + for CRDs. If you want to run multiple Ambassador ingress instances, set this to `true`. ## Ingress annotations diff --git a/roles/kubernetes-apps/ingress_controller/ambassador/defaults/main.yml b/roles/kubernetes-apps/ingress_controller/ambassador/defaults/main.yml index 5d8f48050..a71645a10 100644 --- a/roles/kubernetes-apps/ingress_controller/ambassador/defaults/main.yml +++ b/roles/kubernetes-apps/ingress_controller/ambassador/defaults/main.yml @@ -6,4 +6,5 @@ ingress_ambassador_replicas: 1 ingress_ambassador_insecure_port: 80 ingress_ambassador_secure_port: 443 ingress_ambassador_extra_args: [] -ingress_ambassador_host_network: false \ No newline at end of file +ingress_ambassador_host_network: false +ingress_ambassador_multi_namespaces: false diff --git a/roles/kubernetes-apps/ingress_controller/ambassador/templates/deploy-ambassador.yml.j2 b/roles/kubernetes-apps/ingress_controller/ambassador/templates/deploy-ambassador.yml.j2 index 8cf4676d5..58fa32b4e 100644 --- a/roles/kubernetes-apps/ingress_controller/ambassador/templates/deploy-ambassador.yml.j2 +++ b/roles/kubernetes-apps/ingress_controller/ambassador/templates/deploy-ambassador.yml.j2 @@ -32,9 +32,13 @@ spec: imagePullPolicy: {{ k8s_image_pull_policy }} env: - name: WATCH_NAMESPACE + {%- if ingress_ambassador_multi_namespaces %} + value: '' + {%- else %} valueFrom: fieldRef: fieldPath: metadata.namespace + {%- end %} - name: POD_NAME valueFrom: fieldRef: