Update to apisix 3.9.1 and enable etcd port in ingress-controller if using etcd adapter #761
Conversation
…ingress-controller
There was a problem hiding this comment.
The service change is unnecessary, as the container is embedded in the same pod/network namespace. This change exposes the insecure port to the rest of the cluster, which is not what you want.
There was a problem hiding this comment.
I'm trying to implement the architecture diagrammed here: https://static.apiseven.com/apisix-webp/uploads/2023/10/24/UbKWYGar_APISIX-Ingress-4.webp but what I ended up with using the latest helm chart was the ingress controller/with embedded apisix running as the control plane, and a separate pod cluster running apisix as the data plane. (which is why I was exposing the service port so the apisix pods running the data plane had an etcd to connect to). Is there something I missed in the helm config to get the ingress controllers to embed both the apisix control plane and the data plane together as the diagram shows?
There was a problem hiding this comment.
The composite architecture using the same pod has been implemented for a while. Your current changes doesn't have a separate pod running apisix, AFAICT. Using a separate pod is problematic anyway, as it means that you have to reinvent security between etcd and apisix.
|
@gamer22026 Can you fix the CI? |
Updates ingress-controller to use apisix 3.9.1 as control plane when using etcd-adapter.
Updates ingress controller version to latest 1.8.2
Enables ingress controller service to listen on port 12379 if etcd adapter is enabled.