diff --git a/charts/apisix/templates/service-gateway.yaml b/charts/apisix/templates/service-gateway.yaml index 7797435a..cc72f902 100644 --- a/charts/apisix/templates/service-gateway.yaml +++ b/charts/apisix/templates/service-gateway.yaml @@ -65,7 +65,7 @@ spec: {{- if or .Values.apisix.ssl.enabled }} - name: apisix-gateway-tls port: {{ .Values.service.tls.servicePort }} - targetPort: {{ .Values.apisix.ssl.containerPort }} + targetPort: {{ .Values.apisix.ssl.serviceTargetPort }} {{- if (and (eq .Values.service.type "NodePort") (not (empty .Values.service.tls.nodePort))) }} nodePort: {{ .Values.service.tls.nodePort }} {{- end }} @@ -103,4 +103,4 @@ spec: {{- end }} {{- end }} selector: - {{- include "apisix.selectorLabels" . | nindent 4 }} + {{- include "apisix.selectorLabels" . | nindent 4 }} \ No newline at end of file diff --git a/charts/apisix/values.yaml b/charts/apisix/values.yaml index bd421883..3539f528 100644 --- a/charts/apisix/values.yaml +++ b/charts/apisix/values.yaml @@ -308,6 +308,13 @@ apisix: ssl: enabled: false containerPort: 9443 + # -- We need to change the Kubernetes Service target port independently from: + # -- - Nginx configuration + # -- - Container port + # -- This is useful while creating load-balancers in cloud providers, where the TLS is off-loaded + # -- and we need to send the requests from the external TLS port to the pod HTTP port, due to the node ports + # -- being automatically created based on the Kubernetes Service + serviceTargetPort: 9443 # -- Support multiple https ports, See [Configuration](https://github.com/apache/apisix/blob/0bc65ea9acd726f79f80ae0abd8f50b7eb172e3d/conf/config-default.yaml#L99) additionalContainerPorts: [] # - ip: 127.0.0.3 # Specific IP, If not set, the default value is `0.0.0.0`. @@ -645,4 +652,4 @@ ingress-controller: enabled: false config: apisix: - adminAPIVersion: "v3" + adminAPIVersion: "v3" \ No newline at end of file