sparkfabrik · Monska85 · May 13, 2024 · May 13, 2024
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -8,6 +8,17 @@ to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
 ## [Unreleased]
 
+## [0.5.0] - 2024-05-13
+
+[Compare with previous version](https://github.com/sparkfabrik/terraform-helm-ingress-nginx/compare/0.4.0...0.5.0)
+
+### Added
+
+- Default value for chart version. The values file shipped with the module refers to the declared version of the chart.
+- `podAntiAffinity` configuration enabled by default. It is possible to disable it by setting the new `set_default_pod_anti_affinity` variable to `false`.
+- Add the `common_labels` variable to allow the user to set common labels for all resources created by the chart.
+- Add the `ingress_nginx_controller_min_replicas` and `ingress_nginx_controller_max_replicas` variables to easily set the minimum and maximum number of replicas for the controller pods.
+
 ## [0.4.0] - 2023-12-22
 
 [Compare with previous version](https://github.com/sparkfabrik/terraform-helm-ingress-nginx/compare/0.3.0...0.4.0)

diff --git a/README.md b/README.md
@@ -23,12 +23,16 @@ This is Terraform module to install and configure the Nginx Ingress Controller.
 
 | Name | Description | Type | Default | Required |
 |------|-------------|------|---------|:--------:|
-| <a name="input_additional_values"></a> [additional\_values](#input\_additional\_values) | Additional values to pass to the helm chart | `list(string)` | `[]` | no |
-| <a name="input_chart_version"></a> [chart\_version](#input\_chart\_version) | Chart version of the ingress controller | `string` | n/a | yes |
-| <a name="input_create_namespace"></a> [create\_namespace](#input\_create\_namespace) | Create namespace for the ingress controller. If false, the namespace must be created before using this module | `bool` | `true` | no |
-| <a name="input_helm_release_name"></a> [helm\_release\_name](#input\_helm\_release\_name) | Name of the helm release | `string` | `"ingress-nginx"` | no |
-| <a name="input_namespace"></a> [namespace](#input\_namespace) | Namespace of the ingress controller | `string` | n/a | yes |
-| <a name="input_namespace_additional_labels"></a> [namespace\_additional\_labels](#input\_namespace\_additional\_labels) | Additional labels for the namespace of the ingress controller | `map(string)` | `{}` | no |
+| <a name="input_additional_values"></a> [additional\_values](#input\_additional\_values) | Additional values to pass to the helm chart. | `list(string)` | `[]` | no |
+| <a name="input_chart_version"></a> [chart\_version](#input\_chart\_version) | Chart version of the ingress controller. Consider the default value the reference version of the module and the base of the values.yaml.tftpl file. | `string` | `"4.10.1"` | no |
+| <a name="input_common_labels"></a> [common\_labels](#input\_common\_labels) | Set of labels to apply to all resources. | `map(string)` | `{}` | no |
+| <a name="input_create_namespace"></a> [create\_namespace](#input\_create\_namespace) | Create namespace for the ingress controller. If false, the namespace must be created before using this module. | `bool` | `true` | no |
+| <a name="input_helm_release_name"></a> [helm\_release\_name](#input\_helm\_release\_name) | Name of the helm release. | `string` | `"ingress-nginx"` | no |
+| <a name="input_ingress_nginx_controller_max_replicas"></a> [ingress\_nginx\_controller\_max\_replicas](#input\_ingress\_nginx\_controller\_max\_replicas) | Maximum number of replicas for the ingress controller. | `number` | `3` | no |
+| <a name="input_ingress_nginx_controller_min_replicas"></a> [ingress\_nginx\_controller\_min\_replicas](#input\_ingress\_nginx\_controller\_min\_replicas) | Minimum number of replicas for the ingress controller. | `number` | `1` | no |
+| <a name="input_namespace"></a> [namespace](#input\_namespace) | Namespace of the ingress controller. | `string` | n/a | yes |
+| <a name="input_namespace_additional_labels"></a> [namespace\_additional\_labels](#input\_namespace\_additional\_labels) | Additional labels for the namespace of the ingress controller. | `map(string)` | `{}` | no |
+| <a name="input_set_controller_default_pod_anti_affinity"></a> [set\_controller\_default\_pod\_anti\_affinity](#input\_set\_controller\_default\_pod\_anti\_affinity) | Set the podAntiAffinity for the ingress controller. | `bool` | `true` | no |
 
 ## Outputs
 

diff --git a/files/values.yaml b/files/values.yaml
diff --git a/files/values.yaml.tftpl b/files/values.yaml.tftpl
@@ -0,0 +1,63 @@
+# https://github.com/kubernetes/ingress-nginx/blob/helm-chart-4.10.1/charts/ingress-nginx/values.yaml
+
+%{~ if length(common_labels) > 0 }
+%{~ for lbl_key, lbl_value in common_labels }
+commonLabels:
+  ${lbl_key}: "${lbl_value}"
+%{~ endfor ~}
+%{~ endif ~}
+
+controller:
+  resources:
+    requests:
+      cpu: 50m
+      memory: 64Mi
+  autoscaling:
+    enabled: "true"
+    minReplicas: ${ingress_nginx_controller_min_replicas}
+    maxReplicas: ${ingress_nginx_controller_max_replicas}
+    targetCPUUtilizationPercentage: 80
+    targetMemoryUtilizationPercentage: 80
+  config:
+    body-size: "0"
+    hsts-include-subdomains: "true"
+    hsts-max-age: "63072000"
+    hsts-preload: "true"
+    proxy-body-size: "0"
+    proxy-buffer-size: "128k"
+    proxy-connect-timeout: "15"
+    proxy-read-timeout: "600"
+    proxy-send-timeout: "600"
+    server-name-hash-bucket-size: "256"
+    ssl-redirect: "true"
+    ssl-reject-handshake: "true"
+  service:
+    externalTrafficPolicy: "Local"
+  %{~ if set_controller_default_pod_anti_affinity }
+  # Set the default antiaffinity. If you eneable the hpa, the pods will be distributed in different nodes.
+  affinity:
+    podAntiAffinity:
+      requiredDuringSchedulingIgnoredDuringExecution:
+        - labelSelector:
+            matchExpressions:
+              - key: app.kubernetes.io/name
+                operator: In
+                values:
+                  - ingress-nginx
+              - key: app.kubernetes.io/instance
+                operator: In
+                values:
+                  - ingress-nginx
+              - key: app.kubernetes.io/component
+                operator: In
+                values:
+                  - controller
+          topologyKey: "kubernetes.io/hostname"
+  %{~ endif ~}
+
+defaultBackend:
+  enabled: true
+  resources:
+    requests:
+      cpu: 10m
+      memory: 20Mi
diff --git a/main.tf b/main.tf
@@ -28,7 +28,17 @@ resource "helm_release" "this" {
   namespace  = var.create_namespace ? kubernetes_namespace_v1.this[0].metadata[0].name : data.kubernetes_namespace_v1.this[0].metadata[0].name
 
   values = concat(
-    [file("${path.module}/files/values.yaml")],
+    [
+      templatefile(
+        "${path.module}/files/values.yaml.tftpl",
+        {
+          common_labels                            = var.common_labels
+          ingress_nginx_controller_min_replicas    = var.ingress_nginx_controller_min_replicas
+          ingress_nginx_controller_max_replicas    = var.ingress_nginx_controller_max_replicas
+          set_controller_default_pod_anti_affinity = var.set_controller_default_pod_anti_affinity
+        }
+      )
+    ],
     var.additional_values
   )
 }
diff --git a/variables.tf b/variables.tf
@@ -1,33 +1,58 @@
+variable "helm_release_name" {
+  description = "Name of the helm release."
+  type        = string
+  default     = "ingress-nginx"
+}
+
 variable "chart_version" {
-  description = "Chart version of the ingress controller"
+  description = "Chart version of the ingress controller. Consider the default value the reference version of the module and the base of the values.yaml.tftpl file."
   type        = string
+  default     = "4.10.1"
 }
 
 variable "create_namespace" {
-  description = "Create namespace for the ingress controller. If false, the namespace must be created before using this module"
+  description = "Create namespace for the ingress controller. If false, the namespace must be created before using this module."
   type        = bool
   default     = true
 }
 
 variable "namespace" {
-  description = "Namespace of the ingress controller"
+  description = "Namespace of the ingress controller."
   type        = string
 }
 
 variable "namespace_additional_labels" {
-  description = "Additional labels for the namespace of the ingress controller"
+  description = "Additional labels for the namespace of the ingress controller."
   type        = map(string)
   default     = {}
 }
 
 variable "additional_values" {
-  description = "Additional values to pass to the helm chart"
+  description = "Additional values to pass to the helm chart."
   type        = list(string)
   default     = []
 }
 
-variable "helm_release_name" {
-  description = "Name of the helm release"
-  type        = string
-  default     = "ingress-nginx"
+variable "common_labels" {
+  description = "Set of labels to apply to all resources."
+  type        = map(string)
+  default     = {}
+}
+
+variable "ingress_nginx_controller_min_replicas" {
+  description = "Minimum number of replicas for the ingress controller."
+  type        = number
+  default     = 1
+}
+
+variable "ingress_nginx_controller_max_replicas" {
+  description = "Maximum number of replicas for the ingress controller."
+  type        = number
+  default     = 3
+}
+
+variable "set_controller_default_pod_anti_affinity" {
+  description = "Set the podAntiAffinity for the ingress controller."
+  type        = bool
+  default     = true
 }