From cd48819a73c9d43b0b052806a2aeb9ff51fc7200 Mon Sep 17 00:00:00 2001 From: Michael Kranz Date: Wed, 11 Jun 2025 11:43:19 -0700 Subject: [PATCH 1/3] Add the option to specify service labels for the nginx gateway control plane service --- charts/nginx-gateway-fabric/README.md | 1 + charts/nginx-gateway-fabric/templates/service.yaml | 3 +++ charts/nginx-gateway-fabric/values.schema.json | 6 ++++++ charts/nginx-gateway-fabric/values.yaml | 3 +++ 4 files changed, 13 insertions(+) diff --git a/charts/nginx-gateway-fabric/README.md b/charts/nginx-gateway-fabric/README.md index e59f8f5beb..d24afbe46a 100644 --- a/charts/nginx-gateway-fabric/README.md +++ b/charts/nginx-gateway-fabric/README.md @@ -318,6 +318,7 @@ The following table lists the configurable parameters of the NGINX Gateway Fabri | `nginxGateway.resources` | The resource requests and/or limits of the nginx-gateway container. | object | `{}` | | `nginxGateway.service` | The service configuration for the NGINX Gateway Fabric control plane. | object | `{"annotations":{}}` | | `nginxGateway.service.annotations` | The annotations of the NGINX Gateway Fabric control plane service. | object | `{}` | +| `nginxGateway.service.labels` | The labels of the NGINX Gateway Fabric control plane service. | object | `{}` | | `nginxGateway.serviceAccount` | The serviceaccount configuration for the NGINX Gateway Fabric control plane. | object | `{"annotations":{},"imagePullSecret":"","imagePullSecrets":[],"name":""}` | | `nginxGateway.serviceAccount.annotations` | Set of custom annotations for the NGINX Gateway Fabric control plane service account. | object | `{}` | | `nginxGateway.serviceAccount.imagePullSecret` | The name of the secret containing docker registry credentials for the control plane. Secret must exist in the same namespace as the helm release. | string | `""` | diff --git a/charts/nginx-gateway-fabric/templates/service.yaml b/charts/nginx-gateway-fabric/templates/service.yaml index 6a0ed7cfef..faa3b45970 100644 --- a/charts/nginx-gateway-fabric/templates/service.yaml +++ b/charts/nginx-gateway-fabric/templates/service.yaml @@ -5,6 +5,9 @@ metadata: namespace: {{ .Release.Namespace }} labels: {{- include "nginx-gateway.labels" . | nindent 4 }} +{{- if .Values.nginxGateway.service.labels }} +{{ toYaml .Values.nginxGateway.service.labels | indent 4 }} +{{- end }} {{- if .Values.nginxGateway.service.annotations }} annotations: {{ toYaml .Values.nginxGateway.service.annotations | indent 4 }} diff --git a/charts/nginx-gateway-fabric/values.schema.json b/charts/nginx-gateway-fabric/values.schema.json index 9a6d4d4e71..5dbb8c0e37 100644 --- a/charts/nginx-gateway-fabric/values.schema.json +++ b/charts/nginx-gateway-fabric/values.schema.json @@ -804,6 +804,12 @@ "required": [], "title": "annotations", "type": "object" + }, + "labels": { + "description": "The labels of the NGINX Gateway Fabric control plane service.", + "required": [], + "title": "labels", + "type": "object" } }, "required": [], diff --git a/charts/nginx-gateway-fabric/values.yaml b/charts/nginx-gateway-fabric/values.yaml index 00061b1640..39bdc19ace 100644 --- a/charts/nginx-gateway-fabric/values.yaml +++ b/charts/nginx-gateway-fabric/values.yaml @@ -59,6 +59,9 @@ nginxGateway: # -- The annotations of the NGINX Gateway Fabric control plane service. annotations: {} + # -- The labels of the NGINX Gateway Fabric control plane service. + labels: {} + # -- The serviceaccount configuration for the NGINX Gateway Fabric control plane. serviceAccount: # -- Set of custom annotations for the NGINX Gateway Fabric control plane service account. From a6985cee2179918ef7bd9e7bf7932236f0d299f1 Mon Sep 17 00:00:00 2001 From: Michael Kranz Date: Wed, 11 Jun 2025 12:09:02 -0700 Subject: [PATCH 2/3] Add user-provided helm values for additional control plane service labels Problem: As a user that uses prometheus for everything metrics, I would like to target the control plane service with a specific label. Solution: Add the ability for users to provide additional service labels for the NGINX Gateway Fabric control plane service in the helm chart. Testing: Used helm lint/install --dry-run to make sure the k8s resources are created correctly --- charts/nginx-gateway-fabric/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/charts/nginx-gateway-fabric/README.md b/charts/nginx-gateway-fabric/README.md index d24afbe46a..03e2668b39 100644 --- a/charts/nginx-gateway-fabric/README.md +++ b/charts/nginx-gateway-fabric/README.md @@ -316,7 +316,7 @@ The following table lists the configurable parameters of the NGINX Gateway Fabri | `nginxGateway.readinessProbe.port` | Port in which the readiness endpoint is exposed. | int | `8081` | | `nginxGateway.replicas` | The number of replicas of the NGINX Gateway Fabric Deployment. | int | `1` | | `nginxGateway.resources` | The resource requests and/or limits of the nginx-gateway container. | object | `{}` | -| `nginxGateway.service` | The service configuration for the NGINX Gateway Fabric control plane. | object | `{"annotations":{}}` | +| `nginxGateway.service` | The service configuration for the NGINX Gateway Fabric control plane. | object | `{"annotations":{},"labels":{}}` | | `nginxGateway.service.annotations` | The annotations of the NGINX Gateway Fabric control plane service. | object | `{}` | | `nginxGateway.service.labels` | The labels of the NGINX Gateway Fabric control plane service. | object | `{}` | | `nginxGateway.serviceAccount` | The serviceaccount configuration for the NGINX Gateway Fabric control plane. | object | `{"annotations":{},"imagePullSecret":"","imagePullSecrets":[],"name":""}` | From 02811ec3e5ed5af534bad7d3ab39b5d1c652035a Mon Sep 17 00:00:00 2001 From: Michael Kranz Date: Wed, 11 Jun 2025 13:24:45 -0700 Subject: [PATCH 3/3] Ran make generate-all to get the correct changes into the Readme Problem: As a user that uses prometheus for everything metrics, I would like to target the control plane service with a specific label. Solution: Add the ability for users to provide additional service labels for the NGINX Gateway Fabric control plane service in the helm chart. Testing: Used helm lint/install --dry-run to make sure the k8s resources are created correctly --- charts/nginx-gateway-fabric/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/charts/nginx-gateway-fabric/README.md b/charts/nginx-gateway-fabric/README.md index 03e2668b39..395e465b6c 100644 --- a/charts/nginx-gateway-fabric/README.md +++ b/charts/nginx-gateway-fabric/README.md @@ -288,7 +288,7 @@ The following table lists the configurable parameters of the NGINX Gateway Fabri | `nginx.usage.resolver` | The nameserver used to resolve the NGINX Plus usage reporting endpoint. Used with NGINX Instance Manager. | string | `""` | | `nginx.usage.secretName` | The name of the Secret containing the JWT for NGINX Plus usage reporting. Must exist in the same namespace that the NGINX Gateway Fabric control plane is running in (default namespace: nginx-gateway). | string | `"nplus-license"` | | `nginx.usage.skipVerify` | Disable client verification of the NGINX Plus usage reporting server certificate. | bool | `false` | -| `nginxGateway` | The nginxGateway section contains configuration for the NGINX Gateway Fabric control plane deployment. | object | `{"affinity":{},"config":{"logging":{"level":"info"}},"configAnnotations":{},"extraVolumeMounts":[],"extraVolumes":[],"gatewayClassAnnotations":{},"gatewayClassName":"nginx","gatewayControllerName":"gateway.nginx.org/nginx-gateway-controller","gwAPIExperimentalFeatures":{"enable":false},"image":{"pullPolicy":"Always","repository":"ghcr.io/nginx/nginx-gateway-fabric","tag":"edge"},"kind":"deployment","labels":{},"leaderElection":{"enable":true,"lockName":""},"lifecycle":{},"metrics":{"enable":true,"port":9113,"secure":false},"nodeSelector":{},"podAnnotations":{},"productTelemetry":{"enable":true},"readinessProbe":{"enable":true,"initialDelaySeconds":3,"port":8081},"replicas":1,"resources":{},"service":{"annotations":{}},"serviceAccount":{"annotations":{},"imagePullSecret":"","imagePullSecrets":[],"name":""},"snippetsFilters":{"enable":false},"terminationGracePeriodSeconds":30,"tolerations":[],"topologySpreadConstraints":[]}` | +| `nginxGateway` | The nginxGateway section contains configuration for the NGINX Gateway Fabric control plane deployment. | object | `{"affinity":{},"config":{"logging":{"level":"info"}},"configAnnotations":{},"extraVolumeMounts":[],"extraVolumes":[],"gatewayClassAnnotations":{},"gatewayClassName":"nginx","gatewayControllerName":"gateway.nginx.org/nginx-gateway-controller","gwAPIExperimentalFeatures":{"enable":false},"image":{"pullPolicy":"Always","repository":"ghcr.io/nginx/nginx-gateway-fabric","tag":"edge"},"kind":"deployment","labels":{},"leaderElection":{"enable":true,"lockName":""},"lifecycle":{},"metrics":{"enable":true,"port":9113,"secure":false},"nodeSelector":{},"podAnnotations":{},"productTelemetry":{"enable":true},"readinessProbe":{"enable":true,"initialDelaySeconds":3,"port":8081},"replicas":1,"resources":{},"service":{"annotations":{},"labels":{}},"serviceAccount":{"annotations":{},"imagePullSecret":"","imagePullSecrets":[],"name":""},"snippetsFilters":{"enable":false},"terminationGracePeriodSeconds":30,"tolerations":[],"topologySpreadConstraints":[]}` | | `nginxGateway.affinity` | The affinity of the NGINX Gateway Fabric control plane pod. | object | `{}` | | `nginxGateway.config.logging.level` | Log level. | string | `"info"` | | `nginxGateway.configAnnotations` | Set of custom annotations for NginxGateway objects. | object | `{}` |