tencent cloud

Feedback

Complete Example of values.yaml Configuration

Last updated: 2024-09-03 17:07:02
Below is a relatively complete values.yaml configuration example. You can copy this example and modify it according to your needs:
controller:
extraInitContainers:
- name: sysctl
image: busybox
securityContext:
privileged: true
imagePullPolicy: IfNotPresent
command:
- sh
- -c
- |
sysctl -w net.core.somaxconn=65535 # Increase connection queue to prevent queue overflow
sysctl -w net.ipv4.ip_local_port_range="1024 65535" # Expand source port range to prevent port exhaustion
sysctl -w net.ipv4.tcp_tw_reuse=1 # Enable TIME_WAIT reuse to avoid port exhaustion and allow new connections
sysctl -w fs.file-max=1048576 # Increase file handle count to prevent connection overflow from exhausting file handles
config:
# The number of requests that can be processed by a persistent connection between Nginx and the client, which defaults to 100. We recommend that you increase this number in high-concurrency scenarios, but setting it too high may cause uneven load after Nginx Ingress scale-out.
# Reference: https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/configmap/#keep-alive-requests
keep-alive-requests: "1000"
# The maximum number of idle persistent connections (not the maximum number of connections) between Nginx and the upstream, which defaults to 320. We recommend that you increase this number in high-concurrency scenarios to prevent the frequent establishment of connections from significantly increasing the number of TIME_WAIT connections.
# Reference: https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/configmap/#upstream-keepalive-connections
upstream-keepalive-connections: "2000"
# The maximum number of connections that each worker process can open, which defaults to 16384.
# Reference: https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/configmap/#max-worker-connections
max-worker-connections: "65536"
log-format-upstream: $remote_addr - $remote_user [$time_local] "$request"
$status $body_bytes_sent "$http_referer" "$http_user_agent"
$request_length $request_time [$proxy_upstream_name] [$proxy_alternative_upstream_name] $upstream_addr
$upstream_response_length $upstream_response_time $upstream_status $req_id $host
# Nginx logs are written to log files to avoid high CPU usage under high concurrency
access-log-path: /var/log/nginx/nginx_access.log
error-log-path: /var/log/nginx/nginx_error.log
extraEnvs:
- name: TZ
value: Asia/Shanghai
extraVolumes:
- name: log
emptyDir: {}
extraVolumeMounts:
- name: log
mountPath: /var/log/nginx
extraContainers:
- name: logrotate
image: imroc/logrotate:latest
imagePullPolicy: Always
env:
- name: LOGROTATE_FILE_PATTERN # Pattern of rotated log files, matching the log file path configured in nginx
value: "/var/log/nginx/nginx_*.log"
- name: LOGROTATE_FILESIZE # Log rotation threshold size
value: "100M"
- name: LOGROTATE_FILENUM # Number of rotations per log file
value: "3"
- name: CRON_EXPR # Crontab expression for periodic logrotate, here it runs every minute
value: "*/1 * * * *"
- name: CROND_LOGLEVEL # Crond log level, 0~8, the smaller the value, the more detailed
value: "8"
volumeMounts:
- name: log
mountPath: /var/log/nginx
podAnnotations:
tke.cloud.tencent.com/networks: tke-route-eni # Declare the use of VPC-CNI network
resources: # Declare the use of ENI in resources
requests:
tke.cloud.tencent.com/eni-ip: "1"
limits:
tke.cloud.tencent.com/eni-ip: "1"
service:
annotations:
service.cloud.tencent.com/direct-access: "true" # Enable CLB Direct Access
autoscaling:
enabled: true
minReplicas: 1
maxReplicas: 10
targetCPUUtilizationPercentage: 50
targetMemoryUtilizationPercentage: 50
behavior: # Quick scaling to handle traffic peaks, slow scaling to leave a buffer and avoid abnormal traffic
scaleUp:
stabilizationWindowSeconds: 300
policies:
- type: Percent
value: 900
periodSeconds: 15 # Allow scaling up to 9 times the current number of replicas every 15 seconds
scaleDown:
stabilizationWindowSeconds: 300
policies:
- type: Pods
value: 1
periodSeconds: 600 # Allow shrinking by only 1 pod every 10 minutes
topologySpreadConstraints: # Strategy to maximize spreading
- labelSelector:
matchLabels:
app.kubernetes.io/name: '{{ include "ingress-nginx.name" . }}'
app.kubernetes.io/instance: "{{ .Release.Name }}"
app.kubernetes.io/component: controller
topologyKey: topology.kubernetes.io/zone
maxSkew: 1
whenUnsatisfiable: ScheduleAnyway
- labelSelector:
matchLabels:
app.kubernetes.io/name: '{{ include "ingress-nginx.name" . }}'
app.kubernetes.io/instance: "{{ .Release.Name }}"
app.kubernetes.io/component: controller
topologyKey: kubernetes.io/hostname
maxSkew: 1
whenUnsatisfiable: ScheduleAnyway
image:
registry: docker.io
image: k8smirror/ingress-nginx-controller
admissionWebhooks:
patch:
image: # The default image cannot be pulled domestically, it can be replaced with the mirror image on Docker Hub
registry: docker.io
image: k8smirror/ingress-nginx-kube-webhook-certgen
defaultBackend:
image: # The default image cannot be pulled domestically, it can be replaced with the mirror image on Docker Hub
registry: docker.io
image: k8smirror/defaultbackend-amd64
opentelemetry:
image: # The default image cannot be pulled domestically, it can be replaced with the mirror image on Docker Hub
registry: docker.io
image: k8smirror/ingress-nginx-opentelemetry

Contact Us

Contact our sales team or business advisors to help your business.

Technical Support

Open a ticket if you're looking for further assistance. Our Ticket is 7x24 avaliable.

7x24 Phone Support