diff --git a/inventory/sample/group_vars/k8s-cluster/addons.yml b/inventory/sample/group_vars/k8s-cluster/addons.yml index ef9eff9e7..97390f3b1 100644 --- a/inventory/sample/group_vars/k8s-cluster/addons.yml +++ b/inventory/sample/group_vars/k8s-cluster/addons.yml @@ -98,6 +98,8 @@ ingress_publish_status_address: "" # 9000: "default/example-go:8080" # ingress_nginx_configmap_udp_services: # 53: "kube-system/coredns:53" +# ingress_nginx_extra_args: +# - --default-ssl-certificate=default/foo-tls # Cert manager deployment cert_manager_enabled: false diff --git a/roles/kubernetes-apps/ingress_controller/ingress_nginx/defaults/main.yml b/roles/kubernetes-apps/ingress_controller/ingress_nginx/defaults/main.yml index 57bd4830c..98cfbfba4 100644 --- a/roles/kubernetes-apps/ingress_controller/ingress_nginx/defaults/main.yml +++ b/roles/kubernetes-apps/ingress_controller/ingress_nginx/defaults/main.yml @@ -10,3 +10,4 @@ ingress_nginx_secure_port: 443 ingress_nginx_configmap: {} ingress_nginx_configmap_tcp_services: {} ingress_nginx_configmap_udp_services: {} +ingress_nginx_extra_args: [] diff --git a/roles/kubernetes-apps/ingress_controller/ingress_nginx/templates/ds-ingress-nginx-controller.yml.j2 b/roles/kubernetes-apps/ingress_controller/ingress_nginx/templates/ds-ingress-nginx-controller.yml.j2 index 6f94680a6..0407523f1 100644 --- a/roles/kubernetes-apps/ingress_controller/ingress_nginx/templates/ds-ingress-nginx-controller.yml.j2 +++ b/roles/kubernetes-apps/ingress_controller/ingress_nginx/templates/ds-ingress-nginx-controller.yml.j2 @@ -51,6 +51,9 @@ spec: {% if ingress_publish_status_address != "" %} - --publish-status-address={{ ingress_publish_status_address }} {% endif %} +{% for extra_arg in ingress_nginx_extra_args %} + - {{ extra_arg }} +{% endfor %} securityContext: capabilities: drop: