Merge pull request #537 from PasanT9/4.1.x-ga-update

Update Helm artifacts for 4.1.0 release

CHANGELOG.md

@@ -1,23 +1,20 @@
 # Changelog
 
-All notable changes to Kubernetes and Helm resources for WSO2 API Management version `4.0.x` in each resource release,
+All notable changes to Kubernetes and Helm resources for WSO2 API Management version `4.1.x` in each resource release,
 will be documented in this file.
 
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/)
 
-## [v4.0.0.1] - 2021-05-07
+## [v4.1.0.1] - 2022-03-31
 
 ### Added
 
-- Helm resources for API Manager Single Node Deployment (refer to [issue](https://github.com/wso2/kubernetes-apim/issues/498)).
-- Helm resources for API Manager Advanced deployment patterns (refer to [issue](https://github.com/wso2/kubernetes-apim/issues/499)).
-- Helm resources for MySQL (refer to [issue](https://github.com/wso2/kubernetes-apim/issues/504)).
-- Configurations for Choreo Analytics (refer to [issue](https://github.com/wso2/kubernetes-apim/issues/500)).
+- Helm resources for API Manager Single Node Deployment.
+- Helm resources for API Manager Advanced deployment patterns.
+- Helm resources for MySQL.
+- Parameter configurations for ingress resources.
 
-### Removed
+### Modified
 
-- Helm resources for API Manager Analytics.
-- Script based K8s deployment to API Manager Simple deployment.
-
-For detailed information on the tasks carried out during this release, please see the GitHub milestone
-[v4.0.0.1](https://github.com/wso2/kubernetes-apim/milestone/22)
+- Ingress API version to networking.k8s.io/v1.
+- Readiness and liveness probe endpoints.

advanced/am-pattern-1/Chart.yaml

@@ -13,8 +13,8 @@
 # limitations under the License.
 
 apiVersion: v1
-appVersion: "4.0.0"
+appVersion: "4.1.0"
 description: A Helm chart for the deployment of WSO2 API Manager Pattern 1 (HA All-In-One Deployment)
 name: am-pattern-1
-version: 4.0.0-2
+version: 4.1.0-1
 icon: https://wso2.cachefly.net/wso2/sites/all/images/wso2logo.svg

advanced/am-pattern-1/README.md

@@ -2,10 +2,10 @@
 
 This deployment consists of an API-M cluster with two nodes of the API-M runtime and two nodes each of the integration runtimes (Micro Integrator/Streaming Integrator). You can use this pattern if you expect to receive low traffic to your deployment.
 
-![WSO2 API Manager pattern 1 deployment](https://apim.docs.wso2.com/en/4.0.0/assets/img/setup-and-install/basic-ha-deployment.png)
+![WSO2 API Manager pattern 1 deployment](https://apim.docs.wso2.com/en/4.1.0/assets/img/setup-and-install/basic-ha-deployment.png)
 
 For advanced details on the deployment pattern, please refer to the official
-[documentation](https://apim.docs.wso2.com/en/4.0.0/install-and-setup/setup/deployment-overview/#standard-ha-deployment).
+[documentation](https://apim.docs.wso2.com/en/4.1.0/install-and-setup/setup/deployment-overview/#standard-ha-deployment).
 
 ## Contents
 
@@ -59,13 +59,13 @@ Deploy the Kubernetes resources using the Helm Chart
 - Helm version 2
 
      ```
-     helm install --name <RELEASE_NAME> wso2/am-pattern-1 --version 4.0.0-1 --namespace <NAMESPACE> 
+     helm install --name <RELEASE_NAME> wso2/am-pattern-1 --version 4.1.0-1 --namespace <NAMESPACE> 
      ```
 
 - Helm version 3
  
     ```
-    helm install <RELEASE_NAME> wso2/am-pattern-1 --version 4.0.0-1 --namespace <NAMESPACE> --create-namespace
+    helm install <RELEASE_NAME> wso2/am-pattern-1 --version 4.1.0-1 --namespace <NAMESPACE> --create-namespace
     ```
 
 The above steps will deploy the deployment pattern using WSO2 product Docker images available at DockerHub.
@@ -76,7 +76,7 @@ please provide your WSO2 Subscription credentials via input values (using `--set
 Please see the following example.
 
 ```
- helm install --name <RELEASE_NAME> wso2/am-pattern-1 --version 4.0.0-1 --namespace <NAMESPACE> --set wso2.subscription.username=<SUBSCRIPTION_USERNAME> --set wso2.subscription.password=<SUBSCRIPTION_PASSWORD>
+ helm install --name <RELEASE_NAME> wso2/am-pattern-1 --version 4.1.0-1 --namespace <NAMESPACE> --set wso2.subscription.username=<SUBSCRIPTION_USERNAME> --set wso2.subscription.password=<SUBSCRIPTION_PASSWORD>
 ```
 
 #### Install Chart From Source
@@ -99,13 +99,13 @@ Deploy the Kubernetes resources using the Helm Chart
 - Helm version 2
 
      ```
-     helm install --dep-up --name <RELEASE_NAME> <HELM_HOME>/am-pattern-1 --version 4.0.0-1 --namespace <NAMESPACE>
+     helm install --dep-up --name <RELEASE_NAME> <HELM_HOME>/am-pattern-1 --version 4.1.0-1 --namespace <NAMESPACE>
      ```
 
 - Helm version 3
  
     ```
-    helm install <RELEASE_NAME> <HELM_HOME>/am-pattern-1 --version 4.0.0-1 --namespace <NAMESPACE> --dependency-update --create-namespace
+    helm install <RELEASE_NAME> <HELM_HOME>/am-pattern-1 --version 4.1.0-1 --namespace <NAMESPACE> --dependency-update --create-namespace
     ```
 
 The above steps will deploy the deployment pattern using WSO2 product Docker images available at DockerHub.
@@ -116,7 +116,7 @@ please provide your WSO2 Subscription credentials via input values (using `--set
 Please see the following example.
 
 ```
- helm install --name <RELEASE_NAME> <HELM_HOME>/am-pattern-1 --version 4.0.0-1 --namespace <NAMESPACE> --set wso2.subscription.username=<SUBSCRIPTION_USERNAME> --set wso2.subscription.password=<SUBSCRIPTION_PASSWORD>
+ helm install --name <RELEASE_NAME> <HELM_HOME>/am-pattern-1 --version 4.1.0-1 --namespace <NAMESPACE> --set wso2.subscription.username=<SUBSCRIPTION_USERNAME> --set wso2.subscription.password=<SUBSCRIPTION_PASSWORD>
 ```
 
 Or else, you can configure the default configurations inside the am-pattern-1 helm chart [values.yaml](https://github.com/wso2/kubernetes-apim/blob/master/advanced/am-pattern-1/values.yaml) file. Refer [this](https://helm.sh/docs/chart_template_guide/values_files/) for to learn more details about the `values.yaml` file.
@@ -132,7 +132,7 @@ From the above Helm commands, base image of a Micro Integrator is deployed (with
     - `IMAGE_PULL_SECRET` will refer to the created image pull secret <br><br>
 >3. Deploy the helm resource using following command.<br><br>
 >   ```
->   helm install <RELEASE_NAME> wso2/am-pattern-1 --version 4.0.0-1 --namespace <NAMESPACE> --set wso2.deployment.mi.dockerRegistry=<INTEGRATION_IMAGE_REGISTRY> --set wso2.deployment.mi.imageName=<INTEGRATION_IMAGE_NAME> --set wso2.deployment.mi.imageTag=<INTEGRATION_IMAGE_TAG> --set wso2.deployment.mi.imagePullSecrets=<IMAGE_PULL_SECRET>
+>   helm install <RELEASE_NAME> wso2/am-pattern-1 --version 4.1.0-1 --namespace <NAMESPACE> --set wso2.deployment.mi.dockerRegistry=<INTEGRATION_IMAGE_REGISTRY> --set wso2.deployment.mi.imageName=<INTEGRATION_IMAGE_NAME> --set wso2.deployment.mi.imageTag=<INTEGRATION_IMAGE_TAG> --set wso2.deployment.mi.imagePullSecrets=<IMAGE_PULL_SECRET>
 >   ```     
 
 ### Choreo Analytics
@@ -144,13 +144,13 @@ The following example shows how to enable Analytics with the helm charts.
 Helm v2
 
 ```
-helm install --name <RELEASE_NAME> wso2/am-pattern-1 --version 4.0.0-1 --namespace <NAMESPACE> --set wso2.choreoAnalytics.enabled=true --set wso2.choreoAnalytics.endpoint=<CHOREO_ANALYTICS_ENDPOINT> --set wso2.choreoAnalytics.onpremKey=<ONPREM_KEY>
+helm install --name <RELEASE_NAME> wso2/am-pattern-1 --version 4.1.0-1 --namespace <NAMESPACE> --set wso2.choreoAnalytics.enabled=true --set wso2.choreoAnalytics.endpoint=<CHOREO_ANALYTICS_ENDPOINT> --set wso2.choreoAnalytics.onpremKey=<ONPREM_KEY>
 ```
 
 Helm v3
 
 ```
-helm install <RELEASE_NAME> wso2/am-pattern-1 --version 4.0.0-1 --namespace <NAMESPACE> --set wso2.choreoAnalytics.enabled=true --set wso2.choreoAnalytics.endpoint=<CHOREO_ANALYTICS_ENDPOINT> --set wso2.choreoAnalytics.onpremKey=<ONPREM_KEY> --create-namespace
+helm install <RELEASE_NAME> wso2/am-pattern-1 --version 4.1.0-1 --namespace <NAMESPACE> --set wso2.choreoAnalytics.enabled=true --set wso2.choreoAnalytics.endpoint=<CHOREO_ANALYTICS_ENDPOINT> --set wso2.choreoAnalytics.onpremKey=<ONPREM_KEY> --create-namespace
 ```
 
 You will be able to see the Analytics data when you log into Choreo Analytics Portal.
@@ -250,7 +250,7 @@ If you do not have an active WSO2 subscription, **do not change** the parameters
 |-----------------------------------------------------------------------------|-------------------------------------------------------------------------------------------|-----------------------------|
 | `wso2.deployment.am.dockerRegistry`                                         | Registry location of the Docker image to be used to create API Manager instances          | -                           |
 | `wso2.deployment.am.imageName`                                              | Name of the Docker image to be used to create API Manager instances                       | `wso2am`                    |
-| `wso2.deployment.am.imageTag`                                               | Tag of the image used to create API Manager instances                                     | 4.0.0                       |
+| `wso2.deployment.am.imageTag`                                               | Tag of the image used to create API Manager instances                                     | 4.1.0                       |
 | `wso2.deployment.am.imagePullPolicy`                                        | Refer to [doc](https://kubernetes.io/docs/concepts/containers/images#updating-images)     | `Always`                    |
 | `wso2.deployment.am.livenessProbe.initialDelaySeconds`                      | Initial delay for the live-ness probe for API Manager node                                | 180                         |
 | `wso2.deployment.am.livenessProbe.periodSeconds`                            | Period of the live-ness probe for API Manager node                                        | 10                          |
@@ -261,10 +261,13 @@ If you do not have an active WSO2 subscription, **do not change** the parameters
 | `wso2.deployment.am.resources.limits.memory`                                | The maximum amount of memory that should be allocated for a Pod                           | 3Gi                         |
 | `wso2.deployment.am.resources.limits.cpu`                                   | The maximum amount of CPU that should be allocated for a Pod                              | 3000m                       |
 | `wso2.deployment.am.config`                                                 | Custom deployment configuration file (`<WSO2AM>/repository/conf/deployment.toml`)         | -                           |
+| `wso2.deployment.am.ingress.management.enabled`                            | If enabled, create ingress resource for API Manager management consoles  | true          |
 | `wso2.deployment.am.ingress.management.hostname`                            | Hostname for API Manager Admin Portal, Publisher, DevPortal and Carbon Management Console | `am.wso2.com`               |
 | `wso2.deployment.am.ingress.management.annotations`                         | Ingress resource annotations for API Manager management consoles                          | Community NGINX Ingress controller annotations         |
+| `wso2.deployment.am.ingress.gateway.enabled`                            | If enabled, create ingress resource for API Manager Gateway  | true          |
 | `wso2.deployment.am.ingress.gateway.hostname`                               | Hostname for API Manager Gateway                                                          | `gateway.am.wso2.com`       |
 | `wso2.deployment.am.ingress.gateway.annotations`                            | Ingress resource annotations for API Manager Gateway                                      | Community NGINX Ingress controller annotations         |
+| `wso2.deployment.am.ingress.websub.enabled`                            | If enabled, create ingress resource for WebSub service  | true          |
 | `wso2.deployment.am.ingress.websub.hostname`                                | Hostname for API Manager Websub services                                                  | `websub.am.wso2.com`        |
 | `wso2.deployment.am.ingress.websub.annotations`                             | Ingress resource annotations for API Manager Websub                                       | Community NGINX Ingress controller annotations         |
 
@@ -274,7 +277,7 @@ If you do not have an active WSO2 subscription, **do not change** the parameters
 |-----------------------------------------------------------------------------|-------------------------------------------------------------------------------------------|-----------------------------|
 | `wso2.deployment.mi.dockerRegistry`                                         | Registry location of the Docker image to be used to create Micro Integrator instances     | -                           |
 | `wso2.deployment.mi.imageName`                                              | Name of the Docker image to be used to create API Manager instances                       | `wso2mi`                    |
-| `wso2.deployment.mi.imageTag`                                               | Tag of the image used to create API Manager instances                                     | 4.0.0                       |
+| `wso2.deployment.mi.imageTag`                                               | Tag of the image used to create API Manager instances                                     | 4.1.0                       |
 | `wso2.deployment.mi.imagePullPolicy`                                        | Refer to [doc](https://kubernetes.io/docs/concepts/containers/images#updating-images)     | `Always`                    |
 | `wso2.deployment.mi.livenessProbe.initialDelaySeconds`                      | Initial delay for the live-ness probe for Micro Integrator node                           | 35                          |
 | `wso2.deployment.mi.livenessProbe.periodSeconds`                            | Period of the live-ness probe for Micro Integrator node                                   | 10                          |
@@ -335,5 +338,5 @@ If you want to setup API Manager only without Micro Integrator, you have to inst
 * Deploy Helm charts
 
     ```helm
-    helm install <RELEASE_NAME> <HELM_HOME>/am-pattern-1 --version 4.0.0-1 --namespace <NAMESPACE> --dependency-update --create-namespace
+    helm install <RELEASE_NAME> <HELM_HOME>/am-pattern-1 --version 4.1.0-1 --namespace <NAMESPACE> --dependency-update --create-namespace
     ```

advanced/am-pattern-1/requirements.yaml

@@ -14,7 +14,7 @@
 
 dependencies:
   - name: mysql-am
-    version: "4.0.0-1"
+    version: "4.1.0-1"
     repository: "https://helm.wso2.com"
     condition: wso2.deployment.dependencies.mysql
   - name: nfs-server-provisioner

advanced/am-pattern-1/templates/am/instance-1/wso2am-pattern-1-am-conf.yaml

@@ -20,11 +20,11 @@ metadata:
   {{ if .Values.wso2.deployment.am.config }}
 data:
   {{- range $index, $content := .Values.wso2.deployment.am.config }}
-    {{ $index }}: |-
-    {{ tpl $content $ | indent 4 }}
-    {{- end }}
+  {{ $index }}: |-
+{{ tpl $content $ | indent 4 }}
+  {{- end }}
 
-    {{ else }}
+  {{ else }}
 data:
   deployment.toml: |-
     [server]
@@ -63,6 +63,9 @@ data:
     alias =  "wso2carbon"
     key_password =  "wso2carbon"
 
+    #[keystore.listener_profile]	
+    #bind_address = "0.0.0.0"
+
     #[keystore.primary]
     #file_name =  "wso2carbon.jks"
     #type =  "JKS"
@@ -80,6 +83,7 @@ data:
     [[apim.gateway.environment]]
     name = "Default"
     type = "hybrid"
+    provider = "wso2"
     display_in_api_console = true
     description = "This is a hybrid gateway that handles both production and sandbox token traffic."
     show_as_token_endpoint_url = true
@@ -215,14 +219,14 @@ data:
     #port = 10005
 
     [[apim.throttling.url_group]]
-    traffic_manager_urls = ["tcp://localhost:9611"]
-    traffic_manager_auth_urls = ["ssl://localhost:9711"]
+    traffic_manager_urls = ["tcp://{{ template "am-pattern-1.resource.prefix" . }}-am-1-service:9611"]
+    traffic_manager_auth_urls = ["ssl://{{ template "am-pattern-1.resource.prefix" . }}-am-1-service:9711"]
     type = "loadbalance"
 
     [[apim.throttling.url_group]]
     traffic_manager_urls = ["tcp://{{ template "am-pattern-1.resource.prefix" . }}-am-2-service:9611"]
     traffic_manager_auth_urls = ["ssl://{{ template "am-pattern-1.resource.prefix" . }}-am-2-service:9711"]
-    type = "failover"
+    type = "loadbalance"
 
     #[apim.workflow]
     #enable = false
@@ -289,6 +293,11 @@ data:
     [transport.https.properties]
     proxyPort = 443
 
+    [oauth.grant_type.token_exchange]	
+    enable = true	
+    allow_refresh_tokens = true	
+    iat_validity_period = "1h"
+
     [transport.passthru_https.sender.parameters]
     HostnameVerifier = "AllowAll"
 

advanced/am-pattern-1/templates/am/instance-1/wso2am-pattern-1-am-deployment.yaml

@@ -56,19 +56,15 @@ spec:
 {{- include "image" (dict "Values" .Values "deployment" .Values.wso2.deployment.am) | indent 10 }}
           imagePullPolicy: {{ .Values.wso2.deployment.am.imagePullPolicy }}
           livenessProbe:
-            exec:
-              command:
-                - /bin/sh
-                - -c
-                - nc -z localhost 9443
+            httpGet:
+              path: /services/Version
+              port: 9763
             initialDelaySeconds: {{ .Values.wso2.deployment.am.livenessProbe.initialDelaySeconds }}
             periodSeconds: {{ .Values.wso2.deployment.am.livenessProbe.periodSeconds }}
           readinessProbe:
-            exec:
-              command:
-                - /bin/sh
-                - -c
-                - nc -z localhost 9443
+            httpGet:
+              path: /services/Version
+              port: 9763
             initialDelaySeconds: {{ .Values.wso2.deployment.am.readinessProbe.initialDelaySeconds }}
             periodSeconds: {{ .Values.wso2.deployment.am.readinessProbe.periodSeconds }}
           lifecycle:

advanced/am-pattern-1/templates/am/instance-2/wso2am-pattern-1-am-conf.yaml

@@ -20,11 +20,11 @@ metadata:
   {{ if .Values.wso2.deployment.am.config }}
 data:
   {{- range $index, $content := .Values.wso2.deployment.am.config }}
-    {{ $index }}: |-
-    {{ tpl $content $ | indent 4 }}
-    {{- end }}
+  {{ $index }}: |-
+{{ tpl $content $ | indent 4 }}
+  {{- end }}
 
-    {{ else }}
+  {{ else }}
 data:
   deployment.toml: |-
     [server]
@@ -63,6 +63,9 @@ data:
     alias =  "wso2carbon"
     key_password =  "wso2carbon"
 
+    #[keystore.listener_profile]		
+    #bind_address = "0.0.0.0"
+
     #[keystore.primary]
     #file_name =  "wso2carbon.jks"
     #type =  "JKS"
@@ -80,6 +83,7 @@ data:
     [[apim.gateway.environment]]
     name = "Default"
     type = "hybrid"
+    provider = "wso2"
     display_in_api_console = true
     description = "This is a hybrid gateway that handles both production and sandbox token traffic."
     show_as_token_endpoint_url = true
@@ -215,14 +219,14 @@ data:
     #port = 10005
 
     [[apim.throttling.url_group]]
-    traffic_manager_urls = ["tcp://localhost:9611"]
-    traffic_manager_auth_urls = ["ssl://localhost:9711"]
+    traffic_manager_urls = ["tcp://{{ template "am-pattern-1.resource.prefix" . }}-am-2-service:9611"]
+    traffic_manager_auth_urls = ["ssl://{{ template "am-pattern-1.resource.prefix" . }}-am-2-service:9711"]
     type = "loadbalance"
 
     [[apim.throttling.url_group]]
     traffic_manager_urls = ["tcp://{{ template "am-pattern-1.resource.prefix" . }}-am-1-service:9611"]
     traffic_manager_auth_urls = ["ssl://{{ template "am-pattern-1.resource.prefix" . }}-am-1-service:9711"]
-    type = "failover"
+    type = "loadbalance"
 
     #[apim.workflow]
     #enable = false
@@ -289,6 +293,11 @@ data:
     [transport.https.properties]
     proxyPort = 443
 
+    [oauth.grant_type.token_exchange]		
+    enable = true		
+    allow_refresh_tokens = true		
+    iat_validity_period = "1h"	
+
     [transport.passthru_https.sender.parameters]
     HostnameVerifier = "AllowAll"