From 8c7b90ebbf13fb43ee93cc41afe853af9fde8e33 Mon Sep 17 00:00:00 2001
From: Samuel Liu <liupeng0518@gmail.com>
Date: Thu, 22 Apr 2021 15:22:38 +0800
Subject: [PATCH] add ingress controller class (#7522)

---
 inventory/sample/group_vars/k8s-cluster/addons.yml             | 1 +
 .../ingress_controller/ingress_nginx/defaults/main.yml         | 1 +
 .../ingress_nginx/templates/ds-ingress-nginx-controller.yml.j2 | 3 +++
 .../ingress_nginx/templates/role-ingress-nginx.yml.j2          | 2 +-
 4 files changed, 6 insertions(+), 1 deletion(-)

diff --git a/inventory/sample/group_vars/k8s-cluster/addons.yml b/inventory/sample/group_vars/k8s-cluster/addons.yml
index 642ebea43..05d9a4b08 100644
--- a/inventory/sample/group_vars/k8s-cluster/addons.yml
+++ b/inventory/sample/group_vars/k8s-cluster/addons.yml
@@ -110,6 +110,7 @@ ingress_publish_status_address: ""
 #   53: "kube-system/coredns:53"
 # ingress_nginx_extra_args:
 #   - --default-ssl-certificate=default/foo-tls
+# ingress_nginx_class: nginx
 
 # ambassador ingress controller deployment
 ingress_ambassador_enabled: false
diff --git a/roles/kubernetes-apps/ingress_controller/ingress_nginx/defaults/main.yml b/roles/kubernetes-apps/ingress_controller/ingress_nginx/defaults/main.yml
index 79cf08dfd..ad9e83b5e 100644
--- a/roles/kubernetes-apps/ingress_controller/ingress_nginx/defaults/main.yml
+++ b/roles/kubernetes-apps/ingress_controller/ingress_nginx/defaults/main.yml
@@ -12,3 +12,4 @@ ingress_nginx_configmap: {}
 ingress_nginx_configmap_tcp_services: {}
 ingress_nginx_configmap_udp_services: {}
 ingress_nginx_extra_args: []
+# ingress_nginx_class: nginx
diff --git a/roles/kubernetes-apps/ingress_controller/ingress_nginx/templates/ds-ingress-nginx-controller.yml.j2 b/roles/kubernetes-apps/ingress_controller/ingress_nginx/templates/ds-ingress-nginx-controller.yml.j2
index 8a87f6fec..d397176cc 100644
--- a/roles/kubernetes-apps/ingress_controller/ingress_nginx/templates/ds-ingress-nginx-controller.yml.j2
+++ b/roles/kubernetes-apps/ingress_controller/ingress_nginx/templates/ds-ingress-nginx-controller.yml.j2
@@ -50,6 +50,9 @@ spec:
             - --tcp-services-configmap=$(POD_NAMESPACE)/tcp-services
             - --udp-services-configmap=$(POD_NAMESPACE)/udp-services
             - --annotations-prefix=nginx.ingress.kubernetes.io
+{% if ingress_nginx_class is defined %}
+            - --ingress-class={{ ingress_nginx_class }}
+{% endif %}
 {% if ingress_nginx_host_network %}
             - --report-node-internal-ip-address
 {% endif %}
diff --git a/roles/kubernetes-apps/ingress_controller/ingress_nginx/templates/role-ingress-nginx.yml.j2 b/roles/kubernetes-apps/ingress_controller/ingress_nginx/templates/role-ingress-nginx.yml.j2
index 448cf370a..46c5caeea 100644
--- a/roles/kubernetes-apps/ingress_controller/ingress_nginx/templates/role-ingress-nginx.yml.j2
+++ b/roles/kubernetes-apps/ingress_controller/ingress_nginx/templates/role-ingress-nginx.yml.j2
@@ -32,7 +32,7 @@ rules:
     # Here: "<ingress-controller-leader>-<nginx>"
     # This has to be adapted if you change either parameter
     # when launching the nginx-ingress-controller.
-    resourceNames: ["ingress-controller-leader-nginx"]
+    resourceNames: ["ingress-controller-leader-{{ ingress_nginx_class | default('nginx') }}"]
     verbs: ["get", "update"]
   - apiGroups: [""]
     resources: ["configmaps"]