Skip to content
Was this article helpful?

ConfigMap support for the Citrix ingress controller

The ConfigMap API resource holds key-value pairs of configuration data that can be consumed in pods or to store configuration data for system components such as controllers.

ConfigMaps allow you to separate your configurations from your pods and make your workloads portable. Using ConfigMaps, you can easily change and manage your workload configurations and reduce the need to hardcode configuration data to pod specifications.

The Citrix ingress controller supports the configuration command line arguments, and environment variables mentioned in deploying the Citrix ingress controller. But, you cannot update these configurations at runtime without rebooting the Citrix ingress controller pod. With ConfigMap support, you can update the configuration automatically while keeping the Citrix ingress controller pod running. You do not need to restart the pod after the update.

Supported environment variables in the Citrix ingress controller

The values for the following environment variables in the Citrix ingress controller can be specified in a ConfigMap.

  • LOGLEVEL: Specifies the log levels to control the logs generated by the Citrix ingress controller (debug, info, critical, and so on). The default value is debug.

  • NS_HTTP2_SERVER_SIDE: Enables HTTP2 for Citrix ADC service group configurations with possible values as ON or OFF.

  • NS_PROTOCOL: Specifies the protocol to establish the ADC session (HTTP/HTTPS). The default value is http.

  • NS_PORT: Specifies the port to establish a session. The default value is 80.

  • NS_COOKIE_VERSION: Specifies the persistence cookie version (0 or 1). The default value is 0.

  • NS_DNS_NAMESERVER: Enables adding DNS nameservers on Citrix ADC VPX.

  • POD_IPS_FOR_SERVICEGROUP_MEMBERS: Specifies to add the IP address of the pod and port as service group members instead of NodeIP and NodePort while configuring services of type LoadBalancer or NodePort on an external tier-1 Citrix ADC.

  • IGNORE_NODE_EXTERNAL_IP: Specifies to ignore an external IP address and add an internal IP address for NodeIP while configuring NodeIP for services of type LoadBalancer or NodePort on an external tier-1 Citrix ADC.

  • FRONTEND_HTTP_PROFILE: Sets the HTTP options for the front-end virtual server (client plane), unless overridden by the ingress.citrix.com/frontend-httpprofile smart annotation in the ingress definition.

  • FRONTEND_TCP_PROFILE: Sets the TCP options for the front-end virtual server (client side), unless overridden by the ingress.citrix.com/frontend-tcpprofile smart annotation in the ingress definition.

  • FRONTEND_SSL_PROFILE: Sets the SSL options for the front-end virtual server (client side) unless overridden by the ingress.citrix.com/frontend-sslprofile smart annotation in the ingress definition.

  • JSONLOG: Set this argument to true if log messages are required in JSON format.

  • NS_ADNS_IPS: Enables configuring Citrix ADC as an ADNS server.

For more information about profile environment variables (FRONTEND_HTTP_PROFILE, FRONTEND_TCP_PROFILE, and FRONTEND_SSL_PROFILE), see Configure HTTP, TCP, or SSL profiles on Citrix ADC.

Note: This is an initial version of the ConfigMap support and currently supports only a few parameters. Earlier, these parameters were configurable through environment variables except the NS_HTTP2_SERVER_SIDE parameter.

Configuring ConfigMap support for the Citrix ingress controller

This example shows how to create a ConfigMap and apply the ConfigMap to the Citrix ingress controller. It also shows how to reapply the ConfigMap after you make changes. You can also optionally delete the changes.

Perform the following to configure ConfigMap support for the Citrix ingress controller.

  1. Create a YAML file cic-configmap.yaml with the required key-value pairs in the ConfigMap.

    apiVersion: v1
kind: ConfigMap
metadata:
  name: cic-configmap
  labels:
    app: citrix-ingress-controller
data:
  LOGLEVEL: 'info'
  NS_PROTOCOL: 'http'
  NS_PORT: '80'
  NS_COOKIE_VERSION: '0'
  NS_HTTP2_SERVER_SIDE: 'ON'

  2. Deploy the cic-configmap.yaml using the following command.

    kubectl create -f cic-configmap.yaml

  3. Edit the cic.yaml file for deploying the Citrix ingress controller as a stand-alone pod and specify the following:

    Args:
    - --configmap
        default/cic-configmap

    Note: It is mandatory to specify the namespace. If the namespace is not specified, ConfigMap is not considered.

    Following is a sample YAML file for deploying the Citrix ingress controller with the ConfigMap configuration. For the complete YAML file, see citrix-k8s-ingress-controller.yaml.

    apiVersion: apps/v1
kind: Deployment
metadata:
  name: cic-k8s-ingress-controller
spec:
    selector:
      matchLabels:
        app: cic-k8s-ingress-controller
    replicas: 1
    template:
      metadata:
        name: cic-k8s-ingress-controller
        labels:
          app: cic-k8s-ingress-controller
      annotations:
      spec: 
        serviceAccountName: cic-k8s-role
        containers:
        - name: cic-k8s-ingress-controller
          image: "quay.io/citrix/citrix-k8s-ingress-controller:1.28.2"
          env:
          # Set NetScaler NSIP/SNIP, SNIP in case of HA (mgmt has to be enabled) 
          - name: "NS_IP"
            value: "x.x.x.x"
          - name: "EULA"
            value: "yes"
          args:
            - --ingress-classes
              citrix
            - --feature-node-watch
              false
            - --configmap
              default/cic-configmap
          imagePullPolicy: Always

  4. Deploy the Citrix ingress controller as a stand-alone pod by applying the YAML.

    kubectl apply -f cic.yaml

  5. If you want to change the value of an environment variable, edit the values in the ConfigMap. In this example, the value of NS_HTTP2_SERVER_SIDE is changed to 'OFF'.

    apiVersion: v1
kind: ConfigMap
metadata:
  name: cic-configmap
  labels:
    app: citrix-ingress-controller
data:
  LOGLEVEL: 'info'
  NS_PROTOCOL: 'http'
  NS_PORT: '80'
  NS_COOKIE_VERSION: '0'
  NS_HTTP2_SERVER_SIDE: 'OFF'

  6. Reapply the ConfigMap using the following command.

    kubectl apply -f cic-configmap.yaml

  7. (Optional) If you need to delete the ConfigMap, use the following command.

    kubectl delete -f cic-configmap.yaml

    When you delete the ConfigMap, the environment variable configuration falls back as per the following order of precedence: ConfigMap configuration > environment variable configuration > default

(Optional) In case, you want to define all keys in a ConfigMap as environment variables in the Citrix ingress controller, use the following in the Citrix ingress controller deployment YAML file.

    envFrom:
            - configMapRef: 
              name: cic-configmap
Was this article helpful?