diff --git a/charts/kubezero-metrics/.helmignore b/charts/kubezero-metrics/.helmignore new file mode 100644 index 00000000..0e8a0eb3 --- /dev/null +++ b/charts/kubezero-metrics/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/charts/kubezero-metrics/Chart.yaml b/charts/kubezero-metrics/Chart.yaml new file mode 100644 index 00000000..2dff6e14 --- /dev/null +++ b/charts/kubezero-metrics/Chart.yaml @@ -0,0 +1,21 @@ +apiVersion: v2 +name: kubezero-metrics +description: KubeZero Umbrella Chart for prometheus-operator +type: application +version: 0.0.1 +home: https://kubezero.com +icon: https://cdn.zero-downtime.net/assets/kubezero/logo-small-64.png +keywords: + - kubezero + - prometheus-operator + - grafana +maintainers: + - name: Quarky9 +dependencies: + - name: kubezero-lib + version: ">= 0.1.1" + repository: https://zero-down-time.github.io/kubezero/ + - name: prometheus-operator + version: 9.3.0 + repository: https://kubernetes-charts.storage.googleapis.com/ +kubeVersion: ">= 1.16.0" diff --git a/charts/kubezero-metrics/README.md b/charts/kubezero-metrics/README.md new file mode 100644 index 00000000..e341dfd6 --- /dev/null +++ b/charts/kubezero-metrics/README.md @@ -0,0 +1,47 @@ +kubezero-cert-manager +===================== +KubeZero Umbrella Chart for cert-manager + +Current chart version is `0.3.5` + +Source code can be found [here](https://kubezero.com) + +## Chart Requirements + +| Repository | Name | Version | +|------------|------|---------| +| https://charts.jetstack.io | cert-manager | 0.15.1 | +| https://zero-down-time.github.io/kubezero/ | kubezero-lib | >= 0.1.1 | + +## AWS - IAM Role +If you use kiam or kube2iam and restrict access on nodes running cert-manager please adjust: +``` +cert-manager.podAnnotations: + iam.amazonaws.com/role: +``` + +## Resolver Secrets +If your resolvers need additional sercrets like CloudFlare API tokens etc. make sure to provide these secrets separatly matching your defined issuers. + +## Chart Values + +| Key | Type | Default | Description | +|-----|------|---------|-------------| +| cert-manager.cainjector.nodeSelector."node-role.kubernetes.io/master" | string | `""` | | +| cert-manager.cainjector.tolerations[0].effect | string | `"NoSchedule"` | | +| cert-manager.cainjector.tolerations[0].key | string | `"node-role.kubernetes.io/master"` | | +| cert-manager.extraArgs[0] | string | `"--dns01-recursive-nameservers-only"` | | +| cert-manager.ingressShim.defaultIssuerKind | string | `"ClusterIssuer"` | | +| cert-manager.ingressShim.defaultIssuerName | string | `"letsencrypt-dns-prod"` | | +| cert-manager.installCRDs | bool | `true` | | +| cert-manager.nodeSelector."node-role.kubernetes.io/master" | string | `""` | | +| cert-manager.podAnnotations | object | `{}` | "iam.amazonaws.com/roleIAM:" role ARN the cert-manager might use via kiam eg."arn:aws:iam::123456789012:role/certManagerRoleArn" | +| cert-manager.prometheus.servicemonitor.enabled | bool | `false` | | +| cert-manager.tolerations[0].effect | string | `"NoSchedule"` | | +| cert-manager.tolerations[0].key | string | `"node-role.kubernetes.io/master"` | | +| cert-manager.webhook.nodeSelector."node-role.kubernetes.io/master" | string | `""` | | +| cert-manager.webhook.tolerations[0].effect | string | `"NoSchedule"` | | +| cert-manager.webhook.tolerations[0].key | string | `"node-role.kubernetes.io/master"` | | +| clusterIssuer | object | `{}` | | +| localCA.enabled | bool | `true` | | +| localCA.selfsigning | bool | `true` | | diff --git a/charts/kubezero-metrics/README.md.gotmpl b/charts/kubezero-metrics/README.md.gotmpl new file mode 100644 index 00000000..1e4d03ba --- /dev/null +++ b/charts/kubezero-metrics/README.md.gotmpl @@ -0,0 +1,10 @@ +{{ template "chart.header" . }} +{{ template "chart.description" . }} + +{{ template "chart.versionLine" . }} + +{{ template "chart.sourceLinkLine" . }} + +{{ template "chart.requirementsSection" . }} + +{{ template "chart.valuesSection" . }} diff --git a/charts/kubezero-metrics/values.yaml b/charts/kubezero-metrics/values.yaml new file mode 100644 index 00000000..bc87c3ff --- /dev/null +++ b/charts/kubezero-metrics/values.yaml @@ -0,0 +1,43 @@ +prometheus-operator: + alertmanager: + enabled: false + coreDns: + enabled: false + kubeApiServer: + enabled: false + kubeControllerManager: + enabled: false + kubeDns: + enabled: false + kubeEtcd: + enabled: false + kubeProxy: + enabled: false + kubeScheduler: + enabled: false + kubeStateMetrics: + enabled: false + kubelet: + enabled: false + nodeExporter: + enabled: false + grafana: + enabled: false + prometheus: + enabled: false + defaultRules: + create: false + # Default configuration of prometheus operator will create CRDs in the cluster idempotently + prometheusOperator: + enabled: true + serviceMonitor: + selfMonitor: false + createCustomResource: false + tlsProxy: + enabled: false + admissionWebhooks: + enabled: false + namespaces: + releaseNamespace: true + additional: + - kube-system diff --git a/deploy/templates/values.yaml b/deploy/templates/values.yaml index 8d00320a..2a71673a 100644 --- a/deploy/templates/values.yaml +++ b/deploy/templates/values.yaml @@ -96,7 +96,7 @@ argo-cd: configs: {{- toYaml . | nindent 4 }} {{- end }} - {{- if and ( not .Values.bootstrap ) ( index .Values "argo-cd" "istio" ) }} + {{- if and ( not .Values.bootstrap ) ( index .Values "argo-cd" "istio" "enabled" ) .Values.istio.enabled }} istio: {{- with index .Values "argo-cd" "istio" }} {{- toYaml . | nindent 4 }}