minor bootstrap fix

This commit is contained in:
Stefan Reimer 2020-07-30 17:19:04 +01:00
parent b6775e1ef5
commit 62013253f8
6 changed files with 145 additions and 1 deletions

View File

@ -0,0 +1,23 @@
# Patterns to ignore when building packages.
# This supports shell glob matching, relative path matching, and
# negation (prefixed with !). Only one pattern per line.
.DS_Store
# Common VCS dirs
.git/
.gitignore
.bzr/
.bzrignore
.hg/
.hgignore
.svn/
# Common backup files
*.swp
*.bak
*.tmp
*.orig
*~
# Various IDEs
.project
.idea/
*.tmproj
.vscode/

View File

@ -0,0 +1,21 @@
apiVersion: v2
name: kubezero-metrics
description: KubeZero Umbrella Chart for prometheus-operator
type: application
version: 0.0.1
home: https://kubezero.com
icon: https://cdn.zero-downtime.net/assets/kubezero/logo-small-64.png
keywords:
- kubezero
- prometheus-operator
- grafana
maintainers:
- name: Quarky9
dependencies:
- name: kubezero-lib
version: ">= 0.1.1"
repository: https://zero-down-time.github.io/kubezero/
- name: prometheus-operator
version: 9.3.0
repository: https://kubernetes-charts.storage.googleapis.com/
kubeVersion: ">= 1.16.0"

View File

@ -0,0 +1,47 @@
kubezero-cert-manager
=====================
KubeZero Umbrella Chart for cert-manager
Current chart version is `0.3.5`
Source code can be found [here](https://kubezero.com)
## Chart Requirements
| Repository | Name | Version |
|------------|------|---------|
| https://charts.jetstack.io | cert-manager | 0.15.1 |
| https://zero-down-time.github.io/kubezero/ | kubezero-lib | >= 0.1.1 |
## AWS - IAM Role
If you use kiam or kube2iam and restrict access on nodes running cert-manager please adjust:
```
cert-manager.podAnnotations:
iam.amazonaws.com/role: <ROLE>
```
## Resolver Secrets
If your resolvers need additional sercrets like CloudFlare API tokens etc. make sure to provide these secrets separatly matching your defined issuers.
## Chart Values
| Key | Type | Default | Description |
|-----|------|---------|-------------|
| cert-manager.cainjector.nodeSelector."node-role.kubernetes.io/master" | string | `""` | |
| cert-manager.cainjector.tolerations[0].effect | string | `"NoSchedule"` | |
| cert-manager.cainjector.tolerations[0].key | string | `"node-role.kubernetes.io/master"` | |
| cert-manager.extraArgs[0] | string | `"--dns01-recursive-nameservers-only"` | |
| cert-manager.ingressShim.defaultIssuerKind | string | `"ClusterIssuer"` | |
| cert-manager.ingressShim.defaultIssuerName | string | `"letsencrypt-dns-prod"` | |
| cert-manager.installCRDs | bool | `true` | |
| cert-manager.nodeSelector."node-role.kubernetes.io/master" | string | `""` | |
| cert-manager.podAnnotations | object | `{}` | "iam.amazonaws.com/roleIAM:" role ARN the cert-manager might use via kiam eg."arn:aws:iam::123456789012:role/certManagerRoleArn" |
| cert-manager.prometheus.servicemonitor.enabled | bool | `false` | |
| cert-manager.tolerations[0].effect | string | `"NoSchedule"` | |
| cert-manager.tolerations[0].key | string | `"node-role.kubernetes.io/master"` | |
| cert-manager.webhook.nodeSelector."node-role.kubernetes.io/master" | string | `""` | |
| cert-manager.webhook.tolerations[0].effect | string | `"NoSchedule"` | |
| cert-manager.webhook.tolerations[0].key | string | `"node-role.kubernetes.io/master"` | |
| clusterIssuer | object | `{}` | |
| localCA.enabled | bool | `true` | |
| localCA.selfsigning | bool | `true` | |

View File

@ -0,0 +1,10 @@
{{ template "chart.header" . }}
{{ template "chart.description" . }}
{{ template "chart.versionLine" . }}
{{ template "chart.sourceLinkLine" . }}
{{ template "chart.requirementsSection" . }}
{{ template "chart.valuesSection" . }}

View File

@ -0,0 +1,43 @@
prometheus-operator:
alertmanager:
enabled: false
coreDns:
enabled: false
kubeApiServer:
enabled: false
kubeControllerManager:
enabled: false
kubeDns:
enabled: false
kubeEtcd:
enabled: false
kubeProxy:
enabled: false
kubeScheduler:
enabled: false
kubeStateMetrics:
enabled: false
kubelet:
enabled: false
nodeExporter:
enabled: false
grafana:
enabled: false
prometheus:
enabled: false
defaultRules:
create: false
# Default configuration of prometheus operator will create CRDs in the cluster idempotently
prometheusOperator:
enabled: true
serviceMonitor:
selfMonitor: false
createCustomResource: false
tlsProxy:
enabled: false
admissionWebhooks:
enabled: false
namespaces:
releaseNamespace: true
additional:
- kube-system

View File

@ -96,7 +96,7 @@ argo-cd:
configs: configs:
{{- toYaml . | nindent 4 }} {{- toYaml . | nindent 4 }}
{{- end }} {{- end }}
{{- if and ( not .Values.bootstrap ) ( index .Values "argo-cd" "istio" ) }} {{- if and ( not .Values.bootstrap ) ( index .Values "argo-cd" "istio" "enabled" ) .Values.istio.enabled }}
istio: istio:
{{- with index .Values "argo-cd" "istio" }} {{- with index .Values "argo-cd" "istio" }}
{{- toYaml . | nindent 4 }} {{- toYaml . | nindent 4 }}