ZeroDownTime/KubeZero
3
0
Fork 0
Code Issues 1 Pull Requests 23 Packages Projects Releases Wiki Activity

feat: add cloudnative-pg operator, migrate keycloak and gitea to pg

Browse Source
This commit is contained in:
Stefan Reimer 2024-11-04 13:41:40 +00:00
parent 3a73bf4b81
commit 8c9d665900
13 changed files with 276 additions and 74 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
admin/dev_apply.sh
View File

@ -84,8 +84,13 @@ get_kubezero_values $ARGOCD
# Always use embedded kubezero chart
helm template $CHARTS/kubezero -f $WORKDIR/kubezero-values.yaml --kube-version $KUBE_VERSION --version ~$KUBE_VERSION --devel --output-dir $WORKDIR
# Resolve all the all enabled artifacts
if [ ${ARTIFACTS[0]} == "all" ]; then
# Root KubeZero apply directly and exit
if [ ${ARTIFACTS[0]} == "kubezero" ]; then
kubectl apply -f $WORKDIR/kubezero/templates
exit $?
# "catch all" apply all enabled modules
elif [ ${ARTIFACTS[0]} == "all" ]; then
ARTIFACTS=($(ls $WORKDIR/kubezero/templates | sed -e 's/.yaml//g'))
fi

6
charts/kubezero-argo/values.yaml
View File

@ -54,8 +54,8 @@ argo-cd:
.sidebar { background: linear-gradient(to bottom, #6A4D79, #493558, #2D1B30, #0D0711); }
cm:
ui.bannercontent: "KubeZero v1.29 - Release notes"
ui.bannerurl: "https://kubezero.com/releases/v1.29"
ui.bannercontent: "KubeZero v1.30 - Release notes"
ui.bannerurl: "https://kubezero.com/releases/v1.30"
ui.bannerpermanent: "true"
ui.bannerposition: "bottom"
@ -97,7 +97,7 @@ argo-cd:
# argocdServerAdminPasswordMtime: "2020-04-24T15:33:09BST"
ssh:
extraHosts: "git.zero-downtime.net ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC8YdJ4YcOK7A0K7qOWsRjCS+wHTStXRcwBe7gjG43HPSNijiCKoGf/c+tfNsRhyouawg7Law6M6ahmS/jKWBpznRIM+OdOFVSuhnK/nr6h6wG3/ZfdLicyAPvx1/STGY/Fc6/zXA88i/9PV+g84gSVmhf3fGY92wokiASiu9DU4T9dT1gIkdyOX6fbMi1/mMKLSrHnAQcjyasYDvw9ISCJ95EoSwbj7O4c+7jo9fxYvdCfZZZAEZGozTRLAAO0AnjVcRah7bZV/jfHJuhOipV/TB7UVAhlVv1dfGV7hoTp9UKtKZFJF4cjIrSGxqQA/mdhSdLgkepK7yc4Jp2xGnaarhY29DfqsQqop+ugFpTbj7Xy5Rco07mXc6XssbAZhI1xtCOX20N4PufBuYippCK5AE6AiAyVtJmvfGQk4HP+TjOyhFo7PZm3wc9Hym7IBBVC0Sl30K8ddufkAgHwNGvvu1ZmD9ZWaMOXJDHBCZGMMr16QREZwVtZTwMEQalc7/yqmuqMhmcJIfs/GA2Lt91y+pq9C8XyeUL0VFPch0vkcLSRe3ghMZpRFJ/ht307xPcLzgTJqN6oQtNNDzSQglSEjwhge2K4GyWcIh+oGsWxWz5dHyk1iJmw90Y976BZIl/mYVgbTtZAJ81oGe/0k5rAe+LDL+Yq6tG28QFOg0QmiQ=="
extraHosts: "git.zero-downtime.net ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC7UgK7Z4dDcuIW1uMOsuwhrqdkJCvYG/ZjHtLM7WaKFxVRnzNnNkQJNncWIGNDUQ1xxrbsoSNRZDtk0NlOjNtx2aApSWl4iWghkpXELvsZtOZ7I9FSC/E6ImLC3KWfK7P0mhZaF6kHPfpu8Y6pjUyLBTpV1AaVwr0I8onyqGazJOVotTFaBFEi/sT0O2FUk7agwZYfj61w3JGOy3c+fmBcK3lXf/QM90tosOpJNuJ7n5Vk5FDDLkl9rO4XR/+mXHFvITiWb8F5C50YAwjYcy36yWSSryUAAHAuqpgotwh65vSG6fZvFhmEwO2BrCkOV5+k8iRfhy/yZODJzZ5V/5cbMbdZrY6lm/p5/S1wv8BEyPekBGdseqQjEO0IQiQHcMrfgTrrQ7ndbZzVZRByZI+wbGFkBCzNSJcNsoiHjs2EblxYyuW0qUvvrBxLnySvaxyPm4BOukSAZAOEaUrajpQlnHdnY1CGcgbwxw0LNv3euKQ3tDJSUlKO0Wd8d85PRv1THW4Ui9Lhsmv+BPA2vJZDOkx/n0oyPFAB0oyd5JNM38eFxLCmPC2OE63gDP+WmzVO61YCVTnvhpQjEOLawEWVFsk0y25R5z5BboDqJaOFnZF6i517O96cn17z3Ls4hxw3+0rlKczYRoyfUHs7KQENa4mY8YlJweNTBgld//RMUQ=="
params:
controller.status.processors: "10"

6
charts/kubezero-auth/Chart.yaml
View File

@ -2,8 +2,8 @@ apiVersion: v2
name: kubezero-auth
description: KubeZero umbrella chart for all things Authentication and Identity management
type: application
version: 0.5.2
appVersion: 22.0.5
version: 0.6.0
appVersion: 26.0.5
home: https://kubezero.com
icon: https://cdn.zero-downtime.net/assets/kubezero/logo-small-64.png
keywords:
@ -18,6 +18,6 @@ dependencies:
repository: https://cdn.zero-downtime.net/charts/
- name: keycloak
repository: "oci://registry-1.docker.io/bitnamicharts"
version: 24.0.1
version: 24.0.4
condition: keycloak.enabled
kubeVersion: ">= 1.26.0"

5
charts/kubezero-auth/README.md
View File

@ -1,6 +1,6 @@
# kubezero-auth
![Version: 0.5.1](https://img.shields.io/badge/Version-0.5.1-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 22.0.5](https://img.shields.io/badge/AppVersion-22.0.5-informational?style=flat-square)
![Version: 0.6.0](https://img.shields.io/badge/Version-0.6.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 26.0.5](https://img.shields.io/badge/AppVersion-26.0.5-informational?style=flat-square)
KubeZero umbrella chart for all things Authentication and Identity management
@ -19,7 +19,7 @@ Kubernetes: `>= 1.26.0`
| Repository | Name | Version |
|------------|------|---------|
| https://cdn.zero-downtime.net/charts/ | kubezero-lib | >= 0.1.6 |
| oci://registry-1.docker.io/bitnamicharts | keycloak | 22.2.1 |
| oci://registry-1.docker.io/bitnamicharts | keycloak | 24.0.4 |
# Keycloak
@ -55,6 +55,7 @@ https://github.com/keycloak/keycloak-benchmark/tree/main/provision/minikube/keyc
| keycloak.postgresql.auth.database | string | `"keycloak"` | |
| keycloak.postgresql.auth.existingSecret | string | `"kubezero-auth"` | |
| keycloak.postgresql.auth.username | string | `"keycloak"` | |
| keycloak.postgresql.enabled | bool | `false` | |
| keycloak.postgresql.primary.persistence.size | string | `"1Gi"` | |
| keycloak.postgresql.primary.resources.limits.memory | string | `"128Mi"` | |
| keycloak.postgresql.primary.resources.requests.cpu | string | `"100m"` | |

30
charts/kubezero-auth/values.yaml
View File

@ -7,7 +7,7 @@ keycloak:
auth:
adminUser: admin
existingSecret: kubezero-auth
existingSecret: keycloak-auth
passwordSecretKey: admin-password
replicaCount: 1
@ -29,26 +29,16 @@ keycloak:
serviceMonitor:
enabled: true
externalDatabase:
host: "keycloak-pg-rw"
port: 5432
user: keycloak
database: keycloak
existingSecret: keycloak-pg
existingSecretPasswordKey: "password"
postgresql:
auth:
existingSecret: kubezero-auth
username: keycloak
database: keycloak
primary:
persistence:
size: 1Gi
resources:
limits:
#cpu: 750m
memory: 128Mi
requests:
cpu: 100m
memory: 64Mi
readReplicas:
replicaCount: 0
enabled: false
istio:
admin:

6
charts/kubezero-ci/values.yaml
View File

@ -21,8 +21,8 @@ gitea:
capabilities:
drop:
- ALL
add:
- SYS_CHROOT
# add:
# - SYS_CHROOT
resources:
requests:
@ -71,6 +71,8 @@ gitea:
DEFAULT_THEME: "gitea-dark"
log:
LEVEL: warn
ssh.minimum_key_sizes:
RSA: 2047
redis-cluster:
enabled: false

7
charts/kubezero-operators/Chart.yaml
View File

@ -1,6 +1,6 @@
apiVersion: v2
name: kubezero-operators
description: Various operators supported by KubeZero
description: Various operators supported by KubeZero
type: application
version: 0.1.5
home: https://kubezero.com
@ -9,6 +9,7 @@ keywords:
- kubezero
- operators
- opensearch
- postgres
maintainers:
- name: Stefan Reimer
email: stefan@zero-downtime.net
@ -24,4 +25,8 @@ dependencies:
version: 2.14.0
repository: https://helm.elastic.co
condition: eck-operator.enabled
- name: cloudnative-pg
version: 0.22.1
repository: https://cloudnative-pg.github.io/charts
condition: cloudnative-pg.enabled
kubeVersion: ">= 1.26.0"

8
charts/kubezero-operators/README.md
View File

@ -1,6 +1,6 @@
# kubezero-operators
![Version: 0.1.4](https://img.shields.io/badge/Version-0.1.4-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square)
![Version: 0.1.5](https://img.shields.io/badge/Version-0.1.5-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square)
Various operators supported by KubeZero
@ -19,7 +19,8 @@ Kubernetes: `>= 1.26.0`
| Repository | Name | Version |
|------------|------|---------|
| https://cdn.zero-downtime.net/charts/ | kubezero-lib | >= 0.1.6 |
| https://helm.elastic.co | eck-operator | 2.13.0 |
| https://cloudnative-pg.github.io/charts | cloudnative-pg | 0.22.1 |
| https://helm.elastic.co | eck-operator | 2.14.0 |
| https://opensearch-project.github.io/opensearch-k8s-operator/ | opensearch-operator | 2.6.1 |
## Values
@ -39,3 +40,6 @@ Kubernetes: `>= 1.26.0`
| opensearch-operator.nodeSelector."node-role.kubernetes.io/control-plane" | string | `""` | |
| opensearch-operator.tolerations[0].effect | string | `"NoSchedule"` | |
| opensearch-operator.tolerations[0].key | string | `"node-role.kubernetes.io/control-plane"` | |
----------------------------------------------
Autogenerated from chart metadata using [helm-docs v1.14.2](https://github.com/norwoodj/helm-docs/releases/v1.14.2)

4
charts/kubezero-operators/charts/eck-operator/Chart.yaml
View File

@ -1,5 +1,5 @@
apiVersion: v2
appVersion: 2.13.0
appVersion: 2.14.0
description: Elastic Cloud on Kubernetes (ECK) operator
home: https://github.com/elastic/cloud-on-k8s
icon: https://helm.elastic.co/icons/eck.png
@ -18,4 +18,4 @@ maintainers:
name: Elastic
name: eck-operator
type: application
version: 2.13.0
version: 2.14.0

247
charts/kubezero-operators/charts/eck-operator/crds/all-crds.yaml
View File

@ -4,14 +4,14 @@ apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.14.0
controller-gen.kubebuilder.io/version: v0.15.0
helm.sh/resource-policy: keep
labels:
app.kubernetes.io/instance: 'logging'
app.kubernetes.io/managed-by: 'Helm'
app.kubernetes.io/name: 'eck-operator-crds'
app.kubernetes.io/version: '2.13.0'
helm.sh/chart: 'eck-operator-crds-2.13.0'
app.kubernetes.io/version: '2.14.0'
helm.sh/chart: 'eck-operator-crds-2.14.0'
name: agents.agent.k8s.elastic.co
spec:
group: agent.k8s.elastic.co
@ -394,6 +394,7 @@ spec:
items:
type: string
type: array
x-kubernetes-list-type: atomic
externalName:
description: |-
externalName is the external reference that discovery mechanisms will
@ -509,6 +510,7 @@ spec:
items:
type: string
type: array
x-kubernetes-list-type: atomic
ports:
description: |-
The list of ports that are exposed by this service.
@ -640,6 +642,16 @@ spec:
type: integer
type: object
type: object
trafficDistribution:
description: |-
TrafficDistribution offers a way to express preferences for how traffic is
distributed to Service endpoints. Implementations can use this field as a
hint, but are not required to guarantee strict adherence. If the field is
not set, the implementation will apply its default routing strategy. If set
to "PreferClose", implementations should prioritize endpoints that are
topologically close (e.g., same zone).
This is an alpha field and requires enabling ServiceTrafficDistribution feature.
type: string
type:
description: |-
type determines how the Service is exposed. Defaults to ClusterIP. Valid
@ -888,6 +900,7 @@ spec:
items:
type: string
type: array
x-kubernetes-list-type: atomic
dataSource:
description: |-
dataSource field can be used to specify either:
@ -1031,11 +1044,13 @@ spec:
items:
type: string
type: array
x-kubernetes-list-type: atomic
required:
- key
- operator
type: object
type: array
x-kubernetes-list-type: atomic
matchLabels:
additionalProperties:
type: string
@ -1063,7 +1078,7 @@ spec:
If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be
set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource
exists.
More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass
More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/
(Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled.
type: string
volumeMode:
@ -1135,14 +1150,14 @@ apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.14.0
controller-gen.kubebuilder.io/version: v0.15.0
helm.sh/resource-policy: keep
labels:
app.kubernetes.io/instance: 'logging'
app.kubernetes.io/managed-by: 'Helm'
app.kubernetes.io/name: 'eck-operator-crds'
app.kubernetes.io/version: '2.13.0'
helm.sh/chart: 'eck-operator-crds-2.13.0'
app.kubernetes.io/version: '2.14.0'
helm.sh/chart: 'eck-operator-crds-2.14.0'
name: apmservers.apm.k8s.elastic.co
spec:
group: apm.k8s.elastic.co
@ -1336,6 +1351,7 @@ spec:
items:
type: string
type: array
x-kubernetes-list-type: atomic
externalName:
description: |-
externalName is the external reference that discovery mechanisms will
@ -1451,6 +1467,7 @@ spec:
items:
type: string
type: array
x-kubernetes-list-type: atomic
ports:
description: |-
The list of ports that are exposed by this service.
@ -1582,6 +1599,16 @@ spec:
type: integer
type: object
type: object
trafficDistribution:
description: |-
TrafficDistribution offers a way to express preferences for how traffic is
distributed to Service endpoints. Implementations can use this field as a
hint, but are not required to guarantee strict adherence. If the field is
not set, the implementation will apply its default routing strategy. If set
to "PreferClose", implementations should prioritize endpoints that are
topologically close (e.g., same zone).
This is an alpha field and requires enabling ServiceTrafficDistribution feature.
type: string
type:
description: |-
type determines how the Service is exposed. Defaults to ClusterIP. Valid
@ -1958,6 +1985,7 @@ spec:
items:
type: string
type: array
x-kubernetes-list-type: atomic
externalName:
description: |-
externalName is the external reference that discovery mechanisms will
@ -2073,6 +2101,7 @@ spec:
items:
type: string
type: array
x-kubernetes-list-type: atomic
ports:
description: |-
The list of ports that are exposed by this service.
@ -2204,6 +2233,16 @@ spec:
type: integer
type: object
type: object
trafficDistribution:
description: |-
TrafficDistribution offers a way to express preferences for how traffic is
distributed to Service endpoints. Implementations can use this field as a
hint, but are not required to guarantee strict adherence. If the field is
not set, the implementation will apply its default routing strategy. If set
to "PreferClose", implementations should prioritize endpoints that are
topologically close (e.g., same zone).
This is an alpha field and requires enabling ServiceTrafficDistribution feature.
type: string
type:
description: |-
type determines how the Service is exposed. Defaults to ClusterIP. Valid
@ -2358,14 +2397,14 @@ apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.14.0
controller-gen.kubebuilder.io/version: v0.15.0
helm.sh/resource-policy: keep
labels:
app.kubernetes.io/instance: 'logging'
app.kubernetes.io/managed-by: 'Helm'
app.kubernetes.io/name: 'eck-operator-crds'
app.kubernetes.io/version: '2.13.0'
helm.sh/chart: 'eck-operator-crds-2.13.0'
app.kubernetes.io/version: '2.14.0'
helm.sh/chart: 'eck-operator-crds-2.14.0'
name: beats.beat.k8s.elastic.co
spec:
group: beat.k8s.elastic.co
@ -2847,14 +2886,14 @@ apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.14.0
controller-gen.kubebuilder.io/version: v0.15.0
helm.sh/resource-policy: keep
labels:
app.kubernetes.io/instance: 'logging'
app.kubernetes.io/managed-by: 'Helm'
app.kubernetes.io/name: 'eck-operator-crds'
app.kubernetes.io/version: '2.13.0'
helm.sh/chart: 'eck-operator-crds-2.13.0'
app.kubernetes.io/version: '2.14.0'
helm.sh/chart: 'eck-operator-crds-2.14.0'
name: elasticmapsservers.maps.k8s.elastic.co
spec:
group: maps.k8s.elastic.co
@ -3060,6 +3099,7 @@ spec:
items:
type: string
type: array
x-kubernetes-list-type: atomic
externalName:
description: |-
externalName is the external reference that discovery mechanisms will
@ -3175,6 +3215,7 @@ spec:
items:
type: string
type: array
x-kubernetes-list-type: atomic
ports:
description: |-
The list of ports that are exposed by this service.
@ -3306,6 +3347,16 @@ spec:
type: integer
type: object
type: object
trafficDistribution:
description: |-
TrafficDistribution offers a way to express preferences for how traffic is
distributed to Service endpoints. Implementations can use this field as a
hint, but are not required to guarantee strict adherence. If the field is
not set, the implementation will apply its default routing strategy. If set
to "PreferClose", implementations should prioritize endpoints that are
topologically close (e.g., same zone).
This is an alpha field and requires enabling ServiceTrafficDistribution feature.
type: string
type:
description: |-
type determines how the Service is exposed. Defaults to ClusterIP. Valid
@ -3446,14 +3497,14 @@ apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.14.0
controller-gen.kubebuilder.io/version: v0.15.0
helm.sh/resource-policy: keep
labels:
app.kubernetes.io/instance: 'logging'
app.kubernetes.io/managed-by: 'Helm'
app.kubernetes.io/name: 'eck-operator-crds'
app.kubernetes.io/version: '2.13.0'
helm.sh/chart: 'eck-operator-crds-2.13.0'
app.kubernetes.io/version: '2.14.0'
helm.sh/chart: 'eck-operator-crds-2.14.0'
name: elasticsearchautoscalers.autoscaling.k8s.elastic.co
spec:
group: autoscaling.k8s.elastic.co
@ -3804,14 +3855,14 @@ apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.14.0
controller-gen.kubebuilder.io/version: v0.15.0
helm.sh/resource-policy: keep
labels:
app.kubernetes.io/instance: 'logging'
app.kubernetes.io/managed-by: 'Helm'
app.kubernetes.io/name: 'eck-operator-crds'
app.kubernetes.io/version: '2.13.0'
helm.sh/chart: 'eck-operator-crds-2.13.0'
app.kubernetes.io/version: '2.14.0'
helm.sh/chart: 'eck-operator-crds-2.14.0'
name: elasticsearches.elasticsearch.k8s.elastic.co
spec:
group: elasticsearch.k8s.elastic.co
@ -4002,6 +4053,7 @@ spec:
items:
type: string
type: array
x-kubernetes-list-type: atomic
externalName:
description: |-
externalName is the external reference that discovery mechanisms will
@ -4117,6 +4169,7 @@ spec:
items:
type: string
type: array
x-kubernetes-list-type: atomic
ports:
description: |-
The list of ports that are exposed by this service.
@ -4248,6 +4301,16 @@ spec:
type: integer
type: object
type: object
trafficDistribution:
description: |-
TrafficDistribution offers a way to express preferences for how traffic is
distributed to Service endpoints. Implementations can use this field as a
hint, but are not required to guarantee strict adherence. If the field is
not set, the implementation will apply its default routing strategy. If set
to "PreferClose", implementations should prioritize endpoints that are
topologically close (e.g., same zone).
This is an alpha field and requires enabling ServiceTrafficDistribution feature.
type: string
type:
description: |-
type determines how the Service is exposed. Defaults to ClusterIP. Valid
@ -4492,6 +4555,7 @@ spec:
items:
type: string
type: array
x-kubernetes-list-type: atomic
dataSource:
description: |-
dataSource field can be used to specify either:
@ -4636,11 +4700,13 @@ spec:
items:
type: string
type: array
x-kubernetes-list-type: atomic
required:
- key
- operator
type: object
type: array
x-kubernetes-list-type: atomic
matchLabels:
additionalProperties:
type: string
@ -4668,7 +4734,7 @@ spec:
If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be
set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource
exists.
More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass
More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/
(Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled.
type: string
volumeMode:
@ -4773,11 +4839,13 @@ spec:
items:
type: string
type: array
x-kubernetes-list-type: atomic
required:
- key
- operator
type: object
type: array
x-kubernetes-list-type: atomic
matchLabels:
additionalProperties:
type: string
@ -5004,6 +5072,7 @@ spec:
items:
type: string
type: array
x-kubernetes-list-type: atomic
externalName:
description: |-
externalName is the external reference that discovery mechanisms will
@ -5119,6 +5188,7 @@ spec:
items:
type: string
type: array
x-kubernetes-list-type: atomic
ports:
description: |-
The list of ports that are exposed by this service.
@ -5250,6 +5320,16 @@ spec:
type: integer
type: object
type: object
trafficDistribution:
description: |-
TrafficDistribution offers a way to express preferences for how traffic is
distributed to Service endpoints. Implementations can use this field as a
hint, but are not required to guarantee strict adherence. If the field is
not set, the implementation will apply its default routing strategy. If set
to "PreferClose", implementations should prioritize endpoints that are
topologically close (e.g., same zone).
This is an alpha field and requires enabling ServiceTrafficDistribution feature.
type: string
type:
description: |-
type determines how the Service is exposed. Defaults to ClusterIP. Valid
@ -5304,6 +5384,15 @@ spec:
extension of each Elasticsearch node's transport TLS certificate.
Example: if set to "node.cluster.local", the generated certificate will have its otherName set to "<pod_name>.node.cluster.local".
type: string
selfSignedCertificates:
description: SelfSignedCertificates allows configuring the
self-signed certificate generated by the operator.
properties:
disabled:
description: Disabled indicates that provisioning of the
self-signed certificates should be disabled.
type: boolean
type: object
subjectAltNames:
description: SubjectAlternativeNames is a list of SANs to
include in the generated node transport TLS certificates.
@ -5693,6 +5782,7 @@ spec:
items:
type: string
type: array
x-kubernetes-list-type: atomic
externalName:
description: |-
externalName is the external reference that discovery mechanisms will
@ -5808,6 +5898,7 @@ spec:
items:
type: string
type: array
x-kubernetes-list-type: atomic
ports:
description: |-
The list of ports that are exposed by this service.
@ -5939,6 +6030,16 @@ spec:
type: integer
type: object
type: object
trafficDistribution:
description: |-
TrafficDistribution offers a way to express preferences for how traffic is
distributed to Service endpoints. Implementations can use this field as a
hint, but are not required to guarantee strict adherence. If the field is
not set, the implementation will apply its default routing strategy. If set
to "PreferClose", implementations should prioritize endpoints that are
topologically close (e.g., same zone).
This is an alpha field and requires enabling ServiceTrafficDistribution feature.
type: string
type:
description: |-
type determines how the Service is exposed. Defaults to ClusterIP. Valid
@ -6090,6 +6191,7 @@ spec:
items:
type: string
type: array
x-kubernetes-list-type: atomic
dataSource:
description: |-
dataSource field can be used to specify either:
@ -6234,11 +6336,13 @@ spec:
items:
type: string
type: array
x-kubernetes-list-type: atomic
required:
- key
- operator
type: object
type: array
x-kubernetes-list-type: atomic
matchLabels:
additionalProperties:
type: string
@ -6266,7 +6370,7 @@ spec:
If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be
set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource
exists.
More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass
More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/
(Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled.
type: string
volumeMode:
@ -6372,11 +6476,13 @@ spec:
items:
type: string
type: array
x-kubernetes-list-type: atomic
required:
- key
- operator
type: object
type: array
x-kubernetes-list-type: atomic
matchLabels:
additionalProperties:
type: string
@ -6521,14 +6627,14 @@ apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.14.0
controller-gen.kubebuilder.io/version: v0.15.0
helm.sh/resource-policy: keep
labels:
app.kubernetes.io/instance: 'logging'
app.kubernetes.io/managed-by: 'Helm'
app.kubernetes.io/name: 'eck-operator-crds'
app.kubernetes.io/version: '2.13.0'
helm.sh/chart: 'eck-operator-crds-2.13.0'
app.kubernetes.io/version: '2.14.0'
helm.sh/chart: 'eck-operator-crds-2.14.0'
name: enterprisesearches.enterprisesearch.k8s.elastic.co
spec:
group: enterprisesearch.k8s.elastic.co
@ -6733,6 +6839,7 @@ spec:
items:
type: string
type: array
x-kubernetes-list-type: atomic
externalName:
description: |-
externalName is the external reference that discovery mechanisms will
@ -6848,6 +6955,7 @@ spec:
items:
type: string
type: array
x-kubernetes-list-type: atomic
ports:
description: |-
The list of ports that are exposed by this service.
@ -6979,6 +7087,16 @@ spec:
type: integer
type: object
type: object
trafficDistribution:
description: |-
TrafficDistribution offers a way to express preferences for how traffic is
distributed to Service endpoints. Implementations can use this field as a
hint, but are not required to guarantee strict adherence. If the field is
not set, the implementation will apply its default routing strategy. If set
to "PreferClose", implementations should prioritize endpoints that are
topologically close (e.g., same zone).
This is an alpha field and requires enabling ServiceTrafficDistribution feature.
type: string
type:
description: |-
type determines how the Service is exposed. Defaults to ClusterIP. Valid
@ -7306,6 +7424,7 @@ spec:
items:
type: string
type: array
x-kubernetes-list-type: atomic
externalName:
description: |-
externalName is the external reference that discovery mechanisms will
@ -7421,6 +7540,7 @@ spec:
items:
type: string
type: array
x-kubernetes-list-type: atomic
ports:
description: |-
The list of ports that are exposed by this service.
@ -7552,6 +7672,16 @@ spec:
type: integer
type: object
type: object
trafficDistribution:
description: |-
TrafficDistribution offers a way to express preferences for how traffic is
distributed to Service endpoints. Implementations can use this field as a
hint, but are not required to guarantee strict adherence. If the field is
not set, the implementation will apply its default routing strategy. If set
to "PreferClose", implementations should prioritize endpoints that are
topologically close (e.g., same zone).
This is an alpha field and requires enabling ServiceTrafficDistribution feature.
type: string
type:
description: |-
type determines how the Service is exposed. Defaults to ClusterIP. Valid
@ -7678,14 +7808,14 @@ apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.14.0
controller-gen.kubebuilder.io/version: v0.15.0
helm.sh/resource-policy: keep
labels:
app.kubernetes.io/instance: 'logging'
app.kubernetes.io/managed-by: 'Helm'
app.kubernetes.io/name: 'eck-operator-crds'
app.kubernetes.io/version: '2.13.0'
helm.sh/chart: 'eck-operator-crds-2.13.0'
app.kubernetes.io/version: '2.14.0'
helm.sh/chart: 'eck-operator-crds-2.14.0'
name: kibanas.kibana.k8s.elastic.co
spec:
group: kibana.k8s.elastic.co
@ -7909,6 +8039,7 @@ spec:
items:
type: string
type: array
x-kubernetes-list-type: atomic
externalName:
description: |-
externalName is the external reference that discovery mechanisms will
@ -8024,6 +8155,7 @@ spec:
items:
type: string
type: array
x-kubernetes-list-type: atomic
ports:
description: |-
The list of ports that are exposed by this service.
@ -8155,6 +8287,16 @@ spec:
type: integer
type: object
type: object
trafficDistribution:
description: |-
TrafficDistribution offers a way to express preferences for how traffic is
distributed to Service endpoints. Implementations can use this field as a
hint, but are not required to guarantee strict adherence. If the field is
not set, the implementation will apply its default routing strategy. If set
to "PreferClose", implementations should prioritize endpoints that are
topologically close (e.g., same zone).
This is an alpha field and requires enabling ServiceTrafficDistribution feature.
type: string
type:
description: |-
type determines how the Service is exposed. Defaults to ClusterIP. Valid
@ -8592,6 +8734,7 @@ spec:
items:
type: string
type: array
x-kubernetes-list-type: atomic
externalName:
description: |-
externalName is the external reference that discovery mechanisms will
@ -8707,6 +8850,7 @@ spec:
items:
type: string
type: array
x-kubernetes-list-type: atomic
ports:
description: |-
The list of ports that are exposed by this service.
@ -8838,6 +8982,16 @@ spec:
type: integer
type: object
type: object
trafficDistribution:
description: |-
TrafficDistribution offers a way to express preferences for how traffic is
distributed to Service endpoints. Implementations can use this field as a
hint, but are not required to guarantee strict adherence. If the field is
not set, the implementation will apply its default routing strategy. If set
to "PreferClose", implementations should prioritize endpoints that are
topologically close (e.g., same zone).
This is an alpha field and requires enabling ServiceTrafficDistribution feature.
type: string
type:
description: |-
type determines how the Service is exposed. Defaults to ClusterIP. Valid
@ -8981,14 +9135,14 @@ apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.14.0
controller-gen.kubebuilder.io/version: v0.15.0
helm.sh/resource-policy: keep
labels:
app.kubernetes.io/instance: 'logging'
app.kubernetes.io/managed-by: 'Helm'
app.kubernetes.io/name: 'eck-operator-crds'
app.kubernetes.io/version: '2.13.0'
helm.sh/chart: 'eck-operator-crds-2.13.0'
app.kubernetes.io/version: '2.14.0'
helm.sh/chart: 'eck-operator-crds-2.14.0'
name: logstashes.logstash.k8s.elastic.co
spec:
group: logstash.k8s.elastic.co
@ -9374,6 +9528,7 @@ spec:
items:
type: string
type: array
x-kubernetes-list-type: atomic
externalName:
description: |-
externalName is the external reference that discovery mechanisms will
@ -9489,6 +9644,7 @@ spec:
items:
type: string
type: array
x-kubernetes-list-type: atomic
ports:
description: |-
The list of ports that are exposed by this service.
@ -9620,6 +9776,16 @@ spec:
type: integer
type: object
type: object
trafficDistribution:
description: |-
TrafficDistribution offers a way to express preferences for how traffic is
distributed to Service endpoints. Implementations can use this field as a
hint, but are not required to guarantee strict adherence. If the field is
not set, the implementation will apply its default routing strategy. If set
to "PreferClose", implementations should prioritize endpoints that are
topologically close (e.g., same zone).
This is an alpha field and requires enabling ServiceTrafficDistribution feature.
type: string
type:
description: |-
type determines how the Service is exposed. Defaults to ClusterIP. Valid
@ -9782,6 +9948,7 @@ spec:
items:
type: string
type: array
x-kubernetes-list-type: atomic
dataSource:
description: |-
dataSource field can be used to specify either:
@ -9921,11 +10088,13 @@ spec:
items:
type: string
type: array
x-kubernetes-list-type: atomic
required:
- key
- operator
type: object
type: array
x-kubernetes-list-type: atomic
matchLabels:
additionalProperties:
type: string
@ -9953,7 +10122,7 @@ spec:
If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be
set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource
exists.
More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass
More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/
(Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled.
type: string
volumeMode:
@ -9979,6 +10148,7 @@ spec:
items:
type: string
type: array
x-kubernetes-list-type: atomic
allocatedResourceStatuses:
additionalProperties:
description: |-
@ -10068,7 +10238,7 @@ spec:
conditions:
description: |-
conditions is the current Condition of persistent volume claim. If underlying persistent volume is being
resized then the Condition will be set to 'ResizeStarted'.
resized then the Condition will be set to 'Resizing'.
items:
description: PersistentVolumeClaimCondition contains details
about state of pvc
@ -10090,7 +10260,7 @@ spec:
reason:
description: |-
reason is a unique, this should be a short, machine understandable string that gives the reason
for condition's last transition. If it reports "ResizeStarted" that means the underlying
for condition's last transition. If it reports "Resizing" that means the underlying
persistent volume is being resized.
type: string
status:
@ -10104,6 +10274,9 @@ spec:
- type
type: object
type: array
x-kubernetes-list-map-keys:
- type
x-kubernetes-list-type: map
currentVolumeAttributesClassName:
description: |-
currentVolumeAttributesClassName is the current name of the VolumeAttributesClass the PVC is using.
@ -10205,14 +10378,14 @@ apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.14.0
controller-gen.kubebuilder.io/version: v0.15.0
helm.sh/resource-policy: keep
labels:
app.kubernetes.io/instance: 'logging'
app.kubernetes.io/managed-by: 'Helm'
app.kubernetes.io/name: 'eck-operator-crds'
app.kubernetes.io/version: '2.13.0'
helm.sh/chart: 'eck-operator-crds-2.13.0'
app.kubernetes.io/version: '2.14.0'
helm.sh/chart: 'eck-operator-crds-2.14.0'
name: stackconfigpolicies.stackconfigpolicy.k8s.elastic.co
spec:
group: stackconfigpolicy.k8s.elastic.co
@ -10445,11 +10618,13 @@ spec:
items:
type: string
type: array
x-kubernetes-list-type: atomic
required:
- key
- operator
type: object
type: array
x-kubernetes-list-type: atomic
matchLabels:
additionalProperties:
type: string

8
charts/kubezero-operators/values.yaml
View File

@ -27,3 +27,11 @@ eck-operator:
effect: NoSchedule
nodeSelector:
node-role.kubernetes.io/control-plane: ""
cloudnative-pg:
enabled: false
tolerations:
- key: node-role.kubernetes.io/control-plane
effect: NoSchedule
nodeSelector:
node-role.kubernetes.io/control-plane: ""

2
charts/kubezero-storage/templates/lvm/volumesnapshotclass.yaml
View File

@ -2,7 +2,7 @@
kind: VolumeSnapshotClass
apiVersion: snapshot.storage.k8s.io/v1
metadata:
name: lvmpv-snapclass
name: openebs-lvm-snapshots
#annotations:
# snapshot.storage.kubernetes.io/is-default-class: "true"
labels:

12
charts/kubezero/templates/operators.yaml
View File

@ -10,6 +10,18 @@ eck-operator:
{{- toYaml . | nindent 2 }}
{{- end }}
{{- with index .Values "operators" "cloudnative-pg" }}
cloudnative-pg:
{{- toYaml . | nindent 2 }}
{{- with $.Values.metrics }}
monitoring:
podMonitorEnabled: {{ .enabled }}
grafanaDashboard:
create: {{ .enabled }}
{{- end }}
{{- end }}
{{- end }}