From a6bb7e242526767cddfc4ba0e63282194f9e60b4 Mon Sep 17 00:00:00 2001 From: Stefan Reimer Date: Fri, 31 Jul 2020 01:18:07 +0100 Subject: [PATCH] Add webhooks and set tolerations --- charts/kubezero-metrics/values.yaml | 32 +++++++++++++++++++++-------- 1 file changed, 24 insertions(+), 8 deletions(-) diff --git a/charts/kubezero-metrics/values.yaml b/charts/kubezero-metrics/values.yaml index 6347d55c..a375b2f9 100644 --- a/charts/kubezero-metrics/values.yaml +++ b/charts/kubezero-metrics/values.yaml @@ -31,17 +31,33 @@ prometheus-operator: prometheusOperator: enabled: true + # Run on controller nodes + tolerations: + - key: node-role.kubernetes.io/master + effect: NoSchedule + nodeSelector: + node-role.kubernetes.io/master: "" + # We use Argo manageCrds: false createCustomResource: true - serviceMonitor: - selfMonitor: false + # Operator has TLS support starting 0.39, but chart does not support CAConfig and operator flags yet + # see: https://github.com/coreos/prometheus-operator/blob/master/Documentation/user-guides/webhook.md#deploying-the-admission-webhook + # Until then we use the patch job and tls proxy, to be reviewed later on to use the kubezero local cluster CA from cert-manager tlsProxy: - enabled: false + enabled: true admissionWebhooks: - enabled: false - namespaces: - releaseNamespace: true - additional: - - kube-system + enabled: true + patch: + enabled: true + tolerations: + - key: node-role.kubernetes.io/master + effect: NoSchedule + nodeSelector: + node-role.kubernetes.io/master: "" + + #namespaces: + # releaseNamespace: true + # additional: + # - kube-system