More fixes now adding ArgoCD
This commit is contained in:
parent
ec6d7a4d11
commit
c8a903110f
@ -14,7 +14,7 @@ KubeZero ArgoCD Helm chart to install ArgoCD itself and the KubeZero ArgoCD Appl
|
|||||||
|
|
||||||
## Requirements
|
## Requirements
|
||||||
|
|
||||||
Kubernetes: `>= 1.17.0`
|
Kubernetes: `>= 1.16.0`
|
||||||
|
|
||||||
| Repository | Name | Version |
|
| Repository | Name | Version |
|
||||||
|------------|------|---------|
|
|------------|------|---------|
|
||||||
@ -52,10 +52,12 @@ Kubernetes: `>= 1.17.0`
|
|||||||
| istio.enabled | bool | `false` | Deploy Istio VirtualService to expose ArgoCD |
|
| istio.enabled | bool | `false` | Deploy Istio VirtualService to expose ArgoCD |
|
||||||
| istio.gateway | string | `"istio-ingress/ingressgateway"` | Name of the Istio gateway to add the VirtualService to |
|
| istio.gateway | string | `"istio-ingress/ingressgateway"` | Name of the Istio gateway to add the VirtualService to |
|
||||||
| istio.ipBlocks | list | `[]` | |
|
| istio.ipBlocks | list | `[]` | |
|
||||||
| kubezero.global.defaultDestination | object | `{"server":"https://kubernetes.default.svc"}` | Destination cluster |
|
| kubezero.enabled | bool | `false` | |
|
||||||
| kubezero.global.defaultSource.pathPrefix | string | `""` | optional path prefix within repoURL to support eg. remote subtrees |
|
| kubezero.path | string | `"charts/kubezero"` | path within repoURL |
|
||||||
| kubezero.global.defaultSource.repoURL | string | `"https://github.com/zero-down-time/kubezero"` | default repository for argocd applications |
|
| kubezero.repoURL | string | `"https://github.com/zero-down-time/kubezero"` | repository for kubezero argo applications |
|
||||||
| kubezero.global.defaultSource.targetRevision | string | `"HEAD"` | default tracking of repoURL |
|
| kubezero.server | string | `"https://kubernetes.default.svc"` | destination cluster |
|
||||||
|
| kubezero.targetRevision | string | `"HEAD"` | git branch to track |
|
||||||
|
| kubezero.valuesFiles[0] | string | `"values.yaml"` | |
|
||||||
|
|
||||||
## Resources
|
## Resources
|
||||||
- https://argoproj.github.io/argo-cd/operator-manual/metrics/
|
- https://argoproj.github.io/argo-cd/operator-manual/metrics/
|
||||||
|
@ -1,3 +1,4 @@
|
|||||||
|
{{- if .Values.kubezero.enabled }}
|
||||||
apiVersion: argoproj.io/v1alpha1
|
apiVersion: argoproj.io/v1alpha1
|
||||||
kind: AppProject
|
kind: AppProject
|
||||||
metadata:
|
metadata:
|
||||||
@ -33,3 +34,32 @@ spec:
|
|||||||
clusterResourceWhitelist:
|
clusterResourceWhitelist:
|
||||||
- group: '*'
|
- group: '*'
|
||||||
kind: '*'
|
kind: '*'
|
||||||
|
|
||||||
|
---
|
||||||
|
apiVersion: argoproj.io/v1alpha1
|
||||||
|
kind: Application
|
||||||
|
metadata:
|
||||||
|
name: kubezero
|
||||||
|
namespace: argocd
|
||||||
|
labels:
|
||||||
|
{{ include "kubezero-lib.labels" . | indent 4 }}
|
||||||
|
spec:
|
||||||
|
project: kubezero
|
||||||
|
source:
|
||||||
|
repoURL: {{ .Values.kubezero.repoURL }}
|
||||||
|
targetRevision: {{ .Values.kubezero.targetRevision }}
|
||||||
|
path: {{ .Values.kubezero.path }}
|
||||||
|
|
||||||
|
helm:
|
||||||
|
valueFiles:
|
||||||
|
{{- toYaml .Values.kubezero.valuesFiles | nindent 6 }}
|
||||||
|
|
||||||
|
destination:
|
||||||
|
server: {{ .Values.kubezero.server }}
|
||||||
|
namespace: argocd
|
||||||
|
|
||||||
|
{{- with .Values.kubezero.syncPolicy }}
|
||||||
|
syncPolicy:
|
||||||
|
{{- toYaml . | nindent 4 }}
|
||||||
|
{{- end }}
|
||||||
|
{{- end }}
|
@ -1,25 +1,36 @@
|
|||||||
|
# Configure app of apps
|
||||||
kubezero:
|
kubezero:
|
||||||
global:
|
enabled: false
|
||||||
# kubezero.global.defaultDestination -- Destination cluster
|
|
||||||
defaultDestination:
|
# kubezero.server -- destination cluster
|
||||||
server: https://kubernetes.default.svc
|
server: https://kubernetes.default.svc
|
||||||
|
|
||||||
# This repoURL is used a base for all the repoURLs applications
|
# This repoURL is used a base for all the repoURLs applications
|
||||||
# Setting this to a eg. private git repo incl. the use of pathPrefix allows kubezero to be
|
# Setting this to a eg. private git repo incl. the use of pathPrefix allows kubezero to be
|
||||||
# integrated into any repository as a git subtree if for example public internet access is unavailable
|
# integrated into any repository as a git subtree if for example public internet access is unavailable
|
||||||
defaultSource:
|
# kubezero.repoURL -- repository for kubezero argo applications
|
||||||
# kubezero.global.defaultSource.repoURL -- default repository for argocd applications
|
|
||||||
repoURL: https://github.com/zero-down-time/kubezero
|
repoURL: https://github.com/zero-down-time/kubezero
|
||||||
# kubezero.global.defaultSource.targetRevision -- default tracking of repoURL
|
# kubezero.targetRevision -- git branch to track
|
||||||
targetRevision: HEAD
|
targetRevision: HEAD
|
||||||
# kubezero.global.defaultSource.pathPrefix -- optional path prefix within repoURL to support eg. remote subtrees
|
# kubezero.path -- path within repoURL
|
||||||
pathPrefix: ''
|
path: 'charts/kubezero'
|
||||||
|
|
||||||
# syncPolicy, details see: https://argoproj.github.io/argo-cd/user-guide/auto_sync
|
# syncPolicy, details see: https://argoproj.github.io/argo-cd/user-guide/auto_sync
|
||||||
#syncPolicy:
|
#syncPolicy:
|
||||||
# automated:
|
# automated:
|
||||||
# prune: true
|
# prune: true
|
||||||
|
|
||||||
|
valuesFiles:
|
||||||
|
- values.yaml
|
||||||
|
|
||||||
|
# Support for Istio Ingress for ArgoCD
|
||||||
|
istio:
|
||||||
|
# istio.enabled -- Deploy Istio VirtualService to expose ArgoCD
|
||||||
|
enabled: false
|
||||||
|
# istio.gateway -- Name of the Istio gateway to add the VirtualService to
|
||||||
|
gateway: istio-ingress/ingressgateway
|
||||||
|
ipBlocks: []
|
||||||
|
|
||||||
argo-cd:
|
argo-cd:
|
||||||
installCRDs: false
|
installCRDs: false
|
||||||
|
|
||||||
@ -70,6 +81,9 @@ argo-cd:
|
|||||||
# argo-cd.server.config.url -- ArgoCD hostname to be exposed via Istio
|
# argo-cd.server.config.url -- ArgoCD hostname to be exposed via Istio
|
||||||
url: argocd.example.com
|
url: argocd.example.com
|
||||||
|
|
||||||
|
#repositories: |
|
||||||
|
# - url: https://zero-down-time.github.io/kubezero.git
|
||||||
|
|
||||||
resource.customizations: |
|
resource.customizations: |
|
||||||
cert-manager.io/Certificate:
|
cert-manager.io/Certificate:
|
||||||
# Lua script for customizing the health status assessment
|
# Lua script for customizing the health status assessment
|
||||||
@ -115,10 +129,3 @@ argo-cd:
|
|||||||
|
|
||||||
dex:
|
dex:
|
||||||
enabled: false
|
enabled: false
|
||||||
|
|
||||||
istio:
|
|
||||||
# istio.enabled -- Deploy Istio VirtualService to expose ArgoCD
|
|
||||||
enabled: false
|
|
||||||
# istio.gateway -- Name of the Istio gateway to add the VirtualService to
|
|
||||||
gateway: istio-ingress/ingressgateway
|
|
||||||
ipBlocks: []
|
|
||||||
|
@ -16,7 +16,7 @@ Installs Istio Ingress Gateways, requires kubezero-istio to be installed !
|
|||||||
|
|
||||||
## Requirements
|
## Requirements
|
||||||
|
|
||||||
Kubernetes: `>= 1.17.0`
|
Kubernetes: `>= 1.16.0`
|
||||||
|
|
||||||
| Repository | Name | Version |
|
| Repository | Name | Version |
|
||||||
|------------|------|---------|
|
|------------|------|---------|
|
||||||
|
@ -1,7 +0,0 @@
|
|||||||
apiVersion: v1
|
|
||||||
kind: Namespace
|
|
||||||
metadata:
|
|
||||||
name: istio-ingress
|
|
||||||
labels:
|
|
||||||
istio-injection: disabled
|
|
||||||
{{ include "kubezero-lib.labels" . | indent 4 }}
|
|
@ -16,7 +16,7 @@ Installs the Istio control plane
|
|||||||
|
|
||||||
## Requirements
|
## Requirements
|
||||||
|
|
||||||
Kubernetes: `>= 1.17.0`
|
Kubernetes: `>= 1.16.0`
|
||||||
|
|
||||||
| Repository | Name | Version |
|
| Repository | Name | Version |
|
||||||
|------------|------|---------|
|
|------------|------|---------|
|
||||||
|
@ -1,7 +0,0 @@
|
|||||||
apiVersion: v1
|
|
||||||
kind: Namespace
|
|
||||||
metadata:
|
|
||||||
name: istio-system
|
|
||||||
labels:
|
|
||||||
istio-injection: disabled
|
|
||||||
{{ include "kubezero-lib.labels" . | indent 4 }}
|
|
@ -74,7 +74,6 @@ Kubernetes: `>= 1.16.0`
|
|||||||
| fluent-bit.config.service | string | `"[SERVICE]\n Flush 1\n Daemon Off\n Log_Level warn\n Parsers_File parsers.conf\n Parsers_File custom_parsers.conf\n HTTP_Server On\n HTTP_Listen 0.0.0.0\n HTTP_Port 2020\n"` | |
|
| fluent-bit.config.service | string | `"[SERVICE]\n Flush 1\n Daemon Off\n Log_Level warn\n Parsers_File parsers.conf\n Parsers_File custom_parsers.conf\n HTTP_Server On\n HTTP_Listen 0.0.0.0\n HTTP_Port 2020\n"` | |
|
||||||
| fluent-bit.enabled | bool | `false` | |
|
| fluent-bit.enabled | bool | `false` | |
|
||||||
| fluent-bit.serviceMonitor.enabled | bool | `true` | |
|
| fluent-bit.serviceMonitor.enabled | bool | `true` | |
|
||||||
| fluent-bit.serviceMonitor.namespace | string | `"monitoring"` | |
|
|
||||||
| fluent-bit.serviceMonitor.selector.release | string | `"metrics"` | |
|
| fluent-bit.serviceMonitor.selector.release | string | `"metrics"` | |
|
||||||
| fluent-bit.test.enabled | bool | `false` | |
|
| fluent-bit.test.enabled | bool | `false` | |
|
||||||
| fluent-bit.tolerations[0].effect | string | `"NoSchedule"` | |
|
| fluent-bit.tolerations[0].effect | string | `"NoSchedule"` | |
|
||||||
|
3
charts/kubezero/.gitignore
vendored
Normal file
3
charts/kubezero/.gitignore
vendored
Normal file
@ -0,0 +1,3 @@
|
|||||||
|
kubezero.???
|
||||||
|
charts/*.tgz
|
||||||
|
Chart.lock
|
@ -21,3 +21,4 @@
|
|||||||
.idea/
|
.idea/
|
||||||
*.tmproj
|
*.tmproj
|
||||||
.vscode/
|
.vscode/
|
||||||
|
Chart.lock
|
||||||
|
@ -1,8 +1,8 @@
|
|||||||
apiVersion: v2
|
apiVersion: v2
|
||||||
name: kubezero
|
name: kubezero
|
||||||
description: KubeZero ArgoCD Application - Root App of Apps chart of KubeZero
|
description: KubeZero - Bootstrap and ArgoCD Root App of Apps chart
|
||||||
type: application
|
type: application
|
||||||
version: 0.4.5
|
version: 0.5.0
|
||||||
home: https://kubezero.com
|
home: https://kubezero.com
|
||||||
icon: https://cdn.zero-downtime.net/assets/kubezero/logo-small-64.png
|
icon: https://cdn.zero-downtime.net/assets/kubezero/logo-small-64.png
|
||||||
keywords:
|
keywords:
|
||||||
|
@ -1,6 +1,6 @@
|
|||||||
# kubezero
|
# kubezero
|
||||||
|
|
||||||
![Version: 0.4.5](https://img.shields.io/badge/Version-0.4.5-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square)
|
![Version: 0.5.0](https://img.shields.io/badge/Version-0.5.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square)
|
||||||
|
|
||||||
KubeZero ArgoCD Application - Root App of Apps chart of KubeZero
|
KubeZero ArgoCD Application - Root App of Apps chart of KubeZero
|
||||||
|
|
||||||
@ -46,7 +46,6 @@ Kubernetes: `>= 1.16.0`
|
|||||||
| logging.namespace | string | `"logging"` | |
|
| logging.namespace | string | `"logging"` | |
|
||||||
| metrics.enabled | bool | `false` | |
|
| metrics.enabled | bool | `false` | |
|
||||||
| metrics.namespace | string | `"monitoring"` | |
|
| metrics.namespace | string | `"monitoring"` | |
|
||||||
| platform | string | `"aws"` | |
|
|
||||||
|
|
||||||
----------------------------------------------
|
----------------------------------------------
|
||||||
Autogenerated from chart metadata using [helm-docs v1.2.1](https://github.com/norwoodj/helm-docs/releases/v1.2.1)
|
Autogenerated from chart metadata using [helm-docs v1.2.1](https://github.com/norwoodj/helm-docs/releases/v1.2.1)
|
||||||
|
@ -3,7 +3,8 @@ set -ex
|
|||||||
|
|
||||||
ACTION=$1
|
ACTION=$1
|
||||||
ARTIFACTS=("$2")
|
ARTIFACTS=("$2")
|
||||||
LOCATION=${3:-""}
|
VALUES=$3
|
||||||
|
LOCATION=${4:-""}
|
||||||
|
|
||||||
DEPLOY_DIR=$( dirname $( realpath $0 ))
|
DEPLOY_DIR=$( dirname $( realpath $0 ))
|
||||||
which yq || { echo "yq not found!"; exit 1; }
|
which yq || { echo "yq not found!"; exit 1; }
|
||||||
@ -12,7 +13,7 @@ TMPDIR=$(mktemp -d kubezero.XXX)
|
|||||||
|
|
||||||
# First lets generate kubezero.yaml
|
# First lets generate kubezero.yaml
|
||||||
# This will be stored as secret during the initial kubezero chart install
|
# This will be stored as secret during the initial kubezero chart install
|
||||||
helm template $DEPLOY_DIR -f values.yaml -f cloudbender.yaml > $TMPDIR/kubezero.yaml
|
helm template $DEPLOY_DIR -f $VALUES -f cloudbender.yaml --set argo=false > $TMPDIR/kubezero.yaml
|
||||||
|
|
||||||
if [ ${ARTIFACTS[0]} == "all" ]; then
|
if [ ${ARTIFACTS[0]} == "all" ]; then
|
||||||
ARTIFACTS=($(yq r -p p $TMPDIR/kubezero.yaml "*.enabled" | awk -F "." '{print $1}'))
|
ARTIFACTS=($(yq r -p p $TMPDIR/kubezero.yaml "*.enabled" | awk -F "." '{print $1}'))
|
||||||
@ -316,7 +317,7 @@ function argo-cd() {
|
|||||||
deploy $chart $release $namespace -f $TMPDIR/values.yaml
|
deploy $chart $release $namespace -f $TMPDIR/values.yaml
|
||||||
|
|
||||||
# Install the kubezero app of apps
|
# Install the kubezero app of apps
|
||||||
deploy kubezero kubezero argocd -f $TMPDIR/kubezero.yaml
|
# deploy kubezero kubezero $namespace -f $TMPDIR/kubezero.yaml
|
||||||
|
|
||||||
elif [ $task == "delete" ]; then
|
elif [ $task == "delete" ]; then
|
||||||
delete $chart $release $namespace -f $TMPDIR/values.yaml
|
delete $chart $release $namespace -f $TMPDIR/values.yaml
|
@ -1,7 +1,7 @@
|
|||||||
{{- define "kubezero-app.app" }}
|
{{- define "kubezero-app.app" }}
|
||||||
{{- $name := regexReplaceAll "kubezero/templates/([a-z-]*)..*" .Template.Name "${1}" }}
|
{{- $name := regexReplaceAll "kubezero/templates/([a-z-]*)..*" .Template.Name "${1}" }}
|
||||||
{{- $my_values := index .Values $name "values" }}
|
|
||||||
|
|
||||||
|
{{- if and .Values.argo ( index .Values $name "enabled" ) }}
|
||||||
apiVersion: argoproj.io/v1alpha1
|
apiVersion: argoproj.io/v1alpha1
|
||||||
kind: Application
|
kind: Application
|
||||||
metadata:
|
metadata:
|
||||||
@ -17,21 +17,23 @@ spec:
|
|||||||
project: kubezero
|
project: kubezero
|
||||||
|
|
||||||
source:
|
source:
|
||||||
repoURL: {{ .Values.global.defaultSource.repoURL }}
|
repoURL: {{ .Values.global.kubezero.repoURL }}
|
||||||
targetRevision: {{ .Values.global.defaultSource.targetRevision }}
|
targetRevision: {{ .Values.global.kubezero.targetRevision }}
|
||||||
path: {{ .Values.global.defaultSource.pathPrefix}}charts/kubezero-{{ $name }}
|
path: {{ .Values.global.kubezero.pathPrefix}}charts/kubezero-{{ $name }}
|
||||||
{{- if $my_values }}
|
|
||||||
helm:
|
helm:
|
||||||
values: |
|
values: |
|
||||||
{{- toYaml $my_values | nindent 8 }}
|
{{- include (print $name "-values") $ | nindent 8 }}
|
||||||
{{- end }}
|
|
||||||
|
|
||||||
destination:
|
destination:
|
||||||
server: {{ .Values.global.defaultDestination.server }}
|
server: {{ .Values.global.kubezero.server }}
|
||||||
namespace: {{ default "kube-system" ( index .Values $name "namespace" ) }}
|
namespace: {{ default "kube-system" ( index .Values $name "namespace" ) }}
|
||||||
|
|
||||||
{{- if .Values.global.syncPolicy }}
|
{{- with .Values.global.kubezero.syncPolicy }}
|
||||||
syncPolicy:
|
syncPolicy:
|
||||||
{{- toYaml .Values.global.syncPolicy | nindent 4 }}
|
{{- toYaml . | nindent 4 }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
|
|
||||||
|
{{- include (print $name "-argo") $ }}
|
||||||
|
{{- end }}
|
||||||
|
|
||||||
{{- end }}
|
{{- end }}
|
||||||
|
31
charts/kubezero/templates/argo.yaml
Normal file
31
charts/kubezero/templates/argo.yaml
Normal file
@ -0,0 +1,31 @@
|
|||||||
|
{{- define "argo-cd-values" }}
|
||||||
|
argo-cd:
|
||||||
|
controller:
|
||||||
|
metrics:
|
||||||
|
enabled: {{ .Values.metrics.enabled }}
|
||||||
|
repoServer:
|
||||||
|
metrics:
|
||||||
|
enabled: {{ .Values.metrics.enabled }}
|
||||||
|
server:
|
||||||
|
metrics:
|
||||||
|
enabled: {{ .Values.metrics.enabled }}
|
||||||
|
{{- with index .Values "argo-cd" "server" }}
|
||||||
|
{{- toYaml . | nindent 4 }}
|
||||||
|
{{- end }}
|
||||||
|
{{- with index .Values "argo-cd" "configs" }}
|
||||||
|
configs:
|
||||||
|
{{- toYaml . | nindent 4 }}
|
||||||
|
{{- end }}
|
||||||
|
{{- if and ( index .Values "argo-cd" "istio" "enabled" ) .Values.istio.enabled }}
|
||||||
|
istio:
|
||||||
|
{{- with index .Values "argo-cd" "istio" }}
|
||||||
|
{{- toYaml . | nindent 2 }}
|
||||||
|
{{- end }}
|
||||||
|
{{- end }}
|
||||||
|
|
||||||
|
{{- with index .Values "argo-cd" "kubezero" }}
|
||||||
|
kubezero:
|
||||||
|
{{- toYaml . | nindent 2 }}
|
||||||
|
{{- end }}
|
||||||
|
|
||||||
|
{{- end }}
|
19
charts/kubezero/templates/argoless.yaml
Normal file
19
charts/kubezero/templates/argoless.yaml
Normal file
@ -0,0 +1,19 @@
|
|||||||
|
{{- if not .Values.argo }}
|
||||||
|
|
||||||
|
{{- $artifacts := list "calico" "cert-manager" "kiam" "aws-ebs-csi-driver" "aws-efs-csi-driver" "local-volume-provisioner" "istio" "istio-ingress" "metrics" "logging" "argo-cd" }}
|
||||||
|
|
||||||
|
{{- if .Values.global }}
|
||||||
|
global:
|
||||||
|
{{- toYaml .Values.global | nindent 2 }}
|
||||||
|
{{- end }}
|
||||||
|
|
||||||
|
{{- range $artifacts }}
|
||||||
|
{{- if index $.Values . }}
|
||||||
|
{{ . }}:
|
||||||
|
enabled: {{ index $.Values . "enabled" }}
|
||||||
|
values:
|
||||||
|
{{- include (print . "-values") $ | nindent 4 }}
|
||||||
|
{{- end }}
|
||||||
|
{{- end }}
|
||||||
|
|
||||||
|
{{- end }}
|
@ -1,3 +1,14 @@
|
|||||||
{{- if index .Values "aws-ebs-csi-driver" "enabled" }}
|
{{- define "aws-ebs-csi-driver-values" }}
|
||||||
{{ include "kubezero-app.app" . }}
|
aws-ebs-csi-driver:
|
||||||
|
replicaCount: {{ ternary 2 1 .Values.HighAvailableControlplane }}
|
||||||
|
podAnnotations:
|
||||||
|
iam.amazonaws.com/role: {{ index .Values "aws-ebs-csi-driver" "IamArn" | quote }}
|
||||||
|
extraVolumeTags:
|
||||||
|
Name: {{ .Values.ClusterName }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
|
|
||||||
|
|
||||||
|
{{- define "aws-ebs-csi-driver-argo" }}
|
||||||
|
{{- end }}
|
||||||
|
|
||||||
|
{{ include "kubezero-app.app" . }}
|
||||||
|
@ -1,3 +1,24 @@
|
|||||||
{{- if index .Values "aws-efs-csi-driver" "enabled" }}
|
{{- define "aws-efs-csi-driver-values" }}
|
||||||
{{ include "kubezero-app.app" . }}
|
{{- with index .Values "aws-efs-csi-driver" "nodeSelector" }}
|
||||||
|
aws-efs-csi-driver:
|
||||||
|
nodeSelector:
|
||||||
|
{{- toYaml . | nindent 4 }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
|
{{- with index .Values "aws-efs-csi-driver" "PersistentVolumes" }}
|
||||||
|
PersistentVolumes:
|
||||||
|
{{- toYaml . | nindent 2 }}
|
||||||
|
{{- end }}
|
||||||
|
{{- if index .Values "aws-efs-csi-driver" "EfsId" }}
|
||||||
|
PersistentVolume:
|
||||||
|
create: true
|
||||||
|
EfsId: {{ index .Values "aws-efs-csi-driver" "EfsId" }}
|
||||||
|
Name: {{ default "kubezero-efs-pv" ( index .Values "aws-efs-csi-driver" "PVName" ) }}
|
||||||
|
{{- end }}
|
||||||
|
|
||||||
|
{{- end }}
|
||||||
|
|
||||||
|
|
||||||
|
{{- define "aws-efs-csi-driver-argo" }}
|
||||||
|
{{- end }}
|
||||||
|
|
||||||
|
{{ include "kubezero-app.app" . }}
|
||||||
|
@ -1,5 +1,11 @@
|
|||||||
{{- if .Values.calico.enabled }}
|
{{- define "calico-values" }}
|
||||||
{{ include "kubezero-app.app" . }}
|
network: {{ default "vxlan" .Values.calico.network }}
|
||||||
|
mtu: {{ default "8941" .Values.calico.mtu }}
|
||||||
|
prometheus: {{ .Values.metrics.enabled }}
|
||||||
|
{{- end }}
|
||||||
|
|
||||||
|
|
||||||
|
{{- define "calico-argo" }}
|
||||||
|
|
||||||
ignoreDifferences:
|
ignoreDifferences:
|
||||||
- group: apiextensions.k8s.io
|
- group: apiextensions.k8s.io
|
||||||
@ -7,3 +13,5 @@
|
|||||||
jsonPointers:
|
jsonPointers:
|
||||||
- /status
|
- /status
|
||||||
{{- end }}
|
{{- end }}
|
||||||
|
|
||||||
|
{{ include "kubezero-app.app" . }}
|
||||||
|
@ -1,13 +1,23 @@
|
|||||||
{{- if index .Values "cert-manager" "enabled" }}
|
{{- define "cert-manager-values" }}
|
||||||
{{ include "kubezero-app.app" . }}
|
localCA:
|
||||||
|
enabled: true
|
||||||
|
{{ with index .Values "cert-manager" "IamArn" }}
|
||||||
|
cert-manager:
|
||||||
|
podAnnotations:
|
||||||
|
iam.amazonaws.com/role: "{{ . }}"
|
||||||
|
{{- end }}
|
||||||
|
|
||||||
---
|
{{- with index .Values "cert-manager" "clusterIssuer" }}
|
||||||
apiVersion: v1
|
clusterIssuer:
|
||||||
kind: Namespace
|
{{- . | toYaml | nindent 2 }}
|
||||||
metadata:
|
|
||||||
name: cert-manager
|
|
||||||
{{- if index .Values "kiam" "enabled" }}
|
|
||||||
annotations:
|
|
||||||
iam.amazonaws.com/permitted: ".*CertManagerRole.*"
|
|
||||||
{{- end }}
|
{{- end }}
|
||||||
|
|
||||||
{{- end }}
|
{{- end }}
|
||||||
|
|
||||||
|
|
||||||
|
{{- define "cert-manager-argo" }}
|
||||||
|
{{- end }}
|
||||||
|
|
||||||
|
{{- end }}
|
||||||
|
|
||||||
|
{{ include "kubezero-app.app" . }}
|
||||||
|
@ -1,8 +1,36 @@
|
|||||||
{{- if index .Values "istio-ingress" "enabled" }}
|
{{- define "istio-ingress-values" }}
|
||||||
{{ include "kubezero-app.app" . }}
|
{{- if index .Values "istio-ingress" "public" }}
|
||||||
---
|
istio-ingress:
|
||||||
apiVersion: v1
|
enabled: {{ index .Values "istio-ingress" "public" "enabled" }}
|
||||||
kind: Namespace
|
{{- with index .Values "istio-ingress" "public" "gateway" }}
|
||||||
metadata:
|
gateways:
|
||||||
name: istio-ingress
|
istio-ingressgateway:
|
||||||
|
{{- toYaml . | nindent 6 }}
|
||||||
|
{{- end }}
|
||||||
|
{{- with index .Values "istio-ingress" "public" "dnsNames" }}
|
||||||
|
dnsNames:
|
||||||
|
{{- toYaml . | nindent 2 }}
|
||||||
|
{{- end }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
|
|
||||||
|
{{- if index .Values "istio-ingress" "private" }}
|
||||||
|
istio-private-ingress:
|
||||||
|
enabled: {{ index .Values "istio-ingress" "private" "enabled" }}
|
||||||
|
{{- with index .Values "istio-ingress" "private" "gateway" }}
|
||||||
|
gateways:
|
||||||
|
istio-ingressgateway:
|
||||||
|
{{- toYaml . | nindent 6 }}
|
||||||
|
{{- end }}
|
||||||
|
{{- with index .Values "istio-ingress" "private" "dnsNames" }}
|
||||||
|
dnsNames:
|
||||||
|
{{- toYaml . | nindent 2 }}
|
||||||
|
{{- end }}
|
||||||
|
{{- end }}
|
||||||
|
|
||||||
|
{{- end }}
|
||||||
|
|
||||||
|
|
||||||
|
{{- define "istio-ingress-argo" }}
|
||||||
|
{{- end }}
|
||||||
|
|
||||||
|
{{ include "kubezero-app.app" . }}
|
||||||
|
@ -1,5 +1,11 @@
|
|||||||
{{- if .Values.istio.enabled }}
|
{{- define "istio-values" }}
|
||||||
{{ include "kubezero-app.app" . }}
|
istio-discovery:
|
||||||
|
pilot:
|
||||||
|
replicaCount: {{ ternary 2 1 .Values.HighAvailableControlplane }}
|
||||||
|
{{- end }}
|
||||||
|
|
||||||
|
|
||||||
|
{{- define "istio-argo" }}
|
||||||
|
|
||||||
ignoreDifferences:
|
ignoreDifferences:
|
||||||
- group: apiextensions.k8s.io
|
- group: apiextensions.k8s.io
|
||||||
@ -17,10 +23,6 @@
|
|||||||
jsonPointers:
|
jsonPointers:
|
||||||
- /webhooks/0/clientConfig/caBundle
|
- /webhooks/0/clientConfig/caBundle
|
||||||
- /webhooks/0/failurePolicy
|
- /webhooks/0/failurePolicy
|
||||||
|
|
||||||
---
|
|
||||||
apiVersion: v1
|
|
||||||
kind: Namespace
|
|
||||||
metadata:
|
|
||||||
name: istio-system
|
|
||||||
{{- end }}
|
{{- end }}
|
||||||
|
|
||||||
|
{{ include "kubezero-app.app" . }}
|
||||||
|
@ -1,3 +1,20 @@
|
|||||||
{{- if index .Values "kiam" "enabled" }}
|
{{- define "kiam-values" }}
|
||||||
{{ include "kubezero-app.app" . }}
|
kiam:
|
||||||
|
server:
|
||||||
|
assumeRoleArn: "{{ .Values.kiam.IamArn }}"
|
||||||
|
deployment:
|
||||||
|
replicas: {{ ternary 2 1 .Values.HighAvailableControlplane }}
|
||||||
|
prometheus:
|
||||||
|
servicemonitor:
|
||||||
|
enabled: {{ .Values.metrics.enabled }}
|
||||||
|
agent:
|
||||||
|
prometheus:
|
||||||
|
servicemonitor:
|
||||||
|
enabled: {{ .Values.metrics.enabled }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
|
|
||||||
|
|
||||||
|
{{- define "kiam-argo" }}
|
||||||
|
{{- end }}
|
||||||
|
|
||||||
|
{{ include "kubezero-app.app" . }}
|
||||||
|
@ -1,3 +1,7 @@
|
|||||||
{{- if index .Values "local-volume-provisioner" "enabled" }}
|
{{- define "local-volume-provisioner-values" }}
|
||||||
{{ include "kubezero-app.app" . }}
|
|
||||||
{{- end }}
|
{{- end }}
|
||||||
|
|
||||||
|
{{- define "local-volume-provisioner-argo" }}
|
||||||
|
{{- end }}
|
||||||
|
|
||||||
|
{{ include "kubezero-app.app" . }}
|
||||||
|
@ -1,5 +1,86 @@
|
|||||||
{{- if index .Values "logging" "enabled" }}
|
{{- define "logging-values" }}
|
||||||
{{ include "kubezero-app.app" . }}
|
|
||||||
|
{{- with index .Values "logging" "eck-operator" }}
|
||||||
|
eck-operator:
|
||||||
|
{{- toYaml . | nindent 2 }}
|
||||||
|
{{- end }}
|
||||||
|
|
||||||
|
{{- if .Values.logging.elastic_password }}
|
||||||
|
elastic_password: {{ .Values.logging.elastic_password }}
|
||||||
|
{{- end }}
|
||||||
|
|
||||||
|
{{- if .Values.logging.version }}
|
||||||
|
version: {{ .Values.logging.version }}
|
||||||
|
{{- end }}
|
||||||
|
|
||||||
|
{{- if .Values.logging.fullnameOverride }}
|
||||||
|
fullnameOverride: {{ .Values.logging.fullnameOverride }}
|
||||||
|
{{- end }}
|
||||||
|
|
||||||
|
{{- if .Values.logging.es }}
|
||||||
|
es:
|
||||||
|
{{- if .Values.logging.es.nodeSets }}
|
||||||
|
nodeSets:
|
||||||
|
{{- with .Values.logging.es.nodeSets }}
|
||||||
|
{{- toYaml . | nindent 2 }}
|
||||||
|
{{- end }}
|
||||||
|
{{- end }}
|
||||||
|
prometheus: {{ .Values.metrics.enabled }}
|
||||||
|
|
||||||
|
{{- if .Values.logging.es.s3Snapshot }}
|
||||||
|
s3Snapshot:
|
||||||
|
{{- with .Values.logging.es.s3Snapshot }}
|
||||||
|
{{- toYaml . | nindent 4 }}
|
||||||
|
{{- end }}
|
||||||
|
{{- end }}
|
||||||
|
{{- end }}
|
||||||
|
|
||||||
|
{{- if .Values.logging.kibana }}
|
||||||
|
kibana:
|
||||||
|
{{- with .Values.logging.kibana }}
|
||||||
|
{{- toYaml . | nindent 2 }}
|
||||||
|
{{- end }}
|
||||||
|
{{- end }}
|
||||||
|
|
||||||
|
{{- if .Values.logging.fluentd }}
|
||||||
|
fluentd:
|
||||||
|
enabled: {{ .Values.logging.fluentd.enabled }}
|
||||||
|
metrics:
|
||||||
|
enabled: {{ .Values.metrics.enabled }}
|
||||||
|
url: {{ .Values.logging.fluentd.url }}
|
||||||
|
{{- if .Values.logging.fluentd.output }}
|
||||||
|
output:
|
||||||
|
host: {{ .Values.logging.fluentd.output.host }}
|
||||||
|
{{- end }}
|
||||||
|
{{- if .Values.logging.fluentd.extraEnvVars }}
|
||||||
|
extraEnvVars:
|
||||||
|
{{- toYaml .Values.logging.fluentd.extraEnvVars | nindent 8 }}
|
||||||
|
{{- end }}
|
||||||
|
{{- if and .Values.logging.fluentd.istio .Values.istio.enabled }}
|
||||||
|
istio:
|
||||||
|
{{- with .Values.logging.fluentd.istio }}
|
||||||
|
{{- toYaml . | nindent 4 }}
|
||||||
|
{{- end }}
|
||||||
|
{{- end }}
|
||||||
|
{{- end }}
|
||||||
|
|
||||||
|
{{- if index .Values "logging" "fluent-bit" }}
|
||||||
|
fluent-bit:
|
||||||
|
enabled: {{ index .Values.logging "fluent-bit" "enabled" }}
|
||||||
|
serviceMonitor:
|
||||||
|
enabled: {{ .Values.metrics.enabled }}
|
||||||
|
{{- if index .Values.logging "fluent-bit" "config" }}
|
||||||
|
config:
|
||||||
|
{{- with index .Values.logging "fluent-bit" "config" }}
|
||||||
|
{{- toYaml . | nindent 4 }}
|
||||||
|
{{- end }}
|
||||||
|
{{- end }}
|
||||||
|
{{- end }}
|
||||||
|
|
||||||
|
{{- end }}
|
||||||
|
|
||||||
|
|
||||||
|
{{- define "logging-argo" }}
|
||||||
|
|
||||||
ignoreDifferences:
|
ignoreDifferences:
|
||||||
- group: admissionregistration.k8s.io
|
- group: admissionregistration.k8s.io
|
||||||
@ -16,11 +97,6 @@
|
|||||||
kind: CustomResourceDefinition
|
kind: CustomResourceDefinition
|
||||||
jsonPointers:
|
jsonPointers:
|
||||||
- /status
|
- /status
|
||||||
---
|
|
||||||
apiVersion: v1
|
|
||||||
kind: Namespace
|
|
||||||
metadata:
|
|
||||||
name: logging
|
|
||||||
annotations:
|
|
||||||
iam.amazonaws.com/permitted: ".*ElasticSearchSnapshots.*"
|
|
||||||
{{- end }}
|
{{- end }}
|
||||||
|
|
||||||
|
{{ include "kubezero-app.app" . }}
|
||||||
|
@ -1,21 +1,42 @@
|
|||||||
{{- if index .Values "metrics" "enabled" }}
|
{{- define "metrics-values" }}
|
||||||
{{ include "kubezero-app.app" . }}
|
|
||||||
|
{{- if .Values.metrics.istio.grafana.enabled }}
|
||||||
|
grafana:
|
||||||
|
istio:
|
||||||
|
{{- with .Values.metrics.istio.grafana }}
|
||||||
|
{{- toYaml . | nindent 4 }}
|
||||||
|
{{- end }}
|
||||||
|
{{- end }}
|
||||||
|
{{- if .Values.metrics.istio.prometheus.enabled }}
|
||||||
|
prometheus:
|
||||||
|
istio:
|
||||||
|
{{- with .Values.metrics.istio.prometheus }}
|
||||||
|
{{- toYaml . | nindent 4 }}
|
||||||
|
{{- end }}
|
||||||
|
{{- end }}
|
||||||
|
{{- if index .Values "metrics" "kube-prometheus-stack" }}
|
||||||
|
kube-prometheus-stack:
|
||||||
|
{{- with index .Values "metrics" "kube-prometheus-stack" }}
|
||||||
|
{{- toYaml . | nindent 2 }}
|
||||||
|
{{- end }}
|
||||||
|
{{- end }}
|
||||||
|
|
||||||
|
{{- end }}
|
||||||
|
|
||||||
|
|
||||||
|
{{- define "metrics-argo" }}
|
||||||
|
|
||||||
ignoreDifferences:
|
ignoreDifferences:
|
||||||
- group: admissionregistration.k8s.io
|
- group: admissionregistration.k8s.io
|
||||||
kind: ValidatingWebhookConfiguration
|
kind: ValidatingWebhookConfiguration
|
||||||
jsonPointers:
|
jsonPointers:
|
||||||
- /webhooks/0/clientConfig/caBundle
|
|
||||||
- /webhooks/0/failurePolicy
|
- /webhooks/0/failurePolicy
|
||||||
- group: admissionregistration.k8s.io
|
- group: admissionregistration.k8s.io
|
||||||
kind: MutatingWebhookConfiguration
|
kind: MutatingWebhookConfiguration
|
||||||
jsonPointers:
|
jsonPointers:
|
||||||
- /webhooks/0/clientConfig/caBundle
|
|
||||||
- /webhooks/0/failurePolicy
|
- /webhooks/0/failurePolicy
|
||||||
|
|
||||||
---
|
|
||||||
apiVersion: v1
|
|
||||||
kind: Namespace
|
|
||||||
metadata:
|
|
||||||
name: monitoring
|
|
||||||
{{- end }}
|
{{- end }}
|
||||||
|
|
||||||
|
|
||||||
|
{{ include "kubezero-app.app" . }}
|
||||||
|
@ -1,41 +0,0 @@
|
|||||||
global:
|
|
||||||
defaultDestination:
|
|
||||||
server: https://kubernetes.default.svc
|
|
||||||
|
|
||||||
# This repoURL is used a base for all the repoURLs applications
|
|
||||||
# Setting this to a eg. private git repo incl. the use of pathPrefix allows kubezero to be
|
|
||||||
# integrated into any repository as a git subtree if for example public internet access is unavailable
|
|
||||||
defaultSource:
|
|
||||||
# defaultSource.repoURL -- default repository for argocd applications
|
|
||||||
repoURL: https://github.com/zero-down-time/kubezero
|
|
||||||
# defaultSource.targetRevision -- default tracking of repoURL
|
|
||||||
targetRevision: HEAD
|
|
||||||
# defaultSource.pathPrefix -- optional path prefix within repoURL to support eg. remote subtrees
|
|
||||||
pathPrefix: ''
|
|
||||||
|
|
||||||
calico:
|
|
||||||
enabled: true
|
|
||||||
|
|
||||||
local-volume-provisioner:
|
|
||||||
enabled: true
|
|
||||||
|
|
||||||
cert-manager:
|
|
||||||
enabled: true
|
|
||||||
|
|
||||||
kiam:
|
|
||||||
enabled: true
|
|
||||||
|
|
||||||
aws-ebs-csi-driver:
|
|
||||||
enabled: true
|
|
||||||
|
|
||||||
aws-efs-csi-driver:
|
|
||||||
enabled: true
|
|
||||||
|
|
||||||
istio:
|
|
||||||
enabled: true
|
|
||||||
|
|
||||||
metrics:
|
|
||||||
enabled: true
|
|
||||||
|
|
||||||
logging:
|
|
||||||
enabled: true
|
|
@ -1,17 +0,0 @@
|
|||||||
global:
|
|
||||||
defaultDestination:
|
|
||||||
server: https://kubernetes.default.svc
|
|
||||||
|
|
||||||
# This repoURL is used a base for all the repoURLs applications
|
|
||||||
# Setting this to a eg. private git repo incl. the use of pathPrefix allows kubezero to be
|
|
||||||
# integrated into any repository as a git subtree if for example public internet access is unavailable
|
|
||||||
defaultSource:
|
|
||||||
# defaultSource.repoURL -- default repository for argocd applications
|
|
||||||
repoURL: https://github.com/zero-down-time/kubezero
|
|
||||||
# defaultSource.targetRevision -- default tracking of repoURL
|
|
||||||
targetRevision: HEAD
|
|
||||||
# defaultSource.pathPrefix -- optional path prefix within repoURL to support eg. remote subtrees
|
|
||||||
pathPrefix: ''
|
|
||||||
|
|
||||||
calico:
|
|
||||||
enabled: true
|
|
@ -1,20 +1,12 @@
|
|||||||
|
argo: {}
|
||||||
|
|
||||||
global:
|
global:
|
||||||
defaultDestination:
|
argo:
|
||||||
server: https://kubernetes.default.svc
|
server: https://kubernetes.default.svc
|
||||||
|
|
||||||
# This repoURL is used a base for all the repoURLs applications
|
|
||||||
# Setting this to a eg. private git repo incl. the use of pathPrefix allows kubezero to be
|
|
||||||
# integrated into any repository as a git subtree if for example public internet access is unavailable
|
|
||||||
defaultSource:
|
|
||||||
# defaultSource.repoURL -- default repository for argocd applications
|
|
||||||
repoURL: https://github.com/zero-down-time/kubezero
|
repoURL: https://github.com/zero-down-time/kubezero
|
||||||
# defaultSource.targetRevision -- default tracking of repoURL
|
|
||||||
targetRevision: HEAD
|
targetRevision: HEAD
|
||||||
# defaultSource.pathPrefix -- optional path prefix within repoURL to support eg. remote subtrees
|
|
||||||
pathPrefix: ''
|
pathPrefix: ''
|
||||||
|
|
||||||
platform: aws
|
|
||||||
|
|
||||||
calico:
|
calico:
|
||||||
enabled: false
|
enabled: false
|
||||||
retain: true
|
retain: true
|
||||||
|
1
deploy/.gitignore
vendored
1
deploy/.gitignore
vendored
@ -1 +0,0 @@
|
|||||||
generated-values.yaml
|
|
@ -1,23 +0,0 @@
|
|||||||
# Patterns to ignore when building packages.
|
|
||||||
# This supports shell glob matching, relative path matching, and
|
|
||||||
# negation (prefixed with !). Only one pattern per line.
|
|
||||||
.DS_Store
|
|
||||||
# Common VCS dirs
|
|
||||||
.git/
|
|
||||||
.gitignore
|
|
||||||
.bzr/
|
|
||||||
.bzrignore
|
|
||||||
.hg/
|
|
||||||
.hgignore
|
|
||||||
.svn/
|
|
||||||
# Common backup files
|
|
||||||
*.swp
|
|
||||||
*.bak
|
|
||||||
*.tmp
|
|
||||||
*.orig
|
|
||||||
*~
|
|
||||||
# Various IDEs
|
|
||||||
.project
|
|
||||||
.idea/
|
|
||||||
*.tmproj
|
|
||||||
.vscode/
|
|
@ -1,6 +0,0 @@
|
|||||||
apiVersion: v2
|
|
||||||
name: deploy
|
|
||||||
description: "This chart is only used to generate the values.yaml for KubeZero !! Once something like https://github.com/helm/helm/pull/6876 gets merged this will be removed !"
|
|
||||||
type: application
|
|
||||||
version: 0.0.1
|
|
||||||
appVersion: 1.16.0
|
|
@ -1,30 +0,0 @@
|
|||||||
#!/bin/bash
|
|
||||||
set -ex
|
|
||||||
|
|
||||||
LOCATION=${1:-""}
|
|
||||||
|
|
||||||
DEPLOY_DIR=$( dirname $( realpath $0 ))
|
|
||||||
|
|
||||||
function chart_location() {
|
|
||||||
if [ -z "$LOCATION" ]; then
|
|
||||||
echo "$1 --repo https://zero-down-time.github.io/kubezero"
|
|
||||||
else
|
|
||||||
echo "$LOCATION/$1"
|
|
||||||
fi
|
|
||||||
}
|
|
||||||
|
|
||||||
# Update only if we use upstream
|
|
||||||
if [ -z "$LOCATION" ]; then
|
|
||||||
helm repo add kubezero https://zero-down-time.github.io/kubezero
|
|
||||||
helm repo update
|
|
||||||
fi
|
|
||||||
|
|
||||||
TMPDIR=$(mktemp -d kubezero.XXX)
|
|
||||||
|
|
||||||
# This will be stored as secret during the initial kubezero chart install
|
|
||||||
helm template $DEPLOY_DIR -f values.yaml -f cloudbender.yaml > $TMPDIR/kubezero.yaml
|
|
||||||
|
|
||||||
helm template $(chart_location kubezero) --namespace argocd --name-template kubezero --skip-crds -f $TMPDIR/kubezero.yaml > $TMPDIR/helm.yaml
|
|
||||||
kubectl apply --namespace argocd -f $TMPDIR/helm.yaml
|
|
||||||
|
|
||||||
[ "$DEBUG" == "" ] && rm -rf $TMPDIR
|
|
@ -1,26 +0,0 @@
|
|||||||
apiVersion: argoproj.io/v1alpha1
|
|
||||||
kind: Application
|
|
||||||
metadata:
|
|
||||||
name: kubezero
|
|
||||||
namespace: argocd
|
|
||||||
labels:
|
|
||||||
{{ include "kubezero-lib.labels" . | indent 4 }}
|
|
||||||
spec:
|
|
||||||
project: kubezero
|
|
||||||
source:
|
|
||||||
repoURL: {{ .Values.global.defaultSource.repoURL }}
|
|
||||||
targetRevision: {{ .Values.global.defaultSource.targetRevision }}
|
|
||||||
path: {{ .Values.global.defaultSource.pathPrefix}}charts/kubezero
|
|
||||||
|
|
||||||
helm:
|
|
||||||
values: |
|
|
||||||
{{- toYaml .Values | nindent 8 }}
|
|
||||||
|
|
||||||
destination:
|
|
||||||
server: {{ .Values.global.defaultDestination.server }}
|
|
||||||
namespace: argocd
|
|
||||||
|
|
||||||
{{- if .Values.global.syncPolicy }}
|
|
||||||
syncPolicy:
|
|
||||||
{{- toYaml .Values.global.syncPolicy | nindent 4 }}
|
|
||||||
{{- end }}
|
|
@ -1,259 +0,0 @@
|
|||||||
{{- if .Values.global }}
|
|
||||||
global:
|
|
||||||
{{- toYaml .Values.global | nindent 2 }}
|
|
||||||
{{- end }}
|
|
||||||
calico:
|
|
||||||
enabled: {{ .Values.calico.enabled }}
|
|
||||||
values:
|
|
||||||
network: {{ default "vxlan" .Values.calico.network }}
|
|
||||||
mtu: {{ default "8941" .Values.calico.mtu }}
|
|
||||||
prometheus: {{ .Values.metrics.enabled }}
|
|
||||||
cert-manager:
|
|
||||||
enabled: {{ index .Values "cert-manager" "enabled" }}
|
|
||||||
values:
|
|
||||||
localCA:
|
|
||||||
enabled: true
|
|
||||||
{{- if eq .Values.platform "aws" }}
|
|
||||||
cert-manager:
|
|
||||||
podAnnotations:
|
|
||||||
iam.amazonaws.com/role: "{{ index .Values "cert-manager" "IamArn" }}"
|
|
||||||
{{- end }}
|
|
||||||
|
|
||||||
{{- if .Values.kiam.enabled }}
|
|
||||||
clusterIssuer:
|
|
||||||
name: letsencrypt-dns-prod
|
|
||||||
server: https://acme-v02.api.letsencrypt.org/directory
|
|
||||||
email: {{ index .Values "cert-manager" "email" }}
|
|
||||||
solvers:
|
|
||||||
- selector:
|
|
||||||
dnsZones:
|
|
||||||
{{- with index .Values "cert-manager" "dnsZones" }}
|
|
||||||
{{- . | toYaml | nindent 12 }}
|
|
||||||
{{- end }}
|
|
||||||
dns01:
|
|
||||||
{{- if eq .Values.platform "aws" }}
|
|
||||||
route53:
|
|
||||||
region: {{ .Values.region }}
|
|
||||||
{{- else }}
|
|
||||||
{{- with index .Values "cert-manager" "solvers" }}
|
|
||||||
{{- . | toYaml | nindent 12 }}
|
|
||||||
{{- end }}
|
|
||||||
{{- end }}
|
|
||||||
{{- end }}
|
|
||||||
|
|
||||||
|
|
||||||
{{- if eq .Values.platform "aws" }}
|
|
||||||
kiam:
|
|
||||||
enabled: {{ .Values.kiam.enabled }}
|
|
||||||
values:
|
|
||||||
kiam:
|
|
||||||
enabled: {{ not .Values.kiam.certsOnly }}
|
|
||||||
server:
|
|
||||||
assumeRoleArn: "{{ .Values.kiam.IamArn }}"
|
|
||||||
deployment:
|
|
||||||
replicas: {{ ternary 2 1 .Values.HighAvailableControlplane }}
|
|
||||||
prometheus:
|
|
||||||
servicemonitor:
|
|
||||||
enabled: {{ .Values.metrics.enabled }}
|
|
||||||
agent:
|
|
||||||
prometheus:
|
|
||||||
servicemonitor:
|
|
||||||
enabled: {{ .Values.metrics.enabled }}
|
|
||||||
|
|
||||||
{{- if .Values.kiam.enabled }}
|
|
||||||
# AWS only components
|
|
||||||
aws-ebs-csi-driver:
|
|
||||||
enabled: {{ index .Values "aws-ebs-csi-driver" "enabled" }}
|
|
||||||
values:
|
|
||||||
aws-ebs-csi-driver:
|
|
||||||
replicaCount: {{ ternary 2 1 .Values.HighAvailableControlplane }}
|
|
||||||
podAnnotations:
|
|
||||||
iam.amazonaws.com/role: "{{ index .Values "aws-ebs-csi-driver" "IamArn" }}"
|
|
||||||
extraVolumeTags:
|
|
||||||
Name: {{ .Values.ClusterName }}
|
|
||||||
{{- end }}
|
|
||||||
|
|
||||||
aws-efs-csi-driver:
|
|
||||||
enabled: {{ index .Values "aws-efs-csi-driver" "enabled" }}
|
|
||||||
values:
|
|
||||||
{{- with index .Values "aws-efs-csi-driver" "nodeSelector" }}
|
|
||||||
aws-efs-csi-driver:
|
|
||||||
nodeSelector:
|
|
||||||
{{- toYaml . | nindent 8 }}
|
|
||||||
{{- end }}
|
|
||||||
{{- with index .Values "aws-efs-csi-driver" "PersistentVolumes" }}
|
|
||||||
PersistentVolumes:
|
|
||||||
{{- toYaml . | nindent 6 }}
|
|
||||||
{{- end }}
|
|
||||||
{{- if index .Values "aws-efs-csi-driver" "EfsId" }}
|
|
||||||
PersistentVolume:
|
|
||||||
create: true
|
|
||||||
EfsId: {{ index .Values "aws-efs-csi-driver" "EfsId" }}
|
|
||||||
Name: {{ default "kubezero-efs-pv" ( index .Values "aws-efs-csi-driver" "PVName" ) }}
|
|
||||||
{{- end }}
|
|
||||||
{{- end }}
|
|
||||||
|
|
||||||
istio:
|
|
||||||
enabled: {{ .Values.istio.enabled }}
|
|
||||||
values:
|
|
||||||
istio-discovery:
|
|
||||||
pilot:
|
|
||||||
replicaCount: {{ ternary 2 1 .Values.HighAvailableControlplane }}
|
|
||||||
|
|
||||||
istio-ingress:
|
|
||||||
enabled: {{ index .Values "istio-ingress" "enabled" }}
|
|
||||||
values:
|
|
||||||
{{- if index .Values "istio-ingress" "public" "enabled" }}
|
|
||||||
istio-ingress:
|
|
||||||
enabled: true
|
|
||||||
{{- with index .Values "istio-ingress" "public" "gateway" }}
|
|
||||||
gateways:
|
|
||||||
istio-ingressgateway:
|
|
||||||
{{- toYaml . | nindent 10 }}
|
|
||||||
{{- end }}
|
|
||||||
{{- with index .Values "istio-ingress" "public" "dnsNames" }}
|
|
||||||
dnsNames:
|
|
||||||
{{- toYaml . | nindent 6 }}
|
|
||||||
{{- end }}
|
|
||||||
{{- end }}
|
|
||||||
|
|
||||||
{{- if index .Values "istio-ingress" "private" "enabled" }}
|
|
||||||
istio-private-ingress:
|
|
||||||
enabled: true
|
|
||||||
{{- with index .Values "istio-ingress" "private" "gateway" }}
|
|
||||||
gateways:
|
|
||||||
istio-ingressgateway:
|
|
||||||
{{- toYaml . | nindent 10 }}
|
|
||||||
{{- end }}
|
|
||||||
{{- with index .Values "istio-ingress" "private" "dnsNames" }}
|
|
||||||
dnsNames:
|
|
||||||
{{- toYaml . | nindent 6 }}
|
|
||||||
{{- end }}
|
|
||||||
{{- end }}
|
|
||||||
|
|
||||||
metrics:
|
|
||||||
enabled: {{ .Values.metrics.enabled }}
|
|
||||||
values:
|
|
||||||
{{- if .Values.metrics.istio.grafana.enabled }}
|
|
||||||
grafana:
|
|
||||||
istio:
|
|
||||||
{{- with .Values.metrics.istio.grafana }}
|
|
||||||
{{- toYaml . | nindent 8 }}
|
|
||||||
{{- end }}
|
|
||||||
{{- end }}
|
|
||||||
{{- if .Values.metrics.istio.prometheus.enabled }}
|
|
||||||
prometheus:
|
|
||||||
istio:
|
|
||||||
{{- with .Values.metrics.istio.prometheus }}
|
|
||||||
{{- toYaml . | nindent 8 }}
|
|
||||||
{{- end }}
|
|
||||||
{{- end }}
|
|
||||||
{{- if index .Values "metrics" "kube-prometheus-stack" }}
|
|
||||||
kube-prometheus-stack:
|
|
||||||
{{- with index .Values "metrics" "kube-prometheus-stack" }}
|
|
||||||
{{- toYaml . | nindent 6 }}
|
|
||||||
{{- end }}
|
|
||||||
{{- end }}
|
|
||||||
|
|
||||||
logging:
|
|
||||||
enabled: {{ .Values.logging.enabled }}
|
|
||||||
values:
|
|
||||||
{{- with index .Values "logging" "eck-operator" }}
|
|
||||||
eck-operator:
|
|
||||||
{{- toYaml . | nindent 6 }}
|
|
||||||
{{- end }}
|
|
||||||
|
|
||||||
{{- if .Values.logging.elastic_password }}
|
|
||||||
elastic_password: {{ .Values.logging.elastic_password }}
|
|
||||||
{{- end }}
|
|
||||||
|
|
||||||
{{- if .Values.logging.version }}
|
|
||||||
version: {{ .Values.logging.version }}
|
|
||||||
{{- end }}
|
|
||||||
|
|
||||||
{{- if .Values.logging.fullnameOverride }}
|
|
||||||
fullnameOverride: {{ .Values.logging.fullnameOverride }}
|
|
||||||
{{- end }}
|
|
||||||
|
|
||||||
{{- if .Values.logging.es }}
|
|
||||||
es:
|
|
||||||
{{- if .Values.logging.es.nodeSets }}
|
|
||||||
nodeSets:
|
|
||||||
{{- with .Values.logging.es.nodeSets }}
|
|
||||||
{{- toYaml . | nindent 6 }}
|
|
||||||
{{- end }}
|
|
||||||
{{- end }}
|
|
||||||
prometheus: {{ .Values.metrics.enabled }}
|
|
||||||
|
|
||||||
{{- if .Values.logging.es.s3Snapshot }}
|
|
||||||
s3Snapshot:
|
|
||||||
{{- with .Values.logging.es.s3Snapshot }}
|
|
||||||
{{- toYaml . | nindent 8 }}
|
|
||||||
{{- end }}
|
|
||||||
{{- end }}
|
|
||||||
{{- end }}
|
|
||||||
|
|
||||||
{{- if .Values.logging.kibana }}
|
|
||||||
kibana:
|
|
||||||
{{- with .Values.logging.kibana }}
|
|
||||||
{{- toYaml . | nindent 6 }}
|
|
||||||
{{- end }}
|
|
||||||
{{- end }}
|
|
||||||
|
|
||||||
fluentd:
|
|
||||||
enabled: {{ .Values.logging.fluentd.enabled }}
|
|
||||||
metrics:
|
|
||||||
enabled: {{ .Values.metrics.enabled }}
|
|
||||||
url: {{ .Values.logging.fluentd.url }}
|
|
||||||
{{- if .Values.logging.fluentd.output }}
|
|
||||||
output:
|
|
||||||
host: {{ .Values.logging.fluentd.output.host }}
|
|
||||||
{{- end }}
|
|
||||||
{{- if .Values.logging.fluentd.extraEnvVars }}
|
|
||||||
extraEnvVars:
|
|
||||||
{{- toYaml .Values.logging.fluentd.extraEnvVars | nindent 8 }}
|
|
||||||
{{- end }}
|
|
||||||
{{- if and .Values.logging.fluentd.istio .Values.istio.enabled }}
|
|
||||||
istio:
|
|
||||||
{{- with .Values.logging.fluentd.istio }}
|
|
||||||
{{- toYaml . | nindent 8 }}
|
|
||||||
{{- end }}
|
|
||||||
{{- end }}
|
|
||||||
|
|
||||||
fluent-bit:
|
|
||||||
enabled: {{ index .Values.logging "fluent-bit" "enabled" }}
|
|
||||||
serviceMonitor:
|
|
||||||
enabled: {{ .Values.metrics.enabled }}
|
|
||||||
{{- if index .Values.logging "fluent-bit" "config" }}
|
|
||||||
config:
|
|
||||||
{{- with index .Values.logging "fluent-bit" "config" }}
|
|
||||||
{{- toYaml . | nindent 8 }}
|
|
||||||
{{- end }}
|
|
||||||
{{- end }}
|
|
||||||
|
|
||||||
argo-cd:
|
|
||||||
enabled: {{ index .Values "argo-cd" "enabled" }}
|
|
||||||
values:
|
|
||||||
argo-cd:
|
|
||||||
controller:
|
|
||||||
metrics:
|
|
||||||
enabled: {{ .Values.metrics.enabled }}
|
|
||||||
repoServer:
|
|
||||||
metrics:
|
|
||||||
enabled: {{ .Values.metrics.enabled }}
|
|
||||||
server:
|
|
||||||
metrics:
|
|
||||||
enabled: {{ .Values.metrics.enabled }}
|
|
||||||
{{- with index .Values "argo-cd" "server" }}
|
|
||||||
{{- toYaml . | nindent 8 }}
|
|
||||||
{{- end }}
|
|
||||||
{{- with index .Values "argo-cd" "configs" }}
|
|
||||||
configs:
|
|
||||||
{{- toYaml . | nindent 8}}
|
|
||||||
{{- end }}
|
|
||||||
{{- if and ( index .Values "argo-cd" "istio" "enabled" ) .Values.istio.enabled }}
|
|
||||||
istio:
|
|
||||||
{{- with index .Values "argo-cd" "istio" }}
|
|
||||||
{{- toYaml . | nindent 6 }}
|
|
||||||
{{- end }}
|
|
||||||
{{- end }}
|
|
@ -1,57 +0,0 @@
|
|||||||
ClusterName: Test-cluster
|
|
||||||
Domain: example.com
|
|
||||||
|
|
||||||
platform: aws
|
|
||||||
HighAvailableControlplane: false
|
|
||||||
|
|
||||||
calico:
|
|
||||||
enabled: true
|
|
||||||
|
|
||||||
cert-manager:
|
|
||||||
enabled: true
|
|
||||||
IamArn: ""
|
|
||||||
|
|
||||||
aws-ebs-csi-driver:
|
|
||||||
enabled: true
|
|
||||||
IamArn: ""
|
|
||||||
|
|
||||||
aws-efs-csi-driver:
|
|
||||||
enabled: false
|
|
||||||
|
|
||||||
kiam:
|
|
||||||
enabled: true
|
|
||||||
IamArn: ""
|
|
||||||
|
|
||||||
istio:
|
|
||||||
enabled: false
|
|
||||||
|
|
||||||
istio-ingress:
|
|
||||||
enabled: false
|
|
||||||
public:
|
|
||||||
enabled: false
|
|
||||||
private:
|
|
||||||
enabled: false
|
|
||||||
|
|
||||||
metrics:
|
|
||||||
enabled: false
|
|
||||||
istio:
|
|
||||||
grafana:
|
|
||||||
enabled: false
|
|
||||||
prometheus:
|
|
||||||
enabled: false
|
|
||||||
|
|
||||||
logging:
|
|
||||||
enabled: false
|
|
||||||
eck-operator:
|
|
||||||
enabled: false
|
|
||||||
fluentd:
|
|
||||||
enabled: false
|
|
||||||
fluent-bit:
|
|
||||||
enabled: false
|
|
||||||
|
|
||||||
argo-cd:
|
|
||||||
enabled: false
|
|
||||||
server: {}
|
|
||||||
istio:
|
|
||||||
enabled: false
|
|
||||||
gateway: istio-ingress/private-ingressgateway
|
|
Loading…
Reference in New Issue
Block a user