Initial aws-node-termination still disabled, local-volume tweaks for new tag layout

charts/kubeadm/templates/KubeletConfiguration.yaml

@@ -16,12 +16,13 @@ eventRecordQPS: 0
 # tlsCertFile: /var/lib/kubelet/pki/kubelet.crt
 # tlsPrivateKeyFile: /var/lib/kubelet/pki/kubelet.key
 tlsCipherSuites: [TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,TLS_RSA_WITH_AES_256_GCM_SHA384,TLS_RSA_WITH_AES_128_GCM_SHA256]
-{{- if eq .Values.platform "aws" }}
 featureGates:
+  CustomCPUCFSQuotaPeriod: true
+{{- if eq .Values.platform "aws" }}
   CSIMigrationAWS: true
   CSIMigrationAWSComplete: true
-  CustomCPUCFSQuotaPeriod: true
 {{- end }}
 kubeReserved:
   cpu: 50m
   memory: 128m
+# cpuCFSQuotaPeriod: 10ms

charts/kubezero-aws-node-termination-handler/Chart.yaml

@@ -0,0 +1,23 @@
+apiVersion: v2
+name: kubezero-aws-node-termination-handler
+description: Umbrella chart for all KubeZero AWS addons
+type: application
+version: 0.1.0
+home: https://kubezero.com
+icon: https://cdn.zero-downtime.net/assets/kubezero/logo-small-64.png
+keywords:
+  - kubezero
+  - kiam
+  - aws-ebs-csi-driver
+  - aws-efs-csi-driver
+  - aws-node-termination-handler
+maintainers:
+  - name: Quarky9
+dependencies:
+  - name: kubezero-lib
+    version: ">= 0.1.3"
+    repository: https://zero-down-time.github.io/kubezero/
+  - name: aws-node-termination-handler
+    version: ">= 0.13.3"
+    repository: https://aws.github.io/eks-charts
+kubeVersion: ">= 1.18.0"

charts/kubezero-aws-node-termination-handler/README.md

@@ -0,0 +1,42 @@
+# kubezero-local-volume-provisioner
+
+![Version: 0.1.0](https://img.shields.io/badge/Version-0.1.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 2.3.4](https://img.shields.io/badge/AppVersion-2.3.4-informational?style=flat-square)
+
+KubeZero Umbrella Chart for local-static-provisioner
+
+Provides persistent volumes backed by local volumes, eg. additional SSDs or spindles.
+
+**Homepage:** <https://kubezero.com>
+
+## Maintainers
+
+| Name | Email | Url |
+| ---- | ------ | --- |
+| Quarky9 |  |  |
+
+## Requirements
+
+Kubernetes: `>= 1.16.0`
+
+| Repository | Name | Version |
+|------------|------|---------|
+| https://zero-down-time.github.io/kubezero/ | kubezero-lib | >= 0.1.3 |
+
+## Values
+
+| Key | Type | Default | Description |
+|-----|------|---------|-------------|
+| local-static-provisioner.classes[0].hostDir | string | `"/mnt/disks"` |  |
+| local-static-provisioner.classes[0].name | string | `"local-sc-xfs"` |  |
+| local-static-provisioner.common.namespace | string | `"kube-system"` |  |
+| local-static-provisioner.daemonset.nodeSelector."node.kubernetes.io/localVolume" | string | `"present"` |  |
+| local-static-provisioner.prometheus.operator.enabled | bool | `false` |  |
+
+## KubeZero default configuration
+
+- add nodeSelector to only install on nodes actually having ephemeral local storage
+- provide matching storage class to expose mounted disks under `/mnt/disks`
+
+## Resources
+
+- https://github.com/kubernetes-sigs/sig-storage-local-static-provisioner

charts/kubezero-aws-node-termination-handler/README.md.gotmpl

@@ -0,0 +1,27 @@
+{{ template "chart.header" . }}
+{{ template "chart.deprecationWarning" . }}
+
+{{ template "chart.versionBadge" . }}{{ template "chart.typeBadge" . }}{{ template "chart.appVersionBadge" . }}
+
+{{ template "chart.description" . }}
+
+{{ template "chart.homepageLine" . }}
+
+{{ template "chart.maintainersSection" . }}
+
+{{ template "chart.sourcesSection" . }}
+
+{{ template "chart.requirementsSection" . }}
+
+{{ template "chart.valuesSection" . }}
+
+## KubeZero default configuration
+
+- enable SQS Mode
+- allow draining of localdata
+- enable prometheus
+
+## Resources
+
+- https://github.com/aws/aws-node-termination-handler
+- https://github.com/aws/eks-charts/tree/master/stable/aws-node-termination-handler

charts/kubezero-aws-node-termination-handler/values.yaml

@@ -0,0 +1,19 @@
+aws-node-termination-handler:
+  enableSqsTerminationDraining: true
+  # queueURL: <SQS queue ARN from kube controller stack>
+  deleteLocalData: true
+  taintNode: true
+
+  enablePrometheusServer: false
+  podMonitor:
+    create: false
+    labels:
+      release: metrics
+
+  jsonLogging: true
+
+  tolerations:
+  - key: node-role.kubernetes.io/master
+    effect: NoSchedule
+  nodeSelector:
+    node-role.kubernetes.io/master: ""

charts/kubezero-local-volume-provisioner/Chart.yaml

@@ -2,7 +2,7 @@ apiVersion: v2
 name: kubezero-local-volume-provisioner
 description: KubeZero Umbrella Chart for local-static-provisioner
 type: application
-version: 0.1.0
+version: 0.1.1
 appVersion: 2.3.4
 home: https://kubezero.com
 icon: https://cdn.zero-downtime.net/assets/kubezero/logo-small-64.png

charts/kubezero-local-volume-provisioner/values.yaml

@@ -5,8 +5,13 @@ local-static-provisioner:
   - name: local-sc-xfs
     hostDir: /mnt/disks
   daemonset:
-    nodeSelector:
+    affinity:
-      node.kubernetes.io/localVolume: present
+      nodeAffinity:
+        requiredDuringSchedulingIgnoredDuringExecution:
+          nodeSelectorTerms:
+          - matchExpressions:
+            - key: node.kubernetes.io/localVolumes
+              operator: Exists
   prometheus:
     operator:
       enabled: false

charts/kubezero/templates/argoless.yaml

@@ -1,6 +1,6 @@
 {{- if not .Values.argo }}
 
-{{- $artifacts := list "calico" "cert-manager" "kiam" "aws-ebs-csi-driver" "aws-efs-csi-driver" "local-volume-provisioner" "local-path-provisioner" "istio" "istio-ingress" "metrics" "logging" "argocd" }}
+{{- $artifacts := list "calico" "cert-manager" "kiam" "aws-node-termination-handler" "aws-ebs-csi-driver" "aws-efs-csi-driver" "local-volume-provisioner" "local-path-provisioner" "istio" "istio-ingress" "metrics" "logging" "argocd" }}
 
 {{- if .Values.global }}
 global:

charts/kubezero/templates/aws-node-termination-handler.yaml

@@ -0,0 +1,17 @@
+{{- define "aws-node-termination-handler-values" }}
+
+aws-node-termination-handler:
+{{- with index .Values "aws-node-termination-handler" "queueURL" }}
+  queueURL: "{{ . }}"
+{{- end }}
+{{ with index .Values "aws-node-termination-handler" "IamArn" }}
+  podAnnotations:
+    iam.amazonaws.com/role: "{{ . }}"
+{{- end }}
+
+{{- end }}
+
+{{- define "aws-node-termination-handler-argo" }}
+{{- end }}
+
+{{ include "kubezero-app.app" . }}

charts/kubezero/templates/logging.yaml

@@ -96,6 +96,7 @@ fluent-bit:
     - /webhooks/5/clientConfig/caBundle
     - /webhooks/6/clientConfig/caBundle
     - /webhooks/7/clientConfig/caBundle
+    - /webhooks/8/clientConfig/caBundle
   - group: apiextensions.k8s.io
     kind: CustomResourceDefinition
     jsonPointers:

charts/kubezero/values.yaml

@@ -22,6 +22,9 @@ cert-manager:
 kiam:
   enabled: false
 
+aws-node-termination-handler:
+  enabled: false
+
 local-volume-provisioner:
   enabled: false