{{- define "addons-values" }} clusterBackup: enabled: {{ ternary "true" "false" (or (hasKey .Values.global.aws "region") .Values.addons.clusterBackup.enabled) }} {{- with omit .Values.addons.clusterBackup "enabled" }} {{- toYaml . | nindent 2 }} {{- end }} {{- if eq .Values.global.platform "aws" }} # AWS extraEnv: - name: AWS_DEFAULT_REGION value: {{ .Values.global.aws.region }} {{- end }} forseti: enabled: {{ ternary "true" "false" (or (hasKey .Values.global.aws "region") .Values.addons.forseti.enabled) }} {{- with omit .Values.addons.forseti "enabled" }} {{- toYaml . | nindent 2 }} {{- end }} {{- if eq .Values.global.platform "aws" }} # AWS aws: region: {{ $.Values.global.aws.region }} iamRoleArn: "arn:aws:iam::{{ .Values.global.aws.accountId }}:role/{{ .Values.global.aws.region }}.{{ .Values.global.clusterName }}.kubezeroForseti" {{- end }} external-dns: enabled: {{ ternary "true" "false" (or (hasKey .Values.global.aws "region") (index .Values "addons" "external-dns" "enabled")) }} {{- with omit (index .Values "addons" "external-dns") "enabled" }} {{- toYaml . | nindent 2 }} {{- end }} {{- if eq .Values.global.platform "aws" }} # AWS txtOwnerId: {{ .Values.global.clusterName }} provider: aws extraArgs: - "--aws-zone-type=public" - "--aws-zones-cache-duration=1h" env: - name: AWS_ROLE_ARN value: "arn:aws:iam::{{ .Values.global.aws.accountId }}:role/{{ .Values.global.aws.region }}.{{ .Values.global.clusterName }}.externalDNS" - name: AWS_WEB_IDENTITY_TOKEN_FILE value: "/var/run/secrets/sts.amazonaws.com/serviceaccount/token" - name: AWS_STS_REGIONAL_ENDPOINTS value: "regional" - name: METADATA_TRIES value: "0" extraVolumes: - name: aws-token projected: sources: - serviceAccountToken: path: token expirationSeconds: 86400 audience: "sts.amazonaws.com" extraVolumeMounts: - name: aws-token mountPath: "/var/run/secrets/sts.amazonaws.com/serviceaccount/" readOnly: true {{- end }} cluster-autoscaler: enabled: {{ ternary "true" "false" (or (hasKey .Values.global.aws "region") (index .Values "addons" "cluster-autoscaler" "enabled")) }} autoDiscovery: clusterName: {{ .Values.global.clusterName }} {{- if not .Values.global.highAvailable }} extraArgs: leader-elect: false {{- end }} {{- with omit (index .Values "addons" "cluster-autoscaler") "enabled" }} {{- toYaml . | nindent 2 }} {{- end }} {{- with .Values.metrics }} serviceMonitor: enabled: {{ .enabled }} # Buggy atm due to integer vs. string issue # prometheusRule: # enabled: {{ .enabled }} {{- end }} {{- if eq .Values.global.platform "aws" }} # AWS awsRegion: {{ .Values.global.aws.region }} extraEnv: AWS_ROLE_ARN: "arn:aws:iam::{{ .Values.global.aws.accountId }}:role/{{ .Values.global.aws.region }}.{{ .Values.global.clusterName }}.clusterAutoScaler" AWS_WEB_IDENTITY_TOKEN_FILE: "/var/run/secrets/sts.amazonaws.com/serviceaccount/token" AWS_STS_REGIONAL_ENDPOINTS: "regional" extraVolumes: - name: aws-token projected: sources: - serviceAccountToken: path: token expirationSeconds: 86400 audience: "sts.amazonaws.com" extraVolumeMounts: - name: aws-token mountPath: "/var/run/secrets/sts.amazonaws.com/serviceaccount/" readOnly: true {{- end }} {{- with .Values.addons.fuseDevicePlugin }} fuseDevicePlugin: {{- toYaml . | nindent 2 }} {{- end }} {{- with index .Values "addons" "nvidia-device-plugin" }} nvidia-device-plugin: {{- toYaml . | nindent 2 }} {{- end }} {{- with index .Values "addons" "sealed-secrets" }} sealed-secrets: {{- toYaml . | nindent 2 }} {{- with $.Values.metrics }} metrics: serviceMonitor: enabled: {{ .enabled }} {{- end }} {{- end }} {{- with index .Values "addons" "py-kube-downscaler" }} py-kube-downscaler: {{- toYaml . | nindent 2 }} {{- end }} # AWS only {{- if eq .Values.global.platform "aws" }} aws-node-termination-handler: enabled: {{ default "true" (index .Values "addons" "aws-node-termination-handler" "enabled") }} {{- with omit (index .Values "addons" "aws-node-termination-handler") "enabled" }} {{- toYaml . | nindent 2 }} {{- end }} {{- with .Values.metrics }} enablePrometheusServer: {{ .enabled }} {{- end }} queueURL: "https://sqs.{{ .Values.global.aws.region }}.amazonaws.com/{{ .Values.global.aws.accountId }}/{{ .Values.global.clusterName }}_Nth" managedTag: "zdt:kubezero:nth:{{ .Values.global.clusterName }}" extraEnv: - name: AWS_ROLE_ARN value: "arn:aws:iam::{{ .Values.global.aws.accountId }}:role/{{ .Values.global.aws.region }}.{{ .Values.global.clusterName }}.awsNth" - name: AWS_WEB_IDENTITY_TOKEN_FILE value: "/var/run/secrets/sts.amazonaws.com/serviceaccount/token" - name: AWS_STS_REGIONAL_ENDPOINTS value: "regional" - name: METADATA_TRIES value: "0" aws-eks-asg-rolling-update-handler: enabled: {{ default "true" (index .Values "addons" "aws-eks-asg-rolling-update-handler" "enabled") }} {{- with omit (index .Values "addons" "aws-eks-asg-rolling-update-handler") "enabled" }} {{- toYaml . | nindent 2 }} {{- end }} environmentVars: - name: CLUSTER_NAME value: {{ .Values.global.clusterName }} - name: AWS_REGION value: {{ .Values.global.aws.region }} - name: EXECUTION_INTERVAL value: "60" - name: METRICS value: "{{ .Values.metrics.enabled }}" - name: EAGER_CORDONING value: "true" - name: SLOW_MODE value: "true" - name: AWS_ROLE_ARN value: "arn:aws:iam::{{ .Values.global.aws.accountId }}:role/{{ .Values.global.aws.region }}.{{ .Values.global.clusterName }}.awsRuh" - name: AWS_WEB_IDENTITY_TOKEN_FILE value: "/var/run/secrets/sts.amazonaws.com/serviceaccount/token" - name: AWS_STS_REGIONAL_ENDPOINTS value: "regional" {{- with .Values.addons.awsNeuron }} awsNeuron: {{- toYaml . | nindent 2 }} {{- end }} {{- end }} {{- end }} {{- define "addons-argo" }} {{- end }} {{ include "kubezero-app.app" . }}