| .. | ||
| charts/aws-node-termination-handler | ||
| templates | ||
| Chart.yaml | ||
| nth.patch | ||
| README.md | ||
| README.md.gotmpl | ||
| update.sh | ||
| values.yaml | ||
kubezero-addons
KubeZero umbrella chart for various optional cluster addons
Homepage: https://kubezero.com
Maintainers
| Name | Url | |
|---|---|---|
| Stefan Reimer | stefan@zero-downtime.net |
Requirements
Kubernetes: >= 1.20.0
| Repository | Name | Version |
|---|---|---|
| aws-node-termination-handler | 0.16.0 |
MetalLB
device-plugins
k8s-ecr-login-renew
IAM setup
- Create IAM user for ECR read-only access and attach the following managed policy:
AmazonEC2ContainerRegistryReadOnly - create AWS credentials for the IAM users
Kubernetes secret
Create secret with the IAM user credential for ecr-renew to use, using the credentials from the previous step:
kubectl create secret -n kube-system generic ecr-renew-cred --from-literal=AWS_REGION=<AWS_REGION> --from-literal=AWS_ACCESS_KEY_ID=<AWS_SECRET_ID> --from-literal=AWS_SECRET_ACCESS_KEY=<AWS_SECRET_KEY>
Resources
Values
| Key | Type | Default | Description |
|---|---|---|---|
| aws-node-termination-handler.deleteLocalData | bool | true |
|
| aws-node-termination-handler.emitKubernetesEvents | bool | true |
|
| aws-node-termination-handler.enableProbesServer | bool | true |
|
| aws-node-termination-handler.enablePrometheusServer | bool | false |
|
| aws-node-termination-handler.enableSqsTerminationDraining | bool | true |
|
| aws-node-termination-handler.enabled | bool | false |
|
| aws-node-termination-handler.extraEnv[0] | object | {"name":"AWS_ROLE_ARN","value":""} |
"arn:aws:iam::${AWS::AccountId}:role/${AWS::Region}.${ClusterName}.awsNth" |
| aws-node-termination-handler.extraEnv[1].name | string | "AWS_WEB_IDENTITY_TOKEN_FILE" |
|
| aws-node-termination-handler.extraEnv[1].value | string | "/var/run/secrets/sts.amazonaws.com/serviceaccount/token" |
|
| aws-node-termination-handler.extraEnv[2].name | string | "AWS_STS_REGIONAL_ENDPOINTS" |
|
| aws-node-termination-handler.extraEnv[2].value | string | "regional" |
|
| aws-node-termination-handler.fullnameOverride | string | "aws-node-termination-handler" |
|
| aws-node-termination-handler.ignoreDaemonSets | bool | true |
|
| aws-node-termination-handler.jsonLogging | bool | true |
|
| aws-node-termination-handler.managedAsgTag | string | "aws-node-termination-handler/managed" |
"aws-node-termination-handler/${ClusterName}" |
| aws-node-termination-handler.metadataTries | int | 0 |
|
| aws-node-termination-handler.nodeSelector."node-role.kubernetes.io/control-plane" | string | "" |
|
| aws-node-termination-handler.podMonitor.create | bool | false |
|
| aws-node-termination-handler.queueURL | string | "" |
https://sqs.${AWS::Region}.amazonaws.com/${AWS::AccountId}/${ClusterName}_Nth |
| aws-node-termination-handler.rbac.pspEnabled | bool | false |
|
| aws-node-termination-handler.taintNode | bool | true |
|
| aws-node-termination-handler.tolerations[0].effect | string | "NoSchedule" |
|
| aws-node-termination-handler.tolerations[0].key | string | "node-role.kubernetes.io/master" |
|
| clusterBackup.enabled | bool | false |
|
| clusterBackup.extraEnv | list | [] |
|
| clusterBackup.image.name | string | "public.ecr.aws/zero-downtime/kubezero-admin" |
|
| clusterBackup.image.tag | string | "v1.21.9" |
|
| clusterBackup.password | string | "" |
|
| clusterBackup.repository | string | "" |
|
| forseti.aws.iamRoleArn | string | "" |
"arn:aws:iam::${AWS::AccountId}:role/${AWS::Region}.${ClusterName}.kubezeroForseti" |
| forseti.aws.region | string | "" |
|
| forseti.enabled | bool | false |
|
| forseti.image.name | string | "public.ecr.aws/zero-downtime/forseti" |
|
| forseti.image.tag | string | "v0.1.2" |
|
| fuseDevicePlugin.enabled | bool | false |
|
| k8sEcrLoginRenew.enabled | bool | false |