KubeZero/charts/kubezero-addons
2021-12-03 22:16:22 +01:00
..
charts/aws-node-termination-handler feat: make aws-node-termination handler work, more reorg 2021-12-01 16:43:42 +01:00
templates chore: move helm repo to S3/CDN 2021-12-03 22:16:22 +01:00
Chart.yaml chore: move helm repo to S3/CDN 2021-12-03 22:16:22 +01:00
nth.patch feat: make aws-node-termination handler work, more reorg 2021-12-01 16:43:42 +01:00
README.md feat: make aws-node-termination handler work, more reorg 2021-12-01 16:43:42 +01:00
README.md.gotmpl feat: migrate device-plugins and k8s-ecr-login-renew into kubezero-addons 2021-09-02 19:36:11 +02:00
update.sh feat: make aws-node-termination handler work, more reorg 2021-12-01 16:43:42 +01:00
values.yaml chore: move helm repo to S3/CDN 2021-12-03 22:16:22 +01:00

kubezero-addons

Version: 0.2.1 Type: application

KubeZero umbrella chart for various optional cluster addons

Homepage: https://kubezero.com

Maintainers

Name Email Url
Stefan Reimer stefan@zero-downtime.net

Requirements

Kubernetes: >= 1.20.0

Repository Name Version
aws-node-termination-handler 0.16.0

MetalLB

device-plugins

k8s-ecr-login-renew

IAM setup

  • Create IAM user for ECR read-only access and attach the following managed policy: AmazonEC2ContainerRegistryReadOnly
  • create AWS credentials for the IAM users

Kubernetes secret

Create secret with the IAM user credential for ecr-renew to use, using the credentials from the previous step:
kubectl create secret -n kube-system generic ecr-renew-cred --from-literal=AWS_REGION=<AWS_REGION> --from-literal=AWS_ACCESS_KEY_ID=<AWS_SECRET_ID> --from-literal=AWS_SECRET_ACCESS_KEY=<AWS_SECRET_KEY>

Resources

Values

Key Type Default Description
aws-node-termination-handler.deleteLocalData bool true
aws-node-termination-handler.enablePrometheusServer bool false
aws-node-termination-handler.enableSqsTerminationDraining bool true
aws-node-termination-handler.enabled bool false
aws-node-termination-handler.extraEnv.AWS_ROLE_ARN string "" "arn:aws:iam::${AWS::AccountId}:role/${AWS::Region}.${ClusterName}.awsNth"
aws-node-termination-handler.extraEnv.AWS_STS_REGIONAL_ENDPOINTS string "regional"
aws-node-termination-handler.extraEnv.AWS_WEB_IDENTITY_TOKEN_FILE string "/var/run/secrets/sts.amazonaws.com/serviceaccount/token"
aws-node-termination-handler.fullnameOverride string "aws-node-termination-handler"
aws-node-termination-handler.jsonLogging bool true
aws-node-termination-handler.metadataTries int 0
aws-node-termination-handler.nodeSelector."node-role.kubernetes.io/control-plane" string ""
aws-node-termination-handler.podMonitor.create bool false
aws-node-termination-handler.queueURL string "" https://sqs.${AWS::Region}.amazonaws.com/${AWS::AccountId}/${ClusterName}_Nth
aws-node-termination-handler.rbac.pspEnabled bool false
aws-node-termination-handler.taintNode bool true
aws-node-termination-handler.tolerations[0].effect string "NoSchedule"
aws-node-termination-handler.tolerations[0].key string "node-role.kubernetes.io/master"
clusterBackup.enabled bool false
clusterBackup.image.name string "public.ecr.aws/zero-downtime/kubezero-admin"
clusterBackup.image.tag string "v1.21.7"
clusterBackup.password string ""
clusterBackup.repository string ""
fuseDevicePlugin.enabled bool false
k8sEcrLoginRenew.enabled bool false