From d49ff51379a895515d70b5ecf4d1016120702768 Mon Sep 17 00:00:00 2001 From: Stefan Reimer Date: Thu, 20 Aug 2020 11:40:08 +0100 Subject: [PATCH] Disable default syncPolicy, use values instead --- charts/kubezero-argo-cd/Chart.yaml | 2 +- charts/kubezero-argo-cd/README.md | 3 +- charts/kubezero-argo-cd/templates/app.yaml | 9 ++--- charts/kubezero-argo-cd/values.yaml | 5 +++ charts/kubezero-logging/README.md | 35 ++++++++++++++++++- charts/kubezero/Chart.yaml | 2 +- charts/kubezero/README.md | 6 ++-- charts/kubezero/templates/_app.yaml | 5 +++ .../templates/aws-ebs-csi-driver.yaml | 3 -- .../templates/aws-efs-csi-driver.yaml | 3 -- charts/kubezero/templates/calico.yaml | 3 -- charts/kubezero/templates/cert-manager.yaml | 5 +-- charts/kubezero/templates/istio.yaml | 3 -- charts/kubezero/templates/kiam.yaml | 3 -- .../templates/local-volume-provisioner.yaml | 3 -- charts/kubezero/templates/logging.yaml | 3 -- charts/kubezero/templates/metrics.yaml | 3 -- charts/kubezero/values-calico.yaml | 17 +++++++++ charts/kubezero/values.yaml | 4 +-- 19 files changed, 76 insertions(+), 41 deletions(-) create mode 100644 charts/kubezero/values-calico.yaml diff --git a/charts/kubezero-argo-cd/Chart.yaml b/charts/kubezero-argo-cd/Chart.yaml index 618d4b0..06a2bc7 100644 --- a/charts/kubezero-argo-cd/Chart.yaml +++ b/charts/kubezero-argo-cd/Chart.yaml @@ -1,7 +1,7 @@ apiVersion: v2 description: KubeZero ArgoCD Helm chart to install ArgoCD itself and the KubeZero ArgoCD Application name: kubezero-argo-cd -version: 0.4.0 +version: 0.4.1 home: https://kubezero.com icon: https://cdn.zero-downtime.net/assets/kubezero/logo-small-64.png keywords: diff --git a/charts/kubezero-argo-cd/README.md b/charts/kubezero-argo-cd/README.md index 0ba38ee..1a2278d 100644 --- a/charts/kubezero-argo-cd/README.md +++ b/charts/kubezero-argo-cd/README.md @@ -2,7 +2,7 @@ kubezero-argo-cd ================ KubeZero ArgoCD Helm chart to install ArgoCD itself and the KubeZero ArgoCD Application -Current chart version is `0.4.0` +Current chart version is `0.4.1` Source code can be found [here](https://kubezero.com) @@ -60,3 +60,4 @@ Source code can be found [here](https://kubezero.com) ## Resources - https://argoproj.github.io/argo-cd/operator-manual/metrics/ +- https://raw.githubusercontent.com/argoproj/argo-cd/master/examples/dashboard.json diff --git a/charts/kubezero-argo-cd/templates/app.yaml b/charts/kubezero-argo-cd/templates/app.yaml index f997988..4bbff87 100644 --- a/charts/kubezero-argo-cd/templates/app.yaml +++ b/charts/kubezero-argo-cd/templates/app.yaml @@ -14,12 +14,13 @@ spec: helm: values: | -{{- toYaml .Values.kubezero | nindent 8 }} + {{- toYaml .Values.kubezero | nindent 8 }} destination: server: {{ .Values.kubezero.global.defaultDestination.server }} namespace: argocd + + {{- if .Values.kubezero.global.syncPolicy }} syncPolicy: - automated: - prune: true - selfHeal: false + {{- toYaml .Values.kubezero.global.syncPolicy | nindent 4 }} + {{- end }} diff --git a/charts/kubezero-argo-cd/values.yaml b/charts/kubezero-argo-cd/values.yaml index c36fc9d..be0f389 100644 --- a/charts/kubezero-argo-cd/values.yaml +++ b/charts/kubezero-argo-cd/values.yaml @@ -15,6 +15,11 @@ kubezero: # kubezero.global.defaultSource.pathPrefix -- optional path prefix within repoURL to support eg. remote subtrees pathPrefix: '' + # syncPolicy, details see: https://argoproj.github.io/argo-cd/user-guide/auto_sync + #syncPolicy: + # automated: + # prune: true + argo-cd: installCRDs: false diff --git a/charts/kubezero-logging/README.md b/charts/kubezero-logging/README.md index 7e427ad..03dff66 100644 --- a/charts/kubezero-logging/README.md +++ b/charts/kubezero-logging/README.md @@ -2,7 +2,7 @@ kubezero-logging ================ KubeZero Umbrella Chart for complete EFK stack -Current chart version is `0.1.0` +Current chart version is `0.2.0` Source code can be found [here](https://kubezero.com) @@ -10,6 +10,7 @@ Source code can be found [here](https://kubezero.com) | Repository | Name | Version | |------------|------|---------| +| https://kubernetes-charts.storage.googleapis.com/ | fluentd | 2.5.1 | | https://zero-down-time.github.io/kubezero/ | kubezero-lib | >= 0.1.3 | ## Changes from upstream @@ -47,6 +48,38 @@ Source code can be found [here](https://kubezero.com) | es.prometheus | bool | `false` | | | es.s3Snapshot.enabled | bool | `false` | | | es.s3Snapshot.iamrole | string | `""` | | +| fluentd.configMaps."forward-input.conf" | string | `"\n @type forward\n port 24224\n bind 0.0.0.0\n skip_invalid_event true\n \n cert_path /mnt/fluentd-certs/tls.crt\n private_key_path /mnt/fluentd-certs/tls.key\n \n \n self_hostname \"#{ENV['HOSTNAME']}\"\n shared_key \"#{ENV['FLUENTD_SHARED_KEY']}\"\n \n\n"` | | +| fluentd.configMaps."output.conf" | string | `"\n @id elasticsearch\n @type elasticsearch\n @log_level info\n include_tag_key true\n id_key id\n remove_keys id\n\n # This pipeline incl. eg. GeoIP\n pipeline fluentd\n\n host \"#{ENV['OUTPUT_HOST']}\"\n port \"#{ENV['OUTPUT_PORT']}\"\n scheme \"#{ENV['OUTPUT_SCHEME']}\"\n ssl_version \"#{ENV['OUTPUT_SSL_VERSION']}\"\n ssl_verify \"#{ENV['OUTPUT_SSL_VERIFY']}\"\n user \"#{ENV['OUTPUT_USER']}\"\n password \"#{ENV['OUTPUT_PASSWORD']}\"\n\n logstash_format true\n reload_connections false\n reconnect_on_error true\n reload_on_failure true\n request_timeout 15s\n\n \n @type file\n path /var/log/fluentd-buffers/kubernetes.system.buffer\n flush_mode interval\n flush_thread_count 2\n flush_interval 5s\n flush_at_shutdown true\n retry_type exponential_backoff\n retry_timeout 60m\n retry_max_interval 30\n chunk_limit_size \"#{ENV['OUTPUT_BUFFER_CHUNK_LIMIT']}\"\n queue_limit_length \"#{ENV['OUTPUT_BUFFER_QUEUE_LIMIT']}\"\n overflow_action drop_oldest_chunk\n \n\n"` | | +| fluentd.enabled | bool | `false` | | +| fluentd.env.OUTPUT_SSL_VERIFY | string | `"false"` | | +| fluentd.env.OUTPUT_USER | string | `"elastic"` | | +| fluentd.extraEnvVars[0].name | string | `"OUTPUT_PASSWORD"` | | +| fluentd.extraEnvVars[0].valueFrom.secretKeyRef.key | string | `"elastic"` | | +| fluentd.extraEnvVars[0].valueFrom.secretKeyRef.name | string | `"logging-es-elastic-user"` | | +| fluentd.extraEnvVars[1].name | string | `"FLUENTD_SHARED_KEY"` | | +| fluentd.extraEnvVars[1].valueFrom.secretKeyRef.key | string | `"shared_key"` | | +| fluentd.extraEnvVars[1].valueFrom.secretKeyRef.name | string | `"logging-fluentd-secret"` | | +| fluentd.extraVolumeMounts[0].mountPath | string | `"/mnt/fluentd-certs"` | | +| fluentd.extraVolumeMounts[0].name | string | `"fluentd-certs"` | | +| fluentd.extraVolumeMounts[0].readOnly | bool | `true` | | +| fluentd.extraVolumes[0].name | string | `"fluentd-certs"` | | +| fluentd.extraVolumes[0].secret.secretName | string | `"fluentd-certificate"` | | +| fluentd.istio.enabled | bool | `false` | | +| fluentd.metrics.enabled | bool | `false` | | +| fluentd.metrics.serviceMonitor.additionalLabels.release | string | `"metrics"` | | +| fluentd.metrics.serviceMonitor.enabled | bool | `true` | | +| fluentd.metrics.serviceMonitor.namespace | string | `"monitoring"` | | +| fluentd.output.host | string | `"logging-es-http"` | | +| fluentd.plugins.enabled | bool | `false` | | +| fluentd.plugins.pluginsList | string | `nil` | | +| fluentd.replicaCount | int | `2` | | +| fluentd.service.ports[0].containerPort | int | `24224` | | +| fluentd.service.ports[0].name | string | `"tcp-forward"` | | +| fluentd.service.ports[0].protocol | string | `"TCP"` | | +| fluentd.service.ports[1].containerPort | int | `9880` | | +| fluentd.service.ports[1].name | string | `"http-fluentd"` | | +| fluentd.service.ports[1].protocol | string | `"TCP"` | | +| fluentd.shared_key | string | `"cloudbender"` | | | kibana.count | int | `1` | | | kibana.istio.enabled | bool | `false` | | | kibana.istio.gateway | string | `"istio-system/ingressgateway"` | | diff --git a/charts/kubezero/Chart.yaml b/charts/kubezero/Chart.yaml index 4fbf73b..7662099 100644 --- a/charts/kubezero/Chart.yaml +++ b/charts/kubezero/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: kubezero description: KubeZero ArgoCD Application - Root App of Apps chart of KubeZero type: application -version: 0.4.3 +version: 0.4.4 home: https://kubezero.com icon: https://cdn.zero-downtime.net/assets/kubezero/logo-small-64.png keywords: diff --git a/charts/kubezero/README.md b/charts/kubezero/README.md index b41419d..d99761c 100644 --- a/charts/kubezero/README.md +++ b/charts/kubezero/README.md @@ -2,7 +2,7 @@ kubezero ======== KubeZero ArgoCD Application - Root App of Apps chart of KubeZero -Current chart version is `0.4.3` +Current chart version is `0.4.4` Source code can be found [here](https://kubezero.com) @@ -18,8 +18,8 @@ Source code can be found [here](https://kubezero.com) |-----|------|---------|-------------| | aws-ebs-csi-driver.enabled | bool | `false` | | | aws-efs-csi-driver.enabled | bool | `false` | | -| calico.enabled | bool | `true` | | -| cert-manager.enabled | bool | `true` | | +| calico.enabled | bool | `false` | | +| cert-manager.enabled | bool | `false` | | | global.defaultDestination.server | string | `"https://kubernetes.default.svc"` | | | global.defaultSource.pathPrefix | string | `""` | | | global.defaultSource.repoURL | string | `"https://github.com/zero-down-time/kubezero"` | | diff --git a/charts/kubezero/templates/_app.yaml b/charts/kubezero/templates/_app.yaml index 453f52c..4c9ef8f 100644 --- a/charts/kubezero/templates/_app.yaml +++ b/charts/kubezero/templates/_app.yaml @@ -31,4 +31,9 @@ spec: destination: server: {{ .root.Values.global.defaultDestination.server }} namespace: {{ default "kube-system" .namespace }} + + {{- if .root.Values.global.syncPolicy }} + syncPolicy: + {{- toYaml .root.Values.global.syncPolicy | nindent 4 }} + {{- end }} {{- end }} diff --git a/charts/kubezero/templates/aws-ebs-csi-driver.yaml b/charts/kubezero/templates/aws-ebs-csi-driver.yaml index 8fb49a0..cf4e108 100644 --- a/charts/kubezero/templates/aws-ebs-csi-driver.yaml +++ b/charts/kubezero/templates/aws-ebs-csi-driver.yaml @@ -1,6 +1,3 @@ {{- if index .Values "aws-ebs-csi-driver" "enabled" }} {{ template "kubezero-app.app" dict "root" . "name" "aws-ebs-csi-driver" "type" "helm" }} - syncPolicy: - automated: - prune: true {{- end }} diff --git a/charts/kubezero/templates/aws-efs-csi-driver.yaml b/charts/kubezero/templates/aws-efs-csi-driver.yaml index a50005b..13a43ca 100644 --- a/charts/kubezero/templates/aws-efs-csi-driver.yaml +++ b/charts/kubezero/templates/aws-efs-csi-driver.yaml @@ -1,6 +1,3 @@ {{- if index .Values "aws-efs-csi-driver" "enabled" }} {{ template "kubezero-app.app" dict "root" . "name" "aws-efs-csi-driver" "type" "helm" }} - syncPolicy: - automated: - prune: true {{- end }} diff --git a/charts/kubezero/templates/calico.yaml b/charts/kubezero/templates/calico.yaml index 91eebd5..156da24 100644 --- a/charts/kubezero/templates/calico.yaml +++ b/charts/kubezero/templates/calico.yaml @@ -1,8 +1,5 @@ {{- if .Values.calico.enabled }} {{ template "kubezero-app.app" dict "root" . "name" "calico" "type" "helm" "retain" true }} - syncPolicy: - automated: - prune: true ignoreDifferences: - group: apiextensions.k8s.io diff --git a/charts/kubezero/templates/cert-manager.yaml b/charts/kubezero/templates/cert-manager.yaml index 847d232..e155019 100644 --- a/charts/kubezero/templates/cert-manager.yaml +++ b/charts/kubezero/templates/cert-manager.yaml @@ -1,9 +1,6 @@ {{- if index .Values "cert-manager" "enabled" }} {{ template "kubezero-app.app" dict "root" . "name" "cert-manager" "type" "helm" "namespace" "cert-manager" }} - syncPolicy: - automated: - prune: true - selfHeal: true + --- apiVersion: v1 kind: Namespace diff --git a/charts/kubezero/templates/istio.yaml b/charts/kubezero/templates/istio.yaml index 9dbd753..7ac9cb1 100644 --- a/charts/kubezero/templates/istio.yaml +++ b/charts/kubezero/templates/istio.yaml @@ -1,8 +1,5 @@ {{- if .Values.istio.enabled }} {{ template "kubezero-app.app" dict "root" . "name" "istio" "type" "helm" }} - syncPolicy: - automated: - prune: true ignoreDifferences: - group: apiextensions.k8s.io diff --git a/charts/kubezero/templates/kiam.yaml b/charts/kubezero/templates/kiam.yaml index a9c7347..78c34af 100644 --- a/charts/kubezero/templates/kiam.yaml +++ b/charts/kubezero/templates/kiam.yaml @@ -1,6 +1,3 @@ {{- if index .Values "kiam" "enabled" }} {{ template "kubezero-app.app" dict "root" . "name" "kiam" "type" "helm" }} - syncPolicy: - automated: - prune: true {{- end }} diff --git a/charts/kubezero/templates/local-volume-provisioner.yaml b/charts/kubezero/templates/local-volume-provisioner.yaml index 0db5f77..9313cfe 100644 --- a/charts/kubezero/templates/local-volume-provisioner.yaml +++ b/charts/kubezero/templates/local-volume-provisioner.yaml @@ -1,6 +1,3 @@ {{- if index .Values "local-volume-provisioner" "enabled" }} {{ template "kubezero-app.app" dict "root" . "name" "local-volume-provisioner" "type" "helm" }} - syncPolicy: - automated: - prune: true {{- end }} diff --git a/charts/kubezero/templates/logging.yaml b/charts/kubezero/templates/logging.yaml index 90cf116..0f40e65 100644 --- a/charts/kubezero/templates/logging.yaml +++ b/charts/kubezero/templates/logging.yaml @@ -1,8 +1,5 @@ {{- if index .Values "logging" "enabled" }} {{ template "kubezero-app.app" dict "root" . "name" "logging" "type" "helm" "namespace" "logging"}} - syncPolicy: - automated: - prune: true ignoreDifferences: - group: admissionregistration.k8s.io diff --git a/charts/kubezero/templates/metrics.yaml b/charts/kubezero/templates/metrics.yaml index 59c7ee3..6fba80a 100644 --- a/charts/kubezero/templates/metrics.yaml +++ b/charts/kubezero/templates/metrics.yaml @@ -1,8 +1,5 @@ {{- if index .Values "metrics" "enabled" }} {{ template "kubezero-app.app" dict "root" . "name" "metrics" "type" "helm" "namespace" "monitoring"}} - syncPolicy: - automated: - prune: true --- apiVersion: v1 kind: Namespace diff --git a/charts/kubezero/values-calico.yaml b/charts/kubezero/values-calico.yaml new file mode 100644 index 0000000..618c328 --- /dev/null +++ b/charts/kubezero/values-calico.yaml @@ -0,0 +1,17 @@ +global: + defaultDestination: + server: https://kubernetes.default.svc + + # This repoURL is used a base for all the repoURLs applications + # Setting this to a eg. private git repo incl. the use of pathPrefix allows kubezero to be + # integrated into any repository as a git subtree if for example public internet access is unavailable + defaultSource: + # defaultSource.repoURL -- default repository for argocd applications + repoURL: https://github.com/zero-down-time/kubezero + # defaultSource.targetRevision -- default tracking of repoURL + targetRevision: HEAD + # defaultSource.pathPrefix -- optional path prefix within repoURL to support eg. remote subtrees + pathPrefix: '' + +calico: + enabled: true diff --git a/charts/kubezero/values.yaml b/charts/kubezero/values.yaml index 87248f7..ef4ee59 100644 --- a/charts/kubezero/values.yaml +++ b/charts/kubezero/values.yaml @@ -16,10 +16,10 @@ global: platform: aws calico: - enabled: true + enabled: false cert-manager: - enabled: true + enabled: false local-volume-provisioner: enabled: false