master #23
|
@ -1,7 +1,7 @@
|
|||
apiVersion: v2
|
||||
description: KubeZero ArgoCD Helm chart to install ArgoCD itself and the KubeZero ArgoCD Application
|
||||
name: kubezero-argo-cd
|
||||
version: 0.5.2
|
||||
version: 0.5.3
|
||||
home: https://kubezero.com
|
||||
icon: https://cdn.zero-downtime.net/assets/kubezero/logo-small-64.png
|
||||
keywords:
|
||||
|
|
|
@ -2,7 +2,7 @@ kubezero-argo-cd
|
|||
================
|
||||
KubeZero ArgoCD Helm chart to install ArgoCD itself and the KubeZero ArgoCD Application
|
||||
|
||||
Current chart version is `0.5.1`
|
||||
Current chart version is `0.5.3`
|
||||
|
||||
Source code can be found [here](https://kubezero.com)
|
||||
|
||||
|
@ -25,12 +25,13 @@ Source code can be found [here](https://kubezero.com)
|
|||
| argo-cd.controller.metrics.serviceMonitor.enabled | bool | `true` | |
|
||||
| argo-cd.controller.metrics.serviceMonitor.namespace | string | `"monitoring"` | |
|
||||
| argo-cd.controller.nodeSelector."node-role.kubernetes.io/master" | string | `""` | |
|
||||
| argo-cd.controller.resources.limits.memory | string | `"512Mi"` | |
|
||||
| argo-cd.controller.resources.limits.memory | string | `"1536Mi"` | |
|
||||
| argo-cd.controller.resources.requests.cpu | string | `"100m"` | |
|
||||
| argo-cd.controller.resources.requests.memory | string | `"192Mi"` | |
|
||||
| argo-cd.controller.resources.requests.memory | string | `"256Mi"` | |
|
||||
| argo-cd.controller.tolerations[0].effect | string | `"NoSchedule"` | |
|
||||
| argo-cd.controller.tolerations[0].key | string | `"node-role.kubernetes.io/master"` | |
|
||||
| argo-cd.dex.enabled | bool | `false` | |
|
||||
| argo-cd.global.image.tag | string | `"v1.7.5"` | |
|
||||
| argo-cd.installCRDs | bool | `false` | |
|
||||
| argo-cd.istio.enabled | bool | `false` | Deploy Istio VirtualService to expose ArgoCD |
|
||||
| argo-cd.istio.gateway | string | `"istio-system/ingressgateway"` | Name of the Istio gateway to add the VirtualService to |
|
||||
|
|
|
@ -29,10 +29,14 @@ argo-cd:
|
|||
# argocdServerAdminPassword: "$2a$10$ivKzaXVxMqdeDSfS3nqi1Od3iDbnL7oXrixzDfZFRHlXHnAG6LydG"
|
||||
# argocdServerAdminPasswordMtime: "2020-04-24T15:33:09BST"
|
||||
|
||||
global:
|
||||
image:
|
||||
tag: v1.7.5
|
||||
|
||||
controller:
|
||||
args:
|
||||
statusProcessors: "2"
|
||||
operationProcessors: "1"
|
||||
statusProcessors: "4"
|
||||
operationProcessors: "2"
|
||||
appResyncPeriod: "300"
|
||||
|
||||
metrics:
|
||||
|
|
|
@ -2,7 +2,7 @@ apiVersion: v2
|
|||
name: kubezero-istio
|
||||
description: KubeZero Umbrella Chart for Istio
|
||||
type: application
|
||||
version: 0.3.2
|
||||
version: 0.3.3
|
||||
appVersion: 1.7.1
|
||||
home: https://kubezero.com
|
||||
icon: https://cdn.zero-downtime.net/assets/kubezero/logo-small-64.png
|
||||
|
|
|
@ -5,7 +5,7 @@ KubeZero Umbrella Chart for Istio
|
|||
Installs Istio Operator and KubeZero Istio profile
|
||||
|
||||
|
||||
Current chart version is `0.3.0`
|
||||
Current chart version is `0.3.3`
|
||||
|
||||
Source code can be found [here](https://kubezero.com)
|
||||
|
||||
|
|
|
@ -0,0 +1,68 @@
|
|||
apiVersion: networking.istio.io/v1alpha3
|
||||
kind: EnvoyFilter
|
||||
metadata:
|
||||
name: ingressgateway-listener-tcp-keepalive
|
||||
namespace: istio-system
|
||||
spec:
|
||||
workloadSelector:
|
||||
labels:
|
||||
istio: ingressgateway
|
||||
configPatches:
|
||||
- applyTo: LISTENER
|
||||
patch:
|
||||
operation: MERGE
|
||||
value:
|
||||
socket_options:
|
||||
# SOL_SOCKET = 1
|
||||
# SO_KEEPALIVE = 9
|
||||
- level: 1
|
||||
name: 9
|
||||
int_value: 1
|
||||
state: STATE_LISTENING
|
||||
# IPPROTO_TCP = 6
|
||||
# TCP_KEEPIDLE = 4
|
||||
- level: 6
|
||||
name: 4
|
||||
int_value: 60
|
||||
state: STATE_LISTENING
|
||||
# TCP_KEEPINTVL = 5
|
||||
- level: 6
|
||||
name: 5
|
||||
int_value: 60
|
||||
state: STATE_LISTENING
|
||||
|
||||
{{- if .Values.ingress.private.enabled }}
|
||||
---
|
||||
apiVersion: networking.istio.io/v1alpha3
|
||||
kind: EnvoyFilter
|
||||
metadata:
|
||||
name: private-ingressgateway-listener-tcp-keepalive
|
||||
namespace: istio-system
|
||||
spec:
|
||||
workloadSelector:
|
||||
labels:
|
||||
istio: private-ingressgateway
|
||||
configPatches:
|
||||
- applyTo: LISTENER
|
||||
patch:
|
||||
operation: MERGE
|
||||
value:
|
||||
socket_options:
|
||||
# SOL_SOCKET = 1
|
||||
# SO_KEEPALIVE = 9
|
||||
- level: 1
|
||||
name: 9
|
||||
int_value: 1
|
||||
state: STATE_LISTENING
|
||||
# IPPROTO_TCP = 6
|
||||
# TCP_KEEPIDLE = 4
|
||||
- level: 6
|
||||
name: 4
|
||||
int_value: 60
|
||||
state: STATE_LISTENING
|
||||
# TCP_KEEPINTVL = 5
|
||||
- level: 6
|
||||
name: 5
|
||||
int_value: 60
|
||||
state: STATE_LISTENING
|
||||
{{- end }}
|
|
@ -2,7 +2,7 @@ apiVersion: v2
|
|||
name: kubezero-kiam
|
||||
description: KubeZero Umbrella Chart for Kiam
|
||||
type: application
|
||||
version: 0.2.10
|
||||
version: 0.2.11
|
||||
appVersion: 3.6
|
||||
home: https://kubezero.com
|
||||
icon: https://cdn.zero-downtime.net/assets/kubezero/logo-small-64.png
|
||||
|
|
|
@ -1,3 +1,4 @@
|
|||
{{- if .Values.annotateKubeSystemNameSpace }}
|
||||
apiVersion: v1
|
||||
kind: ServiceAccount
|
||||
metadata:
|
||||
|
@ -63,3 +64,4 @@ spec:
|
|||
tolerations:
|
||||
- effect: NoSchedule
|
||||
key: node-role.kubernetes.io/master
|
||||
{{- end }}
|
||||
|
|
|
@ -1,3 +1,5 @@
|
|||
annotateKubeSystemNameSpace: false
|
||||
|
||||
kiam:
|
||||
enabled: true
|
||||
server:
|
||||
|
|
|
@ -2,7 +2,7 @@ apiVersion: v2
|
|||
name: kubezero-logging
|
||||
description: KubeZero Umbrella Chart for complete EFK stack
|
||||
type: application
|
||||
version: 0.3.5
|
||||
version: 0.3.6
|
||||
appVersion: 1.2.1
|
||||
home: https://kubezero.com
|
||||
icon: https://cdn.zero-downtime.net/assets/kubezero/logo-small-64.png
|
||||
|
|
|
@ -2,7 +2,7 @@ kubezero-logging
|
|||
================
|
||||
KubeZero Umbrella Chart for complete EFK stack
|
||||
|
||||
Current chart version is `0.3.5`
|
||||
Current chart version is `0.3.6`
|
||||
|
||||
Source code can be found [here](https://kubezero.com)
|
||||
|
||||
|
|
|
@ -70,6 +70,7 @@ fluentd:
|
|||
namespace: monitoring
|
||||
|
||||
output:
|
||||
# Default should be "logging-kubezero-logging-es-http" if fullnameOverride is NOT used
|
||||
host: logging-es-http
|
||||
|
||||
shared_key: "cloudbender"
|
||||
|
@ -78,6 +79,7 @@ fluentd:
|
|||
OUTPUT_USER: elastic
|
||||
OUTPUT_SSL_VERIFY: "false"
|
||||
|
||||
# Same here the secret names change if fullnameOverride is not used !!
|
||||
extraEnvVars:
|
||||
- name: OUTPUT_PASSWORD
|
||||
valueFrom:
|
||||
|
|
|
@ -8,7 +8,7 @@ function wait_for() {
|
|||
local TRIES=0
|
||||
while true; do
|
||||
$@ && break
|
||||
[ $TRIES -eq 100 ] && return 1
|
||||
[ $TRIES -eq 200 ] && return 1
|
||||
let TRIES=$TRIES+1
|
||||
sleep 3
|
||||
done
|
||||
|
@ -60,12 +60,15 @@ EOF
|
|||
wait_for kubectl get Issuer -n kube-system kubezero-local-ca-issuer 2>/dev/null 1>&2
|
||||
wait_for kubectl get ClusterIssuer letsencrypt-dns-prod 2>/dev/null 1>&2
|
||||
kubectl wait --for=condition=Ready -n kube-system Issuer/kubezero-local-ca-issuer
|
||||
kubectl wait --for=condition=Ready ClusterIssuer/letsencrypt-dns-prod
|
||||
fi
|
||||
|
||||
# Make sure kube-system is allowed to kiam
|
||||
kubectl annotate --overwrite namespace kube-system 'iam.amazonaws.com/permitted=.*'
|
||||
|
||||
# Now that we have the cert-manager webhook, get the kiam certs in place but do NOT deploy kiam yet
|
||||
helm template $DEPLOY_DIR -f values.yaml -f cloudbender.yaml -f $DEPLOY_DIR/values-step-3.yaml > generated-values.yaml
|
||||
helm upgrade -n argocd kubezero kubezero/kubezero-argo-cd -f generated-values.yaml
|
||||
kubectl wait --for=condition=Ready -n kube-system certificates/kiam-server
|
||||
|
||||
# Now lets make sure kiam is working
|
||||
helm template $DEPLOY_DIR -f values.yaml -f cloudbender.yaml -f $DEPLOY_DIR/values-step-4.yaml > generated-values.yaml
|
||||
|
@ -79,12 +82,10 @@ EOF
|
|||
wait_for kubectl get deployment -n istio-operator istio-operator 2>/dev/null 1>&2
|
||||
kubectl rollout status deployment -n istio-operator istio-operator
|
||||
|
||||
# Todo: Now we need to wait till all is synced and healthy ... argocd cli or kubectl ?
|
||||
# Wait for aws-ebs or kiam to be all ready, or all pods running ?
|
||||
|
||||
# Todo:
|
||||
# - integrate Prometheus-Grafana
|
||||
# - integrate ES based logging
|
||||
# Metrics
|
||||
helm template $DEPLOY_DIR -f values.yaml -f cloudbender.yaml -f $DEPLOY_DIR/values-step-6.yaml > generated-values.yaml
|
||||
helm upgrade -n argocd kubezero kubezero/kubezero-argo-cd -f generated-values.yaml
|
||||
wait_for kubectl get crds servicemonitors.monitoring.coreos.com 2>/dev/null 1>&2
|
||||
|
||||
# Finally we could enable the actual config and deploy all
|
||||
helm template $DEPLOY_DIR -f values.yaml -f cloudbender.yaml > generated-values.yaml
|
||||
|
|
|
@ -8,7 +8,7 @@ kubezero:
|
|||
values:
|
||||
network: {{ default "vxlan" .Values.calico.network }}
|
||||
mtu: {{ default "8941" .Values.calico.mtu }}
|
||||
prometheus: {{ default .Values.metrics.enabled .Values.metrics.ready }}
|
||||
prometheus: {{ and .Values.metrics.enabled .Values.metrics.ready }}
|
||||
cert-manager:
|
||||
enabled: {{ index .Values "cert-manager" "enabled" }}
|
||||
values:
|
||||
|
@ -56,11 +56,11 @@ kubezero:
|
|||
replicas: {{ ternary 2 1 .Values.HighAvailableControlplane }}
|
||||
prometheus:
|
||||
servicemonitor:
|
||||
enabled: {{ default .Values.metrics.enabled .Values.metrics.ready }}
|
||||
enabled: {{ and .Values.metrics.enabled .Values.metrics.ready }}
|
||||
agent:
|
||||
prometheus:
|
||||
servicemonitor:
|
||||
enabled: {{ default .Values.metrics.enabled .Values.metrics.ready }}
|
||||
enabled: {{ and .Values.metrics.enabled .Values.metrics.ready }}
|
||||
|
||||
{{- if and .Values.kiam.enabled .Values.kiam.ready }}
|
||||
# AWS only components
|
||||
|
@ -146,7 +146,7 @@ kubezero:
|
|||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
prometheus: {{ default .Values.metrics.enabled .Values.metrics.ready }}
|
||||
prometheus: {{ and .Values.metrics.enabled .Values.metrics.ready }}
|
||||
|
||||
{{- if .Values.logging.es.s3Snapshot }}
|
||||
s3Snapshot:
|
||||
|
@ -166,8 +166,16 @@ kubezero:
|
|||
fluentd:
|
||||
enabled: {{ .Values.logging.fluentd.enabled }}
|
||||
metrics:
|
||||
enabled: {{ default .Values.metrics.enabled .Values.metrics.ready }}
|
||||
enabled: {{ and .Values.metrics.enabled .Values.metrics.ready }}
|
||||
url: {{ .Values.logging.fluentd.url }}
|
||||
{{- if .Values.logging.fluentd.output }}
|
||||
output:
|
||||
host: {{ .Values.logging.fluentd.output.host }}
|
||||
{{- end }}
|
||||
{{- if .Values.logging.fluentd.extraEnvVars }}
|
||||
extraEnvVars:
|
||||
{{- toYaml .Values.logging.fluentd.extraEnvVars | nindent 10 }}
|
||||
{{- end }}
|
||||
{{- if and .Values.logging.fluentd.istio .Values.istio.enabled .Values.istio.ready }}
|
||||
istio:
|
||||
{{- with .Values.logging.fluentd.istio }}
|
||||
|
@ -178,7 +186,7 @@ kubezero:
|
|||
fluent-bit:
|
||||
enabled: {{ index .Values.logging "fluent-bit" "enabled" }}
|
||||
metrics:
|
||||
enabled: {{ default .Values.metrics.enabled .Values.metrics.ready }}
|
||||
enabled: {{ and .Values.metrics.enabled .Values.metrics.ready }}
|
||||
{{- if index .Values.logging "fluent-bit" "config" }}
|
||||
config:
|
||||
{{- with index .Values.logging "fluent-bit" "config" }}
|
||||
|
@ -189,13 +197,13 @@ kubezero:
|
|||
argo-cd:
|
||||
controller:
|
||||
metrics:
|
||||
enabled: {{ default .Values.metrics.enabled .Values.metrics.ready }}
|
||||
enabled: {{ and .Values.metrics.enabled .Values.metrics.ready }}
|
||||
repoServer:
|
||||
metrics:
|
||||
enabled: {{ default .Values.metrics.enabled .Values.metrics.ready }}
|
||||
enabled: {{ and .Values.metrics.enabled .Values.metrics.ready }}
|
||||
server:
|
||||
metrics:
|
||||
enabled: {{ default .Values.metrics.enabled .Values.metrics.ready }}
|
||||
enabled: {{ and .Values.metrics.enabled .Values.metrics.ready }}
|
||||
{{- with index .Values "argo-cd" "server" }}
|
||||
{{- toYaml . | nindent 4 }}
|
||||
{{- end }}
|
||||
|
|
|
@ -4,3 +4,6 @@ istio:
|
|||
metrics:
|
||||
enabled: false
|
||||
ready: false
|
||||
|
||||
logging:
|
||||
enabled: false
|
||||
|
|
|
@ -0,0 +1,6 @@
|
|||
metrics:
|
||||
enabled: true
|
||||
ready: false
|
||||
|
||||
logging:
|
||||
enabled: false
|
Loading…
Reference in New Issue