andata
/
rancher-charts
mirror of https://git.rancher.io/charts
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

make charts

pull/1227/head
Jiaqi Luo 2021-06-08 18:35:20 -07:00
parent 8bf9b82e91
commit 7c182da64f
7 changed files with 35 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

BIN
assets/rancher-pushprox/rancher-pushprox-0.1.400.tgz
View File

Binary file not shown.

4
charts/rancher-pushprox/rancher-pushprox/0.1.400/README.md
View File

@ -24,6 +24,7 @@ The following tables list the configurable parameters of the rancher-pushprox ch
| ----- | ----------- | ------ | | ----- | ----------- | ------ |
| `component` | The component that is being monitored | `kube-etcd` | `component` | The component that is being monitored | `kube-etcd`
| `metricsPort` | The port on the host that contains the metrics you want to scrape (e.g. `http://<HOST_IP>:<metricsPort>/metrics`) | `2379` | | `metricsPort` | The port on the host that contains the metrics you want to scrape (e.g. `http://<HOST_IP>:<metricsPort>/metrics`) | `2379` |
| `namespaceOverride` | The namespace to install the chart | `""`
#### Optional #### Optional
| Parameter | Description | Default | | Parameter | Description | Default |
@ -42,6 +43,9 @@ The following tables list the configurable parameters of the rancher-pushprox ch
| `clients.https.keyFile` | The path to the TLS key file located within `clients.https.certDir`. Required and only used if `clients.https.enabled` is set | `""` | | `clients.https.keyFile` | The path to the TLS key file located within `clients.https.certDir`. Required and only used if `clients.https.enabled` is set | `""` |
| `clients.https.caCertFile` | The path to the TLS cacert file located within `clients.https.certDir`. Required and only used if `clients.https.enabled` is set | `""` | | `clients.https.caCertFile` | The path to the TLS cacert file located within `clients.https.certDir`. Required and only used if `clients.https.enabled` is set | `""` |
| `clients.rbac.additionalRules` | Additional permissions to provide to the ServiceAccount bound to the client. This can be used to provide additional permissions for the client to scrape metrics from the k8s API. Only enabled if clients.https.enabled and clients.https.useServiceAccountCredentials are true | `[]` | | `clients.rbac.additionalRules` | Additional permissions to provide to the ServiceAccount bound to the client. This can be used to provide additional permissions for the client to scrape metrics from the k8s API. Only enabled if clients.https.enabled and clients.https.useServiceAccountCredentials are true | `[]` |
| `clients.deployment.enabled` | Deploys the client as a Deployment (generally used if the underlying hostNetwork Pod that is being scraped is managed by a Deployment) | `false` |
| `clients.deployment.replicas` | The number of pods the Deployment has, it should match the number of pod the hostNetwork Deployment has. Required and only used if `client.deployment.enable` is set | `0` |
| `clients.deployment.affinity` | The affinity rules that allocate the pod to the node in which the hostNetwork Deployment's pods run. Required and only used if `client.deployment.enable` is set | `{}` |
| `clients.resources` | Set resource limits and requests for the client container | `{}` | | `clients.resources` | Set resource limits and requests for the client container | `{}` |
| `clients.nodeSelector` | Select which nodes to deploy the clients on | `{}` | | `clients.nodeSelector` | Select which nodes to deploy the clients on | `{}` |
| `clients.tolerations` | Specify tolerations for clients | `[]` | | `clients.tolerations` | Specify tolerations for clients | `[]` |

2
charts/rancher-pushprox/rancher-pushprox/0.1.400/templates/_helpers.tpl
View File

@ -49,7 +49,7 @@ provider: kubernetes
{{- if .Values.clients.proxyUrl -}} {{- if .Values.clients.proxyUrl -}}
{{ printf "%s" .Values.clients.proxyUrl }} {{ printf "%s" .Values.clients.proxyUrl }}
{{- else -}} {{- else -}}
{{ printf "http://%s.%s.svc:%d" (include "pushProxy.proxy.name" .) .Release.Namespace (int .Values.proxy.port) }} {{ printf "http://%s.%s.svc:%d" (include "pushProxy.proxy.name" .) (include "pushprox.namespace" .) (int .Values.proxy.port) }}
{{- end -}}{{- end -}} {{- end -}}{{- end -}}
# Client # Client

6
charts/rancher-pushprox/rancher-pushprox/0.1.400/templates/pushprox-clients-rbac.yaml
View File

@ -30,20 +30,20 @@ roleRef:
subjects: subjects:
- kind: ServiceAccount - kind: ServiceAccount
name: {{ template "pushProxy.client.name" . }} name: {{ template "pushProxy.client.name" . }}
namespace: {{ .Release.Namespace }} namespace: {{ include "pushprox.namespace" . }}
--- ---
apiVersion: v1 apiVersion: v1
kind: ServiceAccount kind: ServiceAccount
metadata: metadata:
name: {{ template "pushProxy.client.name" . }} name: {{ template "pushProxy.client.name" . }}
namespace: {{ .Release.Namespace }} namespace: {{ include "pushprox.namespace" . }}
labels: {{ include "pushProxy.client.labels" . | nindent 4 }} labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
--- ---
apiVersion: policy/v1beta1 apiVersion: policy/v1beta1
kind: PodSecurityPolicy kind: PodSecurityPolicy
metadata: metadata:
name: {{ template "pushProxy.client.name" . }} name: {{ template "pushProxy.client.name" . }}
namespace: {{ .Release.Namespace }} namespace: {{ include "pushprox.namespace" . }}
labels: {{ include "pushProxy.client.labels" . | nindent 4 }} labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
spec: spec:
privileged: false privileged: false

10
charts/rancher-pushprox/rancher-pushprox/0.1.400/templates/pushprox-clients.yaml
View File

@ -1,18 +1,28 @@
{{- if .Values.clients }}{{- if .Values.clients.enabled }} {{- if .Values.clients }}{{- if .Values.clients.enabled }}
apiVersion: apps/v1 apiVersion: apps/v1
{{- if .Values.clients.deployment.enabled }}
kind: Deployment
{{- else }}
kind: DaemonSet kind: DaemonSet
{{- end }}
metadata: metadata:
name: {{ template "pushProxy.client.name" . }} name: {{ template "pushProxy.client.name" . }}
namespace: {{ template "pushprox.namespace" . }} namespace: {{ template "pushprox.namespace" . }}
labels: {{ include "pushProxy.client.labels" . | nindent 4 }} labels: {{ include "pushProxy.client.labels" . | nindent 4 }}
pushprox-exporter: "client" pushprox-exporter: "client"
spec: spec:
{{- if .Values.clients.deployment.enabled }}
replicas: {{ .Values.clients.deployment.replicas }}
{{- end }}
selector: selector:
matchLabels: {{ include "pushProxy.client.labels" . | nindent 6 }} matchLabels: {{ include "pushProxy.client.labels" . | nindent 6 }}
template: template:
metadata: metadata:
labels: {{ include "pushProxy.client.labels" . | nindent 8 }} labels: {{ include "pushProxy.client.labels" . | nindent 8 }}
spec: spec:
{{- if .Values.clients.affinity }}
affinity: {{ toYaml .Values.clients.affinity | nindent 8 }}
{{- end }}
nodeSelector: {{ include "linux-node-selector" . | nindent 8 }} nodeSelector: {{ include "linux-node-selector" . | nindent 8 }}
{{- if .Values.clients.nodeSelector }} {{- if .Values.clients.nodeSelector }}
{{ toYaml .Values.clients.nodeSelector | indent 8 }} {{ toYaml .Values.clients.nodeSelector | indent 8 }}

6
charts/rancher-pushprox/rancher-pushprox/0.1.400/templates/pushprox-proxy-rbac.yaml
View File

@ -23,20 +23,20 @@ roleRef:
subjects: subjects:
- kind: ServiceAccount - kind: ServiceAccount
name: {{ template "pushProxy.proxy.name" . }} name: {{ template "pushProxy.proxy.name" . }}
namespace: {{ .Release.Namespace }} namespace: {{ include "pushprox.namespace" . }}
--- ---
apiVersion: v1 apiVersion: v1
kind: ServiceAccount kind: ServiceAccount
metadata: metadata:
name: {{ template "pushProxy.proxy.name" . }} name: {{ template "pushProxy.proxy.name" . }}
namespace: {{ .Release.Namespace }} namespace: {{ include "pushprox.namespace" . }}
labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }} labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
--- ---
apiVersion: policy/v1beta1 apiVersion: policy/v1beta1
kind: PodSecurityPolicy kind: PodSecurityPolicy
metadata: metadata:
name: {{ template "pushProxy.proxy.name" . }} name: {{ template "pushProxy.proxy.name" . }}
namespace: {{ .Release.Namespace }} namespace: {{ include "pushprox.namespace" . }}
labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }} labels: {{ include "pushProxy.proxy.labels" . | nindent 4 }}
spec: spec:
privileged: false privileged: false

14
charts/rancher-pushprox/rancher-pushprox/0.1.400/values.yaml
View File

@ -16,6 +16,8 @@ global:
cattle: cattle:
systemDefaultRegistry: "" systemDefaultRegistry: ""
namespaceOverride: ""
# The component that is being monitored (i.e. etcd) # The component that is being monitored (i.e. etcd)
component: "component" component: "component"
@ -69,6 +71,7 @@ clients:
# Options to select all nodes to deploy client DaemonSet on # Options to select all nodes to deploy client DaemonSet on
nodeSelector: {} nodeSelector: {}
tolerations: [] tolerations: []
affinity: {}
image: image:
repository: rancher/pushprox-client repository: rancher/pushprox-client
@ -79,6 +82,17 @@ clients:
repository: rancher/mirrored-library-busybox repository: rancher/mirrored-library-busybox
tag: 1.31.1 tag: 1.31.1
# The default intention of rancher-pushprox clients is to scrape hostNetwork metrics across all nodes.
# This can be used to scrape internal Kubernetes components or DaemonSets of hostNetwork Pods in
# situations where a cloud provider firewall prevents Pod-To-Host communication but not Pod-To-Pod.
# However, if the underlying hostNetwork Pod that is being scraped is managed by a Deployment,
# this advanced option enables users to deploy the client as a Deployment instead of a DaemonSet.
# If a user deploys this feature and the underlying Deployment's number of replicas changes, the user will
# be responsible for upgrading this chart accordingly to the right number of replicas.
deployment:
enabled: false
replicas: 0
proxy: proxy:
enabled: true enabled: true
# The port through which PushProx clients will communicate to the proxy # The port through which PushProx clients will communicate to the proxy