andata
/
rancher-charts
mirror of https://git.rancher.io/charts
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Generated changes

pull/707/head
actions 2020-09-25 21:27:40 +00:00
parent 4b7c922e72
commit a014444007
50 changed files with 2354 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

92
assets/index.yaml
View File

@ -470,6 +470,96 @@ entries:
urls:
- assets/fleet-crd/fleet-crd-0.3.0-alpha600.tgz
version: 0.3.0-alpha600
longhorn:
- annotations:
catalog.cattle.io/auto-install: longhorn-crd=match
catalog.cattle.io/certified: rancher
catalog.cattle.io/namespace: longhorn-system
catalog.cattle.io/provides-gvr: longhorn.io/v1beta1
catalog.cattle.io/release-name: longhorn
catalog.cattle.io/ui-component: longhorn
apiVersion: v1
appVersion: v1.0.2
created: "2020-09-25T21:27:40.522743781Z"
description: Longhorn is a distributed block storage system for Kubernetes.
digest: ff247454026df41123c130c2971dd51f2458d46bc47b0ec9313a6d7906cd7a53
home: https://github.com/longhorn/longhorn
icon: https://raw.githubusercontent.com/cncf/artwork/master/projects/longhorn/icon/color/longhorn-icon-color.svg
keywords:
- longhorn
- storage
- distributed
- block
- device
- iscsi
kubeVersion: '>=v1.14.0-r0'
maintainers:
- email: maintainers@longhorn.io
name: Longhorn maintainers
- email: sheng@yasker.org
name: Sheng Yang
name: longhorn
sources:
- https://github.com/longhorn/longhorn
- https://github.com/longhorn/longhorn-engine
- https://github.com/longhorn/longhorn-instance-manager
- https://github.com/longhorn/longhorn-manager
- https://github.com/longhorn/longhorn-ui
- https://github.com/longhorn/longhorn-tests
urls:
- assets/longhorn/longhorn-1.0.200.tgz
version: 1.0.200
longhorn-crd:
- annotations:
catalog.cattle.io/certified: rancher
catalog.cattle.io/hidden: "true"
catalog.cattle.io/namespace: longhorn-system
catalog.cattle.io/release-name: longhorn-crd
apiVersion: v1
created: "2020-09-25T21:27:40.522946083Z"
description: Installs the CRDs for longhorn.
digest: 4203577c0310a1877ac18f7e13cfbc475cc25f13e03deb57d9c581bdab4cc48a
name: longhorn-crd
type: application
urls:
- assets/longhorn/longhorn-crd-1.0.200.tgz
version: 1.0.200
rancher-backup:
- annotations:
catalog.cattle.io/auto-install: rancher-backup-crd=match
catalog.cattle.io/certified: rancher
catalog.cattle.io/namespace: cattle-resources-system
catalog.cattle.io/provides-gvr: resources.cattle.io.resourceset/v1
catalog.cattle.io/release-name: rancher-backup
catalog.cattle.io/ui-component: rancher-backup
apiVersion: v1
appVersion: v0.1.0-rc1
created: "2020-09-25T21:27:40.524512896Z"
description: Provides ability to back up and restore the Rancher application running
on any Kubernetes cluster
digest: e3a672fd48b68d0228b812e1f336fe62070c7f31798efd562444b840cd2c7819
keywords:
- applications
- infrastructure
name: rancher-backup
urls:
- assets/rancher-backup/rancher-backup-0.1.0.tgz
version: 0.1.0
rancher-backup-crd:
- annotations:
catalog.cattle.io/certified: rancher
catalog.cattle.io/hidden: "true"
catalog.cattle.io/namespace: cattle-resources-system
catalog.cattle.io/release-name: rancher-backup-crd
apiVersion: v1
created: "2020-09-25T21:27:40.5249197Z"
description: Installs the CRDs for rancher-backup.
digest: e47f707d41a668bb01e928fc8412d4d09edabbb47feb4e8ac0ccafbece317aa9
name: rancher-backup-crd
type: application
urls:
- assets/rancher-backup/rancher-backup-crd-0.1.0.tgz
version: 0.1.0
rancher-cis-benchmark:
- annotations:
catalog.cattle.io/auto-install: rancher-cis-benchmark-crd=match
@ -1354,4 +1444,4 @@ entries:
urls:
- assets/rio/rio-0.8.000.tgz
version: 0.8.000
generated: "2020-09-25T20:19:25.602999395Z"
generated: "2020-09-25T21:27:40.521318869Z"

BIN
assets/longhorn/longhorn-1.0.200.tgz Normal file
View File

Binary file not shown.

BIN
assets/longhorn/longhorn-crd-1.0.200.tgz Normal file
View File

Binary file not shown.

BIN
assets/rancher-backup/rancher-backup-0.1.0.tgz Normal file
View File

Binary file not shown.

BIN
assets/rancher-backup/rancher-backup-crd-0.1.0.tgz Normal file
View File

Binary file not shown.

34
charts/longhorn/Chart.yaml Normal file
View File

@ -0,0 +1,34 @@
apiVersion: v1
name: longhorn
version: 1.0.200
appVersion: v1.0.2
kubeVersion: ">=v1.14.0-r0"
description: Longhorn is a distributed block storage system for Kubernetes.
keywords:
- longhorn
- storage
- distributed
- block
- device
- iscsi
home: https://github.com/longhorn/longhorn
sources:
- https://github.com/longhorn/longhorn
- https://github.com/longhorn/longhorn-engine
- https://github.com/longhorn/longhorn-instance-manager
- https://github.com/longhorn/longhorn-manager
- https://github.com/longhorn/longhorn-ui
- https://github.com/longhorn/longhorn-tests
maintainers:
- name: Longhorn maintainers
email: maintainers@longhorn.io
- name: Sheng Yang
email: sheng@yasker.org
icon: https://raw.githubusercontent.com/cncf/artwork/master/projects/longhorn/icon/color/longhorn-icon-color.svg
annotations:
catalog.cattle.io/certified: rancher
catalog.cattle.io/namespace: longhorn-system
catalog.cattle.io/release-name: longhorn
catalog.cattle.io/ui-component: longhorn
catalog.cattle.io/provides-gvr: longhorn.io/v1beta1
catalog.cattle.io/auto-install: longhorn-crd=match

49
charts/longhorn/README.md Normal file
View File

@ -0,0 +1,49 @@
# Rancher Longhorn Chart
> **Important**: Please install Longhorn chart in `longhorn-system` namespace only.
> **Warning**: Longhorn doesn't support downgrading from a higher version to a lower version.
The following document pertains to running Longhorn from the Rancher 2.0 chart.
## Source Code
Longhorn is 100% open source software. Project source code is spread across a number of repos:
1. Longhorn Engine -- Core controller/replica logic https://github.com/longhorn/longhorn-engine
2. Longhorn Instance Manager -- Controller/replica instance lifecycle management https://github.com/longhorn/longhorn-instance-manager
3. Longhorn Manager -- Longhorn orchestration, includes CSI driver for Kubernetes https://github.com/longhorn/longhorn-manager
4. Longhorn UI -- Dashboard https://github.com/longhorn/longhorn-ui
## Prerequisites
1. Rancher v2.1+
2. Docker v1.13+
3. Kubernetes v1.14+
4. Make sure `curl`, `findmnt`, `grep`, `awk` and `blkid` has been installed in all nodes of the Kubernetes cluster.
5. Make sure `open-iscsi` has been installed in all nodes of the Kubernetes cluster. For GKE, recommended Ubuntu as guest OS image since it contains `open-iscsi` already.
## Uninstallation
1. To prevent damage to the Kubernetes cluster, we recommend deleting all Kubernetes workloads using Longhorn volumes (PersistentVolume, PersistentVolumeClaim, StorageClass, Deployment, StatefulSet, DaemonSet, etc).
2. From Rancher UI, navigate to `Catalog Apps` tab and delete Longhorn app.
## Troubleshooting
### I deleted the Longhorn App from Rancher UI instead of following the uninstallation procedure
Redeploy the (same version) Longhorn App. Follow the uninstallation procedure above.
### Problems with CRDs
If your CRD instances or the CRDs themselves can't be deleted for whatever reason, run the commands below to clean up. Caution: this will wipe all Longhorn state!
```
# Delete CRD instances and definitions
curl -s https://raw.githubusercontent.com/longhorn/longhorn/v0.8.1/scripts/cleanup.sh |bash -s v062
curl -s https://raw.githubusercontent.com/longhorn/longhorn/v0.8.1/scripts/cleanup.sh |bash -s v070
```
---
Please see [link](https://github.com/longhorn/longhorn) for more information.

11
charts/longhorn/app-readme.md Normal file
View File

@ -0,0 +1,11 @@
# Longhorn
Longhorn is a lightweight, reliable and easy to use distributed block storage system for Kubernetes. Once deployed, users can leverage persistent volumes provided by Longhorn.
Longhorn creates a dedicated storage controller for each volume and synchronously replicates the volume across multiple replicas stored on multiple nodes. The storage controller and replicas are themselves orchestrated using Kubernetes. Longhorn supports snapshots, backups and even allows you to schedule recurring snapshots and backups!
**Important**: Please install Longhorn chart in `longhorn-system` namespace only.
**Warning**: Longhorn doesn't support downgrading from a higher version to a lower version.
[Chart Documentation](https://github.com/longhorn/longhorn/blob/master/chart/README.md)

10
charts/longhorn/charts-crd/Chart.yaml Normal file
View File

@ -0,0 +1,10 @@
apiVersion: v1
version: 1.0.200
description: Installs the CRDs for longhorn.
name: longhorn-crd
type: application
annotations:
catalog.cattle.io/hidden: "true"
catalog.cattle.io/release-name: longhorn-crd
catalog.cattle.io/certified: rancher
catalog.cattle.io/namespace: longhorn-system

2
charts/longhorn/charts-crd/README.md Normal file
View File

@ -0,0 +1,2 @@
# longhorn-crd
A Rancher chart that installs the CRDs used by [longhorn](https://github.com/rancher/dev-charts/tree/master/packages/longhorn).

172
charts/longhorn/charts-crd/templates/crds.yaml Normal file
View File

@ -0,0 +1,172 @@
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
labels:
app.kubernetes.io/name: longhorn
helm.sh/chart: longhorn-1.0.2
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/instance: longhorn
app.kubernetes.io/version: v1.0.2
longhorn-manager: Engine
name: engines.longhorn.io
spec:
group: longhorn.io
names:
kind: Engine
listKind: EngineList
plural: engines
shortNames:
- lhe
singular: engine
scope: Namespaced
version: v1beta1
subresources:
status: {}
---
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
labels:
app.kubernetes.io/name: longhorn
helm.sh/chart: longhorn-1.0.2
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/instance: longhorn
app.kubernetes.io/version: v1.0.2
longhorn-manager: Replica
name: replicas.longhorn.io
spec:
group: longhorn.io
names:
kind: Replica
listKind: ReplicaList
plural: replicas
shortNames:
- lhr
singular: replica
scope: Namespaced
version: v1beta1
subresources:
status: {}
---
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
labels:
app.kubernetes.io/name: longhorn
helm.sh/chart: longhorn-1.0.2
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/instance: longhorn
app.kubernetes.io/version: v1.0.2
longhorn-manager: Setting
name: settings.longhorn.io
spec:
group: longhorn.io
names:
kind: Setting
listKind: SettingList
plural: settings
shortNames:
- lhs
singular: setting
scope: Namespaced
version: v1beta1
---
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
labels:
app.kubernetes.io/name: longhorn
helm.sh/chart: longhorn-1.0.2
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/instance: longhorn
app.kubernetes.io/version: v1.0.2
longhorn-manager: Volume
name: volumes.longhorn.io
spec:
group: longhorn.io
names:
kind: Volume
listKind: VolumeList
plural: volumes
shortNames:
- lhv
singular: volume
scope: Namespaced
version: v1beta1
subresources:
status: {}
---
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
labels:
app.kubernetes.io/name: longhorn
helm.sh/chart: longhorn-1.0.2
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/instance: longhorn
app.kubernetes.io/version: v1.0.2
longhorn-manager: EngineImage
name: engineimages.longhorn.io
spec:
group: longhorn.io
names:
kind: EngineImage
listKind: EngineImageList
plural: engineimages
shortNames:
- lhei
singular: engineimage
scope: Namespaced
version: v1beta1
subresources:
status: {}
---
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
labels:
app.kubernetes.io/name: longhorn
helm.sh/chart: longhorn-1.0.2
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/instance: longhorn
app.kubernetes.io/version: v1.0.2
longhorn-manager: Node
name: nodes.longhorn.io
spec:
group: longhorn.io
names:
kind: Node
listKind: NodeList
plural: nodes
shortNames:
- lhn
singular: node
scope: Namespaced
version: v1beta1
subresources:
status: {}
---
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
labels:
app.kubernetes.io/name: longhorn
helm.sh/chart: longhorn-1.0.2
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/instance: longhorn
app.kubernetes.io/version: v1.0.2
longhorn-manager: InstanceManager
name: instancemanagers.longhorn.io
spec:
group: longhorn.io
names:
kind: InstanceManager
listKind: InstanceManagerList
plural: instancemanagers
shortNames:
- lhim
singular: instancemanager
scope: Namespaced
version: v1beta1
subresources:
status: {}

346
charts/longhorn/questions.yml Normal file
View File

@ -0,0 +1,346 @@
categories:
- storage
namespace: longhorn-system
questions:
- variable: image.defaultImage
default: "true"
description: "Use default Longhorn images"
label: Use Default Images
type: boolean
show_subquestion_if: false
group: "Longhorn Images"
subquestions:
- variable: image.longhorn.manager.repository
default: longhornio/longhorn-manager
description: "Specify Longhorn Manager Image Repository"
type: string
label: Longhorn Manager Image Repository
group: "Longhorn Images Settings"
- variable: image.longhorn.manager.tag
default: v1.0.2
description: "Specify Longhorn Manager Image Tag"
type: string
label: Longhorn Manager Image Tag
group: "Longhorn Images Settings"
- variable: image.longhorn.engine.repository
default: longhornio/longhorn-engine
description: "Specify Longhorn Engine Image Repository"
type: string
label: Longhorn Engine Image Repository
group: "Longhorn Images Settings"
- variable: image.longhorn.engine.tag
default: v1.0.2
description: "Specify Longhorn Engine Image Tag"
type: string
label: Longhorn Engine Image Tag
group: "Longhorn Images Settings"
- variable: image.longhorn.ui.repository
default: longhornio/longhorn-ui
description: "Specify Longhorn UI Image Repository"
type: string
label: Longhorn UI Image Repository
group: "Longhorn Images Settings"
- variable: image.longhorn.ui.tag
default: v1.0.2
description: "Specify Longhorn UI Image Tag"
type: string
label: Longhorn UI Image Tag
group: "Longhorn Images Settings"
- variable: image.longhorn.instanceManager.repository
default: longhornio/longhorn-instance-manager
description: "Specify Longhorn Instance Manager Image Repository"
type: string
label: Longhorn Instance Manager Image Repository
group: "Longhorn Images Settings"
- variable: image.longhorn.instanceManager.tag
default: v1_20200514
description: "Specify Longhorn Instance Manager Image Tag"
type: string
label: Longhorn Instance Manager Image Tag
group: "Longhorn Images Settings"
- variable: image.csi.attacher.repository
default: longhornio/csi-attacher
description: "Specify CSI attacher image repository. Leave blank to autodetect."
type: string
label: Longhorn CSI Attacher Image Repository
group: "Longhorn CSI Driver Images"
- variable: image.csi.attacher.tag
default: v2.0.0
description: "Specify CSI attacher image tag. Leave blank to autodetect."
type: string
label: Longhorn CSI Attacher Image Tag
group: "Longhorn CSI Driver Images"
- variable: image.csi.provisioner.repository
default: longhornio/csi-provisioner
description: "Specify CSI provisioner image repository. Leave blank to autodetect."
type: string
label: Longhorn CSI Provisioner Image Repository
group: "Longhorn CSI Driver Images"
- variable: image.csi.provisioner.tag
default: v1.4.0
description: "Specify CSI provisioner image tag. Leave blank to autodetect."
type: string
label: Longhorn CSI Provisioner Image Tag
group: "Longhorn CSI Driver Images"
- variable: image.csi.nodeDriverRegistrar.repository
default: longhornio/csi-node-driver-registrar
description: "Specify CSI Node Driver Registrar image repository. Leave blank to autodetect."
type: string
label: Longhorn CSI Node Driver Registrar Image Repository
group: "Longhorn CSI Driver Images"
- variable: image.csi.nodeDriverRegistrar.tag
default: v1.2.0
description: "Specify CSI Node Driver Registrar image tag. Leave blank to autodetect."
type: string
label: Longhorn CSI Node Driver Registrar Image Tag
group: "Longhorn CSI Driver Images"
- variable: image.csi.resizer.repository
default: longhornio/csi-resizer
description: "Specify CSI Driver Resizer image repository. Leave blank to autodetect."
type: string
label: Longhorn CSI Driver Resizer Image Repository
group: "Longhorn CSI Driver Images"
- variable: image.csi.resizer.tag
default: v0.3.0
description: "Specify CSI Driver Resizer image tag. Leave blank to autodetect."
type: string
label: Longhorn CSI Driver Resizer Image Tag
group: "Longhorn CSI Driver Images"
- variable: privateRegistry.registryUrl
label: Private registry URL
description: "URL of private registry"
group: "Private Registry Settings"
type: string
default: ""
- variable: privateRegistry.registryUser
label: Private registry user
description: "User used to authenticate to private registry"
group: "Private Registry Settings"
type: string
default: ""
- variable: privateRegistry.registryPasswd
label: Private registry password
description: "Password used to authenticate to private registry"
group: "Private Registry Settings"
type: password
default: ""
- variable: longhorn.default_setting
default: "false"
description: "Customize the default settings before installing Longhorn for the first time. This option will only work if the cluster hasn't installed Longhorn."
label: "Customize Default Settings"
type: boolean
show_subquestion_if: true
group: "Longhorn Default Settings"
subquestions:
- variable: defaultSettings.registrySecret
label: Private registry secret
description: "The Kubernetes Secret name"
group: "Longhorn Default Settings"
type: string
default: ""
- variable: csi.kubeletRootDir
default:
description: "Specify kubelet root-dir. Leave blank to autodetect."
type: string
label: Kubelet Root Directory
group: "Longhorn CSI Driver Settings"
- variable: csi.attacherReplicaCount
type: int
default:
min: 1
max: 10
description: "Specify replica count of CSI Attacher. By default 3."
label: Longhorn CSI Attacher replica count
group: "Longhorn CSI Driver Settings"
- variable: csi.provisionerReplicaCount
type: int
default:
min: 1
max: 10
description: "Specify replica count of CSI Provisioner. By default 3."
label: Longhorn CSI Provisioner replica count
group: "Longhorn CSI Driver Settings"
- variable: persistence.defaultClass
default: "true"
description: "Set as default StorageClass"
group: "Longhorn CSI Driver Settings"
type: boolean
required: true
label: Default Storage Class
- variable: persistence.defaultClassReplicaCount
description: "Set replica count for default StorageClass"
group: "Longhorn CSI Driver Settings"
type: int
default: 3
min: 1
max: 10
label: Default Storage Class Replica Count
- variable: defaultSettings.backupTarget
label: Backup Target
description: "The endpoint used to access the backupstore. NFS and S3 are supported."
group: "Longhorn Default Settings"
type: string
default:
- variable: defaultSettings.backupTargetCredentialSecret
label: Backup Target Credential Secret
description: "The name of the Kubernetes secret associated with the backup target."
group: "Longhorn Default Settings"
type: string
default:
- variable: defaultSettings.createDefaultDiskLabeledNodes
label: Create Default Disk on Labeled Nodes
description: 'Create default Disk automatically only on Nodes with the label "node.longhorn.io/create-default-disk=true" if no other disks exist. If disabled, the default disk will be created on all new nodes when each node is first added.'
group: "Longhorn Default Settings"
type: boolean
default: "false"
- variable: defaultSettings.defaultDataPath
label: Default Data Path
description: 'Default path to use for storing data on a host. By default "/var/lib/longhorn/"'
group: "Longhorn Default Settings"
type: string
default: "/var/lib/longhorn/"
- variable: defaultSettings.replicaSoftAntiAffinity
label: Replica Node Level Soft Anti-Affinity
description: 'Allow scheduling on nodes with existing healthy replicas of the same volume. By default false.'
group: "Longhorn Default Settings"
type: boolean
default: "false"
- variable: defaultSettings.storageOverProvisioningPercentage
label: Storage Over Provisioning Percentage
description: "The over-provisioning percentage defines how much storage can be allocated relative to the hard drive's capacity. By default 200."
group: "Longhorn Default Settings"
type: int
min: 0
default: 200
- variable: defaultSettings.storageMinimalAvailablePercentage
label: Storage Minimal Available Percentage
description: "If the minimum available disk capacity exceeds the actual percentage of available disk capacity, the disk becomes unschedulable until more space is freed up. By default 25."
group: "Longhorn Default Settings"
type: int
min: 0
max: 100
default: 25
- variable: defaultSettings.upgradeChecker
label: Enable Upgrade Checker
description: 'Upgrade Checker will check for new Longhorn version periodically. When there is a new version available, a notification will appear in the UI. By default true.'
group: "Longhorn Default Settings"
type: boolean
default: "true"
- variable: defaultSettings.defaultReplicaCount
label: Default Replica Count
description: "The default number of replicas when a volume is created from the Longhorn UI. For Kubernetes configuration, update the `numberOfReplicas` in the StorageClass. By default 3."
group: "Longhorn Default Settings"
type: int
min: 1
max: 20
default: 3
- variable: defaultSettings.guaranteedEngineCPU
label: Guaranteed Engine CPU
description: 'Allow Longhorn Instance Managers to have guaranteed CPU allocation. The value is how many CPUs should be reserved for each Engine/Replica Instance Manager Pod created by Longhorn. For example, 0.1 means one-tenth of a CPU. This will help maintain engine stability during high node workload. It only applies to the Engine/Replica Manager Pods created after the setting took effect.
WARNING: After this setting is changed, all the instance managers on all the nodes will be automatically restarted.
WARNING: DO NOT CHANGE THIS SETTING WITH ATTACHED VOLUMES.
By default 0.25.'
group: "Longhorn Default Settings"
type: float
default: 0.25
- variable: defaultSettings.defaultLonghornStaticStorageClass
label: Default Longhorn Static StorageClass Name
description: "The 'storageClassName' is given to PVs and PVCs that are created for an existing Longhorn volume. The StorageClass name can also be used as a label, so it is possible to use a Longhorn StorageClass to bind a workload to an existing PV without creating a Kubernetes StorageClass object. By default 'longhorn-static'."
group: "Longhorn Default Settings"
type: string
default: "longhorn-static"
- variable: defaultSettings.backupstorePollInterval
label: Backupstore Poll Interval
description: "In seconds. The backupstore poll interval determines how often Longhorn checks the backupstore for new backups. Set to 0 to disable the polling. By default 300."
group: "Longhorn Default Settings"
type: int
min: 0
default: 300
- variable: defaultSettings.taintToleration
label: Kubernetes Taint Toleration
description: 'To dedicate nodes to store Longhorn replicas and reject other general workloads, set tolerations for Longhorn and add taints for the storage nodes. All Longhorn volumes should be detached before modifying toleration settings. We recommend setting tolerations during Longhorn deployment because the Longhorn system cannot be operated during the update. Multiple tolerations can be set here, and these tolerations are separated by semicolon. For example, `key1=value1:NoSchedule; key2:NoExecute`. Because `kubernetes.io` is used as the key of all Kubernetes default tolerations, it should not be used in the toleration settings.
WARNING: DO NOT CHANGE THIS SETTING WITH ATTACHED VOLUMES.'
group: "Longhorn Default Settings"
type: string
default: ""
- variable: defaultSettings.priorityClass
label: Priority Class
description: "The name of the Priority Class to set on the Longhorn workloads. This can help prevent Longhorn workloads from being evicted under Node Pressure. WARNING: DO NOT CHANGE THIS SETTING WITH ATTACHED VOLUMES."
group: "Longhorn Default Settings"
type: string
default: ""
- variable: defaultSettings.autoSalvage
label: Automatic salvage
description: "If enabled, volumes will be automatically salvaged when all the replicas become faulty e.g. due to network disconnection. Longhorn will try to figure out which replica(s) are usable, then use them for the volume. By default true."
group: "Longhorn Default Settings"
type: boolean
default: "true"
- variable: defaultSettings.disableSchedulingOnCordonedNode
label: Disable Scheduling On Cordoned Node
description: "Disable Longhorn manager to schedule replica on Kubernetes cordoned node. By default true."
group: "Longhorn Default Settings"
type: boolean
default: "true"
- variable: defaultSettings.replicaZoneSoftAntiAffinity
label: Replica Zone Level Soft Anti-Affinity
description: "Allow scheduling new Replicas of Volume to the Nodes in the same Zone as existing healthy Replicas. Nodes don't belong to any Zone will be treated as in the same Zone. By default true."
group: "Longhorn Default Settings"
type: boolean
default: "true"
- variable: defaultSettings.volumeAttachmentRecoveryPolicy
label: Volume Attachment Recovery Policy
description: "Defines the Longhorn action when a Volume is stuck with a Deployment Pod on a failed node. `wait` leads to the deletion of the volume attachment as soon as the pods deletion time has passed. `never` is the default Kubernetes behavior of never deleting volume attachments on terminating pods. `immediate` leads to the deletion of the volume attachment as soon as all workload pods are pending. By default wait."
group: "Longhorn Default Settings"
type: enum
options:
- "wait"
- "never"
- "immediate"
default: "wait"
- variable: defaultSettings.mkfsExt4Parameters
label: Custom mkfs.ext4 parameters
description: "Allows setting additional filesystem creation parameters for ext4. For older host kernels it might be necessary to disable the optional ext4 metadata_csum feature by specifying `-O ^64bit,^metadata_csum`."
group: "Longhorn Default Settings"
type: string
- variable: ingress.enabled
default: "false"
description: "Expose app using Layer 7 Load Balancer - ingress"
type: boolean
group: "Services and Load Balancing"
label: Expose app using Layer 7 Load Balancer
show_subquestion_if: true
subquestions:
- variable: ingress.host
default: "xip.io"
description: "layer 7 Load Balancer hostname"
type: hostname
required: true
label: Layer 7 Load Balancer Hostname
- variable: service.ui.type
default: "Rancher-Proxy"
description: "Define Longhorn UI service type"
type: enum
options:
- "ClusterIP"
- "NodePort"
- "LoadBalancer"
- "Rancher-Proxy"
label: Longhorn UI Service
show_if: "ingress.enabled=false"
group: "Services and Load Balancing"
show_subquestion_if: "NodePort"
subquestions:
- variable: service.ui.nodePort
default: ""
description: "NodePort port number(to set explicitly, choose port between 30000-32767)"
type: int
min: 30000
max: 32767
show_if: "service.ui.type=NodePort||service.ui.type=LoadBalancer"
label: UI Service NodePort number
- variable: enablePSP
default: "true"
description: "Setup a pod security policy for Longhorn workloads."
label: Pod Security Policy
type: boolean
group: "Other Settings"

5
charts/longhorn/templates/NOTES.txt Normal file
View File

@ -0,0 +1,5 @@
Longhorn is now installed on the cluster!
Please wait a few minutes for other Longhorn components such as CSI deployments, Engine Images, and Instance Managers to be initialized.
Visit our documentation at https://longhorn.io/docs/

47
charts/longhorn/templates/_helpers.tpl Normal file
View File

@ -0,0 +1,47 @@
{{/* vim: set filetype=mustache: */}}
{{/*
Expand the name of the chart.
*/}}
{{- define "longhorn.name" -}}
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{/*
Create a default fully qualified app name.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
*/}}
{{- define "longhorn.fullname" -}}
{{- $name := default .Chart.Name .Values.nameOverride -}}
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{- define "longhorn.managerIP" -}}
{{- $fullname := (include "longhorn.fullname" .) -}}
{{- printf "http://%s-backend:9500" $fullname | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{- define "secret" }}
{{- printf "{\"auths\": {\"%s\": {\"auth\": \"%s\"}}}" .Values.privateRegistry.registryUrl (printf "%s:%s" .Values.privateRegistry.registryUser .Values.privateRegistry.registryPasswd | b64enc) | b64enc }}
{{- end }}
{{- /*
longhorn.labels generates the standard Helm labels.
*/ -}}
{{- define "longhorn.labels" -}}
app.kubernetes.io/name: {{ template "longhorn.name" . }}
helm.sh/chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/version: {{ .Chart.AppVersion }}
{{- end -}}
{{- define "system_default_registry" -}}
{{- if .Values.global.cattle.systemDefaultRegistry -}}
{{- printf "%s/" .Values.global.cattle.systemDefaultRegistry -}}
{{- else -}}
{{- "" -}}
{{- end -}}
{{- end -}}

40
charts/longhorn/templates/clusterrole.yaml Normal file
View File

@ -0,0 +1,40 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: longhorn-role
labels: {{- include "longhorn.labels" . | nindent 4 }}
rules:
- apiGroups:
- apiextensions.k8s.io
resources:
- customresourcedefinitions
verbs:
- "*"
- apiGroups: [""]
resources: ["pods", "events", "persistentvolumes", "persistentvolumeclaims","persistentvolumeclaims/status", "nodes", "proxy/nodes", "pods/log", "secrets", "services", "endpoints", "configmaps"]
verbs: ["*"]
- apiGroups: [""]
resources: ["namespaces"]
verbs: ["get", "list"]
- apiGroups: ["apps"]
resources: ["daemonsets", "statefulsets", "deployments"]
verbs: ["*"]
- apiGroups: ["batch"]
resources: ["jobs", "cronjobs"]
verbs: ["*"]
- apiGroups: ["scheduling.k8s.io"]
resources: ["priorityclasses"]
verbs: ["watch", "list"]
- apiGroups: ["storage.k8s.io"]
resources: ["storageclasses", "volumeattachments", "csinodes", "csidrivers"]
verbs: ["*"]
- apiGroups: ["coordination.k8s.io"]
resources: ["leases"]
verbs: ["get", "watch", "list", "delete", "update", "create"]
- apiGroups: ["longhorn.io"]
resources: ["volumes", "volumes/status", "engines", "engines/status", "replicas", "replicas/status", "settings",
"engineimages", "engineimages/status", "nodes", "nodes/status", "instancemanagers", "instancemanagers/status"]
verbs: ["*"]
- apiGroups: ["coordination.k8s.io"]
resources: ["leases"]
verbs: ["*"]

13
charts/longhorn/templates/clusterrolebinding.yaml Normal file
View File

@ -0,0 +1,13 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: longhorn-bind
labels: {{- include "longhorn.labels" . | nindent 4 }}
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: longhorn-role
subjects:
- kind: ServiceAccount
name: longhorn-service-account
namespace: {{ .Release.Namespace }}

112
charts/longhorn/templates/daemonset-sa.yaml Normal file
View File

@ -0,0 +1,112 @@
apiVersion: apps/v1
kind: DaemonSet
metadata:
labels: {{- include "longhorn.labels" . | nindent 4 }}
app: longhorn-manager
name: longhorn-manager
namespace: {{ .Release.Namespace }}
spec:
selector:
matchLabels:
app: longhorn-manager
template:
metadata:
labels: {{- include "longhorn.labels" . | nindent 8 }}
app: longhorn-manager
spec:
containers:
- name: longhorn-manager
image: {{ template "system_default_registry" . }}{{ .Values.image.longhorn.manager.repository }}:{{ .Values.image.longhorn.manager.tag }}
imagePullPolicy: IfNotPresent
securityContext:
privileged: true
command:
- longhorn-manager
- -d
- daemon
- --engine-image
- "{{ template "system_default_registry" . }}{{ .Values.image.longhorn.engine.repository }}:{{ .Values.image.longhorn.engine.tag }}"
- --instance-manager-image
- "{{ template "system_default_registry" . }}{{ .Values.image.longhorn.instanceManager.repository }}:{{ .Values.image.longhorn.instanceManager.tag }}"
- --manager-image
- "{{ template "system_default_registry" . }}{{ .Values.image.longhorn.manager.repository }}:{{ .Values.image.longhorn.manager.tag }}"
- --service-account
- longhorn-service-account
ports:
- containerPort: 9500
name: manager
readinessProbe:
tcpSocket:
port: 9500
volumeMounts:
- name: dev
mountPath: /host/dev/
- name: proc
mountPath: /host/proc/
- name: varrun
mountPath: /var/run/
mountPropagation: Bidirectional
- name: longhorn
mountPath: /var/lib/longhorn/
mountPropagation: Bidirectional
- name: longhorn-default-setting
mountPath: /var/lib/longhorn-setting/
env:
- name: POD_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
- name: POD_IP
valueFrom:
fieldRef:
fieldPath: status.podIP
- name: NODE_NAME
valueFrom:
fieldRef:
fieldPath: spec.nodeName
- name: DEFAULT_SETTING_PATH
value: /var/lib/longhorn-setting/default-setting.yaml
volumes:
- name: dev
hostPath:
path: /dev/
- name: proc
hostPath:
path: /proc/
- name: varrun
hostPath:
path: /var/run/
- name: longhorn
hostPath:
path: /var/lib/longhorn/
- name: longhorn-default-setting
configMap:
name: longhorn-default-setting
{{- if .Values.defaultSettings.registrySecret }}
imagePullSecrets:
- name: {{ .Values.defaultSettings.registrySecret }}
{{- end }}
serviceAccountName: longhorn-service-account
updateStrategy:
rollingUpdate:
maxUnavailable: "100%"
---
apiVersion: v1
kind: Service
metadata:
labels: {{- include "longhorn.labels" . | nindent 4 }}
app: longhorn-manager
name: longhorn-backend
namespace: {{ .Release.Namespace }}
spec:
type: {{ .Values.service.manager.type }}
sessionAffinity: ClientIP
selector:
app: longhorn-manager
ports:
- name: manager
port: 9500
targetPort: manager
{{- if .Values.service.manager.nodePort }}
nodePort: {{ .Values.service.manager.nodePort }}
{{- end }}

28
charts/longhorn/templates/default-setting.yaml Normal file
View File

@ -0,0 +1,28 @@
apiVersion: v1
kind: ConfigMap
metadata:
name: longhorn-default-setting
namespace: {{ .Release.Namespace }}
labels: {{- include "longhorn.labels" . | nindent 4 }}
data:
default-setting.yaml: |-
backup-target: {{ .Values.defaultSettings.backupTarget }}
backup-target-credential-secret: {{ .Values.defaultSettings.backupTargetCredentialSecret }}
create-default-disk-labeled-nodes: {{ .Values.defaultSettings.createDefaultDiskLabeledNodes }}
default-data-path: {{ .Values.defaultSettings.defaultDataPath }}
replica-soft-anti-affinity: {{ .Values.defaultSettings.replicaSoftAntiAffinity }}
storage-over-provisioning-percentage: {{ .Values.defaultSettings.storageOverProvisioningPercentage }}
storage-minimal-available-percentage: {{ .Values.defaultSettings.storageMinimalAvailablePercentage }}
upgrade-checker: {{ .Values.defaultSettings.upgradeChecker }}
default-replica-count: {{ .Values.defaultSettings.defaultReplicaCount }}
guaranteed-engine-cpu: {{ .Values.defaultSettings.guaranteedEngineCPU }}
default-longhorn-static-storage-class: {{ .Values.defaultSettings.defaultLonghornStaticStorageClass }}
backupstore-poll-interval: {{ .Values.defaultSettings.backupstorePollInterval }}
taint-toleration: {{ .Values.defaultSettings.taintToleration }}
priority-class: {{ .Values.defaultSettings.priorityClass }}
registry-secret: {{ .Values.defaultSettings.registrySecret }}
auto-salvage: {{ .Values.defaultSettings.autoSalvage }}
disable-scheduling-on-cordoned-node: {{ .Values.defaultSettings.disableSchedulingOnCordonedNode }}
replica-zone-soft-anti-affinity: {{ .Values.defaultSettings.replicaZoneSoftAntiAffinity }}
volume-attachment-recovery-policy: {{ .Values.defaultSettings.volumeAttachmentRecoveryPolicy }}
mkfs-ext4-parameters: {{ .Values.defaultSettings.mkfsExt4Parameters }}

84
charts/longhorn/templates/deployment-driver.yaml Normal file
View File

@ -0,0 +1,84 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: longhorn-driver-deployer
namespace: {{ .Release.Namespace }}
labels: {{- include "longhorn.labels" . | nindent 4 }}
spec:
replicas: 1
selector:
matchLabels:
app: longhorn-driver-deployer
template:
metadata:
labels: {{- include "longhorn.labels" . | nindent 8 }}
app: longhorn-driver-deployer
spec:
initContainers:
- name: wait-longhorn-manager
image: {{ template "system_default_registry" . }}{{ .Values.image.longhorn.manager.repository }}:{{ .Values.image.longhorn.manager.tag }}
command: ['sh', '-c', 'while [ $(curl -m 1 -s -o /dev/null -w "%{http_code}" http://longhorn-backend:9500/v1) != "200" ]; do echo waiting; sleep 2; done']
containers:
- name: longhorn-driver-deployer
image: {{ template "system_default_registry" . }}{{ .Values.image.longhorn.manager.repository }}:{{ .Values.image.longhorn.manager.tag }}
imagePullPolicy: IfNotPresent
command:
- longhorn-manager
- -d
- deploy-driver
- --manager-image
- "{{ template "system_default_registry" . }}{{ .Values.image.longhorn.manager.repository }}:{{ .Values.image.longhorn.manager.tag }}"
- --manager-url
- http://longhorn-backend:9500/v1
env:
- name: POD_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
- name: NODE_NAME
valueFrom:
fieldRef:
fieldPath: spec.nodeName
- name: SERVICE_ACCOUNT
valueFrom:
fieldRef:
fieldPath: spec.serviceAccountName
{{- if .Values.csi.kubeletRootDir }}
- name: KUBELET_ROOT_DIR
value: {{ .Values.csi.kubeletRootDir }}
{{- end }}
{{- if and .Values.image.csi.attacher.repository .Values.image.csi.attacher.tag }}
- name: CSI_ATTACHER_IMAGE
value: "{{ template "system_default_registry" . }}{{ .Values.image.csi.attacher.repository }}:{{ .Values.image.csi.attacher.tag }}"
{{- end }}
{{- if and .Values.image.csi.provisioner.repository .Values.image.csi.provisioner.tag }}
- name: CSI_PROVISIONER_IMAGE
value: "{{ template "system_default_registry" . }}{{ .Values.image.csi.provisioner.repository }}:{{ .Values.image.csi.provisioner.tag }}"
{{- end }}
{{- if and .Values.image.csi.nodeDriverRegistrar.repository .Values.image.csi.nodeDriverRegistrar.tag }}
- name: CSI_NODE_DRIVER_REGISTRAR_IMAGE
value: "{{ template "system_default_registry" . }}{{ .Values.image.csi.nodeDriverRegistrar.repository }}:{{ .Values.image.csi.nodeDriverRegistrar.tag }}"
{{- end }}
{{- if and .Values.image.csi.resizer.repository .Values.image.csi.resizer.tag }}
- name: CSI_RESIZER_IMAGE
value: "{{ template "system_default_registry" . }}{{ .Values.image.csi.resizer.repository }}:{{ .Values.image.csi.resizer.tag }}"
{{- end }}
{{- if .Values.csi.attacherReplicaCount }}
- name: CSI_ATTACHER_REPLICA_COUNT
value: {{ .Values.csi.attacherReplicaCount | quote }}
{{- end }}
{{- if .Values.csi.provisionerReplicaCount }}
- name: CSI_PROVISIONER_REPLICA_COUNT
value: {{ .Values.csi.provisionerReplicaCount | quote }}
{{- end }}
{{- if .Values.csi.resizerReplicaCount }}
- name: CSI_RESIZER_REPLICA_COUNT
value: {{ .Values.csi.resizerReplicaCount | quote }}
{{- end }}
{{- if .Values.defaultSettings.registrySecret }}
imagePullSecrets:
- name: {{ .Values.defaultSettings.registrySecret }}
{{- end }}
serviceAccountName: longhorn-service-account
securityContext:
runAsUser: 0

61
charts/longhorn/templates/deployment-ui.yaml Normal file
View File

@ -0,0 +1,61 @@
apiVersion: apps/v1
kind: Deployment
metadata:
labels: {{- include "longhorn.labels" . | nindent 4 }}
app: longhorn-ui
name: longhorn-ui
namespace: {{ .Release.Namespace }}
spec:
replicas: 1
selector:
matchLabels:
app: longhorn-ui
template:
metadata:
labels: {{- include "longhorn.labels" . | nindent 8 }}
app: longhorn-ui
spec:
containers:
- name: longhorn-ui
image: {{ template "system_default_registry" . }}{{ .Values.image.longhorn.ui.repository }}:{{ .Values.image.longhorn.ui.tag }}
imagePullPolicy: IfNotPresent
securityContext:
runAsUser: 0
ports:
- containerPort: 8000
name: http
env:
- name: LONGHORN_MANAGER_IP
value: "http://longhorn-backend:9500"
{{- if .Values.defaultSettings.registrySecret }}
imagePullSecrets:
- name: {{ .Values.defaultSettings.registrySecret }}
{{- end }}
---
kind: Service
apiVersion: v1
metadata:
labels: {{- include "longhorn.labels" . | nindent 4 }}
app: longhorn-ui
{{- if eq .Values.service.ui.type "Rancher-Proxy" }}
kubernetes.io/cluster-service: "true"
{{- end }}
name: longhorn-frontend
namespace: {{ .Release.Namespace }}
spec:
{{- if eq .Values.service.ui.type "Rancher-Proxy" }}
type: ClusterIP
{{- else }}
type: {{ .Values.service.ui.type }}
{{- end }}
selector:
app: longhorn-ui
ports:
- name: http
port: 80
targetPort: http
{{- if .Values.service.ui.nodePort }}
nodePort: {{ .Values.service.ui.nodePort }}
{{- else }}
nodePort: null
{{- end }}

30
charts/longhorn/templates/ingress.yaml Normal file
View File

@ -0,0 +1,30 @@
{{- if .Values.ingress.enabled }}
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: longhorn-ingress
labels: {{- include "longhorn.labels" . | nindent 4 }}
app: longhorn-ingress
annotations:
{{- if .Values.ingress.tls }}
ingress.kubernetes.io/secure-backends: "true"
{{- end }}
{{- range $key, $value := .Values.ingress.annotations }}
{{ $key }}: {{ $value | quote }}
{{- end }}
spec:
rules:
- host: {{ .Values.ingress.host }}
http:
paths:
- path: {{ default "" .Values.ingress.path }}
backend:
serviceName: longhorn-frontend
servicePort: 80
{{- if .Values.ingress.tls }}
tls:
- hosts:
- {{ .Values.ingress.host }}
secretName: {{ .Values.ingress.tlsSecret }}
{{- end }}
{{- end }}

35
charts/longhorn/templates/postupgrade-job.yaml Normal file
View File

@ -0,0 +1,35 @@
apiVersion: batch/v1
kind: Job
metadata:
annotations:
"helm.sh/hook": post-upgrade
"helm.sh/hook-delete-policy": hook-succeeded,before-hook-creation
name: longhorn-post-upgrade
namespace: {{ .Release.Namespace }}
labels: {{- include "longhorn.labels" . | nindent 4 }}
spec:
activeDeadlineSeconds: 900
backoffLimit: 1
template:
metadata:
name: longhorn-post-upgrade
labels: {{- include "longhorn.labels" . | nindent 8 }}
spec:
containers:
- name: longhorn-post-upgrade
image: {{ template "system_default_registry" . }}{{ .Values.image.longhorn.manager.repository }}:{{ .Values.image.longhorn.manager.tag }}
imagePullPolicy: Always
command:
- longhorn-manager
- post-upgrade
env:
- name: POD_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
restartPolicy: OnFailure
{{- if .Values.defaultSettings.registrySecret }}
imagePullSecrets:
- name: {{ .Values.defaultSettings.registrySecret }}
{{- end }}
serviceAccountName: longhorn-service-account

66
charts/longhorn/templates/psp.yaml Normal file
View File

@ -0,0 +1,66 @@
{{- if .Values.enablePSP }}
apiVersion: policy/v1beta1
kind: PodSecurityPolicy
metadata:
name: longhorn-psp
labels: {{- include "longhorn.labels" . | nindent 4 }}
spec:
privileged: true
allowPrivilegeEscalation: true
requiredDropCapabilities:
- NET_RAW
allowedCapabilities:
- SYS_ADMIN
hostNetwork: false
hostIPC: false
hostPID: true
runAsUser:
rule: RunAsAny
seLinux:
rule: RunAsAny
fsGroup:
rule: RunAsAny
supplementalGroups:
rule: RunAsAny
volumes:
- configMap
- downwardAPI
- emptyDir
- secret
- projected
- hostPath
---
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
name: longhorn-psp-role
labels: {{- include "longhorn.labels" . | nindent 4 }}
namespace: {{ .Release.Namespace }}
rules:
- apiGroups:
- policy
resources:
- podsecuritypolicies
verbs:
- use
resourceNames:
- longhorn-psp
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
name: longhorn-psp-binding
labels: {{- include "longhorn.labels" . | nindent 4 }}
namespace: {{ .Release.Namespace }}
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: longhorn-psp-role
subjects:
- kind: ServiceAccount
name: longhorn-service-account
namespace: {{ .Release.Namespace }}
- kind: ServiceAccount
name: default
namespace: {{ .Release.Namespace }}
{{- end }}

10
charts/longhorn/templates/registry-secret.yml Normal file
View File

@ -0,0 +1,10 @@
{{- if .Values.defaultSettings.registrySecret }}
apiVersion: v1
kind: Secret
metadata:
name: {{ .Values.defaultSettings.registrySecret }}
labels: {{- include "longhorn.labels" . | nindent 4 }}
type: kubernetes.io/dockerconfigjson
data:
.dockerconfigjson: {{ template "secret" . }}
{{- end }}

6
charts/longhorn/templates/serviceaccount.yaml Normal file
View File

@ -0,0 +1,6 @@
apiVersion: v1
kind: ServiceAccount
metadata:
name: longhorn-service-account
namespace: {{ .Release.Namespace }}
labels: {{- include "longhorn.labels" . | nindent 4 }}

14
charts/longhorn/templates/storageclass.yaml Normal file
View File

@ -0,0 +1,14 @@
kind: StorageClass
apiVersion: storage.k8s.io/v1
metadata:
name: longhorn
annotations:
storageclass.kubernetes.io/is-default-class: {{ .Values.persistence.defaultClass | quote }}
labels: {{- include "longhorn.labels" . | nindent 4 }}
provisioner: driver.longhorn.io
allowVolumeExpansion: true
parameters:
numberOfReplicas: "{{ .Values.persistence.defaultClassReplicaCount }}"
staleReplicaTimeout: "30"
fromBackup: ""
baseImage: ""

15
charts/longhorn/templates/tls-secrets.yaml Normal file
View File

@ -0,0 +1,15 @@
{{- if .Values.ingress.enabled }}
{{- range .Values.ingress.secrets }}
apiVersion: v1
kind: Secret
metadata:
name: longhorn
labels: {{- include "longhorn.labels" . | nindent 4 }}
app: longhorn
type: kubernetes.io/tls
data:
tls.crt: {{ .certificate | b64enc }}
tls.key: {{ .key | b64enc }}
---
{{- end }}
{{- end }}

36
charts/longhorn/templates/uninstall-job.yaml Normal file
View File

@ -0,0 +1,36 @@
apiVersion: batch/v1
kind: Job
metadata:
annotations:
"helm.sh/hook": pre-delete
"helm.sh/hook-delete-policy": hook-succeeded
name: longhorn-uninstall
namespace: {{ .Release.Namespace }}
labels: {{- include "longhorn.labels" . | nindent 4 }}
spec:
activeDeadlineSeconds: 900
backoffLimit: 1
template:
metadata:
name: longhorn-uninstall
labels: {{- include "longhorn.labels" . | nindent 8 }}
spec:
containers:
- name: longhorn-uninstall
image: {{ template "system_default_registry" . }}{{ .Values.image.longhorn.manager.repository }}:{{ .Values.image.longhorn.manager.tag }}
imagePullPolicy: Always
command:
- longhorn-manager
- uninstall
- --force
env:
- name: LONGHORN_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
restartPolicy: OnFailure
{{- if .Values.defaultSettings.registrySecret }}
imagePullSecrets:
- name: {{ .Values.defaultSettings.registrySecret }}
{{- end }}
serviceAccountName: longhorn-service-account

35
charts/longhorn/templates/userroles.yaml Normal file
View File

@ -0,0 +1,35 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: "longhorn-admin"
labels:
rbac.authorization.k8s.io/aggregate-to-admin: "true"
rules:
- apiGroups: [ "longhorn.io" ]
resources: [ "volumes", "volumes/status", "engines", "engines/status", "replicas", "replicas/status", "settings",
"engineimages", "engineimages/status", "nodes", "nodes/status", "instancemanagers", "instancemanagers/status" ]
verbs: [ "*" ]
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: "longhorn-edit"
labels:
rbac.authorization.k8s.io/aggregate-to-edit: "true"
rules:
- apiGroups: [ "longhorn.io" ]
resources: [ "volumes", "volumes/status", "engines", "engines/status", "replicas", "replicas/status", "settings",
"engineimages", "engineimages/status", "nodes", "nodes/status", "instancemanagers", "instancemanagers/status" ]
verbs: [ "*" ]
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: "longhorn-view"
labels:
rbac.authorization.k8s.io/aggregate-to-view: "true"
rules:
- apiGroups: [ "longhorn.io" ]
resources: [ "volumes", "volumes/status", "engines", "engines/status", "replicas", "replicas/status", "settings",
"engineimages", "engineimages/status", "nodes", "nodes/status", "instancemanagers", "instancemanagers/status" ]
verbs: [ "get", "list", "watch" ]

14
charts/longhorn/templates/validate-install-crd.yaml Normal file
View File

@ -0,0 +1,14 @@
#{{- if gt (len (lookup "rbac.authorization.k8s.io/v1" "ClusterRole" "" "")) 0 -}}
# {{- $found := dict -}}
# {{- set $found "longhorn.io/v1beta1/Engine" false -}}
# {{- range .Capabilities.APIVersions -}}
# {{- if hasKey $found (toString .) -}}
# {{- set $found (toString .) true -}}
# {{- end -}}
# {{- end -}}
# {{- range $_, $exists := $found -}}
# {{- if (eq $exists false) -}}
# {{- required "Required CRDs are missing. Please install the longhorn-crd chart before installing this chart." "" -}}
# {{- end -}}
# {{- end -}}
#{{- end -}}

136
charts/longhorn/values.yaml Normal file
View File

@ -0,0 +1,136 @@
# Default values for longhorn.
# This is a YAML-formatted file.
# Declare variables to be passed into your templates.
global:
cattle:
systemDefaultRegistry: ""
image:
longhorn:
engine:
repository: longhornio/longhorn-engine
tag: v1.0.2
manager:
repository: longhornio/longhorn-manager
tag: v1.0.2
ui:
repository: longhornio/longhorn-ui
tag: v1.0.2
instanceManager:
repository: longhornio/longhorn-instance-manager
tag: v1_20200514
csi:
attacher:
repository: longhornio/csi-attacher
tag: v2.0.0
provisioner:
repository: longhornio/csi-provisioner
tag: v1.4.0
nodeDriverRegistrar:
repository: longhornio/csi-node-driver-registrar
tag: v1.2.0
resizer:
repository: longhornio/csi-resizer
tag: v0.3.0
pullPolicy: IfNotPresent
service:
ui:
type: ClusterIP
nodePort: null
manager:
type: ClusterIP
nodePort: ""
persistence:
defaultClass: true
defaultClassReplicaCount: 3
csi:
kubeletRootDir: ~
attacherReplicaCount: ~
provisionerReplicaCount: ~
resizerReplicaCount: ~
defaultSettings:
backupTarget: ~
backupTargetCredentialSecret: ~
createDefaultDiskLabeledNodes: ~
defaultDataPath: ~
replicaSoftAntiAffinity: ~
storageOverProvisioningPercentage: ~
storageMinimalAvailablePercentage: ~
upgradeChecker: ~
defaultReplicaCount: ~
guaranteedEngineCPU: ~
defaultLonghornStaticStorageClass: ~
backupstorePollInterval: ~
taintToleration: ~
priorityClass: ~
registrySecret: ~
autoSalvage: ~
disableSchedulingOnCordonedNode: ~
replicaZoneSoftAntiAffinity: ~
volumeAttachmentRecoveryPolicy: ~
mkfsExt4Parameters: ~
privateRegistry:
registryUrl: ~
registryUser: ~
registryPasswd: ~
resources: {}
# We usually recommend not to specify default resources and to leave this as a conscious
# choice for the user. This also increases chances charts run on environments with little
# resources, such as Minikube. If you do want to specify resources, uncomment the following
# lines, adjust them as necessary, and remove the curly braces after 'resources:'.
# limits:
# cpu: 100m
# memory: 128Mi
# requests:
# cpu: 100m
# memory: 128Mi
#
ingress:
## Set to true to enable ingress record generation
enabled: false
host: xip.io
## Set this to true in order to enable TLS on the ingress record
## A side effect of this will be that the backend service will be connected at port 443
tls: false
## If TLS is set to true, you must declare what secret will store the key/certificate for TLS
tlsSecret: longhorn.local-tls
## Ingress annotations done as key:value pairs
## If you're using kube-lego, you will want to add:
## kubernetes.io/tls-acme: true
##
## For a full list of possible ingress annotations, please see
## ref: https://github.com/kubernetes/ingress-nginx/blob/master/docs/annotations.md
##
## If tls is set to true, annotation ingress.kubernetes.io/secure-backends: "true" will automatically be set
annotations:
# kubernetes.io/ingress.class: nginx
# kubernetes.io/tls-acme: true
secrets:
## If you're providing your own certificates, please use this to add the certificates as secrets
## key and certificate should start with -----BEGIN CERTIFICATE----- or
## -----BEGIN RSA PRIVATE KEY-----
##
## name should line up with a tlsSecret set further up
## If you're using kube-lego, this is unneeded, as it will create the secret for you if it is not set
##
## It is also possible to create and manage the certificates outside of this helm chart
## Please see README.md for more information
# - name: longhorn.local-tls
# key:
# certificate:
# Configure a pod security policy in the Longhorn namespace to allow privileged pods
enablePSP: true

16
charts/rancher-backup/Chart.yaml Normal file
View File

@ -0,0 +1,16 @@
apiVersion: v1
appVersion: v0.1.0-rc1
description: Provides ability to back up and restore the Rancher application running
on any Kubernetes cluster
name: rancher-backup
keywords:
- applications
- infrastructure
version: 0.1.0
annotations:
catalog.cattle.io/certified: rancher
catalog.cattle.io/namespace: cattle-resources-system
catalog.cattle.io/release-name: rancher-backup
catalog.cattle.io/ui-component: rancher-backup
catalog.cattle.io/provides-gvr: resources.cattle.io.resourceset/v1
catalog.cattle.io/auto-install: rancher-backup-crd=match

69
charts/rancher-backup/README.md Normal file
View File

@ -0,0 +1,69 @@
# Rancher Backup
This chart provides ability to back up and restore the Rancher application running on any Kubernetes cluster.
Refer [this](https://github.com/rancher/backup-restore-operator) repository for implementation details.
-----
### Get Repo Info
```
helm repo add rancher-chart https://charts.rancher.io
helm repo update
```
-----
### Install Chart
```
helm install rancher-backup-crd rancher-chart/rancher-backup-crd -n cattle-resources-system --create-namespace
helm install rancher-backup rancher-chart/rancher-backup -n cattle-resources-system
```
-----
### Configuration
The following table lists the configurable parameters of the rancher-backup chart and their default values:
| Parameter | Description | Default |
|----------|:-------------:|------:|
| image.repository | Container image repository | rancher/backup-restore-operator |
| image.tag | Container image tag | v0.1.0-rc1 |
| s3.enabled | Configure S3 compatible default storage location. Current version supports S3 and MinIO | false |
| s3.credentialSecretName | Name of the Secret containing S3 credentials. This is an optional field. Skip this field in order to use IAM Role authentication. The Secret must contain following two keys, `accessKey` and `secretKey` | "" |
| s3.credentialSecretNamespace | Namespace of the Secret containing S3 credentials | "" |
| s3.region | Region of the S3 Bucket (Required for S3, not valid for MinIO) | "" |
| s3.bucketName | Name of the Bucket | "" |
| s3.folder | Base folder within the Bucket (optional) | "" |
| s3.endpoint | Endpoint for the S3 storage provider | "" |
| s3.endpointCA | Base64 encoded CA cert for the S3 storage provider (optional) | "" |
| s3.insecureTLSSkipVerify | Skip SSL verification | false |
| persistence.enabled | Configure a Persistent Volume as the default storage location. It accepts either a StorageClass name to create a PVC, or directly accepts the PV to use. The Persistent Volume is mounted at `/var/lib/backups` in the operator pod | false |
| persistence.storageClass | StorageClass to use for dynamically provisioning the Persistent Volume, which will be used for storing backups | "" |
| persistence.volumeName | Persistent Volume to use for storing backups | "" |
| persistence.size | Requested size of the Persistent Volume (Applicable when using dynamic provisioning) | "" |
| nodeSelector | https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector | {} |
| tolerations | https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration | [] |
| affinity | https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity | {} |
-----
### CRDs
Refer [this](https://github.com/rancher/backup-restore-operator#crds) section for information on CRDs that this chart installs. Also refer [this](https://github.com/rancher/backup-restore-operator/tree/master/examples) folder containing sample manifests for the CRDs.
-----
### Upgrading Chart
```
helm upgrade rancher-backup-crd -n cattle-resources-system
helm upgrade rancher-backup -n cattle-resources-system
```
-----
### Uninstall Chart
```
helm uninstall rancher-backup -n cattle-resources-system
helm uninstall rancher-backup-crd -n cattle-resources-system
```

10
charts/rancher-backup/charts-crd/Chart.yaml Normal file
View File

@ -0,0 +1,10 @@
apiVersion: v1
version: 0.1.0
description: Installs the CRDs for rancher-backup.
name: rancher-backup-crd
type: application
annotations:
catalog.cattle.io/hidden: "true"
catalog.cattle.io/release-name: rancher-backup-crd
catalog.cattle.io/certified: rancher
catalog.cattle.io/namespace: cattle-resources-system

2
charts/rancher-backup/charts-crd/README.md Normal file
View File

@ -0,0 +1,2 @@
# rancher-backup-crd
A Rancher chart that installs the CRDs used by [rancher-backup](https://github.com/rancher/dev-charts/tree/master/packages/rancher-backup).

119
charts/rancher-backup/charts-crd/templates/backup.yaml Normal file
View File

@ -0,0 +1,119 @@
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
name: backups.resources.cattle.io
spec:
additionalPrinterColumns:
- JSONPath: .status.storageLocation
name: Location
type: string
- JSONPath: .status.backupType
name: Type
type: string
- JSONPath: .status.filename
name: Latest-Backup
type: string
- JSONPath: .spec.resourceSetName
name: ResourceSet
type: string
- JSONPath: .metadata.creationTimestamp
name: Age
type: date
- JSONPath: .status.conditions[?(@.type=="Ready")].message
name: Status
type: string
group: resources.cattle.io
names:
kind: Backup
plural: backups
scope: Cluster
subresources:
status: {}
validation:
openAPIV3Schema:
properties:
spec:
properties:
encryptionConfigSecretName:
description: Name of the Secret containing the encryption config
type: string
resourceSetName:
description: Name of the ResourceSet CR to use for backup
type: string
retentionCount:
minimum: 1
type: integer
schedule:
description: Cron schedule for recurring backups
example:
Descriptors: '@midnight'
Standard crontab specs: 0 0 * * *
type: string
storageLocation:
nullable: true
properties:
s3:
nullable: true
properties:
bucketName:
type: string
credentialSecretName:
type: string
credentialSecretNamespace:
type: string
endpoint:
type: string
endpointCA:
type: string
folder:
type: string
insecureTLSSkipVerify:
type: boolean
region:
type: string
type: object
type: object
required:
- resourceSetName
type: object
status:
properties:
backupType:
type: string
conditions:
items:
properties:
lastTransitionTime:
type: string
lastUpdateTime:
type: string
message:
type: string
reason:
type: string
status:
type: string
type:
type: string
type: object
nullable: true
type: array
filename:
type: string
lastSnapshotTs:
type: string
nextSnapshotAt:
type: string
observedGeneration:
type: integer
storageLocation:
type: string
summary:
type: string
type: object
type: object
version: v1
versions:
- name: v1
served: true
storage: true

94
charts/rancher-backup/charts-crd/templates/resourceset.yaml Normal file
View File

@ -0,0 +1,94 @@
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
name: resourcesets.resources.cattle.io
spec:
group: resources.cattle.io
names:
kind: ResourceSet
plural: resourcesets
scope: Cluster
subresources:
status: {}
validation:
openAPIV3Schema:
properties:
controllerReferences:
items:
properties:
apiVersion:
type: string
name:
type: string
namespace:
type: string
replicas:
type: integer
resource:
type: string
type: object
nullable: true
type: array
resourceSelectors:
items:
properties:
apiVersion:
type: string
kinds:
items:
type: string
nullable: true
type: array
kindsRegexp:
type: string
labelSelectors:
nullable: true
properties:
matchExpressions:
items:
properties:
key:
type: string
operator:
type: string
values:
items:
type: string
nullable: true
type: array
type: object
nullable: true
type: array
matchLabels:
additionalProperties:
type: string
nullable: true
type: object
type: object
namespaceRegexp:
type: string
namespaces:
items:
type: string
nullable: true
type: array
resourceNameRegexp:
type: string
resourceNames:
items:
type: string
nullable: true
type: array
type: object
nullable: true
required:
- apiVersion
type: array
required:
- resourceSelectors
type: object
version: v1
versions:
- name: v1
served: true
storage: true

102
charts/rancher-backup/charts-crd/templates/restore.yaml Normal file
View File

@ -0,0 +1,102 @@
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
name: restores.resources.cattle.io
spec:
additionalPrinterColumns:
- JSONPath: .status.backupSource
name: Backup-Source
type: string
- JSONPath: .spec.backupFilename
name: Backup-File
type: string
- JSONPath: .metadata.creationTimestamp
name: Age
type: date
- JSONPath: .status.conditions[?(@.type=="Ready")].message
name: Status
type: string
group: resources.cattle.io
names:
kind: Restore
plural: restores
scope: Cluster
subresources:
status: {}
validation:
openAPIV3Schema:
properties:
spec:
properties:
backupFilename:
type: string
deleteTimeoutSeconds:
maximum: 10
type: integer
encryptionConfigSecretName:
type: string
prune:
nullable: true
type: boolean
storageLocation:
nullable: true
properties:
s3:
nullable: true
properties:
bucketName:
type: string
credentialSecretName:
type: string
credentialSecretNamespace:
type: string
endpoint:
type: string
endpointCA:
type: string
folder:
type: string
insecureTLSSkipVerify:
type: boolean
region:
type: string
type: object
type: object
required:
- backupFilename
type: object
status:
properties:
backupSource:
type: string
conditions:
items:
properties:
lastTransitionTime:
type: string
lastUpdateTime:
type: string
message:
type: string
reason:
type: string
status:
type: string
type:
type: string
type: object
nullable: true
type: array
observedGeneration:
type: integer
restoreCompletionTs:
type: string
summary:
type: string
type: object
type: object
version: v1
versions:
- name: v1
served: true
storage: true

76
charts/rancher-backup/templates/_helpers.tpl Normal file
View File

@ -0,0 +1,76 @@
{{- define "system_default_registry" -}}
{{- if .Values.global.cattle.systemDefaultRegistry -}}
{{- printf "%s/" .Values.global.cattle.systemDefaultRegistry -}}
{{- else -}}
{{- "" -}}
{{- end -}}
{{- end -}}
{{/*
Windows cluster will add default taint for linux nodes,
add below linux tolerations to workloads could be scheduled to those linux nodes
*/}}
{{- define "linux-node-tolerations" -}}
- key: "cattle.io/os"
value: "linux"
effect: "NoSchedule"
operator: "Equal"
{{- end -}}
{{/*
Create a default fully qualified app name.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
*/}}
{{- define "backupRestore.fullname" -}}
{{- .Chart.Name | trunc 63 | trimSuffix "-" }}
{{- end }}
{{/*
Create chart name and version as used by the chart label.
*/}}
{{- define "backupRestore.chart" -}}
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
{{- end }}
{{/*
Common labels
*/}}
{{- define "backupRestore.labels" -}}
helm.sh/chart: {{ include "backupRestore.chart" . }}
{{ include "backupRestore.selectorLabels" . }}
{{- if .Chart.AppVersion }}
app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
{{- end }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
{{- end }}
{{/*
Selector labels
*/}}
{{- define "backupRestore.selectorLabels" -}}
app.kubernetes.io/name: {{ include "backupRestore.fullname" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
resources.cattle.io/operator: backup-restore
{{- end }}
{{/*
Create the name of the service account to use
*/}}
{{- define "backupRestore.serviceAccountName" -}}
{{ include "backupRestore.fullname" . }}
{{- end }}
{{- define "backupRestore.s3SecretName" -}}
{{- printf "%s-%s" .Chart.Name "s3" | replace "+" "_" | trunc 63 | trimSuffix "-" }}
{{- end }}
{{- define "backupRestore.pvcName" -}}
{{ include "backupRestore.fullname" . }}
{{- end }}
{{- define "backupRestore.nfsPVName" -}}
{{ include "backupRestore.fullname" . }}
{{- end }}

14
charts/rancher-backup/templates/clusterrolebinding.yaml Normal file
View File

@ -0,0 +1,14 @@
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: {{ include "backupRestore.fullname" . }}
labels:
{{- include "backupRestore.labels" . | nindent 4 }}
subjects:
- kind: ServiceAccount
name: {{ include "backupRestore.serviceAccountName" . }}
namespace: {{ .Release.Namespace }}
roleRef:
kind: ClusterRole
name: cluster-admin
apiGroup: rbac.authorization.k8s.io

58
charts/rancher-backup/templates/deployment.yaml Normal file
View File

@ -0,0 +1,58 @@
{{- if and .Values.s3.enabled .Values.persistence.enabled }}
{{- fail "\n\nCannot configure both s3 and PV for storing backups" }}
{{- end }}
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ include "backupRestore.fullname" . }}
namespace: {{ .Release.Namespace }}
labels:
{{- include "backupRestore.labels" . | nindent 4 }}
spec:
selector:
matchLabels:
{{- include "backupRestore.selectorLabels" . | nindent 6 }}
template:
metadata:
labels:
{{- include "backupRestore.selectorLabels" . | nindent 8 }}
annotations:
checksum/secret: {{ include (print $.Template.BasePath "/s3-secret.yaml") . | sha256sum }}
spec:
serviceAccountName: {{ include "backupRestore.serviceAccountName" . }}
containers:
- name: {{ .Chart.Name }}
image: {{ template "system_default_registry" . }}{{ .Values.image.repository }}:{{ .Values.image.tag }}
imagePullPolicy: Always
env:
- name: CHART_NAMESPACE
value: {{ .Release.Namespace }}
{{- if .Values.s3.enabled }}
- name: DEFAULT_S3_BACKUP_STORAGE_LOCATION
value: {{ include "backupRestore.s3SecretName" . }}
{{- end }}
{{- if .Values.persistence.enabled }}
- name: DEFAULT_PERSISTENCE_ENABLED
value: "persistence-enabled"
volumeMounts:
- mountPath: "/var/lib/backups"
name: pv-storage
volumes:
- name: pv-storage
persistentVolumeClaim:
claimName: {{ include "backupRestore.pvcName" . }}
{{- end }}
nodeSelector:
kubernetes.io/os: linux
{{- with .Values.nodeSelector }}
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.affinity }}
affinity:
{{- toYaml . | nindent 8 }}
{{- end }}
tolerations:
{{- include "linux-node-tolerations" . | nindent 8}}
{{- with .Values.tolerations }}
{{- toYaml . | nindent 8 }}
{{- end }}

27
charts/rancher-backup/templates/pvc.yaml Normal file
View File

@ -0,0 +1,27 @@
{{- if and .Values.persistence.enabled -}}
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: {{ include "backupRestore.pvcName" . }}
namespace: {{ .Release.Namespace }}
labels:
{{- include "backupRestore.labels" . | nindent 4 }}
spec:
accessModes:
- ReadWriteOnce
resources:
{{- with .Values.persistence }}
requests:
storage: {{ .size | quote }}
{{- if .storageClass }}
{{- if (eq "-" .storageClass) }}
storageClassName: ""
{{- else }}
storageClassName: {{ .storageClass | quote }}
{{- end }}
{{- end }}
{{- if .volumeName }}
volumeName: {{ .volumeName | quote }}
{{- end }}
{{- end }}
{{- end }}

54
charts/rancher-backup/templates/rancher-resourceset.yaml Normal file
View File

@ -0,0 +1,54 @@
apiVersion: resources.cattle.io/v1
kind: ResourceSet
metadata:
name: rancher-resource-set
resourceSelectors:
- apiVersion: "v1"
kindsRegexp: "^namespaces$"
resourceNameRegexp: "^cattle-|^p-|^c-|^user-|^u-"
resourceNames:
- "local"
- apiVersion: "v1"
kindsRegexp: "^Secret$|^serviceaccounts$"
namespaceRegexp: "^cattle-|^p-|^c-|^local$|^user-|^u-"
- apiVersion: "v1"
kindsRegexp: "^configmaps$"
namespaces:
- "cattle-system"
- apiVersion: "rbac.authorization.k8s.io/v1"
kindsRegexp: "^roles$|^rolebindings$"
namespaceRegexp: "^cattle-|^p-|^c-|^local$|^user-|^u-"
- apiVersion: "rbac.authorization.k8s.io/v1"
kindsRegexp: "^clusterrolebindings$"
resourceNameRegexp: "^cattle-|^clusterrolebinding-|^globaladmin-user-|^grb-u-"
resourceNames:
- "eks-operator"
- apiVersion: "rbac.authorization.k8s.io/v1"
kindsRegexp: "^clusterroles$"
resourceNameRegexp: "^cattle-|^p-|^c-|^local-|^user-|^u-|^project-|^create-ns$"
resourceNames:
- "eks-operator"
- apiVersion: "apiextensions.k8s.io/v1beta1"
kindsRegexp: "."
resourceNameRegexp: "management.cattle.io$|project.cattle.io$|catalog.cattle.io$|eks.cattle.io$|resources.cattle.io$"
- apiVersion: "management.cattle.io/v3"
kindsRegexp: "."
- apiVersion: "project.cattle.io/v3"
kindsRegexp: "."
- apiVersion: "catalog.cattle.io/v1"
kindsRegexp: "^clusterrepos$"
- apiVersion: "resources.cattle.io/v1"
kindsRegexp: "^ResourceSet$"
- apiVersion: "eks.cattle.io/v1"
kindsRegexp: "."
- apiVersion: "apps/v1"
kindsRegexp: "^deployments$"
resourceNames:
- "eks-config-operator"
namespaces:
- "cattle-system"
controllerReferences:
- apiVersion: "apps/v1"
resource: "deployments"
name: "rancher"
namespace: "cattle-system"

31
charts/rancher-backup/templates/s3-secret.yaml Normal file
View File

@ -0,0 +1,31 @@
{{- if .Values.s3.enabled -}}
apiVersion: v1
kind: Secret
metadata:
name: {{ include "backupRestore.s3SecretName" . }}
namespace: {{ .Release.Namespace }}
labels:
{{- include "backupRestore.labels" . | nindent 4 }}
type: Opaque
stringData:
{{- with .Values.s3 }}
{{- if .credentialSecretName }}
credentialSecretName: {{ .credentialSecretName }}
credentialSecretNamespace: {{ required "When providing a Secret containing S3 credentials, a valid .Values.credentialSecretNamespace must be provided" .credentialSecretNamespace }}
{{- end }}
{{- if .region }}
region: {{ .region }}
{{- end }}
bucketName: {{ required "A valid .Values.bucketName is required for configuring S3 compatible storage as the default backup storage location" .bucketName }}
{{- if .folder }}
folder: {{ .folder }}
{{- end }}
endpoint: {{ required "A valid .Values.endpoint is required for configuring S3 compatible storage as the default backup storage location" .endpoint }}
{{- if .endpointCA }}
endpointCA: {{ .endpointCA }}
{{- end }}
{{- if .insecureTLSSkipVerify }}
insecureTLSSkipVerify: {{ .insecureTLSSkipVerify }}
{{- end }}
{{- end }}
{{ end }}

7
charts/rancher-backup/templates/serviceaccount.yaml Normal file
View File

@ -0,0 +1,7 @@
apiVersion: v1
kind: ServiceAccount
metadata:
name: {{ include "backupRestore.serviceAccountName" . }}
namespace: {{ .Release.Namespace }}
labels:
{{- include "backupRestore.labels" . | nindent 4 }}

16
charts/rancher-backup/templates/validate-install-crd.yaml Normal file
View File

@ -0,0 +1,16 @@
#{{- if gt (len (lookup "rbac.authorization.k8s.io/v1" "ClusterRole" "" "")) 0 -}}
# {{- $found := dict -}}
# {{- set $found "resources.cattle.io/v1/Backup" false -}}
# {{- set $found "resources.cattle.io/v1/ResourceSet" false -}}
# {{- set $found "resources.cattle.io/v1/Restore" false -}}
# {{- range .Capabilities.APIVersions -}}
# {{- if hasKey $found (toString .) -}}
# {{- set $found (toString .) true -}}
# {{- end -}}
# {{- end -}}
# {{- range $_, $exists := $found -}}
# {{- if (eq $exists false) -}}
# {{- required "Required CRDs are missing. Please install the rancher-backup-crd chart before installing this chart." "" -}}
# {{- end -}}
# {{- end -}}
#{{- end -}}

49
charts/rancher-backup/values.yaml Normal file
View File

@ -0,0 +1,49 @@
image:
repository: rancher/backup-restore-operator
tag: v0.1.0-rc1
## Default s3 bucket for storing all backup files created by the backup-restore-operator
s3:
enabled: false
## credentialSecretName if set, should be the name of the Secret containing AWS credentials.
## To use IAM Role, don't set this field
credentialSecretName: ""
credentialSecretNamespace: ""
region: ""
bucketName: ""
folder: ""
endpoint: ""
endpointCA: ""
insecureTLSSkipVerify: false
## ref: http://kubernetes.io/docs/user-guide/persistent-volumes/
## If persistence is enabled, operator will create a PVC with mountPath /var/lib/backups
persistence:
enabled: false
## If defined, storageClassName: <storageClass>
## If set to "-", storageClassName: "", which disables dynamic provisioning
## If undefined (the default) or set to null, no storageClassName spec is
## set, choosing the default provisioner. (gp2 on AWS, standard on
## GKE, AWS & OpenStack).
## Refer https://kubernetes.io/docs/concepts/storage/persistent-volumes/#class-1
##
storageClass: "-"
## If you want to disable dynamic provisioning by setting storageClass to "-" above,
## and want to target a particular PV, provide name of the target volume
volumeName: ""
## Only certain StorageClasses allow resizing PVs; Refer https://kubernetes.io/blog/2018/07/12/resizing-persistent-volumes-using-kubernetes/
size: 2Gi
global:
cattle:
systemDefaultRegistry: ""
nodeSelector: {}
tolerations: []
affinity: {}

92
index.yaml
View File

@ -470,6 +470,96 @@ entries:
urls:
- assets/fleet-crd/fleet-crd-0.3.0-alpha600.tgz
version: 0.3.0-alpha600
longhorn:
- annotations:
catalog.cattle.io/auto-install: longhorn-crd=match
catalog.cattle.io/certified: rancher
catalog.cattle.io/namespace: longhorn-system
catalog.cattle.io/provides-gvr: longhorn.io/v1beta1
catalog.cattle.io/release-name: longhorn
catalog.cattle.io/ui-component: longhorn
apiVersion: v1
appVersion: v1.0.2
created: "2020-09-25T21:27:40.522743781Z"
description: Longhorn is a distributed block storage system for Kubernetes.
digest: ff247454026df41123c130c2971dd51f2458d46bc47b0ec9313a6d7906cd7a53
home: https://github.com/longhorn/longhorn
icon: https://raw.githubusercontent.com/cncf/artwork/master/projects/longhorn/icon/color/longhorn-icon-color.svg
keywords:
- longhorn
- storage
- distributed
- block
- device
- iscsi
kubeVersion: '>=v1.14.0-r0'
maintainers:
- email: maintainers@longhorn.io
name: Longhorn maintainers
- email: sheng@yasker.org
name: Sheng Yang
name: longhorn
sources:
- https://github.com/longhorn/longhorn
- https://github.com/longhorn/longhorn-engine
- https://github.com/longhorn/longhorn-instance-manager
- https://github.com/longhorn/longhorn-manager
- https://github.com/longhorn/longhorn-ui
- https://github.com/longhorn/longhorn-tests
urls:
- assets/longhorn/longhorn-1.0.200.tgz
version: 1.0.200
longhorn-crd:
- annotations:
catalog.cattle.io/certified: rancher
catalog.cattle.io/hidden: "true"
catalog.cattle.io/namespace: longhorn-system
catalog.cattle.io/release-name: longhorn-crd
apiVersion: v1
created: "2020-09-25T21:27:40.522946083Z"
description: Installs the CRDs for longhorn.
digest: 4203577c0310a1877ac18f7e13cfbc475cc25f13e03deb57d9c581bdab4cc48a
name: longhorn-crd
type: application
urls:
- assets/longhorn/longhorn-crd-1.0.200.tgz
version: 1.0.200
rancher-backup:
- annotations:
catalog.cattle.io/auto-install: rancher-backup-crd=match
catalog.cattle.io/certified: rancher
catalog.cattle.io/namespace: cattle-resources-system
catalog.cattle.io/provides-gvr: resources.cattle.io.resourceset/v1
catalog.cattle.io/release-name: rancher-backup
catalog.cattle.io/ui-component: rancher-backup
apiVersion: v1
appVersion: v0.1.0-rc1
created: "2020-09-25T21:27:40.524512896Z"
description: Provides ability to back up and restore the Rancher application running
on any Kubernetes cluster
digest: e3a672fd48b68d0228b812e1f336fe62070c7f31798efd562444b840cd2c7819
keywords:
- applications
- infrastructure
name: rancher-backup
urls:
- assets/rancher-backup/rancher-backup-0.1.0.tgz
version: 0.1.0
rancher-backup-crd:
- annotations:
catalog.cattle.io/certified: rancher
catalog.cattle.io/hidden: "true"
catalog.cattle.io/namespace: cattle-resources-system
catalog.cattle.io/release-name: rancher-backup-crd
apiVersion: v1
created: "2020-09-25T21:27:40.5249197Z"
description: Installs the CRDs for rancher-backup.
digest: e47f707d41a668bb01e928fc8412d4d09edabbb47feb4e8ac0ccafbece317aa9
name: rancher-backup-crd
type: application
urls:
- assets/rancher-backup/rancher-backup-crd-0.1.0.tgz
version: 0.1.0
rancher-cis-benchmark:
- annotations:
catalog.cattle.io/auto-install: rancher-cis-benchmark-crd=match
@ -1354,4 +1444,4 @@ entries:
urls:
- assets/rio/rio-0.8.000.tgz
version: 0.8.000
generated: "2020-09-25T20:19:25.602999395Z"
generated: "2020-09-25T21:27:40.521318869Z"

3
sha256sum/longhorn/longhorn.sum Normal file
View File

@ -0,0 +1,3 @@
da86de88f83918e2eb6fbd79d9f08a2a5e2d4c42f9931aa9c1f113e71438ea60 packages/longhorn/overlay/templates/userroles.yaml
2e992fbba0e0f027b83fd10e86a5962e5842819d42e216cf604197d21ee962b2 packages/longhorn/package.yaml
b1a46c54b5178f0a8af63adc4f8ac5ed7d26fc88d8f43a76ea010a88b06f0e00 packages/longhorn/longhorn.patch

14
sha256sum/rancher-backup/rancher-backup.sum Normal file
View File

@ -0,0 +1,14 @@
6175c33d41cd634800072f926b7edc756fc93ed4f24d607eeb13d2cc41179786 packages/rancher-backup/charts/Chart.yaml
cb3c732b2c06c1b47057c8ee0ff8605b8b5ed0e306afd16783212e09f3d1dc5f packages/rancher-backup/charts/README.md
4a328a380a540f06f0f969f5547b70d9a6823f0faf4574af7e93332bde3461fa packages/rancher-backup/charts/templates/s3-secret.yaml
018e3819ff32db39b66c3fc2e0e9b9ddbc082acf36b921d1eec111bf8642274e packages/rancher-backup/charts/templates/_helpers.tpl
bc862986e3481ef4f93edf43e4e1d4c347a348da04c5b3b4472cee7e30cf00b0 packages/rancher-backup/charts/templates/serviceaccount.yaml
87ac3559c463c089e6f29b236805e0ed5e44dfd369e3510ebc452470d62c6583 packages/rancher-backup/charts/templates/rancher-resourceset.yaml
e63f71dd15261939bd47ae262c2cec8f18694dc86b264c4da2b1af3c5db5eb1c packages/rancher-backup/charts/templates/deployment.yaml
be84d711886fbd515eb68a8681670b077350dda1a5ff60fcdd99e924583344de packages/rancher-backup/charts/templates/clusterrolebinding.yaml
ee02b7e471c51ff5b387fcb5245adfacc0bbb88b44592fbb36ddf7ed1657d6c9 packages/rancher-backup/charts/templates/pvc.yaml
a1abe279c1a5803854e64e9e5255f0cb5f2455ccf058236f0cc62ece7b36d740 packages/rancher-backup/charts/values.yaml
4e1d807b18e99ba7f8922f46356d13a6f684f3b8c6982ab1c7317737081bf142 packages/rancher-backup/charts/crds/resourceset.yaml
1fe59a9505de1a3233c76e4481bd032781919b181b0b4fb1ecd6128f451c65f8 packages/rancher-backup/charts/crds/backup.yaml
a0a510eba97c08bfc8095ed6c52df8471d80ee6d57fbbcd975285b1dec38733a packages/rancher-backup/charts/crds/restore.yaml
951ad1d2a7ded610f857e3c82ee9844eddc8fdc888a70feb709bc50e1e942cb5 packages/rancher-backup/package.yaml