andata
/
rancher-charts
mirror of https://git.rancher.io/charts
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

(dev-v2.6-archive) Merge pull request #532 from cbron/kiali-server 

rancher-kiali-server

(partially cherry picked from commit 9329c3c38d)
pull/1680/head
Caleb Bron 2020-08-12 15:27:45 -07:00 committed by Arvind Iyengar
parent f9245f662f
commit f69fe062c6
No known key found for this signature in database
GPG Key ID: A8DD9BFD6C811498
15 changed files with 260 additions and 76 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
packages/rancher-istio/charts/Chart.yaml
View File

@ -9,3 +9,5 @@ annotations:
catalog.cattle.io/namespace: istio-system
catalog.cattle.io/release-name: rancher-istio
catalog.cattle.io/ui-component: istio
catalog.cattle.io/requires-gvr: prometheuses.monitoring.coreos.com/v1
catalog.cattle.io/auto-install-gvr: monitoringdashboards.monitoring.kiali.io/v1alpha1

19
packages/rancher-istio/charts/README.md Normal file
View File

@ -0,0 +1,19 @@
# Rancher Istio Installers
A Rancher created chart that packages the istioctl binary to install via a helm chart.
# Installation
### pre-requisites
This chart depends on the rancher-kiali-server-crd chart.
It also depends on rancher-monitoring being installed with default values for nameOverride, namespaceOverride, and the prometheus.service.port.
If those values are modified on the rancher-monitoring deployment, please adjust the `kiali.external_services.prometheus` url settings:
```
http://{{ .Values.nameOverride }}-prometheus.{{ .Values.namespaceOverride }}.svc:{{ prometheus.service.port }}
```
### installation
helm install rancher-istio ./ --create-namespace -n cattle-istio-system

10
packages/rancher-istio/charts/configs/istio-base.yaml
View File

@ -4,6 +4,14 @@ spec:
addonComponents:
istiocoredns:
enabled: {{ .Values.istiocoredns.enabled }}
prometheus:
enabled: false
grafana:
enabled: false
kiali:
enabled: false
tracing:
enabled: false
components:
base:
enabled: {{ .Values.base.enabled }}
@ -48,6 +56,8 @@ spec:
profile: default
tag: {{ .Values.tag }}
revision: {{ .Values.revision }}
meshConfig:
enablePrometheusMerge: {{ .Values.meshConfig.enablePrometheusMerge }}
values:
gateways:
istio-egressgateway:

7
packages/rancher-istio/charts/requirements.yaml Normal file
View File

@ -0,0 +1,7 @@
dependencies:
- name: rancher-kiali-server
alias: kiali
condition: kiali.enabled
version: 1.22.0
repository: file://../../rancher-kiali-server/charts

51
packages/rancher-istio/charts/templates/service-monitors.yaml Normal file
View File

@ -0,0 +1,51 @@
{{- if .Values.kiali.enabled }}
apiVersion: monitoring.coreos.com/v1
kind: ServiceMonitor
metadata:
name: envoy-stats-monitor
namespace: istio-system
labels:
monitoring: istio-proxies
spec:
selector:
matchExpressions:
- {key: istio-prometheus-ignore, operator: DoesNotExist}
namespaceSelector:
any: true
jobLabel: envoy-stats
endpoints:
- path: /stats/prometheus
targetPort: 15090
interval: 15s
relabelings:
- sourceLabels: [__meta_kubernetes_pod_container_port_name]
action: keep
regex: '.*-envoy-prom'
- action: labeldrop
regex: "__meta_kubernetes_pod_label_(.+)"
- sourceLabels: [__meta_kubernetes_namespace]
action: replace
targetLabel: namespace
- sourceLabels: [__meta_kubernetes_pod_name]
action: replace
targetLabel: pod_name
---
apiVersion: monitoring.coreos.com/v1
kind: ServiceMonitor
metadata:
name: istio-component-monitor
namespace: istio-system
labels:
monitoring: istio-components
spec:
jobLabel: istio
targetLabels: [app]
selector:
matchExpressions:
- {key: istio, operator: In, values: [pilot]}
namespaceSelector:
any: true
endpoints:
- port: http-monitoring
interval: 15s
{{- end -}}

24
packages/rancher-istio/charts/values.yaml
View File

@ -51,3 +51,27 @@ global:
image: proxyv2
proxy_init:
image: proxyv2
# this can be removed in 1.7 as it is default
meshConfig:
enablePrometheusMerge: true
# Kiali subchart from rancher-kiali-server
kiali:
enabled: true
auth:
# todo: what auth strategy ?
# strategy: token # this is default, you can use a service-account or kubeconfig token
strategy: anonymous
deployment:
ingress_enabled: false
external_services:
prometheus:
custom_metrics_url: "http://monitoring-rancher-monitor-prometheus.monitoring-system.svc:9090"
url: "http://monitoring-rancher-monitor-prometheus.monitoring-system.svc:9090"
tracing:
enabled: false
# TODO : update images
# deployment:
# image_name: "rancher..."
# image_version: v1.....

5
packages/rancher-kiali-server/package.yaml Normal file
View File

@ -0,0 +1,5 @@
url: https://kiali.org/helm-charts/kiali-server-1.22.0.tgz
packageVersion: 01
generateCRDChart:
enabled: true
providesGVR: monitoringdashboards.monitoring.kiali.io/v1alpha1

39
packages/rancher-kiali-server/rancher-kiali-server.patch Normal file
View File

@ -0,0 +1,39 @@
diff -x '*.tgz' -x '*.lock' -uNr packages/rancher-kiali-server/charts-original/Chart.yaml packages/rancher-kiali-server/charts/Chart.yaml
--- packages/rancher-kiali-server/charts-original/Chart.yaml
+++ packages/rancher-kiali-server/charts/Chart.yaml
@@ -1,20 +1,23 @@
apiVersion: v2
appVersion: v1.22.0
-description: Kiali is an open source project for service mesh observability, refer
- to https://www.kiali.io for details.
+description: Rancher chart based on Kiali Server, containing standard defaults. Installed as sub-chart with customized values in Rancher's Istio.
home: https://github.com/kiali/kiali
icon: https://raw.githubusercontent.com/kiali/kiali.io/master/themes/kiali/static/img/kiali_logo_masthead.png
keywords:
-- istio
-- kiali
+ - istio
+ - kiali
maintainers:
-- email: kiali-users@googlegroups.com
- name: Kiali
- url: https://kiali.io
-name: kiali-server
+ - email: kiali-users@googlegroups.com
+ name: Kiali
+ url: https://kiali.io
+name: rancher-kiali-server
sources:
-- https://github.com/kiali/kiali
-- https://github.com/kiali/kiali-ui
-- https://github.com/kiali/kiali-operator
-- https://github.com/kiali/helm-charts
+ - https://github.com/kiali/kiali
+ - https://github.com/kiali/kiali-ui
+ - https://github.com/kiali/kiali-operator
+ - https://github.com/kiali/helm-charts
version: 1.22.0
+annotations:
+ catalog.cattle.io/requires-gvr: prometheuses.monitoring.coreos.com/v1
+ catalog.rancher.io/namespace: cattle-istio-system
+ catalog.rancher.io/release-name: rancher-kiali-server

34
packages/rancher-logging/overlay/templates/outputs/elasticsearch/output.yaml
View File

@ -12,32 +12,32 @@ spec:
{{- if .Values.elasticsearch.user }}
user: {{ .Values.elasticsearch.user }}
{{- end}}
{{- if .Values.elasticsearch.password.secret_name }}
{{- if .Values.elasticsearch.password }}
password:
valueFrom:
secretKeyRef:
name: {{ .Values.elasticsearch.password.secret_name }}
key: {{ .Values.elasticsearch.password.key }}
{{- end}}
{{- if .Values.elasticsearch.client_cert.secret_name }}
name: {{ .Release.Name }}-elasticsearch
key: "password"
{{- end}}
{{- if .Values.elasticsearch.client_cert }}
client_cert:
valueFrom:
secretKeyRef:
name: {{ .Values.elasticsearch.client_cert.secret_name }}
key: {{ .Values.elasticsearch.client_cert.key }}
{{- end}}
{{- if .Values.elasticsearch.client_key.secret_name }}
name: {{ .Release.Name }}-elasticsearch
key: "client_cert"
{{- end}}
{{- if .Values.elasticsearch.client_key }}
client_key:
valueFrom:
secretKeyRef:
name: {{ .Values.elasticsearch.client_key.secret_name }}
key: {{ .Values.elasticsearch.client_key.key }}
{{- end}}
{{- if .Values.elasticsearch.client_key_pass.secret_name }}
name: {{ .Release.Name }}-elasticsearch
key: "client_key"
{{- end}}
{{- if .Values.elasticsearch.client_key_pass }}
client_key_pass:
valueFrom:
secretKeyRef:
name: {{ .Values.elasticsearch.client_key_pass.secret_name }}
key: {{ .Values.elasticsearch.client_key_pass.key }}
{{- end}}
{{- end }}
name: {{ .Release.Name }}-elasticsearch
key: "client_key_pass"
{{- end}}
{{- end }}

14
packages/rancher-logging/overlay/templates/outputs/elasticsearch/secret.yaml Normal file
View File

@ -0,0 +1,14 @@
{{- if .Values.elasticsearch.enabled }}
apiVersion: v1
kind: Secret
metadata:
name: {{ .Release.Name }}-elasticsearch
labels:
{{ include "logging-operator.labels" . | indent 4 }}
type: Opaque
data:
password: {{ .Values.elasticsearch.password | b64enc | quote }}
client_cert: {{ .Values.elasticsearch.client_cert | b64enc | quote }}
client_key: {{ .Values.elasticsearch.client_key | b64enc | quote }}
client_key_pass: {{ .Values.elasticsearch.client_key_pass | b64enc | quote }}
{{- end }}

36
packages/rancher-logging/overlay/templates/outputs/kafka/output.yaml
View File

@ -12,46 +12,46 @@ spec:
format:
type: json
{{- if .Values.kakfa.username.secret_name }}
{{- if .Values.kakfa.username }}
username:
valueFrom:
secretKeyRef:
name: {{ .Values.kakfa.username.secret_name }}
key: {{ .Values.kakfa.username.key }}
name: {{ .Release.Name }}-kafka
key: "username"
{{- end }}
{{- if .Values.kakfa.password.secret_name }}
{{- if .Values.kakfa.password }}
password:
valueFrom:
secretKeyRef:
name: {{ .Values.kakfa.password.secret_name }}
key: {{ .Values.kakfa.password.key }}
name: {{ .Release.Name }}-kafka
key: "password"
{{- end }}
{{- if .Values.kakfa.ssl_ca_cert.secret_name }}
{{- if .Values.kakfa.ssl_ca_cert }}
ssl_ca_cert:
valueFrom:
secretKeyRef:
name: {{ .Values.kakfa.ssl_ca_cert.secret_name }}
key: {{ .Values.kakfa.ssl_ca_cert.key }}
name: {{ .Release.Name }}-kafka
key: "ssl_ca_cert"
{{- end }}
{{- if .Values.kakfa.ssl_client_cert.secret_name }}
{{- if .Values.kakfa.ssl_client_cert }}
ssl_client_cert:
valueFrom:
secretKeyRef:
name: {{ .Values.kakfa.ssl_client_cert.secret_name }}
key: {{ .Values.kakfa.ssl_client_cert.key }}
name: {{ .Release.Name }}-kafka
key: "ssl_client_cert"
{{- end }}
{{- if .Values.kakfa.ssl_client_cert_chain.secret_name }}
{{- if .Values.kakfa.ssl_client_cert_chain }}
ssl_client_cert_chain:
valueFrom:
secretKeyRef:
name: {{ .Values.kakfa.ssl_client_cert_chain.secret_name }}
key: {{ .Values.kakfa.ssl_client_cert_chain.key }}
name: {{ .Release.Name }}-kafka
key: "ssl_client_cert_chain"
{{- end }}
{{- if .Values.kakfa.ssl_client_cert_key.secret_name }}
{{- if .Values.kakfa.ssl_client_cert_key }}
ssl_client_cert_key:
valueFrom:
secretKeyRef:
name: {{ .Values.kakfa.ssl_client_cert_key.secret_name }}
key: {{ .Values.kakfa.ssl_client_cert_key.key }}
name: {{ .Release.Name }}-kafka
key: "ssl_client_cert_key"
{{- end }}
{{- end }}

28
packages/rancher-logging/overlay/templates/outputs/kafka/secret.yaml Normal file
View File

@ -0,0 +1,28 @@
{{- if .Values.kafka.enabled }}
apiVersion: v1
kind: Secret
metadata:
name: {{ .Release.Name }}-kafka
labels:
{{ include "logging-operator.labels" . | indent 4 }}
type: Opaque
data:
{{- if .Values.kafka.username }}
username: {{ .Values.kafka.username }}
{{- end }}
{{- if .Values.kafka.password }}
password: {{ .Values.kafka.password }}
{{- end }}
{{- if .Values.kafka.ssl_ca_cert }}
ssl_ca_cert: {{ .Values.kafka.ssl_ca_cert }}
{{- end }}
{{- if .Values.kafka.ssl_client_cert }}
ssl_client_cert: {{ .Values.kafka.ssl_client_cert }}
{{- end }}
{{- if .Values.kafka.ssl_client_cert_chain }}
ssl_client_cert_chain: {{ .Values.kafka.ssl_client_cert_chain }}
{{- end }}
{{- if .Values.kafka.ssl_client_cert_key }}
ssl_client_cert_key: {{ .Values.kafka.ssl_client_cert_key }}
{{- end }}
{{- end }}

6
packages/rancher-logging/overlay/templates/outputs/splunk/output.yaml
View File

@ -8,12 +8,12 @@ spec:
hec_host: {{ .Values.splunk.host }}
hec_port: {{ .Values.splunk.port }}
protocol: {{ .Values.splunk.protocol }}
{{- if .Values.splunk.token.secret_name }}
{{- if .Values.splunk.index }}
hec_token:
valueFrom:
secretKeyRef:
name: {{ .Values.splunk.token.secret_name }}
key: {{ .Values.splunk.token.key }}
name: {{ .Release.Name }}-splunk
key: "hec_token"
{{- end }}
{{- if .Values.splunk.index }}
index: {{ .Values.splunk.index }}

11
packages/rancher-logging/overlay/templates/outputs/splunk/secret.yaml Normal file
View File

@ -0,0 +1,11 @@
{{- if .Values.splunk.enabled }}
apiVersion: v1
kind: Secret
metadata:
name: {{ .Release.Name }}-splunk
labels:
{{ include "logging-operator.labels" . | indent 4 }}
type: Opaque
data:
hec_token: {{ .Values.splunk.token | b64enc | quote }}
{{- end }}

50
packages/rancher-logging/rancher-logging.patch
View File

@ -31,7 +31,7 @@ diff -x '*.tgz' -x '*.lock' -uNr packages/rancher-logging/charts-original/values
resources: {}
# We usually recommend not to specify default resources and to leave this as a conscious
@@ -76,4 +76,70 @@
@@ -76,4 +76,48 @@
monitoring:
# Create a Prometheus Operator ServiceMonitor object
serviceMonitor:
@ -44,22 +44,10 @@ diff -x '*.tgz' -x '*.lock' -uNr packages/rancher-logging/charts-original/values
+ index_name: fluentd
+ scheme: http
+ user: ""
+ password:
+ secret_name: ""
+ key: "password"
+ ca_file:
+ secret_name: ""
+ key: "ca_file"
+ client_cert:
+ secret_name: ""
+ key: "client_cert"
+ client_key:
+ secret_name: ""
+ key: "client_key"
+ client_key_pass:
+ secret_name: ""
+ key: "client_key_pass"
+
+ password: ""
+ client_cert: ""
+ client_key: ""
+ client_key_pass: ""
+
+kafka:
+ enabled: false
@ -67,24 +55,12 @@ diff -x '*.tgz' -x '*.lock' -uNr packages/rancher-logging/charts-original/values
+ default_topic: "fluentd"
+ sasl_over_ssl: false
+ scram_mechanism: "PLAIN"
+ username:
+ secret_name: ""
+ key: "username"
+ password:
+ secret_name: ""
+ key: "password"
+ ssl_ca_cert:
+ secret_name: ""
+ key: "ssl_ca_cert"
+ ssl_client_cert:
+ secret_name: ""
+ key: "ssl_client_cert"
+ ssl_client_cert_chain:
+ secret_name: ""
+ key: "ssl_client_cert_chain"
+ ssl_client_cert_key:
+ secret_name: ""
+ key: "ssl_client_cert_key"
+ username: ""
+ password: ""
+ ssl_ca_cert: ""
+ ssl_client_cert: ""
+ ssl_client_cert_chain: ""
+ ssl_client_cert_key: ""
+
+splunk:
+ enabled: false
@ -92,9 +68,7 @@ diff -x '*.tgz' -x '*.lock' -uNr packages/rancher-logging/charts-original/values
+ port: 8088
+ protocol: http
+ index: rancher
+ token:
+ secret_name: ""
+ key: "token"
+ token: ""
+ client_cert: ""
+ client_key: ""
+ insecure_ssl: false