andata
/
rancher-charts
mirror of https://git.rancher.io/charts
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
711 Commits
50 Branches
2 Tags
432 MiB
Commit Graph

711 Commits (3cd885c1eac9e44d0b4a39542c1eee9abffe80d1)

Author SHA1 Message Date
Arvind Iyengar e6ade6af51 remove tgz 2020-09-22 11:22:34 -07:00
Arvind Iyengar 92f0eca770 Add nginx proxy to Prometheus for magic links 
This commit adds an nginx proxy in front of Prometheus that intercepts the requests that are sent to the Prometheus pod. This change was necessary since the Prometheus pod encounters issues with Rancher proxy URLs that are formatted like:

```
<server-url>/k8s/clusters/<cluster-id>/api/v1/namespaces/cattle-monitoring-system/services/http:rancher-monitoring-prometheus:9090/proxy
```

Specifically, if using the root_url option, it doubles up this URL when making requests for resources, e.g.
```
<server-url>/k8s/clusters/<cluster-id>/api/v1/namespaces/cattle-monitoring-system/services/http:rancher-monitoring-prometheus:9090/proxy/<my-path>
=>
<server-url>/k8s/clusters/<cluster-id>/api/v1/namespaces/cattle-monitoring-system/services/http:rancher-monitoring-prometheus:9090/proxy/k8s/clusters/<cluster-id>/api/v1/namespaces/cattle-monitoring-system/services/http:rancher-monitoring-prometheus:9090/proxy/<my-path>
```

However, this does not resolve the issue in https://github.com/rancher/rancher/issues/29068.
 2020-09-22 11:20:57 -07:00
Arvind Iyengar d6c774aa42 Add nginx proxy to Grafana for magic links 
This commit adds an nginx proxy in front of Grafana that intercepts the requests that are sent to the Grafana pod. This change was necessary since the Grafana pod encounters issues with Rancher proxy URLs that are formatted like:

```
<server-url>/k8s/clusters/<cluster-id>/api/v1/namespaces/cattle-monitoring-system/services/http:rancher-monitoring-grafana:80/proxy
```

Specifically, if using the root_url option, it doubles up this URL when making requests for resources, e.g.
```
<server-url>/k8s/clusters/<cluster-id>/api/v1/namespaces/cattle-monitoring-system/services/http:rancher-monitoring-grafana:80/proxy/<my-path>
=>
<server-url>/k8s/clusters/<cluster-id>/api/v1/namespaces/cattle-monitoring-system/services/http:rancher-monitoring-grafana:80/proxy/k8s/clusters/<cluster-id>/api/v1/namespaces/cattle-monitoring-system/services/http:rancher-monitoring-grafana:80/proxy/<my-path>
```
 2020-09-22 11:20:57 -07:00
mrajashree 3737ec3c86 Generated changes 2020-09-22 18:05:46 +00:00
Rajashree Mandaogane 65ecdf54e8
Merge pull request #679 from mrajashree/restoreEnc 
Change encryption config field name in restore crd
 2020-09-22 11:05:13 -07:00
rajashree 37a8648cf8 Change encryption config field name in restore crd 2020-09-22 10:26:48 -07:00
maggieliu 082accaf9a Generated changes 2020-09-22 17:05:35 +00:00
maggieliu 34fdd14bca
Merge pull request #674 from aiyengar2/fix_monitoring_chart_hardened 
Support monitoring in hardened RKE clusters
 2020-09-22 10:04:58 -07:00
maggieliu 6edb750ce9
Merge pull request #675 from aiyengar2/fix_pushprox_chart_hardened 
Support pushprox in hardened RKE clusters
 2020-09-22 10:04:44 -07:00
prachidamle 387c7abc46 Generated changes 2020-09-22 04:00:08 +00:00
Prachi Damle 0f786657a2
Merge pull request #676 from prachidamle/airgap_fix 
Use global registry for security-scan and sonobuoy tool images to support airgapped setups
 2020-09-21 20:59:38 -07:00
paynejacob 0b7417b7a4 Generated changes 2020-09-21 23:48:16 +00:00
Jacob Payne 91d1dedca1
allow tolerations to be passed to fluentbit containers (#673) 2020-09-21 16:47:48 -07:00
Prachi Damle 42f30bfad1 Use the system_default_registry for security-scan and sonobuoy images 
Deleting tgz assets
 2020-09-21 15:21:56 -07:00
PennyScissors 69a912e5d8 Generated changes 2020-09-21 22:02:18 +00:00
Steven Crespo 32f1b41934
Merge pull request #670 from PennyScissors/update-gk-v3.1.1 
Update gatekeeper to version 3.1.1
 2020-09-21 15:01:46 -07:00
Steven Crespo 5757f8cc15 Update gatekeeper to v3.1.1 2020-09-21 12:26:43 -07:00
Arvind Iyengar 0824c9466c remove tgz 2020-09-21 12:04:36 -07:00
Arvind Iyengar e3d6033572 Support monitoring in hardened RKE clusters 
This commit adds support for deploying rancher-monitoring into hardened clusters.

It modifies some of the default securityContexts and does some misc. fixes such as:
- Removing default AppArmor PSP annotations from Grafana (related to https://github.com/helm/charts/issues/9090)
- Modifying rkeScheduler and rkeControllerManager to use localhost to scrape components since the endpoints aren't exposed in a hardened cluster

These changes have been verified on a hardened RKE cluster.
 2020-09-21 12:04:07 -07:00
aiyengar2 66cf6d5927 Generated changes 2020-09-21 17:39:44 +00:00
aiyengar2 b94e65a535
Merge pull request #672 from aiyengar2/fix_crd_chart_hardened 
Add securityContext to assumeOwnership CRD charts
 2020-09-21 10:39:11 -07:00
Arvind Iyengar 205e38bb81 remove tgz 2020-09-21 00:20:47 -07:00
Arvind Iyengar 7d1332356c Support pushprox in hardened RKE clusters 
This commit adds support for deploying rancher-pushprox into hardened clusters.

It introduces securityContexts and rearranges the RBAC in order to support a PodSecurityPolicy for the PushProx clients.

These changes have been verified on a hardened RKE cluster.
 2020-09-21 00:20:45 -07:00
Arvind Iyengar 4da2300a26 Move pushprox RBAC into separate file 2020-09-21 00:20:10 -07:00
Arvind Iyengar 6da26e3c49 remove tgz 2020-09-20 16:40:32 -07:00
Arvind Iyengar d52f614415 Add securityContext to assumeOwnership CRD charts 2020-09-20 16:38:26 -07:00
paynejacob 4600d62603 Generated changes 2020-09-20 22:00:38 +00:00
Jacob Payne 60c84b3c3b
fixed eks and k3s logging in airgap (#671) 2020-09-20 15:00:04 -07:00
aiyengar2 7abe624645 Generated changes 2020-09-20 02:42:59 +00:00
aiyengar2 e2d51db8f8
Merge pull request #648 from aiyengar2/refactor_grafana_namespaces 
Use separate namespace only for dashboards
 2020-09-19 19:42:30 -07:00
Arvind Iyengar b5b32789d2 remove tgz 2020-09-19 19:23:35 -07:00
Arvind Iyengar b80fb3a8ff Use separate namespace only for dashboards 
This commit renames `grafana-dashboards` to `cattle-dashboards` and deprecates the `grafana-datasources` namespace in favor of the normal release namespace.

Related Issue: rancher/rancher#28887
 2020-09-19 19:23:35 -07:00
Arvind Iyengar 0fa3a06de0 Split RBAC for ConfigMaps and Secrets 
Related Issue: https://github.com/rancher/rancher/issues/29013
 2020-09-19 19:23:33 -07:00
Arvind Iyengar 2e1ed1b130 Relocate Rancher roles to overlay/ 2020-09-19 19:00:23 -07:00
ibuildthecloud f53ab23985 Generated changes 2020-09-19 06:04:16 +00:00
Darren Shepherd 0353d74289
Merge pull request #669 from StrongMonkey/update-fleet 
Bump fleet, rancher-operator, webhook
 2020-09-18 23:03:38 -07:00
Daishan 89cb2793e9 Bump fleet, rancher-operator, webhook 2020-09-18 23:01:59 -07:00
aiyengar2 6c1ea7bf39 Generated changes 2020-09-19 00:09:41 +00:00
aiyengar2 9b3eaac5f5
Merge pull request #668 from aiyengar2/fix_missing_annotation_on_secret 
Add annotations that were left out on rebase
 2020-09-18 17:09:13 -07:00
Arvind Iyengar c375218e54 remove tgz 2020-09-18 17:08:22 -07:00
Arvind Iyengar 95cf887f5f Add annotations that were left out on rebase 
Dropped on accident in rebase https://github.com/rancher/charts/pull/641/files#diff-ed5b5b87cf149adc6a6408bf81993efdR681-R682
 2020-09-18 17:08:11 -07:00
brendarearden bd35128e6f Generated changes 2020-09-18 23:41:37 +00:00
Brenda Rearden 34676b359a
Merge pull request #667 from brendarearden/image-updates 
Set installer repo,tag in values.yaml
 2020-09-18 16:41:06 -07:00
aiyengar2 234373f159 Generated changes 2020-09-18 23:35:21 +00:00
aiyengar2 034952747f
Merge pull request #666 from aiyengar2/fix_kube_dns_namespace 
Create kube-dns service monitor in kube-system
 2020-09-18 16:34:48 -07:00
Brenda Rearden 9932422f51 Set installer repo,tag in values.yaml 2020-09-18 15:56:15 -07:00
mrajashree a56790115a Generated changes 2020-09-18 22:37:45 +00:00
Rajashree Mandaogane 820f105aa2
Merge pull request #663 from mrajashree/upd 
Update resourceset to include configmaps for clusterrepos
 2020-09-18 15:37:18 -07:00
Arvind Iyengar aee71a40b6 remove tgz 2020-09-18 15:35:34 -07:00
Arvind Iyengar 700975ee95 Create kube-dns service monitor in kube-system 
This is required since, by default, we ignoreNamespaceSelectors.
 2020-09-18 15:35:21 -07:00