andata
/
rancher-partner-charts
mirror of https://git.rancher.io/partner-charts
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
rancher-partner-charts/charts/kubecost/cost-analyzer/templates/kubecost-cluster-controller...

302 lines
7.0 KiB
YAML
Raw Normal View History

Charts CI Added: aquarist-labs/s3gw: 0.7.0 yugabyte/yugaware: 2.14.4 Updated: bitnami/tomcat: 10.5.0 argo/argo-cd: 5.13.2 datadog/datadog: 3.2.0 jenkins/jenkins: 4.2.12 kubecost/cost-analyzer: 1.98.0 bitnami/postgresql: 12.1.0 bitnami/wordpress: 15.2.11 yugabyte/yugabyte: 2.14.4
2022-11-03 19:29:11 +00:00
{{- if .Values.clusterController }}
{{- if .Values.clusterController.enabled }}
apiVersion: v1
kind: ServiceAccount
metadata:
name: {{ template "kubecost.clusterControllerName" . }}
labels:
{{ include "cost-analyzer.commonLabels" . | nindent 4 }}
---
#
# NOTE:
# The following ClusterRole permissions are only created and assigned for the
# cluster controller feature. They will not be added to any clusters by default.
#
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: {{ template "kubecost.clusterControllerName" . }}
labels:
{{ include "cost-analyzer.commonLabels" . | nindent 4 }}
rules:
- apiGroups:
- kubecost.com
resources:
- turndownschedules
- turndownschedules/status
verbs:
- get
- list
- watch
- create
- patch
- update
- delete
- apiGroups:
- ""
- events.k8s.io
resources:
- events
verbs:
- create
- patch
- update
- apiGroups:
- ''
resources:
- deployments
- nodes
- pods
- resourcequotas
- replicationcontrollers
- limitranges
- pods/eviction
verbs:
- get
- list
- watch
- create
- patch
- update
- delete
- apiGroups:
- ''
resources:
- configmaps
- namespaces
- persistentvolumeclaims
- persistentvolumes
- endpoints
- events
- services
verbs:
- get
- list
- watch
- apiGroups:
- extensions
resources:
- daemonsets
- deployments
- replicasets
verbs:
- get
- list
- watch
- create
- patch
- update
- delete
- apiGroups:
- apps
resources:
- statefulsets
- deployments
- daemonsets
- replicasets
verbs:
- get
- list
- watch
- create
- patch
- update
- delete
- apiGroups:
- batch
resources:
- cronjobs
- jobs
verbs:
- get
- list
- watch
- create
- patch
- update
- delete
- apiGroups:
- autoscaling
resources:
- horizontalpodautoscalers
verbs:
- get
- list
- watch
- apiGroups:
- policy
resources:
- poddisruptionbudgets
verbs:
- get
- list
- watch
- apiGroups:
- storage.k8s.io
resources:
- storageclasses
verbs:
- get
- list
- watch
- apiGroups:
- events.k8s.io
resources:
- events
verbs:
- get
- list
- watch
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: {{ template "kubecost.clusterControllerName" . }}
labels:
{{ include "cost-analyzer.commonLabels" . | nindent 4 }}
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: {{ template "kubecost.clusterControllerName" . }}
subjects:
- kind: ServiceAccount
name: {{ template "kubecost.clusterControllerName" . }}
namespace: {{ .Release.Namespace }}
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ template "kubecost.clusterControllerName" . }}
labels:
{{ include "cost-analyzer.commonLabels" . | nindent 4 }}
spec:
strategy:
rollingUpdate:
maxSurge: 1
maxUnavailable: 1
type: RollingUpdate
selector:
matchLabels:
app: {{ template "kubecost.clusterControllerName" . }}
template:
metadata:
labels:
app: {{ template "kubecost.clusterControllerName" . }}
spec:
containers:
- name: {{ template "kubecost.clusterControllerName" . }}
image: {{ .Values.clusterController.image }}
imagePullPolicy: {{ .Values.clusterController.imagePullPolicy }}
volumeMounts:
- name: cluster-controller-keys
mountPath: /var/keys
env:
- name: POD_NAME
valueFrom:
fieldRef:
fieldPath: metadata.name
- name: POD_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
- name: NODE_NAME
valueFrom:
fieldRef:
fieldPath: spec.nodeName
- name: CLUSTER_ID
value: {{ .Values.prometheus.server.global.external_labels.cluster_id }}
- name: TURNDOWN_NAMESPACE
value: {{ .Release.Namespace }}
- name: TURNDOWN_DEPLOYMENT
value: {{ template "kubecost.clusterControllerName" . }}
{{- if .Values.kubecostProductConfigs.gcpSecretName }}
- name: GOOGLE_APPLICATION_CREDENTIALS
value: /var/keys/service-key.json
{{- end }}
ports:
- name: http-server
containerPort: 9731
hostPort: 9731
serviceAccount: {{ template "kubecost.clusterControllerName" . }}
serviceAccountName: {{ template "kubecost.clusterControllerName" . }}
volumes:
- name: cluster-controller-keys
secret:
secretName: {{ .Values.clusterController.secretName | default "cluster-controller-service-key" }}
# The secret is optional because not all of cluster controller's
# functionality requires this secret. Cluster controller will
# partially or fully initialize based on the presence of these keys
# and their validity.
optional: true
---
apiVersion: v1
kind: Service
metadata:
name: {{ template "kubecost.clusterControllerName" . }}-service
labels:
{{ include "cost-analyzer.commonLabels" . | nindent 4 }}
spec:
type: ClusterIP
ports:
- name: http
protocol: TCP
port: 9731
targetPort: 9731
selector:
app: {{ template "kubecost.clusterControllerName" . }}
---
# TurndownSchedule Custom Resource Definition for persistence
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
name: turndownschedules.kubecost.com
labels:
{{ include "cost-analyzer.commonLabels" . | nindent 4 }}
spec:
group: kubecost.com
names:
kind: TurndownSchedule
singular: turndownschedule
plural: turndownschedules
shortNames:
- td
- tds
scope: Cluster
versions:
- name: v1alpha1
served: true
storage: true
subresources:
status: {}
schema:
openAPIV3Schema:
type: object
properties:
spec:
type: object
properties:
start:
type: string
format: date-time
end:
type: string
format: date-time
repeat:
type: string
enum: [none, daily, weekly]
additionalPrinterColumns:
- name: State
type: string
description: The state of the turndownschedule
jsonPath: .status.state
- name: Next Turndown
type: string
description: The next turndown date-time
jsonPath: .status.nextScaleDownTime
- name: Next Turn Up
type: string
description: The next turn up date-time
jsonPath: .status.nextScaleUpTime
{{- end }}
{{- end }}