From c8bc9c3fa61819cefa58a92b1d7ce7e7491c2695 Mon Sep 17 00:00:00 2001 From: Samuel Attwood Date: Tue, 11 Jan 2022 00:32:59 -0500 Subject: [PATCH 1/3] Adding assets --- .../k8s-triliovault-operator-2.6.500.tgz | Bin 0 -> 13238 bytes 1 file changed, 0 insertions(+), 0 deletions(-) create mode 100644 assets/k8s-triliovault-operator/k8s-triliovault-operator-2.6.500.tgz diff --git a/assets/k8s-triliovault-operator/k8s-triliovault-operator-2.6.500.tgz b/assets/k8s-triliovault-operator/k8s-triliovault-operator-2.6.500.tgz new file mode 100644 index 0000000000000000000000000000000000000000..436edad22af57b675a6feef8b9042144226acf37 GIT binary patch literal 13238 zcmX|o18^qI_jQbot&MGOY$qGrwv&zRC$?>4V`F36wv&yXIM27gxBm4_)tp;>XS$}Q zdv5i)r|%F)!(oE`?*P$)(Hl#vu$W5A|M=;}!)d~M6-jZF`40Gq+a#EX^Wo8g* zrU>E2_pYlvzmOSFoYVJ}Dx{d>+H*z5;#k2lAf<&7u{;5XJR(G>m{1A*JP;;9QTe)H z-y;g+^*OEfAZ8P~T>Or-5a<#O;Lz^Jow!F$(BuizVZ^p0RB84a8s*kfD@KTScX#pIM(}SWKxz^*C+yeWLor8ikW_FubYLF#gFk;O zep%!qphG%n$4M=%!spo)WGE^m`XK@(3<=s5z$M0h1?>z}oPrdU^8_YY zFGKm*IY#vwmZ1=pj;8df@X!$VZZoFrJ;430$b38kZjJcywKRTm0tK>|XnLAh2Sg_@ z!bK;37oaOyQ%+VD^&gz3{``aPBnS>UOa_xindTuxD%37Xnj1LK-?(Q-rK=+o80vk- z{h<5fPB#?qUV%J({9{C)g!!H|Gk+Fdo+!UZ%%P+t@=bEELqyO8+Pn<_&F>E$hy+2i zHN4)HKssYOkcCaKMY^6VPEnO;enX~-KrzS(ep>QZwtiY>zY+=w^44j$(FyESx)+6f zx35UhT@%CUYIhK;EwsM(Xv|z%j}BQ-i$thFpO~D?j`r_sKZH>vZeA^w5sY6P0~l(M zDsgGw?c4<{12JOgY%X7O67hIFyP`hTlB#DBbVe2$7n-GCc;HF1@Ado*v-omM0QU&Sj!i zqqe&XFXo8GbCRB-r%Fd9+yGY^A8-PY@Au@u*VPywoqIn2#2S>lD(2xmWO^*ra6Z5u zd?`&AG==l72lOQ&O=RxVGbtr_8HOvN5%PqQ=9my8d{@mIwZdI2K#F5#VnD!PD!AS4 z^=FlV8<7kAqvqJ@Yz?5=8;WmN!l$Hi?a))8$=vSxO z5Ka1;@ZcF|jj9q1nA;tanCe(!dY1Gv z!WC1X_VFN14*OYQVT3P5^Y0Qtl{!da%L|#-AYzxY0@H0KmRYcL6AWkJbU>vd8d?Tk z2Hp-S=_+nUf~OHU&)!)6Is#NF%d9i=Xrn`AqJuC)0nKtC2O@Z;@J`%O1cqF#H*K5# zKBO*QC4VT>+s&uXo}TUEaz{*la6IvVz!1b5FsAWVPnMry9;Co_gaua#Ye$S2Gu{OQ z>HERmP@_2{k!h@E%R$IG1x|&|MfN@hjcEm2V+Exr9XN@KX=RUmU)|5hXJHwpjk-2MALS0}3p(gK8(tfZ?D>;f+A7t{&na|CHj+qr*ITcOQf(8y9 z@?oMjQ4r5_Vq`YDfR0s-E=tAumq_8Wz$2+M+GGN1&H^O_^=edOIovSCfpwO4KP5!4 zO;)N}5zXlnf=s1euakA4FedL_8iYsC7GGsTg-%ttcWh*VMi7bZs>1P-n>L?`m!;-F zB#tt&=9tp-L{MEcx8fV z;q3*8GJ=&(GxsxqN#uW@>^_ad_c3oGbkz6nN)XtO1_~`wSf*Rxh4@MZuMh=jO(#0= z@!I4WQnI%35d+0cvkf6j6L?uD_7BE)Z317AHi`is3!i56Hi>L(J5U@l(a0;Y@%EgxUREqRc?jp zt`Z2W;`U|LQ}X7@2uvW|jH$=Eq_8lXckG`ha43^AVsROnu__SZvSvj8cF$8)&A>X# zRcKSK7-`wrQ1&`jzamqtr5Nyu_`yI~ydV%;R*Z#0zL&ys#J3)#a&Q4W81XC))MCM( z##yg#)=I%T!a2@^V2?syThUvfAv3o+g|>%@wP)FY(M{@>>!tG`;&nQ~f#l`#aC_KxG*bXv0JJA&c*;4x3*z-$1k`n) z563q6S*~wH#+$XA8#|@9RQB5i~I&ti-YUXQO`>SmZw8M}mDDYo)Vtd*BTb$ptY2rFD-VrCmOwe!nI zqamSGrZS1ERR`(`+mGPHfktS~1N(Vz7_eOPcHz50K>}LjckUJaEZtMa$x+oJHE^`P zEB(4Q(hAMbh*Uip61{y8eG+q;^DHWwDj~;OeI&6xRm^6@NBzz$5==4N5IHb3mj!BK z|F{oV92_yM)>#9_@BZ(0c8fsf6?-VHm~nT2iVl;qgVqVA~sOODI*B1}urAf^+vSRP*KCtcf!IQ*?;HPB&tGC4KUr5wP zNfw#LOGtqa6v0H(T&drHKnMfDm`Z3|R~pkFb9mf5FpB_B!6Yb5w$342zq+on<_c)b&=F%zfR2$jGiO2N!hqc~he4}2Q@rRI& z7#L!pi{l>@gjkS0K)`<`${ZSNTYd^iLpK+Zmv8yXZFhb|b{$xiX(o(K>l9tF zZZ4HEURAED)8rdq%wC_-%CpFuS-gwXbh6a3-|NcPt$iCz!G7zj_UOZX;`8x$vt9t9 zxFfuSx(+`Dzuv8*>^FH7>9R#vgA%or!UI-U&bHBJy;P?i&N!cxD+yY{R5h#1W=7+I z@6VSECx=qHqlWCd=((x8q~XSAMw6ZW(Vm0B%V>)=xx_8 zB_yk(MTp&X2kVRKI}(1TTeQSNIt=%2dud2UfB-X&Z(jI4PfuKi*;Zo|R$VVPk!u|P zmTd9+ws@~Mu`p+~7D%y}9e8myy^_M3s&F?r(GO7>sTTOD$+>ym_3>Gn$3`KyP}zI- z8nOA%v{Vwa9F{pZYjG%MLBjx+9AgN-4?dH150$;rzIk+WStD9IK z5NI)F+6{EeNt+_2(%c3f$ObV{Oy^QnPudf}Wm~{L6(zF1#84pEDar2EJ@j`3U$o(1 zY^Mh4rG3%i&gzZcC5%_Hih%2k*jAw1^!Q%YZ4~fzs~Wg3i}00CH$spH zQ+o>PD!%hndjws@p?H6RFexWNrEV#WZ;NIdTo!k)Ei1f9b^W{4MvEuHS0Z_VBImDB zLgi5FdOAbK(G%o>Cns>VaZVj&z47B8r)txd>(sx~zV~}@p=B4tuL-=wKd#S0F_8kF z;8j1vvmaXC9H$?s zwMUP?zx3t;`uh!StKcpmNisYEa84^DlP))GV>B}_@^~9hTca@GAAQSinp}gMaBv8{1DK1Vin z*+e|+=ui)u2e^kzq(blt`g!@gx_({UPfzAM#ycJpXORh-6Pm3EcZVgFsEpeeaTGkh zy&QZzq9w>a2k;i8{@g7tl<>rv^6eIfa`qoSYj$dPCl!AoN0-1R6#bnMxDO#>$l%Z1 zTk`W~|NNPip69?ebkZm29Qb3_e2I$sQ85uklWVMW=n%t+dtwT6@>tSUt6Po1^Vkz0}6$OrZ?|T#-XI?<6pssXaOzm zJKZUSIKv^c(?I~2CABQl{f8v?rgm1@;km@r&0>xIKV}|Q{Sd9f#%H3VjEH8>B04@+ zr&$;x6-j%;Tao0g;&v4|$z}#@dY#np?3X`c?Q39_>_q}y=!-VIac^636IzhC^wpd` zbgJmNVyKKfIKF+Gg~Y7TGlo6fPH$%+>5~9x3gc@+;K!qLCq3jWt?_o$SkRW#0p+dJ znrH2{e0kIsboG0dpUyN^2XWO<98gO&CWhDVrq{DqEmu|Y>tQP6w@M=VeQb|+r*&jl z-;b}}^9_2u?@msx-k!W-S-1R-E#1(siZ)h=7jRb@eg^r5?qI5ymCw&tGlZ6}YV2a8hMAus(6{29`OMM??6|5g<(0ix?xK1sxsQBO zOHor~bnxY;moqBK@F);-l{eM1c;eLZ)p^J|Y8h*MghT&fC|6z(&7<>{fFoRh`-1jT8!m)Zq0;a)uClx?^f@(-`wiQxTJI_(okp}dTT88|p%z1PjWqmYn zS|Ix>ujqA)gRlXBwg|7W4+Gqv-ADaCW>r)4J`|@5<2jhlN=YLOIXI8l()q<%tcqLy zTB3mLTFZWX^I_Rj%PCcW&X@mrUnEdLot8FB(I8DthKOrB}`l_GI2*b%nvs(1E zIkIFB*Tfu5L0Id2K3dmEOajE%NZnmBG5KW}JaKv=<>$4rAo`Ww zNzq9IE`J~35unEp`rYNRHVG=H***qchGG-RL0X+cz9(0M+Y^QbsOa~{AT{bwBw&8Q zhq|)~v3Elc`G#_O-Xij&d`oM!Nl>K26^ zaU{Cwi}wi%ba8jZ`u(QdY_Wy42jAn3t`Th6q^B@6vL*$kR?i&)y<+}}UOlI_uZBS6 zw}*U1mChUfw!?Gt^`#UFhOI5U{8Lvv?+R7PafK&I%h)eF9r4cEzQjCKMNMssOS|y? z@7k21B{qKLU+FU6U%-E&Jfk@;ejIt0Rd0+(gw?E)q)%)yQTH9~%0O=#(@uOf2B<0id`OI+)kL%*xRAo8Ei2Lw{yeo;wJNhXW=JA?S33Ump<&8de_~(a_CKUsw@}Z=D7rdhpg)~g4qzN_0Vpd6 zeIq@eAdXT6P=FPz@WdL|6y$PwkT)i=n8u#JiVlrihaQ9I?4@P+*7l{ss1}R82_B&@Wn~N)$%}fB2ngfmo zyk5~EFaobFhX-5isa|r|rL3>1@QusAAp_-D=uWYhVh}T-gU2u2Z>ZMsyFancF1MLU;( zY-V24T)*(j%8h$x=_yoVLfIqI5bYo0xoFna*F{h7Sibfol@Hn;El`@!_g50rmgCU~ zFX4<`XT0M*y3J+6G_tUB&G4l?UEy(42P-o#r2mBN;uI0()h(?QkBAkSw<~r>+^`s@H+RgMQnI$Rn zx8|yGlRI3kl9Sn`1s8NHMBzqPhVzeY2V+=h+c~%WTwYi6gJw==!Guja995ELyu99Q z(|JE&8Z2y3vw!_2JR4ms{~)JBd3KPzuLS9K6W8u6gH92Cg28k|f=G|yQRSY*#29j4 zR@E2q4y-lTUw9{U)rJdP_wujIP1`%tu`bR`oJ0>vQ8~Zj-6Q5uSp|$P$ZYG^FvU+8 zhRtBSy1&0koY=U~7`_PhoMLb`bkMY@pg43AG{*VP*e1Cdn~_vbRYa;vFx;YJ=#>0j z7$U?F!=RH1Xhe1R=RtnRQ#G*n`K-xO1)yi3C<*GW8OlS*Wo93;H^HZ!X?`DpD=8u9{od9&D+He9oUy z5}EB(m}!P=&(lcf*HN#@_U;OBZ!kl$5K*G)=r!bzODH>YeL;uqJkLc8Nra2=`v4LD z$=>zMe+1`kUpId3Ha=FjwbdKaSw3#cOrX?uSw-pXk6sPu1+{0v_%#aO5TYW`Jo-&7 z9qtjanhE|zL;ws-CC+&?R>mI-rH?Yt3a^s2R0e>7IXJ{S2K3G={Q5@$Z0M)t@l0`O~AOC@~BD~;gaD9LO(aHOWaP7f^ z>_s5L*0Q35(weyQJ>vZ)==ozTFS2X!wM^+y!k*aI$H|lX9oTWY?%E5Q`J~WWg~#p@%f@TZ?w;mRK9L(az51-PBu zpGRjre?fu05EMdv3e@)X^>K9zbkO1Pfb~24?e=CXrSd@09CmCJ7$b3NxQ#&pf`R$G z&pbd{etgW~-A=;u;mZRhXP@)r7~Fx+&qwuxjz|ina9hRJJe^PEPJ7?4f|Jm=@zqg; zDIxBPZUXxU#_))V9KwaG)Z1v)$yr=Dmfeej2KP3@B~;etD@68mPhTHq;I5#%x|Szt z)p4;C==X~_!2D|4V9RteB=`*!VuO#44qhZDBJvHkX?Tn$?#|DjGQFLjs&oQ}Y{>%~ zL118PqeuEh;Wm_vt6Pc2-*?kk+M)2NGLq`%ObU?|o}j%h7j$-W+L&td1t5hmOkrtk z>7oLVrm16`b8fk7_!Xvy1Tk6_U{b7a8 zBu^Bl7a?HZ!gpz@bQ*L_UYw9AsZ<_vwN_x)jZvx3-U}Z0^-ufPr#}Q{J_KaHh%CQ| zcwjU8p4kI#&A)d3xnYQFP~2O6Jtz8VQOeRgeG@=69Ex6#ee#>dcAKGsNJJ~J4NIz; zJMPQ7D66d$sk5uV8%sN%54_DUhKKDDkmflk%-D(@st3%k5v85=>)FU2^la3<`yP;A z#9w_^qrD*@ccS)IGt@#lQ&$Ytg&o7xuHvKFC|5SUXWZWI`E^W*ou!ZuwT znC!ZEY4NHzj6Z<0u~gX+_)T6woV`s48sX^bJe$tT;w_ER49SE{VRZONW~z&ra8mZy ztW3*&WrP+vb<50xKaSem#m$%_4AD*0tHA8jHle zA#rk7Bo?!3d?){5pTcyz@sMlbf*2%TvKP>~Z~OgLo9?)8l3$Qv`@>Te-Q0ixQ;#0B ztY1I;p&0T0?)R~pj5*nAPago!AbAT#cER2M_PINOMeK8+m?)c~#}7Lw3`ia<=0vwK5B-s=i@5f{K$;IBD{S%ylr>-?qNTAmn>K%EIF5 zznzt>cUdvuUf7Kx_Ktr)I}ZlMAPCCpCK(Cxb$@+zm!yu@94 z7GA=Ygtp3w>UQ+6f>a!rprtS40~d{C$=s$KN-Su1qEV4M zc+2IWZ^B+2NDX`Az3iw<;M7t3a$VxtDtVAI@Z3S*_lhJ^@q*wkB^`{gt=pKGj#e`o zE5&JEi9PV`X1yz`xAK6kt%F2&mgFPG0vera?S1t0`zHk18>Wgs)Aje z@U6me#dfSI;Ph zO<8(p)8J93lwqnh11z=dsg?tmqVdUhH^CRB!5EgJJaAH6pbGNfmJiTXht1WO1k5>E zQsr&j|D`rOHs4hOGeQDg663s(q{&as79&XoHAQgsz=)t5JA6V<5e7WK+!KnWp+r39 zS#t1G!AJ+xx8g+jE?sqM;P$k6MWdWzlS$*^Fk zefagk8J5lshmRMv7>)?c&TE#3=>PEw5jI#z0YHdW-9&f;5jv;N1ptOFDxO~tN^b)9 zpm1qm%$ITVIDl%e^~Ienmy-m?vlnoRm&MY;f1JYXq1_-Xa%=-T9OnHK?3?IsSyD?{ z5fbcXT<`*T8F<*b_Xx;wsoyLd-z1IX&}gv@U0cTN@EtTgMAJ;oS2)OF;N&+nVwXfy zCqibe>Az=nSn4Sj0RYh#msq0)s#?A?if%Tr!ZVf8rA2e$D!;~)^NH@?jIDNgl#+W} z#57BtX}sinC$%*eA*d4gg+*VoviIi841#~q7onfanqlF!1jDgC(BsutGmjrhf_A`B zD@p>RD6#BAtCBiHD5c%XrYclDtV)IPu6wb%nNkWS39FPGCML2>3M>?iv!L)tOqcL0 zBA+B=M;$)Z!zOe!la2z$AurF6|9tPCB3Oo*q^28d`zvi=yyV^4O5l#@%oeyo37Du!Yi^s{?rRhRW(6Vh#1iO;1g^DeH$qHK zTpY?T0D2C+Yy8}(hc7N{r?199=6dP!z{Y;>2AWb8qg>V65+44y^>4XtJ$1E|$BRyf za_D9(QHf}}dq18x??ZFKaSc8u;rvJz0%GrSR;e&=L&aNSLc_d?#18x4sZMfY7mKfS zd?;^Y^vHia^N}Ek}$_vr6z9#bCg zZZq9JQ+X58(Eb~L)qmq}9^p+mmSO;V;Z|S(TUGsPekNQC-UhzTuLbNJY#it^2+ zOYkNjq=&E6bgdHaiqf}vUkWR-!J?OHfieRsa3eMo`@()Gz;7tezq!oQ<#S>o44FMK z_UfbQZ|BR>5+8o4$p+AsZday2*DM`H+AB8!^awqGJ885oM)+WH7B-OHr zt>Ru!Ke`u9EsbAl%a$GQ7c9P>!qq`g%lqqPZLQ>=7*`9XPnNc!GY)>(nVOAFImiOb zbX0K=dRqR3Y1d8-9hJ)jF@Kt8Din*Ku##m`DOPT_*bp65#f7D-aa)0!KI5-V-I=M^ zklR!qZC$Y?I*puIyj{+h`v$}mv>XZ2C30zY8U-Y--`yV8B7gefDAgv(_uP(J5}k!$D8O*eQh zA$LJC2JA17qrjV)?+qfesbs$rJLt;)uC*a_-qnrYd2J?<0Q6UGeL&& zu;N^!y)Rusg*`PZc-~v_R4N)&KB(^(?jdM4d@-kU;#zhm_pq3}7+0S|vF5cdmAeIE zyLxi&5#7R8u?)xbrVYu{d27yYR$`Czp;ZpOj#McovUM6)zw9=b>|h>NA57SYMnbYL z23Bo4l&P;-RMnu@YD>Le*q@2Vi!i=>ik?1pFGb?IT#wr;0nKK3P1p2zg{Xzyen{{ubm zCcV@hhTG};|DgTR!pkx3*}|*$(c)E1U6HYB2I#rc&RIyxo6Cy1X79*tVej#&+2g!3 zgF8#`7iq+cK0$ks59cf);{*?*FBi{%gC!TXVGzUCAIZBmatFd4_Ix?9&uxG8PtJw! z{7g4ZsA0z6`p58G3X>^FUFW|d`by$DG^((1u3&(EcL+)(86_NqwxG;OlmrA0X|k0h zlA09mjl1dhu+C3z37m(c8QC##_U8!|6O(2gh}0OZawe`x*=*aY+X)M~)9O#uA%0== zG%na^TGk-pdztTQ<{EnRV{~b7)B=0JV|AD zHFKLu1v$4uY^NgGW+jZTv_!9f`mhaA5v7on3b-OcJ1=?GiptFuj2&9ZN7e%|zR_?& z>%63h4bO{)^QE1GoexCECn}WyfX85N$Ao=>#<=&wy^OA~VnAA(#pWr3;8Hb>brVuf zxnSYDaP|+BKI27`rjh2>0ZFq#?d=)D`kfM)R(;<7n)QP7_`250SM%@s*WI~|uNtzW zuihz)DN<{KUd^@1E1Oi_d?hV?9mi=hwzr=r6S}Zf4*D&wM+b-EjP6ld9PSq6bFK4H z=k8Jn{F@SVC&j1)13x5b>l_`McR%Q&m1<%I?V$9ra<%Zh*5H0Ku{noS4DRej%Q^n# zOxfA9W$GDNCGhg^tiuRd;8DbmiLlV2gL8y=9XSwv_M4?atnty%WvqeXaE> z{MQ2s$8ZZ)TZwK>1~#j`?VU}mkq~EIEhTgtLb?skAdtjai4h$cJ%~$@H>30=YAOV) zeUNgP2#(xXrOItgPz(G{F(;XY3#l{`-Zt>$BSRk@W2HaEq+IdmT0%yH&C1(V=ra4V zCG}MkhQpltoF%p0`Ox_yNyb9C$k`%EGweTGaci6pQ>Yj+S1w}3;D`S&lNN;;_y_-- z^5;z$z;*cdt584pKmSGU&-4F)Shj7*gr1>RNfNv|N5` zk)rN=dF|Pv#-la;#sAuc-ubO2wf|aQ9M<%2{9%51e*_hc9sfST7^!jSOAm~sOxB=uYDTMv+xOj)Lgk?*VGNPeN8m!Lk=J{^XX z5&*!EweTcj)gqEkBgji$i0==sVleNm=dD{ty-xT$v4}+#o9;<{A%OO;7G@#t%7;T= z$$OQI^4R%fn)xjmvDcxF*u!erbcmitoz7kYvlF9+;r8mEdWS0l;jGI8wT8Zq)y^DDLHD{_05^AoQ#ZYL}SUTr^Y{ON5<&3^gt zVkpZwI=`?fW2%(XC|l%N*X>;|;8&9GLnM1|+>j-1qz{Mv{FC8a^R<~AAita#h}r1@ zP=i}F3Fuu-6-o?epBD5gw>9!n>Icb`<8b#Eh3>XJkqI|?bJF`5bA?B3%F`*sg$c*} z><6vC-S+u6w1I4GFZ0RYHv>N1F8c_dM!7aYEuW-ccdOUewY34gp09`3%j@Rit|fVOtzBdQ+V!aWWOXr&Nv~c zUVlM)&Lb0L=5obvb~w&VskesbDSU>G!eFb;Yo;L(E;ualtyjU$;)E&|oke3rwxtj4tRFx|~=e zSrE*XQO5c6@LK;B5oa7+81X(*RulL?Z451Pup=* zUF59@QrGH_)|3j{XQZg=LQ}zOQ>?UZK+6`GB3lK9VO}nfgpm~H(NQyD_lvRPz6Q%d zkJiAaChJnGNZpo*M2Gds=CbhdGJgr2r~_=IIFUuKt2CPbl~3Uu8@@KK$mF(*6e?;q z;`B`1QP7QA8~0yg#%j@|lO)dQM*gbHyoJ6GS;g|1;NcIDrNi#VqZJrhUyH?Aw8N-3 zQo>#pwcG`I{1w*UkX9UWwSVorOKtk zBpGTHBGUPp2s4%*8$6#>^<=xpNT;v=iR=*=d6(fE}y4A#{-0#}&DBNXUA zN3%h|kqUi`Wtl`kG8%F&W)P$Y3AX=0aKuJIA>sg5SY`^2-q5Bcls){`$o--IrvxfC z##4Fm#ahEQ9Cbsdj#*C7y48T|T*k5IYo8%%$NSp4w#~rjvSpvL&|n%owH2Wv?Z&m) zCDWQ2=hp1c#m(Hr3hbAB{}xJV?+Uke*i3VfFaM~jVX2G}nhfL*_l4>~wZG>OOv=mK zc2sc?7$}!U2@rH(E`(F_(|Tr%VO|Q1GQ+P~ybB2h6mjg*@MYpi=cUi-Gs-^a+lxBP zJ^#$#BvK|Cv2@PF(H2oEkTaRx0%o>4S_(aWkWU5q3=;Z1-sDJ|GqnSR*~VWbfV6eE zm@EgNiyXPGPe@RkxN0I{1A8aEky}{AZ>VZZ*Ve_Z-bLL&P!o^-+CD{$-I*{J2!{$v~qS8<$H=v%aRJ#~Z z#Uq+YP=|9KB(vRj6*SIJnOzK-`iagl6RR!g;9-?Y<(z~ocVjB{u{zC?BYS3tU|h`wo8718{;Cb` z4Vim-O#ZV1z3$cXnq*!8D1gJpSj&k4mScmjT)99;+L=I6LtP5x7s(1oim?{!I~J%{ z?m9u|h-tOMB0cs9(~;ttdSRUBh21wX6T`-UHb{l>y{`L}5EEx2t;1_$jv;s0ms)#i zx=Mx#iRuLGaw%sMPa&^H3)Z(U>ZzD8u=;RMoxP+jD-vy*Iw){2bdc37r~N0v_-VviqLQG91$`{HDv+R2x7Cm( z{PbTP{L~?%0b4SIL9sn%pMLJ&S6c)9yHyWh3#U|bU_JOTw zuRl^f76P%J`aNE}7o}XVij|(Af>tN0izH*LwGWlNtpT#s}1Mw;E-)7f-Buw^r>KkQ0l<`3J7m*SOAP zWGZ&db$ax$N+Wr}#MaeN1VYWuh414W4TMl-+(?v~oios?P;D}huMpX2fZ fH+)-2?|m#~HdJ{H0RQ)k4# Date: Tue, 11 Jan 2022 00:33:11 -0500 Subject: [PATCH 2/3] Adding charts --- .../2.6.500/.helmignore | 23 + .../2.6.500/Chart.yaml | 18 + .../k8s-triliovault-operator/2.6.500/LICENSE | 1 + .../2.6.500/README.md | 124 ++ .../2.6.500/app-readme.md | 37 + ...iovault.trilio.io_triliovaultmanagers.yaml | 1183 +++++++++++++++++ .../2.6.500/templates/NOTES.txt | 41 + .../2.6.500/templates/TVMCustomResource.yaml | 41 + .../2.6.500/templates/_helpers.tpl | 66 + .../2.6.500/templates/clusterrole.yaml | 125 ++ .../templates/clusterrole_binding.yaml | 17 + .../2.6.500/templates/deployment.yaml | 202 +++ .../2.6.500/templates/mutating-webhook.yaml | 31 + .../templates/ns-validating-webhook.yaml | 37 + .../2.6.500/templates/proxyConfig.yaml | 21 + .../2.6.500/templates/secret.yaml | 11 + .../2.6.500/templates/serviceAccount.yaml | 10 + .../2.6.500/templates/validating-webhook.yaml | 31 + .../2.6.500/templates/webhook-service.yaml | 19 + .../2.6.500/values.yaml | 76 ++ 20 files changed, 2114 insertions(+) create mode 100644 charts/k8s-triliovault-operator/k8s-triliovault-operator/2.6.500/.helmignore create mode 100644 charts/k8s-triliovault-operator/k8s-triliovault-operator/2.6.500/Chart.yaml create mode 100644 charts/k8s-triliovault-operator/k8s-triliovault-operator/2.6.500/LICENSE create mode 100644 charts/k8s-triliovault-operator/k8s-triliovault-operator/2.6.500/README.md create mode 100644 charts/k8s-triliovault-operator/k8s-triliovault-operator/2.6.500/app-readme.md create mode 100644 charts/k8s-triliovault-operator/k8s-triliovault-operator/2.6.500/crds/triliovault.trilio.io_triliovaultmanagers.yaml create mode 100644 charts/k8s-triliovault-operator/k8s-triliovault-operator/2.6.500/templates/NOTES.txt create mode 100644 charts/k8s-triliovault-operator/k8s-triliovault-operator/2.6.500/templates/TVMCustomResource.yaml create mode 100644 charts/k8s-triliovault-operator/k8s-triliovault-operator/2.6.500/templates/_helpers.tpl create mode 100644 charts/k8s-triliovault-operator/k8s-triliovault-operator/2.6.500/templates/clusterrole.yaml create mode 100644 charts/k8s-triliovault-operator/k8s-triliovault-operator/2.6.500/templates/clusterrole_binding.yaml create mode 100644 charts/k8s-triliovault-operator/k8s-triliovault-operator/2.6.500/templates/deployment.yaml create mode 100644 charts/k8s-triliovault-operator/k8s-triliovault-operator/2.6.500/templates/mutating-webhook.yaml create mode 100644 charts/k8s-triliovault-operator/k8s-triliovault-operator/2.6.500/templates/ns-validating-webhook.yaml create mode 100644 charts/k8s-triliovault-operator/k8s-triliovault-operator/2.6.500/templates/proxyConfig.yaml create mode 100644 charts/k8s-triliovault-operator/k8s-triliovault-operator/2.6.500/templates/secret.yaml create mode 100644 charts/k8s-triliovault-operator/k8s-triliovault-operator/2.6.500/templates/serviceAccount.yaml create mode 100644 charts/k8s-triliovault-operator/k8s-triliovault-operator/2.6.500/templates/validating-webhook.yaml create mode 100644 charts/k8s-triliovault-operator/k8s-triliovault-operator/2.6.500/templates/webhook-service.yaml create mode 100644 charts/k8s-triliovault-operator/k8s-triliovault-operator/2.6.500/values.yaml diff --git a/charts/k8s-triliovault-operator/k8s-triliovault-operator/2.6.500/.helmignore b/charts/k8s-triliovault-operator/k8s-triliovault-operator/2.6.500/.helmignore new file mode 100644 index 000000000..be86b789d --- /dev/null +++ b/charts/k8s-triliovault-operator/k8s-triliovault-operator/2.6.500/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj +# Helm files +OWNERS diff --git a/charts/k8s-triliovault-operator/k8s-triliovault-operator/2.6.500/Chart.yaml b/charts/k8s-triliovault-operator/k8s-triliovault-operator/2.6.500/Chart.yaml new file mode 100644 index 000000000..a2a59249c --- /dev/null +++ b/charts/k8s-triliovault-operator/k8s-triliovault-operator/2.6.500/Chart.yaml @@ -0,0 +1,18 @@ +annotations: + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: TrilioVault for Kubernetes Operator + catalog.cattle.io/release-name: k8s-triliovault-operator +apiVersion: v1 +appVersion: 2.6.5 +description: K8s-TrilioVault-Operator is an operator designed to manage the K8s-TrilioVault + Application Lifecycle. +home: https://github.com/trilioData/k8s-triliovault-operator +icon: https://www.trilio.io/wp-content/uploads/2021/01/Trilio-2020-logo-RGB-gray-green.png +kubeVersion: '>=1.18.0-0' +maintainers: +- email: prafull.ladha@trilio.io + name: prafull11 +name: k8s-triliovault-operator +sources: +- https://github.com/trilioData/k8s-triliovault-operator +version: 2.6.500 diff --git a/charts/k8s-triliovault-operator/k8s-triliovault-operator/2.6.500/LICENSE b/charts/k8s-triliovault-operator/k8s-triliovault-operator/2.6.500/LICENSE new file mode 100644 index 000000000..76b559d3b --- /dev/null +++ b/charts/k8s-triliovault-operator/k8s-triliovault-operator/2.6.500/LICENSE @@ -0,0 +1 @@ +# Placeholder for the License if we decide to provide one diff --git a/charts/k8s-triliovault-operator/k8s-triliovault-operator/2.6.500/README.md b/charts/k8s-triliovault-operator/k8s-triliovault-operator/2.6.500/README.md new file mode 100644 index 000000000..469bfff1a --- /dev/null +++ b/charts/k8s-triliovault-operator/k8s-triliovault-operator/2.6.500/README.md @@ -0,0 +1,124 @@ +# K8s-TrilioVault-Operator +This operator is to manage the lifecycle of TrilioVault Backup/Recovery solution. This operator install, updates and manage the TrilioVault application. + +## Introduction + +## Prerequisites + +- Kubernetes 1.18+ +- Alpha feature gates should be enabled +- PV provisioner support +- CSI driver should be installed + +## Installation + +To install the operator on local setup just run the latest helm charts inside this repo + +```shell script +helm repo add trilio-vault-operator https://charts.k8strilio.net/trilio-stable/k8s-triliovault-operator +helm install tvm trilio-vault-operator/k8s-triliovault-operator +``` + +Now, create a TrilioVaultManager CR to install the TrilioVault for Kubernetes. You can provide the custom configurations for the TVK resources as follows: + +``` +apiVersion: triliovault.trilio.io/v1 +kind: TrilioVaultManager +metadata: + labels: + triliovault: k8s + name: tvk +spec: + trilioVaultAppVersion: latest + applicationScope: Cluster + # User can configure the ingress hosts, annotations and TLS secret through the ingressConfig section + ingressConfig: + host: "trilio.co.in" + tlsSecretName: "secret-name" + # TVK components configuration, currently supports control-plane, web, exporter, web-backend, ingress-controller, admission-webhook. + # User can configure resources for all componentes and can configure service type and host for the ingress-controller + componentConfiguration: + web-backend: + resources: + requests: + memory: "400Mi" + cpu: "200m" + limits: + memory: "2584Mi" + cpu: "1000m" + ingress-controller: + enabled: true + service: + type: LoadBalancer +``` + +### Apply the Custom Resource + +Apply `TVM.yaml`: + +```shell +kubectl create -f TVM.yaml +``` + +Check that the pods were created: + +``` +kubectl get pods +``` + +``` +NAME READY STATUS RESTARTS AGE +k8s-triliovault-admission-webhook-6ff5f98c8-qwmfc 1/1 Running 0 81s +k8s-triliovault-backend-6f66b6b8d5-gxtmz 1/1 Running 0 81s +k8s-triliovault-control-plane-6c464c5d78-ftk6g 1/1 Running 0 81s +k8s-triliovault-exporter-59566f97dd-gs4xc 1/1 Running 0 81s +k8s-triliovault-ingress-controller-84cf46848-tkcdz 1/1 Running 0 18s +k8s-triliovault-web-967c8475-m7pc6 1/1 Running 0 81s +tvm-k8s-triliovault-operator-66bd7d86d5-dvhzb 1/1 Running 0 6m48s +``` + +Check that ingress controller service is of type LoadBalancer: +``` +k8s-triliovault-admission-webhook ClusterIP 10.255.241.108 443/TCP 2m7s +k8s-triliovault-ingress-gateway LoadBalancer 10.255.254.153 34.75.176.146 80:30737/TCP,443:30769/TCP 2m7s +k8s-triliovault-web ClusterIP 10.255.245.52 80/TCP 2m7s +k8s-triliovault-web-backend ClusterIP 10.255.250.166 80/TCP 2m7s +kubernetes ClusterIP 10.255.240.1 443/TCP 6m9s +tvm-k8s-triliovault-operator-webhook-service ClusterIP 10.255.249.77 443/TCP 3m22s +``` + +Check that ingress resources has the host defined by the user: +``` +NAME CLASS HOSTS ADDRESS PORTS AGE +k8s-triliovault-ingress-master nginx trilio.co.in 80 98s +k8s-triliovault-ingress-minion nginx trilio.co.in 80 98s + +``` + +## Delete + +```shell +kubectl delete -f TVM.yaml +``` + +## Uninstall + +To uninstall/delete the operator helm chart : + +```bash +helm uninstall tvm +``` + +## TrilioVaultManager compatibility + +The following table captures the compatibility matrix of the TrilioVault Manager against TVK: + +| TVM Version | TVK 2.5.2 | TVK 2.5.1 | TVK 2.5.0 | TVK 2.1.0 | TVK 2.0.5 | TVK 2.0.4 | TVK 2.0.3 | TVK 2.0.2 | TVK 2.0.1 | +|-------------|-----------|-----------|-----------|-----------|-----------|-----------|-----------|-----------|-----------| +| 2.5.2 | yes | yes | yes | yes | yes | yes | yes | yes | yes | +| 2.5.0 | no | yes | yes | yes | yes | yes | yes | yes | yes | +| v2.1.0 | no | no | no | yes | yes | yes | yes | yes | yes | +| v2.0.5 | no | no | no | yes | yes | yes | yes | yes | yes | +| v2.0.2 | no | no | no | yes | yes | yes | yes | yes | yes | +| v2.0.1 | no | no | no | yes | yes | yes | yes | yes | yes | +| v2.0.0 | no | no | no | yes | yes | yes | yes | yes | yes | diff --git a/charts/k8s-triliovault-operator/k8s-triliovault-operator/2.6.500/app-readme.md b/charts/k8s-triliovault-operator/k8s-triliovault-operator/2.6.500/app-readme.md new file mode 100644 index 000000000..65a2b3495 --- /dev/null +++ b/charts/k8s-triliovault-operator/k8s-triliovault-operator/2.6.500/app-readme.md @@ -0,0 +1,37 @@ +# TrilioVault for Kubernetes + +[K8s-TrilioVault-Operator](https://trilio.io) is an operator designed to manage +the K8s-TrilioVault Application Lifecycle. + +This operator is to manage the lifecycle of TrilioVault Backup/Recovery solution. This operator install, updates and manage the TrilioVault application. + +Introduction: + +Prerequisites: + +Kubernetes 1.17+ +Alpha feature gates should be enabled +PV provisioner support +CSI driver should be installed + +Installation: + +To install the chart with the operator name trilio: + +helm install k8s-triliovault-operator triliovault-operator/k8s-triliovault-operator + +# For helm version 3 + +helm install triliovault-operator triliovault-operator/k8s-triliovault-operator + +The command deploys the Triliovault for Kubernetes Operator with the default configuration. + +Uninstall: + +To uninstall/delete the chart trilio : + +# For helm version 3 +helm uninstall k8s-triliovault-operator + +For more information around TVM manager installation, please follow below link: +https://docs.trilio.io/kubernetes/use-triliovault/installing-triliovault diff --git a/charts/k8s-triliovault-operator/k8s-triliovault-operator/2.6.500/crds/triliovault.trilio.io_triliovaultmanagers.yaml b/charts/k8s-triliovault-operator/k8s-triliovault-operator/2.6.500/crds/triliovault.trilio.io_triliovaultmanagers.yaml new file mode 100644 index 000000000..22e62d8ef --- /dev/null +++ b/charts/k8s-triliovault-operator/k8s-triliovault-operator/2.6.500/crds/triliovault.trilio.io_triliovaultmanagers.yaml @@ -0,0 +1,1183 @@ + +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.7.0 + creationTimestamp: null + name: triliovaultmanagers.triliovault.trilio.io +spec: + group: triliovault.trilio.io + names: + kind: TrilioVaultManager + listKind: TrilioVaultManagerList + plural: triliovaultmanagers + shortNames: + - tvm + singular: triliovaultmanager + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .spec.trilioVaultAppVersion + name: TrilioVault-Version + type: string + - jsonPath: .spec.applicationScope + name: Scope + type: string + - jsonPath: .status.conditions.type + name: Status + type: string + - jsonPath: .spec.restoreNamespaces + name: Restore-Namespaces + type: string + name: v1 + schema: + openAPIV3Schema: + description: TrilioVaultManager is the Schema for the triliovaultmanagers + API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: TrilioVaultManagerSpec defines the desired state of TrilioVaultManager + properties: + affinity: + description: The scheduling constraints on application pods. + properties: + nodeAffinity: + description: Describes node affinity scheduling rules for the + pod. + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to + nodes that satisfy the affinity expressions specified by + this field, but it may choose a node that violates one or + more of the expressions. The node that is most preferred + is the one with the greatest sum of weights, i.e. for each + node that meets all of the scheduling requirements (resource + request, requiredDuringScheduling affinity expressions, + etc.), compute a sum by iterating through the elements of + this field and adding "weight" to the sum if the node matches + the corresponding matchExpressions; the node(s) with the + highest sum are the most preferred. + items: + description: An empty preferred scheduling term matches + all objects with implicit weight 0 (i.e. it's a no-op). + A null preferred scheduling term matches no objects (i.e. + is also a no-op). + properties: + preference: + description: A node selector term, associated with the + corresponding weight. + properties: + matchExpressions: + description: A list of node selector requirements + by node's labels. + items: + description: A node selector requirement is a + selector that contains values, a key, and an + operator that relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are + In, NotIn, Exists, DoesNotExist. Gt, and + Lt. + type: string + values: + description: An array of string values. If + the operator is In or NotIn, the values + array must be non-empty. If the operator + is Exists or DoesNotExist, the values array + must be empty. If the operator is Gt or + Lt, the values array must have a single + element, which will be interpreted as an + integer. This array is replaced during a + strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchFields: + description: A list of node selector requirements + by node's fields. + items: + description: A node selector requirement is a + selector that contains values, a key, and an + operator that relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are + In, NotIn, Exists, DoesNotExist. Gt, and + Lt. + type: string + values: + description: An array of string values. If + the operator is In or NotIn, the values + array must be non-empty. If the operator + is Exists or DoesNotExist, the values array + must be empty. If the operator is Gt or + Lt, the values array must have a single + element, which will be interpreted as an + integer. This array is replaced during a + strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + type: object + weight: + description: Weight associated with matching the corresponding + nodeSelectorTerm, in the range 1-100. + format: int32 + type: integer + required: + - preference + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified by this + field are not met at scheduling time, the pod will not be + scheduled onto the node. If the affinity requirements specified + by this field cease to be met at some point during pod execution + (e.g. due to an update), the system may or may not try to + eventually evict the pod from its node. + properties: + nodeSelectorTerms: + description: Required. A list of node selector terms. + The terms are ORed. + items: + description: A null or empty node selector term matches + no objects. The requirements of them are ANDed. The + TopologySelectorTerm type implements a subset of the + NodeSelectorTerm. + properties: + matchExpressions: + description: A list of node selector requirements + by node's labels. + items: + description: A node selector requirement is a + selector that contains values, a key, and an + operator that relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are + In, NotIn, Exists, DoesNotExist. Gt, and + Lt. + type: string + values: + description: An array of string values. If + the operator is In or NotIn, the values + array must be non-empty. If the operator + is Exists or DoesNotExist, the values array + must be empty. If the operator is Gt or + Lt, the values array must have a single + element, which will be interpreted as an + integer. This array is replaced during a + strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchFields: + description: A list of node selector requirements + by node's fields. + items: + description: A node selector requirement is a + selector that contains values, a key, and an + operator that relates the key and values. + properties: + key: + description: The label key that the selector + applies to. + type: string + operator: + description: Represents a key's relationship + to a set of values. Valid operators are + In, NotIn, Exists, DoesNotExist. Gt, and + Lt. + type: string + values: + description: An array of string values. If + the operator is In or NotIn, the values + array must be non-empty. If the operator + is Exists or DoesNotExist, the values array + must be empty. If the operator is Gt or + Lt, the values array must have a single + element, which will be interpreted as an + integer. This array is replaced during a + strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + type: object + type: array + required: + - nodeSelectorTerms + type: object + type: object + podAffinity: + description: Describes pod affinity scheduling rules (e.g. co-locate + this pod in the same node, zone, etc. as some other pod(s)). + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to + nodes that satisfy the affinity expressions specified by + this field, but it may choose a node that violates one or + more of the expressions. The node that is most preferred + is the one with the greatest sum of weights, i.e. for each + node that meets all of the scheduling requirements (resource + request, requiredDuringScheduling affinity expressions, + etc.), compute a sum by iterating through the elements of + this field and adding "weight" to the sum if the node has + pods which matches the corresponding podAffinityTerm; the + node(s) with the highest sum are the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm + fields are added per-node to find the most preferred node(s) + properties: + podAffinityTerm: + description: Required. A pod affinity term, associated + with the corresponding weight. + properties: + labelSelector: + description: A label query over a set of resources, + in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement + is a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: key is the label key that + the selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is + "In", and the values array contains only "value". + The requirements are ANDed. + type: object + type: object + namespaceSelector: + description: A label query over the set of namespaces + that the term applies to. The term is applied + to the union of the namespaces selected by this + field and the ones listed in the namespaces field. + null selector and null or empty namespaces list + means "this pod's namespace". An empty selector + ({}) matches all namespaces. This field is beta-level + and is only honored when PodAffinityNamespaceSelector + feature is enabled. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement + is a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: key is the label key that + the selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is + "In", and the values array contains only "value". + The requirements are ANDed. + type: object + type: object + namespaces: + description: namespaces specifies a static list + of namespace names that the term applies to. The + term is applied to the union of the namespaces + listed in this field and the ones selected by + namespaceSelector. null or empty namespaces list + and null namespaceSelector means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods + matching the labelSelector in the specified namespaces, + where co-located is defined as running on a node + whose value of the label with key topologyKey + matches that of any node on which any of the selected + pods is running. Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + weight: + description: weight associated with matching the corresponding + podAffinityTerm, in the range 1-100. + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the affinity requirements specified by this + field are not met at scheduling time, the pod will not be + scheduled onto the node. If the affinity requirements specified + by this field cease to be met at some point during pod execution + (e.g. due to a pod label update), the system may or may + not try to eventually evict the pod from its node. When + there are multiple elements, the lists of nodes corresponding + to each podAffinityTerm are intersected, i.e. all terms + must be satisfied. + items: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) + that this pod should be co-located (affinity) or not co-located + (anti-affinity) with, where co-located is defined as running + on a node whose value of the label with key + matches that of any node on which a pod of the set of + pods is running + properties: + labelSelector: + description: A label query over a set of resources, + in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a + selector that contains values, a key, and an + operator that relates the key and values. + properties: + key: + description: key is the label key that the + selector applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are + In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If the + operator is Exists or DoesNotExist, the + values array must be empty. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is "In", + and the values array contains only "value". The + requirements are ANDed. + type: object + type: object + namespaceSelector: + description: A label query over the set of namespaces + that the term applies to. The term is applied to the + union of the namespaces selected by this field and + the ones listed in the namespaces field. null selector + and null or empty namespaces list means "this pod's + namespace". An empty selector ({}) matches all namespaces. + This field is beta-level and is only honored when + PodAffinityNamespaceSelector feature is enabled. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a + selector that contains values, a key, and an + operator that relates the key and values. + properties: + key: + description: key is the label key that the + selector applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are + In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If the + operator is Exists or DoesNotExist, the + values array must be empty. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is "In", + and the values array contains only "value". The + requirements are ANDed. + type: object + type: object + namespaces: + description: namespaces specifies a static list of namespace + names that the term applies to. The term is applied + to the union of the namespaces listed in this field + and the ones selected by namespaceSelector. null or + empty namespaces list and null namespaceSelector means + "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods matching + the labelSelector in the specified namespaces, where + co-located is defined as running on a node whose value + of the label with key topologyKey matches that of + any node on which any of the selected pods is running. + Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + type: array + type: object + podAntiAffinity: + description: Describes pod anti-affinity scheduling rules (e.g. + avoid putting this pod in the same node, zone, etc. as some + other pod(s)). + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: The scheduler will prefer to schedule pods to + nodes that satisfy the anti-affinity expressions specified + by this field, but it may choose a node that violates one + or more of the expressions. The node that is most preferred + is the one with the greatest sum of weights, i.e. for each + node that meets all of the scheduling requirements (resource + request, requiredDuringScheduling anti-affinity expressions, + etc.), compute a sum by iterating through the elements of + this field and adding "weight" to the sum if the node has + pods which matches the corresponding podAffinityTerm; the + node(s) with the highest sum are the most preferred. + items: + description: The weights of all of the matched WeightedPodAffinityTerm + fields are added per-node to find the most preferred node(s) + properties: + podAffinityTerm: + description: Required. A pod affinity term, associated + with the corresponding weight. + properties: + labelSelector: + description: A label query over a set of resources, + in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement + is a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: key is the label key that + the selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is + "In", and the values array contains only "value". + The requirements are ANDed. + type: object + type: object + namespaceSelector: + description: A label query over the set of namespaces + that the term applies to. The term is applied + to the union of the namespaces selected by this + field and the ones listed in the namespaces field. + null selector and null or empty namespaces list + means "this pod's namespace". An empty selector + ({}) matches all namespaces. This field is beta-level + and is only honored when PodAffinityNamespaceSelector + feature is enabled. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are + ANDed. + items: + description: A label selector requirement + is a selector that contains values, a key, + and an operator that relates the key and + values. + properties: + key: + description: key is the label key that + the selector applies to. + type: string + operator: + description: operator represents a key's + relationship to a set of values. Valid + operators are In, NotIn, Exists and + DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. + If the operator is Exists or DoesNotExist, + the values array must be empty. This + array is replaced during a strategic + merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is + "In", and the values array contains only "value". + The requirements are ANDed. + type: object + type: object + namespaces: + description: namespaces specifies a static list + of namespace names that the term applies to. The + term is applied to the union of the namespaces + listed in this field and the ones selected by + namespaceSelector. null or empty namespaces list + and null namespaceSelector means "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods + matching the labelSelector in the specified namespaces, + where co-located is defined as running on a node + whose value of the label with key topologyKey + matches that of any node on which any of the selected + pods is running. Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + weight: + description: weight associated with matching the corresponding + podAffinityTerm, in the range 1-100. + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + description: If the anti-affinity requirements specified by + this field are not met at scheduling time, the pod will + not be scheduled onto the node. If the anti-affinity requirements + specified by this field cease to be met at some point during + pod execution (e.g. due to a pod label update), the system + may or may not try to eventually evict the pod from its + node. When there are multiple elements, the lists of nodes + corresponding to each podAffinityTerm are intersected, i.e. + all terms must be satisfied. + items: + description: Defines a set of pods (namely those matching + the labelSelector relative to the given namespace(s)) + that this pod should be co-located (affinity) or not co-located + (anti-affinity) with, where co-located is defined as running + on a node whose value of the label with key + matches that of any node on which a pod of the set of + pods is running + properties: + labelSelector: + description: A label query over a set of resources, + in this case pods. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a + selector that contains values, a key, and an + operator that relates the key and values. + properties: + key: + description: key is the label key that the + selector applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are + In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If the + operator is Exists or DoesNotExist, the + values array must be empty. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is "In", + and the values array contains only "value". The + requirements are ANDed. + type: object + type: object + namespaceSelector: + description: A label query over the set of namespaces + that the term applies to. The term is applied to the + union of the namespaces selected by this field and + the ones listed in the namespaces field. null selector + and null or empty namespaces list means "this pod's + namespace". An empty selector ({}) matches all namespaces. + This field is beta-level and is only honored when + PodAffinityNamespaceSelector feature is enabled. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are ANDed. + items: + description: A label selector requirement is a + selector that contains values, a key, and an + operator that relates the key and values. + properties: + key: + description: key is the label key that the + selector applies to. + type: string + operator: + description: operator represents a key's relationship + to a set of values. Valid operators are + In, NotIn, Exists and DoesNotExist. + type: string + values: + description: values is an array of string + values. If the operator is In or NotIn, + the values array must be non-empty. If the + operator is Exists or DoesNotExist, the + values array must be empty. This array is + replaced during a strategic merge patch. + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + description: matchLabels is a map of {key,value} + pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, + whose key field is "key", the operator is "In", + and the values array contains only "value". The + requirements are ANDed. + type: object + type: object + namespaces: + description: namespaces specifies a static list of namespace + names that the term applies to. The term is applied + to the union of the namespaces listed in this field + and the ones selected by namespaceSelector. null or + empty namespaces list and null namespaceSelector means + "this pod's namespace" + items: + type: string + type: array + topologyKey: + description: This pod should be co-located (affinity) + or not co-located (anti-affinity) with the pods matching + the labelSelector in the specified namespaces, where + co-located is defined as running on a node whose value + of the label with key topologyKey matches that of + any node on which any of the selected pods is running. + Empty topologyKey is not allowed. + type: string + required: + - topologyKey + type: object + type: array + type: object + type: object + applicationScope: + description: Scope for the application which will be installed in + the cluster NamespaceScope or ClusterScope + enum: + - Cluster + - Namespaced + type: string + componentConfiguration: + description: ComponentConfiguration holds all the field related to + components. + properties: + admission-webhook: + description: AdmissionWebhook holds all configuration keys related + to admission-webhook + type: object + x-kubernetes-preserve-unknown-fields: true + control-plane: + description: ControlPlane holds all configuration keys related + to control-plane + type: object + x-kubernetes-preserve-unknown-fields: true + exporter: + description: Exporter holds all configuration keys related to + exporter + type: object + x-kubernetes-preserve-unknown-fields: true + ingress-controller: + description: IngressController holds all configuration keys related + to ingress-controller + type: object + x-kubernetes-preserve-unknown-fields: true + web: + description: Web holds all configuration keys related to web + type: object + x-kubernetes-preserve-unknown-fields: true + web-backend: + description: WebBackend holds all configuration keys related to + web-backend + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + dataJobLimits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Deprecated: DataJobLimits are the resource limits for + all the data processing jobs.' + type: object + dataJobResources: + description: DataJobResources is the resource limits & requests for + all the data processing jobs. + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute resources + allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + deploymentLimits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: DeploymentLimits are the resource limits for all the + deployments. + type: object + helmValues: + description: HelmValues holds all the additional fields in the values.yaml + of TVK helm chart. + type: object + x-kubernetes-preserve-unknown-fields: true + helmVersion: + description: 'Deprecated: Helm Version' + properties: + tillerNamespace: + type: string + version: + enum: + - v3 + type: string + required: + - version + type: object + ingressConfig: + description: IngressConfig holds field related to ingress + properties: + annotations: + additionalProperties: + type: string + type: object + host: + type: string + ingressClass: + type: string + tlsSecretName: + type: string + type: object + metadataJobLimits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Deprecated: MetadataJobLimits are the resource limits + for all the meta processing jobs.' + type: object + metadataJobResources: + description: MetadataJobResources is the resource limits & requests + for all the meta processing jobs. + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute resources + allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + nodeSelector: + additionalProperties: + type: string + description: NodeSelector specifies a map of key-value pairs. For + the pod to be eligible to run on a node, the node must have each + of the indicated key-value pairs as labels. + type: object + resources: + description: 'Deprecated: Resources are the resource requirements + for the containers.' + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Limits describes the maximum amount of compute resources + allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: 'Requests describes the minimum amount of compute + resources required. If Requests is omitted for a container, + it defaults to Limits if that is explicitly specified, otherwise + to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + type: object + type: object + restoreNamespaces: + description: 'Deprecated: RestoreNamespaces are the namespace where + you want to restore your applications. Restore Namespaces depends + on your k8s RBAC' + items: + type: string + type: array + tolerations: + description: The toleration of application against the specific taints + on the nodes + items: + description: The pod this Toleration is attached to tolerates any + taint that matches the triple using the matching + operator . + properties: + effect: + description: Effect indicates the taint effect to match. Empty + means match all taint effects. When specified, allowed values + are NoSchedule, PreferNoSchedule and NoExecute. + type: string + key: + description: Key is the taint key that the toleration applies + to. Empty means match all taint keys. If the key is empty, + operator must be Exists; this combination means to match all + values and all keys. + type: string + operator: + description: Operator represents a key's relationship to the + value. Valid operators are Exists and Equal. Defaults to Equal. + Exists is equivalent to wildcard for value, so that a pod + can tolerate all taints of a particular category. + type: string + tolerationSeconds: + description: TolerationSeconds represents the period of time + the toleration (which must be of effect NoExecute, otherwise + this field is ignored) tolerates the taint. By default, it + is not set, which means tolerate the taint forever (do not + evict). Zero and negative values will be treated as 0 (evict + immediately) by the system. + format: int64 + type: integer + value: + description: Value is the taint value the toleration matches + to. If the operator is Exists, the value should be empty, + otherwise just a regular string. + type: string + type: object + type: array + trilioVaultAppVersion: + description: Helm Chart version + type: string + required: + - applicationScope + type: object + status: + description: TrilioVaultManagerStatus defines the observed state of TrilioVaultManager + properties: + conditions: + properties: + lastTransitionTime: + format: date-time + nullable: true + type: string + message: + minLength: 0 + type: string + reason: + enum: + - InstallSuccessful + - UpdateSuccessful + - UninstallSuccessful + - InstallError + - UpdateError + - ReconcileError + - UninstallError + type: string + status: + enum: + - "True" + - "False" + - Unknown + type: string + type: + enum: + - Initialized + - Deployed + - Updated + - ReleaseFailed + - Irreconcilable + type: string + type: object + deployedRelease: + properties: + manifest: + type: string + name: + type: string + type: object + releaseVersion: + type: string + required: + - conditions + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/charts/k8s-triliovault-operator/k8s-triliovault-operator/2.6.500/templates/NOTES.txt b/charts/k8s-triliovault-operator/k8s-triliovault-operator/2.6.500/templates/NOTES.txt new file mode 100644 index 000000000..08f627fac --- /dev/null +++ b/charts/k8s-triliovault-operator/k8s-triliovault-operator/2.6.500/templates/NOTES.txt @@ -0,0 +1,41 @@ +TrilioVault Operator is a helm based operator which install/upgrade/delete the helm Chart of the TrilioVault For Kubernetes. +This operator watches over the entire helm application of TrilioVault for Kubernetes and has self-healing capabilities. + +To verify that TrilioVault Operator has started, run: + + kubectl --namespace={{ .Release.Namespace }} wait --for=condition=ready pod -l "release={{ .Release.Name }}" + +Once the Triliovault operator is in running state, you can create the TrilioVault for Kubernetes(TVK) with the +following custom resource: + + apiVersion: triliovault.trilio.io/v1 + kind: TrilioVaultManager + metadata: + labels: + app: triliovault + name: tvk + namespace: {{ .Release.Namespace }} + spec: + trilioVaultAppVersion: latest + applicationScope: Cluster + ingressConfig: + host: "trilio.net" + componentConfiguration: + ingress-controller: + enabled: true + service: + type: LoadBalancer + +Once the above CR has been created, you have to wait for the TVK pods to come up. To check all the pods come into +running state, run: + + kubectl --namespace {{ .Release.Namespace }} wait --for=condition=ready pod -l "release=tvk-{{ .Release.Namespace }}" + +Once all the pods are in running state, you can access the TVK UI from your browser at: + + https://trilio.net + +Note: The host `trilio.net` is used from the `ingressConfig.host` defined in the TVM CR by the user. + +You can start backup and restore of your application using TVK. For more details on how to do that, please follow our +getting started guide: https://docs.trilio.io/kubernetes/getting-started/getting-started-1 diff --git a/charts/k8s-triliovault-operator/k8s-triliovault-operator/2.6.500/templates/TVMCustomResource.yaml b/charts/k8s-triliovault-operator/k8s-triliovault-operator/2.6.500/templates/TVMCustomResource.yaml new file mode 100644 index 000000000..d7f50b99a --- /dev/null +++ b/charts/k8s-triliovault-operator/k8s-triliovault-operator/2.6.500/templates/TVMCustomResource.yaml @@ -0,0 +1,41 @@ +{{- if .Values.installTVK.enabled }} +{{- if not (lookup "triliovault.trilio.io/v1" "TrilioVaultManager" "" "").items }} + {{template "k8s-triliovault-operator.tlsSecretValidation" .}} +apiVersion: triliovault.trilio.io/v1 +kind: TrilioVaultManager +metadata: + name: {{ .Release.Name }}-tvk + namespace: {{ .Release.Namespace }} + annotations: + "helm.sh/hook": pre-install +spec: + {{- if eq .Chart.Version "0.1.0" }} + trilioVaultAppVersion: latest + {{- else}} + trilioVaultAppVersion: {{ .Chart.Version }} + {{- end }} + applicationScope: {{ .Values.installTVK.applicationScope }} + # User can configure the ingress hosts, annotations and TLS secret through the ingressConfig section + ingressConfig: + {{- if and (gt (len .Values.installTVK.ingressConfig.annotations) 0) (not .Values.installTVK.ComponentConfiguration.ingressController.enabled) }} + annotations: + {{- range $key, $value := .Values.installTVK.ingressConfig.annotations }} + {{ $key }}: {{ $value | quote }} + {{- end -}} + {{- end }} + host: {{ .Values.installTVK.ingressConfig.host | default (printf "%s.k8s-tvk.com" $.Release.Namespace) | quote }} + {{- if not .Values.installTVK.ComponentConfiguration.ingressController.enabled }} + ingressClass: {{ .Values.installTVK.ingressConfig.ingressClass | quote }} + {{- end }} + {{- if .Values.installTVK.ingressConfig.tlsSecretName }} + tlsSecretName: {{ .Values.installTVK.ingressConfig.tlsSecretName | quote }} + {{- end }} + # TVK components configuration, currently supports control-plane, web, exporter, web-backend, ingress-controller, admission-webhook. + # User can configure resources for all componentes and can configure service type and host for the ingress-controller + componentConfiguration: + ingress-controller: + enabled: {{ .Values.installTVK.ComponentConfiguration.ingressController.enabled }} + service: + type: {{ .Values.installTVK.ComponentConfiguration.ingressController.service.type }} +{{- end -}} +{{- end -}} diff --git a/charts/k8s-triliovault-operator/k8s-triliovault-operator/2.6.500/templates/_helpers.tpl b/charts/k8s-triliovault-operator/k8s-triliovault-operator/2.6.500/templates/_helpers.tpl new file mode 100644 index 000000000..46d123feb --- /dev/null +++ b/charts/k8s-triliovault-operator/k8s-triliovault-operator/2.6.500/templates/_helpers.tpl @@ -0,0 +1,66 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "k8s-triliovault-operator.name" -}} +{{- default .Release.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{- define "k8s-triliovault-operator.appName" -}} +{{- printf "%s" .Chart.Name -}} +{{- end -}} + + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +*/}} +{{- define "k8s-triliovault-operator.fullname" -}} +{{- if .Values.fullnameOverride -}} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- $name := default .Chart.Name .Values.nameOverride -}} +{{- if contains $name .Release.Name -}} +{{- .Release.Name | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} +{{- end -}} +{{- end -}} +{{- end -}} + +{{/* +Return the proper TrilioVault Operator image name +*/}} +{{- define "k8s-triliovault-operator.image" -}} +{{- $registryName := .Values.image.registry -}} +{{- $repositoryName := .Values.image.repository -}} +{{- $tag := .Values.image.tag | toString -}} +{{- printf "%s/%s:%s" $registryName $repositoryName $tag -}} +{{- end -}} + +{{/* +Validation of the secret of CA bundle if provided +*/}} +{{- define "k8s-triliovault-operator.caBundleValidation" -}} +{{- if .Values.proxySettings.CA_BUNDLE_CONFIGMAP }} +{{- if not (lookup "v1" "ConfigMap" .Release.Namespace .Values.proxySettings.CA_BUNDLE_CONFIGMAP) }} + {{ fail "Proxy CA bundle proxy is not present in the release namespace" }} +{{- else }} + {{- $caMap := (lookup "v1" "ConfigMap" .Release.Namespace .Values.proxySettings.CA_BUNDLE_CONFIGMAP).data }} + {{- if not (get $caMap "ca-bundle.crt") }} + {{ fail "Proxy CA certificate file key should be ca-bundle.crt" }} + {{- end }} +{{- end }} +{{- end }} +{{- end -}} + +{{/* +Validation for the ingress tlsSecret, should exists if provided +*/}} + +{{- define "k8s-triliovault-operator.tlsSecretValidation" }} +{{- if .Values.installTVK.ingressConfig.tlsSecretName -}} +{{- if not (lookup "v1" "Secret" .Release.Namespace .Values.installTVK.ingressConfig.tlsSecretName ) -}} + {{ fail "Ingress tls secret is not present in the release namespace" }} +{{- end -}} +{{- end -}} +{{- end -}} diff --git a/charts/k8s-triliovault-operator/k8s-triliovault-operator/2.6.500/templates/clusterrole.yaml b/charts/k8s-triliovault-operator/k8s-triliovault-operator/2.6.500/templates/clusterrole.yaml new file mode 100644 index 000000000..b3eed777d --- /dev/null +++ b/charts/k8s-triliovault-operator/k8s-triliovault-operator/2.6.500/templates/clusterrole.yaml @@ -0,0 +1,125 @@ +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: {{template "k8s-triliovault-operator.name" .}}-{{.Release.Namespace}}-manager-role + labels: + app.kubernetes.io/part-of: {{ template "k8s-triliovault-operator.appName" . }} + app.kubernetes.io/name: {{ template "k8s-triliovault-operator.appName" . }} + app.kubernetes.io/instance: {{template "k8s-triliovault-operator.appName" .}}-manager-role + app.kubernetes.io/managed-by: {{ .Release.Service }} +rules: + - apiGroups: + - '*' + resources: + - '*' + verbs: + - get + - list + - watch + - apiGroups: + - apiextensions.k8s.io + resources: + - customresourcedefinitions + verbs: + - create + - update + - delete + - patch + - apiGroups: + - "" + resources: + - serviceaccounts + - services + - services/finalizers + - secrets + - events + - pods + - endpoints + - configmaps + verbs: + - create + - update + - delete + - patch + - apiGroups: + - admissionregistration.k8s.io + resources: + - validatingwebhookconfigurations + - mutatingwebhookconfigurations + verbs: + - create + - update + - delete + - patch + - apiGroups: + - apps + resources: + - deployments + verbs: + - create + - update + - delete + - patch + - apiGroups: + - rbac.authorization.k8s.io + resources: + - clusterroles + - clusterrolebindings + - roles + - rolebindings + verbs: + - create + - update + - delete + - patch + - bind + - escalate + - apiGroups: + - triliovault.trilio.io + resources: + - '*' + verbs: + - '*' + - apiGroups: + - "" + resources: + - namespaces + verbs: + - update + - apiGroups: + - batch + resources: + - cronjobs + verbs: + - delete + - apiGroups: + - policy + resources: + - poddisruptionbudgets + verbs: + - create + - update + - patch + - delete + - apiGroups: + - networking.k8s.io + resources: + - ingresses + verbs: + - create + - patch + - update + - delete + - apiGroups: + - networking.k8s.io + resources: + - ingresses/status + verbs: + - update + - apiGroups: + - networking.k8s.io + resources: + - ingressclasses + verbs: + - delete diff --git a/charts/k8s-triliovault-operator/k8s-triliovault-operator/2.6.500/templates/clusterrole_binding.yaml b/charts/k8s-triliovault-operator/k8s-triliovault-operator/2.6.500/templates/clusterrole_binding.yaml new file mode 100644 index 000000000..49d5655f6 --- /dev/null +++ b/charts/k8s-triliovault-operator/k8s-triliovault-operator/2.6.500/templates/clusterrole_binding.yaml @@ -0,0 +1,17 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: {{ template "k8s-triliovault-operator.name" . }}-{{ .Release.Namespace }}-manager-rolebinding + labels: + app.kubernetes.io/part-of: {{ template "k8s-triliovault-operator.appName" . }} + app.kubernetes.io/name: {{ template "k8s-triliovault-operator.appName" . }} + app.kubernetes.io/instance: {{ template "k8s-triliovault-operator.appName" . }}-manager-rolebinding + app.kubernetes.io/managed-by: {{ .Release.Service }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: {{ template "k8s-triliovault-operator.name" . }}-{{ .Release.Namespace }}-manager-role +subjects: +- kind: ServiceAccount + name: {{ template "k8s-triliovault-operator.fullname" . }}-service-account + namespace: {{ .Release.Namespace }} diff --git a/charts/k8s-triliovault-operator/k8s-triliovault-operator/2.6.500/templates/deployment.yaml b/charts/k8s-triliovault-operator/k8s-triliovault-operator/2.6.500/templates/deployment.yaml new file mode 100644 index 000000000..580f5774e --- /dev/null +++ b/charts/k8s-triliovault-operator/k8s-triliovault-operator/2.6.500/templates/deployment.yaml @@ -0,0 +1,202 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ template "k8s-triliovault-operator.fullname" . }} + namespace: {{ .Release.Namespace }} + labels: + app: {{ template "k8s-triliovault-operator.fullname" . }} + release: "{{ .Release.Name }}" + app.kubernetes.io/part-of: {{ template "k8s-triliovault-operator.appName" . }} + app.kubernetes.io/name: {{ template "k8s-triliovault-operator.appName" . }} + app.kubernetes.io/instance: {{ template "k8s-triliovault-operator.appName" . }} + app.kubernetes.io/managed-by: {{ .Release.Service }} +spec: + strategy: + type: RollingUpdate + rollingUpdate: + maxSurge: 25% + maxUnavailable: 25% + selector: + matchLabels: + app: {{ template "k8s-triliovault-operator.fullname" . }} + release: "{{ .Release.Name }}" + replicas: {{ .Values.replicaCount }} + template: + metadata: + labels: + app: {{ template "k8s-triliovault-operator.fullname" . }} + release: "{{ .Release.Name }}" + app.kubernetes.io/part-of: {{ template "k8s-triliovault-operator.appName" . }} + app.kubernetes.io/name: {{ template "k8s-triliovault-operator.appName" . }} + app.kubernetes.io/instance: {{ template "k8s-triliovault-operator.appName" . }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + spec: + hostNetwork: {{ .Values.podSpec.hostNetwork }} + hostIPC: {{ .Values.podSpec.hostIPC }} + hostPID: {{ .Values.podSpec.hostPID }} + {{- if .Values.securityContext }} + securityContext: + {{- toYaml .Values.podSpec.securityContext | nindent 8 }} + {{- end }} + containers: + - name: k8s-triliovault-operator + image: {{ .Values.registry }}/{{ index .Values "k8s-triliovault-operator" "repository" }}:{{ .Values.tag }} + imagePullPolicy: {{ .Values.image.pullPolicy | quote }} + {{- if .Values.proxySettings.PROXY_ENABLED }} + envFrom: + - secretRef: + name: {{ template "k8s-triliovault-operator.fullname" . }}-proxy + {{- end }} + env: + {{- if .Values.proxySettings.PROXY_ENABLED }} + - name: PROXY_SETTINGS_SECRET + value: {{ template "k8s-triliovault-operator.fullname" . }}-proxy + {{- if .Values.proxySettings.CA_BUNDLE_CONFIGMAP }} + - name: PROXY_CA_CONFIGMAP + value: {{ .Values.proxySettings.CA_BUNDLE_CONFIGMAP }} + {{- end }} + {{- end }} + {{- if .Values.tvkEnv }} + - name: TVK_ENV + value: {{ .Values.tvkEnv }} + {{- end}} + {{- if .Values.tvkHelmRepo }} + - name: TVK_HELM_REPO + value: {{ .Values.tvkHelmRepo }} + {{- end }} + - name: INSTALL_NAMESPACE + value: {{ .Release.Namespace }} + - name: REGISTRY + value: {{ .Values.registry }} + - name: ADMISSION_MUTATION_CONFIG + value: {{ template "k8s-triliovault-operator.name" . }}-mutating-webhook-configuration + - name: ADMISSION_VALIDATION_CONFIG + value: {{ template "k8s-triliovault-operator.name" . }}-validating-webhook-configuration + - name: NAMESPACE_VALIDATION_CONFIG + value: {{ template "k8s-triliovault-operator.name" . }}-ns-validating-webhook-configuration + livenessProbe: + httpGet: + path: /healthz + port: 8081 + scheme: HTTP + initialDelaySeconds: 60 + periodSeconds: 30 + timeoutSeconds: 2 + successThreshold: 1 + failureThreshold: 3 + readinessProbe: + httpGet: + path: /readyz + port: 8081 + scheme: HTTP + initialDelaySeconds: 5 + periodSeconds: 5 + timeoutSeconds: 1 + successThreshold: 1 + failureThreshold: 3 + volumeMounts: + {{- if and .Values.proxySettings.PROXY_ENABLED .Values.proxySettings.CA_BUNDLE_CONFIGMAP }} + - name: proxy-ca-cert + mountPath: /proxy-certs + readOnly: true + {{- end }} + {{- if .Values.tls.enable }} + - name: helm-tls-certs + mountPath: /root/.helm + readOnly: true + {{- if .Values.tls.verify }} + - name: helm-tls-ca + mountPath: /root/.helm/ca.crt + readOnly: true + {{- end }} + {{- end }} + - mountPath: /tmp/k8s-webhook-server/serving-certs + name: webhook-certs + readOnly: true + {{- if .Values.securityContext }} + securityContext: + {{- toYaml .Values.securityContext | nindent 12 }} + {{- end }} + resources: + limits: + cpu: 200m + memory: 512Mi + requests: + cpu: 10m + memory: 10Mi + initContainers: + - name: webhook-init + image: {{ .Values.registry }}/{{ index .Values "operator-webhook-init" "repository" }}:{{ .Values.tag }} + imagePullPolicy: {{ .Values.image.pullPolicy | quote }} + {{- if .Values.securityContext }} + securityContext: + {{- toYaml .Values.securityContext | nindent 12 }} + {{- end }} + {{- if .Values.proxySettings.PROXY_ENABLED }} + envFrom: + - secretRef: + name: {{ template "k8s-triliovault-operator.fullname" . }}-proxy + {{- end }} + env: + {{- if .Values.proxySettings.PROXY_ENABLED }} + - name: PROXY_SETTINGS_SECRET + value: {{ template "k8s-triliovault-operator.fullname" . }}-proxy + {{- if .Values.proxySettings.CA_BUNDLE_CONFIGMAP }} + - name: PROXY_CA_CONFIGMAP + value: {{ .Values.proxySettings.CA_BUNDLE_CONFIGMAP }} + {{- end }} + {{- end }} + - name: TVK_ENV + value: {{ .Values.tvkEnv }} + - name: TVK_HELM_REPO + value: {{ .Values.tvkHelmRepo }} + - name: RELEASE_VERSION + value: {{ .Chart.AppVersion }} + - name: ADMISSION_MUTATION_CONFIG + value: {{ template "k8s-triliovault-operator.name" . }}-mutating-webhook-configuration + - name: ADMISSION_VALIDATION_CONFIG + value: {{ template "k8s-triliovault-operator.name" . }}-validating-webhook-configuration + - name: NAMESPACE_VALIDATION_CONFIG + value: {{ template "k8s-triliovault-operator.name" . }}-ns-validating-webhook-configuration + - name: WEBHOOK_SERVICE + value: {{ template "k8s-triliovault-operator.fullname" . }}-webhook-service + - name: WEBHOOK_NAMESPACE + value: {{ .Release.Namespace }} + - name: SECRET_NAME + value: {{ template "k8s-triliovault-operator.fullname" . }}-webhook-certs + {{- if and .Values.proxySettings.PROXY_ENABLED .Values.proxySettings.CA_BUNDLE_CONFIGMAP }} + volumeMounts: + - name: proxy-ca-cert + mountPath: /proxy-certs + readOnly: true + {{- end }} + serviceAccountName: {{ template "k8s-triliovault-operator.fullname" . }}-service-account + {{- if .Values.nodeSelector }} + nodeSelector: {{- .Values.nodeSelector | toYaml | nindent 8 }} + {{- end }} + {{- if .Values.affinity }} + affinity: + {{- toYaml .Values.affinity | nindent 8 }} + {{- end }} + volumes: + {{- if and .Values.proxySettings.PROXY_ENABLED .Values.proxySettings.CA_BUNDLE_CONFIGMAP }} + - name: proxy-ca-cert + configMap: + name: {{ .Values.proxySettings.CA_BUNDLE_CONFIGMAP }} + {{- end }} + {{- if .Values.tls.enable }} + - name: helm-tls-certs + secret: + secretName: {{ .Values.tls.secretName }} + defaultMode: 0400 + {{- if .Values.tls.verify }} + - name: helm-tls-ca + configMap: + name: {{ template "helm-operator.fullname" . }}-helm-tls-ca-config + defaultMode: 0600 + {{- end }} + {{- end }} + - name: webhook-certs + secret: + defaultMode: 420 + secretName: {{ template "k8s-triliovault-operator.fullname" . }}-webhook-certs diff --git a/charts/k8s-triliovault-operator/k8s-triliovault-operator/2.6.500/templates/mutating-webhook.yaml b/charts/k8s-triliovault-operator/k8s-triliovault-operator/2.6.500/templates/mutating-webhook.yaml new file mode 100644 index 000000000..692feec4e --- /dev/null +++ b/charts/k8s-triliovault-operator/k8s-triliovault-operator/2.6.500/templates/mutating-webhook.yaml @@ -0,0 +1,31 @@ +apiVersion: admissionregistration.k8s.io/v1 +kind: MutatingWebhookConfiguration +metadata: + name: {{ template "k8s-triliovault-operator.name" . }}-mutating-webhook-configuration + labels: + app.kubernetes.io/part-of: {{ template "k8s-triliovault-operator.appName" . }} + app.kubernetes.io/name: {{ template "k8s-triliovault-operator.appName" . }} + app.kubernetes.io/instance: {{ template "k8s-triliovault-operator.appName" . }}-mutating-webhook-configuration + app.kubernetes.io/managed-by: {{ .Release.Service }} +webhooks: +- clientConfig: + caBundle: Cg== + service: + name: {{ template "k8s-triliovault-operator.fullname" . }}-webhook-service + namespace: {{ .Release.Namespace }} + path: /mutate-triliovault-trilio-io-v1-triliovaultmanager + failurePolicy: Fail + name: v1-tvm-mutation.trilio.io + rules: + - apiGroups: + - triliovault.trilio.io + apiVersions: + - v1 + operations: + - CREATE + - UPDATE + resources: + - triliovaultmanagers + sideEffects: None + admissionReviewVersions: + - v1 diff --git a/charts/k8s-triliovault-operator/k8s-triliovault-operator/2.6.500/templates/ns-validating-webhook.yaml b/charts/k8s-triliovault-operator/k8s-triliovault-operator/2.6.500/templates/ns-validating-webhook.yaml new file mode 100644 index 000000000..f0e0618e2 --- /dev/null +++ b/charts/k8s-triliovault-operator/k8s-triliovault-operator/2.6.500/templates/ns-validating-webhook.yaml @@ -0,0 +1,37 @@ +apiVersion: admissionregistration.k8s.io/v1 +kind: ValidatingWebhookConfiguration +metadata: + name: {{ template "k8s-triliovault-operator.name" . }}-ns-validating-webhook-configuration + labels: + app.kubernetes.io/part-of: {{ template "k8s-triliovault-operator.appName" . }} + app.kubernetes.io/name: {{ template "k8s-triliovault-operator.appName" . }} + app.kubernetes.io/instance: {{ template "k8s-triliovault-operator.appName" . }}-ns-validating-webhook-configuration + app.kubernetes.io/managed-by: {{ .Release.Service }} +webhooks: +- clientConfig: + caBundle: Cg== + service: + name: {{ template "k8s-triliovault-operator.fullname" . }}-webhook-service + namespace: {{ .Release.Namespace }} + path: /validate-core-v1-namespace + failurePolicy: Fail + name: v1-tvm-ns-validation.trilio.io + namespaceSelector: + matchExpressions: + - key: trilio-operator-label + operator: In + values: + - {{ .Release.Namespace }} + rules: + - apiGroups: + - "" + apiVersions: + - v1 + operations: + - DELETE + resources: + - namespaces + scope: '*' + sideEffects: None + admissionReviewVersions: + - v1 diff --git a/charts/k8s-triliovault-operator/k8s-triliovault-operator/2.6.500/templates/proxyConfig.yaml b/charts/k8s-triliovault-operator/k8s-triliovault-operator/2.6.500/templates/proxyConfig.yaml new file mode 100644 index 000000000..99725af36 --- /dev/null +++ b/charts/k8s-triliovault-operator/k8s-triliovault-operator/2.6.500/templates/proxyConfig.yaml @@ -0,0 +1,21 @@ +{{- if .Values.proxySettings.PROXY_ENABLED }} + {{ template "k8s-triliovault-operator.caBundleValidation" . }} +apiVersion: v1 +kind: Secret +metadata: + name: {{ template "k8s-triliovault-operator.fullname" . }}-proxy + namespace: {{ .Release.Namespace }} + labels: + app.kubernetes.io/part-of: {{ template "k8s-triliovault-operator.appName" . }} + app.kubernetes.io/name: {{ template "k8s-triliovault-operator.appName" . }} + app.kubernetes.io/instance: {{ template "k8s-triliovault-operator.appName" . }}-proxy + app.kubernetes.io/managed-by: {{ .Release.Service }} +data: + {{- range $key, $val := .Values.proxySettings }} + {{ $val = $val| toString | b64enc }} + {{- if $val -}} + {{ $key }}: {{ $val }} + {{- end -}} + {{- end }} +type: Opaque +{{- end }} diff --git a/charts/k8s-triliovault-operator/k8s-triliovault-operator/2.6.500/templates/secret.yaml b/charts/k8s-triliovault-operator/k8s-triliovault-operator/2.6.500/templates/secret.yaml new file mode 100644 index 000000000..782140c5a --- /dev/null +++ b/charts/k8s-triliovault-operator/k8s-triliovault-operator/2.6.500/templates/secret.yaml @@ -0,0 +1,11 @@ +apiVersion: v1 +kind: Secret +metadata: + name: {{ template "k8s-triliovault-operator.fullname" . }}-webhook-certs + namespace: {{ .Release.Namespace }} + labels: + app.kubernetes.io/part-of: {{ template "k8s-triliovault-operator.appName" . }} + app.kubernetes.io/name: {{ template "k8s-triliovault-operator.appName" . }} + app.kubernetes.io/instance: {{ template "k8s-triliovault-operator.appName" . }}-webhook-certs + app.kubernetes.io/managed-by: {{ .Release.Service }} +type: Opaque diff --git a/charts/k8s-triliovault-operator/k8s-triliovault-operator/2.6.500/templates/serviceAccount.yaml b/charts/k8s-triliovault-operator/k8s-triliovault-operator/2.6.500/templates/serviceAccount.yaml new file mode 100644 index 000000000..4c51e5fa4 --- /dev/null +++ b/charts/k8s-triliovault-operator/k8s-triliovault-operator/2.6.500/templates/serviceAccount.yaml @@ -0,0 +1,10 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ template "k8s-triliovault-operator.fullname" . }}-service-account + namespace: {{ .Release.Namespace }} + labels: + app.kubernetes.io/part-of: {{ template "k8s-triliovault-operator.appName" . }} + app.kubernetes.io/name: {{ template "k8s-triliovault-operator.appName" . }} + app.kubernetes.io/instance: {{ template "k8s-triliovault-operator.appName" . }}-service-account + app.kubernetes.io/managed-by: {{ .Release.Service }} diff --git a/charts/k8s-triliovault-operator/k8s-triliovault-operator/2.6.500/templates/validating-webhook.yaml b/charts/k8s-triliovault-operator/k8s-triliovault-operator/2.6.500/templates/validating-webhook.yaml new file mode 100644 index 000000000..c66b6a429 --- /dev/null +++ b/charts/k8s-triliovault-operator/k8s-triliovault-operator/2.6.500/templates/validating-webhook.yaml @@ -0,0 +1,31 @@ +apiVersion: admissionregistration.k8s.io/v1 +kind: ValidatingWebhookConfiguration +metadata: + name: {{ template "k8s-triliovault-operator.name" . }}-validating-webhook-configuration + labels: + app.kubernetes.io/part-of: {{ template "k8s-triliovault-operator.appName" . }} + app.kubernetes.io/name: {{ template "k8s-triliovault-operator.appName" . }} + app.kubernetes.io/instance: {{ template "k8s-triliovault-operator.appName" . }}-validating-webhook-configuration + app.kubernetes.io/managed-by: {{ .Release.Service }} +webhooks: +- clientConfig: + caBundle: Cg== + service: + name: {{ template "k8s-triliovault-operator.fullname" . }}-webhook-service + namespace: {{ .Release.Namespace }} + path: /validate-triliovault-trilio-io-v1-triliovaultmanager + failurePolicy: Fail + name: v1-tvm-validation.trilio.io + rules: + - apiGroups: + - triliovault.trilio.io + apiVersions: + - v1 + operations: + - CREATE + - UPDATE + resources: + - triliovaultmanagers + sideEffects: None + admissionReviewVersions: + - v1 diff --git a/charts/k8s-triliovault-operator/k8s-triliovault-operator/2.6.500/templates/webhook-service.yaml b/charts/k8s-triliovault-operator/k8s-triliovault-operator/2.6.500/templates/webhook-service.yaml new file mode 100644 index 000000000..bed6993c7 --- /dev/null +++ b/charts/k8s-triliovault-operator/k8s-triliovault-operator/2.6.500/templates/webhook-service.yaml @@ -0,0 +1,19 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ template "k8s-triliovault-operator.fullname" . }}-webhook-service + namespace: {{ .Release.Namespace }} + labels: + app: {{ template "k8s-triliovault-operator.fullname" . }} + release: "{{ .Release.Name }}" + app.kubernetes.io/part-of: {{ template "k8s-triliovault-operator.appName" . }} + app.kubernetes.io/name: {{ template "k8s-triliovault-operator.appName" . }} + app.kubernetes.io/instance: {{ template "k8s-triliovault-operator.appName" . }}-webhook-service + app.kubernetes.io/managed-by: {{ .Release.Service }} +spec: + ports: + - port: 443 + targetPort: 9443 + selector: + app: {{ template "k8s-triliovault-operator.fullname" . }} + release: "{{ .Release.Name }}" diff --git a/charts/k8s-triliovault-operator/k8s-triliovault-operator/2.6.500/values.yaml b/charts/k8s-triliovault-operator/k8s-triliovault-operator/2.6.500/values.yaml new file mode 100644 index 000000000..53b14afd1 --- /dev/null +++ b/charts/k8s-triliovault-operator/k8s-triliovault-operator/2.6.500/values.yaml @@ -0,0 +1,76 @@ +## TrilioVault Operator +registry: "eu.gcr.io/amazing-chalice-243510" + +operator-webhook-init: + repository: operator-webhook-init + +k8s-triliovault-operator: + repository: k8s-triliovault-operator + +tag: "2.6.5" + +tvkHelmRepo: "" + +affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: kubernetes.io/arch + operator: In + values: + - amd64 + +image: + pullPolicy: Always +tls: + secretName: "helm-client-certs" + verify: false + enable: false + keyFile: "tls.key" + certFile: "tls.crt" + caContent: "" + hostname: "" + +nameOverride: "" + +replicaCount: 1 + +proxySettings: + PROXY_ENABLED: false + NO_PROXY: "" + HTTP_PROXY: "" + HTTPS_PROXY: "" + CA_BUNDLE_CONFIGMAP: "" + +podSpec: + hostIPC: false + hostNetwork: false + hostPID: false + securityContext: + runAsNonRoot: true + runAsUser: 1001 + +securityContext: + allowPrivilegeEscalation: false + privileged: false + readOnlyRootFilesystem: false + runAsNonRoot: true + runAsUser: 1001 + capabilities: + drop: + - ALL + +installTVK: + enabled: true + applicationScope: Cluster + ingressConfig: + host: "" + tlsSecretName: "" + annotations: {} + ingressClass: "" + ComponentConfiguration: + ingressController: + enabled: true + service: + type: NodePort From 8714ca45e0534296c1cc3e730283320973b3962f Mon Sep 17 00:00:00 2001 From: Samuel Attwood Date: Tue, 11 Jan 2022 00:33:21 -0500 Subject: [PATCH 3/3] Adding index.yaml --- index.yaml | 22 ++++++++++++++++++++++ 1 file changed, 22 insertions(+) diff --git a/index.yaml b/index.yaml index 7cd9f94d9..fa64589ae 100755 --- a/index.yaml +++ b/index.yaml @@ -1832,6 +1832,28 @@ entries: - assets/instana-agent/instana-agent-1.0.2900.tgz version: 1.0.2900 k8s-triliovault-operator: + - annotations: + catalog.cattle.io/certified: partner + catalog.cattle.io/display-name: TrilioVault for Kubernetes Operator + catalog.cattle.io/release-name: k8s-triliovault-operator + apiVersion: v1 + appVersion: 2.6.5 + created: "2022-01-10T12:32:26.501820339Z" + description: K8s-TrilioVault-Operator is an operator designed to manage the K8s-TrilioVault + Application Lifecycle. + digest: 4049bd872424bb4d4d7c63455db4aaa8ed02d44ecf47f5c88acf2959739db4f0 + home: https://github.com/trilioData/k8s-triliovault-operator + icon: https://www.trilio.io/wp-content/uploads/2021/01/Trilio-2020-logo-RGB-gray-green.png + kubeVersion: '>=1.18.0-0' + maintainers: + - email: prafull.ladha@trilio.io + name: prafull11 + name: k8s-triliovault-operator + sources: + - https://github.com/trilioData/k8s-triliovault-operator + urls: + - assets/k8s-triliovault-operator/k8s-triliovault-operator-2.6.500.tgz + version: 2.6.500 - annotations: catalog.cattle.io/certified: partner catalog.cattle.io/display-name: TrilioVault for Kubernetes Operator