andata
/
rancher-partner-charts
mirror of https://git.rancher.io/partner-charts
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Charts CI 

```
Added:
  amd/amd-gpu:
    - 0.9.0

Updated:
  bitnami/redis:
    - 18.0.1
  crate/crate-operator:
    - 2.30.3
  crowdstrike/falcon-sensor:
    - 1.20.3
  instana/instana-agent:
    - 1.2.62
  koor-tech/koor-operator:
    - 0.3.5
  redpanda/redpanda:
    - 5.1.7
```
pull/869/head
github-actions[bot] 2023-08-29 12:39:51 +00:00
parent 2dcccd292a
commit d2e690d085
67 changed files with 2839 additions and 40 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

BIN
assets/amd/amd-gpu-0.9.0.tgz Normal file
View File

Binary file not shown.

BIN
assets/bitnami/redis-18.0.1.tgz Normal file
View File

Binary file not shown.

BIN
assets/crate/crate-operator-2.30.3.tgz Normal file
View File

Binary file not shown.

BIN
assets/crowdstrike/falcon-sensor-1.20.3.tgz Normal file
View File

Binary file not shown.

BIN
assets/instana/instana-agent-1.2.62.tgz Normal file
View File

Binary file not shown.

BIN
assets/koor-tech/koor-operator-0.3.5.tgz Normal file
View File

Binary file not shown.

BIN
assets/redpanda/redpanda-5.1.7.tgz Normal file
View File

Binary file not shown.

23
charts/amd/amd-gpu/.helmignore Normal file
View File

@ -0,0 +1,23 @@
# Patterns to ignore when building packages.
# This supports shell glob matching, relative path matching, and
# negation (prefixed with !). Only one pattern per line.
.DS_Store
# Common VCS dirs
.git/
.gitignore
.bzr/
.bzrignore
.hg/
.hgignore
.svn/
# Common backup files
*.swp
*.bak
*.tmp
*.orig
*~
# Various IDEs
.project
.idea/
*.tmproj
.vscode/

6
charts/amd/amd-gpu/Chart.lock Normal file
View File

@ -0,0 +1,6 @@
dependencies:
- name: node-feature-discovery
repository: https://kubernetes-sigs.github.io/node-feature-discovery/charts
version: 0.13.3
digest: sha256:a4f46d22c9ecd5b82cc2ed17da0c34b0e4936f6365bb61b474ec2780e9af3636
generated: "2023-08-23T02:41:44.856348249Z"

28
charts/amd/amd-gpu/Chart.yaml Normal file
View File

@ -0,0 +1,28 @@
annotations:
catalog.cattle.io/certified: partner
catalog.cattle.io/display-name: AMD GPU Device Plugin
catalog.cattle.io/kube-version: '>= 1.18.0-0'
catalog.cattle.io/release-name: amd-gpu
apiVersion: v2
appVersion: 1.25.2.4
dependencies:
- condition: nfd.enabled
name: node-feature-discovery
repository: file://./charts/node-feature-discovery
version: '>= 0.8.1-0'
description: A Helm chart for deploying Kubernetes AMD GPU device plugin
home: https://github.com/RadeonOpenCompute/k8s-device-plugin
icon: https://raw.githubusercontent.com/RadeonOpenCompute/k8s-device-plugin/master/helm/logo.png
keywords:
- kubernetes
- cluster
- hardware
- gpu
kubeVersion: '>= 1.18.0-0'
maintainers:
- name: Kenny Ho <Kenny.Ho@amd.com>
name: amd-gpu
sources:
- https://github.com/RadeonOpenCompute/k8s-device-plugin
type: application
version: 0.9.0

40
charts/amd/amd-gpu/README.md Normal file
View File

@ -0,0 +1,40 @@
# AMD GPU Helm Chart
![Version: 0.9.0](https://img.shields.io/badge/Version-0.9.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 1.25.2.4](https://img.shields.io/badge/AppVersion-1.25.2.4-informational?style=flat-square)
A Helm chart for deploying Kubernetes AMD GPU device plugin
## Requirements
Kubernetes: `>= 1.18.0`
## Optional Dependencies
| Repository | Name | Version |
|------------|------|---------|
| https://kubernetes-sigs.github.io/node-feature-discovery/charts | node-feature-discovery | 0.8.1 |
## Values
| Key | Type | Default | Description |
|-----|------|---------|-------------|
| dp.image.repository | string | `"docker.io/rocm/k8s-device-plugin"` | |
| dp.image.tag | string | `""` | |
| imagePullSecrets | list | `[]` | |
| labeller.enabled | bool | `false` | |
| lbl.image.repository | string | `"docker.io/rocm/k8s-device-plugin"` | |
| lbl.image.tag | string | `"labeller-latest"` | |
| namespace | string | `"kube-system"` | |
| nfd.enabled | bool | `false` | |
| node_selector."feature.node.kubernetes.io/pci-0300_1002.present" | string | `"true"` | |
| securityContext.allowPrivilegeEscalation | bool | `false` | |
| securityContext.capabilities.drop[0] | string | `"ALL"` | |
| tolerations[0].key | string | `"CriticalAddonsOnly"` | |
| tolerations[0].operator | string | `"Exists"` | |
## More information
https://github.com/RadeonOpenCompute/k8s-device-plugin
----------------------------------------------
Autogenerated from chart metadata using [helm-docs v1.5.0](https://github.com/norwoodj/helm-docs/releases/v1.5.0)

17
charts/amd/amd-gpu/app-readme.md Normal file
View File

@ -0,0 +1,17 @@
# AMD GPU Helm Chart
[Kubernetes][k8s] [device plugin][dp] implementation that enables the registration of AMD GPU in a container cluster for compute workload.
More information about [RadeonOpenCompute (ROCm)][rocm]
## Prerequisites
* [ROCm capable machines][sysreq]
* [ROCm kernel][rock] ([Installation guide][rocminstall]) or latest AMD GPU Linux driver ([Installation guide][amdgpuinstall])
[dp]: https://kubernetes.io/docs/concepts/cluster-administration/device-plugins/
[k8s]: https://kubernetes.io
[rocm]: https://docs.amd.com/en/latest/rocm.html
[rock]: https://github.com/RadeonOpenCompute/ROCK-Kernel-Driver
[rocminstall]: https://docs.amd.com/en/latest/deploy/linux/quick_start.html
[amdgpuinstall]: https://amdgpu-install.readthedocs.io/en/latest/
[sysreq]: https://docs.amd.com/en/latest/release/gpu_os_support.html

23
charts/amd/amd-gpu/charts/node-feature-discovery/.helmignore Normal file
View File

@ -0,0 +1,23 @@
# Patterns to ignore when building packages.
# This supports shell glob matching, relative path matching, and
# negation (prefixed with !). Only one pattern per line.
.DS_Store
# Common VCS dirs
.git/
.gitignore
.bzr/
.bzrignore
.hg/
.hgignore
.svn/
# Common backup files
*.swp
*.bak
*.tmp
*.orig
*~
# Various IDEs
.project
.idea/
*.tmproj
.vscode/

14
charts/amd/amd-gpu/charts/node-feature-discovery/Chart.yaml Normal file
View File

@ -0,0 +1,14 @@
apiVersion: v2
appVersion: v0.13.3
description: 'Detects hardware features available on each node in a Kubernetes cluster,
and advertises those features using node labels. '
home: https://github.com/kubernetes-sigs/node-feature-discovery
keywords:
- feature-discovery
- feature-detection
- node-labels
name: node-feature-discovery
sources:
- https://github.com/kubernetes-sigs/node-feature-discovery
type: application
version: 0.13.3

10
charts/amd/amd-gpu/charts/node-feature-discovery/README.md Normal file
View File

@ -0,0 +1,10 @@
# Node Feature Discovery
Node Feature Discovery (NFD) is a Kubernetes add-on for detecting hardware
features and system configuration. Detected features are advertised as node
labels. NFD provides flexible configuration and extension points for a wide
range of vendor and application specific node labeling needs.
See
[NFD documentation](https://kubernetes-sigs.github.io/node-feature-discovery/v0.13/deployment/helm.html)
for deployment instructions.

363
charts/amd/amd-gpu/charts/node-feature-discovery/crds/nfd-api-crds.yaml Normal file
View File

@ -0,0 +1,363 @@
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.9.2
creationTimestamp: null
name: nodefeatures.nfd.k8s-sigs.io
spec:
group: nfd.k8s-sigs.io
names:
kind: NodeFeature
listKind: NodeFeatureList
plural: nodefeatures
singular: nodefeature
scope: Namespaced
versions:
- name: v1alpha1
schema:
openAPIV3Schema:
description: NodeFeature resource holds the features discovered for one node
in the cluster.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: NodeFeatureSpec describes a NodeFeature object.
properties:
features:
description: Features is the full "raw" features data that has been
discovered.
properties:
attributes:
additionalProperties:
description: AttributeFeatureSet is a set of features having
string value.
properties:
elements:
additionalProperties:
type: string
type: object
required:
- elements
type: object
description: Attributes contains all the attribute-type features
of the node.
type: object
flags:
additionalProperties:
description: FlagFeatureSet is a set of simple features only
containing names without values.
properties:
elements:
additionalProperties:
description: Nil is a dummy empty struct for protobuf
compatibility
type: object
type: object
required:
- elements
type: object
description: Flags contains all the flag-type features of the
node.
type: object
instances:
additionalProperties:
description: InstanceFeatureSet is a set of features each of
which is an instance having multiple attributes.
properties:
elements:
items:
description: InstanceFeature represents one instance of
a complex features, e.g. a device.
properties:
attributes:
additionalProperties:
type: string
type: object
required:
- attributes
type: object
type: array
required:
- elements
type: object
description: Instances contains all the instance-type features
of the node.
type: object
type: object
labels:
additionalProperties:
type: string
description: Labels is the set of node labels that are requested to
be created.
type: object
type: object
required:
- spec
type: object
served: true
storage: true
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.9.2
creationTimestamp: null
name: nodefeaturerules.nfd.k8s-sigs.io
spec:
group: nfd.k8s-sigs.io
names:
kind: NodeFeatureRule
listKind: NodeFeatureRuleList
plural: nodefeaturerules
shortNames:
- nfr
singular: nodefeaturerule
scope: Cluster
versions:
- name: v1alpha1
schema:
openAPIV3Schema:
description: NodeFeatureRule resource specifies a configuration for feature-based
customization of node objects, such as node labeling.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: NodeFeatureRuleSpec describes a NodeFeatureRule.
properties:
rules:
description: Rules is a list of node customization rules.
items:
description: Rule defines a rule for node customization such as
labeling.
properties:
extendedResources:
additionalProperties:
type: string
description: ExtendedResources to create if the rule matches.
type: object
labels:
additionalProperties:
type: string
description: Labels to create if the rule matches.
type: object
labelsTemplate:
description: LabelsTemplate specifies a template to expand for
dynamically generating multiple labels. Data (after template
expansion) must be keys with an optional value (<key>[=<value>])
separated by newlines.
type: string
matchAny:
description: MatchAny specifies a list of matchers one of which
must match.
items:
description: MatchAnyElem specifies one sub-matcher of MatchAny.
properties:
matchFeatures:
description: MatchFeatures specifies a set of matcher
terms all of which must match.
items:
description: FeatureMatcherTerm defines requirements
against one feature set. All requirements (specified
as MatchExpressions) are evaluated against each element
in the feature set.
properties:
feature:
type: string
matchExpressions:
additionalProperties:
description: "MatchExpression specifies an expression
to evaluate against a set of input values. It
contains an operator that is applied when matching
the input and an array of values that the operator
evaluates the input against. \n NB: CreateMatchExpression
or MustCreateMatchExpression() should be used
for creating new instances. \n NB: Validate()
must be called if Op or Value fields are modified
or if a new instance is created from scratch
without using the helper functions."
properties:
op:
description: Op is the operator to be applied.
enum:
- In
- NotIn
- InRegexp
- Exists
- DoesNotExist
- Gt
- Lt
- GtLt
- IsTrue
- IsFalse
type: string
value:
description: Value is the list of values that
the operand evaluates the input against.
Value should be empty if the operator is
Exists, DoesNotExist, IsTrue or IsFalse.
Value should contain exactly one element
if the operator is Gt or Lt and exactly
two elements if the operator is GtLt. In
other cases Value should contain at least
one element.
items:
type: string
type: array
required:
- op
type: object
description: MatchExpressionSet contains a set of
MatchExpressions, each of which is evaluated against
a set of input values.
type: object
required:
- feature
- matchExpressions
type: object
type: array
required:
- matchFeatures
type: object
type: array
matchFeatures:
description: MatchFeatures specifies a set of matcher terms
all of which must match.
items:
description: FeatureMatcherTerm defines requirements against
one feature set. All requirements (specified as MatchExpressions)
are evaluated against each element in the feature set.
properties:
feature:
type: string
matchExpressions:
additionalProperties:
description: "MatchExpression specifies an expression
to evaluate against a set of input values. It contains
an operator that is applied when matching the input
and an array of values that the operator evaluates
the input against. \n NB: CreateMatchExpression or
MustCreateMatchExpression() should be used for creating
new instances. \n NB: Validate() must be called if
Op or Value fields are modified or if a new instance
is created from scratch without using the helper functions."
properties:
op:
description: Op is the operator to be applied.
enum:
- In
- NotIn
- InRegexp
- Exists
- DoesNotExist
- Gt
- Lt
- GtLt
- IsTrue
- IsFalse
type: string
value:
description: Value is the list of values that the
operand evaluates the input against. Value should
be empty if the operator is Exists, DoesNotExist,
IsTrue or IsFalse. Value should contain exactly
one element if the operator is Gt or Lt and exactly
two elements if the operator is GtLt. In other
cases Value should contain at least one element.
items:
type: string
type: array
required:
- op
type: object
description: MatchExpressionSet contains a set of MatchExpressions,
each of which is evaluated against a set of input values.
type: object
required:
- feature
- matchExpressions
type: object
type: array
name:
description: Name of the rule.
type: string
taints:
description: Taints to create if the rule matches.
items:
description: The node this Taint is attached to has the "effect"
on any pod that does not tolerate the Taint.
properties:
effect:
description: Required. The effect of the taint on pods
that do not tolerate the taint. Valid effects are NoSchedule,
PreferNoSchedule and NoExecute.
type: string
key:
description: Required. The taint key to be applied to
a node.
type: string
timeAdded:
description: TimeAdded represents the time at which the
taint was added. It is only written for NoExecute taints.
format: date-time
type: string
value:
description: The taint value corresponding to the taint
key.
type: string
required:
- effect
- key
type: object
type: array
vars:
additionalProperties:
type: string
description: Vars is the variables to store if the rule matches.
Variables do not directly inflict any changes in the node
object. However, they can be referenced from other rules enabling
more complex rule hierarchies, without exposing intermediary
output values as labels.
type: object
varsTemplate:
description: VarsTemplate specifies a template to expand for
dynamically generating multiple variables. Data (after template
expansion) must be keys with an optional value (<key>[=<value>])
separated by newlines.
type: string
required:
- name
type: object
type: array
required:
- rules
type: object
required:
- spec
type: object
served: true
storage: true

107
charts/amd/amd-gpu/charts/node-feature-discovery/templates/_helpers.tpl Normal file
View File

@ -0,0 +1,107 @@
{{/* vim: set filetype=mustache: */}}
{{/*
Expand the name of the chart.
*/}}
{{- define "node-feature-discovery.name" -}}
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{/*
Create a default fully qualified app name.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
If release name contains chart name it will be used as a full name.
*/}}
{{- define "node-feature-discovery.fullname" -}}
{{- if .Values.fullnameOverride -}}
{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
{{- else -}}
{{- $name := default .Chart.Name .Values.nameOverride -}}
{{- if contains $name .Release.Name -}}
{{- .Release.Name | trunc 63 | trimSuffix "-" -}}
{{- else -}}
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{- end -}}
{{- end -}}
{{/*
Allow the release namespace to be overridden for multi-namespace deployments in combined charts
*/}}
{{- define "node-feature-discovery.namespace" -}}
{{- if .Values.namespaceOverride -}}
{{- .Values.namespaceOverride -}}
{{- else -}}
{{- .Release.Namespace -}}
{{- end -}}
{{- end -}}
{{/*
Create chart name and version as used by the chart label.
*/}}
{{- define "node-feature-discovery.chart" -}}
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{/*
Common labels
*/}}
{{- define "node-feature-discovery.labels" -}}
helm.sh/chart: {{ include "node-feature-discovery.chart" . }}
{{ include "node-feature-discovery.selectorLabels" . }}
{{- if .Chart.AppVersion }}
app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
{{- end }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
{{- end -}}
{{/*
Selector labels
*/}}
{{- define "node-feature-discovery.selectorLabels" -}}
app.kubernetes.io/name: {{ include "node-feature-discovery.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
{{- end -}}
{{/*
Create the name of the service account which the nfd master will use
*/}}
{{- define "node-feature-discovery.master.serviceAccountName" -}}
{{- if .Values.master.serviceAccount.create -}}
{{ default (include "node-feature-discovery.fullname" .) .Values.master.serviceAccount.name }}
{{- else -}}
{{ default "default" .Values.master.serviceAccount.name }}
{{- end -}}
{{- end -}}
{{/*
Create the name of the service account which the nfd worker will use
*/}}
{{- define "node-feature-discovery.worker.serviceAccountName" -}}
{{- if .Values.worker.serviceAccount.create -}}
{{ default (printf "%s-worker" (include "node-feature-discovery.fullname" .)) .Values.worker.serviceAccount.name }}
{{- else -}}
{{ default "default" .Values.worker.serviceAccount.name }}
{{- end -}}
{{- end -}}
{{/*
Create the name of the service account which topologyUpdater will use
*/}}
{{- define "node-feature-discovery.topologyUpdater.serviceAccountName" -}}
{{- if .Values.topologyUpdater.serviceAccount.create -}}
{{ default (printf "%s-topology-updater" (include "node-feature-discovery.fullname" .)) .Values.topologyUpdater.serviceAccount.name }}
{{- else -}}
{{ default "default" .Values.topologyUpdater.serviceAccount.name }}
{{- end -}}
{{- end -}}
{{/*
Create the name of the service account which topologyGC will use
*/}}
{{- define "node-feature-discovery.topologyGC.serviceAccountName" -}}
{{- if .Values.topologyGC.serviceAccount.create -}}
{{ default (printf "%s-topology-gc" (include "node-feature-discovery.fullname" .)) .Values.topologyGC.serviceAccount.name }}
{{- else -}}
{{ default "default" .Values.topologyGC.serviceAccount.name }}
{{- end -}}
{{- end -}}

67
charts/amd/amd-gpu/charts/node-feature-discovery/templates/cert-manager-certs.yaml Normal file
View File

@ -0,0 +1,67 @@
{{- if .Values.tls.certManager }}
---
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
name: nfd-master-cert
namespace: {{ include "node-feature-discovery.namespace" . }}
spec:
secretName: nfd-master-cert
subject:
organizations:
- node-feature-discovery
commonName: nfd-master
dnsNames:
# must match the service name
- {{ include "node-feature-discovery.fullname" . }}-master
# first one is configured for use by the worker; below are for completeness
- {{ include "node-feature-discovery.fullname" . }}-master.{{ include "node-feature-discovery.namespace" . }}.svc
- {{ include "node-feature-discovery.fullname" . }}-master.{{ include "node-feature-discovery.namespace" . }}.svc.cluster.local
# localhost needed for grpc_health_probe
- localhost
issuerRef:
name: nfd-ca-issuer
kind: Issuer
group: cert-manager.io
---
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
name: nfd-worker-cert
namespace: {{ include "node-feature-discovery.namespace" . }}
spec:
secretName: nfd-worker-cert
subject:
organizations:
- node-feature-discovery
commonName: nfd-worker
dnsNames:
- {{ include "node-feature-discovery.fullname" . }}-worker.{{ include "node-feature-discovery.namespace" . }}.svc.cluster.local
issuerRef:
name: nfd-ca-issuer
kind: Issuer
group: cert-manager.io
{{- if .Values.topologyUpdater.enable }}
---
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
name: nfd-topology-updater-cert
namespace: {{ include "node-feature-discovery.namespace" . }}
spec:
secretName: nfd-topology-updater-cert
subject:
organizations:
- node-feature-discovery
commonName: nfd-topology-updater
dnsNames:
- {{ include "node-feature-discovery.fullname" . }}-topology-updater.{{ include "node-feature-discovery.namespace" . }}.svc.cluster.local
issuerRef:
name: nfd-ca-issuer
kind: Issuer
group: cert-manager.io
{{- end }}
{{- end }}

42
charts/amd/amd-gpu/charts/node-feature-discovery/templates/cert-manager-issuer.yaml Normal file
View File

@ -0,0 +1,42 @@
{{- if .Values.tls.certManager }}
# See https://cert-manager.io/docs/configuration/selfsigned/#bootstrapping-ca-issuers
# - Create a self signed issuer
# - Use this to create a CA cert
# - Use this to now create a CA issuer
---
apiVersion: cert-manager.io/v1
kind: Issuer
metadata:
name: nfd-ca-bootstrap
namespace: {{ include "node-feature-discovery.namespace" . }}
spec:
selfSigned: {}
---
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
name: nfd-ca-cert
namespace: {{ include "node-feature-discovery.namespace" . }}
spec:
isCA: true
secretName: nfd-ca-cert
subject:
organizations:
- node-feature-discovery
commonName: nfd-ca-cert
issuerRef:
name: nfd-ca-bootstrap
kind: Issuer
group: cert-manager.io
---
apiVersion: cert-manager.io/v1
kind: Issuer
metadata:
name: nfd-ca-issuer
namespace: {{ include "node-feature-discovery.namespace" . }}
spec:
ca:
secretName: nfd-ca-cert
{{- end }}

97
charts/amd/amd-gpu/charts/node-feature-discovery/templates/clusterrole.yaml Normal file
View File

@ -0,0 +1,97 @@
{{- if .Values.master.rbac.create }}
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: {{ include "node-feature-discovery.fullname" . }}
labels:
{{- include "node-feature-discovery.labels" . | nindent 4 }}
rules:
- apiGroups:
- ""
resources:
- nodes
- nodes/status
verbs:
- get
- patch
- update
- list
- apiGroups:
- nfd.k8s-sigs.io
resources:
- nodefeatures
- nodefeaturerules
verbs:
- get
- list
- watch
{{- end }}
---
{{- if and .Values.topologyUpdater.enable .Values.topologyUpdater.rbac.create }}
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: {{ include "node-feature-discovery.fullname" . }}-topology-updater
labels:
{{- include "node-feature-discovery.labels" . | nindent 4 }}
rules:
- apiGroups:
- ""
resources:
- nodes
verbs:
- get
- list
- apiGroups:
- ""
resources:
- nodes/proxy
verbs:
- get
- apiGroups:
- ""
resources:
- pods
verbs:
- get
- apiGroups:
- topology.node.k8s.io
resources:
- noderesourcetopologies
verbs:
- create
- get
- update
{{- end }}
---
{{- if and .Values.topologyGC.enable .Values.topologyGC.rbac.create .Values.topologyUpdater.enable }}
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: {{ include "node-feature-discovery.fullname" . }}-topology-gc
labels:
{{- include "node-feature-discovery.labels" . | nindent 4 }}
rules:
- apiGroups:
- ""
resources:
- nodes
verbs:
- list
- watch
- apiGroups:
- ""
resources:
- nodes/proxy
verbs:
- get
- apiGroups:
- topology.node.k8s.io
resources:
- noderesourcetopologies
verbs:
- delete
- list
{{- end }}

52
charts/amd/amd-gpu/charts/node-feature-discovery/templates/clusterrolebinding.yaml Normal file
View File

@ -0,0 +1,52 @@
{{- if .Values.master.rbac.create }}
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: {{ include "node-feature-discovery.fullname" . }}
labels:
{{- include "node-feature-discovery.labels" . | nindent 4 }}
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: {{ include "node-feature-discovery.fullname" . }}
subjects:
- kind: ServiceAccount
name: {{ include "node-feature-discovery.master.serviceAccountName" . }}
namespace: {{ include "node-feature-discovery.namespace" . }}
{{- end }}
---
{{- if and .Values.topologyUpdater.enable .Values.topologyUpdater.rbac.create }}
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: {{ include "node-feature-discovery.fullname" . }}-topology-updater
labels:
{{- include "node-feature-discovery.labels" . | nindent 4 }}
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: {{ include "node-feature-discovery.fullname" . }}-topology-updater
subjects:
- kind: ServiceAccount
name: {{ include "node-feature-discovery.topologyUpdater.serviceAccountName" . }}
namespace: {{ include "node-feature-discovery.namespace" . }}
{{- end }}
---
{{- if and .Values.topologyGC.enable .Values.topologyGC.rbac.create .Values.topologyUpdater.enable }}
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: {{ include "node-feature-discovery.fullname" . }}-topology-gc
labels:
{{- include "node-feature-discovery.labels" . | nindent 4 }}
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: {{ include "node-feature-discovery.fullname" . }}-topology-gc
subjects:
- kind: ServiceAccount
name: {{ .Values.topologyGC.serviceAccount.name | default "nfd-topology-gc" }}
namespace: {{ include "node-feature-discovery.namespace" . }}
{{- end }}

145
charts/amd/amd-gpu/charts/node-feature-discovery/templates/master.yaml Normal file
View File

@ -0,0 +1,145 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ include "node-feature-discovery.fullname" . }}-master
namespace: {{ include "node-feature-discovery.namespace" . }}
labels:
{{- include "node-feature-discovery.labels" . | nindent 4 }}
role: master
annotations:
{{- toYaml .Values.master.deploymentAnnotations | nindent 4 }}
spec:
replicas: {{ .Values.master.replicaCount }}
selector:
matchLabels:
{{- include "node-feature-discovery.selectorLabels" . | nindent 6 }}
role: master
template:
metadata:
labels:
{{- include "node-feature-discovery.selectorLabels" . | nindent 8 }}
role: master
annotations:
{{- toYaml .Values.master.annotations | nindent 8 }}
spec:
{{- with .Values.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 8 }}
{{- end }}
serviceAccountName: {{ include "node-feature-discovery.master.serviceAccountName" . }}
enableServiceLinks: false
securityContext:
{{- toYaml .Values.master.podSecurityContext | nindent 8 }}
containers:
- name: master
securityContext:
{{- toYaml .Values.master.securityContext | nindent 12 }}
image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
imagePullPolicy: {{ .Values.image.pullPolicy }}
livenessProbe:
exec:
command:
- "/usr/bin/grpc_health_probe"
- "-addr=:{{ .Values.master.port | default "8080" }}"
{{- if .Values.tls.enable }}
- "-tls"
- "-tls-ca-cert=/etc/kubernetes/node-feature-discovery/certs/ca.crt"
- "-tls-client-key=/etc/kubernetes/node-feature-discovery/certs/tls.key"
- "-tls-client-cert=/etc/kubernetes/node-feature-discovery/certs/tls.crt"
{{- end }}
initialDelaySeconds: 10
periodSeconds: 10
readinessProbe:
exec:
command:
- "/usr/bin/grpc_health_probe"
- "-addr=:{{ .Values.master.port | default "8080" }}"
{{- if .Values.tls.enable }}
- "-tls"
- "-tls-ca-cert=/etc/kubernetes/node-feature-discovery/certs/ca.crt"
- "-tls-client-key=/etc/kubernetes/node-feature-discovery/certs/tls.key"
- "-tls-client-cert=/etc/kubernetes/node-feature-discovery/certs/tls.crt"
{{- end }}
initialDelaySeconds: 5
periodSeconds: 10
failureThreshold: 10
ports:
- containerPort: {{ .Values.master.port | default "8080" }}
name: grpc
env:
- name: NODE_NAME
valueFrom:
fieldRef:
fieldPath: spec.nodeName
command:
- "nfd-master"
resources:
{{- toYaml .Values.master.resources | nindent 12 }}
args:
{{- if .Values.master.instance | empty | not }}
- "-instance={{ .Values.master.instance }}"
{{- end }}
- "-port={{ .Values.master.port | default "8080" }}"
{{- if .Values.enableNodeFeatureApi }}
- "-enable-nodefeature-api"
{{- end }}
{{- if .Values.master.extraLabelNs | empty | not }}
- "-extra-label-ns={{- join "," .Values.master.extraLabelNs }}"
{{- end }}
{{- if .Values.master.denyLabelNs | empty | not }}
- "-deny-label-ns={{- join "," .Values.master.denyLabelNs }}"
{{- end }}
{{- if .Values.master.resourceLabels | empty | not }}
- "-resource-labels={{- join "," .Values.master.resourceLabels }}"
{{- end }}
{{- if .Values.master.enableTaints }}
- "-enable-taints"
{{- end }}
{{- if .Values.master.crdController | kindIs "invalid" | not }}
- "-crd-controller={{ .Values.master.crdController }}"
{{- else }}
## By default, disable crd controller for other than the default instances
- "-featurerules-controller={{ .Values.master.instance | empty }}"
{{- end }}
{{- if .Values.master.featureRulesController | kindIs "invalid" | not }}
- "-featurerules-controller={{ .Values.master.featureRulesController }}"
{{- end }}
{{- if .Values.tls.enable }}
- "-ca-file=/etc/kubernetes/node-feature-discovery/certs/ca.crt"
- "-key-file=/etc/kubernetes/node-feature-discovery/certs/tls.key"
- "-cert-file=/etc/kubernetes/node-feature-discovery/certs/tls.crt"
{{- end }}
volumeMounts:
{{- if .Values.tls.enable }}
- name: nfd-master-cert
mountPath: "/etc/kubernetes/node-feature-discovery/certs"
readOnly: true
{{- end }}
- name: nfd-master-conf
mountPath: "/etc/kubernetes/node-feature-discovery"
readOnly: true
volumes:
{{- if .Values.tls.enable }}
- name: nfd-master-cert
secret:
secretName: nfd-master-cert
{{- end }}
- name: nfd-master-conf
configMap:
name: {{ include "node-feature-discovery.fullname" . }}-master-conf
items:
- key: nfd-master.conf
path: nfd-master.conf
{{- with .Values.master.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.master.affinity }}
affinity:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.master.tolerations }}
tolerations:
{{- toYaml . | nindent 8 }}
{{- end }}

10
charts/amd/amd-gpu/charts/node-feature-discovery/templates/nfd-master-conf.yaml Normal file
View File

@ -0,0 +1,10 @@
apiVersion: v1
kind: ConfigMap
metadata:
name: {{ include "node-feature-discovery.fullname" . }}-master-conf
namespace: {{ include "node-feature-discovery.namespace" . }}
labels:
{{- include "node-feature-discovery.labels" . | nindent 4 }}
data:
nfd-master.conf: |-
{{- .Values.master.config | toYaml | nindent 4 }}

10
charts/amd/amd-gpu/charts/node-feature-discovery/templates/nfd-topologyupdater-conf.yaml Normal file
View File

@ -0,0 +1,10 @@
apiVersion: v1
kind: ConfigMap
metadata:
name: {{ include "node-feature-discovery.fullname" . }}-topology-updater-conf
namespace: {{ include "node-feature-discovery.namespace" . }}
labels:
{{- include "node-feature-discovery.labels" . | nindent 4 }}
data:
nfd-topology-updater.conf: |-
{{- .Values.topologyUpdater.config | toYaml | nindent 4 }}

10
charts/amd/amd-gpu/charts/node-feature-discovery/templates/nfd-worker-conf.yaml Normal file
View File

@ -0,0 +1,10 @@
apiVersion: v1
kind: ConfigMap
metadata:
name: {{ include "node-feature-discovery.fullname" . }}-worker-conf
namespace: {{ include "node-feature-discovery.namespace" . }}
labels:
{{- include "node-feature-discovery.labels" . | nindent 4 }}
data:
nfd-worker.conf: |-
{{- .Values.worker.config | toYaml | nindent 4 }}

18
charts/amd/amd-gpu/charts/node-feature-discovery/templates/role.yaml Normal file
View File

@ -0,0 +1,18 @@
{{- if .Values.worker.rbac.create }}
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
name: {{ include "node-feature-discovery.fullname" . }}-worker
labels:
{{- include "node-feature-discovery.labels" . | nindent 4 }}
rules:
- apiGroups:
- nfd.k8s-sigs.io
resources:
- nodefeatures
verbs:
- create
- get
- update
{{- end }}

17
charts/amd/amd-gpu/charts/node-feature-discovery/templates/rolebinding.yaml Normal file
View File

@ -0,0 +1,17 @@
{{- if .Values.worker.rbac.create }}
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
name: {{ include "node-feature-discovery.fullname" . }}-worker
labels:
{{- include "node-feature-discovery.labels" . | nindent 4 }}
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: {{ include "node-feature-discovery.fullname" . }}-worker
subjects:
- kind: ServiceAccount
name: {{ include "node-feature-discovery.worker.serviceAccountName" . }}
namespace: {{ include "node-feature-discovery.namespace" . }}
{{- end }}

18
charts/amd/amd-gpu/charts/node-feature-discovery/templates/service.yaml Normal file
View File

@ -0,0 +1,18 @@
apiVersion: v1
kind: Service
metadata:
name: {{ include "node-feature-discovery.fullname" . }}-master
namespace: {{ include "node-feature-discovery.namespace" . }}
labels:
{{- include "node-feature-discovery.labels" . | nindent 4 }}
role: master
spec:
type: {{ .Values.master.service.type }}
ports:
- port: {{ .Values.master.service.port | default "8080" }}
targetPort: grpc
protocol: TCP
name: grpc
selector:
{{- include "node-feature-discovery.selectorLabels" . | nindent 4 }}
role: master

58
charts/amd/amd-gpu/charts/node-feature-discovery/templates/serviceaccount.yaml Normal file
View File

@ -0,0 +1,58 @@
{{- if .Values.master.serviceAccount.create -}}
apiVersion: v1
kind: ServiceAccount
metadata:
name: {{ include "node-feature-discovery.master.serviceAccountName" . }}
namespace: {{ include "node-feature-discovery.namespace" . }}
labels:
{{- include "node-feature-discovery.labels" . | nindent 4 }}
{{- with .Values.master.serviceAccount.annotations }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
{{- end }}
---
{{- if and .Values.topologyUpdater.enable .Values.topologyUpdater.serviceAccount.create }}
apiVersion: v1
kind: ServiceAccount
metadata:
name: {{ include "node-feature-discovery.topologyUpdater.serviceAccountName" . }}
namespace: {{ include "node-feature-discovery.namespace" . }}
labels:
{{- include "node-feature-discovery.labels" . | nindent 4 }}
{{- with .Values.topologyUpdater.serviceAccount.annotations }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
{{- end }}
---
{{- if and .Values.topologyGC.enable .Values.topologyGC.serviceAccount.create .Values.topologyUpdater.enable }}
apiVersion: v1
kind: ServiceAccount
metadata:
name: {{ .Values.topologyGC.serviceAccount.name | default "nfd-topology-gc" }}
namespace: {{ include "node-feature-discovery.namespace" . }}
labels:
{{- include "node-feature-discovery.labels" . | nindent 4 }}
{{- with .Values.topologyUpdater.serviceAccount.annotations }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
{{- end }}
---
{{- if .Values.worker.serviceAccount.create }}
apiVersion: v1
kind: ServiceAccount
metadata:
name: {{ include "node-feature-discovery.worker.serviceAccountName" . }}
namespace: {{ include "node-feature-discovery.namespace" . }}
labels:
{{- include "node-feature-discovery.labels" . | nindent 4 }}
{{- with .Values.worker.serviceAccount.annotations }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
{{- end }}

64
charts/amd/amd-gpu/charts/node-feature-discovery/templates/topology-gc.yaml Normal file
View File

@ -0,0 +1,64 @@
{{- if and .Values.topologyGC.enable .Values.topologyUpdater.enable -}}
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ include "node-feature-discovery.fullname" . }}-topology-gc
namespace: {{ include "node-feature-discovery.namespace" . }}
labels:
{{- include "node-feature-discovery.labels" . | nindent 4 }}
role: topology-gc
spec:
replicas: {{ .Values.topologyGC.replicaCount | default 1 }}
selector:
matchLabels:
{{- include "node-feature-discovery.selectorLabels" . | nindent 6 }}
role: topology-gc
template:
metadata:
labels:
{{- include "node-feature-discovery.selectorLabels" . | nindent 8 }}
role: topology-gc
annotations:
{{- toYaml .Values.topologyGC.annotations | nindent 8 }}
spec:
serviceAccountName: {{ .Values.topologyGC.serviceAccountName | default "nfd-topology-gc" }}
dnsPolicy: ClusterFirstWithHostNet
{{- with .Values.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 8 }}
{{- end }}
securityContext:
{{- toYaml .Values.topologyGC.podSecurityContext | nindent 8 }}
containers:
- name: topology-gc
image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
imagePullPolicy: "{{ .Values.image.pullPolicy }}"
env:
- name: NODE_NAME
valueFrom:
fieldRef:
fieldPath: spec.nodeName
command:
- "nfd-topology-gc"
args:
{{- if .Values.topologyGC.interval | empty | not }}
- "-gc-interval={{ .Values.topologyGC.interval }}"
{{- end }}
resources:
{{- toYaml .Values.topologyGC.resources | nindent 12 }}
securityContext:
{{- toYaml .Values.topologyGC.securityContext | nindent 12 }}
{{- with .Values.topologyGC.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.topologyGC.affinity }}
affinity:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.topologyGC.tolerations }}
tolerations:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- end }}

278
charts/amd/amd-gpu/charts/node-feature-discovery/templates/topologyupdater-crds.yaml Normal file
View File

@ -0,0 +1,278 @@
{{- if and .Values.topologyUpdater.enable .Values.topologyUpdater.createCRDs -}}
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
api-approved.kubernetes.io: https://github.com/kubernetes/enhancements/pull/1870
controller-gen.kubebuilder.io/version: v0.11.2
creationTimestamp: null
name: noderesourcetopologies.topology.node.k8s.io
spec:
group: topology.node.k8s.io
names:
kind: NodeResourceTopology
listKind: NodeResourceTopologyList
plural: noderesourcetopologies
shortNames:
- node-res-topo
singular: noderesourcetopology
scope: Cluster
versions:
- name: v1alpha1
schema:
openAPIV3Schema:
description: NodeResourceTopology describes node resources and their topology.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
topologyPolicies:
items:
type: string
type: array
zones:
description: ZoneList contains an array of Zone objects.
items:
description: Zone represents a resource topology zone, e.g. socket,
node, die or core.
properties:
attributes:
description: AttributeList contains an array of AttributeInfo objects.
items:
description: AttributeInfo contains one attribute of a Zone.
properties:
name:
type: string
value:
type: string
required:
- name
- value
type: object
type: array
costs:
description: CostList contains an array of CostInfo objects.
items:
description: CostInfo describes the cost (or distance) between
two Zones.
properties:
name:
type: string
value:
format: int64
type: integer
required:
- name
- value
type: object
type: array
name:
type: string
parent:
type: string
resources:
description: ResourceInfoList contains an array of ResourceInfo
objects.
items:
description: ResourceInfo contains information about one resource
type.
properties:
allocatable:
anyOf:
- type: integer
- type: string
description: Allocatable quantity of the resource, corresponding
to allocatable in node status, i.e. total amount of this
resource available to be used by pods.
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
available:
anyOf:
- type: integer
- type: string
description: Available is the amount of this resource currently
available for new (to be scheduled) pods, i.e. Allocatable
minus the resources reserved by currently running pods.
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
capacity:
anyOf:
- type: integer
- type: string
description: Capacity of the resource, corresponding to capacity
in node status, i.e. total amount of this resource that
the node has.
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
name:
description: Name of the resource.
type: string
required:
- allocatable
- available
- capacity
- name
type: object
type: array
type:
type: string
required:
- name
- type
type: object
type: array
required:
- topologyPolicies
- zones
type: object
served: true
storage: false
- name: v1alpha2
schema:
openAPIV3Schema:
description: NodeResourceTopology describes node resources and their topology.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
attributes:
description: AttributeList contains an array of AttributeInfo objects.
items:
description: AttributeInfo contains one attribute of a Zone.
properties:
name:
type: string
value:
type: string
required:
- name
- value
type: object
type: array
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
topologyPolicies:
description: 'DEPRECATED (to be removed in v1beta1): use top level attributes
if needed'
items:
type: string
type: array
zones:
description: ZoneList contains an array of Zone objects.
items:
description: Zone represents a resource topology zone, e.g. socket,
node, die or core.
properties:
attributes:
description: AttributeList contains an array of AttributeInfo objects.
items:
description: AttributeInfo contains one attribute of a Zone.
properties:
name:
type: string
value:
type: string
required:
- name
- value
type: object
type: array
costs:
description: CostList contains an array of CostInfo objects.
items:
description: CostInfo describes the cost (or distance) between
two Zones.
properties:
name:
type: string
value:
format: int64
type: integer
required:
- name
- value
type: object
type: array
name:
type: string
parent:
type: string
resources:
description: ResourceInfoList contains an array of ResourceInfo
objects.
items:
description: ResourceInfo contains information about one resource
type.
properties:
allocatable:
anyOf:
- type: integer
- type: string
description: Allocatable quantity of the resource, corresponding
to allocatable in node status, i.e. total amount of this
resource available to be used by pods.
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
available:
anyOf:
- type: integer
- type: string
description: Available is the amount of this resource currently
available for new (to be scheduled) pods, i.e. Allocatable
minus the resources reserved by currently running pods.
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
capacity:
anyOf:
- type: integer
- type: string
description: Capacity of the resource, corresponding to capacity
in node status, i.e. total amount of this resource that
the node has.
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
name:
description: Name of the resource.
type: string
required:
- allocatable
- available
- capacity
- name
type: object
type: array
type:
type: string
required:
- name
- type
type: object
type: array
required:
- zones
type: object
served: true
storage: true
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []
{{- end }}

142
charts/amd/amd-gpu/charts/node-feature-discovery/templates/topologyupdater.yaml Normal file
View File

@ -0,0 +1,142 @@
{{- if .Values.topologyUpdater.enable -}}
apiVersion: apps/v1
kind: DaemonSet
metadata:
name: {{ include "node-feature-discovery.fullname" . }}-topology-updater
namespace: {{ include "node-feature-discovery.namespace" . }}
labels:
{{- include "node-feature-discovery.labels" . | nindent 4 }}
role: topology-updater
spec:
selector:
matchLabels:
{{- include "node-feature-discovery.selectorLabels" . | nindent 6 }}
role: topology-updater
template:
metadata:
labels:
{{- include "node-feature-discovery.selectorLabels" . | nindent 8 }}
role: topology-updater
annotations:
{{- toYaml .Values.topologyUpdater.annotations | nindent 8 }}
spec:
serviceAccountName: {{ include "node-feature-discovery.topologyUpdater.serviceAccountName" . }}
dnsPolicy: ClusterFirstWithHostNet
{{- with .Values.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 8 }}
{{- end }}
securityContext:
{{- toYaml .Values.topologyUpdater.podSecurityContext | nindent 8 }}
containers:
- name: topology-updater
image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
imagePullPolicy: "{{ .Values.image.pullPolicy }}"
env:
- name: NODE_NAME
valueFrom:
fieldRef:
fieldPath: spec.nodeName
command:
- "nfd-topology-updater"
args:
- "-podresources-socket=/host-var/lib/kubelet-podresources/kubelet.sock"
{{- if .Values.topologyUpdater.updateInterval | empty | not }}
- "-sleep-interval={{ .Values.topologyUpdater.updateInterval }}"
{{- else }}
- "-sleep-interval=3s"
{{- end }}
{{- if .Values.topologyUpdater.watchNamespace | empty | not }}
- "-watch-namespace={{ .Values.topologyUpdater.watchNamespace }}"
{{- else }}
- "-watch-namespace=*"
{{- end }}
{{- if .Values.tls.enable }}
- "-ca-file=/etc/kubernetes/node-feature-discovery/certs/ca.crt"
- "-key-file=/etc/kubernetes/node-feature-discovery/certs/tls.key"
- "-cert-file=/etc/kubernetes/node-feature-discovery/certs/tls.crt"
{{- end }}
{{- if .Values.topologyUpdater.podSetFingerprint }}
- "-pods-fingerprint"
{{- end }}
{{- if .Values.topologyUpdater.kubeletConfigPath | empty | not }}
- "-kubelet-config-uri=file:///host-var/kubelet-config"
{{- end }}
{{- if .Values.topologyUpdater.kubeletStateDir | empty }}
# Disable kubelet state tracking by giving an empty path
- "-kubelet-state-dir="
{{- end }}
volumeMounts:
{{- if .Values.topologyUpdater.kubeletConfigPath | empty | not }}
- name: kubelet-config
mountPath: /host-var/kubelet-config
{{- end }}
- name: kubelet-podresources-sock
mountPath: /host-var/lib/kubelet-podresources/kubelet.sock
- name: host-sys
mountPath: /host-sys
{{- if .Values.topologyUpdater.kubeletStateDir | empty | not }}
- name: kubelet-state-files
mountPath: /host-var/lib/kubelet
readOnly: true
{{- end }}
{{- if .Values.tls.enable }}
- name: nfd-topology-updater-cert
mountPath: "/etc/kubernetes/node-feature-discovery/certs"
readOnly: true
{{- end }}
- name: nfd-topology-updater-conf
mountPath: "/etc/kubernetes/node-feature-discovery"
readOnly: true
resources:
{{- toYaml .Values.topologyUpdater.resources | nindent 12 }}
securityContext:
{{- toYaml .Values.topologyUpdater.securityContext | nindent 12 }}
volumes:
- name: host-sys
hostPath:
path: "/sys"
{{- if .Values.topologyUpdater.kubeletConfigPath | empty | not }}
- name: kubelet-config
hostPath:
path: {{ .Values.topologyUpdater.kubeletConfigPath }}
{{- end }}
- name: kubelet-podresources-sock
hostPath:
{{- if .Values.topologyUpdater.kubeletPodResourcesSockPath | empty | not }}
path: {{ .Values.topologyUpdater.kubeletPodResourcesSockPath }}
{{- else }}
path: /var/lib/kubelet/pod-resources/kubelet.sock
{{- end }}
{{- if .Values.topologyUpdater.kubeletStateDir | empty | not }}
- name: kubelet-state-files
hostPath:
path: {{ .Values.topologyUpdater.kubeletStateDir }}
{{- end }}
- name: nfd-topology-updater-conf
configMap:
name: {{ include "node-feature-discovery.fullname" . }}-topology-updater-conf
items:
- key: nfd-topology-updater.conf
path: nfd-topology-updater.conf
{{- if .Values.tls.enable }}
- name: nfd-topology-updater-cert
secret:
secretName: nfd-topology-updater-cert
{{- end }}
{{- with .Values.topologyUpdater.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.topologyUpdater.affinity }}
affinity:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.topologyUpdater.tolerations }}
tolerations:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- end }}

144
charts/amd/amd-gpu/charts/node-feature-discovery/templates/worker.yaml Normal file
View File

@ -0,0 +1,144 @@
apiVersion: apps/v1
kind: DaemonSet
metadata:
name: {{ include "node-feature-discovery.fullname" . }}-worker
namespace: {{ include "node-feature-discovery.namespace" . }}
labels:
{{- include "node-feature-discovery.labels" . | nindent 4 }}
role: worker
annotations:
{{- toYaml .Values.worker.daemonsetAnnotations | nindent 4 }}
spec:
selector:
matchLabels:
{{- include "node-feature-discovery.selectorLabels" . | nindent 6 }}
role: worker
template:
metadata:
labels:
{{- include "node-feature-discovery.selectorLabels" . | nindent 8 }}
role: worker
annotations:
{{- toYaml .Values.worker.annotations | nindent 8 }}
spec:
dnsPolicy: ClusterFirstWithHostNet
{{- with .Values.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 8 }}
{{- end }}
serviceAccountName: {{ include "node-feature-discovery.worker.serviceAccountName" . }}
securityContext:
{{- toYaml .Values.worker.podSecurityContext | nindent 8 }}
containers:
- name: worker
securityContext:
{{- toYaml .Values.worker.securityContext | nindent 12 }}
image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
imagePullPolicy: {{ .Values.image.pullPolicy }}
env:
- name: NODE_NAME
valueFrom:
fieldRef:
fieldPath: spec.nodeName
resources:
{{- toYaml .Values.worker.resources | nindent 12 }}
command:
- "nfd-worker"
args:
- "-server={{ include "node-feature-discovery.fullname" . }}-master:{{ .Values.master.service.port }}"
{{- if .Values.enableNodeFeatureApi }}
- "-enable-nodefeature-api"
{{- end }}
{{- if .Values.tls.enable }}
- "-ca-file=/etc/kubernetes/node-feature-discovery/certs/ca.crt"
- "-key-file=/etc/kubernetes/node-feature-discovery/certs/tls.key"
- "-cert-file=/etc/kubernetes/node-feature-discovery/certs/tls.crt"
{{- end }}
volumeMounts:
- name: host-boot
mountPath: "/host-boot"
readOnly: true
- name: host-os-release
mountPath: "/host-etc/os-release"
readOnly: true
- name: host-sys
mountPath: "/host-sys"
readOnly: true
- name: host-usr-lib
mountPath: "/host-usr/lib"
readOnly: true
- name: host-lib
mountPath: "/host-lib"
readOnly: true
{{- if .Values.worker.mountUsrSrc }}
- name: host-usr-src
mountPath: "/host-usr/src"
readOnly: true
{{- end }}
- name: source-d
mountPath: "/etc/kubernetes/node-feature-discovery/source.d/"
readOnly: true
- name: features-d
mountPath: "/etc/kubernetes/node-feature-discovery/features.d/"
readOnly: true
- name: nfd-worker-conf
mountPath: "/etc/kubernetes/node-feature-discovery"
readOnly: true
{{- if .Values.tls.enable }}
- name: nfd-worker-cert
mountPath: "/etc/kubernetes/node-feature-discovery/certs"
readOnly: true
{{- end }}
volumes:
- name: host-boot
hostPath:
path: "/boot"
- name: host-os-release
hostPath:
path: "/etc/os-release"
- name: host-sys
hostPath:
path: "/sys"
- name: host-usr-lib
hostPath:
path: "/usr/lib"
- name: host-lib
hostPath:
path: "/lib"
{{- if .Values.worker.mountUsrSrc }}
- name: host-usr-src
hostPath:
path: "/usr/src"
{{- end }}
- name: source-d
hostPath:
path: "/etc/kubernetes/node-feature-discovery/source.d/"
- name: features-d
hostPath:
path: "/etc/kubernetes/node-feature-discovery/features.d/"
- name: nfd-worker-conf
configMap:
name: {{ include "node-feature-discovery.fullname" . }}-worker-conf
items:
- key: nfd-worker.conf
path: nfd-worker.conf
{{- if .Values.tls.enable }}
- name: nfd-worker-cert
secret:
secretName: nfd-worker-cert
{{- end }}
{{- with .Values.worker.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.worker.affinity }}
affinity:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.worker.tolerations }}
tolerations:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.worker.priorityClassName }}
priorityClassName: {{ . | quote }}
{{- end }}

484
charts/amd/amd-gpu/charts/node-feature-discovery/values.yaml Normal file
View File

@ -0,0 +1,484 @@
image:
repository: registry.k8s.io/nfd/node-feature-discovery
# This should be set to 'IfNotPresent' for released version
pullPolicy: IfNotPresent
# tag, if defined will use the given image tag, else Chart.AppVersion will be used
# tag
imagePullSecrets: []
nameOverride: ""
fullnameOverride: ""
namespaceOverride: ""
enableNodeFeatureApi: false
master:
config: ### <NFD-MASTER-CONF-START-DO-NOT-REMOVE>
# noPublish: false
# extraLabelNs: ["added.ns.io","added.kubernets.io"]
# denyLabelNs: ["denied.ns.io","denied.kubernetes.io"]
# resourceLabels: ["vendor-1.com/feature-1","vendor-2.io/feature-2"]
# enableTaints: false
# labelWhiteList: "foo"
### <NFD-MASTER-CONF-END-DO-NOT-REMOVE>
# The TCP port that nfd-master listens for incoming requests. Default: 8080
port: 8080
instance:
featureApi:
denyLabelNs: []
extraLabelNs: []
resourceLabels: []
enableTaints: false
crdController: null
featureRulesController: null
deploymentAnnotations: {}
replicaCount: 1
podSecurityContext: {}
# fsGroup: 2000
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop: [ "ALL" ]
readOnlyRootFilesystem: true
runAsNonRoot: true
# runAsUser: 1000
serviceAccount:
# Specifies whether a service account should be created
create: true
# Annotations to add to the service account
annotations: {}
# The name of the service account to use.
# If not set and create is true, a name is generated using the fullname template
name:
rbac:
create: true
service:
type: ClusterIP
port: 8080
resources: {}
# We usually recommend not to specify default resources and to leave this as a conscious
# choice for the user. This also increases chances charts run on environments with little
# resources, such as Minikube. If you do want to specify resources, uncomment the following
# lines, adjust them as necessary, and remove the curly braces after 'resources:'.
# limits:
# cpu: 100m
# memory: 128Mi
# requests:
# cpu: 100m
# memory: 128Mi
nodeSelector: {}
tolerations:
- key: "node-role.kubernetes.io/master"
operator: "Equal"
value: ""
effect: "NoSchedule"
- key: "node-role.kubernetes.io/control-plane"
operator: "Equal"
value: ""
effect: "NoSchedule"
annotations: {}
affinity:
nodeAffinity:
preferredDuringSchedulingIgnoredDuringExecution:
- weight: 1
preference:
matchExpressions:
- key: "node-role.kubernetes.io/master"
operator: In
values: [""]
- weight: 1
preference:
matchExpressions:
- key: "node-role.kubernetes.io/control-plane"
operator: In
values: [""]
worker:
config: ### <NFD-WORKER-CONF-START-DO-NOT-REMOVE>
#core:
# labelWhiteList:
# noPublish: false
# sleepInterval: 60s
# featureSources: [all]
# labelSources: [all]
# klog:
# addDirHeader: false
# alsologtostderr: false
# logBacktraceAt:
# logtostderr: true
# skipHeaders: false
# stderrthreshold: 2
# v: 0
# vmodule:
## NOTE: the following options are not dynamically run-time configurable
## and require a nfd-worker restart to take effect after being changed
# logDir:
# logFile:
# logFileMaxSize: 1800
# skipLogHeaders: false
#sources:
# cpu:
# cpuid:
## NOTE: whitelist has priority over blacklist
# attributeBlacklist:
# - "BMI1"
# - "BMI2"
# - "CLMUL"
# - "CMOV"
# - "CX16"
# - "ERMS"
# - "F16C"
# - "HTT"
# - "LZCNT"
# - "MMX"
# - "MMXEXT"
# - "NX"
# - "POPCNT"
# - "RDRAND"
# - "RDSEED"
# - "RDTSCP"
# - "SGX"
# - "SSE"
# - "SSE2"
# - "SSE3"
# - "SSE4"
# - "SSE42"
# - "SSSE3"
# attributeWhitelist:
# kernel:
# kconfigFile: "/path/to/kconfig"
# configOpts:
# - "NO_HZ"
# - "X86"
# - "DMI"
# pci:
# deviceClassWhitelist:
# - "0200"
# - "03"
# - "12"
# deviceLabelFields:
# - "class"
# - "vendor"
# - "device"
# - "subsystem_vendor"
# - "subsystem_device"
# usb:
# deviceClassWhitelist:
# - "0e"
# - "ef"
# - "fe"
# - "ff"
# deviceLabelFields:
# - "class"
# - "vendor"
# - "device"
# local:
# hooksEnabled: true
# custom:
# # The following feature demonstrates the capabilities of the matchFeatures
# - name: "my custom rule"
# labels:
# my-ng-feature: "true"
# # matchFeatures implements a logical AND over all matcher terms in the
# # list (i.e. all of the terms, or per-feature matchers, must match)
# matchFeatures:
# - feature: cpu.cpuid
# matchExpressions:
# AVX512F: {op: Exists}
# - feature: cpu.cstate
# matchExpressions:
# enabled: {op: IsTrue}
# - feature: cpu.pstate
# matchExpressions:
# no_turbo: {op: IsFalse}
# scaling_governor: {op: In, value: ["performance"]}
# - feature: cpu.rdt
# matchExpressions:
# RDTL3CA: {op: Exists}
# - feature: cpu.sst
# matchExpressions:
# bf.enabled: {op: IsTrue}
# - feature: cpu.topology
# matchExpressions:
# hardware_multithreading: {op: IsFalse}
#
# - feature: kernel.config
# matchExpressions:
# X86: {op: Exists}
# LSM: {op: InRegexp, value: ["apparmor"]}
# - feature: kernel.loadedmodule
# matchExpressions:
# e1000e: {op: Exists}
# - feature: kernel.selinux
# matchExpressions:
# enabled: {op: IsFalse}
# - feature: kernel.version
# matchExpressions:
# major: {op: In, value: ["5"]}
# minor: {op: Gt, value: ["10"]}
#
# - feature: storage.block
# matchExpressions:
# rotational: {op: In, value: ["0"]}
# dax: {op: In, value: ["0"]}
#
# - feature: network.device
# matchExpressions:
# operstate: {op: In, value: ["up"]}
# speed: {op: Gt, value: ["100"]}
#
# - feature: memory.numa
# matchExpressions:
# node_count: {op: Gt, value: ["2"]}
# - feature: memory.nv
# matchExpressions:
# devtype: {op: In, value: ["nd_dax"]}
# mode: {op: In, value: ["memory"]}
#
# - feature: system.osrelease
# matchExpressions:
# ID: {op: In, value: ["fedora", "centos"]}
# - feature: system.name
# matchExpressions:
# nodename: {op: InRegexp, value: ["^worker-X"]}
#
# - feature: local.label
# matchExpressions:
# custom-feature-knob: {op: Gt, value: ["100"]}
#
# # The following feature demonstrates the capabilities of the matchAny
# - name: "my matchAny rule"
# labels:
# my-ng-feature-2: "my-value"
# # matchAny implements a logical IF over all elements (sub-matchers) in
# # the list (i.e. at least one feature matcher must match)
# matchAny:
# - matchFeatures:
# - feature: kernel.loadedmodule
# matchExpressions:
# driver-module-X: {op: Exists}
# - feature: pci.device
# matchExpressions:
# vendor: {op: In, value: ["8086"]}
# class: {op: In, value: ["0200"]}
# - matchFeatures:
# - feature: kernel.loadedmodule
# matchExpressions:
# driver-module-Y: {op: Exists}
# - feature: usb.device
# matchExpressions:
# vendor: {op: In, value: ["8086"]}
# class: {op: In, value: ["02"]}
#
# # The following features demonstreate label templating capabilities
# - name: "my template rule"
# labelsTemplate: |
# {{ range .system.osrelease }}my-system-feature.{{ .Name }}={{ .Value }}
# {{ end }}
# matchFeatures:
# - feature: system.osrelease
# matchExpressions:
# ID: {op: InRegexp, value: ["^open.*"]}
# VERSION_ID.major: {op: In, value: ["13", "15"]}
#
# - name: "my template rule 2"
# labelsTemplate: |
# {{ range .pci.device }}my-pci-device.{{ .class }}-{{ .device }}=with-cpuid
# {{ end }}
# matchFeatures:
# - feature: pci.device
# matchExpressions:
# class: {op: InRegexp, value: ["^06"]}
# vendor: ["8086"]
# - feature: cpu.cpuid
# matchExpressions:
# AVX: {op: Exists}
#
# # The following examples demonstrate vars field and back-referencing
# # previous labels and vars
# - name: "my dummy kernel rule"
# labels:
# "my.kernel.feature": "true"
# matchFeatures:
# - feature: kernel.version
# matchExpressions:
# major: {op: Gt, value: ["2"]}
#
# - name: "my dummy rule with no labels"
# vars:
# "my.dummy.var": "1"
# matchFeatures:
# - feature: cpu.cpuid
# matchExpressions: {}
#
# - name: "my rule using backrefs"
# labels:
# "my.backref.feature": "true"
# matchFeatures:
# - feature: rule.matched
# matchExpressions:
# my.kernel.feature: {op: IsTrue}
# my.dummy.var: {op: Gt, value: ["0"]}
#
### <NFD-WORKER-CONF-END-DO-NOT-REMOVE>
daemonsetAnnotations: {}
podSecurityContext: {}
# fsGroup: 2000
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop: [ "ALL" ]
readOnlyRootFilesystem: true
runAsNonRoot: true
# runAsUser: 1000
serviceAccount:
# Specifies whether a service account should be created.
# We create this by default to make it easier for downstream users to apply PodSecurityPolicies.
create: true
# Annotations to add to the service account
annotations: {}
# The name of the service account to use.
# If not set and create is true, a name is generated using the fullname template
name:
rbac:
create: true
# Allow users to mount the hostPath /usr/src, useful for RHCOS on s390x
# Does not work on systems without /usr/src AND a read-only /usr, such as Talos
mountUsrSrc: false
resources: {}
# We usually recommend not to specify default resources and to leave this as a conscious
# choice for the user. This also increases chances charts run on environments with little
# resources, such as Minikube. If you do want to specify resources, uncomment the following
# lines, adjust them as necessary, and remove the curly braces after 'resources:'.
# limits:
# cpu: 100m
# memory: 128Mi
# requests:
# cpu: 100m
# memory: 128Mi
nodeSelector: {}
tolerations: []
annotations: {}
affinity: {}
priorityClassName: ""
topologyUpdater:
config: ### <NFD-TOPOLOGY-UPDATER-CONF-START-DO-NOT-REMOVE>
## key = node name, value = list of resources to be excluded.
## use * to exclude from all nodes.
## an example for how the exclude list should looks like
#excludeList:
# node1: [cpu]
# node2: [memory, example/deviceA]
# *: [hugepages-2Mi]
### <NFD-TOPOLOGY-UPDATER-CONF-END-DO-NOT-REMOVE>
enable: false
createCRDs: false
serviceAccount:
create: true
annotations: {}
name:
rbac:
create: true
kubeletConfigPath:
kubeletPodResourcesSockPath:
updateInterval: 60s
watchNamespace: "*"
kubeletStateDir: /var/lib/kubelet
podSecurityContext: {}
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop: [ "ALL" ]
readOnlyRootFilesystem: true
runAsUser: 0
resources: {}
# We usually recommend not to specify default resources and to leave this as a conscious
# choice for the user. This also increases chances charts run on environments with little
# resources, such as Minikube. If you do want to specify resources, uncomment the following
# lines, adjust them as necessary, and remove the curly braces after 'resources:'.
# limits:
# cpu: 100m
# memory: 128Mi
# requests:
# cpu: 100m
# memory: 128Mi
nodeSelector: {}
tolerations: []
annotations: {}
affinity: {}
podSetFingerprint: true
topologyGC:
enable: true
replicaCount: 1
serviceAccount:
create: true
annotations: {}
name:
rbac:
create: true
interval: 1h
podSecurityContext: {}
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop: [ "ALL" ]
readOnlyRootFilesystem: true
runAsNonRoot: true
resources: {}
# We usually recommend not to specify default resources and to leave this as a conscious
# choice for the user. This also increases chances charts run on environments with little
# resources, such as Minikube. If you do want to specify resources, uncomment the following
# lines, adjust them as necessary, and remove the curly braces after 'resources:'.
# limits:
# cpu: 100m
# memory: 128Mi
# requests:
# cpu: 100m
# memory: 128Mi
nodeSelector: {}
tolerations: []
annotations: {}
affinity: {}
# Optionally use encryption for worker <--> master comms
# TODO: verify hostname is not yet supported
#
# If you do not enable certManager (and have it installed) you will
# need to manually, or otherwise, provision the TLS certs as secrets
tls:
enable: false
certManager: false

4
charts/amd/amd-gpu/templates/NOTES.txt Normal file
View File

@ -0,0 +1,4 @@
{{ .Chart.Name }}-device-plugin-daemonset deployed in namespace '{{ .Values.namespace }}'
{{- if .Values.labeller.enabled }}
{{ .Chart.Name }}-labeller-daemonset deployed in namespace '{{ .Values.namespace }}'
{{- end }}

62
charts/amd/amd-gpu/templates/_helpers.tpl Normal file
View File

@ -0,0 +1,62 @@
{{/*
Expand the name of the chart.
*/}}
{{- define "amd-gpu.name" -}}
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
{{- end }}
{{/*
Create a default fully qualified app name.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
If release name contains chart name it will be used as a full name.
*/}}
{{- define "amd-gpu.fullname" -}}
{{- if .Values.fullnameOverride }}
{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
{{- else }}
{{- $name := default .Chart.Name .Values.nameOverride }}
{{- if contains $name .Release.Name }}
{{- .Release.Name | trunc 63 | trimSuffix "-" }}
{{- else }}
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
{{- end }}
{{- end }}
{{- end }}
{{/*
Create chart name and version as used by the chart label.
*/}}
{{- define "amd-gpu.chart" -}}
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
{{- end }}
{{/*
Common labels
*/}}
{{- define "amd-gpu.labels" -}}
helm.sh/chart: {{ include "amd-gpu.chart" . }}
{{ include "amd-gpu.selectorLabels" . }}
{{- if .Chart.AppVersion }}
app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
{{- end }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
{{- end }}
{{/*
Selector labels
*/}}
{{- define "amd-gpu.selectorLabels" -}}
app.kubernetes.io/name: {{ include "amd-gpu.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
{{- end }}
{{/*
Create the name of the service account to use
*/}}
{{- define "amd-gpu.serviceAccountName" -}}
{{- if .Values.serviceAccount.create }}
{{- default (include "amd-gpu.fullname" .) .Values.serviceAccount.name }}
{{- else }}
{{- default "default" .Values.serviceAccount.name }}
{{- end }}
{{- end }}

48
charts/amd/amd-gpu/templates/deviceplugin-daemonset.yaml Normal file
View File

@ -0,0 +1,48 @@
apiVersion: apps/v1
kind: DaemonSet
metadata:
name: {{ .Chart.Name }}-device-plugin-daemonset
namespace: {{ .Values.namespace }}
spec:
selector:
matchLabels:
name: {{ .Chart.Name }}-dp-ds
template:
metadata:
labels:
name: {{ .Chart.Name }}-dp-ds
spec:
{{- with .Values.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- if .Values.nfd.enabled }}
{{- with .Values.node_selector }}
nodeSelector:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- end }}
priorityClassName: system-node-critical
{{- with .Values.tolerations }}
tolerations:
{{- toYaml . | nindent 8 }}
{{- end }}
containers:
- name: {{ .Chart.Name }}-dp-cntr
image: {{ .Values.dp.image.repository }}:{{ .Values.dp.image.tag | default .Chart.AppVersion }}
securityContext:
{{- toYaml .Values.securityContext | nindent 12 }}
volumeMounts:
- name: dp
mountPath: /var/lib/kubelet/device-plugins
- name: sys
mountPath: /sys
resources:
{{- toYaml .Values.dp.resources | nindent 12 }}
volumes:
- name: dp
hostPath:
path: /var/lib/kubelet/device-plugins
- name: sys
hostPath:
path: /sys

83
charts/amd/amd-gpu/templates/labeller.yaml Normal file
View File

@ -0,0 +1,83 @@
{{- if .Values.labeller.enabled }}
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRole
metadata:
name: cr-{{ .Chart.Name }}-node-labeller
rules:
- apiGroups: [""]
resources: ["nodes"]
verbs: ["watch", "get", "list", "update"]
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRoleBinding
metadata:
name: crb-{{ .Chart.Name }}-labeller
namespace: default
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: cr-{{ .Chart.Name }}-node-labeller
subjects:
- kind: ServiceAccount
name: default
namespace: default
- kind: ServiceAccount
name: default
namespace: {{ .Values.namespace }}
---
apiVersion: apps/v1
kind: DaemonSet
metadata:
name: {{ .Chart.Name }}-labeller-daemonset
namespace: {{ .Values.namespace }}
spec:
selector:
matchLabels:
name: amdgpu-lr-ds
template:
metadata:
labels:
name: amdgpu-lr-ds
spec:
{{- if .Values.nfd.enabled }}
{{- with .Values.node_selector }}
nodeSelector:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- end }}
priorityClassName: system-node-critical
{{- with .Values.tolerations }}
tolerations:
{{- toYaml . | nindent 8 }}
{{- end }}
containers:
- image: {{ .Values.lbl.image.repository }}:{{ .Values.lbl.image.tag }}
name: {{ .Chart.Name }}-lr-cntr
imagePullPolicy: Always
workingDir: /root
command: ["./k8s-node-labeller"]
args: ["-vram", "-cu-count", "-simd-count", "-device-id", "-family"]
env:
- name: DS_NODE_NAME
valueFrom:
fieldRef:
fieldPath: spec.nodeName
securityContext:
privileged: true #Needed for /dev
capabilities:
drop: ["ALL"]
volumeMounts:
- name: sys
mountPath: /sys
- name: dev
mountPath: /dev
resources:
{{- toYaml .Values.lbl.resources | nindent 10 }}
volumes:
- name: sys
hostPath:
path: /sys
- name: dev
hostPath:
path: /dev
{{- end }}

36
charts/amd/amd-gpu/values.yaml Normal file
View File

@ -0,0 +1,36 @@
nfd:
enabled: false
labeller:
enabled: false
namespace: kube-system
dp:
image:
repository: docker.io/rocm/k8s-device-plugin
# Overrides the image tag whose default is the chart appVersion.
tag: "1.25.2.4"
resources: {}
lbl:
image:
repository: docker.io/rocm/k8s-device-plugin
tag: "labeller-1.25.2.4"
resources: {}
imagePullSecrets: []
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
tolerations:
- key: CriticalAddonsOnly
operator: Exists
node_selector:
feature.node.kubernetes.io/pci-0300_1002.present: "true"
kubernetes.io/arch: amd64

2
charts/bitnami/redis/Chart.yaml
View File

@ -37,4 +37,4 @@ maintainers:
name: redis name: redis
sources: sources:
- https://github.com/bitnami/charts/tree/main/bitnami/redis - https://github.com/bitnami/charts/tree/main/bitnami/redis
version: 18.0.0 version: 18.0.1

8
charts/bitnami/redis/README.md
View File

@ -790,6 +790,12 @@ This issue can be mitigated by splitting the upgrade into two stages: one for al
- Stage 2 (anything else that is not up to date, in this case only master): - Stage 2 (anything else that is not up to date, in this case only master):
`helm upgrade oci://registry-1.docker.io/bitnamicharts/redis` `helm upgrade oci://registry-1.docker.io/bitnamicharts/redis`
### To 18.0.0
This major version updates the Redis&reg; docker image version used from `7.0` to `7.2`, the new stable version. There are no major changes in the chart, but we recommend checking the [Redis&reg; 7.2 release notes](https://raw.githubusercontent.com/redis/redis/7.2/00-RELEASENOTES) before upgrading.
NOTE: Due to an error in our release process, versions higher or equal than 17.15.4 already use 7.2 by default.
### To 17.0.0 ### To 17.0.0
This major version updates the Redis&reg; docker image version used from `6.2` to `7.0`, the new stable version. There are no major changes in the chart, but we recommend checking the [Redis&reg; 7.0 release notes](https://raw.githubusercontent.com/redis/redis/7.0/00-RELEASENOTES) before upgrading. This major version updates the Redis&reg; docker image version used from `6.2` to `7.0`, the new stable version. There are no major changes in the chart, but we recommend checking the [Redis&reg; 7.0 release notes](https://raw.githubusercontent.com/redis/redis/7.0/00-RELEASENOTES) before upgrading.
@ -976,4 +982,4 @@ Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS, distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and See the License for the specific language governing permissions and
limitations under the License. limitations under the License.

6
charts/crate/crate-operator/Chart.lock
View File

@ -1,6 +1,6 @@
dependencies: dependencies:
- name: crate-operator-crds - name: crate-operator-crds
repository: file://../crate-operator-crds repository: file://../crate-operator-crds
version: 2.30.2 version: 2.30.3
digest: sha256:5b8b40b7c1c3c068df6806a2325b21d4f0b93b69df3387be6bc20092936d153a digest: sha256:ae46760e801b4cef9755aa95f722dd25151fc3a8633cef7bcfbb5745d96b569c
generated: "2023-08-10T11:24:24.32953244Z" generated: "2023-08-29T08:31:06.489571561Z"

6
charts/crate/crate-operator/Chart.yaml
View File

@ -3,16 +3,16 @@ annotations:
catalog.cattle.io/display-name: CrateDB Operator catalog.cattle.io/display-name: CrateDB Operator
catalog.cattle.io/release-name: crate-operator catalog.cattle.io/release-name: crate-operator
apiVersion: v2 apiVersion: v2
appVersion: 2.30.2 appVersion: 2.30.3
dependencies: dependencies:
- condition: crate-operator-crds.enabled - condition: crate-operator-crds.enabled
name: crate-operator-crds name: crate-operator-crds
repository: file://./charts/crate-operator-crds repository: file://./charts/crate-operator-crds
version: 2.30.2 version: 2.30.3
description: Crate Operator - Helm chart for installing and upgrading Crate Operator. description: Crate Operator - Helm chart for installing and upgrading Crate Operator.
icon: https://raw.githubusercontent.com/crate/crate/master/docs/_static/crate-logo.svg icon: https://raw.githubusercontent.com/crate/crate/master/docs/_static/crate-logo.svg
maintainers: maintainers:
- name: Crate.io - name: Crate.io
name: crate-operator name: crate-operator
type: application type: application
version: 2.30.2 version: 2.30.3

4
charts/crate/crate-operator/charts/crate-operator-crds/Chart.yaml
View File

@ -1,9 +1,9 @@
apiVersion: v2 apiVersion: v2
appVersion: 2.30.2 appVersion: 2.30.3
description: Crate Operator CRDs - Helm chart for installing and upgrading Custom description: Crate Operator CRDs - Helm chart for installing and upgrading Custom
Resource Definitions (CRDs) for the Crate Operator. Resource Definitions (CRDs) for the Crate Operator.
maintainers: maintainers:
- name: Crate.io - name: Crate.io
name: crate-operator-crds name: crate-operator-crds
type: application type: application
version: 2.30.2 version: 2.30.3

4
charts/crowdstrike/falcon-sensor/Chart.yaml
View File

@ -4,7 +4,7 @@ annotations:
catalog.cattle.io/kube-version: '>1.22.0-0' catalog.cattle.io/kube-version: '>1.22.0-0'
catalog.cattle.io/release-name: falcon-sensor catalog.cattle.io/release-name: falcon-sensor
apiVersion: v2 apiVersion: v2
appVersion: 1.20.2 appVersion: 1.20.3
description: A Helm chart to deploy CrowdStrike Falcon sensors into Kubernetes clusters. description: A Helm chart to deploy CrowdStrike Falcon sensors into Kubernetes clusters.
home: https://crowdstrike.com home: https://crowdstrike.com
icon: https://raw.githubusercontent.com/CrowdStrike/falcon-helm/main/images/crowdstrike-logo.svg icon: https://raw.githubusercontent.com/CrowdStrike/falcon-helm/main/images/crowdstrike-logo.svg
@ -24,4 +24,4 @@ name: falcon-sensor
sources: sources:
- https://github.com/CrowdStrike/falcon-helm - https://github.com/CrowdStrike/falcon-helm
type: application type: application
version: 1.20.2 version: 1.20.3

2
charts/crowdstrike/falcon-sensor/templates/configmap.yaml
View File

@ -14,7 +14,7 @@ metadata:
data: data:
FALCONCTL_OPT_CID: {{ .Values.falcon.cid }} FALCONCTL_OPT_CID: {{ .Values.falcon.cid }}
{{- range $key, $value := .Values.falcon }} {{- range $key, $value := .Values.falcon }}
{{- if and ($value) (ne $key "cid") }} {{- if and (or $value (eq ($value | toString) "false")) (ne $key "cid") }}
FALCONCTL_OPT_{{ $key | upper }}: {{ $value | quote }} FALCONCTL_OPT_{{ $key | upper }}: {{ $value | quote }}
{{- end }} {{- end }}
{{- end }} {{- end }}

4
charts/instana/instana-agent/Chart.yaml
View File

@ -9,7 +9,7 @@ annotations:
catalog.cattle.io/kube-version: '>=1.21-0' catalog.cattle.io/kube-version: '>=1.21-0'
catalog.cattle.io/release-name: instana-agent catalog.cattle.io/release-name: instana-agent
apiVersion: v2 apiVersion: v2
appVersion: 1.252.0 appVersion: 1.256.0
description: Instana Agent for Kubernetes description: Instana Agent for Kubernetes
home: https://www.instana.com/ home: https://www.instana.com/
icon: https://agents.instana.io/helm/stan-logo-2020.png icon: https://agents.instana.io/helm/stan-logo-2020.png
@ -23,4 +23,4 @@ maintainers:
name: instana-agent name: instana-agent
sources: sources:
- https://github.com/instana/instana-agent-docker - https://github.com/instana/instana-agent-docker
version: 1.2.61 version: 1.2.62

2
charts/instana/instana-agent/README.md
View File

@ -334,6 +334,8 @@ zones:
``` ```
## Changelog ## Changelog
### 1.2.62
* Include k8s-sensor resources in the default static YAML definitions
### 1.2.61 ### 1.2.61
* Increase timeout and initialDelay for the Agent container * Increase timeout and initialDelay for the Agent container

2
charts/koor-tech/koor-operator/Chart.lock
View File

@ -3,4 +3,4 @@ dependencies:
repository: https://charts.jetstack.io repository: https://charts.jetstack.io
version: v1.12.3 version: v1.12.3
digest: sha256:3110ca458f8a903dc025408701614af03df859bf827824478ed68c785b0e6209 digest: sha256:3110ca458f8a903dc025408701614af03df859bf827824478ed68c785b0e6209
generated: "2023-08-18T21:18:29.803296054Z" generated: "2023-08-29T05:47:05.106503476Z"

4
charts/koor-tech/koor-operator/Chart.yaml
View File

@ -14,7 +14,7 @@ annotations:
catalog.cattle.io/kube-version: '>=1.19.0' catalog.cattle.io/kube-version: '>=1.19.0'
catalog.cattle.io/release-name: koor-operator catalog.cattle.io/release-name: koor-operator
apiVersion: v2 apiVersion: v2
appVersion: v0.3.4 appVersion: v0.3.5
dependencies: dependencies:
- alias: certmanager - alias: certmanager
condition: certmanager.enabled condition: certmanager.enabled
@ -33,4 +33,4 @@ name: koor-operator
sources: sources:
- https://github.com/koor-tech/koor-operator/ - https://github.com/koor-tech/koor-operator/
type: application type: application
version: 0.3.4 version: 0.3.5

8
charts/koor-tech/koor-operator/README.md
View File

@ -42,8 +42,8 @@ The following table lists the configurable parameters of the rook-operator chart
| Parameter | Description | Default | | Parameter | Description | Default |
|-----------|-------------|---------| |-----------|-------------|---------|
| `certmanager.enabled` | Enable cert-maanger | `true` | | `certmanager.enabled` | Install cert-manger. Set to false to use an existing cert-manager | `true` |
| `certmanager.installCRDs` | If cert-manager's CRDs should be installed through Helm. | `true` | | `certmanager.installCRDs` | If cert-manager's CRDs should be installed through Helm | `true` |
| `controllerManager.kubeRbacProxy.args` | RBAC proxy args | `["--secure-listen-address=0.0.0.0:8443","--upstream=http://127.0.0.1:8080/","--logtostderr=true","--v=0"]` | | `controllerManager.kubeRbacProxy.args` | RBAC proxy args | `["--secure-listen-address=0.0.0.0:8443","--upstream=http://127.0.0.1:8080/","--logtostderr=true","--v=0"]` |
| `controllerManager.kubeRbacProxy.containerSecurityContext` | RBAC proxy container security context | `{"allowPrivilegeEscalation":false,"capabilities":{"drop":["ALL"]}}` | | `controllerManager.kubeRbacProxy.containerSecurityContext` | RBAC proxy container security context | `{"allowPrivilegeEscalation":false,"capabilities":{"drop":["ALL"]}}` |
| `controllerManager.kubeRbacProxy.image.repository` | Operator image repository | `"gcr.io/kubebuilder/kube-rbac-proxy"` | | `controllerManager.kubeRbacProxy.image.repository` | Operator image repository | `"gcr.io/kubebuilder/kube-rbac-proxy"` |
@ -52,7 +52,7 @@ The following table lists the configurable parameters of the rook-operator chart
| `controllerManager.manager.args` | Operator args | `["--health-probe-bind-address=:8081","--metrics-bind-address=127.0.0.1:8080","--leader-elect"]` | | `controllerManager.manager.args` | Operator args | `["--health-probe-bind-address=:8081","--metrics-bind-address=127.0.0.1:8080","--leader-elect"]` |
| `controllerManager.manager.containerSecurityContext` | Operator container security context | `{"allowPrivilegeEscalation":false,"capabilities":{"drop":["ALL"]}}` | | `controllerManager.manager.containerSecurityContext` | Operator container security context | `{"allowPrivilegeEscalation":false,"capabilities":{"drop":["ALL"]}}` |
| `controllerManager.manager.image.repository` | Operator image repository | `"docker.io/koorinc/koor-operator"` | | `controllerManager.manager.image.repository` | Operator image repository | `"docker.io/koorinc/koor-operator"` |
| `controllerManager.manager.image.tag` | Operator image tag | `"v0.3.4"` | | `controllerManager.manager.image.tag` | Operator image tag | `"v0.3.5"` |
| `controllerManager.manager.resources` | Operator container resources | `{"limits":{"cpu":"500m","memory":"512Mi"},"requests":{"cpu":"10m","memory":"128Mi"}}` | | `controllerManager.manager.resources` | Operator container resources | `{"limits":{"cpu":"500m","memory":"512Mi"},"requests":{"cpu":"10m","memory":"128Mi"}}` |
| `controllerManager.replicas` | | `1` | | `controllerManager.replicas` | | `1` |
| `koorCluster.spec.dashboardEnabled` | Enable the Ceph MGR dashboard. | `true` | | `koorCluster.spec.dashboardEnabled` | Enable the Ceph MGR dashboard. | `true` |
@ -60,7 +60,7 @@ The following table lists the configurable parameters of the rook-operator chart
| `koorCluster.spec.ksdReleaseName` | The name to use for KSD helm release. | `"ksd"` | | `koorCluster.spec.ksdReleaseName` | The name to use for KSD helm release. | `"ksd"` |
| `koorCluster.spec.monitoringEnabled` | If monitoring should be enabled, requires the prometheus-operator to be pre-installed. | `true` | | `koorCluster.spec.monitoringEnabled` | If monitoring should be enabled, requires the prometheus-operator to be pre-installed. | `true` |
| `koorCluster.spec.toolboxEnabled` | If the Ceph toolbox, should be deployed as well. | `true` | | `koorCluster.spec.toolboxEnabled` | If the Ceph toolbox, should be deployed as well. | `true` |
| `koorCluster.spec.upgradeOptions.endpoint` | The api endpoint used to find the ceph latest version | `"versions.koor.tech"` | | `koorCluster.spec.upgradeOptions.endpoint` | The api endpoint used to find the ceph latest version | `"https://versions.koor.tech"` |
| `koorCluster.spec.upgradeOptions.mode` | Upgrade mode. Options: disabled, notify, upgrade. | `"notify"` | | `koorCluster.spec.upgradeOptions.mode` | Upgrade mode. Options: disabled, notify, upgrade. | `"notify"` |
| `koorCluster.spec.upgradeOptions.schedule` | The schedule to check for new versions. Uses CRON format as specified by https://github.com/robfig/cron/tree/v3. Defaults to everyday at midnight in the local timezone. To change the timezone, prefix the schedule with CRON_TZ=<Timezone>. For example: "CRON_TZ=UTC 0 0 * * *" is midnight UTC. | `"0 0 * * *"` | | `koorCluster.spec.upgradeOptions.schedule` | The schedule to check for new versions. Uses CRON format as specified by https://github.com/robfig/cron/tree/v3. Defaults to everyday at midnight in the local timezone. To change the timezone, prefix the schedule with CRON_TZ=<Timezone>. For example: "CRON_TZ=UTC 0 0 * * *" is midnight UTC. | `"0 0 * * *"` |
| `koorCluster.spec.useAllDevices` | If all empty + unused devices of the cluster should be used. | `true` | | `koorCluster.spec.useAllDevices` | If all empty + unused devices of the cluster should be used. | `true` |

4
charts/koor-tech/koor-operator/templates/koorcluster-crd.yaml
View File

@ -68,10 +68,10 @@ spec:
description: Installs a debugging toolbox deployment description: Installs a debugging toolbox deployment
type: boolean type: boolean
upgradeOptions: upgradeOptions:
description: Specifies the notification options for new ceph versions description: Specifies the upgrade options for new ceph versions
properties: properties:
endpoint: endpoint:
default: versions.koor.tech default: https://versions.koor.tech
description: The api endpoint used to find the ceph latest version description: The api endpoint used to find the ceph latest version
type: string type: string
mode: mode:

1
charts/koor-tech/koor-operator/templates/koorcluster-job.yaml
View File

@ -7,6 +7,7 @@ metadata:
app.kubernetes.io/part-of: koor-operator app.kubernetes.io/part-of: koor-operator
{{- include "koor-operator.labels" . | nindent 4 }} {{- include "koor-operator.labels" . | nindent 4 }}
spec: spec:
backoffLimit: 20
template: template:
metadata: metadata:
name: {{ include "koor-operator.jobName" . }} name: {{ include "koor-operator.jobName" . }}

1
charts/koor-tech/koor-operator/templates/predelete-job.yaml
View File

@ -10,6 +10,7 @@ metadata:
helm.sh/hook: pre-delete helm.sh/hook: pre-delete
helm.sh/hook-delete-policy: hook-succeeded helm.sh/hook-delete-policy: hook-succeeded
spec: spec:
backoffLimit: 20
template: template:
metadata: metadata:
name: {{ include "koor-operator.fullname" . }}-predelete-job name: {{ include "koor-operator.fullname" . }}-predelete-job

8
charts/koor-tech/koor-operator/values.yaml
View File

@ -1,8 +1,8 @@
# NOTE: commit your changes before running make or they will be lost. # NOTE: commit your changes before running make or they will be lost.
certmanager: certmanager:
# -- Enable cert-maanger # -- Install cert-manger. Set to false to use an existing cert-manager
enabled: true enabled: true
# -- If cert-manager's CRDs should be installed through Helm. # -- If cert-manager's CRDs should be installed through Helm
installCRDs: true installCRDs: true
controllerManager: controllerManager:
# RBAC proxy configuration # RBAC proxy configuration
@ -49,7 +49,7 @@ controllerManager:
# -- Operator image repository # -- Operator image repository
repository: docker.io/koorinc/koor-operator repository: docker.io/koorinc/koor-operator
# -- Operator image tag # -- Operator image tag
tag: v0.3.4 tag: v0.3.5
# -- Operator container resources # -- Operator container resources
resources: resources:
limits: limits:
@ -92,7 +92,7 @@ koorCluster:
# -- Upgrade mode. Options: disabled, notify, upgrade. # -- Upgrade mode. Options: disabled, notify, upgrade.
mode: notify mode: notify
# -- The api endpoint used to find the ceph latest version # -- The api endpoint used to find the ceph latest version
endpoint: versions.koor.tech endpoint: https://versions.koor.tech
# -- The schedule to check for new versions. Uses CRON format as specified by https://github.com/robfig/cron/tree/v3. # -- The schedule to check for new versions. Uses CRON format as specified by https://github.com/robfig/cron/tree/v3.
# Defaults to everyday at midnight in the local timezone. # Defaults to everyday at midnight in the local timezone.
# To change the timezone, prefix the schedule with CRON_TZ=<Timezone>. # To change the timezone, prefix the schedule with CRON_TZ=<Timezone>.

2
charts/redpanda/redpanda/Chart.lock
View File

@ -6,4 +6,4 @@ dependencies:
repository: https://charts.redpanda.com repository: https://charts.redpanda.com
version: 0.1.5 version: 0.1.5
digest: sha256:dd7afd55f6eb7e9b3a91b0e5eeda47138e23c255b32d277ad4cb3a7ad3ec1b1f digest: sha256:dd7afd55f6eb7e9b3a91b0e5eeda47138e23c255b32d277ad4cb3a7ad3ec1b1f
generated: "2023-08-24T18:40:38.735781014Z" generated: "2023-08-29T00:48:34.845874471Z"

6
charts/redpanda/redpanda/Chart.yaml
View File

@ -1,7 +1,7 @@
annotations: annotations:
artifacthub.io/images: | artifacthub.io/images: |
- name: redpanda - name: redpanda
image: docker.redpanda.com/redpandadata/redpanda:v23.2.6 image: docker.redpanda.com/redpandadata/redpanda:v23.2.7
- name: busybox - name: busybox
image: busybox:latest image: busybox:latest
- name: mintel/docker-alpine-bash-curl-jq - name: mintel/docker-alpine-bash-curl-jq
@ -17,7 +17,7 @@ annotations:
catalog.cattle.io/kube-version: '>=1.21-0' catalog.cattle.io/kube-version: '>=1.21-0'
catalog.cattle.io/release-name: redpanda catalog.cattle.io/release-name: redpanda
apiVersion: v2 apiVersion: v2
appVersion: v23.2.6 appVersion: v23.2.7
dependencies: dependencies:
- condition: console.enabled - condition: console.enabled
name: console name: console
@ -37,4 +37,4 @@ name: redpanda
sources: sources:
- https://github.com/redpanda-data/helm-charts - https://github.com/redpanda-data/helm-charts
type: application type: application
version: 5.1.6 version: 5.1.7

13
charts/redpanda/redpanda/templates/_helpers.tpl
View File

@ -33,6 +33,17 @@ We truncate at 63 chars because some Kubernetes name fields are limited to this
{{- end -}} {{- end -}}
{{- end -}} {{- end -}}
{{/*
Create a default service name
*/}}
{{- define "redpanda.servicename" -}}
{{- if dig "service" "name" false .Values.AsMap -}}
{{- .Values.service.name | trunc 63 | trimSuffix "-" -}}
{{- else -}}
{{ include "redpanda.fullname" . | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{- end -}}
{{/* {{/*
full helm labels + common labels full helm labels + common labels
*/}} */}}
@ -93,7 +104,7 @@ Generate configuration needed for rpk
*/}} */}}
{{- define "redpanda.internal.domain" -}} {{- define "redpanda.internal.domain" -}}
{{- $service := include "redpanda.fullname" . -}} {{- $service := include "redpanda.servicename" . -}}
{{- $ns := .Release.Namespace -}} {{- $ns := .Release.Namespace -}}
{{- $domain := .Values.clusterDomain | trimSuffix "." -}} {{- $domain := .Values.clusterDomain | trimSuffix "." -}}
{{- printf "%s.%s.svc.%s." $service $ns $domain -}} {{- printf "%s.%s.svc.%s." $service $ns $domain -}}

2
charts/redpanda/redpanda/templates/certs.yaml
View File

@ -16,7 +16,7 @@ limitations under the License.
*/}} */}}
{{- if (include "tls-enabled" . | fromJson).bool }} {{- if (include "tls-enabled" . | fromJson).bool }}
{{- $root := deepCopy . }} {{- $root := deepCopy . }}
{{- $service := include "redpanda.fullname" . }} {{- $service := include "redpanda.servicename" . }}
{{- $ns := .Release.Namespace }} {{- $ns := .Release.Namespace }}
{{- $domain := .Values.clusterDomain | trimSuffix "." }} {{- $domain := .Values.clusterDomain | trimSuffix "." }}
{{- $listeners := .Values.listeners }} {{- $listeners := .Values.listeners }}

2
charts/redpanda/redpanda/templates/secrets.yaml
View File

@ -30,7 +30,7 @@ stringData:
#!/usr/bin/env bash #!/usr/bin/env bash
# the SERVICE_NAME comes from the metadata.name of the pod, essentially the POD_NAME # the SERVICE_NAME comes from the metadata.name of the pod, essentially the POD_NAME
CURL_URL="{{ include "admin-http-protocol" . }}://${SERVICE_NAME}.{{ template "redpanda.fullname" . }}.{{ .Release.Namespace }}.svc.{{ .Values.clusterDomain | trimSuffix "." }}:{{ .Values.listeners.admin.port }}" CURL_URL="{{ include "admin-http-protocol" . }}://${SERVICE_NAME}.{{ template "redpanda.servicename" . }}.{{ .Release.Namespace }}.svc.{{ .Values.clusterDomain | trimSuffix "." }}:{{ .Values.listeners.admin.port }}"
# commands used throughout # commands used throughout
CURL_NODE_ID_CMD="curl --silent --fail {{ include "admin-tls-curl-flags" . }} ${CURL_URL}/v1/node_config" CURL_NODE_ID_CMD="curl --silent --fail {{ include "admin-tls-curl-flags" . }} ${CURL_URL}/v1/node_config"

2
charts/redpanda/redpanda/templates/service.internal.yaml
View File

@ -21,7 +21,7 @@ limitations under the License.
apiVersion: v1 apiVersion: v1
kind: Service kind: Service
metadata: metadata:
name: {{ include "redpanda.fullname" . }} name: {{ include "redpanda.servicename" . }}
namespace: {{ .Release.Namespace | quote }} namespace: {{ .Release.Namespace | quote }}
labels: labels:
monitoring.redpanda.com/enabled: {{ .Values.monitoring.enabled | quote }} monitoring.redpanda.com/enabled: {{ .Values.monitoring.enabled | quote }}

2
charts/redpanda/redpanda/templates/services.nodeport.yaml
View File

@ -20,7 +20,7 @@ limitations under the License.
apiVersion: v1 apiVersion: v1
kind: Service kind: Service
metadata: metadata:
name: {{ include "redpanda.fullname" . }}-external name: {{ include "redpanda.servicename" . }}-external
namespace: {{ .Release.Namespace | quote }} namespace: {{ .Release.Namespace | quote }}
labels: labels:
{{- with include "full.labels" . }} {{- with include "full.labels" . }}

2
charts/redpanda/redpanda/templates/statefulset.yaml
View File

@ -47,7 +47,7 @@ metadata:
spec: spec:
selector: selector:
matchLabels: {{ (include "statefulset-pod-labels" .) | nindent 6 }} matchLabels: {{ (include "statefulset-pod-labels" .) | nindent 6 }}
serviceName: {{ template "redpanda.fullname" . }} serviceName: {{ template "redpanda.servicename" . }}
replicas: {{ .Values.statefulset.replicas | int64 }} replicas: {{ .Values.statefulset.replicas | int64 }}
updateStrategy: updateStrategy:
{{- toYaml .Values.statefulset.updateStrategy | nindent 4 }} {{- toYaml .Values.statefulset.updateStrategy | nindent 4 }}

4
charts/redpanda/redpanda/templates/tests/test-pandaproxy-status.yaml
View File

@ -51,13 +51,13 @@ spec:
{{- if or (include "sasl-enabled" .|fromJson).bool .Values.listeners.http.authenticationMethod }} {{- if or (include "sasl-enabled" .|fromJson).bool .Values.listeners.http.authenticationMethod }}
-u $USERNAME:$PASSWORD \ -u $USERNAME:$PASSWORD \
{{- end }} {{- end }}
http://{{ include "redpanda.fullname" . }}:{{ .Values.listeners.http.port }}/brokers http://{{ include "redpanda.servicename" . }}:{{ .Values.listeners.http.port }}/brokers
curl -svm3 --fail --retry "120" --retry-max-time "120" --retry-all-errors \ curl -svm3 --fail --retry "120" --retry-max-time "120" --retry-all-errors \
{{- if or (include "sasl-enabled" .|fromJson).bool .Values.listeners.http.authenticationMethod }} {{- if or (include "sasl-enabled" .|fromJson).bool .Values.listeners.http.authenticationMethod }}
-u $USERNAME:$PASSWORD \ -u $USERNAME:$PASSWORD \
{{- end }} {{- end }}
http://{{ include "redpanda.fullname" . }}:{{ .Values.listeners.http.port }}/topics http://{{ include "redpanda.servicename" . }}:{{ .Values.listeners.http.port }}/topics
volumeMounts: volumeMounts:
{{- if $sasl.enabled }} {{- if $sasl.enabled }}
- name: {{ $sasl.secretRef }} - name: {{ $sasl.secretRef }}

8
charts/redpanda/redpanda/values.schema.json
View File

@ -50,6 +50,14 @@
} }
} }
}, },
"service": {
"type": "object",
"properties": {
"name": {
"type": "string"
}
}
},
"license_key": { "license_key": {
"type": "string", "type": "string",
"pattern": "^(?:[A-Za-z0-9+/]{4})*(?:[A-Za-z0-9+/]{2}==|[A-Za-z0-9+/]{3}=)?\\.(?:[A-Za-z0-9+/]{4})*(?:[A-Za-z0-9+/]{2}==|[A-Za-z0-9+/]{3}=)?$|^$", "pattern": "^(?:[A-Za-z0-9+/]{4})*(?:[A-Za-z0-9+/]{2}==|[A-Za-z0-9+/]{3}=)?\\.(?:[A-Za-z0-9+/]{4})*(?:[A-Za-z0-9+/]{2}==|[A-Za-z0-9+/]{3}=)?$|^$",

5
charts/redpanda/redpanda/values.yaml
View File

@ -56,6 +56,11 @@ image:
# If `image.tag` is 'latest', the default is `Always`. # If `image.tag` is 'latest', the default is `Always`.
pullPolicy: IfNotPresent pullPolicy: IfNotPresent
# -- Redpanda Service settings.
# service:
# -- set service.name to override the default service name
# name: redpanda
# -- Pull secrets may be used to provide credentials to image repositories # -- Pull secrets may be used to provide credentials to image repositories
# See https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ # See https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
imagePullSecrets: [] imagePullSecrets: []

245
index.yaml
View File

@ -1515,6 +1515,39 @@ entries:
urls: urls:
- assets/ambassador/ambassador-6.7.1100.tgz - assets/ambassador/ambassador-6.7.1100.tgz
version: 6.7.1100 version: 6.7.1100
amd-gpu:
- annotations:
catalog.cattle.io/certified: partner
catalog.cattle.io/display-name: AMD GPU Device Plugin
catalog.cattle.io/kube-version: '>= 1.18.0-0'
catalog.cattle.io/release-name: amd-gpu
apiVersion: v2
appVersion: 1.25.2.4
created: "2023-08-29T12:38:28.103862926Z"
dependencies:
- condition: nfd.enabled
name: node-feature-discovery
repository: file://./charts/node-feature-discovery
version: '>= 0.8.1-0'
description: A Helm chart for deploying Kubernetes AMD GPU device plugin
digest: 7a7b954ea1cc15cbdd47b2167f9cb27a7978b80c905714421282de2c4245d04e
home: https://github.com/RadeonOpenCompute/k8s-device-plugin
icon: https://raw.githubusercontent.com/RadeonOpenCompute/k8s-device-plugin/master/helm/logo.png
keywords:
- kubernetes
- cluster
- hardware
- gpu
kubeVersion: '>= 1.18.0-0'
maintainers:
- name: Kenny Ho <Kenny.Ho@amd.com>
name: amd-gpu
sources:
- https://github.com/RadeonOpenCompute/k8s-device-plugin
type: application
urls:
- assets/amd/amd-gpu-0.9.0.tgz
version: 0.9.0
argo-cd: argo-cd:
- annotations: - annotations:
artifacthub.io/changes: | artifacthub.io/changes: |
@ -13667,6 +13700,28 @@ entries:
- assets/kubecost/cost-analyzer-1.70.000.tgz - assets/kubecost/cost-analyzer-1.70.000.tgz
version: 1.70.000 version: 1.70.000
crate-operator: crate-operator:
- annotations:
catalog.cattle.io/certified: partner
catalog.cattle.io/display-name: CrateDB Operator
catalog.cattle.io/release-name: crate-operator
apiVersion: v2
appVersion: 2.30.3
created: "2023-08-29T12:38:34.501771794Z"
dependencies:
- condition: crate-operator-crds.enabled
name: crate-operator-crds
repository: file://./charts/crate-operator-crds
version: 2.30.3
description: Crate Operator - Helm chart for installing and upgrading Crate Operator.
digest: 814371e98d694a287707bfdcfd74a703db613822a486e21a2d9982a88d5eeff4
icon: https://raw.githubusercontent.com/crate/crate/master/docs/_static/crate-logo.svg
maintainers:
- name: Crate.io
name: crate-operator
type: application
urls:
- assets/crate/crate-operator-2.30.3.tgz
version: 2.30.3
- annotations: - annotations:
catalog.cattle.io/certified: partner catalog.cattle.io/certified: partner
catalog.cattle.io/display-name: CrateDB Operator catalog.cattle.io/display-name: CrateDB Operator
@ -18774,6 +18829,38 @@ entries:
- assets/f5/f5-bigip-ctlr-0.0.1901.tgz - assets/f5/f5-bigip-ctlr-0.0.1901.tgz
version: 0.0.1901 version: 0.0.1901
falcon-sensor: falcon-sensor:
- annotations:
catalog.cattle.io/certified: partner
catalog.cattle.io/display-name: CrowdStrike Falcon Platform
catalog.cattle.io/kube-version: '>1.22.0-0'
catalog.cattle.io/release-name: falcon-sensor
apiVersion: v2
appVersion: 1.20.3
created: "2023-08-29T12:38:34.523694118Z"
description: A Helm chart to deploy CrowdStrike Falcon sensors into Kubernetes
clusters.
digest: 05f421b99ec4b574d7ad62c81c62d9c4897afee9a9f090e02d7f4bd8b94b5153
home: https://crowdstrike.com
icon: https://raw.githubusercontent.com/CrowdStrike/falcon-helm/main/images/crowdstrike-logo.svg
keywords:
- CrowdStrike
- Falcon
- EDR
- kubernetes
- security
- monitoring
- alerting
kubeVersion: '>1.22.0-0'
maintainers:
- email: integrations@crowdstrike.com
name: CrowdStrike Solutions Architecture
name: falcon-sensor
sources:
- https://github.com/CrowdStrike/falcon-helm
type: application
urls:
- assets/crowdstrike/falcon-sensor-1.20.3.tgz
version: 1.20.3
- annotations: - annotations:
catalog.cattle.io/certified: partner catalog.cattle.io/certified: partner
catalog.cattle.io/display-name: CrowdStrike Falcon Platform catalog.cattle.io/display-name: CrowdStrike Falcon Platform
@ -22339,6 +22426,36 @@ entries:
- assets/hpe/hpe-flexvolume-driver-3.1.000.tgz - assets/hpe/hpe-flexvolume-driver-3.1.000.tgz
version: 3.1.000 version: 3.1.000
instana-agent: instana-agent:
- annotations:
artifacthub.io/links: |
- name: Instana website
url: https://www.instana.com
- name: Instana Helm charts
url: https://github.com/instana/helm-charts
catalog.cattle.io/certified: partner
catalog.cattle.io/display-name: Instana Agent
catalog.cattle.io/kube-version: '>=1.21-0'
catalog.cattle.io/release-name: instana-agent
apiVersion: v2
appVersion: 1.256.0
created: "2023-08-29T12:38:36.267623271Z"
description: Instana Agent for Kubernetes
digest: 6bb1dab8b5bb7746a64f5e45bba6b713d51db8c8789e3c63c0196d02993621a1
home: https://www.instana.com/
icon: https://agents.instana.io/helm/stan-logo-2020.png
maintainers:
- email: felix.marx@ibm.com
name: FelixMarxIBM
- email: henning.treu@ibm.com
name: htreu
- email: torsten.kohn@ibm.com
name: tkohn
name: instana-agent
sources:
- https://github.com/instana/instana-agent-docker
urls:
- assets/instana/instana-agent-1.2.62.tgz
version: 1.2.62
- annotations: - annotations:
artifacthub.io/links: | artifacthub.io/links: |
- name: Instana website - name: Instana website
@ -29585,6 +29702,46 @@ entries:
- assets/kong/kong-2.3.1.tgz - assets/kong/kong-2.3.1.tgz
version: 2.3.1 version: 2.3.1
koor-operator: koor-operator:
- annotations:
artifacthub.io/category: storage
artifacthub.io/crds: |
- kind: KoorCluster
version: v1
name: koorcluster
displayName: Koor Cluster
description: "Resource to control the creation of a Koor Storage Cluster."
artifacthub.io/license: Apache-2.0
artifacthub.io/operator: "true"
artifacthub.io/operatorCapabilities: basic install
catalog.cattle.io/certified: partner
catalog.cattle.io/display-name: Koor Operator
catalog.cattle.io/kube-version: '>=1.19.0'
catalog.cattle.io/release-name: koor-operator
apiVersion: v2
appVersion: v0.3.5
created: "2023-08-29T12:38:38.569737777Z"
dependencies:
- alias: certmanager
condition: certmanager.enabled
name: cert-manager
repository: file://./charts/cert-manager
version: v1.12.3
description: A Helm chart for deploying the Koor Operator to Kubernetes
digest: bc676ee44d9a4d48808bdde5d10cfc49b3d3212fa47461727b561004bf277be0
icon: https://koor.tech/images/favicon.svg
keywords:
- storage
- operator
- rook
- ceph
kubeVersion: '>=1.19.0'
name: koor-operator
sources:
- https://github.com/koor-tech/koor-operator/
type: application
urls:
- assets/koor-tech/koor-operator-0.3.5.tgz
version: 0.3.5
- annotations: - annotations:
artifacthub.io/category: storage artifacthub.io/category: storage
artifacthub.io/crds: | artifacthub.io/crds: |
@ -41615,6 +41772,50 @@ entries:
- assets/quobyte/quobyte-cluster-0.1.5.tgz - assets/quobyte/quobyte-cluster-0.1.5.tgz
version: 0.1.5 version: 0.1.5
redis: redis:
- annotations:
catalog.cattle.io/certified: partner
catalog.cattle.io/display-name: Redis
catalog.cattle.io/kube-version: '>=1.19-0'
catalog.cattle.io/release-name: redis
category: Database
images: |
- name: os-shell
image: docker.io/bitnami/os-shell:11-debian-11-r48
- name: redis-exporter
image: docker.io/bitnami/redis-exporter:1.52.0-debian-11-r25
- name: redis-sentinel
image: docker.io/bitnami/redis-sentinel:7.2.0-debian-11-r0
- name: redis
image: docker.io/bitnami/redis:7.2.0-debian-11-r0
licenses: Apache-2.0
apiVersion: v2
appVersion: 7.2.0
created: "2023-08-29T12:38:32.689153556Z"
dependencies:
- name: common
repository: file://./charts/common
tags:
- bitnami-common
version: 2.x.x
description: Redis(R) is an open source, advanced key-value store. It is often
referred to as a data structure server since keys can contain strings, hashes,
lists, sets and sorted sets.
digest: 04f363ce8228838767964fff7fc62a3b31a07c59d91a7b543dd9bd3afa44eeb0
home: https://bitnami.com
icon: https://redis.com/wp-content/uploads/2021/08/redis-logo.png
keywords:
- redis
- keyvalue
- database
maintainers:
- name: VMware, Inc.
url: https://github.com/bitnami/charts
name: redis
sources:
- https://github.com/bitnami/charts/tree/main/bitnami/redis
urls:
- assets/bitnami/redis-18.0.1.tgz
version: 18.0.1
- annotations: - annotations:
catalog.cattle.io/certified: partner catalog.cattle.io/certified: partner
catalog.cattle.io/display-name: Redis catalog.cattle.io/display-name: Redis
@ -43319,6 +43520,50 @@ entries:
- assets/bitnami/redis-17.3.7.tgz - assets/bitnami/redis-17.3.7.tgz
version: 17.3.7 version: 17.3.7
redpanda: redpanda:
- annotations:
artifacthub.io/images: |
- name: redpanda
image: docker.redpanda.com/redpandadata/redpanda:v23.2.7
- name: busybox
image: busybox:latest
- name: mintel/docker-alpine-bash-curl-jq
image: mintel/docker-alpine-bash-curl-jq:latest
artifacthub.io/license: Apache-2.0
artifacthub.io/links: |
- name: Documentation
url: https://docs.redpanda.com
- name: "Helm (>= 3.6.0)"
url: https://helm.sh/docs/intro/install/
catalog.cattle.io/certified: partner
catalog.cattle.io/display-name: Redpanda
catalog.cattle.io/kube-version: '>=1.21-0'
catalog.cattle.io/release-name: redpanda
apiVersion: v2
appVersion: v23.2.7
created: "2023-08-29T12:38:40.826707229Z"
dependencies:
- condition: console.enabled
name: console
repository: file://./charts/console
version: '>=0.5 <1.0'
- condition: connectors.enabled
name: connectors
repository: file://./charts/connectors
version: '>=0.1.2 <1.0'
description: Redpanda is the real-time engine for modern apps.
digest: 9f460accceca9c0575c72087201a449b4d7b74eaba614f2126763c4668962553
icon: https://images.ctfassets.net/paqvtpyf8rwu/3cYHw5UzhXCbKuR24GDFGO/73fb682e6157d11c10d5b2b5da1d5af0/skate-stand-panda.svg
kubeVersion: '>=1.21-0'
maintainers:
- name: redpanda-data
url: https://github.com/orgs/redpanda-data/people
name: redpanda
sources:
- https://github.com/redpanda-data/helm-charts
type: application
urls:
- assets/redpanda/redpanda-5.1.7.tgz
version: 5.1.7
- annotations: - annotations:
artifacthub.io/images: | artifacthub.io/images: |
- name: redpanda - name: redpanda