Charts CI
``` Added: amd/amd-gpu: - 0.9.0 Updated: bitnami/redis: - 18.0.1 crate/crate-operator: - 2.30.3 crowdstrike/falcon-sensor: - 1.20.3 instana/instana-agent: - 1.2.62 koor-tech/koor-operator: - 0.3.5 redpanda/redpanda: - 5.1.7 ```pull/869/head
parent
2dcccd292a
commit
d2e690d085
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
|
@ -0,0 +1,23 @@
|
|||
# Patterns to ignore when building packages.
|
||||
# This supports shell glob matching, relative path matching, and
|
||||
# negation (prefixed with !). Only one pattern per line.
|
||||
.DS_Store
|
||||
# Common VCS dirs
|
||||
.git/
|
||||
.gitignore
|
||||
.bzr/
|
||||
.bzrignore
|
||||
.hg/
|
||||
.hgignore
|
||||
.svn/
|
||||
# Common backup files
|
||||
*.swp
|
||||
*.bak
|
||||
*.tmp
|
||||
*.orig
|
||||
*~
|
||||
# Various IDEs
|
||||
.project
|
||||
.idea/
|
||||
*.tmproj
|
||||
.vscode/
|
|
@ -0,0 +1,6 @@
|
|||
dependencies:
|
||||
- name: node-feature-discovery
|
||||
repository: https://kubernetes-sigs.github.io/node-feature-discovery/charts
|
||||
version: 0.13.3
|
||||
digest: sha256:a4f46d22c9ecd5b82cc2ed17da0c34b0e4936f6365bb61b474ec2780e9af3636
|
||||
generated: "2023-08-23T02:41:44.856348249Z"
|
|
@ -0,0 +1,28 @@
|
|||
annotations:
|
||||
catalog.cattle.io/certified: partner
|
||||
catalog.cattle.io/display-name: AMD GPU Device Plugin
|
||||
catalog.cattle.io/kube-version: '>= 1.18.0-0'
|
||||
catalog.cattle.io/release-name: amd-gpu
|
||||
apiVersion: v2
|
||||
appVersion: 1.25.2.4
|
||||
dependencies:
|
||||
- condition: nfd.enabled
|
||||
name: node-feature-discovery
|
||||
repository: file://./charts/node-feature-discovery
|
||||
version: '>= 0.8.1-0'
|
||||
description: A Helm chart for deploying Kubernetes AMD GPU device plugin
|
||||
home: https://github.com/RadeonOpenCompute/k8s-device-plugin
|
||||
icon: https://raw.githubusercontent.com/RadeonOpenCompute/k8s-device-plugin/master/helm/logo.png
|
||||
keywords:
|
||||
- kubernetes
|
||||
- cluster
|
||||
- hardware
|
||||
- gpu
|
||||
kubeVersion: '>= 1.18.0-0'
|
||||
maintainers:
|
||||
- name: Kenny Ho <Kenny.Ho@amd.com>
|
||||
name: amd-gpu
|
||||
sources:
|
||||
- https://github.com/RadeonOpenCompute/k8s-device-plugin
|
||||
type: application
|
||||
version: 0.9.0
|
|
@ -0,0 +1,40 @@
|
|||
# AMD GPU Helm Chart
|
||||
|
||||
![Version: 0.9.0](https://img.shields.io/badge/Version-0.9.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 1.25.2.4](https://img.shields.io/badge/AppVersion-1.25.2.4-informational?style=flat-square)
|
||||
|
||||
A Helm chart for deploying Kubernetes AMD GPU device plugin
|
||||
|
||||
## Requirements
|
||||
|
||||
Kubernetes: `>= 1.18.0`
|
||||
|
||||
## Optional Dependencies
|
||||
|
||||
| Repository | Name | Version |
|
||||
|------------|------|---------|
|
||||
| https://kubernetes-sigs.github.io/node-feature-discovery/charts | node-feature-discovery | 0.8.1 |
|
||||
|
||||
## Values
|
||||
|
||||
| Key | Type | Default | Description |
|
||||
|-----|------|---------|-------------|
|
||||
| dp.image.repository | string | `"docker.io/rocm/k8s-device-plugin"` | |
|
||||
| dp.image.tag | string | `""` | |
|
||||
| imagePullSecrets | list | `[]` | |
|
||||
| labeller.enabled | bool | `false` | |
|
||||
| lbl.image.repository | string | `"docker.io/rocm/k8s-device-plugin"` | |
|
||||
| lbl.image.tag | string | `"labeller-latest"` | |
|
||||
| namespace | string | `"kube-system"` | |
|
||||
| nfd.enabled | bool | `false` | |
|
||||
| node_selector."feature.node.kubernetes.io/pci-0300_1002.present" | string | `"true"` | |
|
||||
| securityContext.allowPrivilegeEscalation | bool | `false` | |
|
||||
| securityContext.capabilities.drop[0] | string | `"ALL"` | |
|
||||
| tolerations[0].key | string | `"CriticalAddonsOnly"` | |
|
||||
| tolerations[0].operator | string | `"Exists"` | |
|
||||
|
||||
## More information
|
||||
|
||||
https://github.com/RadeonOpenCompute/k8s-device-plugin
|
||||
|
||||
----------------------------------------------
|
||||
Autogenerated from chart metadata using [helm-docs v1.5.0](https://github.com/norwoodj/helm-docs/releases/v1.5.0)
|
|
@ -0,0 +1,17 @@
|
|||
# AMD GPU Helm Chart
|
||||
|
||||
[Kubernetes][k8s] [device plugin][dp] implementation that enables the registration of AMD GPU in a container cluster for compute workload.
|
||||
|
||||
More information about [RadeonOpenCompute (ROCm)][rocm]
|
||||
|
||||
## Prerequisites
|
||||
* [ROCm capable machines][sysreq]
|
||||
* [ROCm kernel][rock] ([Installation guide][rocminstall]) or latest AMD GPU Linux driver ([Installation guide][amdgpuinstall])
|
||||
|
||||
[dp]: https://kubernetes.io/docs/concepts/cluster-administration/device-plugins/
|
||||
[k8s]: https://kubernetes.io
|
||||
[rocm]: https://docs.amd.com/en/latest/rocm.html
|
||||
[rock]: https://github.com/RadeonOpenCompute/ROCK-Kernel-Driver
|
||||
[rocminstall]: https://docs.amd.com/en/latest/deploy/linux/quick_start.html
|
||||
[amdgpuinstall]: https://amdgpu-install.readthedocs.io/en/latest/
|
||||
[sysreq]: https://docs.amd.com/en/latest/release/gpu_os_support.html
|
|
@ -0,0 +1,23 @@
|
|||
# Patterns to ignore when building packages.
|
||||
# This supports shell glob matching, relative path matching, and
|
||||
# negation (prefixed with !). Only one pattern per line.
|
||||
.DS_Store
|
||||
# Common VCS dirs
|
||||
.git/
|
||||
.gitignore
|
||||
.bzr/
|
||||
.bzrignore
|
||||
.hg/
|
||||
.hgignore
|
||||
.svn/
|
||||
# Common backup files
|
||||
*.swp
|
||||
*.bak
|
||||
*.tmp
|
||||
*.orig
|
||||
*~
|
||||
# Various IDEs
|
||||
.project
|
||||
.idea/
|
||||
*.tmproj
|
||||
.vscode/
|
|
@ -0,0 +1,14 @@
|
|||
apiVersion: v2
|
||||
appVersion: v0.13.3
|
||||
description: 'Detects hardware features available on each node in a Kubernetes cluster,
|
||||
and advertises those features using node labels. '
|
||||
home: https://github.com/kubernetes-sigs/node-feature-discovery
|
||||
keywords:
|
||||
- feature-discovery
|
||||
- feature-detection
|
||||
- node-labels
|
||||
name: node-feature-discovery
|
||||
sources:
|
||||
- https://github.com/kubernetes-sigs/node-feature-discovery
|
||||
type: application
|
||||
version: 0.13.3
|
|
@ -0,0 +1,10 @@
|
|||
# Node Feature Discovery
|
||||
|
||||
Node Feature Discovery (NFD) is a Kubernetes add-on for detecting hardware
|
||||
features and system configuration. Detected features are advertised as node
|
||||
labels. NFD provides flexible configuration and extension points for a wide
|
||||
range of vendor and application specific node labeling needs.
|
||||
|
||||
See
|
||||
[NFD documentation](https://kubernetes-sigs.github.io/node-feature-discovery/v0.13/deployment/helm.html)
|
||||
for deployment instructions.
|
|
@ -0,0 +1,363 @@
|
|||
---
|
||||
apiVersion: apiextensions.k8s.io/v1
|
||||
kind: CustomResourceDefinition
|
||||
metadata:
|
||||
annotations:
|
||||
controller-gen.kubebuilder.io/version: v0.9.2
|
||||
creationTimestamp: null
|
||||
name: nodefeatures.nfd.k8s-sigs.io
|
||||
spec:
|
||||
group: nfd.k8s-sigs.io
|
||||
names:
|
||||
kind: NodeFeature
|
||||
listKind: NodeFeatureList
|
||||
plural: nodefeatures
|
||||
singular: nodefeature
|
||||
scope: Namespaced
|
||||
versions:
|
||||
- name: v1alpha1
|
||||
schema:
|
||||
openAPIV3Schema:
|
||||
description: NodeFeature resource holds the features discovered for one node
|
||||
in the cluster.
|
||||
properties:
|
||||
apiVersion:
|
||||
description: 'APIVersion defines the versioned schema of this representation
|
||||
of an object. Servers should convert recognized schemas to the latest
|
||||
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
|
||||
type: string
|
||||
kind:
|
||||
description: 'Kind is a string value representing the REST resource this
|
||||
object represents. Servers may infer this from the endpoint the client
|
||||
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
|
||||
type: string
|
||||
metadata:
|
||||
type: object
|
||||
spec:
|
||||
description: NodeFeatureSpec describes a NodeFeature object.
|
||||
properties:
|
||||
features:
|
||||
description: Features is the full "raw" features data that has been
|
||||
discovered.
|
||||
properties:
|
||||
attributes:
|
||||
additionalProperties:
|
||||
description: AttributeFeatureSet is a set of features having
|
||||
string value.
|
||||
properties:
|
||||
elements:
|
||||
additionalProperties:
|
||||
type: string
|
||||
type: object
|
||||
required:
|
||||
- elements
|
||||
type: object
|
||||
description: Attributes contains all the attribute-type features
|
||||
of the node.
|
||||
type: object
|
||||
flags:
|
||||
additionalProperties:
|
||||
description: FlagFeatureSet is a set of simple features only
|
||||
containing names without values.
|
||||
properties:
|
||||
elements:
|
||||
additionalProperties:
|
||||
description: Nil is a dummy empty struct for protobuf
|
||||
compatibility
|
||||
type: object
|
||||
type: object
|
||||
required:
|
||||
- elements
|
||||
type: object
|
||||
description: Flags contains all the flag-type features of the
|
||||
node.
|
||||
type: object
|
||||
instances:
|
||||
additionalProperties:
|
||||
description: InstanceFeatureSet is a set of features each of
|
||||
which is an instance having multiple attributes.
|
||||
properties:
|
||||
elements:
|
||||
items:
|
||||
description: InstanceFeature represents one instance of
|
||||
a complex features, e.g. a device.
|
||||
properties:
|
||||
attributes:
|
||||
additionalProperties:
|
||||
type: string
|
||||
type: object
|
||||
required:
|
||||
- attributes
|
||||
type: object
|
||||
type: array
|
||||
required:
|
||||
- elements
|
||||
type: object
|
||||
description: Instances contains all the instance-type features
|
||||
of the node.
|
||||
type: object
|
||||
type: object
|
||||
labels:
|
||||
additionalProperties:
|
||||
type: string
|
||||
description: Labels is the set of node labels that are requested to
|
||||
be created.
|
||||
type: object
|
||||
type: object
|
||||
required:
|
||||
- spec
|
||||
type: object
|
||||
served: true
|
||||
storage: true
|
||||
---
|
||||
apiVersion: apiextensions.k8s.io/v1
|
||||
kind: CustomResourceDefinition
|
||||
metadata:
|
||||
annotations:
|
||||
controller-gen.kubebuilder.io/version: v0.9.2
|
||||
creationTimestamp: null
|
||||
name: nodefeaturerules.nfd.k8s-sigs.io
|
||||
spec:
|
||||
group: nfd.k8s-sigs.io
|
||||
names:
|
||||
kind: NodeFeatureRule
|
||||
listKind: NodeFeatureRuleList
|
||||
plural: nodefeaturerules
|
||||
shortNames:
|
||||
- nfr
|
||||
singular: nodefeaturerule
|
||||
scope: Cluster
|
||||
versions:
|
||||
- name: v1alpha1
|
||||
schema:
|
||||
openAPIV3Schema:
|
||||
description: NodeFeatureRule resource specifies a configuration for feature-based
|
||||
customization of node objects, such as node labeling.
|
||||
properties:
|
||||
apiVersion:
|
||||
description: 'APIVersion defines the versioned schema of this representation
|
||||
of an object. Servers should convert recognized schemas to the latest
|
||||
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
|
||||
type: string
|
||||
kind:
|
||||
description: 'Kind is a string value representing the REST resource this
|
||||
object represents. Servers may infer this from the endpoint the client
|
||||
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
|
||||
type: string
|
||||
metadata:
|
||||
type: object
|
||||
spec:
|
||||
description: NodeFeatureRuleSpec describes a NodeFeatureRule.
|
||||
properties:
|
||||
rules:
|
||||
description: Rules is a list of node customization rules.
|
||||
items:
|
||||
description: Rule defines a rule for node customization such as
|
||||
labeling.
|
||||
properties:
|
||||
extendedResources:
|
||||
additionalProperties:
|
||||
type: string
|
||||
description: ExtendedResources to create if the rule matches.
|
||||
type: object
|
||||
labels:
|
||||
additionalProperties:
|
||||
type: string
|
||||
description: Labels to create if the rule matches.
|
||||
type: object
|
||||
labelsTemplate:
|
||||
description: LabelsTemplate specifies a template to expand for
|
||||
dynamically generating multiple labels. Data (after template
|
||||
expansion) must be keys with an optional value (<key>[=<value>])
|
||||
separated by newlines.
|
||||
type: string
|
||||
matchAny:
|
||||
description: MatchAny specifies a list of matchers one of which
|
||||
must match.
|
||||
items:
|
||||
description: MatchAnyElem specifies one sub-matcher of MatchAny.
|
||||
properties:
|
||||
matchFeatures:
|
||||
description: MatchFeatures specifies a set of matcher
|
||||
terms all of which must match.
|
||||
items:
|
||||
description: FeatureMatcherTerm defines requirements
|
||||
against one feature set. All requirements (specified
|
||||
as MatchExpressions) are evaluated against each element
|
||||
in the feature set.
|
||||
properties:
|
||||
feature:
|
||||
type: string
|
||||
matchExpressions:
|
||||
additionalProperties:
|
||||
description: "MatchExpression specifies an expression
|
||||
to evaluate against a set of input values. It
|
||||
contains an operator that is applied when matching
|
||||
the input and an array of values that the operator
|
||||
evaluates the input against. \n NB: CreateMatchExpression
|
||||
or MustCreateMatchExpression() should be used
|
||||
for creating new instances. \n NB: Validate()
|
||||
must be called if Op or Value fields are modified
|
||||
or if a new instance is created from scratch
|
||||
without using the helper functions."
|
||||
properties:
|
||||
op:
|
||||
description: Op is the operator to be applied.
|
||||
enum:
|
||||
- In
|
||||
- NotIn
|
||||
- InRegexp
|
||||
- Exists
|
||||
- DoesNotExist
|
||||
- Gt
|
||||
- Lt
|
||||
- GtLt
|
||||
- IsTrue
|
||||
- IsFalse
|
||||
type: string
|
||||
value:
|
||||
description: Value is the list of values that
|
||||
the operand evaluates the input against.
|
||||
Value should be empty if the operator is
|
||||
Exists, DoesNotExist, IsTrue or IsFalse.
|
||||
Value should contain exactly one element
|
||||
if the operator is Gt or Lt and exactly
|
||||
two elements if the operator is GtLt. In
|
||||
other cases Value should contain at least
|
||||
one element.
|
||||
items:
|
||||
type: string
|
||||
type: array
|
||||
required:
|
||||
- op
|
||||
type: object
|
||||
description: MatchExpressionSet contains a set of
|
||||
MatchExpressions, each of which is evaluated against
|
||||
a set of input values.
|
||||
type: object
|
||||
required:
|
||||
- feature
|
||||
- matchExpressions
|
||||
type: object
|
||||
type: array
|
||||
required:
|
||||
- matchFeatures
|
||||
type: object
|
||||
type: array
|
||||
matchFeatures:
|
||||
description: MatchFeatures specifies a set of matcher terms
|
||||
all of which must match.
|
||||
items:
|
||||
description: FeatureMatcherTerm defines requirements against
|
||||
one feature set. All requirements (specified as MatchExpressions)
|
||||
are evaluated against each element in the feature set.
|
||||
properties:
|
||||
feature:
|
||||
type: string
|
||||
matchExpressions:
|
||||
additionalProperties:
|
||||
description: "MatchExpression specifies an expression
|
||||
to evaluate against a set of input values. It contains
|
||||
an operator that is applied when matching the input
|
||||
and an array of values that the operator evaluates
|
||||
the input against. \n NB: CreateMatchExpression or
|
||||
MustCreateMatchExpression() should be used for creating
|
||||
new instances. \n NB: Validate() must be called if
|
||||
Op or Value fields are modified or if a new instance
|
||||
is created from scratch without using the helper functions."
|
||||
properties:
|
||||
op:
|
||||
description: Op is the operator to be applied.
|
||||
enum:
|
||||
- In
|
||||
- NotIn
|
||||
- InRegexp
|
||||
- Exists
|
||||
- DoesNotExist
|
||||
- Gt
|
||||
- Lt
|
||||
- GtLt
|
||||
- IsTrue
|
||||
- IsFalse
|
||||
type: string
|
||||
value:
|
||||
description: Value is the list of values that the
|
||||
operand evaluates the input against. Value should
|
||||
be empty if the operator is Exists, DoesNotExist,
|
||||
IsTrue or IsFalse. Value should contain exactly
|
||||
one element if the operator is Gt or Lt and exactly
|
||||
two elements if the operator is GtLt. In other
|
||||
cases Value should contain at least one element.
|
||||
items:
|
||||
type: string
|
||||
type: array
|
||||
required:
|
||||
- op
|
||||
type: object
|
||||
description: MatchExpressionSet contains a set of MatchExpressions,
|
||||
each of which is evaluated against a set of input values.
|
||||
type: object
|
||||
required:
|
||||
- feature
|
||||
- matchExpressions
|
||||
type: object
|
||||
type: array
|
||||
name:
|
||||
description: Name of the rule.
|
||||
type: string
|
||||
taints:
|
||||
description: Taints to create if the rule matches.
|
||||
items:
|
||||
description: The node this Taint is attached to has the "effect"
|
||||
on any pod that does not tolerate the Taint.
|
||||
properties:
|
||||
effect:
|
||||
description: Required. The effect of the taint on pods
|
||||
that do not tolerate the taint. Valid effects are NoSchedule,
|
||||
PreferNoSchedule and NoExecute.
|
||||
type: string
|
||||
key:
|
||||
description: Required. The taint key to be applied to
|
||||
a node.
|
||||
type: string
|
||||
timeAdded:
|
||||
description: TimeAdded represents the time at which the
|
||||
taint was added. It is only written for NoExecute taints.
|
||||
format: date-time
|
||||
type: string
|
||||
value:
|
||||
description: The taint value corresponding to the taint
|
||||
key.
|
||||
type: string
|
||||
required:
|
||||
- effect
|
||||
- key
|
||||
type: object
|
||||
type: array
|
||||
vars:
|
||||
additionalProperties:
|
||||
type: string
|
||||
description: Vars is the variables to store if the rule matches.
|
||||
Variables do not directly inflict any changes in the node
|
||||
object. However, they can be referenced from other rules enabling
|
||||
more complex rule hierarchies, without exposing intermediary
|
||||
output values as labels.
|
||||
type: object
|
||||
varsTemplate:
|
||||
description: VarsTemplate specifies a template to expand for
|
||||
dynamically generating multiple variables. Data (after template
|
||||
expansion) must be keys with an optional value (<key>[=<value>])
|
||||
separated by newlines.
|
||||
type: string
|
||||
required:
|
||||
- name
|
||||
type: object
|
||||
type: array
|
||||
required:
|
||||
- rules
|
||||
type: object
|
||||
required:
|
||||
- spec
|
||||
type: object
|
||||
served: true
|
||||
storage: true
|
|
@ -0,0 +1,107 @@
|
|||
{{/* vim: set filetype=mustache: */}}
|
||||
{{/*
|
||||
Expand the name of the chart.
|
||||
*/}}
|
||||
{{- define "node-feature-discovery.name" -}}
|
||||
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Create a default fully qualified app name.
|
||||
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
|
||||
If release name contains chart name it will be used as a full name.
|
||||
*/}}
|
||||
{{- define "node-feature-discovery.fullname" -}}
|
||||
{{- if .Values.fullnameOverride -}}
|
||||
{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
|
||||
{{- else -}}
|
||||
{{- $name := default .Chart.Name .Values.nameOverride -}}
|
||||
{{- if contains $name .Release.Name -}}
|
||||
{{- .Release.Name | trunc 63 | trimSuffix "-" -}}
|
||||
{{- else -}}
|
||||
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Allow the release namespace to be overridden for multi-namespace deployments in combined charts
|
||||
*/}}
|
||||
{{- define "node-feature-discovery.namespace" -}}
|
||||
{{- if .Values.namespaceOverride -}}
|
||||
{{- .Values.namespaceOverride -}}
|
||||
{{- else -}}
|
||||
{{- .Release.Namespace -}}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Create chart name and version as used by the chart label.
|
||||
*/}}
|
||||
{{- define "node-feature-discovery.chart" -}}
|
||||
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Common labels
|
||||
*/}}
|
||||
{{- define "node-feature-discovery.labels" -}}
|
||||
helm.sh/chart: {{ include "node-feature-discovery.chart" . }}
|
||||
{{ include "node-feature-discovery.selectorLabels" . }}
|
||||
{{- if .Chart.AppVersion }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
|
||||
{{- end }}
|
||||
app.kubernetes.io/managed-by: {{ .Release.Service }}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Selector labels
|
||||
*/}}
|
||||
{{- define "node-feature-discovery.selectorLabels" -}}
|
||||
app.kubernetes.io/name: {{ include "node-feature-discovery.name" . }}
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Create the name of the service account which the nfd master will use
|
||||
*/}}
|
||||
{{- define "node-feature-discovery.master.serviceAccountName" -}}
|
||||
{{- if .Values.master.serviceAccount.create -}}
|
||||
{{ default (include "node-feature-discovery.fullname" .) .Values.master.serviceAccount.name }}
|
||||
{{- else -}}
|
||||
{{ default "default" .Values.master.serviceAccount.name }}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Create the name of the service account which the nfd worker will use
|
||||
*/}}
|
||||
{{- define "node-feature-discovery.worker.serviceAccountName" -}}
|
||||
{{- if .Values.worker.serviceAccount.create -}}
|
||||
{{ default (printf "%s-worker" (include "node-feature-discovery.fullname" .)) .Values.worker.serviceAccount.name }}
|
||||
{{- else -}}
|
||||
{{ default "default" .Values.worker.serviceAccount.name }}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Create the name of the service account which topologyUpdater will use
|
||||
*/}}
|
||||
{{- define "node-feature-discovery.topologyUpdater.serviceAccountName" -}}
|
||||
{{- if .Values.topologyUpdater.serviceAccount.create -}}
|
||||
{{ default (printf "%s-topology-updater" (include "node-feature-discovery.fullname" .)) .Values.topologyUpdater.serviceAccount.name }}
|
||||
{{- else -}}
|
||||
{{ default "default" .Values.topologyUpdater.serviceAccount.name }}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Create the name of the service account which topologyGC will use
|
||||
*/}}
|
||||
{{- define "node-feature-discovery.topologyGC.serviceAccountName" -}}
|
||||
{{- if .Values.topologyGC.serviceAccount.create -}}
|
||||
{{ default (printf "%s-topology-gc" (include "node-feature-discovery.fullname" .)) .Values.topologyGC.serviceAccount.name }}
|
||||
{{- else -}}
|
||||
{{ default "default" .Values.topologyGC.serviceAccount.name }}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
|
@ -0,0 +1,67 @@
|
|||
{{- if .Values.tls.certManager }}
|
||||
---
|
||||
apiVersion: cert-manager.io/v1
|
||||
kind: Certificate
|
||||
metadata:
|
||||
name: nfd-master-cert
|
||||
namespace: {{ include "node-feature-discovery.namespace" . }}
|
||||
spec:
|
||||
secretName: nfd-master-cert
|
||||
subject:
|
||||
organizations:
|
||||
- node-feature-discovery
|
||||
commonName: nfd-master
|
||||
dnsNames:
|
||||
# must match the service name
|
||||
- {{ include "node-feature-discovery.fullname" . }}-master
|
||||
# first one is configured for use by the worker; below are for completeness
|
||||
- {{ include "node-feature-discovery.fullname" . }}-master.{{ include "node-feature-discovery.namespace" . }}.svc
|
||||
- {{ include "node-feature-discovery.fullname" . }}-master.{{ include "node-feature-discovery.namespace" . }}.svc.cluster.local
|
||||
# localhost needed for grpc_health_probe
|
||||
- localhost
|
||||
issuerRef:
|
||||
name: nfd-ca-issuer
|
||||
kind: Issuer
|
||||
group: cert-manager.io
|
||||
|
||||
---
|
||||
apiVersion: cert-manager.io/v1
|
||||
kind: Certificate
|
||||
metadata:
|
||||
name: nfd-worker-cert
|
||||
namespace: {{ include "node-feature-discovery.namespace" . }}
|
||||
spec:
|
||||
secretName: nfd-worker-cert
|
||||
subject:
|
||||
organizations:
|
||||
- node-feature-discovery
|
||||
commonName: nfd-worker
|
||||
dnsNames:
|
||||
- {{ include "node-feature-discovery.fullname" . }}-worker.{{ include "node-feature-discovery.namespace" . }}.svc.cluster.local
|
||||
issuerRef:
|
||||
name: nfd-ca-issuer
|
||||
kind: Issuer
|
||||
group: cert-manager.io
|
||||
|
||||
{{- if .Values.topologyUpdater.enable }}
|
||||
---
|
||||
apiVersion: cert-manager.io/v1
|
||||
kind: Certificate
|
||||
metadata:
|
||||
name: nfd-topology-updater-cert
|
||||
namespace: {{ include "node-feature-discovery.namespace" . }}
|
||||
spec:
|
||||
secretName: nfd-topology-updater-cert
|
||||
subject:
|
||||
organizations:
|
||||
- node-feature-discovery
|
||||
commonName: nfd-topology-updater
|
||||
dnsNames:
|
||||
- {{ include "node-feature-discovery.fullname" . }}-topology-updater.{{ include "node-feature-discovery.namespace" . }}.svc.cluster.local
|
||||
issuerRef:
|
||||
name: nfd-ca-issuer
|
||||
kind: Issuer
|
||||
group: cert-manager.io
|
||||
{{- end }}
|
||||
|
||||
{{- end }}
|
|
@ -0,0 +1,42 @@
|
|||
{{- if .Values.tls.certManager }}
|
||||
# See https://cert-manager.io/docs/configuration/selfsigned/#bootstrapping-ca-issuers
|
||||
# - Create a self signed issuer
|
||||
# - Use this to create a CA cert
|
||||
# - Use this to now create a CA issuer
|
||||
---
|
||||
apiVersion: cert-manager.io/v1
|
||||
kind: Issuer
|
||||
metadata:
|
||||
name: nfd-ca-bootstrap
|
||||
namespace: {{ include "node-feature-discovery.namespace" . }}
|
||||
spec:
|
||||
selfSigned: {}
|
||||
|
||||
---
|
||||
apiVersion: cert-manager.io/v1
|
||||
kind: Certificate
|
||||
metadata:
|
||||
name: nfd-ca-cert
|
||||
namespace: {{ include "node-feature-discovery.namespace" . }}
|
||||
spec:
|
||||
isCA: true
|
||||
secretName: nfd-ca-cert
|
||||
subject:
|
||||
organizations:
|
||||
- node-feature-discovery
|
||||
commonName: nfd-ca-cert
|
||||
issuerRef:
|
||||
name: nfd-ca-bootstrap
|
||||
kind: Issuer
|
||||
group: cert-manager.io
|
||||
|
||||
---
|
||||
apiVersion: cert-manager.io/v1
|
||||
kind: Issuer
|
||||
metadata:
|
||||
name: nfd-ca-issuer
|
||||
namespace: {{ include "node-feature-discovery.namespace" . }}
|
||||
spec:
|
||||
ca:
|
||||
secretName: nfd-ca-cert
|
||||
{{- end }}
|
|
@ -0,0 +1,97 @@
|
|||
{{- if .Values.master.rbac.create }}
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: ClusterRole
|
||||
metadata:
|
||||
name: {{ include "node-feature-discovery.fullname" . }}
|
||||
labels:
|
||||
{{- include "node-feature-discovery.labels" . | nindent 4 }}
|
||||
rules:
|
||||
- apiGroups:
|
||||
- ""
|
||||
resources:
|
||||
- nodes
|
||||
- nodes/status
|
||||
verbs:
|
||||
- get
|
||||
- patch
|
||||
- update
|
||||
- list
|
||||
- apiGroups:
|
||||
- nfd.k8s-sigs.io
|
||||
resources:
|
||||
- nodefeatures
|
||||
- nodefeaturerules
|
||||
verbs:
|
||||
- get
|
||||
- list
|
||||
- watch
|
||||
{{- end }}
|
||||
|
||||
---
|
||||
{{- if and .Values.topologyUpdater.enable .Values.topologyUpdater.rbac.create }}
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: ClusterRole
|
||||
metadata:
|
||||
name: {{ include "node-feature-discovery.fullname" . }}-topology-updater
|
||||
labels:
|
||||
{{- include "node-feature-discovery.labels" . | nindent 4 }}
|
||||
rules:
|
||||
- apiGroups:
|
||||
- ""
|
||||
resources:
|
||||
- nodes
|
||||
verbs:
|
||||
- get
|
||||
- list
|
||||
- apiGroups:
|
||||
- ""
|
||||
resources:
|
||||
- nodes/proxy
|
||||
verbs:
|
||||
- get
|
||||
- apiGroups:
|
||||
- ""
|
||||
resources:
|
||||
- pods
|
||||
verbs:
|
||||
- get
|
||||
- apiGroups:
|
||||
- topology.node.k8s.io
|
||||
resources:
|
||||
- noderesourcetopologies
|
||||
verbs:
|
||||
- create
|
||||
- get
|
||||
- update
|
||||
{{- end }}
|
||||
|
||||
---
|
||||
{{- if and .Values.topologyGC.enable .Values.topologyGC.rbac.create .Values.topologyUpdater.enable }}
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: ClusterRole
|
||||
metadata:
|
||||
name: {{ include "node-feature-discovery.fullname" . }}-topology-gc
|
||||
labels:
|
||||
{{- include "node-feature-discovery.labels" . | nindent 4 }}
|
||||
rules:
|
||||
- apiGroups:
|
||||
- ""
|
||||
resources:
|
||||
- nodes
|
||||
verbs:
|
||||
- list
|
||||
- watch
|
||||
- apiGroups:
|
||||
- ""
|
||||
resources:
|
||||
- nodes/proxy
|
||||
verbs:
|
||||
- get
|
||||
- apiGroups:
|
||||
- topology.node.k8s.io
|
||||
resources:
|
||||
- noderesourcetopologies
|
||||
verbs:
|
||||
- delete
|
||||
- list
|
||||
{{- end }}
|
|
@ -0,0 +1,52 @@
|
|||
{{- if .Values.master.rbac.create }}
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: ClusterRoleBinding
|
||||
metadata:
|
||||
name: {{ include "node-feature-discovery.fullname" . }}
|
||||
labels:
|
||||
{{- include "node-feature-discovery.labels" . | nindent 4 }}
|
||||
roleRef:
|
||||
apiGroup: rbac.authorization.k8s.io
|
||||
kind: ClusterRole
|
||||
name: {{ include "node-feature-discovery.fullname" . }}
|
||||
subjects:
|
||||
- kind: ServiceAccount
|
||||
name: {{ include "node-feature-discovery.master.serviceAccountName" . }}
|
||||
namespace: {{ include "node-feature-discovery.namespace" . }}
|
||||
{{- end }}
|
||||
|
||||
---
|
||||
{{- if and .Values.topologyUpdater.enable .Values.topologyUpdater.rbac.create }}
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: ClusterRoleBinding
|
||||
metadata:
|
||||
name: {{ include "node-feature-discovery.fullname" . }}-topology-updater
|
||||
labels:
|
||||
{{- include "node-feature-discovery.labels" . | nindent 4 }}
|
||||
roleRef:
|
||||
apiGroup: rbac.authorization.k8s.io
|
||||
kind: ClusterRole
|
||||
name: {{ include "node-feature-discovery.fullname" . }}-topology-updater
|
||||
subjects:
|
||||
- kind: ServiceAccount
|
||||
name: {{ include "node-feature-discovery.topologyUpdater.serviceAccountName" . }}
|
||||
namespace: {{ include "node-feature-discovery.namespace" . }}
|
||||
{{- end }}
|
||||
|
||||
---
|
||||
{{- if and .Values.topologyGC.enable .Values.topologyGC.rbac.create .Values.topologyUpdater.enable }}
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: ClusterRoleBinding
|
||||
metadata:
|
||||
name: {{ include "node-feature-discovery.fullname" . }}-topology-gc
|
||||
labels:
|
||||
{{- include "node-feature-discovery.labels" . | nindent 4 }}
|
||||
roleRef:
|
||||
apiGroup: rbac.authorization.k8s.io
|
||||
kind: ClusterRole
|
||||
name: {{ include "node-feature-discovery.fullname" . }}-topology-gc
|
||||
subjects:
|
||||
- kind: ServiceAccount
|
||||
name: {{ .Values.topologyGC.serviceAccount.name | default "nfd-topology-gc" }}
|
||||
namespace: {{ include "node-feature-discovery.namespace" . }}
|
||||
{{- end }}
|
|
@ -0,0 +1,145 @@
|
|||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: {{ include "node-feature-discovery.fullname" . }}-master
|
||||
namespace: {{ include "node-feature-discovery.namespace" . }}
|
||||
labels:
|
||||
{{- include "node-feature-discovery.labels" . | nindent 4 }}
|
||||
role: master
|
||||
annotations:
|
||||
{{- toYaml .Values.master.deploymentAnnotations | nindent 4 }}
|
||||
spec:
|
||||
replicas: {{ .Values.master.replicaCount }}
|
||||
selector:
|
||||
matchLabels:
|
||||
{{- include "node-feature-discovery.selectorLabels" . | nindent 6 }}
|
||||
role: master
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
{{- include "node-feature-discovery.selectorLabels" . | nindent 8 }}
|
||||
role: master
|
||||
annotations:
|
||||
{{- toYaml .Values.master.annotations | nindent 8 }}
|
||||
spec:
|
||||
{{- with .Values.imagePullSecrets }}
|
||||
imagePullSecrets:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
serviceAccountName: {{ include "node-feature-discovery.master.serviceAccountName" . }}
|
||||
enableServiceLinks: false
|
||||
securityContext:
|
||||
{{- toYaml .Values.master.podSecurityContext | nindent 8 }}
|
||||
containers:
|
||||
- name: master
|
||||
securityContext:
|
||||
{{- toYaml .Values.master.securityContext | nindent 12 }}
|
||||
image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
|
||||
imagePullPolicy: {{ .Values.image.pullPolicy }}
|
||||
livenessProbe:
|
||||
exec:
|
||||
command:
|
||||
- "/usr/bin/grpc_health_probe"
|
||||
- "-addr=:{{ .Values.master.port | default "8080" }}"
|
||||
{{- if .Values.tls.enable }}
|
||||
- "-tls"
|
||||
- "-tls-ca-cert=/etc/kubernetes/node-feature-discovery/certs/ca.crt"
|
||||
- "-tls-client-key=/etc/kubernetes/node-feature-discovery/certs/tls.key"
|
||||
- "-tls-client-cert=/etc/kubernetes/node-feature-discovery/certs/tls.crt"
|
||||
{{- end }}
|
||||
initialDelaySeconds: 10
|
||||
periodSeconds: 10
|
||||
readinessProbe:
|
||||
exec:
|
||||
command:
|
||||
- "/usr/bin/grpc_health_probe"
|
||||
- "-addr=:{{ .Values.master.port | default "8080" }}"
|
||||
{{- if .Values.tls.enable }}
|
||||
- "-tls"
|
||||
- "-tls-ca-cert=/etc/kubernetes/node-feature-discovery/certs/ca.crt"
|
||||
- "-tls-client-key=/etc/kubernetes/node-feature-discovery/certs/tls.key"
|
||||
- "-tls-client-cert=/etc/kubernetes/node-feature-discovery/certs/tls.crt"
|
||||
{{- end }}
|
||||
initialDelaySeconds: 5
|
||||
periodSeconds: 10
|
||||
failureThreshold: 10
|
||||
ports:
|
||||
- containerPort: {{ .Values.master.port | default "8080" }}
|
||||
name: grpc
|
||||
env:
|
||||
- name: NODE_NAME
|
||||
valueFrom:
|
||||
fieldRef:
|
||||
fieldPath: spec.nodeName
|
||||
command:
|
||||
- "nfd-master"
|
||||
resources:
|
||||
{{- toYaml .Values.master.resources | nindent 12 }}
|
||||
args:
|
||||
{{- if .Values.master.instance | empty | not }}
|
||||
- "-instance={{ .Values.master.instance }}"
|
||||
{{- end }}
|
||||
- "-port={{ .Values.master.port | default "8080" }}"
|
||||
{{- if .Values.enableNodeFeatureApi }}
|
||||
- "-enable-nodefeature-api"
|
||||
{{- end }}
|
||||
{{- if .Values.master.extraLabelNs | empty | not }}
|
||||
- "-extra-label-ns={{- join "," .Values.master.extraLabelNs }}"
|
||||
{{- end }}
|
||||
{{- if .Values.master.denyLabelNs | empty | not }}
|
||||
- "-deny-label-ns={{- join "," .Values.master.denyLabelNs }}"
|
||||
{{- end }}
|
||||
{{- if .Values.master.resourceLabels | empty | not }}
|
||||
- "-resource-labels={{- join "," .Values.master.resourceLabels }}"
|
||||
{{- end }}
|
||||
{{- if .Values.master.enableTaints }}
|
||||
- "-enable-taints"
|
||||
{{- end }}
|
||||
{{- if .Values.master.crdController | kindIs "invalid" | not }}
|
||||
- "-crd-controller={{ .Values.master.crdController }}"
|
||||
{{- else }}
|
||||
## By default, disable crd controller for other than the default instances
|
||||
- "-featurerules-controller={{ .Values.master.instance | empty }}"
|
||||
{{- end }}
|
||||
{{- if .Values.master.featureRulesController | kindIs "invalid" | not }}
|
||||
- "-featurerules-controller={{ .Values.master.featureRulesController }}"
|
||||
{{- end }}
|
||||
{{- if .Values.tls.enable }}
|
||||
- "-ca-file=/etc/kubernetes/node-feature-discovery/certs/ca.crt"
|
||||
- "-key-file=/etc/kubernetes/node-feature-discovery/certs/tls.key"
|
||||
- "-cert-file=/etc/kubernetes/node-feature-discovery/certs/tls.crt"
|
||||
{{- end }}
|
||||
volumeMounts:
|
||||
{{- if .Values.tls.enable }}
|
||||
- name: nfd-master-cert
|
||||
mountPath: "/etc/kubernetes/node-feature-discovery/certs"
|
||||
readOnly: true
|
||||
{{- end }}
|
||||
- name: nfd-master-conf
|
||||
mountPath: "/etc/kubernetes/node-feature-discovery"
|
||||
readOnly: true
|
||||
volumes:
|
||||
{{- if .Values.tls.enable }}
|
||||
- name: nfd-master-cert
|
||||
secret:
|
||||
secretName: nfd-master-cert
|
||||
{{- end }}
|
||||
- name: nfd-master-conf
|
||||
configMap:
|
||||
name: {{ include "node-feature-discovery.fullname" . }}-master-conf
|
||||
items:
|
||||
- key: nfd-master.conf
|
||||
path: nfd-master.conf
|
||||
|
||||
{{- with .Values.master.nodeSelector }}
|
||||
nodeSelector:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- with .Values.master.affinity }}
|
||||
affinity:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- with .Values.master.tolerations }}
|
||||
tolerations:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
|
@ -0,0 +1,10 @@
|
|||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
name: {{ include "node-feature-discovery.fullname" . }}-master-conf
|
||||
namespace: {{ include "node-feature-discovery.namespace" . }}
|
||||
labels:
|
||||
{{- include "node-feature-discovery.labels" . | nindent 4 }}
|
||||
data:
|
||||
nfd-master.conf: |-
|
||||
{{- .Values.master.config | toYaml | nindent 4 }}
|
|
@ -0,0 +1,10 @@
|
|||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
name: {{ include "node-feature-discovery.fullname" . }}-topology-updater-conf
|
||||
namespace: {{ include "node-feature-discovery.namespace" . }}
|
||||
labels:
|
||||
{{- include "node-feature-discovery.labels" . | nindent 4 }}
|
||||
data:
|
||||
nfd-topology-updater.conf: |-
|
||||
{{- .Values.topologyUpdater.config | toYaml | nindent 4 }}
|
|
@ -0,0 +1,10 @@
|
|||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
name: {{ include "node-feature-discovery.fullname" . }}-worker-conf
|
||||
namespace: {{ include "node-feature-discovery.namespace" . }}
|
||||
labels:
|
||||
{{- include "node-feature-discovery.labels" . | nindent 4 }}
|
||||
data:
|
||||
nfd-worker.conf: |-
|
||||
{{- .Values.worker.config | toYaml | nindent 4 }}
|
|
@ -0,0 +1,18 @@
|
|||
{{- if .Values.worker.rbac.create }}
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: Role
|
||||
metadata:
|
||||
name: {{ include "node-feature-discovery.fullname" . }}-worker
|
||||
labels:
|
||||
{{- include "node-feature-discovery.labels" . | nindent 4 }}
|
||||
rules:
|
||||
- apiGroups:
|
||||
- nfd.k8s-sigs.io
|
||||
resources:
|
||||
- nodefeatures
|
||||
verbs:
|
||||
- create
|
||||
- get
|
||||
- update
|
||||
{{- end }}
|
||||
|
|
@ -0,0 +1,17 @@
|
|||
{{- if .Values.worker.rbac.create }}
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: RoleBinding
|
||||
metadata:
|
||||
name: {{ include "node-feature-discovery.fullname" . }}-worker
|
||||
labels:
|
||||
{{- include "node-feature-discovery.labels" . | nindent 4 }}
|
||||
roleRef:
|
||||
apiGroup: rbac.authorization.k8s.io
|
||||
kind: Role
|
||||
name: {{ include "node-feature-discovery.fullname" . }}-worker
|
||||
subjects:
|
||||
- kind: ServiceAccount
|
||||
name: {{ include "node-feature-discovery.worker.serviceAccountName" . }}
|
||||
namespace: {{ include "node-feature-discovery.namespace" . }}
|
||||
{{- end }}
|
||||
|
|
@ -0,0 +1,18 @@
|
|||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: {{ include "node-feature-discovery.fullname" . }}-master
|
||||
namespace: {{ include "node-feature-discovery.namespace" . }}
|
||||
labels:
|
||||
{{- include "node-feature-discovery.labels" . | nindent 4 }}
|
||||
role: master
|
||||
spec:
|
||||
type: {{ .Values.master.service.type }}
|
||||
ports:
|
||||
- port: {{ .Values.master.service.port | default "8080" }}
|
||||
targetPort: grpc
|
||||
protocol: TCP
|
||||
name: grpc
|
||||
selector:
|
||||
{{- include "node-feature-discovery.selectorLabels" . | nindent 4 }}
|
||||
role: master
|
|
@ -0,0 +1,58 @@
|
|||
{{- if .Values.master.serviceAccount.create -}}
|
||||
apiVersion: v1
|
||||
kind: ServiceAccount
|
||||
metadata:
|
||||
name: {{ include "node-feature-discovery.master.serviceAccountName" . }}
|
||||
namespace: {{ include "node-feature-discovery.namespace" . }}
|
||||
labels:
|
||||
{{- include "node-feature-discovery.labels" . | nindent 4 }}
|
||||
{{- with .Values.master.serviceAccount.annotations }}
|
||||
annotations:
|
||||
{{- toYaml . | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
|
||||
---
|
||||
{{- if and .Values.topologyUpdater.enable .Values.topologyUpdater.serviceAccount.create }}
|
||||
apiVersion: v1
|
||||
kind: ServiceAccount
|
||||
metadata:
|
||||
name: {{ include "node-feature-discovery.topologyUpdater.serviceAccountName" . }}
|
||||
namespace: {{ include "node-feature-discovery.namespace" . }}
|
||||
labels:
|
||||
{{- include "node-feature-discovery.labels" . | nindent 4 }}
|
||||
{{- with .Values.topologyUpdater.serviceAccount.annotations }}
|
||||
annotations:
|
||||
{{- toYaml . | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
|
||||
---
|
||||
{{- if and .Values.topologyGC.enable .Values.topologyGC.serviceAccount.create .Values.topologyUpdater.enable }}
|
||||
apiVersion: v1
|
||||
kind: ServiceAccount
|
||||
metadata:
|
||||
name: {{ .Values.topologyGC.serviceAccount.name | default "nfd-topology-gc" }}
|
||||
namespace: {{ include "node-feature-discovery.namespace" . }}
|
||||
labels:
|
||||
{{- include "node-feature-discovery.labels" . | nindent 4 }}
|
||||
{{- with .Values.topologyUpdater.serviceAccount.annotations }}
|
||||
annotations:
|
||||
{{- toYaml . | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
|
||||
---
|
||||
{{- if .Values.worker.serviceAccount.create }}
|
||||
apiVersion: v1
|
||||
kind: ServiceAccount
|
||||
metadata:
|
||||
name: {{ include "node-feature-discovery.worker.serviceAccountName" . }}
|
||||
namespace: {{ include "node-feature-discovery.namespace" . }}
|
||||
labels:
|
||||
{{- include "node-feature-discovery.labels" . | nindent 4 }}
|
||||
{{- with .Values.worker.serviceAccount.annotations }}
|
||||
annotations:
|
||||
{{- toYaml . | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- end }}
|
|
@ -0,0 +1,64 @@
|
|||
{{- if and .Values.topologyGC.enable .Values.topologyUpdater.enable -}}
|
||||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: {{ include "node-feature-discovery.fullname" . }}-topology-gc
|
||||
namespace: {{ include "node-feature-discovery.namespace" . }}
|
||||
labels:
|
||||
{{- include "node-feature-discovery.labels" . | nindent 4 }}
|
||||
role: topology-gc
|
||||
spec:
|
||||
replicas: {{ .Values.topologyGC.replicaCount | default 1 }}
|
||||
selector:
|
||||
matchLabels:
|
||||
{{- include "node-feature-discovery.selectorLabels" . | nindent 6 }}
|
||||
role: topology-gc
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
{{- include "node-feature-discovery.selectorLabels" . | nindent 8 }}
|
||||
role: topology-gc
|
||||
annotations:
|
||||
{{- toYaml .Values.topologyGC.annotations | nindent 8 }}
|
||||
spec:
|
||||
serviceAccountName: {{ .Values.topologyGC.serviceAccountName | default "nfd-topology-gc" }}
|
||||
dnsPolicy: ClusterFirstWithHostNet
|
||||
{{- with .Values.imagePullSecrets }}
|
||||
imagePullSecrets:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
securityContext:
|
||||
{{- toYaml .Values.topologyGC.podSecurityContext | nindent 8 }}
|
||||
containers:
|
||||
- name: topology-gc
|
||||
image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
|
||||
imagePullPolicy: "{{ .Values.image.pullPolicy }}"
|
||||
env:
|
||||
- name: NODE_NAME
|
||||
valueFrom:
|
||||
fieldRef:
|
||||
fieldPath: spec.nodeName
|
||||
command:
|
||||
- "nfd-topology-gc"
|
||||
args:
|
||||
{{- if .Values.topologyGC.interval | empty | not }}
|
||||
- "-gc-interval={{ .Values.topologyGC.interval }}"
|
||||
{{- end }}
|
||||
resources:
|
||||
{{- toYaml .Values.topologyGC.resources | nindent 12 }}
|
||||
securityContext:
|
||||
{{- toYaml .Values.topologyGC.securityContext | nindent 12 }}
|
||||
|
||||
{{- with .Values.topologyGC.nodeSelector }}
|
||||
nodeSelector:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- with .Values.topologyGC.affinity }}
|
||||
affinity:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- with .Values.topologyGC.tolerations }}
|
||||
tolerations:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- end }}
|
|
@ -0,0 +1,278 @@
|
|||
{{- if and .Values.topologyUpdater.enable .Values.topologyUpdater.createCRDs -}}
|
||||
apiVersion: apiextensions.k8s.io/v1
|
||||
kind: CustomResourceDefinition
|
||||
metadata:
|
||||
annotations:
|
||||
api-approved.kubernetes.io: https://github.com/kubernetes/enhancements/pull/1870
|
||||
controller-gen.kubebuilder.io/version: v0.11.2
|
||||
creationTimestamp: null
|
||||
name: noderesourcetopologies.topology.node.k8s.io
|
||||
spec:
|
||||
group: topology.node.k8s.io
|
||||
names:
|
||||
kind: NodeResourceTopology
|
||||
listKind: NodeResourceTopologyList
|
||||
plural: noderesourcetopologies
|
||||
shortNames:
|
||||
- node-res-topo
|
||||
singular: noderesourcetopology
|
||||
scope: Cluster
|
||||
versions:
|
||||
- name: v1alpha1
|
||||
schema:
|
||||
openAPIV3Schema:
|
||||
description: NodeResourceTopology describes node resources and their topology.
|
||||
properties:
|
||||
apiVersion:
|
||||
description: 'APIVersion defines the versioned schema of this representation
|
||||
of an object. Servers should convert recognized schemas to the latest
|
||||
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
|
||||
type: string
|
||||
kind:
|
||||
description: 'Kind is a string value representing the REST resource this
|
||||
object represents. Servers may infer this from the endpoint the client
|
||||
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
|
||||
type: string
|
||||
metadata:
|
||||
type: object
|
||||
topologyPolicies:
|
||||
items:
|
||||
type: string
|
||||
type: array
|
||||
zones:
|
||||
description: ZoneList contains an array of Zone objects.
|
||||
items:
|
||||
description: Zone represents a resource topology zone, e.g. socket,
|
||||
node, die or core.
|
||||
properties:
|
||||
attributes:
|
||||
description: AttributeList contains an array of AttributeInfo objects.
|
||||
items:
|
||||
description: AttributeInfo contains one attribute of a Zone.
|
||||
properties:
|
||||
name:
|
||||
type: string
|
||||
value:
|
||||
type: string
|
||||
required:
|
||||
- name
|
||||
- value
|
||||
type: object
|
||||
type: array
|
||||
costs:
|
||||
description: CostList contains an array of CostInfo objects.
|
||||
items:
|
||||
description: CostInfo describes the cost (or distance) between
|
||||
two Zones.
|
||||
properties:
|
||||
name:
|
||||
type: string
|
||||
value:
|
||||
format: int64
|
||||
type: integer
|
||||
required:
|
||||
- name
|
||||
- value
|
||||
type: object
|
||||
type: array
|
||||
name:
|
||||
type: string
|
||||
parent:
|
||||
type: string
|
||||
resources:
|
||||
description: ResourceInfoList contains an array of ResourceInfo
|
||||
objects.
|
||||
items:
|
||||
description: ResourceInfo contains information about one resource
|
||||
type.
|
||||
properties:
|
||||
allocatable:
|
||||
anyOf:
|
||||
- type: integer
|
||||
- type: string
|
||||
description: Allocatable quantity of the resource, corresponding
|
||||
to allocatable in node status, i.e. total amount of this
|
||||
resource available to be used by pods.
|
||||
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
||||
x-kubernetes-int-or-string: true
|
||||
available:
|
||||
anyOf:
|
||||
- type: integer
|
||||
- type: string
|
||||
description: Available is the amount of this resource currently
|
||||
available for new (to be scheduled) pods, i.e. Allocatable
|
||||
minus the resources reserved by currently running pods.
|
||||
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
||||
x-kubernetes-int-or-string: true
|
||||
capacity:
|
||||
anyOf:
|
||||
- type: integer
|
||||
- type: string
|
||||
description: Capacity of the resource, corresponding to capacity
|
||||
in node status, i.e. total amount of this resource that
|
||||
the node has.
|
||||
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
||||
x-kubernetes-int-or-string: true
|
||||
name:
|
||||
description: Name of the resource.
|
||||
type: string
|
||||
required:
|
||||
- allocatable
|
||||
- available
|
||||
- capacity
|
||||
- name
|
||||
type: object
|
||||
type: array
|
||||
type:
|
||||
type: string
|
||||
required:
|
||||
- name
|
||||
- type
|
||||
type: object
|
||||
type: array
|
||||
required:
|
||||
- topologyPolicies
|
||||
- zones
|
||||
type: object
|
||||
served: true
|
||||
storage: false
|
||||
- name: v1alpha2
|
||||
schema:
|
||||
openAPIV3Schema:
|
||||
description: NodeResourceTopology describes node resources and their topology.
|
||||
properties:
|
||||
apiVersion:
|
||||
description: 'APIVersion defines the versioned schema of this representation
|
||||
of an object. Servers should convert recognized schemas to the latest
|
||||
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
|
||||
type: string
|
||||
attributes:
|
||||
description: AttributeList contains an array of AttributeInfo objects.
|
||||
items:
|
||||
description: AttributeInfo contains one attribute of a Zone.
|
||||
properties:
|
||||
name:
|
||||
type: string
|
||||
value:
|
||||
type: string
|
||||
required:
|
||||
- name
|
||||
- value
|
||||
type: object
|
||||
type: array
|
||||
kind:
|
||||
description: 'Kind is a string value representing the REST resource this
|
||||
object represents. Servers may infer this from the endpoint the client
|
||||
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
|
||||
type: string
|
||||
metadata:
|
||||
type: object
|
||||
topologyPolicies:
|
||||
description: 'DEPRECATED (to be removed in v1beta1): use top level attributes
|
||||
if needed'
|
||||
items:
|
||||
type: string
|
||||
type: array
|
||||
zones:
|
||||
description: ZoneList contains an array of Zone objects.
|
||||
items:
|
||||
description: Zone represents a resource topology zone, e.g. socket,
|
||||
node, die or core.
|
||||
properties:
|
||||
attributes:
|
||||
description: AttributeList contains an array of AttributeInfo objects.
|
||||
items:
|
||||
description: AttributeInfo contains one attribute of a Zone.
|
||||
properties:
|
||||
name:
|
||||
type: string
|
||||
value:
|
||||
type: string
|
||||
required:
|
||||
- name
|
||||
- value
|
||||
type: object
|
||||
type: array
|
||||
costs:
|
||||
description: CostList contains an array of CostInfo objects.
|
||||
items:
|
||||
description: CostInfo describes the cost (or distance) between
|
||||
two Zones.
|
||||
properties:
|
||||
name:
|
||||
type: string
|
||||
value:
|
||||
format: int64
|
||||
type: integer
|
||||
required:
|
||||
- name
|
||||
- value
|
||||
type: object
|
||||
type: array
|
||||
name:
|
||||
type: string
|
||||
parent:
|
||||
type: string
|
||||
resources:
|
||||
description: ResourceInfoList contains an array of ResourceInfo
|
||||
objects.
|
||||
items:
|
||||
description: ResourceInfo contains information about one resource
|
||||
type.
|
||||
properties:
|
||||
allocatable:
|
||||
anyOf:
|
||||
- type: integer
|
||||
- type: string
|
||||
description: Allocatable quantity of the resource, corresponding
|
||||
to allocatable in node status, i.e. total amount of this
|
||||
resource available to be used by pods.
|
||||
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
||||
x-kubernetes-int-or-string: true
|
||||
available:
|
||||
anyOf:
|
||||
- type: integer
|
||||
- type: string
|
||||
description: Available is the amount of this resource currently
|
||||
available for new (to be scheduled) pods, i.e. Allocatable
|
||||
minus the resources reserved by currently running pods.
|
||||
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
||||
x-kubernetes-int-or-string: true
|
||||
capacity:
|
||||
anyOf:
|
||||
- type: integer
|
||||
- type: string
|
||||
description: Capacity of the resource, corresponding to capacity
|
||||
in node status, i.e. total amount of this resource that
|
||||
the node has.
|
||||
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
||||
x-kubernetes-int-or-string: true
|
||||
name:
|
||||
description: Name of the resource.
|
||||
type: string
|
||||
required:
|
||||
- allocatable
|
||||
- available
|
||||
- capacity
|
||||
- name
|
||||
type: object
|
||||
type: array
|
||||
type:
|
||||
type: string
|
||||
required:
|
||||
- name
|
||||
- type
|
||||
type: object
|
||||
type: array
|
||||
required:
|
||||
- zones
|
||||
type: object
|
||||
served: true
|
||||
storage: true
|
||||
status:
|
||||
acceptedNames:
|
||||
kind: ""
|
||||
plural: ""
|
||||
conditions: []
|
||||
storedVersions: []
|
||||
{{- end }}
|
|
@ -0,0 +1,142 @@
|
|||
{{- if .Values.topologyUpdater.enable -}}
|
||||
apiVersion: apps/v1
|
||||
kind: DaemonSet
|
||||
metadata:
|
||||
name: {{ include "node-feature-discovery.fullname" . }}-topology-updater
|
||||
namespace: {{ include "node-feature-discovery.namespace" . }}
|
||||
labels:
|
||||
{{- include "node-feature-discovery.labels" . | nindent 4 }}
|
||||
role: topology-updater
|
||||
spec:
|
||||
selector:
|
||||
matchLabels:
|
||||
{{- include "node-feature-discovery.selectorLabels" . | nindent 6 }}
|
||||
role: topology-updater
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
{{- include "node-feature-discovery.selectorLabels" . | nindent 8 }}
|
||||
role: topology-updater
|
||||
annotations:
|
||||
{{- toYaml .Values.topologyUpdater.annotations | nindent 8 }}
|
||||
spec:
|
||||
serviceAccountName: {{ include "node-feature-discovery.topologyUpdater.serviceAccountName" . }}
|
||||
dnsPolicy: ClusterFirstWithHostNet
|
||||
{{- with .Values.imagePullSecrets }}
|
||||
imagePullSecrets:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
securityContext:
|
||||
{{- toYaml .Values.topologyUpdater.podSecurityContext | nindent 8 }}
|
||||
containers:
|
||||
- name: topology-updater
|
||||
image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
|
||||
imagePullPolicy: "{{ .Values.image.pullPolicy }}"
|
||||
env:
|
||||
- name: NODE_NAME
|
||||
valueFrom:
|
||||
fieldRef:
|
||||
fieldPath: spec.nodeName
|
||||
command:
|
||||
- "nfd-topology-updater"
|
||||
args:
|
||||
- "-podresources-socket=/host-var/lib/kubelet-podresources/kubelet.sock"
|
||||
{{- if .Values.topologyUpdater.updateInterval | empty | not }}
|
||||
- "-sleep-interval={{ .Values.topologyUpdater.updateInterval }}"
|
||||
{{- else }}
|
||||
- "-sleep-interval=3s"
|
||||
{{- end }}
|
||||
{{- if .Values.topologyUpdater.watchNamespace | empty | not }}
|
||||
- "-watch-namespace={{ .Values.topologyUpdater.watchNamespace }}"
|
||||
{{- else }}
|
||||
- "-watch-namespace=*"
|
||||
{{- end }}
|
||||
{{- if .Values.tls.enable }}
|
||||
- "-ca-file=/etc/kubernetes/node-feature-discovery/certs/ca.crt"
|
||||
- "-key-file=/etc/kubernetes/node-feature-discovery/certs/tls.key"
|
||||
- "-cert-file=/etc/kubernetes/node-feature-discovery/certs/tls.crt"
|
||||
{{- end }}
|
||||
{{- if .Values.topologyUpdater.podSetFingerprint }}
|
||||
- "-pods-fingerprint"
|
||||
{{- end }}
|
||||
{{- if .Values.topologyUpdater.kubeletConfigPath | empty | not }}
|
||||
- "-kubelet-config-uri=file:///host-var/kubelet-config"
|
||||
{{- end }}
|
||||
{{- if .Values.topologyUpdater.kubeletStateDir | empty }}
|
||||
# Disable kubelet state tracking by giving an empty path
|
||||
- "-kubelet-state-dir="
|
||||
{{- end }}
|
||||
volumeMounts:
|
||||
{{- if .Values.topologyUpdater.kubeletConfigPath | empty | not }}
|
||||
- name: kubelet-config
|
||||
mountPath: /host-var/kubelet-config
|
||||
{{- end }}
|
||||
- name: kubelet-podresources-sock
|
||||
mountPath: /host-var/lib/kubelet-podresources/kubelet.sock
|
||||
- name: host-sys
|
||||
mountPath: /host-sys
|
||||
{{- if .Values.topologyUpdater.kubeletStateDir | empty | not }}
|
||||
- name: kubelet-state-files
|
||||
mountPath: /host-var/lib/kubelet
|
||||
readOnly: true
|
||||
{{- end }}
|
||||
{{- if .Values.tls.enable }}
|
||||
- name: nfd-topology-updater-cert
|
||||
mountPath: "/etc/kubernetes/node-feature-discovery/certs"
|
||||
readOnly: true
|
||||
{{- end }}
|
||||
- name: nfd-topology-updater-conf
|
||||
mountPath: "/etc/kubernetes/node-feature-discovery"
|
||||
readOnly: true
|
||||
|
||||
resources:
|
||||
{{- toYaml .Values.topologyUpdater.resources | nindent 12 }}
|
||||
securityContext:
|
||||
{{- toYaml .Values.topologyUpdater.securityContext | nindent 12 }}
|
||||
volumes:
|
||||
- name: host-sys
|
||||
hostPath:
|
||||
path: "/sys"
|
||||
{{- if .Values.topologyUpdater.kubeletConfigPath | empty | not }}
|
||||
- name: kubelet-config
|
||||
hostPath:
|
||||
path: {{ .Values.topologyUpdater.kubeletConfigPath }}
|
||||
{{- end }}
|
||||
- name: kubelet-podresources-sock
|
||||
hostPath:
|
||||
{{- if .Values.topologyUpdater.kubeletPodResourcesSockPath | empty | not }}
|
||||
path: {{ .Values.topologyUpdater.kubeletPodResourcesSockPath }}
|
||||
{{- else }}
|
||||
path: /var/lib/kubelet/pod-resources/kubelet.sock
|
||||
{{- end }}
|
||||
{{- if .Values.topologyUpdater.kubeletStateDir | empty | not }}
|
||||
- name: kubelet-state-files
|
||||
hostPath:
|
||||
path: {{ .Values.topologyUpdater.kubeletStateDir }}
|
||||
{{- end }}
|
||||
- name: nfd-topology-updater-conf
|
||||
configMap:
|
||||
name: {{ include "node-feature-discovery.fullname" . }}-topology-updater-conf
|
||||
items:
|
||||
- key: nfd-topology-updater.conf
|
||||
path: nfd-topology-updater.conf
|
||||
{{- if .Values.tls.enable }}
|
||||
- name: nfd-topology-updater-cert
|
||||
secret:
|
||||
secretName: nfd-topology-updater-cert
|
||||
{{- end }}
|
||||
|
||||
|
||||
{{- with .Values.topologyUpdater.nodeSelector }}
|
||||
nodeSelector:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- with .Values.topologyUpdater.affinity }}
|
||||
affinity:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- with .Values.topologyUpdater.tolerations }}
|
||||
tolerations:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- end }}
|
|
@ -0,0 +1,144 @@
|
|||
apiVersion: apps/v1
|
||||
kind: DaemonSet
|
||||
metadata:
|
||||
name: {{ include "node-feature-discovery.fullname" . }}-worker
|
||||
namespace: {{ include "node-feature-discovery.namespace" . }}
|
||||
labels:
|
||||
{{- include "node-feature-discovery.labels" . | nindent 4 }}
|
||||
role: worker
|
||||
annotations:
|
||||
{{- toYaml .Values.worker.daemonsetAnnotations | nindent 4 }}
|
||||
spec:
|
||||
selector:
|
||||
matchLabels:
|
||||
{{- include "node-feature-discovery.selectorLabels" . | nindent 6 }}
|
||||
role: worker
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
{{- include "node-feature-discovery.selectorLabels" . | nindent 8 }}
|
||||
role: worker
|
||||
annotations:
|
||||
{{- toYaml .Values.worker.annotations | nindent 8 }}
|
||||
spec:
|
||||
dnsPolicy: ClusterFirstWithHostNet
|
||||
{{- with .Values.imagePullSecrets }}
|
||||
imagePullSecrets:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
serviceAccountName: {{ include "node-feature-discovery.worker.serviceAccountName" . }}
|
||||
securityContext:
|
||||
{{- toYaml .Values.worker.podSecurityContext | nindent 8 }}
|
||||
containers:
|
||||
- name: worker
|
||||
securityContext:
|
||||
{{- toYaml .Values.worker.securityContext | nindent 12 }}
|
||||
image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
|
||||
imagePullPolicy: {{ .Values.image.pullPolicy }}
|
||||
env:
|
||||
- name: NODE_NAME
|
||||
valueFrom:
|
||||
fieldRef:
|
||||
fieldPath: spec.nodeName
|
||||
resources:
|
||||
{{- toYaml .Values.worker.resources | nindent 12 }}
|
||||
command:
|
||||
- "nfd-worker"
|
||||
args:
|
||||
- "-server={{ include "node-feature-discovery.fullname" . }}-master:{{ .Values.master.service.port }}"
|
||||
{{- if .Values.enableNodeFeatureApi }}
|
||||
- "-enable-nodefeature-api"
|
||||
{{- end }}
|
||||
{{- if .Values.tls.enable }}
|
||||
- "-ca-file=/etc/kubernetes/node-feature-discovery/certs/ca.crt"
|
||||
- "-key-file=/etc/kubernetes/node-feature-discovery/certs/tls.key"
|
||||
- "-cert-file=/etc/kubernetes/node-feature-discovery/certs/tls.crt"
|
||||
{{- end }}
|
||||
volumeMounts:
|
||||
- name: host-boot
|
||||
mountPath: "/host-boot"
|
||||
readOnly: true
|
||||
- name: host-os-release
|
||||
mountPath: "/host-etc/os-release"
|
||||
readOnly: true
|
||||
- name: host-sys
|
||||
mountPath: "/host-sys"
|
||||
readOnly: true
|
||||
- name: host-usr-lib
|
||||
mountPath: "/host-usr/lib"
|
||||
readOnly: true
|
||||
- name: host-lib
|
||||
mountPath: "/host-lib"
|
||||
readOnly: true
|
||||
{{- if .Values.worker.mountUsrSrc }}
|
||||
- name: host-usr-src
|
||||
mountPath: "/host-usr/src"
|
||||
readOnly: true
|
||||
{{- end }}
|
||||
- name: source-d
|
||||
mountPath: "/etc/kubernetes/node-feature-discovery/source.d/"
|
||||
readOnly: true
|
||||
- name: features-d
|
||||
mountPath: "/etc/kubernetes/node-feature-discovery/features.d/"
|
||||
readOnly: true
|
||||
- name: nfd-worker-conf
|
||||
mountPath: "/etc/kubernetes/node-feature-discovery"
|
||||
readOnly: true
|
||||
{{- if .Values.tls.enable }}
|
||||
- name: nfd-worker-cert
|
||||
mountPath: "/etc/kubernetes/node-feature-discovery/certs"
|
||||
readOnly: true
|
||||
{{- end }}
|
||||
volumes:
|
||||
- name: host-boot
|
||||
hostPath:
|
||||
path: "/boot"
|
||||
- name: host-os-release
|
||||
hostPath:
|
||||
path: "/etc/os-release"
|
||||
- name: host-sys
|
||||
hostPath:
|
||||
path: "/sys"
|
||||
- name: host-usr-lib
|
||||
hostPath:
|
||||
path: "/usr/lib"
|
||||
- name: host-lib
|
||||
hostPath:
|
||||
path: "/lib"
|
||||
{{- if .Values.worker.mountUsrSrc }}
|
||||
- name: host-usr-src
|
||||
hostPath:
|
||||
path: "/usr/src"
|
||||
{{- end }}
|
||||
- name: source-d
|
||||
hostPath:
|
||||
path: "/etc/kubernetes/node-feature-discovery/source.d/"
|
||||
- name: features-d
|
||||
hostPath:
|
||||
path: "/etc/kubernetes/node-feature-discovery/features.d/"
|
||||
- name: nfd-worker-conf
|
||||
configMap:
|
||||
name: {{ include "node-feature-discovery.fullname" . }}-worker-conf
|
||||
items:
|
||||
- key: nfd-worker.conf
|
||||
path: nfd-worker.conf
|
||||
{{- if .Values.tls.enable }}
|
||||
- name: nfd-worker-cert
|
||||
secret:
|
||||
secretName: nfd-worker-cert
|
||||
{{- end }}
|
||||
{{- with .Values.worker.nodeSelector }}
|
||||
nodeSelector:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- with .Values.worker.affinity }}
|
||||
affinity:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- with .Values.worker.tolerations }}
|
||||
tolerations:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- with .Values.worker.priorityClassName }}
|
||||
priorityClassName: {{ . | quote }}
|
||||
{{- end }}
|
|
@ -0,0 +1,484 @@
|
|||
image:
|
||||
repository: registry.k8s.io/nfd/node-feature-discovery
|
||||
# This should be set to 'IfNotPresent' for released version
|
||||
pullPolicy: IfNotPresent
|
||||
# tag, if defined will use the given image tag, else Chart.AppVersion will be used
|
||||
# tag
|
||||
imagePullSecrets: []
|
||||
|
||||
nameOverride: ""
|
||||
fullnameOverride: ""
|
||||
namespaceOverride: ""
|
||||
|
||||
enableNodeFeatureApi: false
|
||||
|
||||
master:
|
||||
config: ### <NFD-MASTER-CONF-START-DO-NOT-REMOVE>
|
||||
# noPublish: false
|
||||
# extraLabelNs: ["added.ns.io","added.kubernets.io"]
|
||||
# denyLabelNs: ["denied.ns.io","denied.kubernetes.io"]
|
||||
# resourceLabels: ["vendor-1.com/feature-1","vendor-2.io/feature-2"]
|
||||
# enableTaints: false
|
||||
# labelWhiteList: "foo"
|
||||
### <NFD-MASTER-CONF-END-DO-NOT-REMOVE>
|
||||
# The TCP port that nfd-master listens for incoming requests. Default: 8080
|
||||
port: 8080
|
||||
instance:
|
||||
featureApi:
|
||||
denyLabelNs: []
|
||||
extraLabelNs: []
|
||||
resourceLabels: []
|
||||
enableTaints: false
|
||||
crdController: null
|
||||
featureRulesController: null
|
||||
deploymentAnnotations: {}
|
||||
replicaCount: 1
|
||||
|
||||
podSecurityContext: {}
|
||||
# fsGroup: 2000
|
||||
|
||||
securityContext:
|
||||
allowPrivilegeEscalation: false
|
||||
capabilities:
|
||||
drop: [ "ALL" ]
|
||||
readOnlyRootFilesystem: true
|
||||
runAsNonRoot: true
|
||||
# runAsUser: 1000
|
||||
|
||||
serviceAccount:
|
||||
# Specifies whether a service account should be created
|
||||
create: true
|
||||
# Annotations to add to the service account
|
||||
annotations: {}
|
||||
# The name of the service account to use.
|
||||
# If not set and create is true, a name is generated using the fullname template
|
||||
name:
|
||||
|
||||
rbac:
|
||||
create: true
|
||||
|
||||
service:
|
||||
type: ClusterIP
|
||||
port: 8080
|
||||
|
||||
resources: {}
|
||||
# We usually recommend not to specify default resources and to leave this as a conscious
|
||||
# choice for the user. This also increases chances charts run on environments with little
|
||||
# resources, such as Minikube. If you do want to specify resources, uncomment the following
|
||||
# lines, adjust them as necessary, and remove the curly braces after 'resources:'.
|
||||
# limits:
|
||||
# cpu: 100m
|
||||
# memory: 128Mi
|
||||
# requests:
|
||||
# cpu: 100m
|
||||
# memory: 128Mi
|
||||
|
||||
nodeSelector: {}
|
||||
|
||||
tolerations:
|
||||
- key: "node-role.kubernetes.io/master"
|
||||
operator: "Equal"
|
||||
value: ""
|
||||
effect: "NoSchedule"
|
||||
- key: "node-role.kubernetes.io/control-plane"
|
||||
operator: "Equal"
|
||||
value: ""
|
||||
effect: "NoSchedule"
|
||||
|
||||
annotations: {}
|
||||
|
||||
affinity:
|
||||
nodeAffinity:
|
||||
preferredDuringSchedulingIgnoredDuringExecution:
|
||||
- weight: 1
|
||||
preference:
|
||||
matchExpressions:
|
||||
- key: "node-role.kubernetes.io/master"
|
||||
operator: In
|
||||
values: [""]
|
||||
- weight: 1
|
||||
preference:
|
||||
matchExpressions:
|
||||
- key: "node-role.kubernetes.io/control-plane"
|
||||
operator: In
|
||||
values: [""]
|
||||
|
||||
worker:
|
||||
config: ### <NFD-WORKER-CONF-START-DO-NOT-REMOVE>
|
||||
#core:
|
||||
# labelWhiteList:
|
||||
# noPublish: false
|
||||
# sleepInterval: 60s
|
||||
# featureSources: [all]
|
||||
# labelSources: [all]
|
||||
# klog:
|
||||
# addDirHeader: false
|
||||
# alsologtostderr: false
|
||||
# logBacktraceAt:
|
||||
# logtostderr: true
|
||||
# skipHeaders: false
|
||||
# stderrthreshold: 2
|
||||
# v: 0
|
||||
# vmodule:
|
||||
## NOTE: the following options are not dynamically run-time configurable
|
||||
## and require a nfd-worker restart to take effect after being changed
|
||||
# logDir:
|
||||
# logFile:
|
||||
# logFileMaxSize: 1800
|
||||
# skipLogHeaders: false
|
||||
#sources:
|
||||
# cpu:
|
||||
# cpuid:
|
||||
## NOTE: whitelist has priority over blacklist
|
||||
# attributeBlacklist:
|
||||
# - "BMI1"
|
||||
# - "BMI2"
|
||||
# - "CLMUL"
|
||||
# - "CMOV"
|
||||
# - "CX16"
|
||||
# - "ERMS"
|
||||
# - "F16C"
|
||||
# - "HTT"
|
||||
# - "LZCNT"
|
||||
# - "MMX"
|
||||
# - "MMXEXT"
|
||||
# - "NX"
|
||||
# - "POPCNT"
|
||||
# - "RDRAND"
|
||||
# - "RDSEED"
|
||||
# - "RDTSCP"
|
||||
# - "SGX"
|
||||
# - "SSE"
|
||||
# - "SSE2"
|
||||
# - "SSE3"
|
||||
# - "SSE4"
|
||||
# - "SSE42"
|
||||
# - "SSSE3"
|
||||
# attributeWhitelist:
|
||||
# kernel:
|
||||
# kconfigFile: "/path/to/kconfig"
|
||||
# configOpts:
|
||||
# - "NO_HZ"
|
||||
# - "X86"
|
||||
# - "DMI"
|
||||
# pci:
|
||||
# deviceClassWhitelist:
|
||||
# - "0200"
|
||||
# - "03"
|
||||
# - "12"
|
||||
# deviceLabelFields:
|
||||
# - "class"
|
||||
# - "vendor"
|
||||
# - "device"
|
||||
# - "subsystem_vendor"
|
||||
# - "subsystem_device"
|
||||
# usb:
|
||||
# deviceClassWhitelist:
|
||||
# - "0e"
|
||||
# - "ef"
|
||||
# - "fe"
|
||||
# - "ff"
|
||||
# deviceLabelFields:
|
||||
# - "class"
|
||||
# - "vendor"
|
||||
# - "device"
|
||||
# local:
|
||||
# hooksEnabled: true
|
||||
# custom:
|
||||
# # The following feature demonstrates the capabilities of the matchFeatures
|
||||
# - name: "my custom rule"
|
||||
# labels:
|
||||
# my-ng-feature: "true"
|
||||
# # matchFeatures implements a logical AND over all matcher terms in the
|
||||
# # list (i.e. all of the terms, or per-feature matchers, must match)
|
||||
# matchFeatures:
|
||||
# - feature: cpu.cpuid
|
||||
# matchExpressions:
|
||||
# AVX512F: {op: Exists}
|
||||
# - feature: cpu.cstate
|
||||
# matchExpressions:
|
||||
# enabled: {op: IsTrue}
|
||||
# - feature: cpu.pstate
|
||||
# matchExpressions:
|
||||
# no_turbo: {op: IsFalse}
|
||||
# scaling_governor: {op: In, value: ["performance"]}
|
||||
# - feature: cpu.rdt
|
||||
# matchExpressions:
|
||||
# RDTL3CA: {op: Exists}
|
||||
# - feature: cpu.sst
|
||||
# matchExpressions:
|
||||
# bf.enabled: {op: IsTrue}
|
||||
# - feature: cpu.topology
|
||||
# matchExpressions:
|
||||
# hardware_multithreading: {op: IsFalse}
|
||||
#
|
||||
# - feature: kernel.config
|
||||
# matchExpressions:
|
||||
# X86: {op: Exists}
|
||||
# LSM: {op: InRegexp, value: ["apparmor"]}
|
||||
# - feature: kernel.loadedmodule
|
||||
# matchExpressions:
|
||||
# e1000e: {op: Exists}
|
||||
# - feature: kernel.selinux
|
||||
# matchExpressions:
|
||||
# enabled: {op: IsFalse}
|
||||
# - feature: kernel.version
|
||||
# matchExpressions:
|
||||
# major: {op: In, value: ["5"]}
|
||||
# minor: {op: Gt, value: ["10"]}
|
||||
#
|
||||
# - feature: storage.block
|
||||
# matchExpressions:
|
||||
# rotational: {op: In, value: ["0"]}
|
||||
# dax: {op: In, value: ["0"]}
|
||||
#
|
||||
# - feature: network.device
|
||||
# matchExpressions:
|
||||
# operstate: {op: In, value: ["up"]}
|
||||
# speed: {op: Gt, value: ["100"]}
|
||||
#
|
||||
# - feature: memory.numa
|
||||
# matchExpressions:
|
||||
# node_count: {op: Gt, value: ["2"]}
|
||||
# - feature: memory.nv
|
||||
# matchExpressions:
|
||||
# devtype: {op: In, value: ["nd_dax"]}
|
||||
# mode: {op: In, value: ["memory"]}
|
||||
#
|
||||
# - feature: system.osrelease
|
||||
# matchExpressions:
|
||||
# ID: {op: In, value: ["fedora", "centos"]}
|
||||
# - feature: system.name
|
||||
# matchExpressions:
|
||||
# nodename: {op: InRegexp, value: ["^worker-X"]}
|
||||
#
|
||||
# - feature: local.label
|
||||
# matchExpressions:
|
||||
# custom-feature-knob: {op: Gt, value: ["100"]}
|
||||
#
|
||||
# # The following feature demonstrates the capabilities of the matchAny
|
||||
# - name: "my matchAny rule"
|
||||
# labels:
|
||||
# my-ng-feature-2: "my-value"
|
||||
# # matchAny implements a logical IF over all elements (sub-matchers) in
|
||||
# # the list (i.e. at least one feature matcher must match)
|
||||
# matchAny:
|
||||
# - matchFeatures:
|
||||
# - feature: kernel.loadedmodule
|
||||
# matchExpressions:
|
||||
# driver-module-X: {op: Exists}
|
||||
# - feature: pci.device
|
||||
# matchExpressions:
|
||||
# vendor: {op: In, value: ["8086"]}
|
||||
# class: {op: In, value: ["0200"]}
|
||||
# - matchFeatures:
|
||||
# - feature: kernel.loadedmodule
|
||||
# matchExpressions:
|
||||
# driver-module-Y: {op: Exists}
|
||||
# - feature: usb.device
|
||||
# matchExpressions:
|
||||
# vendor: {op: In, value: ["8086"]}
|
||||
# class: {op: In, value: ["02"]}
|
||||
#
|
||||
# # The following features demonstreate label templating capabilities
|
||||
# - name: "my template rule"
|
||||
# labelsTemplate: |
|
||||
# {{ range .system.osrelease }}my-system-feature.{{ .Name }}={{ .Value }}
|
||||
# {{ end }}
|
||||
# matchFeatures:
|
||||
# - feature: system.osrelease
|
||||
# matchExpressions:
|
||||
# ID: {op: InRegexp, value: ["^open.*"]}
|
||||
# VERSION_ID.major: {op: In, value: ["13", "15"]}
|
||||
#
|
||||
# - name: "my template rule 2"
|
||||
# labelsTemplate: |
|
||||
# {{ range .pci.device }}my-pci-device.{{ .class }}-{{ .device }}=with-cpuid
|
||||
# {{ end }}
|
||||
# matchFeatures:
|
||||
# - feature: pci.device
|
||||
# matchExpressions:
|
||||
# class: {op: InRegexp, value: ["^06"]}
|
||||
# vendor: ["8086"]
|
||||
# - feature: cpu.cpuid
|
||||
# matchExpressions:
|
||||
# AVX: {op: Exists}
|
||||
#
|
||||
# # The following examples demonstrate vars field and back-referencing
|
||||
# # previous labels and vars
|
||||
# - name: "my dummy kernel rule"
|
||||
# labels:
|
||||
# "my.kernel.feature": "true"
|
||||
# matchFeatures:
|
||||
# - feature: kernel.version
|
||||
# matchExpressions:
|
||||
# major: {op: Gt, value: ["2"]}
|
||||
#
|
||||
# - name: "my dummy rule with no labels"
|
||||
# vars:
|
||||
# "my.dummy.var": "1"
|
||||
# matchFeatures:
|
||||
# - feature: cpu.cpuid
|
||||
# matchExpressions: {}
|
||||
#
|
||||
# - name: "my rule using backrefs"
|
||||
# labels:
|
||||
# "my.backref.feature": "true"
|
||||
# matchFeatures:
|
||||
# - feature: rule.matched
|
||||
# matchExpressions:
|
||||
# my.kernel.feature: {op: IsTrue}
|
||||
# my.dummy.var: {op: Gt, value: ["0"]}
|
||||
#
|
||||
### <NFD-WORKER-CONF-END-DO-NOT-REMOVE>
|
||||
|
||||
daemonsetAnnotations: {}
|
||||
podSecurityContext: {}
|
||||
# fsGroup: 2000
|
||||
|
||||
securityContext:
|
||||
allowPrivilegeEscalation: false
|
||||
capabilities:
|
||||
drop: [ "ALL" ]
|
||||
readOnlyRootFilesystem: true
|
||||
runAsNonRoot: true
|
||||
# runAsUser: 1000
|
||||
|
||||
serviceAccount:
|
||||
# Specifies whether a service account should be created.
|
||||
# We create this by default to make it easier for downstream users to apply PodSecurityPolicies.
|
||||
create: true
|
||||
# Annotations to add to the service account
|
||||
annotations: {}
|
||||
# The name of the service account to use.
|
||||
# If not set and create is true, a name is generated using the fullname template
|
||||
name:
|
||||
|
||||
rbac:
|
||||
create: true
|
||||
|
||||
# Allow users to mount the hostPath /usr/src, useful for RHCOS on s390x
|
||||
# Does not work on systems without /usr/src AND a read-only /usr, such as Talos
|
||||
mountUsrSrc: false
|
||||
|
||||
resources: {}
|
||||
# We usually recommend not to specify default resources and to leave this as a conscious
|
||||
# choice for the user. This also increases chances charts run on environments with little
|
||||
# resources, such as Minikube. If you do want to specify resources, uncomment the following
|
||||
# lines, adjust them as necessary, and remove the curly braces after 'resources:'.
|
||||
# limits:
|
||||
# cpu: 100m
|
||||
# memory: 128Mi
|
||||
# requests:
|
||||
# cpu: 100m
|
||||
# memory: 128Mi
|
||||
|
||||
nodeSelector: {}
|
||||
|
||||
tolerations: []
|
||||
|
||||
annotations: {}
|
||||
|
||||
affinity: {}
|
||||
|
||||
priorityClassName: ""
|
||||
|
||||
topologyUpdater:
|
||||
config: ### <NFD-TOPOLOGY-UPDATER-CONF-START-DO-NOT-REMOVE>
|
||||
## key = node name, value = list of resources to be excluded.
|
||||
## use * to exclude from all nodes.
|
||||
## an example for how the exclude list should looks like
|
||||
#excludeList:
|
||||
# node1: [cpu]
|
||||
# node2: [memory, example/deviceA]
|
||||
# *: [hugepages-2Mi]
|
||||
### <NFD-TOPOLOGY-UPDATER-CONF-END-DO-NOT-REMOVE>
|
||||
|
||||
enable: false
|
||||
createCRDs: false
|
||||
|
||||
serviceAccount:
|
||||
create: true
|
||||
annotations: {}
|
||||
name:
|
||||
rbac:
|
||||
create: true
|
||||
|
||||
kubeletConfigPath:
|
||||
kubeletPodResourcesSockPath:
|
||||
updateInterval: 60s
|
||||
watchNamespace: "*"
|
||||
kubeletStateDir: /var/lib/kubelet
|
||||
|
||||
podSecurityContext: {}
|
||||
securityContext:
|
||||
allowPrivilegeEscalation: false
|
||||
capabilities:
|
||||
drop: [ "ALL" ]
|
||||
readOnlyRootFilesystem: true
|
||||
runAsUser: 0
|
||||
|
||||
resources: {}
|
||||
# We usually recommend not to specify default resources and to leave this as a conscious
|
||||
# choice for the user. This also increases chances charts run on environments with little
|
||||
# resources, such as Minikube. If you do want to specify resources, uncomment the following
|
||||
# lines, adjust them as necessary, and remove the curly braces after 'resources:'.
|
||||
# limits:
|
||||
# cpu: 100m
|
||||
# memory: 128Mi
|
||||
# requests:
|
||||
# cpu: 100m
|
||||
# memory: 128Mi
|
||||
|
||||
nodeSelector: {}
|
||||
tolerations: []
|
||||
annotations: {}
|
||||
affinity: {}
|
||||
podSetFingerprint: true
|
||||
|
||||
topologyGC:
|
||||
enable: true
|
||||
replicaCount: 1
|
||||
|
||||
serviceAccount:
|
||||
create: true
|
||||
annotations: {}
|
||||
name:
|
||||
rbac:
|
||||
create: true
|
||||
|
||||
interval: 1h
|
||||
|
||||
podSecurityContext: {}
|
||||
securityContext:
|
||||
allowPrivilegeEscalation: false
|
||||
capabilities:
|
||||
drop: [ "ALL" ]
|
||||
readOnlyRootFilesystem: true
|
||||
runAsNonRoot: true
|
||||
|
||||
resources: {}
|
||||
# We usually recommend not to specify default resources and to leave this as a conscious
|
||||
# choice for the user. This also increases chances charts run on environments with little
|
||||
# resources, such as Minikube. If you do want to specify resources, uncomment the following
|
||||
# lines, adjust them as necessary, and remove the curly braces after 'resources:'.
|
||||
# limits:
|
||||
# cpu: 100m
|
||||
# memory: 128Mi
|
||||
# requests:
|
||||
# cpu: 100m
|
||||
# memory: 128Mi
|
||||
|
||||
nodeSelector: {}
|
||||
tolerations: []
|
||||
annotations: {}
|
||||
affinity: {}
|
||||
|
||||
# Optionally use encryption for worker <--> master comms
|
||||
# TODO: verify hostname is not yet supported
|
||||
#
|
||||
# If you do not enable certManager (and have it installed) you will
|
||||
# need to manually, or otherwise, provision the TLS certs as secrets
|
||||
tls:
|
||||
enable: false
|
||||
certManager: false
|
|
@ -0,0 +1,4 @@
|
|||
{{ .Chart.Name }}-device-plugin-daemonset deployed in namespace '{{ .Values.namespace }}'
|
||||
{{- if .Values.labeller.enabled }}
|
||||
{{ .Chart.Name }}-labeller-daemonset deployed in namespace '{{ .Values.namespace }}'
|
||||
{{- end }}
|
|
@ -0,0 +1,62 @@
|
|||
{{/*
|
||||
Expand the name of the chart.
|
||||
*/}}
|
||||
{{- define "amd-gpu.name" -}}
|
||||
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
|
||||
{{- end }}
|
||||
|
||||
{{/*
|
||||
Create a default fully qualified app name.
|
||||
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
|
||||
If release name contains chart name it will be used as a full name.
|
||||
*/}}
|
||||
{{- define "amd-gpu.fullname" -}}
|
||||
{{- if .Values.fullnameOverride }}
|
||||
{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
|
||||
{{- else }}
|
||||
{{- $name := default .Chart.Name .Values.nameOverride }}
|
||||
{{- if contains $name .Release.Name }}
|
||||
{{- .Release.Name | trunc 63 | trimSuffix "-" }}
|
||||
{{- else }}
|
||||
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
|
||||
{{/*
|
||||
Create chart name and version as used by the chart label.
|
||||
*/}}
|
||||
{{- define "amd-gpu.chart" -}}
|
||||
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
|
||||
{{- end }}
|
||||
|
||||
{{/*
|
||||
Common labels
|
||||
*/}}
|
||||
{{- define "amd-gpu.labels" -}}
|
||||
helm.sh/chart: {{ include "amd-gpu.chart" . }}
|
||||
{{ include "amd-gpu.selectorLabels" . }}
|
||||
{{- if .Chart.AppVersion }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
|
||||
{{- end }}
|
||||
app.kubernetes.io/managed-by: {{ .Release.Service }}
|
||||
{{- end }}
|
||||
|
||||
{{/*
|
||||
Selector labels
|
||||
*/}}
|
||||
{{- define "amd-gpu.selectorLabels" -}}
|
||||
app.kubernetes.io/name: {{ include "amd-gpu.name" . }}
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
{{- end }}
|
||||
|
||||
{{/*
|
||||
Create the name of the service account to use
|
||||
*/}}
|
||||
{{- define "amd-gpu.serviceAccountName" -}}
|
||||
{{- if .Values.serviceAccount.create }}
|
||||
{{- default (include "amd-gpu.fullname" .) .Values.serviceAccount.name }}
|
||||
{{- else }}
|
||||
{{- default "default" .Values.serviceAccount.name }}
|
||||
{{- end }}
|
||||
{{- end }}
|
|
@ -0,0 +1,48 @@
|
|||
apiVersion: apps/v1
|
||||
kind: DaemonSet
|
||||
metadata:
|
||||
name: {{ .Chart.Name }}-device-plugin-daemonset
|
||||
namespace: {{ .Values.namespace }}
|
||||
spec:
|
||||
selector:
|
||||
matchLabels:
|
||||
name: {{ .Chart.Name }}-dp-ds
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
name: {{ .Chart.Name }}-dp-ds
|
||||
spec:
|
||||
{{- with .Values.imagePullSecrets }}
|
||||
imagePullSecrets:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- if .Values.nfd.enabled }}
|
||||
{{- with .Values.node_selector }}
|
||||
nodeSelector:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
priorityClassName: system-node-critical
|
||||
{{- with .Values.tolerations }}
|
||||
tolerations:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
containers:
|
||||
- name: {{ .Chart.Name }}-dp-cntr
|
||||
image: {{ .Values.dp.image.repository }}:{{ .Values.dp.image.tag | default .Chart.AppVersion }}
|
||||
securityContext:
|
||||
{{- toYaml .Values.securityContext | nindent 12 }}
|
||||
volumeMounts:
|
||||
- name: dp
|
||||
mountPath: /var/lib/kubelet/device-plugins
|
||||
- name: sys
|
||||
mountPath: /sys
|
||||
resources:
|
||||
{{- toYaml .Values.dp.resources | nindent 12 }}
|
||||
volumes:
|
||||
- name: dp
|
||||
hostPath:
|
||||
path: /var/lib/kubelet/device-plugins
|
||||
- name: sys
|
||||
hostPath:
|
||||
path: /sys
|
|
@ -0,0 +1,83 @@
|
|||
{{- if .Values.labeller.enabled }}
|
||||
apiVersion: rbac.authorization.k8s.io/v1beta1
|
||||
kind: ClusterRole
|
||||
metadata:
|
||||
name: cr-{{ .Chart.Name }}-node-labeller
|
||||
rules:
|
||||
- apiGroups: [""]
|
||||
resources: ["nodes"]
|
||||
verbs: ["watch", "get", "list", "update"]
|
||||
---
|
||||
apiVersion: rbac.authorization.k8s.io/v1beta1
|
||||
kind: ClusterRoleBinding
|
||||
metadata:
|
||||
name: crb-{{ .Chart.Name }}-labeller
|
||||
namespace: default
|
||||
roleRef:
|
||||
apiGroup: rbac.authorization.k8s.io
|
||||
kind: ClusterRole
|
||||
name: cr-{{ .Chart.Name }}-node-labeller
|
||||
subjects:
|
||||
- kind: ServiceAccount
|
||||
name: default
|
||||
namespace: default
|
||||
- kind: ServiceAccount
|
||||
name: default
|
||||
namespace: {{ .Values.namespace }}
|
||||
---
|
||||
apiVersion: apps/v1
|
||||
kind: DaemonSet
|
||||
metadata:
|
||||
name: {{ .Chart.Name }}-labeller-daemonset
|
||||
namespace: {{ .Values.namespace }}
|
||||
spec:
|
||||
selector:
|
||||
matchLabels:
|
||||
name: amdgpu-lr-ds
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
name: amdgpu-lr-ds
|
||||
spec:
|
||||
{{- if .Values.nfd.enabled }}
|
||||
{{- with .Values.node_selector }}
|
||||
nodeSelector:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
priorityClassName: system-node-critical
|
||||
{{- with .Values.tolerations }}
|
||||
tolerations:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
containers:
|
||||
- image: {{ .Values.lbl.image.repository }}:{{ .Values.lbl.image.tag }}
|
||||
name: {{ .Chart.Name }}-lr-cntr
|
||||
imagePullPolicy: Always
|
||||
workingDir: /root
|
||||
command: ["./k8s-node-labeller"]
|
||||
args: ["-vram", "-cu-count", "-simd-count", "-device-id", "-family"]
|
||||
env:
|
||||
- name: DS_NODE_NAME
|
||||
valueFrom:
|
||||
fieldRef:
|
||||
fieldPath: spec.nodeName
|
||||
securityContext:
|
||||
privileged: true #Needed for /dev
|
||||
capabilities:
|
||||
drop: ["ALL"]
|
||||
volumeMounts:
|
||||
- name: sys
|
||||
mountPath: /sys
|
||||
- name: dev
|
||||
mountPath: /dev
|
||||
resources:
|
||||
{{- toYaml .Values.lbl.resources | nindent 10 }}
|
||||
volumes:
|
||||
- name: sys
|
||||
hostPath:
|
||||
path: /sys
|
||||
- name: dev
|
||||
hostPath:
|
||||
path: /dev
|
||||
{{- end }}
|
|
@ -0,0 +1,36 @@
|
|||
nfd:
|
||||
enabled: false
|
||||
|
||||
labeller:
|
||||
enabled: false
|
||||
|
||||
namespace: kube-system
|
||||
|
||||
dp:
|
||||
image:
|
||||
repository: docker.io/rocm/k8s-device-plugin
|
||||
# Overrides the image tag whose default is the chart appVersion.
|
||||
tag: "1.25.2.4"
|
||||
resources: {}
|
||||
|
||||
lbl:
|
||||
image:
|
||||
repository: docker.io/rocm/k8s-device-plugin
|
||||
tag: "labeller-1.25.2.4"
|
||||
resources: {}
|
||||
|
||||
imagePullSecrets: []
|
||||
|
||||
securityContext:
|
||||
allowPrivilegeEscalation: false
|
||||
capabilities:
|
||||
drop:
|
||||
- ALL
|
||||
|
||||
tolerations:
|
||||
- key: CriticalAddonsOnly
|
||||
operator: Exists
|
||||
|
||||
node_selector:
|
||||
feature.node.kubernetes.io/pci-0300_1002.present: "true"
|
||||
kubernetes.io/arch: amd64
|
|
@ -37,4 +37,4 @@ maintainers:
|
|||
name: redis
|
||||
sources:
|
||||
- https://github.com/bitnami/charts/tree/main/bitnami/redis
|
||||
version: 18.0.0
|
||||
version: 18.0.1
|
||||
|
|
|
@ -790,6 +790,12 @@ This issue can be mitigated by splitting the upgrade into two stages: one for al
|
|||
- Stage 2 (anything else that is not up to date, in this case only master):
|
||||
`helm upgrade oci://registry-1.docker.io/bitnamicharts/redis`
|
||||
|
||||
### To 18.0.0
|
||||
|
||||
This major version updates the Redis® docker image version used from `7.0` to `7.2`, the new stable version. There are no major changes in the chart, but we recommend checking the [Redis® 7.2 release notes](https://raw.githubusercontent.com/redis/redis/7.2/00-RELEASENOTES) before upgrading.
|
||||
|
||||
NOTE: Due to an error in our release process, versions higher or equal than 17.15.4 already use 7.2 by default.
|
||||
|
||||
### To 17.0.0
|
||||
|
||||
This major version updates the Redis® docker image version used from `6.2` to `7.0`, the new stable version. There are no major changes in the chart, but we recommend checking the [Redis® 7.0 release notes](https://raw.githubusercontent.com/redis/redis/7.0/00-RELEASENOTES) before upgrading.
|
||||
|
@ -976,4 +982,4 @@ Unless required by applicable law or agreed to in writing, software
|
|||
distributed under the License is distributed on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
||||
limitations under the License.
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
dependencies:
|
||||
- name: crate-operator-crds
|
||||
repository: file://../crate-operator-crds
|
||||
version: 2.30.2
|
||||
digest: sha256:5b8b40b7c1c3c068df6806a2325b21d4f0b93b69df3387be6bc20092936d153a
|
||||
generated: "2023-08-10T11:24:24.32953244Z"
|
||||
version: 2.30.3
|
||||
digest: sha256:ae46760e801b4cef9755aa95f722dd25151fc3a8633cef7bcfbb5745d96b569c
|
||||
generated: "2023-08-29T08:31:06.489571561Z"
|
||||
|
|
|
@ -3,16 +3,16 @@ annotations:
|
|||
catalog.cattle.io/display-name: CrateDB Operator
|
||||
catalog.cattle.io/release-name: crate-operator
|
||||
apiVersion: v2
|
||||
appVersion: 2.30.2
|
||||
appVersion: 2.30.3
|
||||
dependencies:
|
||||
- condition: crate-operator-crds.enabled
|
||||
name: crate-operator-crds
|
||||
repository: file://./charts/crate-operator-crds
|
||||
version: 2.30.2
|
||||
version: 2.30.3
|
||||
description: Crate Operator - Helm chart for installing and upgrading Crate Operator.
|
||||
icon: https://raw.githubusercontent.com/crate/crate/master/docs/_static/crate-logo.svg
|
||||
maintainers:
|
||||
- name: Crate.io
|
||||
name: crate-operator
|
||||
type: application
|
||||
version: 2.30.2
|
||||
version: 2.30.3
|
||||
|
|
|
@ -1,9 +1,9 @@
|
|||
apiVersion: v2
|
||||
appVersion: 2.30.2
|
||||
appVersion: 2.30.3
|
||||
description: Crate Operator CRDs - Helm chart for installing and upgrading Custom
|
||||
Resource Definitions (CRDs) for the Crate Operator.
|
||||
maintainers:
|
||||
- name: Crate.io
|
||||
name: crate-operator-crds
|
||||
type: application
|
||||
version: 2.30.2
|
||||
version: 2.30.3
|
||||
|
|
|
@ -4,7 +4,7 @@ annotations:
|
|||
catalog.cattle.io/kube-version: '>1.22.0-0'
|
||||
catalog.cattle.io/release-name: falcon-sensor
|
||||
apiVersion: v2
|
||||
appVersion: 1.20.2
|
||||
appVersion: 1.20.3
|
||||
description: A Helm chart to deploy CrowdStrike Falcon sensors into Kubernetes clusters.
|
||||
home: https://crowdstrike.com
|
||||
icon: https://raw.githubusercontent.com/CrowdStrike/falcon-helm/main/images/crowdstrike-logo.svg
|
||||
|
@ -24,4 +24,4 @@ name: falcon-sensor
|
|||
sources:
|
||||
- https://github.com/CrowdStrike/falcon-helm
|
||||
type: application
|
||||
version: 1.20.2
|
||||
version: 1.20.3
|
||||
|
|
|
@ -14,7 +14,7 @@ metadata:
|
|||
data:
|
||||
FALCONCTL_OPT_CID: {{ .Values.falcon.cid }}
|
||||
{{- range $key, $value := .Values.falcon }}
|
||||
{{- if and ($value) (ne $key "cid") }}
|
||||
{{- if and (or $value (eq ($value | toString) "false")) (ne $key "cid") }}
|
||||
FALCONCTL_OPT_{{ $key | upper }}: {{ $value | quote }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
|
|
|
@ -9,7 +9,7 @@ annotations:
|
|||
catalog.cattle.io/kube-version: '>=1.21-0'
|
||||
catalog.cattle.io/release-name: instana-agent
|
||||
apiVersion: v2
|
||||
appVersion: 1.252.0
|
||||
appVersion: 1.256.0
|
||||
description: Instana Agent for Kubernetes
|
||||
home: https://www.instana.com/
|
||||
icon: https://agents.instana.io/helm/stan-logo-2020.png
|
||||
|
@ -23,4 +23,4 @@ maintainers:
|
|||
name: instana-agent
|
||||
sources:
|
||||
- https://github.com/instana/instana-agent-docker
|
||||
version: 1.2.61
|
||||
version: 1.2.62
|
||||
|
|
|
@ -334,6 +334,8 @@ zones:
|
|||
```
|
||||
|
||||
## Changelog
|
||||
### 1.2.62
|
||||
* Include k8s-sensor resources in the default static YAML definitions
|
||||
|
||||
### 1.2.61
|
||||
* Increase timeout and initialDelay for the Agent container
|
||||
|
|
|
@ -3,4 +3,4 @@ dependencies:
|
|||
repository: https://charts.jetstack.io
|
||||
version: v1.12.3
|
||||
digest: sha256:3110ca458f8a903dc025408701614af03df859bf827824478ed68c785b0e6209
|
||||
generated: "2023-08-18T21:18:29.803296054Z"
|
||||
generated: "2023-08-29T05:47:05.106503476Z"
|
||||
|
|
|
@ -14,7 +14,7 @@ annotations:
|
|||
catalog.cattle.io/kube-version: '>=1.19.0'
|
||||
catalog.cattle.io/release-name: koor-operator
|
||||
apiVersion: v2
|
||||
appVersion: v0.3.4
|
||||
appVersion: v0.3.5
|
||||
dependencies:
|
||||
- alias: certmanager
|
||||
condition: certmanager.enabled
|
||||
|
@ -33,4 +33,4 @@ name: koor-operator
|
|||
sources:
|
||||
- https://github.com/koor-tech/koor-operator/
|
||||
type: application
|
||||
version: 0.3.4
|
||||
version: 0.3.5
|
||||
|
|
|
@ -42,8 +42,8 @@ The following table lists the configurable parameters of the rook-operator chart
|
|||
|
||||
| Parameter | Description | Default |
|
||||
|-----------|-------------|---------|
|
||||
| `certmanager.enabled` | Enable cert-maanger | `true` |
|
||||
| `certmanager.installCRDs` | If cert-manager's CRDs should be installed through Helm. | `true` |
|
||||
| `certmanager.enabled` | Install cert-manger. Set to false to use an existing cert-manager | `true` |
|
||||
| `certmanager.installCRDs` | If cert-manager's CRDs should be installed through Helm | `true` |
|
||||
| `controllerManager.kubeRbacProxy.args` | RBAC proxy args | `["--secure-listen-address=0.0.0.0:8443","--upstream=http://127.0.0.1:8080/","--logtostderr=true","--v=0"]` |
|
||||
| `controllerManager.kubeRbacProxy.containerSecurityContext` | RBAC proxy container security context | `{"allowPrivilegeEscalation":false,"capabilities":{"drop":["ALL"]}}` |
|
||||
| `controllerManager.kubeRbacProxy.image.repository` | Operator image repository | `"gcr.io/kubebuilder/kube-rbac-proxy"` |
|
||||
|
@ -52,7 +52,7 @@ The following table lists the configurable parameters of the rook-operator chart
|
|||
| `controllerManager.manager.args` | Operator args | `["--health-probe-bind-address=:8081","--metrics-bind-address=127.0.0.1:8080","--leader-elect"]` |
|
||||
| `controllerManager.manager.containerSecurityContext` | Operator container security context | `{"allowPrivilegeEscalation":false,"capabilities":{"drop":["ALL"]}}` |
|
||||
| `controllerManager.manager.image.repository` | Operator image repository | `"docker.io/koorinc/koor-operator"` |
|
||||
| `controllerManager.manager.image.tag` | Operator image tag | `"v0.3.4"` |
|
||||
| `controllerManager.manager.image.tag` | Operator image tag | `"v0.3.5"` |
|
||||
| `controllerManager.manager.resources` | Operator container resources | `{"limits":{"cpu":"500m","memory":"512Mi"},"requests":{"cpu":"10m","memory":"128Mi"}}` |
|
||||
| `controllerManager.replicas` | | `1` |
|
||||
| `koorCluster.spec.dashboardEnabled` | Enable the Ceph MGR dashboard. | `true` |
|
||||
|
@ -60,7 +60,7 @@ The following table lists the configurable parameters of the rook-operator chart
|
|||
| `koorCluster.spec.ksdReleaseName` | The name to use for KSD helm release. | `"ksd"` |
|
||||
| `koorCluster.spec.monitoringEnabled` | If monitoring should be enabled, requires the prometheus-operator to be pre-installed. | `true` |
|
||||
| `koorCluster.spec.toolboxEnabled` | If the Ceph toolbox, should be deployed as well. | `true` |
|
||||
| `koorCluster.spec.upgradeOptions.endpoint` | The api endpoint used to find the ceph latest version | `"versions.koor.tech"` |
|
||||
| `koorCluster.spec.upgradeOptions.endpoint` | The api endpoint used to find the ceph latest version | `"https://versions.koor.tech"` |
|
||||
| `koorCluster.spec.upgradeOptions.mode` | Upgrade mode. Options: disabled, notify, upgrade. | `"notify"` |
|
||||
| `koorCluster.spec.upgradeOptions.schedule` | The schedule to check for new versions. Uses CRON format as specified by https://github.com/robfig/cron/tree/v3. Defaults to everyday at midnight in the local timezone. To change the timezone, prefix the schedule with CRON_TZ=<Timezone>. For example: "CRON_TZ=UTC 0 0 * * *" is midnight UTC. | `"0 0 * * *"` |
|
||||
| `koorCluster.spec.useAllDevices` | If all empty + unused devices of the cluster should be used. | `true` |
|
||||
|
|
|
@ -68,10 +68,10 @@ spec:
|
|||
description: Installs a debugging toolbox deployment
|
||||
type: boolean
|
||||
upgradeOptions:
|
||||
description: Specifies the notification options for new ceph versions
|
||||
description: Specifies the upgrade options for new ceph versions
|
||||
properties:
|
||||
endpoint:
|
||||
default: versions.koor.tech
|
||||
default: https://versions.koor.tech
|
||||
description: The api endpoint used to find the ceph latest version
|
||||
type: string
|
||||
mode:
|
||||
|
|
|
@ -7,6 +7,7 @@ metadata:
|
|||
app.kubernetes.io/part-of: koor-operator
|
||||
{{- include "koor-operator.labels" . | nindent 4 }}
|
||||
spec:
|
||||
backoffLimit: 20
|
||||
template:
|
||||
metadata:
|
||||
name: {{ include "koor-operator.jobName" . }}
|
||||
|
|
|
@ -10,6 +10,7 @@ metadata:
|
|||
helm.sh/hook: pre-delete
|
||||
helm.sh/hook-delete-policy: hook-succeeded
|
||||
spec:
|
||||
backoffLimit: 20
|
||||
template:
|
||||
metadata:
|
||||
name: {{ include "koor-operator.fullname" . }}-predelete-job
|
||||
|
|
|
@ -1,8 +1,8 @@
|
|||
# NOTE: commit your changes before running make or they will be lost.
|
||||
certmanager:
|
||||
# -- Enable cert-maanger
|
||||
# -- Install cert-manger. Set to false to use an existing cert-manager
|
||||
enabled: true
|
||||
# -- If cert-manager's CRDs should be installed through Helm.
|
||||
# -- If cert-manager's CRDs should be installed through Helm
|
||||
installCRDs: true
|
||||
controllerManager:
|
||||
# RBAC proxy configuration
|
||||
|
@ -49,7 +49,7 @@ controllerManager:
|
|||
# -- Operator image repository
|
||||
repository: docker.io/koorinc/koor-operator
|
||||
# -- Operator image tag
|
||||
tag: v0.3.4
|
||||
tag: v0.3.5
|
||||
# -- Operator container resources
|
||||
resources:
|
||||
limits:
|
||||
|
@ -92,7 +92,7 @@ koorCluster:
|
|||
# -- Upgrade mode. Options: disabled, notify, upgrade.
|
||||
mode: notify
|
||||
# -- The api endpoint used to find the ceph latest version
|
||||
endpoint: versions.koor.tech
|
||||
endpoint: https://versions.koor.tech
|
||||
# -- The schedule to check for new versions. Uses CRON format as specified by https://github.com/robfig/cron/tree/v3.
|
||||
# Defaults to everyday at midnight in the local timezone.
|
||||
# To change the timezone, prefix the schedule with CRON_TZ=<Timezone>.
|
||||
|
|
|
@ -6,4 +6,4 @@ dependencies:
|
|||
repository: https://charts.redpanda.com
|
||||
version: 0.1.5
|
||||
digest: sha256:dd7afd55f6eb7e9b3a91b0e5eeda47138e23c255b32d277ad4cb3a7ad3ec1b1f
|
||||
generated: "2023-08-24T18:40:38.735781014Z"
|
||||
generated: "2023-08-29T00:48:34.845874471Z"
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
annotations:
|
||||
artifacthub.io/images: |
|
||||
- name: redpanda
|
||||
image: docker.redpanda.com/redpandadata/redpanda:v23.2.6
|
||||
image: docker.redpanda.com/redpandadata/redpanda:v23.2.7
|
||||
- name: busybox
|
||||
image: busybox:latest
|
||||
- name: mintel/docker-alpine-bash-curl-jq
|
||||
|
@ -17,7 +17,7 @@ annotations:
|
|||
catalog.cattle.io/kube-version: '>=1.21-0'
|
||||
catalog.cattle.io/release-name: redpanda
|
||||
apiVersion: v2
|
||||
appVersion: v23.2.6
|
||||
appVersion: v23.2.7
|
||||
dependencies:
|
||||
- condition: console.enabled
|
||||
name: console
|
||||
|
@ -37,4 +37,4 @@ name: redpanda
|
|||
sources:
|
||||
- https://github.com/redpanda-data/helm-charts
|
||||
type: application
|
||||
version: 5.1.6
|
||||
version: 5.1.7
|
||||
|
|
|
@ -33,6 +33,17 @@ We truncate at 63 chars because some Kubernetes name fields are limited to this
|
|||
{{- end -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Create a default service name
|
||||
*/}}
|
||||
{{- define "redpanda.servicename" -}}
|
||||
{{- if dig "service" "name" false .Values.AsMap -}}
|
||||
{{- .Values.service.name | trunc 63 | trimSuffix "-" -}}
|
||||
{{- else -}}
|
||||
{{ include "redpanda.fullname" . | trunc 63 | trimSuffix "-" -}}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
full helm labels + common labels
|
||||
*/}}
|
||||
|
@ -93,7 +104,7 @@ Generate configuration needed for rpk
|
|||
*/}}
|
||||
|
||||
{{- define "redpanda.internal.domain" -}}
|
||||
{{- $service := include "redpanda.fullname" . -}}
|
||||
{{- $service := include "redpanda.servicename" . -}}
|
||||
{{- $ns := .Release.Namespace -}}
|
||||
{{- $domain := .Values.clusterDomain | trimSuffix "." -}}
|
||||
{{- printf "%s.%s.svc.%s." $service $ns $domain -}}
|
||||
|
|
|
@ -16,7 +16,7 @@ limitations under the License.
|
|||
*/}}
|
||||
{{- if (include "tls-enabled" . | fromJson).bool }}
|
||||
{{- $root := deepCopy . }}
|
||||
{{- $service := include "redpanda.fullname" . }}
|
||||
{{- $service := include "redpanda.servicename" . }}
|
||||
{{- $ns := .Release.Namespace }}
|
||||
{{- $domain := .Values.clusterDomain | trimSuffix "." }}
|
||||
{{- $listeners := .Values.listeners }}
|
||||
|
|
|
@ -30,7 +30,7 @@ stringData:
|
|||
#!/usr/bin/env bash
|
||||
|
||||
# the SERVICE_NAME comes from the metadata.name of the pod, essentially the POD_NAME
|
||||
CURL_URL="{{ include "admin-http-protocol" . }}://${SERVICE_NAME}.{{ template "redpanda.fullname" . }}.{{ .Release.Namespace }}.svc.{{ .Values.clusterDomain | trimSuffix "." }}:{{ .Values.listeners.admin.port }}"
|
||||
CURL_URL="{{ include "admin-http-protocol" . }}://${SERVICE_NAME}.{{ template "redpanda.servicename" . }}.{{ .Release.Namespace }}.svc.{{ .Values.clusterDomain | trimSuffix "." }}:{{ .Values.listeners.admin.port }}"
|
||||
|
||||
# commands used throughout
|
||||
CURL_NODE_ID_CMD="curl --silent --fail {{ include "admin-tls-curl-flags" . }} ${CURL_URL}/v1/node_config"
|
||||
|
|
|
@ -21,7 +21,7 @@ limitations under the License.
|
|||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: {{ include "redpanda.fullname" . }}
|
||||
name: {{ include "redpanda.servicename" . }}
|
||||
namespace: {{ .Release.Namespace | quote }}
|
||||
labels:
|
||||
monitoring.redpanda.com/enabled: {{ .Values.monitoring.enabled | quote }}
|
||||
|
|
|
@ -20,7 +20,7 @@ limitations under the License.
|
|||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: {{ include "redpanda.fullname" . }}-external
|
||||
name: {{ include "redpanda.servicename" . }}-external
|
||||
namespace: {{ .Release.Namespace | quote }}
|
||||
labels:
|
||||
{{- with include "full.labels" . }}
|
||||
|
|
|
@ -47,7 +47,7 @@ metadata:
|
|||
spec:
|
||||
selector:
|
||||
matchLabels: {{ (include "statefulset-pod-labels" .) | nindent 6 }}
|
||||
serviceName: {{ template "redpanda.fullname" . }}
|
||||
serviceName: {{ template "redpanda.servicename" . }}
|
||||
replicas: {{ .Values.statefulset.replicas | int64 }}
|
||||
updateStrategy:
|
||||
{{- toYaml .Values.statefulset.updateStrategy | nindent 4 }}
|
||||
|
|
|
@ -51,13 +51,13 @@ spec:
|
|||
{{- if or (include "sasl-enabled" .|fromJson).bool .Values.listeners.http.authenticationMethod }}
|
||||
-u $USERNAME:$PASSWORD \
|
||||
{{- end }}
|
||||
http://{{ include "redpanda.fullname" . }}:{{ .Values.listeners.http.port }}/brokers
|
||||
http://{{ include "redpanda.servicename" . }}:{{ .Values.listeners.http.port }}/brokers
|
||||
|
||||
curl -svm3 --fail --retry "120" --retry-max-time "120" --retry-all-errors \
|
||||
{{- if or (include "sasl-enabled" .|fromJson).bool .Values.listeners.http.authenticationMethod }}
|
||||
-u $USERNAME:$PASSWORD \
|
||||
{{- end }}
|
||||
http://{{ include "redpanda.fullname" . }}:{{ .Values.listeners.http.port }}/topics
|
||||
http://{{ include "redpanda.servicename" . }}:{{ .Values.listeners.http.port }}/topics
|
||||
volumeMounts:
|
||||
{{- if $sasl.enabled }}
|
||||
- name: {{ $sasl.secretRef }}
|
||||
|
|
|
@ -50,6 +50,14 @@
|
|||
}
|
||||
}
|
||||
},
|
||||
"service": {
|
||||
"type": "object",
|
||||
"properties": {
|
||||
"name": {
|
||||
"type": "string"
|
||||
}
|
||||
}
|
||||
},
|
||||
"license_key": {
|
||||
"type": "string",
|
||||
"pattern": "^(?:[A-Za-z0-9+/]{4})*(?:[A-Za-z0-9+/]{2}==|[A-Za-z0-9+/]{3}=)?\\.(?:[A-Za-z0-9+/]{4})*(?:[A-Za-z0-9+/]{2}==|[A-Za-z0-9+/]{3}=)?$|^$",
|
||||
|
|
|
@ -56,6 +56,11 @@ image:
|
|||
# If `image.tag` is 'latest', the default is `Always`.
|
||||
pullPolicy: IfNotPresent
|
||||
|
||||
# -- Redpanda Service settings.
|
||||
# service:
|
||||
# -- set service.name to override the default service name
|
||||
# name: redpanda
|
||||
|
||||
# -- Pull secrets may be used to provide credentials to image repositories
|
||||
# See https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
|
||||
imagePullSecrets: []
|
||||
|
|
245
index.yaml
245
index.yaml
|
@ -1515,6 +1515,39 @@ entries:
|
|||
urls:
|
||||
- assets/ambassador/ambassador-6.7.1100.tgz
|
||||
version: 6.7.1100
|
||||
amd-gpu:
|
||||
- annotations:
|
||||
catalog.cattle.io/certified: partner
|
||||
catalog.cattle.io/display-name: AMD GPU Device Plugin
|
||||
catalog.cattle.io/kube-version: '>= 1.18.0-0'
|
||||
catalog.cattle.io/release-name: amd-gpu
|
||||
apiVersion: v2
|
||||
appVersion: 1.25.2.4
|
||||
created: "2023-08-29T12:38:28.103862926Z"
|
||||
dependencies:
|
||||
- condition: nfd.enabled
|
||||
name: node-feature-discovery
|
||||
repository: file://./charts/node-feature-discovery
|
||||
version: '>= 0.8.1-0'
|
||||
description: A Helm chart for deploying Kubernetes AMD GPU device plugin
|
||||
digest: 7a7b954ea1cc15cbdd47b2167f9cb27a7978b80c905714421282de2c4245d04e
|
||||
home: https://github.com/RadeonOpenCompute/k8s-device-plugin
|
||||
icon: https://raw.githubusercontent.com/RadeonOpenCompute/k8s-device-plugin/master/helm/logo.png
|
||||
keywords:
|
||||
- kubernetes
|
||||
- cluster
|
||||
- hardware
|
||||
- gpu
|
||||
kubeVersion: '>= 1.18.0-0'
|
||||
maintainers:
|
||||
- name: Kenny Ho <Kenny.Ho@amd.com>
|
||||
name: amd-gpu
|
||||
sources:
|
||||
- https://github.com/RadeonOpenCompute/k8s-device-plugin
|
||||
type: application
|
||||
urls:
|
||||
- assets/amd/amd-gpu-0.9.0.tgz
|
||||
version: 0.9.0
|
||||
argo-cd:
|
||||
- annotations:
|
||||
artifacthub.io/changes: |
|
||||
|
@ -13667,6 +13700,28 @@ entries:
|
|||
- assets/kubecost/cost-analyzer-1.70.000.tgz
|
||||
version: 1.70.000
|
||||
crate-operator:
|
||||
- annotations:
|
||||
catalog.cattle.io/certified: partner
|
||||
catalog.cattle.io/display-name: CrateDB Operator
|
||||
catalog.cattle.io/release-name: crate-operator
|
||||
apiVersion: v2
|
||||
appVersion: 2.30.3
|
||||
created: "2023-08-29T12:38:34.501771794Z"
|
||||
dependencies:
|
||||
- condition: crate-operator-crds.enabled
|
||||
name: crate-operator-crds
|
||||
repository: file://./charts/crate-operator-crds
|
||||
version: 2.30.3
|
||||
description: Crate Operator - Helm chart for installing and upgrading Crate Operator.
|
||||
digest: 814371e98d694a287707bfdcfd74a703db613822a486e21a2d9982a88d5eeff4
|
||||
icon: https://raw.githubusercontent.com/crate/crate/master/docs/_static/crate-logo.svg
|
||||
maintainers:
|
||||
- name: Crate.io
|
||||
name: crate-operator
|
||||
type: application
|
||||
urls:
|
||||
- assets/crate/crate-operator-2.30.3.tgz
|
||||
version: 2.30.3
|
||||
- annotations:
|
||||
catalog.cattle.io/certified: partner
|
||||
catalog.cattle.io/display-name: CrateDB Operator
|
||||
|
@ -18774,6 +18829,38 @@ entries:
|
|||
- assets/f5/f5-bigip-ctlr-0.0.1901.tgz
|
||||
version: 0.0.1901
|
||||
falcon-sensor:
|
||||
- annotations:
|
||||
catalog.cattle.io/certified: partner
|
||||
catalog.cattle.io/display-name: CrowdStrike Falcon Platform
|
||||
catalog.cattle.io/kube-version: '>1.22.0-0'
|
||||
catalog.cattle.io/release-name: falcon-sensor
|
||||
apiVersion: v2
|
||||
appVersion: 1.20.3
|
||||
created: "2023-08-29T12:38:34.523694118Z"
|
||||
description: A Helm chart to deploy CrowdStrike Falcon sensors into Kubernetes
|
||||
clusters.
|
||||
digest: 05f421b99ec4b574d7ad62c81c62d9c4897afee9a9f090e02d7f4bd8b94b5153
|
||||
home: https://crowdstrike.com
|
||||
icon: https://raw.githubusercontent.com/CrowdStrike/falcon-helm/main/images/crowdstrike-logo.svg
|
||||
keywords:
|
||||
- CrowdStrike
|
||||
- Falcon
|
||||
- EDR
|
||||
- kubernetes
|
||||
- security
|
||||
- monitoring
|
||||
- alerting
|
||||
kubeVersion: '>1.22.0-0'
|
||||
maintainers:
|
||||
- email: integrations@crowdstrike.com
|
||||
name: CrowdStrike Solutions Architecture
|
||||
name: falcon-sensor
|
||||
sources:
|
||||
- https://github.com/CrowdStrike/falcon-helm
|
||||
type: application
|
||||
urls:
|
||||
- assets/crowdstrike/falcon-sensor-1.20.3.tgz
|
||||
version: 1.20.3
|
||||
- annotations:
|
||||
catalog.cattle.io/certified: partner
|
||||
catalog.cattle.io/display-name: CrowdStrike Falcon Platform
|
||||
|
@ -22339,6 +22426,36 @@ entries:
|
|||
- assets/hpe/hpe-flexvolume-driver-3.1.000.tgz
|
||||
version: 3.1.000
|
||||
instana-agent:
|
||||
- annotations:
|
||||
artifacthub.io/links: |
|
||||
- name: Instana website
|
||||
url: https://www.instana.com
|
||||
- name: Instana Helm charts
|
||||
url: https://github.com/instana/helm-charts
|
||||
catalog.cattle.io/certified: partner
|
||||
catalog.cattle.io/display-name: Instana Agent
|
||||
catalog.cattle.io/kube-version: '>=1.21-0'
|
||||
catalog.cattle.io/release-name: instana-agent
|
||||
apiVersion: v2
|
||||
appVersion: 1.256.0
|
||||
created: "2023-08-29T12:38:36.267623271Z"
|
||||
description: Instana Agent for Kubernetes
|
||||
digest: 6bb1dab8b5bb7746a64f5e45bba6b713d51db8c8789e3c63c0196d02993621a1
|
||||
home: https://www.instana.com/
|
||||
icon: https://agents.instana.io/helm/stan-logo-2020.png
|
||||
maintainers:
|
||||
- email: felix.marx@ibm.com
|
||||
name: FelixMarxIBM
|
||||
- email: henning.treu@ibm.com
|
||||
name: htreu
|
||||
- email: torsten.kohn@ibm.com
|
||||
name: tkohn
|
||||
name: instana-agent
|
||||
sources:
|
||||
- https://github.com/instana/instana-agent-docker
|
||||
urls:
|
||||
- assets/instana/instana-agent-1.2.62.tgz
|
||||
version: 1.2.62
|
||||
- annotations:
|
||||
artifacthub.io/links: |
|
||||
- name: Instana website
|
||||
|
@ -29585,6 +29702,46 @@ entries:
|
|||
- assets/kong/kong-2.3.1.tgz
|
||||
version: 2.3.1
|
||||
koor-operator:
|
||||
- annotations:
|
||||
artifacthub.io/category: storage
|
||||
artifacthub.io/crds: |
|
||||
- kind: KoorCluster
|
||||
version: v1
|
||||
name: koorcluster
|
||||
displayName: Koor Cluster
|
||||
description: "Resource to control the creation of a Koor Storage Cluster."
|
||||
artifacthub.io/license: Apache-2.0
|
||||
artifacthub.io/operator: "true"
|
||||
artifacthub.io/operatorCapabilities: basic install
|
||||
catalog.cattle.io/certified: partner
|
||||
catalog.cattle.io/display-name: Koor Operator
|
||||
catalog.cattle.io/kube-version: '>=1.19.0'
|
||||
catalog.cattle.io/release-name: koor-operator
|
||||
apiVersion: v2
|
||||
appVersion: v0.3.5
|
||||
created: "2023-08-29T12:38:38.569737777Z"
|
||||
dependencies:
|
||||
- alias: certmanager
|
||||
condition: certmanager.enabled
|
||||
name: cert-manager
|
||||
repository: file://./charts/cert-manager
|
||||
version: v1.12.3
|
||||
description: A Helm chart for deploying the Koor Operator to Kubernetes
|
||||
digest: bc676ee44d9a4d48808bdde5d10cfc49b3d3212fa47461727b561004bf277be0
|
||||
icon: https://koor.tech/images/favicon.svg
|
||||
keywords:
|
||||
- storage
|
||||
- operator
|
||||
- rook
|
||||
- ceph
|
||||
kubeVersion: '>=1.19.0'
|
||||
name: koor-operator
|
||||
sources:
|
||||
- https://github.com/koor-tech/koor-operator/
|
||||
type: application
|
||||
urls:
|
||||
- assets/koor-tech/koor-operator-0.3.5.tgz
|
||||
version: 0.3.5
|
||||
- annotations:
|
||||
artifacthub.io/category: storage
|
||||
artifacthub.io/crds: |
|
||||
|
@ -41615,6 +41772,50 @@ entries:
|
|||
- assets/quobyte/quobyte-cluster-0.1.5.tgz
|
||||
version: 0.1.5
|
||||
redis:
|
||||
- annotations:
|
||||
catalog.cattle.io/certified: partner
|
||||
catalog.cattle.io/display-name: Redis
|
||||
catalog.cattle.io/kube-version: '>=1.19-0'
|
||||
catalog.cattle.io/release-name: redis
|
||||
category: Database
|
||||
images: |
|
||||
- name: os-shell
|
||||
image: docker.io/bitnami/os-shell:11-debian-11-r48
|
||||
- name: redis-exporter
|
||||
image: docker.io/bitnami/redis-exporter:1.52.0-debian-11-r25
|
||||
- name: redis-sentinel
|
||||
image: docker.io/bitnami/redis-sentinel:7.2.0-debian-11-r0
|
||||
- name: redis
|
||||
image: docker.io/bitnami/redis:7.2.0-debian-11-r0
|
||||
licenses: Apache-2.0
|
||||
apiVersion: v2
|
||||
appVersion: 7.2.0
|
||||
created: "2023-08-29T12:38:32.689153556Z"
|
||||
dependencies:
|
||||
- name: common
|
||||
repository: file://./charts/common
|
||||
tags:
|
||||
- bitnami-common
|
||||
version: 2.x.x
|
||||
description: Redis(R) is an open source, advanced key-value store. It is often
|
||||
referred to as a data structure server since keys can contain strings, hashes,
|
||||
lists, sets and sorted sets.
|
||||
digest: 04f363ce8228838767964fff7fc62a3b31a07c59d91a7b543dd9bd3afa44eeb0
|
||||
home: https://bitnami.com
|
||||
icon: https://redis.com/wp-content/uploads/2021/08/redis-logo.png
|
||||
keywords:
|
||||
- redis
|
||||
- keyvalue
|
||||
- database
|
||||
maintainers:
|
||||
- name: VMware, Inc.
|
||||
url: https://github.com/bitnami/charts
|
||||
name: redis
|
||||
sources:
|
||||
- https://github.com/bitnami/charts/tree/main/bitnami/redis
|
||||
urls:
|
||||
- assets/bitnami/redis-18.0.1.tgz
|
||||
version: 18.0.1
|
||||
- annotations:
|
||||
catalog.cattle.io/certified: partner
|
||||
catalog.cattle.io/display-name: Redis
|
||||
|
@ -43319,6 +43520,50 @@ entries:
|
|||
- assets/bitnami/redis-17.3.7.tgz
|
||||
version: 17.3.7
|
||||
redpanda:
|
||||
- annotations:
|
||||
artifacthub.io/images: |
|
||||
- name: redpanda
|
||||
image: docker.redpanda.com/redpandadata/redpanda:v23.2.7
|
||||
- name: busybox
|
||||
image: busybox:latest
|
||||
- name: mintel/docker-alpine-bash-curl-jq
|
||||
image: mintel/docker-alpine-bash-curl-jq:latest
|
||||
artifacthub.io/license: Apache-2.0
|
||||
artifacthub.io/links: |
|
||||
- name: Documentation
|
||||
url: https://docs.redpanda.com
|
||||
- name: "Helm (>= 3.6.0)"
|
||||
url: https://helm.sh/docs/intro/install/
|
||||
catalog.cattle.io/certified: partner
|
||||
catalog.cattle.io/display-name: Redpanda
|
||||
catalog.cattle.io/kube-version: '>=1.21-0'
|
||||
catalog.cattle.io/release-name: redpanda
|
||||
apiVersion: v2
|
||||
appVersion: v23.2.7
|
||||
created: "2023-08-29T12:38:40.826707229Z"
|
||||
dependencies:
|
||||
- condition: console.enabled
|
||||
name: console
|
||||
repository: file://./charts/console
|
||||
version: '>=0.5 <1.0'
|
||||
- condition: connectors.enabled
|
||||
name: connectors
|
||||
repository: file://./charts/connectors
|
||||
version: '>=0.1.2 <1.0'
|
||||
description: Redpanda is the real-time engine for modern apps.
|
||||
digest: 9f460accceca9c0575c72087201a449b4d7b74eaba614f2126763c4668962553
|
||||
icon: https://images.ctfassets.net/paqvtpyf8rwu/3cYHw5UzhXCbKuR24GDFGO/73fb682e6157d11c10d5b2b5da1d5af0/skate-stand-panda.svg
|
||||
kubeVersion: '>=1.21-0'
|
||||
maintainers:
|
||||
- name: redpanda-data
|
||||
url: https://github.com/orgs/redpanda-data/people
|
||||
name: redpanda
|
||||
sources:
|
||||
- https://github.com/redpanda-data/helm-charts
|
||||
type: application
|
||||
urls:
|
||||
- assets/redpanda/redpanda-5.1.7.tgz
|
||||
version: 5.1.7
|
||||
- annotations:
|
||||
artifacthub.io/images: |
|
||||
- name: redpanda
|
||||
|
|
Loading…
Reference in New Issue