assets and chart dir for update of TVK v2.1.0

pull/126/head
root 2021-07-28 10:49:39 +00:00
parent be0457ec79
commit fce486dc92
20 changed files with 1374 additions and 0 deletions

View File

@ -0,0 +1,23 @@
# Patterns to ignore when building packages.
# This supports shell glob matching, relative path matching, and
# negation (prefixed with !). Only one pattern per line.
.DS_Store
# Common VCS dirs
.git/
.gitignore
.bzr/
.bzrignore
.hg/
.hgignore
.svn/
# Common backup files
*.swp
*.bak
*.tmp
*~
# Various IDEs
.project
.idea/
*.tmproj
# Helm files
OWNERS

View File

@ -0,0 +1,17 @@
annotations:
catalog.cattle.io/certified: partner
catalog.cattle.io/display-name: TrilioVault for Kubernetes Operator
catalog.cattle.io/release-name: k8s-triliovault-operator
apiVersion: v1
appVersion: v2.1.0
description: K8s-TrilioVault-Operator is an operator designed to manage the K8s-TrilioVault
Application Lifecycle.
home: https://github.com/trilioData/k8s-triliovault-operator
icon: https://www.trilio.io/wp-content/uploads/2021/01/Trilio-2020-logo-RGB-gray-green.png
maintainers:
- email: prafull.ladha@trilio.io
name: prafull11
name: k8s-triliovault-operator
sources:
- https://github.com/trilioData/k8s-triliovault-operator
version: 2.1.0+upv2.1.0

View File

@ -0,0 +1 @@
# Placeholder for the License if we decide to provide one

View File

@ -0,0 +1,41 @@
# K8s-TrilioVault-Operator
This operator is to manage the lifecycle of TrilioVault Backup/Recovery solution. This operator install, updates and manage the TrilioVault application.
## Introduction
## Prerequisites
- Kubernetes 1.13+
- Alpha feature gates should be enabled
- PV provisioner support
- CSI driver should be installed
## Installation
To install the chart with the operator name `trilio`:
```bash
# For helm version 2
helm install --name trilio k8s-triliovault-operator
# For helm version 3
helm install --name-template trilio k8s-triliovault-operator
```
The command deploys the K8s-triliovault-operator with the default configuration.
## Uninstall
To uninstall/delete the chart `trilio` :
```bash
# For helm version 2
helm delete trilio --purge
# For helm version 3
helm uninstall trilio
```
## Configuration
TODO: Add possible configuration in helm chart.

View File

@ -0,0 +1,37 @@
# TrilioVault for Kubernetes
[K8s-TrilioVault-Operator](https://trilio.io) is an operator designed to manage
the K8s-TrilioVault Application Lifecycle.
This operator is to manage the lifecycle of TrilioVault Backup/Recovery solution. This operator install, updates and manage the TrilioVault application.
Introduction:
Prerequisites:
Kubernetes 1.17+
Alpha feature gates should be enabled
PV provisioner support
CSI driver should be installed
Installation:
To install the chart with the operator name trilio:
helm install k8s-triliovault-operator triliovault-operator/k8s-triliovault-operator
# For helm version 3
helm install triliovault-operator triliovault-operator/k8s-triliovault-operator
The command deploys the Triliovault for Kubernetes Operator with the default configuration.
Uninstall:
To uninstall/delete the chart trilio :
# For helm version 3
helm uninstall k8s-triliovault-operator
For more information around TVM manager installation, please follow below link:
https://docs.trilio.io/kubernetes/use-triliovault/installing-triliovault

View File

@ -0,0 +1,826 @@
---
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.3.0
creationTimestamp: null
name: triliovaultmanagers.triliovault.trilio.io
spec:
additionalPrinterColumns:
- JSONPath: .spec.trilioVaultAppVersion
name: TrilioVault-Version
type: string
- JSONPath: .spec.applicationScope
name: Scope
type: string
- JSONPath: .status.conditions.type
name: Status
type: string
- JSONPath: .spec.restoreNamespaces
name: Restore-Namespaces
type: string
group: triliovault.trilio.io
names:
kind: TrilioVaultManager
listKind: TrilioVaultManagerList
plural: triliovaultmanagers
shortNames:
- tvm
singular: triliovaultmanager
scope: Namespaced
subresources:
status: {}
validation:
openAPIV3Schema:
description: TrilioVaultManager is the Schema for the triliovaultmanagers API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: TrilioVaultManagerSpec defines the desired state of TrilioVaultManager
properties:
affinity:
description: The scheduling constraints on application pods.
properties:
nodeAffinity:
description: Describes node affinity scheduling rules for the pod.
properties:
preferredDuringSchedulingIgnoredDuringExecution:
description: The scheduler will prefer to schedule pods to nodes
that satisfy the affinity expressions specified by this field,
but it may choose a node that violates one or more of the
expressions. The node that is most preferred is the one with
the greatest sum of weights, i.e. for each node that meets
all of the scheduling requirements (resource request, requiredDuringScheduling
affinity expressions, etc.), compute a sum by iterating through
the elements of this field and adding "weight" to the sum
if the node matches the corresponding matchExpressions; the
node(s) with the highest sum are the most preferred.
items:
description: An empty preferred scheduling term matches all
objects with implicit weight 0 (i.e. it's a no-op). A null
preferred scheduling term matches no objects (i.e. is also
a no-op).
properties:
preference:
description: A node selector term, associated with the
corresponding weight.
properties:
matchExpressions:
description: A list of node selector requirements
by node's labels.
items:
description: A node selector requirement is a selector
that contains values, a key, and an operator that
relates the key and values.
properties:
key:
description: The label key that the selector
applies to.
type: string
operator:
description: Represents a key's relationship
to a set of values. Valid operators are In,
NotIn, Exists, DoesNotExist. Gt, and Lt.
type: string
values:
description: An array of string values. If the
operator is In or NotIn, the values array
must be non-empty. If the operator is Exists
or DoesNotExist, the values array must be
empty. If the operator is Gt or Lt, the values
array must have a single element, which will
be interpreted as an integer. This array is
replaced during a strategic merge patch.
items:
type: string
type: array
required:
- key
- operator
type: object
type: array
matchFields:
description: A list of node selector requirements
by node's fields.
items:
description: A node selector requirement is a selector
that contains values, a key, and an operator that
relates the key and values.
properties:
key:
description: The label key that the selector
applies to.
type: string
operator:
description: Represents a key's relationship
to a set of values. Valid operators are In,
NotIn, Exists, DoesNotExist. Gt, and Lt.
type: string
values:
description: An array of string values. If the
operator is In or NotIn, the values array
must be non-empty. If the operator is Exists
or DoesNotExist, the values array must be
empty. If the operator is Gt or Lt, the values
array must have a single element, which will
be interpreted as an integer. This array is
replaced during a strategic merge patch.
items:
type: string
type: array
required:
- key
- operator
type: object
type: array
type: object
weight:
description: Weight associated with matching the corresponding
nodeSelectorTerm, in the range 1-100.
format: int32
type: integer
required:
- preference
- weight
type: object
type: array
requiredDuringSchedulingIgnoredDuringExecution:
description: If the affinity requirements specified by this
field are not met at scheduling time, the pod will not be
scheduled onto the node. If the affinity requirements specified
by this field cease to be met at some point during pod execution
(e.g. due to an update), the system may or may not try to
eventually evict the pod from its node.
properties:
nodeSelectorTerms:
description: Required. A list of node selector terms. The
terms are ORed.
items:
description: A null or empty node selector term matches
no objects. The requirements of them are ANDed. The
TopologySelectorTerm type implements a subset of the
NodeSelectorTerm.
properties:
matchExpressions:
description: A list of node selector requirements
by node's labels.
items:
description: A node selector requirement is a selector
that contains values, a key, and an operator that
relates the key and values.
properties:
key:
description: The label key that the selector
applies to.
type: string
operator:
description: Represents a key's relationship
to a set of values. Valid operators are In,
NotIn, Exists, DoesNotExist. Gt, and Lt.
type: string
values:
description: An array of string values. If the
operator is In or NotIn, the values array
must be non-empty. If the operator is Exists
or DoesNotExist, the values array must be
empty. If the operator is Gt or Lt, the values
array must have a single element, which will
be interpreted as an integer. This array is
replaced during a strategic merge patch.
items:
type: string
type: array
required:
- key
- operator
type: object
type: array
matchFields:
description: A list of node selector requirements
by node's fields.
items:
description: A node selector requirement is a selector
that contains values, a key, and an operator that
relates the key and values.
properties:
key:
description: The label key that the selector
applies to.
type: string
operator:
description: Represents a key's relationship
to a set of values. Valid operators are In,
NotIn, Exists, DoesNotExist. Gt, and Lt.
type: string
values:
description: An array of string values. If the
operator is In or NotIn, the values array
must be non-empty. If the operator is Exists
or DoesNotExist, the values array must be
empty. If the operator is Gt or Lt, the values
array must have a single element, which will
be interpreted as an integer. This array is
replaced during a strategic merge patch.
items:
type: string
type: array
required:
- key
- operator
type: object
type: array
type: object
type: array
required:
- nodeSelectorTerms
type: object
type: object
podAffinity:
description: Describes pod affinity scheduling rules (e.g. co-locate
this pod in the same node, zone, etc. as some other pod(s)).
properties:
preferredDuringSchedulingIgnoredDuringExecution:
description: The scheduler will prefer to schedule pods to nodes
that satisfy the affinity expressions specified by this field,
but it may choose a node that violates one or more of the
expressions. The node that is most preferred is the one with
the greatest sum of weights, i.e. for each node that meets
all of the scheduling requirements (resource request, requiredDuringScheduling
affinity expressions, etc.), compute a sum by iterating through
the elements of this field and adding "weight" to the sum
if the node has pods which matches the corresponding podAffinityTerm;
the node(s) with the highest sum are the most preferred.
items:
description: The weights of all of the matched WeightedPodAffinityTerm
fields are added per-node to find the most preferred node(s)
properties:
podAffinityTerm:
description: Required. A pod affinity term, associated
with the corresponding weight.
properties:
labelSelector:
description: A label query over a set of resources,
in this case pods.
properties:
matchExpressions:
description: matchExpressions is a list of label
selector requirements. The requirements are
ANDed.
items:
description: A label selector requirement is
a selector that contains values, a key, and
an operator that relates the key and values.
properties:
key:
description: key is the label key that the
selector applies to.
type: string
operator:
description: operator represents a key's
relationship to a set of values. Valid
operators are In, NotIn, Exists and DoesNotExist.
type: string
values:
description: values is an array of string
values. If the operator is In or NotIn,
the values array must be non-empty. If
the operator is Exists or DoesNotExist,
the values array must be empty. This array
is replaced during a strategic merge patch.
items:
type: string
type: array
required:
- key
- operator
type: object
type: array
matchLabels:
additionalProperties:
type: string
description: matchLabels is a map of {key,value}
pairs. A single {key,value} in the matchLabels
map is equivalent to an element of matchExpressions,
whose key field is "key", the operator is "In",
and the values array contains only "value".
The requirements are ANDed.
type: object
type: object
namespaces:
description: namespaces specifies which namespaces
the labelSelector applies to (matches against);
null or empty list means "this pod's namespace"
items:
type: string
type: array
topologyKey:
description: This pod should be co-located (affinity)
or not co-located (anti-affinity) with the pods
matching the labelSelector in the specified namespaces,
where co-located is defined as running on a node
whose value of the label with key topologyKey matches
that of any node on which any of the selected pods
is running. Empty topologyKey is not allowed.
type: string
required:
- topologyKey
type: object
weight:
description: weight associated with matching the corresponding
podAffinityTerm, in the range 1-100.
format: int32
type: integer
required:
- podAffinityTerm
- weight
type: object
type: array
requiredDuringSchedulingIgnoredDuringExecution:
description: If the affinity requirements specified by this
field are not met at scheduling time, the pod will not be
scheduled onto the node. If the affinity requirements specified
by this field cease to be met at some point during pod execution
(e.g. due to a pod label update), the system may or may not
try to eventually evict the pod from its node. When there
are multiple elements, the lists of nodes corresponding to
each podAffinityTerm are intersected, i.e. all terms must
be satisfied.
items:
description: Defines a set of pods (namely those matching
the labelSelector relative to the given namespace(s)) that
this pod should be co-located (affinity) or not co-located
(anti-affinity) with, where co-located is defined as running
on a node whose value of the label with key <topologyKey>
matches that of any node on which a pod of the set of pods
is running
properties:
labelSelector:
description: A label query over a set of resources, in
this case pods.
properties:
matchExpressions:
description: matchExpressions is a list of label selector
requirements. The requirements are ANDed.
items:
description: A label selector requirement is a selector
that contains values, a key, and an operator that
relates the key and values.
properties:
key:
description: key is the label key that the selector
applies to.
type: string
operator:
description: operator represents a key's relationship
to a set of values. Valid operators are In,
NotIn, Exists and DoesNotExist.
type: string
values:
description: values is an array of string values.
If the operator is In or NotIn, the values
array must be non-empty. If the operator is
Exists or DoesNotExist, the values array must
be empty. This array is replaced during a
strategic merge patch.
items:
type: string
type: array
required:
- key
- operator
type: object
type: array
matchLabels:
additionalProperties:
type: string
description: matchLabels is a map of {key,value} pairs.
A single {key,value} in the matchLabels map is equivalent
to an element of matchExpressions, whose key field
is "key", the operator is "In", and the values array
contains only "value". The requirements are ANDed.
type: object
type: object
namespaces:
description: namespaces specifies which namespaces the
labelSelector applies to (matches against); null or
empty list means "this pod's namespace"
items:
type: string
type: array
topologyKey:
description: This pod should be co-located (affinity)
or not co-located (anti-affinity) with the pods matching
the labelSelector in the specified namespaces, where
co-located is defined as running on a node whose value
of the label with key topologyKey matches that of any
node on which any of the selected pods is running. Empty
topologyKey is not allowed.
type: string
required:
- topologyKey
type: object
type: array
type: object
podAntiAffinity:
description: Describes pod anti-affinity scheduling rules (e.g.
avoid putting this pod in the same node, zone, etc. as some other
pod(s)).
properties:
preferredDuringSchedulingIgnoredDuringExecution:
description: The scheduler will prefer to schedule pods to nodes
that satisfy the anti-affinity expressions specified by this
field, but it may choose a node that violates one or more
of the expressions. The node that is most preferred is the
one with the greatest sum of weights, i.e. for each node that
meets all of the scheduling requirements (resource request,
requiredDuringScheduling anti-affinity expressions, etc.),
compute a sum by iterating through the elements of this field
and adding "weight" to the sum if the node has pods which
matches the corresponding podAffinityTerm; the node(s) with
the highest sum are the most preferred.
items:
description: The weights of all of the matched WeightedPodAffinityTerm
fields are added per-node to find the most preferred node(s)
properties:
podAffinityTerm:
description: Required. A pod affinity term, associated
with the corresponding weight.
properties:
labelSelector:
description: A label query over a set of resources,
in this case pods.
properties:
matchExpressions:
description: matchExpressions is a list of label
selector requirements. The requirements are
ANDed.
items:
description: A label selector requirement is
a selector that contains values, a key, and
an operator that relates the key and values.
properties:
key:
description: key is the label key that the
selector applies to.
type: string
operator:
description: operator represents a key's
relationship to a set of values. Valid
operators are In, NotIn, Exists and DoesNotExist.
type: string
values:
description: values is an array of string
values. If the operator is In or NotIn,
the values array must be non-empty. If
the operator is Exists or DoesNotExist,
the values array must be empty. This array
is replaced during a strategic merge patch.
items:
type: string
type: array
required:
- key
- operator
type: object
type: array
matchLabels:
additionalProperties:
type: string
description: matchLabels is a map of {key,value}
pairs. A single {key,value} in the matchLabels
map is equivalent to an element of matchExpressions,
whose key field is "key", the operator is "In",
and the values array contains only "value".
The requirements are ANDed.
type: object
type: object
namespaces:
description: namespaces specifies which namespaces
the labelSelector applies to (matches against);
null or empty list means "this pod's namespace"
items:
type: string
type: array
topologyKey:
description: This pod should be co-located (affinity)
or not co-located (anti-affinity) with the pods
matching the labelSelector in the specified namespaces,
where co-located is defined as running on a node
whose value of the label with key topologyKey matches
that of any node on which any of the selected pods
is running. Empty topologyKey is not allowed.
type: string
required:
- topologyKey
type: object
weight:
description: weight associated with matching the corresponding
podAffinityTerm, in the range 1-100.
format: int32
type: integer
required:
- podAffinityTerm
- weight
type: object
type: array
requiredDuringSchedulingIgnoredDuringExecution:
description: If the anti-affinity requirements specified by
this field are not met at scheduling time, the pod will not
be scheduled onto the node. If the anti-affinity requirements
specified by this field cease to be met at some point during
pod execution (e.g. due to a pod label update), the system
may or may not try to eventually evict the pod from its node.
When there are multiple elements, the lists of nodes corresponding
to each podAffinityTerm are intersected, i.e. all terms must
be satisfied.
items:
description: Defines a set of pods (namely those matching
the labelSelector relative to the given namespace(s)) that
this pod should be co-located (affinity) or not co-located
(anti-affinity) with, where co-located is defined as running
on a node whose value of the label with key <topologyKey>
matches that of any node on which a pod of the set of pods
is running
properties:
labelSelector:
description: A label query over a set of resources, in
this case pods.
properties:
matchExpressions:
description: matchExpressions is a list of label selector
requirements. The requirements are ANDed.
items:
description: A label selector requirement is a selector
that contains values, a key, and an operator that
relates the key and values.
properties:
key:
description: key is the label key that the selector
applies to.
type: string
operator:
description: operator represents a key's relationship
to a set of values. Valid operators are In,
NotIn, Exists and DoesNotExist.
type: string
values:
description: values is an array of string values.
If the operator is In or NotIn, the values
array must be non-empty. If the operator is
Exists or DoesNotExist, the values array must
be empty. This array is replaced during a
strategic merge patch.
items:
type: string
type: array
required:
- key
- operator
type: object
type: array
matchLabels:
additionalProperties:
type: string
description: matchLabels is a map of {key,value} pairs.
A single {key,value} in the matchLabels map is equivalent
to an element of matchExpressions, whose key field
is "key", the operator is "In", and the values array
contains only "value". The requirements are ANDed.
type: object
type: object
namespaces:
description: namespaces specifies which namespaces the
labelSelector applies to (matches against); null or
empty list means "this pod's namespace"
items:
type: string
type: array
topologyKey:
description: This pod should be co-located (affinity)
or not co-located (anti-affinity) with the pods matching
the labelSelector in the specified namespaces, where
co-located is defined as running on a node whose value
of the label with key topologyKey matches that of any
node on which any of the selected pods is running. Empty
topologyKey is not allowed.
type: string
required:
- topologyKey
type: object
type: array
type: object
type: object
applicationScope:
description: Scope for the application which will be installed in the
cluster NamespaceScope or ClusterScope
enum:
- Cluster
- Namespaced
type: string
dataJobLimits:
additionalProperties:
anyOf:
- type: integer
- type: string
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
description: DataJobLimits are the resource limits for all the data
processing jobs.
type: object
deploymentLimits:
additionalProperties:
anyOf:
- type: integer
- type: string
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
description: DeploymentLimits are the resource limits for all the deployments.
type: object
helmValues:
description: HelmValues holds all the additional fields in the values.yaml
of TVK helm chart.
type: object
helmVersion:
description: 'Deprecated: Helm Version'
properties:
tillerNamespace:
type: string
version:
enum:
- v3
type: string
required:
- version
type: object
metadataJobLimits:
additionalProperties:
anyOf:
- type: integer
- type: string
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
description: MetadataJobLimits are the resource limits for all the meta
processing jobs.
type: object
nodeSelector:
additionalProperties:
type: string
description: NodeSelector specifies a map of key-value pairs. For the
pod to be eligible to run on a node, the node must have each of the
indicated key-value pairs as labels.
type: object
resources:
description: 'Deprecated: Resources are the resource requirements for
the containers.'
properties:
limits:
additionalProperties:
anyOf:
- type: integer
- type: string
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
description: 'Limits describes the maximum amount of compute resources
allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
type: object
requests:
additionalProperties:
anyOf:
- type: integer
- type: string
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
description: 'Requests describes the minimum amount of compute resources
required. If Requests is omitted for a container, it defaults
to Limits if that is explicitly specified, otherwise to an implementation-defined
value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
type: object
type: object
restoreNamespaces:
description: 'Deprecated: RestoreNamespaces are the namespace where
you want to restore your applications. Restore Namespaces depends
on your k8s RBAC'
items:
type: string
type: array
tolerations:
description: The toleration of application against the specific taints
on the nodes
items:
description: The pod this Toleration is attached to tolerates any
taint that matches the triple <key,value,effect> using the matching
operator <operator>.
properties:
effect:
description: Effect indicates the taint effect to match. Empty
means match all taint effects. When specified, allowed values
are NoSchedule, PreferNoSchedule and NoExecute.
type: string
key:
description: Key is the taint key that the toleration applies
to. Empty means match all taint keys. If the key is empty, operator
must be Exists; this combination means to match all values and
all keys.
type: string
operator:
description: Operator represents a key's relationship to the value.
Valid operators are Exists and Equal. Defaults to Equal. Exists
is equivalent to wildcard for value, so that a pod can tolerate
all taints of a particular category.
type: string
tolerationSeconds:
description: TolerationSeconds represents the period of time the
toleration (which must be of effect NoExecute, otherwise this
field is ignored) tolerates the taint. By default, it is not
set, which means tolerate the taint forever (do not evict).
Zero and negative values will be treated as 0 (evict immediately)
by the system.
format: int64
type: integer
value:
description: Value is the taint value the toleration matches to.
If the operator is Exists, the value should be empty, otherwise
just a regular string.
type: string
type: object
type: array
trilioVaultAppVersion:
description: Helm Chart version
type: string
required:
- applicationScope
type: object
status:
description: TrilioVaultManagerStatus defines the observed state of TrilioVaultManager
properties:
conditions:
properties:
lastTransitionTime:
format: date-time
nullable: true
type: string
message:
minLength: 0
type: string
reason:
enum:
- InstallSuccessful
- UpdateSuccessful
- UninstallSuccessful
- InstallError
- UpdateError
- ReconcileError
- UninstallError
type: string
status:
enum:
- "True"
- "False"
- Unknown
type: string
type:
enum:
- Initialized
- Deployed
- Updated
- ReleaseFailed
- Irreconcilable
type: string
type: object
deployedRelease:
properties:
manifest:
type: string
name:
type: string
type: object
releaseVersion:
type: string
required:
- conditions
type: object
type: object
version: v1
versions:
- name: v1
served: true
storage: true
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []

View File

@ -0,0 +1,3 @@
To verify that TrilioVault Operator has started, run:
kubectl --namespace={{ .Release.Namespace }} get deployments -l "release={{ .Release.Name }}"

View File

@ -0,0 +1,33 @@
{{/*
Expand the name of the chart.
*/}}
{{- define "k8s-triliovault-operator.name" -}}
{{- default .Release.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{/*
Create a default fully qualified app name.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
*/}}
{{- define "k8s-triliovault-operator.fullname" -}}
{{- if .Values.fullnameOverride -}}
{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
{{- else -}}
{{- $name := default .Chart.Name .Values.nameOverride -}}
{{- if contains $name .Release.Name -}}
{{- .Release.Name | trunc 63 | trimSuffix "-" -}}
{{- else -}}
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{- end -}}
{{- end -}}
{{/*
Return the proper TrilioVault Operator image name
*/}}
{{- define "k8s-triliovault-operator.image" -}}
{{- $registryName := .Values.image.registry -}}
{{- $repositoryName := .Values.image.repository -}}
{{- $tag := .Values.image.tag | toString -}}
{{- printf "%s/%s:%s" $registryName $repositoryName $tag -}}
{{- end -}}

View File

@ -0,0 +1,106 @@
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: {{template "k8s-triliovault-operator.name" .}}-{{.Release.Namespace}}-manager-role
rules:
- apiGroups:
- '*'
resources:
- '*'
verbs:
- get
- list
- watch
- apiGroups:
- apiextensions.k8s.io
resources:
- customresourcedefinitions
verbs:
- create
- update
- delete
- patch
- apiGroups:
- ""
resources:
- serviceaccounts
- services
- services/finalizers
- secrets
- events
- pods
- endpoints
- configmaps
verbs:
- create
- update
- delete
- patch
- apiGroups:
- admissionregistration.k8s.io
resources:
- validatingwebhookconfigurations
- mutatingwebhookconfigurations
verbs:
- create
- update
- delete
- patch
- apiGroups:
- apps
resources:
- deployments
verbs:
- create
- update
- delete
- patch
- apiGroups:
- rbac.authorization.k8s.io
resources:
- clusterroles
- clusterrolebindings
- roles
- rolebindings
verbs:
- create
- update
- delete
- patch
- bind
- escalate
- apiGroups:
- triliovault.trilio.io
resources:
- '*'
verbs:
- '*'
- apiGroups:
- ""
resources:
- namespaces
verbs:
- update
- apiGroups:
- batch
resources:
- cronjobs
verbs:
- delete
- apiGroups:
- policy
resources:
- poddisruptionbudgets
verbs:
- create
- update
- patch
- delete
- apiGroups:
- networking.k8s.io
resources:
- ingresses
- ingressclasses
verbs:
- delete

View File

@ -0,0 +1,12 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: {{ template "k8s-triliovault-operator.name" . }}-{{ .Release.Namespace }}-manager-rolebinding
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: {{ template "k8s-triliovault-operator.name" . }}-{{ .Release.Namespace }}-manager-role
subjects:
- kind: ServiceAccount
name: k8s-triliovault-operator
namespace: {{ .Release.Namespace }}

View File

@ -0,0 +1,110 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ template "k8s-triliovault-operator.fullname" . }}
namespace: {{ .Release.Namespace }}
labels:
app: k8s-triliovault-operator
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
release: "{{ .Release.Name }}"
heritage: "{{ .Release.Service }}"
spec:
selector:
matchLabels:
app: {{ template "k8s-triliovault-operator.fullname" . }}
release: "{{ .Release.Name }}"
replicas: {{ .Values.replicaCount }}
template:
metadata:
labels:
app: {{ template "k8s-triliovault-operator.fullname" . }}
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
release: "{{ .Release.Name }}"
heritage: "{{ .Release.Service }}"
spec:
containers:
- name: k8s-triliovault-operator
image: {{ .Values.registry }}/{{ index .Values "k8s-triliovault-operator" "repository" }}:{{ .Values.tag }}
imagePullPolicy: {{ .Values.image.pullPolicy | quote }}
env:
- name: TVK_ENV
value: {{ .Values.tvkEnv }}
- name: TVK_HELM_REPO
value: {{ .Values.tvkHelmRepo }}
- name: REGISTRY
value: {{ .Values.registry }}
- name: ADMISSION_MUTATION_CONFIG
value: {{ template "k8s-triliovault-operator.name" . }}-mutating-webhook-configuration
- name: ADMISSION_VALIDATION_CONFIG
value: {{ template "k8s-triliovault-operator.name" . }}-validating-webhook-configuration
- name: NAMESPACE_VALIDATION_CONFIG
value: {{ template "k8s-triliovault-operator.name" . }}-ns-validating-webhook-configuration
volumeMounts:
{{- if .Values.tls.enable }}
- name: helm-tls-certs
mountPath: /root/.helm
readOnly: true
{{- if .Values.tls.verify }}
- name: helm-tls-ca
mountPath: /root/.helm/ca.crt
readOnly: true
{{- end }}
{{- end }}
- mountPath: /tmp/k8s-webhook-server/serving-certs
name: webhook-certs
readOnly: true
resources:
limits:
cpu: 200m
memory: 512Mi
requests:
cpu: 10m
memory: 10Mi
initContainers:
- name: webhook-init
image: {{ .Values.registry }}/{{ index .Values "operator-webhook-init" "repository" }}:{{ .Values.tag }}
imagePullPolicy: {{ .Values.image.pullPolicy | quote }}
env:
- name: TVK_ENV
value: {{ .Values.tvkEnv }}
- name: TVK_HELM_REPO
value: {{ .Values.tvkHelmRepo }}
- name: RELEASE_VERSION
value: {{ .Chart.Version }}
- name: ADMISSION_MUTATION_CONFIG
value: {{ template "k8s-triliovault-operator.name" . }}-mutating-webhook-configuration
- name: ADMISSION_VALIDATION_CONFIG
value: {{ template "k8s-triliovault-operator.name" . }}-validating-webhook-configuration
- name: NAMESPACE_VALIDATION_CONFIG
value: {{ template "k8s-triliovault-operator.name" . }}-ns-validating-webhook-configuration
- name: WEBHOOK_SERVICE
value: {{ template "k8s-triliovault-operator.fullname" . }}-webhook-service
- name: WEBHOOK_NAMESPACE
value: {{ .Release.Namespace }}
- name: SECRET_NAME
value: {{ template "k8s-triliovault-operator.fullname" . }}-webhook-certs
serviceAccountName: k8s-triliovault-operator
{{- if .Values.nodeSelector }}
nodeSelector: {{- .Values.nodeSelector | toYaml | nindent 8 }}
{{- end }}
{{- if .Values.affinity }}
affinity:
{{- toYaml .Values.affinity | nindent 8 }}
{{- end }}
volumes:
{{- if .Values.tls.enable }}
- name: helm-tls-certs
secret:
secretName: {{ .Values.tls.secretName }}
defaultMode: 0400
{{- if .Values.tls.verify }}
- name: helm-tls-ca
configMap:
name: {{ template "helm-operator.fullname" . }}-helm-tls-ca-config
defaultMode: 0600
{{- end }}
{{- end }}
- name: webhook-certs
secret:
defaultMode: 420
secretName: {{ template "k8s-triliovault-operator.fullname" . }}-webhook-certs

View File

@ -0,0 +1,24 @@
apiVersion: admissionregistration.k8s.io/v1beta1
kind: MutatingWebhookConfiguration
metadata:
name: {{ template "k8s-triliovault-operator.name" . }}-mutating-webhook-configuration
webhooks:
- clientConfig:
caBundle: Cg==
service:
name: {{ template "k8s-triliovault-operator.fullname" . }}-webhook-service
namespace: {{ .Release.Namespace }}
path: /mutate-triliovault-trilio-io-v1-triliovaultmanager
failurePolicy: Fail
name: v1-tvm-mutation.trilio.io
rules:
- apiGroups:
- triliovault.trilio.io
apiVersions:
- v1
operations:
- CREATE
- UPDATE
resources:
- triliovaultmanagers
sideEffects: None

View File

@ -0,0 +1,30 @@
apiVersion: admissionregistration.k8s.io/v1beta1
kind: ValidatingWebhookConfiguration
metadata:
name: {{ template "k8s-triliovault-operator.name" . }}-ns-validating-webhook-configuration
webhooks:
- clientConfig:
caBundle: Cg==
service:
name: {{ template "k8s-triliovault-operator.fullname" . }}-webhook-service
namespace: {{ .Release.Namespace }}
path: /validate-core-v1-namespace
failurePolicy: Fail
name: v1-tvm-ns-validation.trilio.io
namespaceSelector:
matchExpressions:
- key: trilio-operator-label
operator: In
values:
- {{ .Release.Namespace }}
rules:
- apiGroups:
- ""
apiVersions:
- v1
operations:
- DELETE
resources:
- namespaces
scope: '*'
sideEffects: None

View File

@ -0,0 +1,6 @@
apiVersion: v1
kind: Secret
metadata:
name: {{ template "k8s-triliovault-operator.fullname" . }}-webhook-certs
namespace: {{ .Release.Namespace }}
type: Opaque

View File

@ -0,0 +1,10 @@
apiVersion: v1
kind: ServiceAccount
metadata:
name: k8s-triliovault-operator
namespace: {{ .Release.Namespace }}
labels:
app: k8s-triliovault-operator
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
release: "{{ .Release.Name }}"
heritage: "{{ .Release.Service }}"

View File

@ -0,0 +1,24 @@
apiVersion: admissionregistration.k8s.io/v1beta1
kind: ValidatingWebhookConfiguration
metadata:
name: {{ template "k8s-triliovault-operator.name" . }}-validating-webhook-configuration
webhooks:
- clientConfig:
caBundle: Cg==
service:
name: {{ template "k8s-triliovault-operator.fullname" . }}-webhook-service
namespace: {{ .Release.Namespace }}
path: /validate-triliovault-trilio-io-v1-triliovaultmanager
failurePolicy: Fail
name: v1-tvm-validation.trilio.io
rules:
- apiGroups:
- triliovault.trilio.io
apiVersions:
- v1
operations:
- CREATE
- UPDATE
resources:
- triliovaultmanagers
sideEffects: None

View File

@ -0,0 +1,15 @@
apiVersion: v1
kind: Service
metadata:
name: {{ template "k8s-triliovault-operator.fullname" . }}-webhook-service
namespace: {{ .Release.Namespace }}
labels:
app: {{ template "k8s-triliovault-operator.fullname" . }}
release: "{{ .Release.Name }}"
spec:
ports:
- port: 443
targetPort: 9443
selector:
app: {{ template "k8s-triliovault-operator.fullname" . }}
release: "{{ .Release.Name }}"

View File

@ -0,0 +1,35 @@
## TrilioVault Operator
registry: "eu.gcr.io/amazing-chalice-243510"
operator-webhook-init:
repository: operator-webhook-init
k8s-triliovault-operator:
repository: k8s-triliovault-operator
tag: "v2.1.0"
tvkHelmRepo: ""
affinity:
nodeAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
nodeSelectorTerms:
- matchExpressions:
- key: kubernetes.io/arch
operator: In
values:
- amd64
image:
pullPolicy: Always
tls:
secretName: "helm-client-certs"
verify: false
enable: false
keyFile: "tls.key"
certFile: "tls.crt"
caContent: ""
hostname: ""
nameOverride: ""

View File

@ -1192,6 +1192,27 @@ entries:
- assets/instana-agent/instana-agent-1.0.2900.tgz
version: 1.0.2900
k8s-triliovault-operator:
- annotations:
catalog.cattle.io/certified: partner
catalog.cattle.io/display-name: TrilioVault for Kubernetes Operator
catalog.cattle.io/release-name: k8s-triliovault-operator
apiVersion: v1
appVersion: v2.1.0
created: "2021-07-28T10:45:14.173230357Z"
description: K8s-TrilioVault-Operator is an operator designed to manage the K8s-TrilioVault
Application Lifecycle.
digest: cdd4aab1da804fa365e1bc667827919ac99fe408ee6f6a79a4f1c5f523bc5009
home: https://github.com/trilioData/k8s-triliovault-operator
icon: https://www.trilio.io/wp-content/uploads/2021/01/Trilio-2020-logo-RGB-gray-green.png
maintainers:
- email: prafull.ladha@trilio.io
name: prafull11
name: k8s-triliovault-operator
sources:
- https://github.com/trilioData/k8s-triliovault-operator
urls:
- assets/k8s-triliovault-operator/k8s-triliovault-operator-2.1.0+upv2.1.0.tgz
version: 2.1.0+upv2.1.0
- annotations:
catalog.cattle.io/certified: partner
catalog.cattle.io/display-name: TrilioVault for Kubernetes Operator