dprodanov/Factory
SHA256
1
0
Fork 0
forked from suse-edge/Factory
Code Pull Requests Activity

Import first batch of Edge 3.1 packages

Browse Source 
Signed-off-by: Nicolas Belouin <nicolas.belouin@suse.com>
This commit is contained in:
Nicolas Belouin
2024-10-17 14:11:42 +02:00
parent fdcd84b482
commit 18bd432874
107 changed files with 5810 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
akri-chart/Chart.yaml Normal file
View File

@@ -0,0 +1,11 @@
#!BuildTag: akri-chart:0.12.20
#!BuildTag: akri-chart:0.12.20-%RELEASE%
annotations:
catalog.cattle.io/display-name: Akri
apiVersion: v2
appVersion: 0.12.20
description: A Helm chart for Akri
icon: https://raw.githubusercontent.com/project-akri/akri-docs/main/art/icon/akri-icon-light.svg
name: akri
type: application
version: 0.12.20

8
akri-chart/_service Normal file
View File

@@ -0,0 +1,8 @@
<services>
<service mode="buildtime" name="kiwi_metainfo_helper"/>
<service name="replace_using_env" mode="buildtime">
<param name="file">values.yaml</param>
<param name="eval">IMG_REPO=$(rpm --macros=/root/.rpmmacros -E %img_repo)</param>
<param name="var">IMG_REPO</param>
</service>
</services>

5
akri-chart/app-readme.md Normal file
View File

@@ -0,0 +1,5 @@
WARNING: [TESTING]
Akri lets you easily expose heterogeneous leaf devices (such as IP cameras and USB devices) as resources in a Kubernetes cluster, while also supporting the exposure of embedded hardware resources such as GPUs and FPGAs. Akri continually detects nodes that have access to these devices and schedules workloads based on them.
Simply put: you name it, Akri finds it, you use it.

117
akri-chart/crds/akri-configuration-crd.yaml Normal file
View File

@@ -0,0 +1,117 @@
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
name: configurations.akri.sh
spec:
group: akri.sh
versions:
- name: v0
served: true
storage: true
schema:
openAPIV3Schema:
type: object
properties:
spec:
type: object
properties:
discoveryHandler: # {{DiscoveryHandlerInfo}}
type: object
properties:
name:
type: string
discoveryDetails:
type: string
discoveryProperties:
nullable: true
type: array
items: # {{DiscoveryProperty}}
type: object
required:
- name
properties:
name:
type: string
pattern: "^[_A-Za-z][_A-Za-z0-9]*$"
value:
type: string
nullable: true
valueFrom:
type: object
properties:
secretKeyRef:
type: object
required:
- name
properties:
key:
type: string
name:
type: string
namespace:
type: string
optional:
type: boolean
configMapKeyRef:
type: object
required:
- name
properties:
key:
type: string
name:
type: string
namespace:
type: string
optional:
type: boolean
oneOf:
- properties:
required: ["secretKeyRef"]
- properties:
required: ["configMapKeyRef"]
oneOf:
- properties:
required: ["value"]
- properties:
required: ["valueFrom"]
capacity:
type: integer
brokerSpec: # {{BrokerSpec}}
type: object
properties:
brokerJobSpec: # {{JobSpec}}
x-kubernetes-preserve-unknown-fields: true
type: object
nullable: true
brokerPodSpec: # {{PodSpec}}
x-kubernetes-preserve-unknown-fields: true
type: object
nullable: true
instanceServiceSpec: # {{ServiceSpec}}
x-kubernetes-preserve-unknown-fields: true
type: object
nullable: true
configurationServiceSpec: # {{ServiceSpec}}
x-kubernetes-preserve-unknown-fields: true
type: object
nullable: true
brokerProperties: # map<string, string>
additionalProperties:
type: string
type: object
additionalPrinterColumns:
- name: Capacity
type: string
description: The capacity for each Instance discovered
jsonPath: .spec.capacity
- name: Age
type: date
jsonPath: .metadata.creationTimestamp
scope: Namespaced
names:
plural: configurations
singular: configuration
kind: Configuration
shortNames:
- akric

56
akri-chart/crds/akri-instance-crd.yaml Normal file
View File

@@ -0,0 +1,56 @@
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
name: instances.akri.sh
spec:
group: akri.sh
versions:
- name: v0
served: true
storage: true
schema:
openAPIV3Schema:
type: object
properties:
spec:
type: object
properties:
configurationName:
type: string
brokerProperties:
additionalProperties:
type: string
type: object
shared:
type: boolean
nodes:
type: array
items:
type: string
deviceUsage: # map<string, string>
additionalProperties:
type: string
type: object
additionalPrinterColumns:
- name: Config
type: string
description: The Configuration this Instance belongs to
jsonPath: .spec.configurationName
- name: Shared
type: boolean
description: Describes whether this Instance is shared
jsonPath: .spec.shared
- name: Nodes
type: string
description: Nodes that expose this Instance
jsonPath: .spec.nodes
- name: Age
type: date
jsonPath: .metadata.creationTimestamp
scope: Namespaced
names:
plural: instances
singular: instance
kind: Instance
shortNames:
- akrii

121
akri-chart/questions.yml Normal file
View File

@@ -0,0 +1,121 @@
questions:
- variable: kubernetesDistro
default: "k8s"
label: Kubernetes Distribution
description: Select Kubernetes distribution so Akri can determine where the container runtime socket lives.
type: enum
options:
- k8s
- microk8s
- k3s
- Other
group: General
- variable: agent.host.containerRuntimeSocket
label: Container Runtime Socket
description: Akri depends on crictl to track some Pod information. In order to use it, the Agent must know where the container runtime socket lives.
show_if: "kubernetesDistro=Other"
type: string
group: General
- variable: useDevelopmentContainers
label: Use development containers
description: When enabled the non-release (*-dev) image tags will be used by default. This can be overridden if the tag is explicitly specified.
type: boolean
group: General
- variable: _imageDetails
label: Customize agent and controller images
default: false
type: boolean
group: General
show_subquestion_if: true
subquestions:
- variable: agent.image.repository
label: Akri agent image repository
type: string
- variable: agent.image.tag
label: Akri agent image tag
description: Akri agent container tag. agent.yaml will default to v(AppVersion)[-dev] with `-dev` added if `Use development containers` is enabled.
type: string
- variable: agent.image.pullPolicy
label: Akri agent image pull policy
type: enum
options:
- "IfNotPresent"
- "Always"
- "Never"
- variable: controller.image.repository
label: Akri controller image repository
type: string
- variable: controller.image.tag
label: Akri controller image tag
description: Akri controller container tag. controller.yaml will default to v(AppVersion)[-dev] with `-dev` added if `Use development containers` is enabled.
type: string
- variable: controller.image.pullPolicy
label: Akri controller image pull policy
type: enum
options:
- "IfNotPresent"
- "Always"
- "Never"
- variable: onvif.discovery.enabled
label: Enable ONVIF Discovery Handler
description: ONVIF is a standard used by many IP cameras.
type: boolean
group: "Discovery Handlers"
show_subquestion_if: true
subquestions:
- variable: onvif.discovery.image.repository
label: ONVIF handler image repository
type: string
- variable: onvif.discovery.image.tag
label: Image tag
description: onvif-configuration.yaml will default to v(AppVersion)[-dev] with `-dev` added if `Use development containers` is enabled.
type: string
- variable: onvif.discovery.image.pullPolicy
label: Image pull policy
type: enum
options:
- "IfNotPresent"
- "Always"
- "Never"
- variable: opcua.discovery.enabled
label: Enable OPC UA Discovery Handler
description: OPC UA (Open Platform Communications Unified Architecture) is a communication protocol for industrial automation.
type: boolean
group: "Discovery Handlers"
show_subquestion_if: true
subquestions:
- variable: opcua.discovery.image.repository
label: OPC UA handler image repository
type: string
- variable: opcua.discovery.image.tag
label: Image tag
description: opcua-configuration.yaml will default to v(AppVersion)[-dev] with `-dev` added if `Use development containers` is enabled.
type: string
- variable: opcua.discovery.image.pullPolicy
label: Image pull policy
type: enum
options:
- "IfNotPresent"
- "Always"
- "Never"
- variable: udev.discovery.enabled
label: Enable Udev Discovery Handler
description: Udev is the device manager for Linux. It manages device nodes in the /dev directory, such as microphones, security chips, usb cameras, and so on. Udev can be used to find devices that are attached to or embedded in Linux nodes.
type: boolean
group: "Discovery Handlers"
show_subquestion_if: true
subquestions:
- variable: udev.discovery.image.repository
label: Udev handler image repository
type: string
- variable: udev.discovery.image.tag
label: Image tag
description: udev-configuration.yaml will default to v(AppVersion)[-dev] with `-dev` added if `Use development containers` is enabled.
type: string
- variable: udev.discovery.image.pullPolicy
label: Image pull policy
type: enum
options:
- "IfNotPresent"
- "Always"
- "Never"

6
akri-chart/templates/NOTES.txt Normal file
View File

@@ -0,0 +1,6 @@
1. Get the Akri Controller:
kubectl get -o wide pods | grep controller
2. Get the Akri Agent(s):
kubectl get -o wide pods | grep agent
3. Get the Akri Configuration(s):
kubectl get -o wide akric

63
akri-chart/templates/_helpers.tpl Normal file
View File

@@ -0,0 +1,63 @@
{{/* vim: set filetype=mustache: */}}
{{/*
Expand the name of the chart.
*/}}
{{- define "akri.name" -}}
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
{{- end }}
{{/*
Create a default fully qualified app name.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
If release name contains chart name it will be used as a full name.
*/}}
{{- define "akri.fullname" -}}
{{- if .Values.fullnameOverride }}
{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
{{- else }}
{{- $name := default .Chart.Name .Values.nameOverride }}
{{- if contains $name .Release.Name }}
{{- .Release.Name | trunc 63 | trimSuffix "-" }}
{{- else }}
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
{{- end }}
{{- end }}
{{- end }}
{{/*
Create chart name and version as used by the chart label.
*/}}
{{- define "akri.chart" -}}
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
{{- end }}
{{/*
Common labels
*/}}
{{- define "akri.labels" -}}
helm.sh/chart: {{ include "akri.chart" . }}
{{ include "akri.selectorLabels" . }}
{{- if .Chart.AppVersion }}
app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
{{- end }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
{{- end }}
{{/*
Selector labels
*/}}
{{- define "akri.selectorLabels" -}}
app.kubernetes.io/part-of: {{ include "akri.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
{{- end }}
{{/*
Create the name of the service account to use
*/}}
{{- define "akri.serviceAccountName" -}}
{{- if .Values.serviceAccount.create }}
{{- default (include "akri.fullname" .) .Values.serviceAccount.name }}
{{- else }}
{{- default "default" .Values.serviceAccount.name }}
{{- end }}
{{- end }}

129
akri-chart/templates/agent.yaml Normal file
View File

@@ -0,0 +1,129 @@
{{- if .Values.agent.enabled }}
apiVersion: apps/v1
kind: DaemonSet
metadata:
name: akri-agent-daemonset
labels: {{- include "akri.labels" . | nindent 4 }}
app.kubernetes.io/name: akri-agent
app.kubernetes.io/component: agent
spec:
selector:
matchLabels: {{- include "akri.selectorLabels" . | nindent 6 }}
app.kubernetes.io/name: akri-agent
template:
metadata:
labels: {{- include "akri.labels" . | nindent 8 }}
app.kubernetes.io/name: akri-agent
app.kubernetes.io/component: agent
spec:
nodeSelector:
"kubernetes.io/os": linux
{{- if .Values.agent.nodeSelectors }}
{{- toYaml .Values.agent.nodeSelectors | nindent 8 }}
{{- end }}
{{- if .Values.rbac.enabled }}
serviceAccountName: 'akri-agent-sa'
{{- end }}
containers:
- name: akri-agent
{{- $repository := .Values.agent.image.repository -}}
{{- if .Values.useDevelopmentContainers }}
{{- if .Values.useLatestContainers }}
image: {{ printf "%s:%s" $repository (default "latest-dev" .Values.agent.image.tag) | quote }}
{{- else }}
image: {{ printf "%s:%s" $repository (default (printf "v%s-dev" .Chart.AppVersion) .Values.agent.image.tag) | quote }}
{{- end }}
{{- else }}
{{- if .Values.useLatestContainers }}
image: {{ printf "%s:%s" $repository (default "latest" .Values.agent.image.tag) | quote }}
{{- else }}
image: {{ printf "%s:%s" $repository (default (printf "v%s" .Chart.AppVersion) .Values.agent.image.tag) | quote }}
{{- end }}
{{- end }}
{{- with .Values.agent.image.pullPolicy }}
imagePullPolicy: {{ . }}
{{- end }}
resources:
requests:
memory: {{ .Values.agent.resources.memoryRequest }}
cpu: {{ .Values.agent.resources.cpuRequest }}
limits:
memory: {{ .Values.agent.resources.memoryLimit }}
cpu: {{ .Values.agent.resources.cpuLimit }}
{{- if .Values.agent.securityContext }}
securityContext:
{{- toYaml .Values.agent.securityContext | nindent 10 }}
{{- else }}
securityContext:
privileged: true
{{- end}}
env:
{{- if .Values.agent.allowDebugEcho }}
- name: ENABLE_DEBUG_ECHO
value: "1"
{{- /* environment variable to tell the Agent's embedded debug echo Discovery Handler whether its instances are shared */}}
- name: DEBUG_ECHO_INSTANCES_SHARED
value: {{ .Values.debugEcho.configuration.shared | quote }}
{{- end }}
- name: HOST_CRICTL_PATH
value: /usr/bin/crictl
- name: HOST_RUNTIME_ENDPOINT
value: unix:///host/run/containerd/containerd.sock
- name: HOST_IMAGE_ENDPOINT
value: unix:///host/run/containerd/containerd.sock
- name: AGENT_NODE_NAME
valueFrom:
fieldRef:
fieldPath: spec.nodeName
- name: DISCOVERY_HANDLERS_DIRECTORY
value: /var/lib/akri
volumeMounts:
- name: discovery-handlers
mountPath: /var/lib/akri
- name: device-plugin
mountPath: /var/lib/kubelet/device-plugins
- name: var-run-dockershim
mountPath: /host/run/containerd/containerd.sock
{{- if .Values.agent.host.udev }}
- name: devices
mountPath: /run/udev
{{- end }}
{{- if .Values.prometheus.enabled }}
ports:
- name: {{ .Values.prometheus.portName | quote }}
containerPort: {{ .Values.prometheus.port }}
{{- end }}
{{- with .Values.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 8 }}
{{- end }}
volumes:
- name: discovery-handlers
hostPath:
path: {{ .Values.agent.host.discoveryHandlers }}
- name: device-plugin
hostPath:
path: "{{ .Values.agent.host.kubeletDevicePlugins }}"
- name: var-run-dockershim
hostPath:
{{- if ne "" .Values.agent.host.containerRuntimeSocket }}
path: {{.Values.agent.host.containerRuntimeSocket }}
{{- else if eq .Values.kubernetesDistro "microk8s" }}
path: "/var/snap/microk8s/common/run/containerd.sock"
{{- else if eq .Values.kubernetesDistro "k3s" }}
path: "/run/k3s/containerd/containerd.sock"
{{- else if eq .Values.kubernetesDistro "k8s" }}
path: "/run/containerd/containerd.sock"
{{- else }}
# Please set container runtime socket by either selecting the appropriate K8s distro `kubernetesDistro=<k8s|k3s|microk8s>`
# or setting `agent.host.containerRuntimeSocket=/container/runtime.sock`.
# See https://docs.akri.sh/user-guide/cluster-setup for more information.
# Using K8s default "/run/containerd/containerd.sock" for now.
path: "/run/containerd/containerd.sock"
{{- end }}
{{- if .Values.agent.host.udev }}
- name: devices
hostPath:
path: "{{ .Values.agent.host.udev }}"
{{- end }}
{{- end }}

75
akri-chart/templates/controller.yaml Normal file
View File

@@ -0,0 +1,75 @@
{{- if .Values.controller.enabled }}
apiVersion: apps/v1
kind: Deployment
metadata:
name: akri-controller-deployment
labels: {{- include "akri.labels" . | nindent 4 }}
app.kubernetes.io/name: akri-controller
app.kubernetes.io/component: controller
spec:
replicas: 1
selector:
matchLabels: {{- include "akri.selectorLabels" . | nindent 6 }}
app.kubernetes.io/name: akri-controller
template:
metadata:
labels: {{- include "akri.labels" . | nindent 8 }}
app.kubernetes.io/name: akri-controller
app.kubernetes.io/component: controller
spec:
{{- if .Values.rbac.enabled }}
serviceAccountName: 'akri-controller-sa'
{{- end }}
containers:
- name: akri-controller
{{- if .Values.useDevelopmentContainers }}
{{- if .Values.useLatestContainers }}
image: {{ printf "%s:%s" .Values.controller.image.repository (default "latest-dev" .Values.controller.image.tag) | quote }}
{{- else }}
image: {{ printf "%s:%s" .Values.controller.image.repository (default (printf "v%s-dev" .Chart.AppVersion) .Values.controller.image.tag) | quote }}
{{- end }}
{{- else }}
{{- if .Values.useLatestContainers }}
image: {{ printf "%s:%s" .Values.controller.image.repository (default "latest" .Values.controller.image.tag) | quote }}
{{- else }}
image: {{ printf "%s:%s" .Values.controller.image.repository (default (printf "v%s" .Chart.AppVersion) .Values.controller.image.tag) | quote }}
{{- end }}
{{- end }}
{{- with .Values.controller.image.pullPolicy }}
imagePullPolicy: {{ . }}
{{- end }}
{{- if .Values.controller.securityContext }}
securityContext:
{{- toYaml .Values.controller.securityContext | nindent 10 }}
{{- end}}
resources:
requests:
memory: {{ .Values.controller.resources.memoryRequest }}
cpu: {{ .Values.controller.resources.cpuRequest }}
limits:
memory: {{ .Values.controller.resources.memoryLimit }}
cpu: {{ .Values.controller.resources.cpuLimit }}
{{- if .Values.prometheus.enabled }}
ports:
- name: {{ .Values.prometheus.portName | quote }}
containerPort: {{ .Values.prometheus.port }}
{{- end }}
{{- with .Values.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- if .Values.controller.allowOnControlPlane }}
tolerations:
{{- /* Allow this pod to run on the master. */}}
- key: node-role.kubernetes.io/master
effect: NoSchedule
{{- end }}
nodeSelector:
{{- if .Values.controller.onlyOnControlPlane }}
node-role.kubernetes.io/master: ""
{{- end }}
"kubernetes.io/os": linux
{{- if .Values.controller.nodeSelectors }}
{{- toYaml .Values.controller.nodeSelectors | nindent 8 }}
{{- end }}
{{- end }}

148
akri-chart/templates/custom-configuration.yaml Normal file
View File

@@ -0,0 +1,148 @@
{{- if .Values.custom.configuration.enabled }}
apiVersion: {{ printf "%s/%s" .Values.crds.group .Values.crds.version }}
kind: Configuration
metadata:
name: {{ .Values.custom.configuration.name }}
spec:
discoveryHandler:
name: {{ required "A custom.configuration.discoveryHandlerName is required." .Values.custom.configuration.discoveryHandlerName }}
discoveryDetails: {{ .Values.custom.configuration.discoveryDetails | quote }}
{{- if or .Values.custom.configuration.brokerPod.image.repository .Values.custom.configuration.brokerJob.image.repository }}
{{- /* Only add brokerSpec if a broker image is provided */}}
brokerSpec:
{{- if .Values.custom.configuration.brokerPod.image.repository }}
brokerPodSpec:
containers:
- name: {{ .Values.custom.configuration.name }}-broker
image: {{ printf "%s:%s" .Values.custom.configuration.brokerPod.image.repository .Values.custom.configuration.brokerPod.image.tag | quote }}
{{- with .Values.custom.configuration.pullPolicy }}
imagePullPolicy: {{ . }}
{{- end }}
{{- if .Values.custom.configuration.brokerPod.env }}
env:
{{- range $key, $val := .Values.custom.configuration.brokerPod.env }}
- name: {{ $key }}
value: {{ $val | quote }}
{{- end }}
{{- end }}
{{- if .Values.custom.configuration.brokerPod.envFrom }}
envFrom:
{{- range $val := .Values.custom.configuration.brokerPod.envFrom.secretRef }}
- secretRef:
name: {{ $val | quote }}
{{- end }}
{{- range $val := .Values.custom.configuration.brokerPod.envFrom.configMapRef }}
- configMapRef:
name: {{ $val | quote }}
{{- end }}
{{- end }}
resources:
requests:
{{`"{{PLACEHOLDER}}"`}} : "1"
memory: {{ .Values.custom.configuration.brokerPod.resources.memoryRequest }}
cpu: {{ .Values.custom.configuration.brokerPod.resources.cpuRequest }}
limits:
{{`"{{PLACEHOLDER}}"`}} : "1"
memory: {{ .Values.custom.configuration.brokerPod.resources.memoryLimit }}
cpu: {{ .Values.custom.configuration.brokerPod.resources.cpuLimit }}
{{- with .Values.custom.configuration.brokerPod.volumeMounts}}
volumeMounts:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.custom.configuration.brokerPod.volumes}}
volumes:
{{- toYaml . | nindent 6 }}
{{- end }}
{{- with .Values.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 6 }}
{{- end }}
{{- else }}
brokerJobSpec:
template:
spec:
containers:
- name: {{ .Values.custom.configuration.name }}-broker
image: {{ printf "%s:%s" .Values.custom.configuration.brokerJob.image.repository .Values.custom.configuration.brokerPod.image.tag | quote }}
{{- if .Values.custom.configuration.brokerJob.command }}
command:
{{- toYaml .Values.custom.configuration.brokerJob.command | nindent 14 }}
{{- end }}
{{- with .Values.custom.configuration.pullPolicy }}
imagePullPolicy: {{ . }}
{{- end }}
{{- if .Values.custom.configuration.brokerJob.env }}
env:
{{- range $key, $val := .Values.custom.configuration.brokerJob.env }}
- name: {{ $key }}
value: {{ $val | quote }}
{{- end }}
{{- end }}
{{- if .Values.custom.configuration.brokerJob.envFrom }}
envFrom:
{{- range $val := .Values.custom.configuration.brokerJob.envFrom.secretRef }}
- secretRef:
name: {{ $val | quote }}
{{- end }}
{{- range $val := .Values.custom.configuration.brokerJob.envFrom.configMapRef }}
- configMapRef:
name: {{ $val | quote }}
{{- end }}
{{- end }}
resources:
requests:
{{`"{{PLACEHOLDER}}"`}} : "1"
memory: {{ .Values.custom.configuration.brokerJob.resources.memoryRequest }}
cpu: {{ .Values.custom.configuration.brokerJob.resources.cpuRequest }}
limits:
{{`"{{PLACEHOLDER}}"`}} : "1"
memory: {{ .Values.custom.configuration.brokerJob.resources.memoryLimit }}
cpu: {{ .Values.custom.configuration.brokerJob.resources.cpuLimit }}
{{- with .Values.custom.configuration.brokerJob.volumeMounts}}
volumeMounts:
{{- toYaml . | nindent 12 }}
{{- end }}
{{- with .Values.custom.configuration.brokerJob.volumes}}
volumes:
{{- toYaml . | nindent 10 }}
{{- end }}
restartPolicy: {{ .Values.custom.configuration.brokerJob.restartPolicy }}
{{- with .Values.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 10 }}
{{- end }}
backoffLimit: {{ .Values.custom.configuration.brokerJob.backoffLimit }}
parallelism: {{ .Values.custom.configuration.brokerJob.parallelism }}
completions: {{ .Values.custom.configuration.brokerJob.completions }}
{{- end }}
{{- end }}
{{- if .Values.custom.configuration.brokerPod.image.repository }}
{{- if .Values.custom.configuration.createInstanceServices }}
instanceServiceSpec:
type: {{ .Values.custom.configuration.instanceService.type }}
ports:
- name: {{ .Values.custom.configuration.instanceService.name }}
port: {{ .Values.custom.configuration.instanceService.port }}
protocol: {{ .Values.custom.configuration.instanceService.protocol }}
targetPort: {{ .Values.custom.configuration.instanceService.targetPort }}
{{- end }}
{{- if .Values.custom.configuration.createConfigurationService }}
configurationServiceSpec:
type: {{ .Values.custom.configuration.configurationService.type }}
ports:
- name: {{ .Values.custom.configuration.configurationService.name }}
port: {{ .Values.custom.configuration.configurationService.port }}
protocol: {{ .Values.custom.configuration.configurationService.protocol }}
targetPort: {{ .Values.custom.configuration.configurationService.port }}
{{- end }}
{{- end }}
{{- if .Values.custom.configuration.brokerProperties }}
brokerProperties:
{{- range $key, $val := .Values.custom.configuration.brokerProperties }}
{{- $key | nindent 4 }}: {{ $val | quote }}
{{- end }}
{{- else }}
brokerProperties: {}
{{- end }}
capacity: {{ .Values.custom.configuration.capacity }}
{{- end }}

66
akri-chart/templates/custom-discovery-handler.yaml Normal file
View File

@@ -0,0 +1,66 @@
{{- if .Values.custom.discovery.enabled }}
apiVersion: apps/v1
kind: DaemonSet
metadata:
name: {{ printf "%s-daemonset" .Values.custom.discovery.name }}
{{- if .Values.custom.discovery.discoveryHandlerName }}
annotations:
akri.sh/discoveryHandlerName: {{ .Values.custom.discovery.discoveryHandlerName }}
{{- end }}
labels: {{- include "akri.labels" . | nindent 4 }}
app.kubernetes.io/name: {{ .Values.custom.discovery.name }}
app.kubernetes.io/component: discovery-handler
spec:
selector:
matchLabels: {{- include "akri.selectorLabels" . | nindent 6 }}
app.kubernetes.io/name: {{ .Values.custom.discovery.name }}
template:
metadata:
labels: {{- include "akri.labels" . | nindent 8 }}
app.kubernetes.io/name: {{ .Values.custom.discovery.name }}
app.kubernetes.io/component: discovery-handler
spec:
containers:
- name: {{ .Values.custom.discovery.name }}
image: {{ printf "%s:%s" (required "A custom.discovery.image.repository is required." .Values.custom.discovery.image.repository) .Values.custom.discovery.image.tag | quote }}
{{- with .Values.custom.discovery.image.pullPolicy }}
imagePullPolicy: {{ . }}
{{- end}}
resources:
requests:
memory: {{ .Values.custom.discovery.resources.memoryRequest }}
cpu: {{ .Values.custom.discovery.resources.cpuRequest }}
limits:
memory: {{ .Values.custom.discovery.resources.memoryLimit }}
cpu: {{ .Values.custom.discovery.resources.cpuLimit }}
{{- if .Values.custom.discovery.useNetworkConnection }}
ports:
- name: discovery
containerPort: {{ .Values.custom.discovery.port }}
{{- end }}
env:
{{- if .Values.custom.discovery.useNetworkConnection }}
- name: POD_IP
valueFrom:
fieldRef:
fieldPath: status.podIP
{{- end }}
- name: DISCOVERY_HANDLERS_DIRECTORY
value: /var/lib/akri
volumeMounts:
- name: discovery-handlers
mountPath: /var/lib/akri
{{- with .Values.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 8 }}
{{- end }}
nodeSelector:
"kubernetes.io/os": linux
{{- if .Values.custom.discovery.nodeSelectors }}
{{- toYaml .Values.custom.discovery.nodeSelectors | nindent 8 }}
{{- end }}
volumes:
- name: discovery-handlers
hostPath:
path: {{ .Values.agent.host.discoveryHandlers }}
{{- end }}

154
akri-chart/templates/debug-echo-configuration.yaml Normal file
View File

@@ -0,0 +1,154 @@
{{- if .Values.debugEcho.configuration.enabled }}
apiVersion: {{ printf "%s/%s" .Values.crds.group .Values.crds.version }}
kind: Configuration
metadata:
name: {{ .Values.debugEcho.configuration.name }}
spec:
discoveryHandler:
name: debugEcho
discoveryDetails: |+
{{- if .Values.debugEcho.configuration.discoveryDetails.descriptions }}
descriptions:
{{- toYaml .Values.debugEcho.configuration.discoveryDetails.descriptions | nindent 6 }}
{{- else }}
descriptions: []
{{- end }}
{{- if or .Values.debugEcho.configuration.brokerPod.image.repository .Values.debugEcho.configuration.brokerJob.image.repository }}
{{- /* Only add brokerSpec if a broker image is provided */}}
brokerSpec:
{{- if .Values.debugEcho.configuration.brokerPod.image.repository }}
brokerPodSpec:
containers:
- name: {{ .Values.debugEcho.configuration.name }}-broker
image: {{ printf "%s:%s" .Values.debugEcho.configuration.brokerPod.image.repository .Values.debugEcho.configuration.brokerPod.image.tag | quote }}
{{- with .Values.debugEcho.configuration.pullPolicy }}
imagePullPolicy: {{ . }}
{{- end }}
{{- if .Values.debugEcho.configuration.brokerPod.env }}
env:
{{- range $key, $val := .Values.debugEcho.configuration.brokerPod.env }}
- name: {{ $key }}
value: {{ $val | quote }}
{{- end }}
{{- end }}
{{- if .Values.debugEcho.configuration.brokerPod.envFrom }}
envFrom:
{{- range $val := .Values.debugEcho.configuration.brokerPod.envFrom.secretRef }}
- secretRef:
name: {{ $val | quote }}
{{- end }}
{{- range $val := .Values.debugEcho.configuration.brokerPod.envFrom.configMapRef }}
- configMapRef:
name: {{ $val | quote }}
{{- end }}
{{- end }}
resources:
requests:
{{`"{{PLACEHOLDER}}"`}} : "1"
memory: {{ .Values.debugEcho.configuration.brokerPod.resources.memoryRequest }}
cpu: {{ .Values.debugEcho.configuration.brokerPod.resources.cpuRequest }}
limits:
{{`"{{PLACEHOLDER}}"`}} : "1"
memory: {{ .Values.debugEcho.configuration.brokerPod.resources.memoryLimit }}
cpu: {{ .Values.debugEcho.configuration.brokerPod.resources.cpuLimit }}
{{- with .Values.debugEcho.configuration.brokerPod.volumeMounts}}
volumeMounts:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.debugEcho.configuration.brokerPod.volumes}}
volumes:
{{- toYaml . | nindent 6 }}
{{- end }}
{{- with .Values.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 6 }}
{{- end }}
{{- else }}
brokerJobSpec:
template:
spec:
containers:
- name: {{ .Values.debugEcho.configuration.name }}-broker
image: {{ printf "%s:%s" .Values.debugEcho.configuration.brokerJob.image.repository .Values.debugEcho.configuration.brokerPod.image.tag | quote }}
{{- if .Values.debugEcho.configuration.brokerJob.command }}
command:
{{- toYaml .Values.debugEcho.configuration.brokerJob.command | nindent 14 }}
{{- end }}
{{- with .Values.debugEcho.configuration.pullPolicy }}
imagePullPolicy: {{ . }}
{{- end }}
{{- if .Values.debugEcho.configuration.brokerJob.env }}
env:
{{- range $key, $val := .Values.debugEcho.configuration.brokerJob.env }}
- name: {{ $key }}
value: {{ $val | quote }}
{{- end }}
{{- end }}
{{- if .Values.debugEcho.configuration.brokerJob.envFrom }}
envFrom:
{{- range $val := .Values.debugEcho.configuration.brokerJob.envFrom.secretRef }}
- secretRef:
name: {{ $val | quote }}
{{- end }}
{{- range $val := .Values.debugEcho.configuration.brokerJob.envFrom.configMapRef }}
- configMapRef:
name: {{ $val | quote }}
{{- end }}
{{- end }}
resources:
requests:
{{`"{{PLACEHOLDER}}"`}} : "1"
memory: {{ .Values.debugEcho.configuration.brokerJob.resources.memoryRequest }}
cpu: {{ .Values.debugEcho.configuration.brokerJob.resources.cpuRequest }}
limits:
{{`"{{PLACEHOLDER}}"`}} : "1"
memory: {{ .Values.debugEcho.configuration.brokerJob.resources.memoryLimit }}
cpu: {{ .Values.debugEcho.configuration.brokerJob.resources.cpuLimit }}
{{- with .Values.debugEcho.configuration.brokerJob.volumeMounts}}
volumeMounts:
{{- toYaml . | nindent 12 }}
{{- end }}
{{- with .Values.debugEcho.configuration.brokerJob.volumes}}
volumes:
{{- toYaml . | nindent 10 }}
{{- end }}
restartPolicy: {{ .Values.debugEcho.configuration.brokerJob.restartPolicy }}
{{- with .Values.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 10 }}
{{- end }}
backoffLimit: {{ .Values.debugEcho.configuration.brokerJob.backoffLimit }}
parallelism: {{ .Values.debugEcho.configuration.brokerJob.parallelism }}
completions: {{ .Values.debugEcho.configuration.brokerJob.completions }}
{{- end }}
{{- end }}
{{- if or .Values.debugEcho.configuration.brokerPod.image.repository .Values.debugEcho.configuration.brokerJob.image.repository }}
{{- if .Values.debugEcho.configuration.createInstanceServices }}
instanceServiceSpec:
type: {{ .Values.debugEcho.configuration.instanceService.type }}
ports:
- name: {{ .Values.debugEcho.configuration.instanceService.name }}
port: {{ .Values.debugEcho.configuration.instanceService.port }}
protocol: {{ .Values.debugEcho.configuration.instanceService.protocol }}
targetPort: {{ .Values.debugEcho.configuration.instanceService.targetPort }}
{{- end }}
{{- if .Values.debugEcho.configuration.createConfigurationService }}
configurationServiceSpec:
type: {{ .Values.debugEcho.configuration.configurationService.type }}
ports:
- name: {{ .Values.debugEcho.configuration.configurationService.name }}
port: {{ .Values.debugEcho.configuration.configurationService.port }}
protocol: {{ .Values.debugEcho.configuration.configurationService.protocol }}
targetPort: {{ .Values.debugEcho.configuration.configurationService.port }}
{{- end }}
{{- end }}
{{- if .Values.debugEcho.configuration.brokerProperties }}
brokerProperties:
{{- range $key, $val := .Values.debugEcho.configuration.brokerProperties }}
{{- $key | nindent 4 }}: {{ $val | quote }}
{{- end }}
{{- else }}
brokerProperties: {}
{{- end }}
capacity: {{ .Values.debugEcho.configuration.capacity }}
{{- end }}

78
akri-chart/templates/debug-echo-discovery-handler.yaml Normal file
View File

@@ -0,0 +1,78 @@
{{- if .Values.debugEcho.discovery.enabled }}
apiVersion: apps/v1
kind: DaemonSet
metadata:
name: akri-debug-echo-discovery-daemonset
annotations:
akri.sh/discoveryHandlerName: debugEcho
labels: {{- include "akri.labels" . | nindent 4 }}
app.kubernetes.io/name: akri-debug-echo-discovery
app.kubernetes.io/component: discovery-handler
spec:
selector:
matchLabels: {{- include "akri.selectorLabels" . | nindent 6 }}
app.kubernetes.io/name: akri-debug-echo-discovery
template:
metadata:
labels: {{- include "akri.labels" . | nindent 8 }}
app.kubernetes.io/name: akri-debug-echo-discovery
app.kubernetes.io/component: discovery-handler
spec:
containers:
- name: akri-debug-echo-discovery
{{- if .Values.useDevelopmentContainers }}
{{- if .Values.useLatestContainers }}
image: {{ printf "%s:%s" .Values.debugEcho.discovery.image.repository (default "latest-dev" .Values.debugEcho.discovery.image.tag) | quote }}
{{- else }}
image: {{ printf "%s:%s" .Values.debugEcho.discovery.image.repository (default (printf "v%s-dev" .Chart.AppVersion) .Values.debugEcho.discovery.image.tag) | quote }}
{{- end }}
{{- else }}
{{- if .Values.useLatestContainers }}
image: {{ printf "%s:%s" .Values.debugEcho.discovery.image.repository (default "latest" .Values.debugEcho.discovery.image.tag) | quote }}
{{- else }}
image: {{ printf "%s:%s" .Values.debugEcho.discovery.image.repository (default (printf "v%s" .Chart.AppVersion) .Values.debugEcho.discovery.image.tag) | quote }}
{{- end }}
{{- end }}
{{- with .Values.debugEcho.discovery.image.pullPolicy }}
imagePullPolicy: {{ . }}
{{- end}}
resources:
requests:
memory: {{ .Values.debugEcho.discovery.resources.memoryRequest }}
cpu: {{ .Values.debugEcho.discovery.resources.cpuRequest }}
limits:
memory: {{ .Values.debugEcho.discovery.resources.memoryLimit }}
cpu: {{ .Values.debugEcho.discovery.resources.cpuLimit }}
{{- if .Values.debugEcho.discovery.useNetworkConnection }}
ports:
- name: discovery
containerPort: {{ .Values.debugEcho.discovery.port }}
{{- end }}
env:
{{- if .Values.debugEcho.discovery.useNetworkConnection }}
- name: POD_IP
valueFrom:
fieldRef:
fieldPath: status.podIP
{{- end }}
- name: DISCOVERY_HANDLERS_DIRECTORY
value: /var/lib/akri
- name: DEBUG_ECHO_INSTANCES_SHARED
value: {{ .Values.debugEcho.configuration.shared | quote }}
volumeMounts:
- name: discovery-handlers
mountPath: /var/lib/akri
{{- with .Values.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 8 }}
{{- end }}
nodeSelector:
"kubernetes.io/os": linux
{{- if .Values.debugEcho.discovery.nodeSelectors }}
{{- toYaml .Values.debugEcho.discovery.nodeSelectors | nindent 8 }}
{{- end }}
volumes:
- name: discovery-handlers
hostPath:
path: {{ .Values.agent.host.discoveryHandlers }}
{{- end }}

225
akri-chart/templates/onvif-configuration.yaml Normal file
View File

@@ -0,0 +1,225 @@
{{- if .Values.onvif.configuration.enabled }}
apiVersion: {{ printf "%s/%s" .Values.crds.group .Values.crds.version }}
kind: Configuration
metadata:
name: {{ .Values.onvif.configuration.name }}
spec:
discoveryHandler:
name: onvif
discoveryDetails: |+
ipAddresses:
action: {{ .Values.onvif.configuration.discoveryDetails.ipAddresses.action }}
{{- if .Values.onvif.configuration.discoveryDetails.ipAddresses.items}}
items:
{{- toYaml .Values.onvif.configuration.discoveryDetails.ipAddresses.items | nindent 8 }}
{{- else }}
items: []
{{- end }}
macAddresses:
action: {{ .Values.onvif.configuration.discoveryDetails.macAddresses.action }}
{{- if .Values.onvif.configuration.discoveryDetails.macAddresses.items}}
items:
{{- toYaml .Values.onvif.configuration.discoveryDetails.macAddresses.items | nindent 8 }}
{{- else }}
items: []
{{- end }}
scopes:
action: {{ .Values.onvif.configuration.discoveryDetails.scopes.action }}
{{- if .Values.onvif.configuration.discoveryDetails.scopes.items}}
items:
{{- toYaml .Values.onvif.configuration.discoveryDetails.scopes.items | nindent 8 }}
{{- else }}
items: []
{{- end }}
uuids:
action: {{ .Values.onvif.configuration.discoveryDetails.uuids.action }}
{{- if .Values.onvif.configuration.discoveryDetails.uuids.items}}
items:
{{- toYaml .Values.onvif.configuration.discoveryDetails.uuids.items | nindent 8 }}
{{- else }}
items: []
{{- end }}
discoveryTimeoutSeconds: {{ .Values.onvif.configuration.discoveryDetails.discoveryTimeoutSeconds }}
{{- if .Values.onvif.configuration.discoveryProperties}}
discoveryProperties:
{{- range $property := .Values.onvif.configuration.discoveryProperties }}
- name: {{ $property.name }}
{{- if $property.valueFrom }}
valueFrom:
{{- if $property.valueFrom.secretKeyRef }}
secretKeyRef:
name: {{ $property.valueFrom.secretKeyRef.name }}
{{- if $property.valueFrom.secretKeyRef.namespace }}
namespace: {{ $property.valueFrom.secretKeyRef.namespace }}
{{- end }}
{{- if $property.valueFrom.secretKeyRef.key }}
key: {{ $property.valueFrom.secretKeyRef.key }}
{{- end }}
{{- if hasKey $property.valueFrom.secretKeyRef "optional" }}
optional: {{ $property.valueFrom.secretKeyRef.optional }}
{{- end }}
{{- else if $property.valueFrom.configMapKeyRef}}
configMapKeyRef:
name: {{ $property.valueFrom.configMapKeyRef.name }}
{{- if $property.valueFrom.configMapKeyRef.namespace }}
namespace: {{ $property.valueFrom.configMapKeyRef.namespace }}
{{- end }}
{{- if $property.valueFrom.configMapKeyRef.key }}
key: {{ $property.valueFrom.configMapKeyRef.key }}
{{- end }}
{{- if hasKey $property.valueFrom.configMapKeyRef "optional" }}
optional: {{ $property.configMapKeyRef.optional }}
{{- end }}
{{- end }}
{{- else }}
value: {{ $property.value | quote }}
{{- end }}
{{- end }}
{{- end }}
{{- if or .Values.onvif.configuration.brokerPod.image.repository .Values.onvif.configuration.brokerJob.image.repository }}
{{- /* Only add brokerSpec if a broker image is provided */}}
brokerSpec:
{{- if .Values.onvif.configuration.brokerPod.image.repository }}
brokerPodSpec:
containers:
- name: {{ .Values.onvif.configuration.name }}-broker
image: {{ printf "%s:%s" .Values.onvif.configuration.brokerPod.image.repository .Values.onvif.configuration.brokerPod.image.tag | quote }}
{{- with .Values.onvif.configuration.brokerPod.image.pullPolicy }}
imagePullPolicy: {{ . }}
{{- end }}
{{- if .Values.onvif.configuration.brokerPod.env }}
env:
{{- range $key, $val := .Values.onvif.configuration.brokerPod.env }}
- name: {{ $key }}
value: {{ $val | quote }}
{{- end }}
{{- end }}
{{- if .Values.onvif.configuration.brokerPod.env }}
env:
{{- range $key, $val := .Values.onvif.configuration.brokerPod.env }}
- name: {{ $key }}
value: {{ $val | quote }}
{{- end }}
{{- end }}
{{- if .Values.onvif.configuration.brokerPod.envFrom }}
envFrom:
{{- range $val := .Values.onvif.configuration.brokerPod.envFrom.secretRef }}
- secretRef:
name: {{ $val | quote }}
{{- end }}
{{- range $val := .Values.onvif.configuration.brokerPod.envFrom.configMapRef }}
- configMapRef:
name: {{ $val | quote }}
{{- end }}
{{- end }}
resources:
requests:
{{`"{{PLACEHOLDER}}"`}} : "1"
memory: {{ .Values.onvif.configuration.brokerPod.resources.memoryRequest }}
cpu: {{ .Values.onvif.configuration.brokerPod.resources.cpuRequest }}
limits:
{{`"{{PLACEHOLDER}}"`}} : "1"
memory: {{ .Values.onvif.configuration.brokerPod.resources.memoryLimit }}
cpu: {{ .Values.onvif.configuration.brokerPod.resources.cpuLimit }}
{{- with .Values.onvif.configuration.brokerPod.volumeMounts}}
volumeMounts:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.onvif.configuration.brokerPod.volumes}}
volumes:
{{- toYaml . | nindent 6 }}
{{- end }}
{{- with .Values.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 6 }}
{{- end }}
{{- else }}
brokerJobSpec:
template:
spec:
containers:
- name: {{ .Values.onvif.configuration.name }}-broker
image: {{ printf "%s:%s" .Values.onvif.configuration.brokerJob.image.repository .Values.onvif.configuration.brokerPod.image.tag | quote }}
{{- if .Values.onvif.configuration.brokerJob.command }}
command:
{{- toYaml .Values.onvif.configuration.brokerJob.command | nindent 14 }}
{{- end }}
{{- with .Values.onvif.configuration.pullPolicy }}
imagePullPolicy: {{ . }}
{{- end }}
{{- if .Values.onvif.configuration.brokerJob.env }}
env:
{{- range $key, $val := .Values.onvif.configuration.brokerJob.env }}
- name: {{ $key }}
value: {{ $val | quote }}
{{- end }}
{{- end }}
{{- if .Values.onvif.configuration.brokerJob.envFrom }}
envFrom:
{{- range $val := .Values.onvif.configuration.brokerJob.envFrom.secretRef }}
- secretRef:
name: {{ $val | quote }}
{{- end }}
{{- range $val := .Values.onvif.configuration.brokerJob.envFrom.configMapRef }}
- configMapRef:
name: {{ $val | quote }}
{{- end }}
{{- end }}
resources:
requests:
{{`"{{PLACEHOLDER}}"`}} : "1"
memory: {{ .Values.onvif.configuration.brokerJob.resources.memoryRequest }}
cpu: {{ .Values.onvif.configuration.brokerJob.resources.cpuRequest }}
limits:
{{`"{{PLACEHOLDER}}"`}} : "1"
memory: {{ .Values.onvif.configuration.brokerJob.resources.memoryLimit }}
cpu: {{ .Values.onvif.configuration.brokerJob.resources.cpuLimit }}
{{- with .Values.onvif.configuration.brokerJob.volumeMounts}}
volumeMounts:
{{- toYaml . | nindent 12 }}
{{- end }}
{{- with .Values.onvif.configuration.brokerJob.volumes}}
volumes:
{{- toYaml . | nindent 10 }}
{{- end }}
restartPolicy: {{ .Values.onvif.configuration.brokerJob.restartPolicy }}
{{- with .Values.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 10 }}
{{- end }}
backoffLimit: {{ .Values.onvif.configuration.brokerJob.backoffLimit }}
parallelism: {{ .Values.onvif.configuration.brokerJob.parallelism }}
completions: {{ .Values.onvif.configuration.brokerJob.completions }}
{{- end }}
{{- end }}
{{- /* Only add service specs if a broker image was specified and service creation was not disabled */}}
{{- if .Values.onvif.configuration.brokerPod.image.repository }}
{{- if .Values.onvif.configuration.createInstanceServices }}
instanceServiceSpec:
type: {{ .Values.onvif.configuration.instanceService.type }}
ports:
- name: {{ .Values.onvif.configuration.instanceService.portName }}
port: {{ .Values.onvif.configuration.instanceService.port }}
protocol: {{ .Values.onvif.configuration.instanceService.protocol }}
targetPort: {{ .Values.onvif.configuration.instanceService.targetPort }}
{{- end }}
{{- if .Values.onvif.configuration.createConfigurationService }}
configurationServiceSpec:
type: {{ .Values.onvif.configuration.configurationService.type }}
ports:
- name: {{ .Values.onvif.configuration.configurationService.portName }}
port: {{ .Values.onvif.configuration.configurationService.port }}
protocol: {{ .Values.onvif.configuration.configurationService.protocol }}
targetPort: {{ .Values.onvif.configuration.configurationService.targetPort }}
{{- end }}
{{- end }}
{{- if .Values.onvif.configuration.brokerProperties }}
brokerProperties:
{{- range $key, $val := .Values.onvif.configuration.brokerProperties }}
{{- $key | nindent 4 }}: {{ $val | quote }}
{{- end }}
{{- else }}
brokerProperties: {}
{{- end }}
capacity: {{ .Values.onvif.configuration.capacity }}
{{- end }}

78
akri-chart/templates/onvif-discovery-handler.yaml Normal file
View File

@@ -0,0 +1,78 @@
{{- if .Values.onvif.discovery.enabled }}
apiVersion: apps/v1
kind: DaemonSet
metadata:
name: akri-onvif-discovery-daemonset
annotations:
akri.sh/discoveryHandlerName: onvif
labels: {{- include "akri.labels" . | nindent 4 }}
app.kubernetes.io/name: akri-onvif-discovery
app.kubernetes.io/component: discovery-handler
spec:
selector:
matchLabels: {{- include "akri.selectorLabels" . | nindent 6 }}
app.kubernetes.io/name: akri-onvif-discovery
template:
metadata:
labels: {{- include "akri.labels" . | nindent 8 }}
app.kubernetes.io/name: akri-onvif-discovery
app.kubernetes.io/component: discovery-handler
spec:
hostNetwork: true
dnsPolicy: ClusterFirstWithHostNet
containers:
- name: akri-onvif-discovery
{{- if .Values.useDevelopmentContainers }}
{{- if .Values.useLatestContainers }}
image: {{ printf "%s:%s" .Values.onvif.discovery.image.repository (default "latest-dev" .Values.onvif.discovery.image.tag) | quote }}
{{- else }}
image: {{ printf "%s:%s" .Values.onvif.discovery.image.repository (default (printf "v%s-dev" .Chart.AppVersion) .Values.onvif.discovery.image.tag) | quote }}
{{- end }}
{{- else }}
{{- if .Values.useLatestContainers }}
image: {{ printf "%s:%s" .Values.onvif.discovery.image.repository (default "latest" .Values.onvif.discovery.image.tag) | quote }}
{{- else }}
image: {{ printf "%s:%s" .Values.onvif.discovery.image.repository (default (printf "v%s" .Chart.AppVersion) .Values.onvif.discovery.image.tag) | quote }}
{{- end }}
{{- end }}
{{- with .Values.onvif.discovery.image.pullPolicy }}
imagePullPolicy: {{ . }}
{{- end}}
resources:
requests:
memory: {{ .Values.onvif.discovery.resources.memoryRequest }}
cpu: {{ .Values.onvif.discovery.resources.cpuRequest }}
limits:
memory: {{ .Values.onvif.discovery.resources.memoryLimit }}
cpu: {{ .Values.onvif.discovery.resources.cpuLimit }}
{{- if .Values.onvif.discovery.useNetworkConnection }}
ports:
- name: discovery
containerPort: {{ .Values.onvif.discovery.port }}
{{- end }}
env:
{{- if .Values.onvif.discovery.useNetworkConnection }}
- name: POD_IP
valueFrom:
fieldRef:
fieldPath: status.podIP
{{- end }}
- name: DISCOVERY_HANDLERS_DIRECTORY
value: /var/lib/akri
volumeMounts:
- name: discovery-handlers
mountPath: /var/lib/akri
{{- with .Values.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 8 }}
{{- end }}
nodeSelector:
"kubernetes.io/os": linux
{{- if .Values.onvif.discovery.nodeSelectors }}
{{- toYaml .Values.onvif.discovery.nodeSelectors | nindent 8 }}
{{- end }}
volumes:
- name: discovery-handlers
hostPath:
path: {{ .Values.agent.host.discoveryHandlers }}
{{- end }}

193
akri-chart/templates/opcua-configuration.yaml Normal file
View File

@@ -0,0 +1,193 @@
{{- if .Values.opcua.configuration.enabled }}
apiVersion: {{ printf "%s/%s" .Values.crds.group .Values.crds.version }}
kind: Configuration
metadata:
name: {{ .Values.opcua.configuration.name }}
spec:
discoveryHandler:
name: opcua
discoveryDetails: |+
opcuaDiscoveryMethod:
standard:
discoveryUrls:
{{- toYaml .Values.opcua.configuration.discoveryDetails.discoveryUrls | nindent 10 }}
applicationNames:
action: {{ .Values.opcua.configuration.discoveryDetails.applicationNames.action }}
{{- if .Values.opcua.configuration.discoveryDetails.applicationNames.items}}
items:
{{- toYaml .Values.opcua.configuration.discoveryDetails.applicationNames.items | nindent 8 }}
{{- else }}
items: []
{{- end }}
{{- if or .Values.opcua.configuration.brokerPod.image.repository .Values.opcua.configuration.brokerJob.image.repository }}
{{- /* Only add brokerSpec if a broker image is provided */}}
brokerSpec:
{{- if .Values.opcua.configuration.brokerPod.image.repository }}
brokerPodSpec:
containers:
- name: {{ .Values.opcua.configuration.name }}-broker
image: {{ printf "%s:%s" .Values.opcua.configuration.brokerPod.image.repository .Values.opcua.configuration.brokerPod.image.tag | quote }}
{{- with .Values.opcua.configuration.brokerPod.image.pullPolicy }}
imagePullPolicy: {{ . }}
{{- end }}
{{- if .Values.opcua.configuration.brokerPod.env }}
env:
{{- range $key, $val := .Values.opcua.configuration.brokerPod.env }}
- name: {{ $key }}
value: {{ $val | quote }}
{{- end }}
{{- end }}
{{- if .Values.opcua.configuration.brokerPod.envFrom }}
envFrom:
{{- range $val := .Values.opcua.configuration.brokerPod.envFrom.secretRef }}
- secretRef:
name: {{ $val | quote }}
{{- end }}
{{- range $val := .Values.opcua.configuration.brokerPod.envFrom.configMapRef }}
- configMapRef:
name: {{ $val | quote }}
{{- end }}
{{- end }}
{{- if .Values.opcua.configuration.brokerPod.env }}
env:
{{- range $key, $val := .Values.opcua.configuration.brokerPod.env }}
- name: {{ $key }}
value: {{ $val | quote }}
{{- end }}
{{- end }}
resources:
requests:
{{`"{{PLACEHOLDER}}"`}} : "1"
memory: {{ .Values.opcua.configuration.brokerPod.resources.memoryRequest }}
cpu: {{ .Values.opcua.configuration.brokerPod.resources.cpuRequest }}
limits:
{{`"{{PLACEHOLDER}}"`}} : "1"
memory: {{ .Values.opcua.configuration.brokerPod.resources.memoryLimit }}
cpu: {{ .Values.opcua.configuration.brokerPod.resources.cpuLimit }}
{{- if or .Values.opcua.configuration.brokerPod.volumeMounts .Values.opcua.configuration.mountCertificates }}
volumeMounts:
{{- with .Values.opcua.configuration.brokerPod.volumeMounts}}
{{- toYaml . | nindent 8 }}
{{- end }}
{{- if .Values.opcua.configuration.mountCertificates}}
- name: credentials
mountPath: "/etc/opcua-certs/client-pki"
readOnly: false
{{- end }}
{{- end }}
{{- with .Values.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 6 }}
{{- end }}
{{- if or .Values.opcua.configuration.brokerPod.volumeMounts .Values.opcua.configuration.mountCertificates }}
volumes:
{{- with .Values.opcua.configuration.brokerPod.volumes}}
{{- toYaml . | nindent 6 }}
{{- end }}
{{- if .Values.opcua.configuration.mountCertificates }}
- name: credentials
secret:
secretName: opcua-broker-credentials
items:
- key: client_certificate
path: own/certs/AkriBroker.der
- key: client_key
path: own/private/AkriBroker.pfx
- key: ca_certificate
path: trusted/certs/SomeCA.der
- key: ca_crl
path: trusted/crl/SomeCA.crl
{{- end }}
{{- end }}
{{- else }}
brokerJobSpec:
template:
spec:
containers:
- name: {{ .Values.opcua.configuration.name }}-broker
image: {{ printf "%s:%s" .Values.opcua.configuration.brokerJob.image.repository .Values.opcua.configuration.brokerPod.image.tag | quote }}
{{- if .Values.opcua.configuration.brokerJob.command }}
command:
{{- toYaml .Values.opcua.configuration.brokerJob.command | nindent 14 }}
{{- end }}
{{- with .Values.opcua.configuration.pullPolicy }}
imagePullPolicy: {{ . }}
{{- end }}
{{- if .Values.opcua.configuration.brokerJob.env }}
env:
{{- range $key, $val := .Values.opcua.configuration.brokerJob.env }}
- name: {{ $key }}
value: {{ $val | quote }}
{{- end }}
{{- end }}
{{- if .Values.opcua.configuration.brokerJob.envFrom }}
envFrom:
{{- range $val := .Values.opcua.configuration.brokerJob.envFrom.secretRef }}
- secretRef:
name: {{ $val | quote }}
{{- end }}
{{- range $val := .Values.opcua.configuration.brokerJob.envFrom.configMapRef }}
- configMapRef:
name: {{ $val | quote }}
{{- end }}
{{- end }}
resources:
requests:
{{`"{{PLACEHOLDER}}"`}} : "1"
memory: {{ .Values.opcua.configuration.brokerJob.resources.memoryRequest }}
cpu: {{ .Values.opcua.configuration.brokerJob.resources.cpuRequest }}
limits:
{{`"{{PLACEHOLDER}}"`}} : "1"
memory: {{ .Values.opcua.configuration.brokerJob.resources.memoryLimit }}
cpu: {{ .Values.opcua.configuration.brokerJob.resources.cpuLimit }}
{{- with .Values.opcua.configuration.brokerJob.volumeMounts}}
volumeMounts:
{{- toYaml . | nindent 12 }}
{{- end }}
{{- with .Values.opcua.configuration.brokerJob.volumes}}
volumes:
{{- toYaml . | nindent 10 }}
{{- end }}
restartPolicy: {{ .Values.opcua.configuration.brokerJob.restartPolicy }}
{{- with .Values.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 10 }}
{{- end }}
backoffLimit: {{ .Values.opcua.configuration.brokerJob.backoffLimit }}
parallelism: {{ .Values.opcua.configuration.brokerJob.parallelism }}
completions: {{ .Values.opcua.configuration.brokerJob.completions }}
{{- end }}
{{- end }}
{{- /* Only add service specs if a broker image was specified and service
creation was not disabled */}}
{{- if .Values.opcua.configuration.brokerPod.image.repository }}
{{- if .Values.opcua.configuration.createInstanceServices }}
instanceServiceSpec:
type: {{ .Values.opcua.configuration.instanceService.type }}
ports:
- name: grpc
port: {{ .Values.opcua.configuration.instanceService.port }}
protocol: {{ .Values.opcua.configuration.instanceService.protocol }}
targetPort: {{ .Values.opcua.configuration.instanceService.targetPort }}
{{- end }}
{{- if .Values.opcua.configuration.createConfigurationService }}
configurationServiceSpec:
type: {{ .Values.opcua.configuration.configurationService.type }}
ports:
- name: grpc
port: {{ .Values.opcua.configuration.configurationService.port }}
protocol: {{ .Values.opcua.configuration.configurationService.protocol }}
targetPort: {{ .Values.opcua.configuration.configurationService.targetPort }}
{{- end }}
{{- end }}
{{- if .Values.opcua.configuration.brokerProperties }}
brokerProperties:
{{- range $key, $val := .Values.opcua.configuration.brokerProperties }}
{{- $key | nindent 4 }}: {{ $val | quote }}
{{- end }}
{{- else }}
brokerProperties: {}
{{- end }}
capacity: {{ .Values.opcua.configuration.capacity }}
{{- end }}

76
akri-chart/templates/opcua-discovery-handler.yaml Normal file
View File

@@ -0,0 +1,76 @@
{{- if .Values.opcua.discovery.enabled }}
apiVersion: apps/v1
kind: DaemonSet
metadata:
name: akri-opcua-discovery-daemonset
annotations:
akri.sh/discoveryHandlerName: opcua
labels: {{- include "akri.labels" . | nindent 4 }}
app.kubernetes.io/name: akri-opcua-discovery
app.kubernetes.io/component: discovery-handler
spec:
selector:
matchLabels: {{- include "akri.selectorLabels" . | nindent 6 }}
app.kubernetes.io/name: akri-opcua-discovery
template:
metadata:
labels: {{- include "akri.labels" . | nindent 8 }}
app.kubernetes.io/name: akri-opcua-discovery
app.kubernetes.io/component: discovery-handler
spec:
containers:
- name: akri-opcua-discovery
{{- if .Values.useDevelopmentContainers }}
{{- if .Values.useLatestContainers }}
image: {{ printf "%s:%s" .Values.opcua.discovery.image.repository (default "latest-dev" .Values.opcua.discovery.image.tag) | quote }}
{{- else }}
image: {{ printf "%s:%s" .Values.opcua.discovery.image.repository (default (printf "v%s-dev" .Chart.AppVersion) .Values.opcua.discovery.image.tag) | quote }}
{{- end }}
{{- else }}
{{- if .Values.useLatestContainers }}
image: {{ printf "%s:%s" .Values.opcua.discovery.image.repository (default "latest" .Values.opcua.discovery.image.tag) | quote }}
{{- else }}
image: {{ printf "%s:%s" .Values.opcua.discovery.image.repository (default (printf "v%s" .Chart.AppVersion) .Values.opcua.discovery.image.tag) | quote }}
{{- end }}
{{- end }}
{{- with .Values.opcua.discovery.image.pullPolicy }}
imagePullPolicy: {{ . }}
{{- end}}
resources:
requests:
memory: {{ .Values.opcua.discovery.resources.memoryRequest }}
cpu: {{ .Values.opcua.discovery.resources.cpuRequest }}
limits:
memory: {{ .Values.opcua.discovery.resources.memoryLimit }}
cpu: {{ .Values.opcua.discovery.resources.cpuLimit }}
{{- if .Values.opcua.discovery.useNetworkConnection }}
ports:
- name: discovery
containerPort: {{ .Values.opcua.discovery.port }}
{{- end }}
env:
{{- if .Values.opcua.discovery.useNetworkConnection }}
- name: POD_IP
valueFrom:
fieldRef:
fieldPath: status.podIP
{{- end }}
- name: DISCOVERY_HANDLERS_DIRECTORY
value: /var/lib/akri
volumeMounts:
- name: discovery-handlers
mountPath: /var/lib/akri
{{- with .Values.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 8 }}
{{- end }}
nodeSelector:
"kubernetes.io/os": linux
{{- if .Values.opcua.discovery.nodeSelectors }}
{{- toYaml .Values.opcua.discovery.nodeSelectors | nindent 8 }}
{{- end }}
volumes:
- name: discovery-handlers
hostPath:
path: {{ .Values.agent.host.discoveryHandlers }}
{{- end }}

33
akri-chart/templates/prometheus.yaml Normal file
View File

@@ -0,0 +1,33 @@
{{- if .Values.prometheus.enabled }}
apiVersion: monitoring.coreos.com/v1
kind: PodMonitor
metadata:
name: akri-agent-metrics
namespace: {{ .Release.Namespace }}
labels: {{- include "akri.labels" . | nindent 4 }}
app.kubernetes.io/name: akri-agent
release: prometheus
spec:
selector:
matchLabels: {{- include "akri.selectorLabels" . | nindent 6 }}
app.kubernetes.io/name: akri-agent
podMetricsEndpoints:
- port: {{ .Values.prometheus.portName | quote }}
path: {{ .Values.prometheus.endpoint }}
---
apiVersion: monitoring.coreos.com/v1
kind: PodMonitor
metadata:
name: akri-controller-metrics
namespace: {{ .Release.Namespace }}
labels: {{- include "akri.labels" . | nindent 4 }}
app.kubernetes.io/name: akri-controller
release: prometheus
spec:
selector:
matchLabels: {{- include "akri.selectorLabels" . | nindent 6 }}
app.kubernetes.io/name: akri-controller
podMetricsEndpoints:
- port: {{ .Values.prometheus.portName | quote }}
path: {{ .Values.prometheus.endpoint }}
{{- end }}

93
akri-chart/templates/rbac.yaml Normal file
View File

@@ -0,0 +1,93 @@
{{- if .Values.rbac.enabled }}
apiVersion: v1
kind: ServiceAccount
metadata:
name: akri-controller-sa
labels: {{- include "akri.labels" . | nindent 4 }}
app.kubernetes.io/name: akri-controller
app.kubernetes.io/component: controller
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: akri-agent-sa
labels: {{- include "akri.labels" . | nindent 4 }}
app.kubernetes.io/name: akri-agent
app.kubernetes.io/component: agent
---
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: "akri-controller-role"
labels: {{- include "akri.labels" . | nindent 4 }}
app.kubernetes.io/name: akri-controller
app.kubernetes.io/component: controller
rules:
- apiGroups: [""]
resources: ["pods", "services"]
verbs: ["get", "list", "watch", "create", "update", "patch", "delete"]
- apiGroups: ["batch"]
resources: ["jobs"]
verbs: ["get", "list", "watch", "create", "update", "patch", "delete", "deletecollection"]
- apiGroups: [""]
resources: ["nodes"]
verbs: ["get", "list", "watch"]
- apiGroups: [{{ .Values.crds.group | quote }}]
resources: ["instances"]
verbs: ["get", "list", "watch", "update", "patch"]
- apiGroups: [{{ .Values.crds.group | quote }}]
resources: ["configurations"]
verbs: ["get", "list", "watch"]
---
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: "akri-agent-role"
labels: {{- include "akri.labels" . | nindent 4 }}
app.kubernetes.io/name: akri-agent
app.kubernetes.io/component: agent
rules:
- apiGroups: [""]
resources: ["pods"]
verbs: ["get", "list", "watch"]
- apiGroups: [{{ .Values.crds.group | quote }}]
resources: ["instances"]
verbs: ["get", "list", "watch", "create", "update", "patch", "delete"]
- apiGroups: [{{ .Values.crds.group | quote }}]
resources: ["configurations"]
verbs: ["get", "list", "watch"]
---
apiVersion: 'rbac.authorization.k8s.io/v1'
kind: 'ClusterRoleBinding'
metadata:
name: 'akri-controller-binding'
namespace: {{ .Release.Namespace }}
labels: {{- include "akri.labels" . | nindent 4 }}
app.kubernetes.io/name: akri-controller
app.kubernetes.io/component: controller
roleRef:
apiGroup: ''
kind: 'ClusterRole'
name: 'akri-controller-role'
subjects:
- kind: 'ServiceAccount'
name: 'akri-controller-sa'
namespace: {{ .Release.Namespace }}
---
apiVersion: 'rbac.authorization.k8s.io/v1'
kind: 'ClusterRoleBinding'
metadata:
name: 'akri-agent-binding'
namespace: {{ .Release.Namespace }}
labels: {{- include "akri.labels" . | nindent 4 }}
app.kubernetes.io/name: akri-agent
app.kubernetes.io/component: agent
roleRef:
apiGroup: ''
kind: 'ClusterRole'
name: 'akri-agent-role'
subjects:
- kind: 'ServiceAccount'
name: 'akri-agent-sa'
namespace: {{ .Release.Namespace }}
{{- end }}

133
akri-chart/templates/udev-configuration.yaml Normal file
View File

@@ -0,0 +1,133 @@
{{- if .Values.udev.configuration.enabled }}
apiVersion: {{ printf "%s/%s" .Values.crds.group .Values.crds.version }}
kind: Configuration
metadata:
name: {{ .Values.udev.configuration.name }}
spec:
discoveryHandler:
name: udev
discoveryDetails: |+
groupRecursive: {{ .Values.udev.configuration.discoveryDetails.groupRecursive }}
udevRules:
{{- required "Please set at least one udev rule with `--set udev.configuration.discoveryDetails.udevRules[0]==\"<udev rule>\"' to specify what you want discovered. See the udev Configuration document at https://docs.akri.sh/discovery-handlers/udev for more information." .Values.udev.configuration.discoveryDetails.udevRules | toYaml | nindent 6 }}
{{- if or .Values.udev.configuration.brokerPod.image.repository .Values.udev.configuration.brokerJob.image.repository }}
{{- /* Only add brokerSpec if a broker image is provided */}}
brokerSpec:
{{- if .Values.udev.configuration.brokerPod.image.repository }}
brokerPodSpec:
containers:
- name: {{ .Values.udev.configuration.name }}-broker
image: {{ printf "%s:%s" .Values.udev.configuration.brokerPod.image.repository .Values.udev.configuration.brokerPod.image.tag | quote }}
{{- with .Values.udev.configuration.brokerPod.image.pullPolicy }}
imagePullPolicy: {{ . }}
{{- end }}
{{- if .Values.udev.configuration.brokerPod.env }}
env:
{{- range $key, $val := .Values.udev.configuration.brokerPod.env }}
- name: {{ $key }}
value: {{ $val | quote }}
{{- end }}
{{- end }}
{{- if .Values.udev.configuration.brokerPod.envFrom }}
envFrom:
{{- range $val := .Values.udev.configuration.brokerPod.envFrom.secretRef }}
- secretRef:
name: {{ $val | quote }}
{{- end }}
{{- range $val := .Values.udev.configuration.brokerPod.envFrom.configMapRef }}
- configMapRef:
name: {{ $val | quote }}
{{- end }}
{{- end }}
securityContext:
{{- if .Values.udev.configuration.brokerPod.securityContext }}
{{- toYaml .Values.udev.configuration.brokerPod.securityContext | nindent 10 }}
{{- else}}
privileged: true
{{- end}}
resources:
requests:
{{`"{{PLACEHOLDER}}"`}} : "1"
memory: {{ .Values.udev.configuration.brokerPod.resources.memoryRequest }}
cpu: {{ .Values.udev.configuration.brokerPod.resources.cpuRequest }}
limits:
{{`"{{PLACEHOLDER}}"`}} : "1"
memory: {{ .Values.udev.configuration.brokerPod.resources.memoryLimit }}
cpu: {{ .Values.udev.configuration.brokerPod.resources.cpuLimit }}
{{- with .Values.udev.configuration.brokerPod.volumeMounts}}
volumeMounts:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.udev.configuration.brokerPod.volumes}}
volumes:
{{- toYaml . | nindent 6 }}
{{- end }}
{{- with .Values.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 6 }}
{{- end }}
{{- else }}
brokerJobSpec:
template:
spec:
containers:
- name: {{ .Values.udev.configuration.name }}-broker
image: {{ printf "%s:%s" .Values.udev.configuration.brokerJob.image.repository .Values.udev.configuration.brokerPod.image.tag | quote }}
{{- if .Values.udev.configuration.brokerJob.command }}
command:
{{- toYaml .Values.udev.configuration.brokerJob.command | nindent 14 }}
{{- end }}
{{- with .Values.udev.configuration.pullPolicy }}
imagePullPolicy: {{ . }}
{{- end }}
resources:
requests:
{{`"{{PLACEHOLDER}}"`}} : "1"
memory: {{ .Values.udev.configuration.brokerJob.resources.memoryRequest }}
cpu: {{ .Values.udev.configuration.brokerJob.resources.cpuRequest }}
limits:
{{`"{{PLACEHOLDER}}"`}} : "1"
memory: {{ .Values.udev.configuration.brokerJob.resources.memoryLimit }}
cpu: {{ .Values.udev.configuration.brokerJob.resources.cpuLimit }}
restartPolicy: {{ .Values.udev.configuration.brokerJob.restartPolicy }}
{{- with .Values.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 10 }}
{{- end }}
backoffLimit: {{ .Values.udev.configuration.brokerJob.backoffLimit }}
parallelism: {{ .Values.udev.configuration.brokerJob.parallelism }}
completions: {{ .Values.udev.configuration.brokerJob.completions }}
{{- end }}
{{- end }}
{{- /* Only add service specs if a broker image was specified and service
creation was not disabled */}}
{{- if .Values.udev.configuration.brokerPod.image.repository }}
{{- if .Values.udev.configuration.createInstanceServices }}
instanceServiceSpec:
type: {{ .Values.udev.configuration.instanceService.type }}
ports:
- name: {{ .Values.udev.configuration.instanceService.portName }}
port: {{ .Values.udev.configuration.instanceService.port }}
protocol: {{ .Values.udev.configuration.instanceService.protocol }}
targetPort: {{ .Values.udev.configuration.instanceService.targetPort }}
{{- end }}
{{- if .Values.udev.configuration.createConfigurationService }}
configurationServiceSpec:
type: {{ .Values.udev.configuration.configurationService.type }}
ports:
- name: {{ .Values.udev.configuration.configurationService.portName }}
port: {{ .Values.udev.configuration.configurationService.port }}
protocol: {{ .Values.udev.configuration.configurationService.protocol }}
targetPort: {{ .Values.udev.configuration.configurationService.targetPort }}
{{- end }}
{{- end }}
{{- if .Values.udev.configuration.brokerProperties }}
brokerProperties:
{{- range $key, $val := .Values.udev.configuration.brokerProperties }}
{{- $key | nindent 4 }}: {{ $val | quote }}
{{- end }}
{{- else }}
brokerProperties: {}
{{- end }}
capacity: {{ .Values.udev.configuration.capacity }}
{{- end }}

87
akri-chart/templates/udev-discovery-handler.yaml Normal file
View File

@@ -0,0 +1,87 @@
{{- if .Values.udev.discovery.enabled }}
apiVersion: apps/v1
kind: DaemonSet
metadata:
name: akri-udev-discovery-daemonset
annotations:
akri.sh/discoveryHandlerName: udev
labels: {{- include "akri.labels" . | nindent 4 }}
app.kubernetes.io/name: akri-udev-discovery
app.kubernetes.io/component: discovery-handler
spec:
selector:
matchLabels: {{- include "akri.selectorLabels" . | nindent 6 }}
app.kubernetes.io/name: akri-udev-discovery
template:
metadata:
labels: {{- include "akri.labels" . | nindent 8 }}
app.kubernetes.io/name: akri-udev-discovery
app.kubernetes.io/component: discovery-handler
spec:
nodeSelector:
"kubernetes.io/os": linux
containers:
- name: akri-udev-discovery
{{- if .Values.useDevelopmentContainers }}
{{- if .Values.useLatestContainers }}
image: {{ printf "%s:%s" .Values.udev.discovery.image.repository (default "latest-dev" .Values.udev.discovery.image.tag) | quote }}
{{- else }}
image: {{ printf "%s:%s" .Values.udev.discovery.image.repository (default (printf "v%s-dev" .Chart.AppVersion) .Values.udev.discovery.image.tag) | quote }}
{{- end }}
{{- else }}
{{- if .Values.useLatestContainers }}
image: {{ printf "%s:%s" .Values.udev.discovery.image.repository (default "latest" .Values.udev.discovery.image.tag) | quote }}
{{- else }}
image: {{ printf "%s:%s" .Values.udev.discovery.image.repository (default (printf "v%s" .Chart.AppVersion) .Values.udev.discovery.image.tag) | quote }}
{{- end }}
{{- end }}
{{- with .Values.udev.discovery.image.pullPolicy }}
imagePullPolicy: {{ . }}
{{- end}}
resources:
requests:
memory: {{ .Values.udev.discovery.resources.memoryRequest }}
cpu: {{ .Values.udev.discovery.resources.cpuRequest }}
limits:
memory: {{ .Values.udev.discovery.resources.memoryLimit }}
cpu: {{ .Values.udev.discovery.resources.cpuLimit }}
{{- if .Values.udev.discovery.useNetworkConnection }}
ports:
- name: discovery
containerPort: {{ .Values.udev.discovery.port }}
{{- end }}
env:
{{- if .Values.udev.discovery.useNetworkConnection }}
- name: POD_IP
valueFrom:
fieldRef:
fieldPath: status.podIP
{{- end }}
- name: DISCOVERY_HANDLERS_DIRECTORY
value: /var/lib/akri
volumeMounts:
- name: discovery-handlers
mountPath: /var/lib/akri
{{- if .Values.udev.discovery.host.udev }}
- name: devices
mountPath: /run/udev
{{- end }}
{{- with .Values.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 8 }}
{{- end }}
nodeSelector:
"kubernetes.io/os": linux
{{- if .Values.udev.discovery.nodeSelectors }}
{{- toYaml .Values.udev.discovery.nodeSelectors | nindent 8 }}
{{- end }}
volumes:
- name: discovery-handlers
hostPath:
path: {{ .Values.agent.host.discoveryHandlers }}
{{- if .Values.udev.discovery.host.udev }}
- name: devices
hostPath:
path: "{{ .Values.udev.discovery.host.udev }}"
{{- end }}
{{- end }}

181
akri-chart/templates/webhook-cert-autogen.yaml Normal file
View File

@@ -0,0 +1,181 @@
{{- if and .Values.webhookConfiguration.enabled (not .Values.webhookConfiguration.caBundle) -}}
{{- if .Values.rbac.enabled }}
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: {{ .Values.webhookConfiguration.name }}-patch
annotations:
"helm.sh/hook": pre-install,pre-upgrade,post-install,post-upgrade
"helm.sh/hook-weight": "-5"
"helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded
labels:
{{- include "akri.labels" . | nindent 4 }}
app.kubernetes.io/component: admission-webhook
rules:
- apiGroups:
- admissionregistration.k8s.io
resources:
- validatingwebhookconfigurations
verbs:
- get
- update
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: {{ .Values.webhookConfiguration.name }}-patch
annotations:
"helm.sh/hook": pre-install,pre-upgrade,post-install,post-upgrade
"helm.sh/hook-weight": "-5"
"helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded
labels:
{{- include "akri.labels" . | nindent 4 }}
app.kubernetes.io/component: admission-webhook
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: {{ .Values.webhookConfiguration.name }}-patch
subjects:
- kind: ServiceAccount
name: {{ .Values.webhookConfiguration.name }}-patch
namespace: {{ .Release.Namespace | quote }}
---
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
name: {{ .Values.webhookConfiguration.name }}-patch
namespace: {{ .Release.Namespace }}
annotations:
"helm.sh/hook": pre-install,pre-upgrade,post-install,post-upgrade
"helm.sh/hook-weight": "-5"
"helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded
labels:
{{- include "akri.labels" . | nindent 4 }}
app.kubernetes.io/component: admission-webhook
rules:
- apiGroups:
- ""
resources:
- secrets
verbs:
- get
- create
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
name: {{ .Values.webhookConfiguration.name }}-patch
namespace: {{ .Release.Namespace }}
annotations:
"helm.sh/hook": pre-install,pre-upgrade,post-install,post-upgrade
"helm.sh/hook-weight": "-5"
"helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded
labels:
{{- include "akri.labels" . | nindent 4 }}
app.kubernetes.io/component: admission-webhook
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: {{ .Values.webhookConfiguration.name }}-patch
subjects:
- kind: ServiceAccount
name: {{ .Values.webhookConfiguration.name }}-patch
namespace: {{ .Release.Namespace | quote }}
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: {{ .Values.webhookConfiguration.name }}-patch
namespace: {{ .Release.Namespace }}
annotations:
"helm.sh/hook": pre-install,pre-upgrade,post-install,post-upgrade
"helm.sh/hook-weight": "-5"
"helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded
labels:
{{- include "akri.labels" . | nindent 4 }}
app.kubernetes.io/component: admission-webhook
---
{{- end }}
apiVersion: batch/v1
kind: Job
metadata:
name: {{ .Values.webhookConfiguration.name }}-create
namespace: {{ .Release.Namespace }}
annotations:
"helm.sh/hook": pre-install,pre-upgrade
"helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded
labels:
{{- include "akri.labels" . | nindent 4 }}
app.kubernetes.io/component: admission-webhook
spec:
ttlSecondsAfterFinished: 0
template:
metadata:
name: {{ .Values.webhookConfiguration.name }}-create
labels:
{{- include "akri.labels" . | nindent 8 }}
app.kubernetes.io/component: admission-webhook
spec:
containers:
- name: create
image: "{{ .Values.webhookConfiguration.certImage.reference }}:{{ .Values.webhookConfiguration.certImage.tag }}"
imagePullPolicy: {{ .Values.webhookConfiguration.certImage.pullPolicy }}
args:
- create
- --host={{ .Values.webhookConfiguration.name }},{{ .Values.webhookConfiguration.name }}.{{ .Release.Namespace }}.svc
- --namespace={{ .Release.Namespace }}
- --secret-name={{ .Values.webhookConfiguration.name }}
- --cert-name=tls.crt
- --key-name=tls.key
env:
- name: POD_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
restartPolicy: OnFailure
{{- if .Values.rbac.enabled }}
serviceAccountName: {{ .Values.webhookConfiguration.name }}-patch
{{- end }}
---
apiVersion: batch/v1
kind: Job
metadata:
name: {{ .Values.webhookConfiguration.name }}-patch
namespace: {{ .Release.Namespace }}
annotations:
"helm.sh/hook": post-install,post-upgrade
"helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded
labels:
{{- include "akri.labels" . | nindent 4 }}
app.kubernetes.io/component: admission-webhook
spec:
ttlSecondsAfterFinished: 0
template:
metadata:
name: {{ .Values.webhookConfiguration.name }}-patch
labels:
{{- include "akri.labels" . | nindent 8 }}
app.kubernetes.io/component: admission-webhook
spec:
containers:
- name: patch
image: "{{ .Values.webhookConfiguration.certImage.reference }}:{{ .Values.webhookConfiguration.certImage.tag }}"
imagePullPolicy: {{ .Values.webhookConfiguration.certImage.pullPolicy }}
args:
- patch
- --webhook-name={{ .Values.webhookConfiguration.name }}
- --namespace={{ .Release.Namespace }}
- --patch-mutating=false
- --secret-name={{ .Values.webhookConfiguration.name }}
- --patch-failure-policy=Fail
env:
- name: POD_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
restartPolicy: OnFailure
{{- if .Values.rbac.enabled }}
serviceAccountName: {{ .Values.webhookConfiguration.name }}-patch
{{- end }}
{{- end -}}

165
akri-chart/templates/webhook-configuration.yaml Normal file
View File

@@ -0,0 +1,165 @@
{{- if .Values.webhookConfiguration.enabled }}
apiVersion: v1
kind: List
metadata:
name: {{ .Values.webhookConfiguration.name }}
labels: {{- include "akri.labels" . | nindent 4 }}
items:
- apiVersion: v1
kind: ServiceAccount
metadata:
name: {{ .Values.webhookConfiguration.name }}
namespace: {{ .Release.Namespace }}
labels: {{- include "akri.labels" . | nindent 8 }}
app.kubernetes.io/name: {{ .Values.webhookConfiguration.name }}
app.kubernetes.io/component: admission-webhook
- apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
name: {{ .Values.webhookConfiguration.name }}
namespace: {{ .Release.Namespace }}
labels: {{- include "akri.labels" . | nindent 8 }}
app.kubernetes.io/name: {{ .Values.webhookConfiguration.name }}
app.kubernetes.io/component: admission-webhook
rules:
- apiGroups: [""]
resources: ["pods"]
verbs: ["get"]
- apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
name: {{ .Values.webhookConfiguration.name }}
namespace: {{ .Release.Namespace }}
labels: {{- include "akri.labels" . | nindent 8 }}
app.kubernetes.io/name: {{ .Values.webhookConfiguration.name }}
app.kubernetes.io/component: admission-webhook
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: {{ .Values.webhookConfiguration.name }}
subjects:
- kind: ServiceAccount
name: {{ .Values.webhookConfiguration.name }}
namespace: {{ .Release.Namespace }}
- apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ .Values.webhookConfiguration.name }}
labels: {{- include "akri.labels" . | nindent 8 }}
app.kubernetes.io/name: {{ .Values.webhookConfiguration.name }}
app.kubernetes.io/component: admission-webhook
spec:
replicas: 1
selector:
matchLabels: {{- include "akri.selectorLabels" . | nindent 10 }}
app.kubernetes.io/name: {{ .Values.webhookConfiguration.name }}
template:
metadata:
labels: {{- include "akri.labels" . | nindent 12 }}
app.kubernetes.io/name: {{ .Values.webhookConfiguration.name }}
app.kubernetes.io/component: admission-webhook
spec:
{{- if .Values.rbac.enabled }}
serviceAccountName: {{ .Values.webhookConfiguration.name }}
{{- end }}
containers:
- name: webhook
{{- if .Values.useDevelopmentContainers }}
{{- if .Values.useLatestContainers }}
image: {{ printf "%s:latest-dev" .Values.webhookConfiguration.image.repository | quote }}
{{- else }}
image: {{ printf "%s:%s" .Values.webhookConfiguration.image.repository (default (printf "v%s-dev" .Chart.AppVersion) .Values.webhookConfiguration.image.tag) | quote }}
{{- end }}
{{- else }}
{{- if .Values.useLatestContainers }}
image: {{ printf "%s:latest" .Values.webhookConfiguration.image.repository | quote }}
{{- else }}
image: {{ printf "%s:%s" .Values.webhookConfiguration.image.repository (default (printf "v%s" .Chart.AppVersion) .Values.webhookConfiguration.image.tag) | quote }}
{{- end }}
{{- end }}
imagePullPolicy: {{ .Values.webhookConfiguration.image.pullPolicy }}
resources:
requests:
memory: {{ .Values.webhookConfiguration.resources.memoryRequest }}
cpu: {{ .Values.webhookConfiguration.resources.cpuRequest }}
limits:
memory: {{ .Values.webhookConfiguration.resources.memoryLimit }}
cpu: {{ .Values.webhookConfiguration.resources.cpuLimit }}
args:
- --tls-crt-file=/secrets/tls.crt
- --tls-key-file=/secrets/tls.key
- --port=8443
volumeMounts:
- name: secrets
mountPath: /secrets
readOnly: true
volumes:
- name: secrets
secret:
secretName: {{ .Values.webhookConfiguration.name }}
{{- with .Values.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 12 }}
{{- end }}
{{- if .Values.webhookConfiguration.allowOnControlPlane }}
tolerations:
{{- /* Allow this pod to run on the master. */}}
- key: node-role.kubernetes.io/master
effect: NoSchedule
{{- end }}
nodeSelector:
{{- if .Values.webhookConfiguration.nodeSelectors }}
{{- toYaml .Values.webhookConfiguration.nodeSelectors | nindent 8 }}
{{- end }}
"kubernetes.io/os": linux
{{- if .Values.webhookConfiguration.onlyOnControlPlane }}
node-role.kubernetes.io/master: ""
{{- end }}
- apiVersion: v1
kind: Service
metadata:
name: {{ .Values.webhookConfiguration.name }}
labels: {{- include "akri.labels" . | nindent 8 }}
app.kubernetes.io/name: {{ .Values.webhookConfiguration.name }}
app.kubernetes.io/component: admission-webhook
spec:
selector: {{- include "akri.selectorLabels" . | nindent 8 }}
app.kubernetes.io/name: {{ .Values.webhookConfiguration.name }}
ports:
- name: http
port: 443
targetPort: 8443
- apiVersion: admissionregistration.k8s.io/v1
kind: ValidatingWebhookConfiguration
metadata:
name: {{ .Values.webhookConfiguration.name }}
labels: {{- include "akri.labels" . | nindent 8 }}
app.kubernetes.io/name: {{ .Values.webhookConfiguration.name }}
app.kubernetes.io/component: admission-webhook
webhooks:
- name: {{ .Values.webhookConfiguration.name }}.{{ .Release.Namespace }}.svc
clientConfig:
service:
name: {{ .Values.webhookConfiguration.name }}
namespace: {{ .Release.Namespace }}
port: 443
path: "/validate"
{{- if .Values.webhookConfiguration.caBundle }}
caBundle: {{ .Values.webhookConfiguration.caBundle }}
{{- end }}
rules:
- operations:
- "CREATE"
- "UPDATE"
apiGroups:
- {{ .Values.crds.group }}
apiVersions:
- {{ .Values.crds.version }}
resources:
- "configurations"
scope: "*"
admissionReviewVersions:
- v1
- v1beta1
sideEffects: None
{{- end }}

880
akri-chart/values.yaml Normal file
View File

@@ -0,0 +1,880 @@
# Default values for akri.
# This is a YAML-formatted file.
# Declare variables to be passed into your templates.
# useLatestContainers is specified if the latest or latest-dev
# tags should be used. This will be overridden if *.image.tag
# is specified.
useLatestContainers: false
# useDevelopmentContainers is specified if the non-release (*-dev)
# tags should be used. This will be overridden if *.image.tag
# is specified.
useDevelopmentContainers: false
# imagePullSecrets is the array of secrets needed to pull images.
# This can be set from the helm command line using `--set imagePullSecrets[0].name="mysecret"`
imagePullSecrets: []
# kubernetesDistro describes the Kubernetes distro Akri is running on. It is used to conditionally set
# distribution specific values such as container runtime socket. Options: microk8s | k3s | k8s
kubernetesDistro: ""
# generalize references to `apiGroups` and `apiVersion` values for Akri CRDs
crds:
group: akri.sh
version: v0
rbac:
# enabled defines whether to apply rbac to Akri
enabled: true
prometheus:
# enabled defines whether metrics ports are exposed on
# the Controller and Agent
enabled: false
# endpoint is the path the port exposed for metrics
endpoint: /metrics
# port is the port that the metrics service is exposed on
port: 8080
# portName is the name of the metrics port
portName: metrics
controller:
# enabled defines whether to apply the Akri Controller
enabled: true
image:
# repository is the Akri Controller container reference
repository: "%%IMG_REPO%%/akri-controller"
# tag is the Akri Controller container tag
# controller.yaml will default to v(AppVersion)[-dev]
# with `-dev` added if `useDevelopmentContainers` is specified
tag:
# pullPolicy is the Akri Controller pull policy
pullPolicy: "Always"
# ensures container doesn't run with unnecessary priviledges
securityContext:
runAsUser: 1000
allowPrivilegeEscalation: false
runAsNonRoot: true
readOnlyRootFilesystem: true
capabilities:
drop: ["ALL"]
# onlyOnControlPlane dictates whether the Akri Controller will only run on nodes with
# the label with (key, value) of ("node-role.kubernetes.io/master", "")
onlyOnControlPlane: false
# allowOnControlPlane dictates whether a toleration will be added to allow to Akri Controller
# to run on the control plane node
allowOnControlPlane: true
# nodeSelectors is the array of nodeSelectors used to target nodes for the Akri Controller to run on
# This can be set from the helm command line using `--set controller.nodeSelectors.label="value"`
nodeSelectors: {}
resources:
# memoryRequest defines the minimum amount of RAM that must be available to this Pod
# for it to be scheduled by the Kubernetes Scheduler
memoryRequest: 11Mi
# cpuRequest defines the minimum amount of CPU that must be available to this Pod
# for it to be scheduled by the Kubernetes Scheduler
cpuRequest: 10m
# memoryLimit defines the maximum amount of RAM this Pod can consume.
memoryLimit: 100Mi
# cpuLimit defines the maximum amount of CPU this Pod can consume.
cpuLimit: 26m
agent:
# enabled defines whether to apply the Akri Agent
enabled: true
image:
# repository is the Akri Agent container reference
repository: "%%IMG_REPO%%/akri-agent"
# tag is the Akri Agent container tag
# agent.yaml will default to v(AppVersion)[-dev]
# with `-dev` added if `useDevelopmentContainers` is specified
tag:
# pullPolicy is the Akri Agent pull policy
pullPolicy: ""
securityContext:
privileged: true
host:
# discoveryHandlers is the location of Akri Discovery Handler sockets and
# the agent registration service
discoveryHandlers: /var/lib/akri
# kubeletDevicePlugins is the location of the kubelet device-plugin sockets
kubeletDevicePlugins: /var/lib/kubelet/device-plugins
# containerRuntimeSocket is the default node path of the container runtime socket.
# For MicroK8s, set to "/var/snap/microk8s/common/run/containerd.sock"
# For K3s, set to "/run/k3s/containerd/containerd.sock"
# For standard K8s, set to "/run/containerd/containerd.sock"
containerRuntimeSocket: ""
# udev is the node path of udev, usually at `/run/udev`
udev:
# allowDebugEcho dictates whether the Akri Agent will allow DebugEcho Configurations
allowDebugEcho: false
# nodeSelectors is the array of nodeSelectors used to target nodes for the Akri Agent to run on
# This can be set from the helm command line using `--set agent.nodeSelectors.label="value"`
nodeSelectors: {}
resources:
# memoryRequest defines the minimum amount of RAM that must be available to this Pod
# for it to be scheduled by the Kubernetes Scheduler
memoryRequest: 11Mi
# cpuRequest defines the minimum amount of CPU that must be available to this Pod
# for it to be scheduled by the Kubernetes Scheduler
cpuRequest: 10m
# memoryLimit defines the maximum amount of RAM this Pod can consume.
memoryLimit: 79Mi
# cpuLimit defines the maximum amount of CPU this Pod can consume.
cpuLimit: 26m
custom:
configuration:
# enabled defines whether to load a custom configuration
enabled: false
# name is the Kubernetes resource name that will be created for this
# custom configuration
name: akri-custom
# discoveryHandlerName is the name of the Discovery Handler the Configuration is using
discoveryHandlerName:
# brokerProperties is a map of properties that will be passed to any instances
# created as a result of applying this custom configuration
brokerProperties: {}
# capacity is the capacity for any instances created as a result of
# applying this custom configuration
capacity: 1
# discoveryDetails is the string of discovery details that is
# passed to a Discovery Handler which can parse it into an expected format.
discoveryDetails: ""
brokerPod:
image:
# repository is the custom broker container reference
repository:
# tag is the custom broker image tag
tag: latest
# pullPolicy is the custom pull policy
pullPolicy: ""
resources:
# memoryRequest defines the minimum amount of RAM that must be available to this Pod
# for it to be scheduled by the Kubernetes Scheduler
memoryRequest: 11Mi
# cpuRequest defines the minimum amount of CPU that must be available to this Pod
# for it to be scheduled by the Kubernetes Scheduler
cpuRequest: 10m
# memoryLimit defines the maximum amount of RAM this Pod can consume.
memoryLimit: 24Mi
# cpuLimit defines the maximum amount of CPU this Pod can consume.
cpuLimit: 24m
brokerJob:
# container used by custom
image:
# repository is the custom broker container reference
repository:
# tag is the custom broker image tag
tag: latest
# pullPolicy is the custom pull policy
pullPolicy: ""
# command to be executed in the Pod. An array of arguments. Can be set like:
# --set custom.configuration.brokerJob.command[0]="sh" \
# --set custom.configuration.brokerJob.command[1]="-c" \
# --set custom.configuration.brokerJob.command[2]="echo 'Hello World'"
command:
# restartPolicy for the Job. Can either be OnFailure or Never.
restartPolicy: OnFailure
resources:
# memoryRequest defines the minimum amount of RAM that must be available to this Pod
# for it to be scheduled by the Kubernetes Scheduler
memoryRequest: 11Mi
# cpuRequest defines the minimum amount of CPU that must be available to this Pod
# for it to be scheduled by the Kubernetes Scheduler
cpuRequest: 10m
# memoryLimit defines the maximum amount of RAM this Pod can consume.
memoryLimit: 24Mi
# cpuLimit defines the maximum amount of CPU this Pod can consume.
cpuLimit: 24m
# backoffLimit defines the Kubernetes Job backoff failure policy. More info:
# https://kubernetes.io/docs/concepts/workloads/controllers/job/#pod-backoff-failure-policy
backoffLimit: 2
# parallelism defines how many Pods of a Job should run in parallel. More info:
# https://kubernetes.io/docs/concepts/workloads/controllers/job/#parallel-jobs
parallelism: 1
# completions defines how many Pods of a Job should successfully complete. More info:
# https://kubernetes.io/docs/concepts/workloads/controllers/job
completions: 1
# createInstanceServices is specified if a service should automatically be
# created for each broker pod
createInstanceServices: true
instanceService:
# name is the description of the instance service
name: akri-custom-instance-service
# type is the service type of the instance service
type: ClusterIP
# port is the service port of the instance service
port: 6052
# targetPort is the service targetPort of the instance service
targetPort: 6052
# protocol is the service protocol of the instance service
protocol: TCP
# createConfigurationService is specified if a single service should automatically be
# created for all broker pods of a Configuration
createConfigurationService: true
configurationService:
# name is the description of the configuration service
name: akri-custom-configuration-service
# type is the service type of the instance service
type: ClusterIP
# port is the service port of the instance service
port: 6052
# targetPort is the service targetPort of the instance service
targetPort: 6052
# protocol is the service protocol of the instance service
protocol: TCP
# discovery defines a set of values for a custom discovery handler DaemonSet
discovery:
# exposes discovery handler name as akri.sh/discoveryHandlerName annotation on the DaemonSet
discoveryHandlerName: ''
# enabled defines whether discovery handler pods will be deployed in a slim Agent scenario
enabled: false
# name is the Kubernetes resource name that will be created for this
# custom Discovery Handler DaemonSet
name: akri-custom-discovery
image:
# repository is the custom broker container reference
repository:
# tag is the custom broker image tag
tag: latest
# pullPolicy is the pull policy
pullPolicy: ""
# useNetworkConnection specifies whether the discovery handler should make a networked connection
# with Agents, using its pod IP address when registering
useNetworkConnection: false
# port specifies (when useNetworkConnection is true) the port on which the discovery handler advertises its discovery service
port: 10000
# nodeSelectors is the array of nodeSelectors used to target nodes for the discovery handler to run on
# This can be set from the helm command line using `--set custom.discovery.nodeSelectors.label="value"`
nodeSelectors: {}
resources:
# memoryRequest defines the minimum amount of RAM that must be available to this Pod
# for it to be scheduled by the Kubernetes Scheduler
memoryRequest: 11Mi
# cpuRequest defines the minimum amount of CPU that must be available to this Pod
# for it to be scheduled by the Kubernetes Scheduler
cpuRequest: 10m
# memoryLimit defines the maximum amount of RAM this Pod can consume.
memoryLimit: 24Mi
# cpuLimit defines the maximum amount of CPU this Pod can consume.
cpuLimit: 24m
debugEcho:
configuration:
# enabled defines whether to load a debugEcho configuration
enabled: false
# name is the Kubernetes resource name that will be created for this
# debugEcho configuration
name: akri-debug-echo
# brokerProperties is a map of properties that will be passed to any instances
# created as a result of applying this debugEcho configuration
brokerProperties: {}
# capacity is the capacity for any instances created as a result of
# applying this debugEcho configuration
capacity: 2
discoveryDetails:
# descriptions is the list of instances created as a result of
# applying this debugEcho configuration
descriptions:
- "foo0"
- "foo1"
# shared defines whether instances created as a result of
# applying this debugEcho configuration are shared
shared: true
brokerPod:
# container used by debugEcho
image:
# repository is the debugEcho broker container reference
repository:
# tag is the debugEcho broker image tag
tag: latest
# pullPolicy is the debugEcho pull policy
pullPolicy: ""
resources:
# memoryRequest defines the minimum amount of RAM that must be available to this Pod
# for it to be scheduled by the Kubernetes Scheduler
memoryRequest: 10Mi
# cpuRequest defines the minimum amount of CPU that must be available to this Pod
# for it to be scheduled by the Kubernetes Scheduler
cpuRequest: 10m
# memoryLimit defines the maximum amount of RAM this Pod can consume.
memoryLimit: 30Mi
# cpuLimit defines the maximum amount of CPU this Pod can consume.
cpuLimit: 29m
brokerJob:
# container used by debugEcho
image:
# repository is the debugEcho broker container reference
repository:
# tag is the debugEcho broker image tag
tag: latest
# pullPolicy is the debugEcho pull policy
pullPolicy: ""
# command to be executed in the Pod. An array of arguments. Can be set like:
# --set debugEcho.configuration.brokerJob.command[0]="sh" \
# --set debugEcho.configuration.brokerJob.command[1]="-c" \
# --set debugEcho.configuration.brokerJob.command[2]="echo 'Hello World'" \
command:
# restartPolicy for the Job. Can either be OnFailure or Never.
restartPolicy: OnFailure
resources:
# memoryRequest defines the minimum amount of RAM that must be available to this Pod
# for it to be scheduled by the Kubernetes Scheduler
memoryRequest: 10Mi
# cpuRequest defines the minimum amount of CPU that must be available to this Pod
# for it to be scheduled by the Kubernetes Scheduler
cpuRequest: 10m
# memoryLimit defines the maximum amount of RAM this Pod can consume.
memoryLimit: 30Mi
# cpuLimit defines the maximum amount of CPU this Pod can consume.
cpuLimit: 29m
# backoffLimit defines the Kubernetes Job backoff failure policy. More info:
# https://kubernetes.io/docs/concepts/workloads/controllers/job/#pod-backoff-failure-policy
backoffLimit: 2
# parallelism defines how many Pods of a Job should run in parallel. More info:
# https://kubernetes.io/docs/concepts/workloads/controllers/job/#parallel-jobs
parallelism: 1
# completions defines how many Pods of a Job should successfully complete. More info:
# https://kubernetes.io/docs/concepts/workloads/controllers/job
completions: 1
# createInstanceServices is specified if a service should automatically be
# created for each broker pod
createInstanceServices: true
instanceService:
# name is the description of the instance service
name: akri-debug-echo-foo-instance-service
# type is the service type of the instance service
type: ClusterIP
# port is the service port of the instance service
port: 6052
# targetPort is the service targetPort of the instance service
targetPort: 6052
# protocol is the service protocol of the instance service
protocol: TCP
# createConfigurationService is specified if a single service should automatically be
# created for all broker pods of a Configuration
createConfigurationService: true
configurationService:
# name is the description of the configuration service
name: akri-debug-echo-foo-configuration-service
# type is the service type of the instance service
type: ClusterIP
# port is the service port of the instance service
port: 6052
# targetPort is the service targetPort of the instance service
targetPort: 6052
# protocol is the service protocol of the instance service
protocol: TCP
# discovery defines a set of values for a debugEcho discovery handler DaemonSet
discovery:
# enabled defines whether discovery handler pods will be deployed in a slim Agent scenario
enabled: false
image:
# repository is the container reference
repository: "%%IMG_REPO%%/akri-debug-echo-discovery-handler"
# tag is the container tag
# debug-echo-configuration.yaml will default to v(AppVersion)[-dev]
# with `-dev` added if `useDevelopmentContainers` is specified
tag:
# pullPolicy is the pull policy
pullPolicy: ""
# useNetworkConnection specifies whether the discovery handler should make a networked connection
# with Agents, using its pod IP address when registering
useNetworkConnection: false
# port specifies (when useNetworkConnection is true) the port on which the discovery handler advertises its discovery service
port: 10000
# nodeSelectors is the array of nodeSelectors used to target nodes for the discovery handler to run on
# This can be set from the helm command line using `--set debugEcho.discovery.nodeSelectors.label="value"`
nodeSelectors: {}
resources:
# memoryRequest defines the minimum amount of RAM that must be available to this Pod
# for it to be scheduled by the Kubernetes Scheduler
memoryRequest: 11Mi
# cpuRequest defines the minimum amount of CPU that must be available to this Pod
# for it to be scheduled by the Kubernetes Scheduler
cpuRequest: 10m
# memoryLimit defines the maximum amount of RAM this Pod can consume.
memoryLimit: 24Mi
# cpuLimit defines the maximum amount of CPU this Pod can consume.
cpuLimit: 26m
onvif:
configuration:
# enabled defines whether to load a onvif configuration
enabled: false
# name is the Kubernetes resource name that will be created for this
# onvif configuration
name: akri-onvif
# brokerProperties is a map of properties that will be passed to any instances
# created as a result of applying this onvif configuration
brokerProperties: {}
discoveryDetails:
ipAddresses:
action: Exclude
items: []
macAddresses:
action: Exclude
items: []
scopes:
action: Exclude
items: []
uuids:
action: Exclude
items: []
discoveryTimeoutSeconds: 1
# discoveryProperties is a map of properties fthat will be passed to discovery handler,
# the properties can be direct specified or read from Secret or ConfigMap
discoveryProperties:
# capacity is the capacity for any instances created as a result of
# applying this onvif configuration
capacity: 1
brokerPod:
image:
# repository is the onvif broker container reference
repository:
# tag is the onvif broker image tag
tag: latest
# pullPolicy is the Akri onvif broker pull policy
pullPolicy: ""
resources:
# memoryRequest defines the minimum amount of RAM that must be available to this Pod
# for it to be scheduled by the Kubernetes Scheduler
memoryRequest: 98Mi
# cpuRequest defines the minimum amount of CPU that must be available to this Pod
# for it to be scheduled by the Kubernetes Scheduler
cpuRequest: 134m
# memoryLimit defines the maximum amount of RAM this Pod can consume.
memoryLimit: 400Mi
# cpuLimit defines the maximum amount of CPU this Pod can consume.
cpuLimit: 2800m
brokerJob:
# container used by onvif
image:
# repository is the onvif broker container reference
repository:
# tag is the onvif broker image tag
tag: latest
# pullPolicy is the onvif pull policy
pullPolicy: ""
# command to be executed in the Pod. An array of arguments. Can be set like:
# --set onvif.configuration.brokerJob.command[0]="sh" \
# --set onvif.configuration.brokerJob.command[1]="-c" \
# --set onvif.configuration.brokerJob.command[2]="echo 'Hello World'"
command:
# restartPolicy for the Job. Can either be OnFailure or Never.
restartPolicy: OnFailure
resources:
# memoryRequest defines the minimum amount of RAM that must be available to this Pod
# for it to be scheduled by the Kubernetes Scheduler
memoryRequest: 98Mi
# cpuRequest defines the minimum amount of CPU that must be available to this Pod
# for it to be scheduled by the Kubernetes Scheduler
cpuRequest: 134m
# memoryLimit defines the maximum amount of RAM this Pod can consume.
memoryLimit: 400Mi
# cpuLimit defines the maximum amount of CPU this Pod can consume.
cpuLimit: 2800m
# backoffLimit defines the Kubernetes Job backoff failure policy. More info:
# https://kubernetes.io/docs/concepts/workloads/controllers/job/#pod-backoff-failure-policy
backoffLimit: 2
# parallelism defines how many Pods of a Job should run in parallel. More info:
# https://kubernetes.io/docs/concepts/workloads/controllers/job/#parallel-jobs
parallelism: 1
# completions defines how many Pods of a Job should successfully complete. More info:
# https://kubernetes.io/docs/concepts/workloads/controllers/job
completions: 1
# createInstanceServices is specified if a service should automatically be
# created for each broker pod
createInstanceServices: true
instanceService:
# name is the description of the instance service
name: akri-onvif-instance-service
# type is the service type of the instance service
type: ClusterIP
# portName is the name of the port
portName: grpc
# port is the service port of the instance service
port: 80
# targetPort is the service targetPort of the instance service
targetPort: 8083
# protocol is the service protocol of the instance service
protocol: TCP
# createConfigurationService is specified if a single service should automatically be
# created for all broker pods of a Configuration
createConfigurationService: true
configurationService:
# name is the description of the configuration service
name: akri-onvif-configuration-service
# type is the service type of the instance service
type: ClusterIP
# portName is the name of the port
portName: grpc
# port is the service port of the instance service
port: 80
# targetPort is the service targetPort of the instance service
targetPort: 8083
# protocol is the service protocol of the instance service
protocol: TCP
# discovery defines a set of values for a onvif discovery handler DaemonSet
discovery:
# enabled defines whether discovery handler pods will be deployed in a slim Agent scenario
enabled: false
image:
# repository is the container reference
repository: "%%IMG_REPO%%/akri-onvif-discovery-handler"
# tag is the container tag
# onvif-configuration.yaml will default to v(AppVersion)[-dev]
# with `-dev` added if `useDevelopmentContainers` is specified
tag:
# pullPolicy is the pull policy
pullPolicy: ""
# useNetworkConnection specifies whether the discovery handler should make a networked connection
# with Agents, using its pod IP address when registering
useNetworkConnection: false
# port specifies (when useNetworkConnection is true) the port on which the discovery handler advertises its discovery service
port: 10000
# nodeSelectors is the array of nodeSelectors used to target nodes for the discovery handler to run on
# This can be set from the helm command line using `--set onvif.discovery.nodeSelectors.label="value"`
nodeSelectors: {}
resources:
# memoryRequest defines the minimum amount of RAM that must be available to this Pod
# for it to be scheduled by the Kubernetes Scheduler
memoryRequest: 11Mi
# cpuRequest defines the minimum amount of CPU that must be available to this Pod
# for it to be scheduled by the Kubernetes Scheduler
cpuRequest: 10m
# memoryLimit defines the maximum amount of RAM this Pod can consume.
memoryLimit: 24Mi
# cpuLimit defines the maximum amount of CPU this Pod can consume.
cpuLimit: 24m
opcua:
configuration:
# enabled defines whether to load an OPC UA configuration
enabled: false
# name is the Kubernetes resource name that will be created for this
# OPC UA configuration
name: akri-opcua
# brokerProperties is a map of properties that will be passed to any instances
# created as a result of applying this OPC UA configuration
brokerProperties: {}
discoveryDetails:
# discoveryUrls is a list of DiscoveryUrls for OPC UA servers
discoveryUrls:
- "opc.tcp://localhost:4840/"
# applicationNames is a filter applied to the discovered OPC UA servers to either exclusively
# include or exclude servers with application names in the applicationNames list.
applicationNames:
action: Exclude
items: []
# mountCertificates determines whether to mount into the broker pods k8s Secrets
# containing OPC UA client credentials for connecting to OPC UA severs with the
# same signing certificate authority.
# If set to false, the brokers will attempt to make an insecure connection with the servers.
mountCertificates: false
# capacity is the capacity for any instances created as a result of
# applying this OPC UA configuration
capacity: 1
brokerPod:
image:
# repository is the OPC UA broker container reference
repository:
# tag is the OPC UA broker image tag
tag: latest
# pullPolicy is the OPC UA broker pull policy
pullPolicy: ""
resources:
# memoryRequest defines the minimum amount of RAM that must be available to this Pod
# for it to be scheduled by the Kubernetes Scheduler
memoryRequest: 76Mi
# cpuRequest defines the minimum amount of CPU that must be available to this Pod
# for it to be scheduled by the Kubernetes Scheduler
cpuRequest: 9m
# memoryLimit defines the maximum amount of RAM this Pod can consume.
memoryLimit: 200Mi
# cpuLimit defines the maximum amount of CPU this Pod can consume.
cpuLimit: 30m
brokerJob:
# container used by opcua
image:
# repository is the opcua broker container reference
repository:
# tag is the opcua broker image tag
tag: latest
# pullPolicy is the opcua pull policy
pullPolicy: ""
# command to be executed in the Pod. An array of arguments. Can be set like:
# --set opcua.configuration.brokerJob.command[0]="sh" \
# --set opcua.configuration.brokerJob.command[1]="-c" \
# --set opcua.configuration.brokerJob.command[2]="echo 'Hello World'"
command:
# restartPolicy for the Job. Can either be OnFailure or Never.
restartPolicy: OnFailure
resources:
# memoryRequest defines the minimum amount of RAM that must be available to this Pod
# for it to be scheduled by the Kubernetes Scheduler
memoryRequest: 76Mi
# cpuRequest defines the minimum amount of CPU that must be available to this Pod
# for it to be scheduled by the Kubernetes Scheduler
cpuRequest: 9m
# memoryLimit defines the maximum amount of RAM this Pod can consume.
memoryLimit: 200Mi
# cpuLimit defines the maximum amount of CPU this Pod can consume.
cpuLimit: 30m
# backoffLimit defines the Kubernetes Job backoff failure policy. More info:
# https://kubernetes.io/docs/concepts/workloads/controllers/job/#pod-backoff-failure-policy
backoffLimit: 2
# parallelism defines how many Pods of a Job should run in parallel. More info:
# https://kubernetes.io/docs/concepts/workloads/controllers/job/#parallel-jobs
parallelism: 1
# completions defines how many Pods of a Job should successfully complete. More info:
# https://kubernetes.io/docs/concepts/workloads/controllers/job
completions: 1
# createInstanceServices is specified if a service should automatically be
# created for each broker pod
createInstanceServices: true
instanceService:
# name is the description of the instance service
name: akri-opcua-instance-service
# type is the service type of the instance service
type: ClusterIP
# port is the service port of the instance service
port: 80
# targetPort is the service targetPort of the instance service
targetPort: 8083
# protocol is the service protocol of the instance service
protocol: TCP
# createConfigurationService is specified if a single service should automatically be
# created for all broker pods of a Configuration
createConfigurationService: true
configurationService:
# name is the description of the configuration service
name: akri-opcua-configuration-service
# type is the service type of the instance service
type: ClusterIP
# port is the service port of the instance service
port: 80
# targetPort is the service targetPort of the instance service
targetPort: 8083
# protocol is the service protocol of the instance service
protocol: TCP
# discovery defines a set of values for a opcua discovery handler DaemonSet
discovery:
# enabled defines whether discovery handler pods will be deployed in a slim Agent scenario
enabled: false
image:
# repository is the container reference
repository: "%%IMG_REPO%%/akri-opcua-discovery-handler"
# tag is the container tag
# opcua-configuration.yaml will default to v(AppVersion)[-dev]
# with `-dev` added if `useDevelopmentContainers` is specified
tag:
# pullPolicy is the pull policy
pullPolicy: ""
# useNetworkConnection specifies whether the discovery handler should make a networked connection
# with Agents, using its pod IP address when registering
useNetworkConnection: false
# port specifies (when useNetworkConnection is true) the port on which the discovery handler advertises its discovery service
port: 10000
# nodeSelectors is the array of nodeSelectors used to target nodes for the discovery handler to run on
# This can be set from the helm command line using `--set opcua.discovery.nodeSelectors.label="value"`
nodeSelectors: {}
resources:
# memoryRequest defines the minimum amount of RAM that must be available to this Pod
# for it to be scheduled by the Kubernetes Scheduler
memoryRequest: 11Mi
# cpuRequest defines the minimum amount of CPU that must be available to this Pod
# for it to be scheduled by the Kubernetes Scheduler
cpuRequest: 10m
# memoryLimit defines the maximum amount of RAM this Pod can consume.
memoryLimit: 24Mi
# cpuLimit defines the maximum amount of CPU this Pod can consume.
cpuLimit: 24m
udev:
configuration:
# enabled defines whether to load a udev configuration
enabled: false
# name is the Kubernetes resource name that will be created for this
# udev configuration
name: akri-udev
# brokerProperties is a map of properties that will be passed to any instances
# created as a result of applying this udev configuration
brokerProperties: {}
discoveryDetails:
# groupRecursive defines whether to group discovered parent/children under the same instance
groupRecursive: false
# udevRules is the list of udev rules used to find instances created as a result of
# applying this udev configuration
udevRules:
# capacity is the capacity for any instances created as a result of
# applying this udev configuration
capacity: 1
brokerPod:
image:
# repository is the udev broker container reference
repository:
# tag is the udev broker image tag
tag: latest
# pullPolicy is the udev broker pull policy
pullPolicy: ""
resources:
# memoryRequest defines the minimum amount of RAM that must be available to this Pod
# for it to be scheduled by the Kubernetes Scheduler
memoryRequest: 10Mi
# cpuRequest defines the minimum amount of CPU that must be available to this Pod
# for it to be scheduled by the Kubernetes Scheduler
cpuRequest: 10m
# memoryLimit defines the maximum amount of RAM this Pod can consume.
memoryLimit: 30Mi
# cpuLimit defines the maximum amount of CPU this Pod can consume.
cpuLimit: 29m
securityContext: {}
brokerJob:
# container used by udev
image:
# repository is the udev broker container reference
repository:
# tag is the udev broker image tag
tag: latest
# pullPolicy is the udev pull policy
pullPolicy: ""
# command to be executed in the Pod. An array of arguments. Can be set like:
# --set udev.configuration.brokerJob.command[0]="sh" \
# --set udev.configuration.brokerJob.command[1]="-c" \
# --set udev.configuration.brokerJob.command[2]="echo 'Hello World'"
command:
# restartPolicy for the Job. Can either be OnFailure or Never.
restartPolicy: OnFailure
resources:
# memoryRequest defines the minimum amount of RAM that must be available to this Pod
# for it to be scheduled by the Kubernetes Scheduler
memoryRequest: 10Mi
# cpuRequest defines the minimum amount of CPU that must be available to this Pod
# for it to be scheduled by the Kubernetes Scheduler
cpuRequest: 10m
# memoryLimit defines the maximum amount of RAM this Pod can consume.
memoryLimit: 30Mi
# cpuLimit defines the maximum amount of CPU this Pod can consume.
cpuLimit: 29m
# backoffLimit defines the Kubernetes Job backoff failure policy. More info:
# https://kubernetes.io/docs/concepts/workloads/controllers/job/#pod-backoff-failure-policy
backoffLimit: 2
# parallelism defines how many Pods of a Job should run in parallel. More info:
# https://kubernetes.io/docs/concepts/workloads/controllers/job/#parallel-jobs
parallelism: 1
# completions defines how many Pods of a Job should successfully complete. More info:
# https://kubernetes.io/docs/concepts/workloads/controllers/job
completions: 1
# createInstanceServices is specified if a service should automatically be
# created for each broker pod
createInstanceServices: true
instanceService:
# portName is the name of the port
portName: grpc
# type is the service type of the instance service
type: ClusterIP
# port is the service port of the instance service
port: 80
# targetPort is the service targetPort of the instance service
targetPort: 8083
# protocol is the service protocol of the instance service
protocol: TCP
# createConfigurationService is specified if a single service should automatically be
# created for all broker pods of a Configuration
createConfigurationService: true
configurationService:
# portName is the name of the port
portName: grpc
# type is the service type of the instance service
type: ClusterIP
# port is the service port of the instance service
port: 80
# targetPort is the service targetPort of the instance service
targetPort: 8083
# protocol is the service protocol of the instance service
protocol: TCP
# discovery defines a set of values for a udev discovery handler DaemonSet
discovery:
# enabled defines whether discovery handler pods will be deployed in a slim Agent scenario
enabled: false
image:
# repository is the container reference
repository: "%%IMG_REPO%%/akri-udev-discovery-handler"
# tag is the container tag
# udev-configuration.yaml will default to v(AppVersion)[-dev]
# with `-dev` added if `useDevelopmentContainers` is specified
tag:
# pullPolicy is the pull policy
pullPolicy: ""
# useNetworkConnection specifies whether the discovery handler should make a networked connection
# with Agents, using its pod IP address when registering
useNetworkConnection: false
# port specifies (when useNetworkConnection is true) the port on which the discovery handler advertises its discovery service
port: 10000
# nodeSelectors is the array of nodeSelectors used to target nodes for the discovery handler to run on
# This can be set from the helm command line using `--set udev.discovery.nodeSelectors.label="value"`
nodeSelectors: {}
host:
# udev is the node path of udev, usually at `/run/udev`
udev: /run/udev
resources:
# memoryRequest defines the minimum amount of RAM that must be available to this Pod
# for it to be scheduled by the Kubernetes Scheduler
memoryRequest: 11Mi
# cpuRequest defines the minimum amount of CPU that must be available to this Pod
# for it to be scheduled by the Kubernetes Scheduler
cpuRequest: 10m
# memoryLimit defines the maximum amount of RAM this Pod can consume.
memoryLimit: 24Mi
# cpuLimit defines the maximum amount of CPU this Pod can consume.
cpuLimit: 24m
# Admission Controllers (Webhooks)
webhookConfiguration:
# enabled defines whether to apply the Akri Admission Controller (Webhook) for Akri Configurations
enabled: true
# name of the webhook
name: akri-webhook-configuration
# base64-encoded CA certificate (PEM) used by Kubernetes to validate the Webhook's certificate, if
# unset, will generate a self-signed certificate valid for 100y
caBundle: null
image:
# repository is the Akri Webhook for Configurations image reference
repository: "%%IMG_REPO%%/akri-webhook-configuration"
# tag is the container tag
# webhook-configuration.yaml will default to v(AppVersion)[-dev]
# with `-dev` added if `useDevelopmentContainers` is specified
tag:
# pullPolicy is the Akri Webhook pull policy
pullPolicy: Always
certImage:
# reference is the webhook-certgen image reference
reference: registry.k8s.io/ingress-nginx/kube-webhook-certgen
# tag is the webhook-certgen image tag
tag: v1.1.1
# pullPolicy is the webhook-certgen pull policy
pullPolicy: IfNotPresent
# onlyOnControlPlane dictates whether the Akri Webhook will only run on nodes with
# the label with (key, value) of ("node-role.kubernetes.io/master", "")
onlyOnControlPlane: false
# allowOnControlPlane dictates whether a toleration will be added to allow to Akri Webhook
# to run on the control plane node
allowOnControlPlane: true
# nodeSelectors is the array of nodeSelectors used to target nodes for the Akri Webhook to run on
# This can be set from the helm command line using `--set webhookConfiguration.nodeSelectors.label="value"`
nodeSelectors: {}
resources:
# memoryRequest defines the minimum amount of RAM that must be available to this Pod
# for it to be scheduled by the Kubernetes Scheduler
memoryRequest: 100Mi
# cpuRequest defines the minimum amount of CPU that must be available to this Pod
# for it to be scheduled by the Kubernetes Scheduler
cpuRequest: 15m
# memoryLimit defines the maximum amount of RAM this Pod can consume.
memoryLimit: 100Mi
# cpuLimit defines the maximum amount of CPU this Pod can consume.
cpuLimit: 26m