forked from suse-edge/Factory
moved charts/images
This commit is contained in:
parent
606de0934e
commit
148e26cf72
34
baremetal-operator-image/Dockerfile
Normal file
34
baremetal-operator-image/Dockerfile
Normal file
@ -0,0 +1,34 @@
|
||||
# SPDX-License-Identifier: Apache-2.0
|
||||
#!BuildTag: %%IMG_PREFIX%%baremetal-operator:%%baremetal-operator_version%%
|
||||
#!BuildTag: %%IMG_PREFIX%%baremetal-operator:%%baremetal-operator_version%%-%RELEASE%
|
||||
#!BuildVersion: 15.6
|
||||
ARG SLE_VERSION
|
||||
FROM registry.suse.com/bci/bci-micro:$SLE_VERSION AS micro
|
||||
|
||||
FROM registry.suse.com/bci/bci-base:$SLE_VERSION AS base
|
||||
COPY --from=micro / /installroot/
|
||||
RUN zypper --installroot /installroot --non-interactive install --no-recommends baremetal-operator iproute2 bind-utils vim shadow; zypper -n clean; rm -rf /var/log/*
|
||||
|
||||
FROM micro AS final
|
||||
# Define labels according to https://en.opensuse.org/Building_derived_containers
|
||||
# labelprefix=com.suse.application.baremetal-operator
|
||||
LABEL org.opencontainers.image.authors="SUSE LLC (https://www.suse.com/)"
|
||||
LABEL org.opencontainers.image.title="SLE baremetal-operator Container Image"
|
||||
LABEL org.opencontainers.image.description="baremetal-operator based on the SLE Base Container Image."
|
||||
LABEL org.opencontainers.image.version="%%baremetal-operator_version%%"
|
||||
LABEL org.opencontainers.image.url="https://www.suse.com/products/server/"
|
||||
LABEL org.opencontainers.image.created="%BUILDTIME%"
|
||||
LABEL org.opencontainers.image.vendor="SUSE LLC"
|
||||
LABEL org.opensuse.reference="%%IMG_REPO%%/%%IMG_PREFIX%%baremetal-operator:%%baremetal-operator_version%%-%RELEASE%"
|
||||
LABEL org.openbuildservice.disturl="%DISTURL%"
|
||||
LABEL com.suse.supportlevel="l3"
|
||||
LABEL com.suse.eula="SUSE Combined EULA February 2024"
|
||||
LABEL com.suse.lifecycle-url="https://www.suse.com/lifecycle"
|
||||
LABEL com.suse.image-type="application"
|
||||
LABEL com.suse.release-stage="released"
|
||||
# endlabelprefix
|
||||
|
||||
COPY --from=base /installroot /
|
||||
RUN groupadd -r -g 11000 bmo
|
||||
RUN useradd -u 11000 -g 11000 bmo
|
||||
ENTRYPOINT [ "/usr/bin/baremetal-operator" ]
|
17
baremetal-operator-image/_service
Normal file
17
baremetal-operator-image/_service
Normal file
@ -0,0 +1,17 @@
|
||||
<services>
|
||||
<service mode="buildtime" name="kiwi_metainfo_helper"/>
|
||||
<service mode="buildtime" name="docker_label_helper"/>
|
||||
<service name="replace_using_package_version" mode="buildtime">
|
||||
<param name="file">Dockerfile</param>
|
||||
<param name="regex">%%baremetal-operator_version%%</param>
|
||||
<param name="package">baremetal-operator</param>
|
||||
<param name="parse-version">patch</param>
|
||||
</service>
|
||||
<service name="replace_using_env" mode="buildtime">
|
||||
<param name="file">Dockerfile</param>
|
||||
<param name="eval">IMG_PREFIX=$(rpm --macros=/root/.rpmmacros -E %img_prefix)</param>
|
||||
<param name="var">IMG_PREFIX</param>
|
||||
<param name="eval">IMG_REPO=$(rpm --macros=/root/.rpmmacros -E %img_repo)</param>
|
||||
<param name="var">IMG_REPO</param>
|
||||
</service>
|
||||
</services>
|
9
cdi-chart/Chart.yaml
Normal file
9
cdi-chart/Chart.yaml
Normal file
@ -0,0 +1,9 @@
|
||||
#!BuildTag: %%IMG_PREFIX%%cdi-chart:0.4.0
|
||||
#!BuildTag: %%IMG_PREFIX%%cdi-chart:0.4.0-%RELEASE%
|
||||
apiVersion: v2
|
||||
appVersion: 1.60.1
|
||||
description: A Helm chart for Containerized Data Importer (CDI)
|
||||
icon: https://raw.githubusercontent.com/cncf/artwork/main/projects/kubevirt/icon/color/kubevirt-icon-color.svg
|
||||
name: cdi
|
||||
type: application
|
||||
version: 0.4.0
|
8
cdi-chart/_service
Normal file
8
cdi-chart/_service
Normal file
@ -0,0 +1,8 @@
|
||||
<services>
|
||||
<service mode="buildtime" name="kiwi_metainfo_helper"/>
|
||||
<service name="replace_using_env" mode="buildtime">
|
||||
<param name="file">Chart.yaml</param>
|
||||
<param name="eval">IMG_PREFIX=$(rpm --macros=/root/.rpmmacros -E %img_prefix)</param>
|
||||
<param name="var">IMG_PREFIX</param>
|
||||
</service>
|
||||
</services>
|
BIN
cdi-chart/crds.obscpio
Normal file
BIN
cdi-chart/crds.obscpio
Normal file
Binary file not shown.
BIN
cdi-chart/templates.obscpio
Normal file
BIN
cdi-chart/templates.obscpio
Normal file
Binary file not shown.
38
cdi-chart/values.yaml
Normal file
38
cdi-chart/values.yaml
Normal file
@ -0,0 +1,38 @@
|
||||
deployment:
|
||||
version: 1.60.1-150600.3.9.1
|
||||
operatorImage: registry.suse.com/suse/sles/15.6/cdi-operator
|
||||
controllerImage: registry.suse.com/suse/sles/15.6/cdi-controller
|
||||
importerImage: registry.suse.com/suse/sles/15.6/cdi-importer
|
||||
clonerImage: registry.suse.com/suse/sles/15.6/cdi-cloner
|
||||
apiserverImage: registry.suse.com/suse/sles/15.6/cdi-apiserver
|
||||
uploadserverImage: registry.suse.com/suse/sles/15.6/cdi-uploadserver
|
||||
uploadproxyImage: registry.suse.com/suse/sles/15.6/cdi-uploadproxy
|
||||
pullPolicy: IfNotPresent
|
||||
|
||||
cdi:
|
||||
config:
|
||||
featureGates:
|
||||
- HonorWaitForFirstConsumer
|
||||
imagePullPolicy: "IfNotPresent"
|
||||
infra:
|
||||
nodeSelector:
|
||||
kubernetes.io/os: linux
|
||||
tolerations:
|
||||
- key: CriticalAddonsOnly
|
||||
operator: Exists
|
||||
uninstallStrategy: ""
|
||||
workload:
|
||||
nodeSelector:
|
||||
kubernetes.io/os: linux
|
||||
|
||||
hookImage: rancher/kubectl:v1.30.2
|
||||
hookRestartPolicy: OnFailure
|
||||
hookSecurityContext:
|
||||
seccompProfile:
|
||||
type: RuntimeDefault
|
||||
runAsNonRoot: true
|
||||
runAsUser: 1000
|
||||
allowPrivilegeEscalation: false
|
||||
capabilities:
|
||||
drop:
|
||||
- ALL
|
@ -8,7 +8,7 @@ FROM registry.suse.com/bci/bci-micro:$SLE_VERSION AS micro
|
||||
|
||||
FROM registry.suse.com/bci/bci-base:$SLE_VERSION AS base
|
||||
COPY --from=micro / /installroot/
|
||||
RUN zypper --installroot /installroot --non-interactive install --no-recommends cluster-api-175 shadow; zypper -n clean; rm -rf /var/log/*
|
||||
RUN zypper --installroot /installroot --non-interactive install --no-recommends cluster-api shadow; zypper -n clean; rm -rf /var/log/*
|
||||
|
||||
FROM micro AS final
|
||||
# Define labels according to https://en.opensuse.org/Building_derived_containers
|
||||
|
@ -4,7 +4,7 @@
|
||||
<service name="replace_using_package_version" mode="buildtime">
|
||||
<param name="file">Dockerfile</param>
|
||||
<param name="regex">%%cluster-api_version%%</param>
|
||||
<param name="package">cluster-api-175</param>
|
||||
<param name="package">cluster-api</param>
|
||||
<param name="parse-version">patch</param>
|
||||
</service>
|
||||
<service name="replace_using_env" mode="buildtime">
|
||||
|
@ -7,7 +7,7 @@ FROM registry.suse.com/bci/bci-micro:$SLE_VERSION AS micro
|
||||
|
||||
FROM registry.suse.com/bci/bci-base:$SLE_VERSION AS base
|
||||
COPY --from=micro / /installroot/
|
||||
RUN zypper --installroot /installroot --non-interactive install --no-recommends cluster-api-operator-012 shadow; zypper -n clean; rm -rf /var/log/*
|
||||
RUN zypper --installroot /installroot --non-interactive install --no-recommends cluster-api-operator shadow; zypper -n clean; rm -rf /var/log/*
|
||||
|
||||
FROM micro AS final
|
||||
# Define labels according to https://en.opensuse.org/Building_derived_containers
|
||||
|
@ -4,7 +4,7 @@
|
||||
<service name="replace_using_package_version" mode="buildtime">
|
||||
<param name="file">Dockerfile</param>
|
||||
<param name="regex">%%cluster-api-operator_version%%</param>
|
||||
<param name="package">cluster-api-operator-012</param>
|
||||
<param name="package">cluster-api-operator</param>
|
||||
<param name="parse-version">patch</param>
|
||||
</service>
|
||||
<service name="replace_using_env" mode="buildtime">
|
||||
|
@ -8,7 +8,7 @@ FROM registry.suse.com/bci/bci-micro:$SLE_VERSION AS micro
|
||||
|
||||
FROM registry.suse.com/bci/bci-base:$SLE_VERSION AS base
|
||||
COPY --from=micro / /installroot/
|
||||
RUN zypper --installroot /installroot --non-interactive install --no-recommends cluster-api-provider-metal3-171 shadow; zypper -n clean; rm -rf /var/log/*
|
||||
RUN zypper --installroot /installroot --non-interactive install --no-recommends cluster-api-provider-metal3 shadow; zypper -n clean; rm -rf /var/log/*
|
||||
|
||||
FROM micro AS final
|
||||
# Define labels according to https://en.opensuse.org/Building_derived_containers
|
||||
|
@ -4,7 +4,7 @@
|
||||
<service name="replace_using_package_version" mode="buildtime">
|
||||
<param name="file">Dockerfile</param>
|
||||
<param name="regex">%%cluster-api-provider-metal3_version%%</param>
|
||||
<param name="package">cluster-api-provider-metal3-171</param>
|
||||
<param name="package">cluster-api-provider-metal3</param>
|
||||
<param name="parse-version">patch</param>
|
||||
</service>
|
||||
<service name="replace_using_env" mode="buildtime">
|
||||
|
@ -8,7 +8,7 @@ FROM registry.suse.com/bci/bci-micro:$SLE_VERSION AS micro
|
||||
|
||||
FROM registry.suse.com/bci/bci-base:$SLE_VERSION AS base
|
||||
COPY --from=micro / /installroot/
|
||||
RUN zypper --installroot /installroot --non-interactive install --no-recommends cluster-api-provider-rke2-070-bootstrap shadow; zypper -n clean; rm -rf /var/log/*
|
||||
RUN zypper --installroot /installroot --non-interactive install --no-recommends cluster-api-provider-rke2-bootstrap shadow; zypper -n clean; rm -rf /var/log/*
|
||||
|
||||
FROM micro AS final
|
||||
# Define labels according to https://en.opensuse.org/Building_derived_containers
|
||||
|
@ -4,7 +4,7 @@
|
||||
<service name="replace_using_package_version" mode="buildtime">
|
||||
<param name="file">Dockerfile</param>
|
||||
<param name="regex">%%cluster-api-provider-rke2_version%%</param>
|
||||
<param name="package">cluster-api-provider-rke2-070-bootstrap</param>
|
||||
<param name="package">cluster-api-provider-rke2-bootstrap</param>
|
||||
<param name="parse-version">patch</param>
|
||||
</service>
|
||||
<service name="replace_using_env" mode="buildtime">
|
||||
|
@ -8,7 +8,7 @@ FROM registry.suse.com/bci/bci-micro:$SLE_VERSION AS micro
|
||||
|
||||
FROM registry.suse.com/bci/bci-base:$SLE_VERSION AS base
|
||||
COPY --from=micro / /installroot/
|
||||
RUN zypper --installroot /installroot --non-interactive install --no-recommends cluster-api-provider-rke2-070-control-plane shadow; zypper -n clean; rm -rf /var/log/*
|
||||
RUN zypper --installroot /installroot --non-interactive install --no-recommends cluster-api-provider-rke2-control-plane shadow; zypper -n clean; rm -rf /var/log/*
|
||||
|
||||
FROM micro AS final
|
||||
# Define labels according to https://en.opensuse.org/Building_derived_containers
|
||||
|
@ -4,7 +4,7 @@
|
||||
<service name="replace_using_package_version" mode="buildtime">
|
||||
<param name="file">Dockerfile</param>
|
||||
<param name="regex">%%cluster-api-provider-rke2_version%%</param>
|
||||
<param name="package">cluster-api-provider-rke2-070-control-plane</param>
|
||||
<param name="package">cluster-api-provider-rke2-control-plane</param>
|
||||
<param name="parse-version">patch</param>
|
||||
</service>
|
||||
<service name="replace_using_env" mode="buildtime">
|
||||
|
@ -8,7 +8,7 @@ MAINTAINER SUSE LLC (https://www.suse.com/)
|
||||
COPY artifacts.yaml artifacts.yaml
|
||||
|
||||
RUN sed -i -e 's%^# rpm.install.excludedocs = no.*%rpm.install.excludedocs = yes%g' /etc/zypp/zypp.conf
|
||||
RUN zypper --non-interactive install --no-recommends edge-image-builder-110 qemu-x86 qemu-uefi-aarch64 cni-plugins; zypper -n clean; rm -rf /var/log/*
|
||||
RUN zypper --non-interactive install --no-recommends edge-image-builder qemu-x86 qemu-uefi-aarch64 cni-plugins; zypper -n clean; rm -rf /var/log/*
|
||||
|
||||
# Define labels according to https://en.opensuse.org/Building_derived_containers
|
||||
# labelprefix=com.suse.application.edge-image-builder
|
||||
|
@ -8,7 +8,7 @@ FROM registry.suse.com/bci/bci-micro:$SLE_VERSION AS micro
|
||||
|
||||
FROM registry.suse.com/bci/bci-base:$SLE_VERSION AS base
|
||||
COPY --from=micro / /installroot/
|
||||
RUN zypper --installroot /installroot --non-interactive install --no-recommends ip-address-manager-171 shadow; zypper -n clean; rm -rf /var/log/*
|
||||
RUN zypper --installroot /installroot --non-interactive install --no-recommends ip-address-manager shadow; zypper -n clean; rm -rf /var/log/*
|
||||
|
||||
FROM micro AS final
|
||||
# Define labels according to https://en.opensuse.org/Building_derived_containers
|
||||
|
@ -4,7 +4,7 @@
|
||||
<service name="replace_using_package_version" mode="buildtime">
|
||||
<param name="file">Dockerfile</param>
|
||||
<param name="regex">%%ip-address-manager_version%%</param>
|
||||
<param name="package">ip-address-manager-171</param>
|
||||
<param name="package">ip-address-manager</param>
|
||||
<param name="parse-version">patch</param>
|
||||
</service>
|
||||
<service name="replace_using_env" mode="buildtime">
|
||||
|
@ -8,7 +8,7 @@ FROM registry.suse.com/bci/bci-micro:$SLE_VERSION AS micro
|
||||
FROM registry.suse.com/bci/bci-base:$SLE_VERSION AS base
|
||||
COPY --from=micro / /installroot/
|
||||
RUN sed -i -e 's%^# rpm.install.excludedocs = no.*%rpm.install.excludedocs = yes%g' /etc/zypp/zypp.conf
|
||||
RUN zypper --installroot /installroot --non-interactive install --no-recommends openstack-ironic-image-200-x86_64 python311-devel python311 python311-pip tar gawk git curl xz fakeroot shadow sed cpio; zypper -n clean; rm -rf /var/log/*
|
||||
RUN zypper --installroot /installroot --non-interactive install --no-recommends openstack-ironic-image-x86_64 python311-devel python311 python311-pip tar gawk git curl xz fakeroot shadow sed cpio; zypper -n clean; rm -rf /var/log/*
|
||||
#RUN zypper --installroot /installroot --non-interactive install --no-recommends sles-release;
|
||||
RUN cp /usr/bin/getopt /installroot/
|
||||
|
||||
|
@ -3,8 +3,8 @@
|
||||
<service mode="buildtime" name="docker_label_helper"/>
|
||||
<service name="replace_using_package_version" mode="buildtime">
|
||||
<param name="file">Dockerfile</param>
|
||||
<param name="regex">%%openstack-ironic-image-200-x86_64_version%%</param>
|
||||
<param name="package">openstack-ironic-image-200-x86_64</param>
|
||||
<param name="regex">%%openstack-ironic-image-x86_64_version%%</param>
|
||||
<param name="package">openstack-ironic-image-x86_64</param>
|
||||
<param name="parse-version">patch</param>
|
||||
</service>
|
||||
<service name="replace_using_env" mode="buildtime">
|
||||
|
27
metal3-chart/Chart.yaml
Normal file
27
metal3-chart/Chart.yaml
Normal file
@ -0,0 +1,27 @@
|
||||
#!BuildTag: %%IMG_PREFIX%%metal3-chart:0.8.1
|
||||
#!BuildTag: %%IMG_PREFIX%%metal3-chart:0.8.1-%RELEASE%
|
||||
apiVersion: v2
|
||||
appVersion: 1.16.0
|
||||
dependencies:
|
||||
- alias: metal3-baremetal-operator
|
||||
name: baremetal-operator
|
||||
repository: file://./charts/baremetal-operator
|
||||
version: 0.5.0
|
||||
- alias: metal3-ironic
|
||||
name: ironic
|
||||
repository: file://./charts/ironic
|
||||
version: 0.7.0
|
||||
- alias: metal3-mariadb
|
||||
name: mariadb
|
||||
repository: file://./charts/mariadb
|
||||
version: 0.5.4
|
||||
- alias: metal3-media
|
||||
condition: global.enable_metal3_media_server
|
||||
name: media
|
||||
repository: file://./charts/media
|
||||
version: 0.5.0
|
||||
description: A Helm chart that installs all of the dependencies needed for Metal3
|
||||
icon: https://github.com/cncf/artwork/raw/master/projects/metal3/icon/color/metal3-icon-color.svg
|
||||
name: metal3
|
||||
type: application
|
||||
version: 0.8.1
|
100
metal3-chart/README.md
Normal file
100
metal3-chart/README.md
Normal file
@ -0,0 +1,100 @@
|
||||
# Prerequisites
|
||||
There are two dependencies that are not managed through the metal3 chart because are related to applications that have a cluster-wide scope: `cert-manager` and a LoadBalancer Service provider such as `metallb` or `kube-vip`.
|
||||
|
||||
## Cert Manager
|
||||
In order to successfully deploy metal3 the cluster must have already installed the `cert-manager`.
|
||||
|
||||
You can install it through `helm` with:
|
||||
```bash
|
||||
helm repo add jetstack https://charts.jetstack.io
|
||||
helm repo update
|
||||
helm install \
|
||||
cert-manager jetstack/cert-manager \
|
||||
--namespace cert-manager \
|
||||
--create-namespace \
|
||||
--set installCRDs=true
|
||||
```
|
||||
, or via `kubectl` with:
|
||||
```bash
|
||||
kubectl apply -f https://github.com/cert-manager/cert-manager/releases/download/v1.11.1/cert-manager.yaml
|
||||
```
|
||||
|
||||
## MetalLB (Optional)
|
||||
Ironic currently requires a staticIP address and MetalLB is one option to achieve that.
|
||||
|
||||
1. If K3s is used as Kubernetes distribution, then it should be started with `--disable=servicelb` flag. Ref https://metallb.universe.tf/configuration/k3s/
|
||||
2. Find 1 free IP address in the network.
|
||||
3. Install `MetalLB` through `helm` with:
|
||||
|
||||
```bash
|
||||
helm repo add suse-edge https://suse-edge.github.io/charts
|
||||
helm install \
|
||||
metallb suse-edge/metallb \
|
||||
--namespace metallb-system \
|
||||
--create-namespace
|
||||
```
|
||||
|
||||
4. Provide the IP pool configuration with:
|
||||
|
||||
```bash
|
||||
export STATIC_IRONIC_IP=<STATIC_IRONIC_IP>
|
||||
|
||||
cat <<-EOF | kubectl apply -f -
|
||||
apiVersion: metallb.io/v1beta1
|
||||
kind: IPAddressPool
|
||||
metadata:
|
||||
name: ironic-ip-pool
|
||||
namespace: metallb-system
|
||||
spec:
|
||||
addresses:
|
||||
- ${STATIC_IRONIC_IP}/32
|
||||
serviceAllocation:
|
||||
priority: 100
|
||||
serviceSelectors:
|
||||
- matchExpressions:
|
||||
- {key: app.kubernetes.io/name, operator: In, values: [metal3-ironic]}
|
||||
EOF
|
||||
|
||||
cat <<-EOF | kubectl apply -f -
|
||||
apiVersion: metallb.io/v1beta1
|
||||
kind: L2Advertisement
|
||||
metadata:
|
||||
name: ironic-ip-pool-l2-adv
|
||||
namespace: metallb-system
|
||||
spec:
|
||||
ipAddressPools:
|
||||
- ironic-ip-pool
|
||||
EOF
|
||||
```
|
||||
|
||||
5. Create new values.yaml file that will override some of the default properties:
|
||||
|
||||
```bash
|
||||
TMP_DIR=$(mktemp -d)
|
||||
cat > ${TMP_DIR}/values.yaml << EOF
|
||||
global:
|
||||
ironicIP: "<STATIC_IRONIC_IP>"
|
||||
EOF
|
||||
```
|
||||
|
||||
# Install
|
||||
|
||||
```bash
|
||||
helm install \
|
||||
metal3 suse-edge/metal3 \
|
||||
--namespace metal3-system \
|
||||
--create-namespace
|
||||
-f ${TMP_DIR}/values.yaml
|
||||
```
|
||||
|
||||
# How to upgrade the chart
|
||||
1. Run `helm dependency update .` in this chart to download/update the dependent charts.
|
||||
|
||||
2. Identify the appropriate subchart values settings and create an appropriate override values YAML file.
|
||||
* Ensure that the relevant ironic and baremetal-operator settings match.
|
||||
|
||||
3. Install the chart using a command like the following:
|
||||
|
||||
```console
|
||||
$ helm upgrade heavy-metal . --namespace metal-cubed --create-namespace --install --values ~/overrides.yaml
|
||||
```
|
15
metal3-chart/_service
Normal file
15
metal3-chart/_service
Normal file
@ -0,0 +1,15 @@
|
||||
<services>
|
||||
<service mode="buildtime" name="kiwi_metainfo_helper"/>
|
||||
<service name="replace_using_env" mode="buildtime">
|
||||
<param name="file">values.yaml</param>
|
||||
<param name="eval">IMG_PREFIX=$(rpm --macros=/root/.rpmmacros -E %img_prefix)</param>
|
||||
<param name="var">IMG_PREFIX</param>
|
||||
<param name="eval">IMG_REPO=$(rpm --macros=/root/.rpmmacros -E %img_repo)</param>
|
||||
<param name="var">IMG_REPO</param>
|
||||
</service>
|
||||
<service name="replace_using_env" mode="buildtime">
|
||||
<param name="file">Chart.yaml</param>
|
||||
<param name="eval">IMG_PREFIX=$(rpm --macros=/root/.rpmmacros -E %img_prefix)</param>
|
||||
<param name="var">IMG_PREFIX</param>
|
||||
</service>
|
||||
</services>
|
1
metal3-chart/app-readme.md
Normal file
1
metal3-chart/app-readme.md
Normal file
@ -0,0 +1 @@
|
||||
The metal3 chart is a parent chart that installs all of the other charts that a metal3 deployment needs, but doesn't actually deploy any services itself.
|
BIN
metal3-chart/charts.obscpio
Normal file
BIN
metal3-chart/charts.obscpio
Normal file
Binary file not shown.
BIN
metal3-chart/templates.obscpio
Normal file
BIN
metal3-chart/templates.obscpio
Normal file
Binary file not shown.
130
metal3-chart/values.yaml
Normal file
130
metal3-chart/values.yaml
Normal file
@ -0,0 +1,130 @@
|
||||
# The metal3 chart is a parent chart that installs
|
||||
# all of the other charts that a metal3 deployment needs,
|
||||
# but doesn't actually deploy any services itself.
|
||||
|
||||
global:
|
||||
# IP on which the Ironic services will be exposed
|
||||
ironicIP: ""
|
||||
|
||||
# whether to enable media server.
|
||||
enable_metal3_media_server: false
|
||||
|
||||
# whether to enable dnsmasq on the provisioning network (for PXE boot)
|
||||
enable_dnsmasq: false
|
||||
|
||||
# whether to enable PXE boot capability
|
||||
# NOTE: enable_dnsmasq must set to 'true' in order for this option to be effective.
|
||||
enable_pxe_boot: false
|
||||
|
||||
# whether to enable tls
|
||||
enable_tls: true
|
||||
|
||||
# whether to enable the TLS of the Virtual Media.
|
||||
enable_vmedia_tls: true
|
||||
|
||||
# whether to enable basic auth
|
||||
enable_basicAuth: true
|
||||
|
||||
auth:
|
||||
ironicUsername: ""
|
||||
ironicPassword: ""
|
||||
ironicInspectorUsername: ""
|
||||
ironicInspectorPassword: ""
|
||||
|
||||
# whether to have additional trusted CA
|
||||
# NOTE: If enabled, a secret with name tls-ca-additional should be deployed
|
||||
# The secret should be like this:
|
||||
# data:
|
||||
# ca-additional.crt: <b64enc cert>
|
||||
additionalTrustedCAs: false
|
||||
|
||||
# Will be used when tls is enabled
|
||||
vmediaTLSPort: 6185
|
||||
|
||||
# IP address of the router associated with the specified DHCP
|
||||
# address range
|
||||
dnsmasqDefaultRouter: ""
|
||||
|
||||
# IP address of the dns server to be provided with DHCP
|
||||
# response
|
||||
dnsmasqDNSServer: ""
|
||||
|
||||
# specify comma-delimited range of IP addresses the DHCP server will manage.
|
||||
# e.g 192.168.20.20,192.168.20.80
|
||||
dhcpRange: ""
|
||||
|
||||
# Network interface on which provisioning network can be accessed
|
||||
provisioningInterface: ""
|
||||
|
||||
# IP Address assigned to network interface on provisioning network
|
||||
provisioningIP: ""
|
||||
|
||||
# Name for the MariaDB service
|
||||
databaseServiceName: metal3-mariadb
|
||||
|
||||
# In a multi-node cluster use the node selector to ensure the pods
|
||||
# all run on the same host where the dnsmasqDNSServer and provisioningIP
|
||||
# and /opt/media exist. Uncomment the nodeSelector and update the
|
||||
# hostname accordingly.
|
||||
#nodeSelector:
|
||||
#kubernetes.io/hostname: "csrancher-n1"
|
||||
|
||||
#
|
||||
# media service
|
||||
#
|
||||
|
||||
# Override any settings for the metal3 media service here
|
||||
metal3-media:
|
||||
# location where media files should be placed so that they are
|
||||
# available to the Ironic deployment services.
|
||||
mediaVolume:
|
||||
hostPath: /opt/media
|
||||
image:
|
||||
repository: "%%IMG_REPO%%/%%IMG_PREFIX%%ironic"
|
||||
|
||||
#
|
||||
# ironic service
|
||||
#
|
||||
|
||||
# Override any settings for the metal3 ironic service here
|
||||
# Ensure the storageClass is defined
|
||||
metal3-ironic:
|
||||
service:
|
||||
type: LoadBalancer
|
||||
persistence:
|
||||
ironic:
|
||||
# storageClass for the ironic shared volume
|
||||
storageClass: ""
|
||||
images:
|
||||
ironic:
|
||||
repository: "%%IMG_REPO%%/%%IMG_PREFIX%%ironic"
|
||||
ironicIPADownloader:
|
||||
repository: "%%IMG_REPO%%/%%IMG_PREFIX%%ironic-ipa-downloader"
|
||||
|
||||
#
|
||||
# Database Service
|
||||
#
|
||||
|
||||
# Override any settings for the metal3 mariadb service here
|
||||
metal3-mariadb:
|
||||
# storageClass for the mysql datastore
|
||||
persistence:
|
||||
storageClass: ""
|
||||
image:
|
||||
repository: "registry.suse.com/edge/mariadb"
|
||||
tag: "10.6.15.1"
|
||||
|
||||
#
|
||||
# Baremetal Operator
|
||||
#
|
||||
|
||||
# Override any settings for the metal3 baremetal-operator service here
|
||||
metal3-baremetal-operator:
|
||||
images:
|
||||
baremetalOperator:
|
||||
repository: "%%IMG_REPO%%/%%IMG_PREFIX%%baremetal-operator"
|
||||
rbacProxy:
|
||||
repository: "%%IMG_REPO%%/%%IMG_PREFIX%%kube-rbac-proxy"
|
||||
tag: "v0.18.0"
|
||||
|
||||
|
23
metallb-chart/Chart.yaml
Normal file
23
metallb-chart/Chart.yaml
Normal file
@ -0,0 +1,23 @@
|
||||
#!BuildTag: %%IMG_PREFIX%%metallb-chart:0.14.9
|
||||
#!BuildTag: %%IMG_PREFIX%%metallb-chart:0.14.9-%RELEASE%
|
||||
apiVersion: v2
|
||||
appVersion: v0.14.3
|
||||
dependencies:
|
||||
- condition: frrk8s.enabled
|
||||
name: frr-k8s
|
||||
repository: file://./charts/frr-k8s
|
||||
version: 0.0.15
|
||||
- condition: crds.enabled
|
||||
name: metallb-crds
|
||||
repository: file://./charts/metallb-crds
|
||||
version: 0.14.8
|
||||
description: A network load-balancer implementation for Kubernetes using standard
|
||||
routing protocols
|
||||
home: https://metallb.universe.tf
|
||||
icon: https://metallb.universe.tf/images/logo/metallb-white.png
|
||||
kubeVersion: '>= 1.19.0-0'
|
||||
name: metallb
|
||||
sources:
|
||||
- https://github.com/metallb/metallb
|
||||
type: application
|
||||
version: 0.14.9
|
169
metallb-chart/README.md
Normal file
169
metallb-chart/README.md
Normal file
@ -0,0 +1,169 @@
|
||||
# metallb
|
||||
|
||||
  
|
||||
|
||||
A network load-balancer implementation for Kubernetes using standard routing protocols
|
||||
|
||||
**Homepage:** <https://metallb.universe.tf>
|
||||
|
||||
## Source Code
|
||||
|
||||
* <https://github.com/metallb/metallb>
|
||||
|
||||
## Requirements
|
||||
|
||||
Kubernetes: `>= 1.19.0-0`
|
||||
|
||||
| Repository | Name | Version |
|
||||
|------------|------|---------|
|
||||
| | crds | 0.14.8 |
|
||||
| https://metallb.github.io/frr-k8s | frr-k8s | 0.0.14 |
|
||||
|
||||
## Values
|
||||
|
||||
| Key | Type | Default | Description |
|
||||
|-----|------|---------|-------------|
|
||||
| controller.affinity | object | `{}` | |
|
||||
| controller.enabled | bool | `true` | |
|
||||
| controller.extraContainers | list | `[]` | |
|
||||
| controller.image.pullPolicy | string | `nil` | |
|
||||
| controller.image.repository | string | `"registry.opensuse.org/isv/suse/edge/metallb/images/metallb-controller"` | |
|
||||
| controller.image.tag | string | `nil` | |
|
||||
| controller.labels | object | `{}` | |
|
||||
| controller.livenessProbe.enabled | bool | `true` | |
|
||||
| controller.livenessProbe.failureThreshold | int | `3` | |
|
||||
| controller.livenessProbe.initialDelaySeconds | int | `10` | |
|
||||
| controller.livenessProbe.periodSeconds | int | `10` | |
|
||||
| controller.livenessProbe.successThreshold | int | `1` | |
|
||||
| controller.livenessProbe.timeoutSeconds | int | `1` | |
|
||||
| controller.logLevel | string | `"info"` | Controller log level. Must be one of: `all`, `debug`, `info`, `warn`, `error` or `none` |
|
||||
| controller.nodeSelector | object | `{}` | |
|
||||
| controller.podAnnotations | object | `{}` | |
|
||||
| controller.priorityClassName | string | `""` | |
|
||||
| controller.readinessProbe.enabled | bool | `true` | |
|
||||
| controller.readinessProbe.failureThreshold | int | `3` | |
|
||||
| controller.readinessProbe.initialDelaySeconds | int | `10` | |
|
||||
| controller.readinessProbe.periodSeconds | int | `10` | |
|
||||
| controller.readinessProbe.successThreshold | int | `1` | |
|
||||
| controller.readinessProbe.timeoutSeconds | int | `1` | |
|
||||
| controller.resources | object | `{}` | |
|
||||
| controller.runtimeClassName | string | `""` | |
|
||||
| controller.securityContext.fsGroup | int | `65534` | |
|
||||
| controller.securityContext.runAsNonRoot | bool | `true` | |
|
||||
| controller.securityContext.runAsUser | int | `65534` | |
|
||||
| controller.serviceAccount.annotations | object | `{}` | |
|
||||
| controller.serviceAccount.create | bool | `true` | |
|
||||
| controller.serviceAccount.name | string | `""` | |
|
||||
| controller.strategy.type | string | `"RollingUpdate"` | |
|
||||
| controller.tlsCipherSuites | string | `""` | |
|
||||
| controller.tlsMinVersion | string | `"VersionTLS12"` | |
|
||||
| controller.tolerations | list | `[]` | |
|
||||
| crds.enabled | bool | `true` | |
|
||||
| crds.validationFailurePolicy | string | `"Fail"` | |
|
||||
| frrk8s.enabled | bool | `false` | |
|
||||
| frrk8s.external | bool | `false` | |
|
||||
| frrk8s.namespace | string | `""` | |
|
||||
| fullnameOverride | string | `""` | |
|
||||
| imagePullSecrets | list | `[]` | |
|
||||
| loadBalancerClass | string | `""` | |
|
||||
| nameOverride | string | `""` | |
|
||||
| prometheus.controllerMetricsTLSSecret | string | `""` | |
|
||||
| prometheus.metricsPort | int | `7472` | |
|
||||
| prometheus.namespace | string | `""` | |
|
||||
| prometheus.podMonitor.additionalLabels | object | `{}` | |
|
||||
| prometheus.podMonitor.annotations | object | `{}` | |
|
||||
| prometheus.podMonitor.enabled | bool | `false` | |
|
||||
| prometheus.podMonitor.interval | string | `nil` | |
|
||||
| prometheus.podMonitor.jobLabel | string | `"app.kubernetes.io/name"` | |
|
||||
| prometheus.podMonitor.metricRelabelings | list | `[]` | |
|
||||
| prometheus.podMonitor.relabelings | list | `[]` | |
|
||||
| prometheus.prometheusRule.additionalLabels | object | `{}` | |
|
||||
| prometheus.prometheusRule.addressPoolExhausted.enabled | bool | `true` | |
|
||||
| prometheus.prometheusRule.addressPoolExhausted.labels.severity | string | `"alert"` | |
|
||||
| prometheus.prometheusRule.addressPoolUsage.enabled | bool | `true` | |
|
||||
| prometheus.prometheusRule.addressPoolUsage.thresholds[0].labels.severity | string | `"warning"` | |
|
||||
| prometheus.prometheusRule.addressPoolUsage.thresholds[0].percent | int | `75` | |
|
||||
| prometheus.prometheusRule.addressPoolUsage.thresholds[1].labels.severity | string | `"warning"` | |
|
||||
| prometheus.prometheusRule.addressPoolUsage.thresholds[1].percent | int | `85` | |
|
||||
| prometheus.prometheusRule.addressPoolUsage.thresholds[2].labels.severity | string | `"alert"` | |
|
||||
| prometheus.prometheusRule.addressPoolUsage.thresholds[2].percent | int | `95` | |
|
||||
| prometheus.prometheusRule.annotations | object | `{}` | |
|
||||
| prometheus.prometheusRule.bgpSessionDown.enabled | bool | `true` | |
|
||||
| prometheus.prometheusRule.bgpSessionDown.labels.severity | string | `"alert"` | |
|
||||
| prometheus.prometheusRule.configNotLoaded.enabled | bool | `true` | |
|
||||
| prometheus.prometheusRule.configNotLoaded.labels.severity | string | `"warning"` | |
|
||||
| prometheus.prometheusRule.enabled | bool | `false` | |
|
||||
| prometheus.prometheusRule.extraAlerts | list | `[]` | |
|
||||
| prometheus.prometheusRule.staleConfig.enabled | bool | `true` | |
|
||||
| prometheus.prometheusRule.staleConfig.labels.severity | string | `"warning"` | |
|
||||
| prometheus.rbacPrometheus | bool | `true` | |
|
||||
| prometheus.rbacProxy.pullPolicy | string | `nil` | |
|
||||
| prometheus.rbacProxy.repository | string | `"registry.opensuse.org/isv/suse/edge/metallb/images/kube-rbac-proxy"` | |
|
||||
| prometheus.rbacProxy.tag | string | `"v0.12.0"` | |
|
||||
| prometheus.scrapeAnnotations | bool | `false` | |
|
||||
| prometheus.serviceAccount | string | `""` | |
|
||||
| prometheus.serviceMonitor.controller.additionalLabels | object | `{}` | |
|
||||
| prometheus.serviceMonitor.controller.annotations | object | `{}` | |
|
||||
| prometheus.serviceMonitor.controller.tlsConfig.insecureSkipVerify | bool | `true` | |
|
||||
| prometheus.serviceMonitor.enabled | bool | `false` | |
|
||||
| prometheus.serviceMonitor.interval | string | `nil` | |
|
||||
| prometheus.serviceMonitor.jobLabel | string | `"app.kubernetes.io/name"` | |
|
||||
| prometheus.serviceMonitor.metricRelabelings | list | `[]` | |
|
||||
| prometheus.serviceMonitor.relabelings | list | `[]` | |
|
||||
| prometheus.serviceMonitor.speaker.additionalLabels | object | `{}` | |
|
||||
| prometheus.serviceMonitor.speaker.annotations | object | `{}` | |
|
||||
| prometheus.serviceMonitor.speaker.tlsConfig.insecureSkipVerify | bool | `true` | |
|
||||
| prometheus.speakerMetricsTLSSecret | string | `""` | |
|
||||
| rbac.create | bool | `true` | |
|
||||
| speaker.affinity | object | `{}` | |
|
||||
| speaker.enabled | bool | `true` | |
|
||||
| speaker.excludeInterfaces.enabled | bool | `true` | |
|
||||
| speaker.extraContainers | list | `[]` | |
|
||||
| speaker.frr.enabled | bool | `true` | |
|
||||
| speaker.frr.image.pullPolicy | string | `nil` | |
|
||||
| speaker.frr.image.repository | string | `"registry.opensuse.org/isv/suse/edge/metallb/images/frr"` | |
|
||||
| speaker.frr.image.tag | string | `"8.4.2"` | |
|
||||
| speaker.frr.metricsPort | int | `7473` | |
|
||||
| speaker.frr.resources | object | `{}` | |
|
||||
| speaker.frrMetrics.resources | object | `{}` | |
|
||||
| speaker.ignoreExcludeLB | bool | `false` | |
|
||||
| speaker.image.pullPolicy | string | `nil` | |
|
||||
| speaker.image.repository | string | `"registry.opensuse.org/isv/suse/edge/metallb/images/metallb-speaker"` | |
|
||||
| speaker.image.tag | string | `nil` | |
|
||||
| speaker.labels | object | `{}` | |
|
||||
| speaker.livenessProbe.enabled | bool | `true` | |
|
||||
| speaker.livenessProbe.failureThreshold | int | `3` | |
|
||||
| speaker.livenessProbe.initialDelaySeconds | int | `10` | |
|
||||
| speaker.livenessProbe.periodSeconds | int | `10` | |
|
||||
| speaker.livenessProbe.successThreshold | int | `1` | |
|
||||
| speaker.livenessProbe.timeoutSeconds | int | `1` | |
|
||||
| speaker.logLevel | string | `"info"` | Speaker log level. Must be one of: `all`, `debug`, `info`, `warn`, `error` or `none` |
|
||||
| speaker.memberlist.enabled | bool | `true` | |
|
||||
| speaker.memberlist.mlBindAddrOverride | string | `""` | |
|
||||
| speaker.memberlist.mlBindPort | int | `7946` | |
|
||||
| speaker.memberlist.mlSecretKeyPath | string | `"/etc/ml_secret_key"` | |
|
||||
| speaker.nodeSelector | object | `{}` | |
|
||||
| speaker.podAnnotations | object | `{}` | |
|
||||
| speaker.priorityClassName | string | `""` | |
|
||||
| speaker.readinessProbe.enabled | bool | `true` | |
|
||||
| speaker.readinessProbe.failureThreshold | int | `3` | |
|
||||
| speaker.readinessProbe.initialDelaySeconds | int | `10` | |
|
||||
| speaker.readinessProbe.periodSeconds | int | `10` | |
|
||||
| speaker.readinessProbe.successThreshold | int | `1` | |
|
||||
| speaker.readinessProbe.timeoutSeconds | int | `1` | |
|
||||
| speaker.reloader.resources | object | `{}` | |
|
||||
| speaker.resources | object | `{}` | |
|
||||
| speaker.runtimeClassName | string | `""` | |
|
||||
| speaker.securityContext | object | `{}` | |
|
||||
| speaker.serviceAccount.annotations | object | `{}` | |
|
||||
| speaker.serviceAccount.create | bool | `true` | |
|
||||
| speaker.serviceAccount.name | string | `""` | |
|
||||
| speaker.startupProbe.enabled | bool | `true` | |
|
||||
| speaker.startupProbe.failureThreshold | int | `30` | |
|
||||
| speaker.startupProbe.periodSeconds | int | `5` | |
|
||||
| speaker.tolerateMaster | bool | `true` | |
|
||||
| speaker.tolerations | list | `[]` | |
|
||||
| speaker.updateStrategy.type | string | `"RollingUpdate"` | |
|
||||
|
||||
----------------------------------------------
|
||||
Autogenerated from chart metadata using [helm-docs v1.10.0](https://github.com/norwoodj/helm-docs/releases/v1.10.0)
|
15
metallb-chart/_service
Normal file
15
metallb-chart/_service
Normal file
@ -0,0 +1,15 @@
|
||||
<services>
|
||||
<service mode="buildtime" name="kiwi_metainfo_helper"/>
|
||||
<service name="replace_using_env" mode="buildtime">
|
||||
<param name="file">values.yaml</param>
|
||||
<param name="eval">IMG_PREFIX=$(rpm --macros=/root/.rpmmacros -E %img_prefix)</param>
|
||||
<param name="var">IMG_PREFIX</param>
|
||||
<param name="eval">IMG_REPO=$(rpm --macros=/root/.rpmmacros -E %img_repo)</param>
|
||||
<param name="var">IMG_REPO</param>
|
||||
</service>
|
||||
<service name="replace_using_env" mode="buildtime">
|
||||
<param name="file">Chart.yaml</param>
|
||||
<param name="eval">IMG_PREFIX=$(rpm --macros=/root/.rpmmacros -E %img_prefix)</param>
|
||||
<param name="var">IMG_PREFIX</param>
|
||||
</service>
|
||||
</services>
|
BIN
metallb-chart/charts.obscpio
Normal file
BIN
metallb-chart/charts.obscpio
Normal file
Binary file not shown.
BIN
metallb-chart/policy.obscpio
Normal file
BIN
metallb-chart/policy.obscpio
Normal file
Binary file not shown.
BIN
metallb-chart/templates.obscpio
Normal file
BIN
metallb-chart/templates.obscpio
Normal file
Binary file not shown.
448
metallb-chart/values.schema.json
Normal file
448
metallb-chart/values.schema.json
Normal file
@ -0,0 +1,448 @@
|
||||
{
|
||||
"$schema": "https://json-schema.org/draft-07/schema#",
|
||||
"title": "Values",
|
||||
"type": "object",
|
||||
"definitions": {
|
||||
"prometheusAlert": {
|
||||
"type": "object",
|
||||
"properties": {
|
||||
"enabled": {
|
||||
"type": "boolean"
|
||||
},
|
||||
"labels": {
|
||||
"type": "object",
|
||||
"additionalProperties": { "type": "string" }
|
||||
}
|
||||
},
|
||||
"required": [ "enabled" ]
|
||||
},
|
||||
"probe": {
|
||||
"type": "object",
|
||||
"properties": {
|
||||
"enabled": {
|
||||
"type": "boolean"
|
||||
},
|
||||
"failureThreshold": {
|
||||
"type": "integer"
|
||||
},
|
||||
"initialDelaySeconds": {
|
||||
"type": "integer"
|
||||
},
|
||||
"periodSeconds": {
|
||||
"type": "integer"
|
||||
},
|
||||
"successThreshold": {
|
||||
"type": "integer"
|
||||
},
|
||||
"timeoutSeconds": {
|
||||
"type": "integer"
|
||||
}
|
||||
},
|
||||
"required": [
|
||||
"failureThreshold",
|
||||
"initialDelaySeconds",
|
||||
"periodSeconds",
|
||||
"successThreshold",
|
||||
"timeoutSeconds"
|
||||
]
|
||||
},
|
||||
"component": {
|
||||
"type": "object",
|
||||
"properties": {
|
||||
"enabled": {
|
||||
"type": "boolean"
|
||||
},
|
||||
"logLevel": {
|
||||
"type": "string",
|
||||
"enum": [ "all", "debug", "info", "warn", "error", "none" ]
|
||||
},
|
||||
"image": {
|
||||
"type": "object",
|
||||
"properties": {
|
||||
"repository": {
|
||||
"type": "string"
|
||||
},
|
||||
"tag": {
|
||||
"anyOf": [
|
||||
{ "type": "string" },
|
||||
{ "type": "null" }
|
||||
]
|
||||
},
|
||||
"pullPolicy": {
|
||||
"anyOf": [
|
||||
{
|
||||
"type": "null"
|
||||
},
|
||||
{
|
||||
"type": "string",
|
||||
"enum": [ "Always", "IfNotPresent", "Never" ]
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
},
|
||||
"serviceAccount": {
|
||||
"type": "object",
|
||||
"properties": {
|
||||
"create": {
|
||||
"type": "boolean"
|
||||
},
|
||||
"name": {
|
||||
"type": "string"
|
||||
},
|
||||
"annotations": {
|
||||
"type": "object"
|
||||
}
|
||||
}
|
||||
},
|
||||
"resources": {
|
||||
"type": "object"
|
||||
},
|
||||
"nodeSelector": {
|
||||
"type": "object"
|
||||
},
|
||||
"tolerations": {
|
||||
"type": "array",
|
||||
"items": {
|
||||
"type": "object"
|
||||
}
|
||||
},
|
||||
"priorityClassName": {
|
||||
"type":"string"
|
||||
},
|
||||
"runtimeClassName": {
|
||||
"type":"string"
|
||||
},
|
||||
"affinity": {
|
||||
"type": "object"
|
||||
},
|
||||
"podAnnotations": {
|
||||
"type": "object"
|
||||
},
|
||||
"livenessProbe": {
|
||||
"$ref": "#/definitions/probe"
|
||||
},
|
||||
"readinessProbe": {
|
||||
"$ref": "#/definitions/probe"
|
||||
}
|
||||
},
|
||||
"required": [
|
||||
"image",
|
||||
"serviceAccount"
|
||||
]
|
||||
}
|
||||
},
|
||||
"properties": {
|
||||
"imagePullSecrets": {
|
||||
"description": "Secrets used for pulling images",
|
||||
"type": "array",
|
||||
"items": {
|
||||
"type": "object",
|
||||
"properties": {
|
||||
"name": {
|
||||
"type": "string"
|
||||
}
|
||||
},
|
||||
"required": [ "name" ],
|
||||
"additionalProperties": false
|
||||
}
|
||||
},
|
||||
"nameOverride": {
|
||||
"description": "Override chart name",
|
||||
"type": "string"
|
||||
},
|
||||
"fullNameOverride": {
|
||||
"description": "Override fully qualified app name",
|
||||
"type": "string"
|
||||
},
|
||||
"configInLine": {
|
||||
"description": "MetalLB configuration",
|
||||
"type": "object"
|
||||
},
|
||||
"loadBalancerClass": {
|
||||
"type":"string"
|
||||
},
|
||||
"rbac": {
|
||||
"description": "RBAC configuration",
|
||||
"type": "object",
|
||||
"properties": {
|
||||
"create": {
|
||||
"description": "Enable RBAC",
|
||||
"type": "boolean"
|
||||
}
|
||||
}
|
||||
},
|
||||
"prometheus": {
|
||||
"description": "Prometheus monitoring config",
|
||||
"type": "object",
|
||||
"properties": {
|
||||
"scrapeAnnotations": { "type": "boolean" },
|
||||
"metricsPort": { "type": "integer" },
|
||||
"secureMetricsPort": { "type": "integer" },
|
||||
"rbacPrometheus": { "type": "boolean" },
|
||||
"serviceAccount": { "type": "string" },
|
||||
"namespace": { "type": "string" },
|
||||
"rbacProxy": {
|
||||
"description": "kube-rbac-proxy configuration",
|
||||
"type": "object",
|
||||
"properties": {
|
||||
"repository": { "type": "string" },
|
||||
"tag": { "type": "string" }
|
||||
}
|
||||
},
|
||||
"podMonitor": {
|
||||
"description": "Prometheus Operator PodMonitors",
|
||||
"type": "object",
|
||||
"properties": {
|
||||
"enabled": { "type": "boolean" },
|
||||
"additionalMonitors": { "type": "object" },
|
||||
"jobLabel": { "type": "string" },
|
||||
"interval": {
|
||||
"anyOf": [
|
||||
{ "type": "integer" },
|
||||
{ "type": "null" }
|
||||
]
|
||||
},
|
||||
"metricRelabelings": {
|
||||
"type": "array",
|
||||
"items": {
|
||||
"type": "object"
|
||||
}
|
||||
},
|
||||
"relabelings": {
|
||||
"type": "array",
|
||||
"items": {
|
||||
"type": "object"
|
||||
}
|
||||
}
|
||||
}
|
||||
},
|
||||
"serviceMonitor": {
|
||||
"description": "Prometheus Operator ServiceMonitors",
|
||||
"type": "object",
|
||||
"properties": {
|
||||
"enabled": { "type": "boolean" },
|
||||
"jobLabel": { "type": "string" },
|
||||
"interval": {
|
||||
"anyOf": [
|
||||
{ "type": "integer" },
|
||||
{ "type": "null" }
|
||||
]
|
||||
},
|
||||
"metricRelabelings": {
|
||||
"type": "array",
|
||||
"items": {
|
||||
"type": "object"
|
||||
}
|
||||
},
|
||||
"relabelings": {
|
||||
"type": "array",
|
||||
"items": {
|
||||
"type": "object"
|
||||
}
|
||||
}
|
||||
}
|
||||
},
|
||||
"prometheusRule": {
|
||||
"description": "Prometheus Operator alertmanager alerts",
|
||||
"type": "object",
|
||||
"properties": {
|
||||
"enabled": { "type": "boolean" },
|
||||
"additionalMonitors": { "type": "object" },
|
||||
"staleConfig": { "$ref": "#/definitions/prometheusAlert" },
|
||||
"configNotLoaded": { "$ref": "#/definitions/prometheusAlert" },
|
||||
"addressPoolExhausted": { "$ref": "#/definitions/prometheusAlert" },
|
||||
"addressPoolUsage": {
|
||||
"type": "object",
|
||||
"properties": {
|
||||
"enabled": {
|
||||
"type": "boolean"
|
||||
},
|
||||
"thresholds": {
|
||||
"type": "array",
|
||||
"items": {
|
||||
"type": "object",
|
||||
"properties": {
|
||||
"percent": {
|
||||
"type": "integer",
|
||||
"minimum": 0,
|
||||
"maximum": 100
|
||||
},
|
||||
"labels": {
|
||||
"type": "object",
|
||||
"additionalProperties": { "type": "string" }
|
||||
}
|
||||
},
|
||||
"required": [ "percent" ]
|
||||
}
|
||||
}
|
||||
},
|
||||
"required": [ "enabled" ]
|
||||
},
|
||||
"bgpSessionDown": { "$ref": "#/definitions/prometheusAlert" },
|
||||
"extraAlerts": {
|
||||
"type": "array",
|
||||
"items": {
|
||||
"type": "object"
|
||||
}
|
||||
}
|
||||
},
|
||||
"required": [
|
||||
"enabled",
|
||||
"staleConfig",
|
||||
"configNotLoaded",
|
||||
"addressPoolExhausted",
|
||||
"addressPoolUsage",
|
||||
"bgpSessionDown"
|
||||
]
|
||||
}
|
||||
},
|
||||
"required": [ "podMonitor", "prometheusRule" ]
|
||||
},
|
||||
"controller": {
|
||||
"allOf": [
|
||||
{ "$ref": "#/definitions/component" },
|
||||
{ "description": "MetalLB Controller",
|
||||
"type": "object",
|
||||
"properties": {
|
||||
"strategy": {
|
||||
"type": "object",
|
||||
"properties": {
|
||||
"type": {
|
||||
"type": "string"
|
||||
}
|
||||
},
|
||||
"required": [ "type" ]
|
||||
},
|
||||
"command" : {
|
||||
"type": "string"
|
||||
},
|
||||
"webhookMode" : {
|
||||
"type": "string"
|
||||
},
|
||||
"extraContainers": {
|
||||
"type": "array",
|
||||
"items": {
|
||||
"type": "object"
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"speaker": {
|
||||
"allOf": [
|
||||
{ "$ref": "#/definitions/component" },
|
||||
{ "description": "MetalLB Speaker",
|
||||
"type": "object",
|
||||
"properties": {
|
||||
"tolerateMaster": {
|
||||
"type": "boolean"
|
||||
},
|
||||
"memberlist": {
|
||||
"type": "object",
|
||||
"properties": {
|
||||
"enabled": {
|
||||
"type": "boolean"
|
||||
},
|
||||
"mlBindPort": {
|
||||
"type": "integer"
|
||||
},
|
||||
"mlBindAddrOverride": {
|
||||
"type": "string"
|
||||
},
|
||||
"mlSecretKeyPath": {
|
||||
"type": "string"
|
||||
}
|
||||
}
|
||||
},
|
||||
"excludeInterfaces": {
|
||||
"type": "object",
|
||||
"properties": {
|
||||
"enabled": {
|
||||
"type": "boolean"
|
||||
}
|
||||
}
|
||||
},
|
||||
"ignoreExcludeLB": {
|
||||
"type": "boolean"
|
||||
},
|
||||
"updateStrategy": {
|
||||
"type": "object",
|
||||
"properties": {
|
||||
"type": {
|
||||
"type": "string"
|
||||
}
|
||||
},
|
||||
"required": [ "type" ]
|
||||
},
|
||||
"runtimeClassName": {
|
||||
"type": "string"
|
||||
},
|
||||
"securityContext": {
|
||||
"type": "object"
|
||||
},
|
||||
"secretName": {
|
||||
"type": "string"
|
||||
},
|
||||
"frr": {
|
||||
"description": "Install FRR container in speaker deployment",
|
||||
"type": "object",
|
||||
"properties": {
|
||||
"enabled": {
|
||||
"type": "boolean"
|
||||
},
|
||||
"image": { "$ref": "#/definitions/component/properties/image" },
|
||||
"metricsPort": { "type": "integer" },
|
||||
"secureMetricsPort": { "type": "integer" },
|
||||
"resources:": { "type": "object" }
|
||||
},
|
||||
"required": [ "enabled" ]
|
||||
},
|
||||
"command" : {
|
||||
"type": "string"
|
||||
},
|
||||
"reloader": {
|
||||
"type": "object",
|
||||
"properties": {
|
||||
"resources": { "type": "object" }
|
||||
}
|
||||
},
|
||||
"frrMetrics": {
|
||||
"type": "object",
|
||||
"properties": {
|
||||
"resources": { "type": "object" }
|
||||
}
|
||||
},
|
||||
"extraContainers": {
|
||||
"type": "array",
|
||||
"items": {
|
||||
"type": "object"
|
||||
}
|
||||
}
|
||||
},
|
||||
"required": [ "tolerateMaster" ]
|
||||
}
|
||||
]
|
||||
},
|
||||
"crds": {
|
||||
"description": "CRD configuration",
|
||||
"type": "object",
|
||||
"properties": {
|
||||
"enabled": {
|
||||
"description": "Enable CRDs",
|
||||
"type": "boolean"
|
||||
},
|
||||
"validationFailurePolicy": {
|
||||
"description": "Failure policy to use with validating webhooks",
|
||||
"type": "string",
|
||||
"enum": [ "Ignore", "Fail" ]
|
||||
}
|
||||
}
|
||||
}
|
||||
},
|
||||
"required": [
|
||||
"controller",
|
||||
"speaker"
|
||||
]
|
||||
}
|
380
metallb-chart/values.yaml
Normal file
380
metallb-chart/values.yaml
Normal file
@ -0,0 +1,380 @@
|
||||
# Default values for metallb.
|
||||
# This is a YAML-formatted file.
|
||||
# Declare variables to be passed into your templates.
|
||||
|
||||
imagePullSecrets: []
|
||||
nameOverride: ""
|
||||
fullnameOverride: ""
|
||||
# MetalLB supports LoadBalancerClass, which allows multiple load balancer implementations to co-exist.
|
||||
# In order to set the loadbalancer class MetalLB should be listening for, the --lb-class=<CLASS_NAME>
|
||||
# parameter must be provided to both the speaker and the controller.
|
||||
loadBalancerClass: ""
|
||||
|
||||
# To configure MetalLB, you must specify ONE of the following two
|
||||
# options.
|
||||
|
||||
rbac:
|
||||
# create specifies whether to install and use RBAC rules.
|
||||
create: true
|
||||
|
||||
prometheus:
|
||||
# scrape annotations specifies whether to add Prometheus metric
|
||||
# auto-collection annotations to pods. See
|
||||
# https://github.com/prometheus/prometheus/blob/release-2.1/documentation/examples/prometheus-kubernetes.yml
|
||||
# for a corresponding Prometheus configuration. Alternatively, you
|
||||
# may want to use the Prometheus Operator
|
||||
# (https://github.com/coreos/prometheus-operator) for more powerful
|
||||
# monitoring configuration. If you use the Prometheus operator, this
|
||||
# can be left at false.
|
||||
scrapeAnnotations: false
|
||||
|
||||
# port both controller and speaker will listen on for metrics
|
||||
metricsPort: 7472
|
||||
|
||||
# if set, enables rbac proxy on the controller and speaker to expose
|
||||
# the metrics via tls.
|
||||
# secureMetricsPort: 9120
|
||||
|
||||
# the name of the secret to be mounted in the speaker pod
|
||||
# to expose the metrics securely. If not present, a self signed
|
||||
# certificate to be used.
|
||||
speakerMetricsTLSSecret: ""
|
||||
|
||||
# the name of the secret to be mounted in the controller pod
|
||||
# to expose the metrics securely. If not present, a self signed
|
||||
# certificate to be used.
|
||||
controllerMetricsTLSSecret: ""
|
||||
|
||||
# prometheus doens't have the permission to scrape all namespaces so we give it permission to scrape metallb's one
|
||||
rbacPrometheus: true
|
||||
|
||||
# the service account used by prometheus
|
||||
# required when " .Values.prometheus.rbacPrometheus == true " and " .Values.prometheus.podMonitor.enabled=true or prometheus.serviceMonitor.enabled=true "
|
||||
serviceAccount: ""
|
||||
|
||||
# the namespace where prometheus is deployed
|
||||
# required when " .Values.prometheus.rbacPrometheus == true " and " .Values.prometheus.podMonitor.enabled=true or prometheus.serviceMonitor.enabled=true "
|
||||
namespace: ""
|
||||
|
||||
# the image to be used for the kuberbacproxy container
|
||||
rbacProxy:
|
||||
repository: "%%IMG_REPO%%/%%IMG_PREFIX%%kube-rbac-proxy"
|
||||
tag: "v0.18.0"
|
||||
pullPolicy: IfNotPresent
|
||||
|
||||
# Prometheus Operator PodMonitors
|
||||
podMonitor:
|
||||
# enable support for Prometheus Operator
|
||||
enabled: false
|
||||
|
||||
# optional additionnal labels for podMonitors
|
||||
additionalLabels: {}
|
||||
|
||||
# optional annotations for podMonitors
|
||||
annotations: {}
|
||||
|
||||
# Job label for scrape target
|
||||
jobLabel: "app.kubernetes.io/name"
|
||||
|
||||
# Scrape interval. If not set, the Prometheus default scrape interval is used.
|
||||
interval:
|
||||
|
||||
# metric relabel configs to apply to samples before ingestion.
|
||||
metricRelabelings: []
|
||||
# - action: keep
|
||||
# regex: 'kube_(daemonset|deployment|pod|namespace|node|statefulset).+'
|
||||
# sourceLabels: [__name__]
|
||||
|
||||
# relabel configs to apply to samples before ingestion.
|
||||
relabelings: []
|
||||
# - sourceLabels: [__meta_kubernetes_pod_node_name]
|
||||
# separator: ;
|
||||
# regex: ^(.*)$
|
||||
# target_label: nodename
|
||||
# replacement: $1
|
||||
# action: replace
|
||||
|
||||
# Prometheus Operator ServiceMonitors. To be used as an alternative
|
||||
# to podMonitor, supports secure metrics.
|
||||
serviceMonitor:
|
||||
# enable support for Prometheus Operator
|
||||
enabled: false
|
||||
|
||||
speaker:
|
||||
# optional additional labels for the speaker serviceMonitor
|
||||
additionalLabels: {}
|
||||
# optional additional annotations for the speaker serviceMonitor
|
||||
annotations: {}
|
||||
# optional tls configuration for the speaker serviceMonitor, in case
|
||||
# secure metrics are enabled.
|
||||
tlsConfig:
|
||||
insecureSkipVerify: true
|
||||
|
||||
controller:
|
||||
# optional additional labels for the controller serviceMonitor
|
||||
additionalLabels: {}
|
||||
# optional additional annotations for the controller serviceMonitor
|
||||
annotations: {}
|
||||
# optional tls configuration for the controller serviceMonitor, in case
|
||||
# secure metrics are enabled.
|
||||
tlsConfig:
|
||||
insecureSkipVerify: true
|
||||
|
||||
# Job label for scrape target
|
||||
jobLabel: "app.kubernetes.io/name"
|
||||
|
||||
# Scrape interval. If not set, the Prometheus default scrape interval is used.
|
||||
interval:
|
||||
|
||||
# metric relabel configs to apply to samples before ingestion.
|
||||
metricRelabelings: []
|
||||
# - action: keep
|
||||
# regex: 'kube_(daemonset|deployment|pod|namespace|node|statefulset).+'
|
||||
# sourceLabels: [__name__]
|
||||
|
||||
# relabel configs to apply to samples before ingestion.
|
||||
relabelings: []
|
||||
# - sourceLabels: [__meta_kubernetes_pod_node_name]
|
||||
# separator: ;
|
||||
# regex: ^(.*)$
|
||||
# target_label: nodename
|
||||
# replacement: $1
|
||||
# action: replace
|
||||
|
||||
# Prometheus Operator alertmanager alerts
|
||||
prometheusRule:
|
||||
# enable alertmanager alerts
|
||||
enabled: false
|
||||
|
||||
# optional additionnal labels for prometheusRules
|
||||
additionalLabels: {}
|
||||
|
||||
# optional annotations for prometheusRules
|
||||
annotations: {}
|
||||
|
||||
# MetalLBStaleConfig
|
||||
staleConfig:
|
||||
enabled: true
|
||||
labels:
|
||||
severity: warning
|
||||
|
||||
# MetalLBConfigNotLoaded
|
||||
configNotLoaded:
|
||||
enabled: true
|
||||
labels:
|
||||
severity: warning
|
||||
|
||||
# MetalLBAddressPoolExhausted
|
||||
addressPoolExhausted:
|
||||
enabled: true
|
||||
labels:
|
||||
severity: alert
|
||||
|
||||
addressPoolUsage:
|
||||
enabled: true
|
||||
thresholds:
|
||||
- percent: 75
|
||||
labels:
|
||||
severity: warning
|
||||
- percent: 85
|
||||
labels:
|
||||
severity: warning
|
||||
- percent: 95
|
||||
labels:
|
||||
severity: alert
|
||||
|
||||
# MetalLBBGPSessionDown
|
||||
bgpSessionDown:
|
||||
enabled: true
|
||||
labels:
|
||||
severity: alert
|
||||
|
||||
extraAlerts: []
|
||||
|
||||
# controller contains configuration specific to the MetalLB cluster
|
||||
# controller.
|
||||
controller:
|
||||
enabled: true
|
||||
# -- Controller log level. Must be one of: `all`, `debug`, `info`, `warn`, `error` or `none`
|
||||
logLevel: info
|
||||
# command: /controller
|
||||
# webhookMode: enabled
|
||||
image:
|
||||
repository: "%%IMG_REPO%%/%%IMG_PREFIX%%metallb-controller"
|
||||
tag: "v0.14.8"
|
||||
pullPolicy: IfNotPresent
|
||||
## @param controller.updateStrategy.type Metallb controller deployment strategy type.
|
||||
## ref: https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#strategy
|
||||
## e.g:
|
||||
## strategy:
|
||||
## type: RollingUpdate
|
||||
## rollingUpdate:
|
||||
## maxSurge: 25%
|
||||
## maxUnavailable: 25%
|
||||
##
|
||||
strategy:
|
||||
type: RollingUpdate
|
||||
serviceAccount:
|
||||
# Specifies whether a ServiceAccount should be created
|
||||