You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@trafficserver.apache.org by ki...@apache.org on 2020/11/28 11:07:40 UTC
[trafficserver-ingress-controller] branch master updated: Cleanup
on helm chart (#53)
This is an automated email from the ASF dual-hosted git repository.
kichan pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/trafficserver-ingress-controller.git
The following commit(s) were added to refs/heads/master by this push:
new 3d12dda Cleanup on helm chart (#53)
3d12dda is described below
commit 3d12dda55d9f2dcf452eff0060f3011d1612dc2e
Author: Kit Chan <ki...@apache.org>
AuthorDate: Sat Nov 28 03:07:33 2020 -0800
Cleanup on helm chart (#53)
* fix typo
* skip tutorial files for lgtm
* revise helm chart details
* updated README and helm artifacts
* fix typo
* fix typo on helm chart files
* regenerated helm chart repo
---
.../templates/ats-configmap.yaml => .lgtm.yml | 20 +--
charts/README.md | 8 +-
charts/ats-ingress/templates/NOTES.txt | 7 +
charts/ats-ingress/templates/_helpers.tpl | 24 ++-
charts/ats-ingress/templates/clusterrole.yaml | 56 ++++++
.../ats-ingress/templates/clusterrolebinding.yaml | 39 +++++
charts/ats-ingress/templates/deployment.yaml | 126 ++++++++++----
.../ats-ingress/templates/fluentd-configmap.yaml | 55 ------
charts/ats-ingress/templates/pullsecret.yaml | 34 ++++
charts/ats-ingress/templates/rbac.yaml | 51 ------
charts/ats-ingress/templates/service.yaml | 67 +++++---
charts/ats-ingress/templates/serviceaccount.yaml | 32 ++++
charts/ats-ingress/values.yaml | 191 ++++++++++++++-------
docs/ats-ingress-0.1.0.tgz | Bin 3641 -> 4708 bytes
docs/index.html | 2 +-
docs/index.yaml | 6 +-
16 files changed, 457 insertions(+), 261 deletions(-)
diff --git a/charts/ats-ingress/templates/ats-configmap.yaml b/.lgtm.yml
similarity index 65%
rename from charts/ats-ingress/templates/ats-configmap.yaml
rename to .lgtm.yml
index 6daef6f..f25cdc4 100644
--- a/charts/ats-ingress/templates/ats-configmap.yaml
+++ b/.lgtm.yml
@@ -6,22 +6,16 @@
# "License"); you may not use this file except in compliance
# with the License. You may obtain a copy of the License at
#
-# http://www.apache.org/licenses/LICENSE-2.0
+# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
-apiVersion: v1
-kind: ConfigMap
-metadata:
- namespace: {{ .Release.Namespace }}
- name: ats
- annotations:
- "helm.sh/hook": post-install
- "helm.sh/hook-weight": "0"
- "helm.sh/hook-delete-policy": before-hook-creation
-data:
- # reloadable data only
- proxy.config.log.logfile_dir: {{ .Values.ats.log.trafficserver.dir | quote }}
+
+extractions:
+ javascript:
+ index:
+ filters:
+ - exclude: "k8s/**"
diff --git a/charts/README.md b/charts/README.md
index dfb54f6..5018c0a 100644
--- a/charts/README.md
+++ b/charts/README.md
@@ -19,17 +19,13 @@
# Helm support
This is the ats-ingress chart repository for Helm V3.
-It contains Helm chart for ats-ingress, which contains the following -
-- Apache Traffic Server + Ingress Controller
-- fluentd v1.6
-- trafficserver_exporter v0.3.3
-## To build new version of the helm chart
+## To build and push new version of the helm chart
1. git clone the project
2. `$ cd trafficserver-ingress-controller/charts`
3. Update version in ats-ingress/Chart.yaml
4. `$ helm package ats-ingress`
-5. `$ helm repo index . --url https://apache.github.com/trafficserver-ingress-controller`
+5. `$ helm repo index . --url https://apache.github.io/trafficserver-ingress-controller`
6. `$ cp index.yaml ../docs/`
7. `$ cp ats-ingress-*.tgz ../docs/`
6. Commit and push the changes
diff --git a/charts/ats-ingress/templates/NOTES.txt b/charts/ats-ingress/templates/NOTES.txt
new file mode 100644
index 0000000..3188758
--- /dev/null
+++ b/charts/ats-ingress/templates/NOTES.txt
@@ -0,0 +1,7 @@
+ATS Ingress Controller has been successfully installed.
+
+Controller image deployed is: "{{ .Values.controller.image.repository }}:{{ tpl .Values.controller.image.tag . }}".
+
+For more examples and up to date documentation, please visit:
+https://github.com/apache/trafficserver-ingress-controller/
+
diff --git a/charts/ats-ingress/templates/_helpers.tpl b/charts/ats-ingress/templates/_helpers.tpl
index caeae2c..bf8ed60 100644
--- a/charts/ats-ingress/templates/_helpers.tpl
+++ b/charts/ats-ingress/templates/_helpers.tpl
@@ -47,21 +47,19 @@ Create chart name and version as used by the chart label.
{{- end }}
{{/*
-Common labels
+Encode an imagePullSecret string.
*/}}
-{{- define "ats-ingress.labels" -}}
-helm.sh/chart: {{ include "ats-ingress.chart" . }}
-{{ include "ats-ingress.selectorLabels" . }}
-{{- if .Chart.AppVersion }}
-app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
-{{- end }}
-app.kubernetes.io/managed-by: {{ .Release.Service }}
+{{- define "ats-ingress.imagePullSecret" }}
+{{- printf "{\"auths\": {\"%s\": {\"auth\": \"%s\"}}}" .Values.controller.imageCredentials.registry (printf "%s:%s" .Values.controller.imageCredentials.username .Values.controller.imageCredentials.password | b64enc) | b64enc }}
{{- end }}
{{/*
-Selector labels
+Create the name of the controller service account to use.
*/}}
-{{- define "ats-ingress.selectorLabels" -}}
-app.kubernetes.io/name: {{ include "ats-ingress.name" . }}
-app.kubernetes.io/instance: {{ .Release.Name }}
-{{- end }}
+{{- define "ats-ingress.serviceAccountName" -}}
+{{- if .Values.serviceAccount.create -}}
+ {{ default (include "ats-ingress.fullname" .) .Values.serviceAccount.name }}
+{{- else -}}
+ {{ default "default" .Values.serviceAccount.name }}
+{{- end -}}
+{{- end -}}
diff --git a/charts/ats-ingress/templates/clusterrole.yaml b/charts/ats-ingress/templates/clusterrole.yaml
new file mode 100644
index 0000000..78ea7b1
--- /dev/null
+++ b/charts/ats-ingress/templates/clusterrole.yaml
@@ -0,0 +1,56 @@
+{{/*
+Licensed to the Apache Software Foundation (ASF) under one
+or more contributor license agreements. See the NOTICE file
+distributed with this work for additional information
+regarding copyright ownership. The ASF licenses this file
+to you under the Apache License, Version 2.0 (the
+"License"); you may not use this file except in compliance
+with the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/}}
+
+{{- if .Values.rbac.create -}}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+ name: {{ include "ats-ingress.fullname" . }}
+ labels:
+ app.kubernetes.io/name: {{ include "ats-ingress.name" . }}
+ helm.sh/chart: {{ include "ats-ingress.chart" . }}
+ app.kubernetes.io/managed-by: {{ .Release.Service }}
+ app.kubernetes.io/instance: {{ .Release.Name }}
+ app.kubernetes.io/version: {{ .Chart.AppVersion }}
+rules:
+- apiGroups:
+ - ""
+ resources:
+ - configmaps
+ - endpoints
+ - services
+ - namespaces
+ - events
+ - secrets
+ verbs:
+ - get
+ - list
+ - watch
+- apiGroups:
+ - "extensions"
+ - "networking.k8s.io"
+ resources:
+ - ingresses
+ - ingresses/status
+ verbs:
+ - get
+ - list
+ - watch
+ - update
+{{- end -}}
+
diff --git a/charts/ats-ingress/templates/clusterrolebinding.yaml b/charts/ats-ingress/templates/clusterrolebinding.yaml
new file mode 100644
index 0000000..1d05be3
--- /dev/null
+++ b/charts/ats-ingress/templates/clusterrolebinding.yaml
@@ -0,0 +1,39 @@
+{{/*
+Licensed to the Apache Software Foundation (ASF) under one
+or more contributor license agreements. See the NOTICE file
+distributed with this work for additional information
+regarding copyright ownership. The ASF licenses this file
+to you under the Apache License, Version 2.0 (the
+"License"); you may not use this file except in compliance
+with the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/}}
+
+{{- if .Values.rbac.create -}}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+ name: {{ include "ats-ingress.fullname" . }}
+ labels:
+ app.kubernetes.io/name: {{ include "ats-ingress.name" . }}
+ helm.sh/chart: {{ include "ats-ingress.chart" . }}
+ app.kubernetes.io/managed-by: {{ .Release.Service }}
+ app.kubernetes.io/instance: {{ .Release.Name }}
+ app.kubernetes.io/version: {{ .Chart.AppVersion }}
+roleRef:
+ apiGroup: rbac.authorization.k8s.io
+ kind: ClusterRole
+ name: {{ include "ats-ingress.fullname" . }}
+subjects:
+- kind: ServiceAccount
+ name: {{ include "ats-ingress.serviceAccountName" . }}
+ namespace: {{ .Release.Namespace }}
+{{- end -}}
+
diff --git a/charts/ats-ingress/templates/deployment.yaml b/charts/ats-ingress/templates/deployment.yaml
index 908182d..7af8a53 100644
--- a/charts/ats-ingress/templates/deployment.yaml
+++ b/charts/ats-ingress/templates/deployment.yaml
@@ -19,32 +19,66 @@ metadata:
name: {{ include "ats-ingress.fullname" . }}
namespace: {{ .Release.Namespace }}
labels:
- {{- include "ats-ingress.labels" . | nindent 4 }}
+ app.kubernetes.io/name: {{ include "ats-ingress.name" . }}
+ helm.sh/chart: {{ include "ats-ingress.chart" . }}
+ app.kubernetes.io/managed-by: {{ .Release.Service }}
+ app.kubernetes.io/instance: {{ .Release.Name }}
+ app.kubernetes.io/version: {{ .Chart.AppVersion }}
+ {{- if .Values.controller.extraLabels }}
+{{ toYaml .Values.controller.extraLabels | indent 4 }}
+ {{- end }}
spec:
- minReadySeconds: 30
+ minReadySeconds: {{ .Values.controller.minReadySeconds }}
- replicas: 1
+ replicas: {{ .Values.controller.replicaCount }}
selector:
matchLabels:
- {{- include "ats-ingress.selectorLabels" . | nindent 6 }}
+ app.kubernetes.io/name: {{ include "ats-ingress.name" . }}
+ app.kubernetes.io/instance: {{ .Release.Name }}
+ {{- with .Values.controller.strategy }}
+ strategy:
+ {{- toYaml . | nindent 4 }}
+ {{- end }}
template:
metadata:
labels:
- {{- include "ats-ingress.selectorLabels" . | nindent 8 }}
+ app.kubernetes.io/name: {{ include "ats-ingress.name" . }}
+ app.kubernetes.io/instance: {{ .Release.Name }}
+ {{- if .Values.controller.podLabels }}
+{{ toYaml .Values.controller.podLabels | indent 8 }}
+ {{- end }}
+ {{- if .Values.controller.podAnnotations }}
+ annotations:
+{{ toYaml .Values.controller.podAnnotations | indent 8 }}
+ {{- end }}
spec:
+ serviceAccountName: {{ include "ats-ingress.serviceAccountName" . }}
+ terminationGracePeriodSeconds: {{ .Values.controller.terminationGracePeriodSeconds }}
+{{- if .Values.controller.dnsConfig }}
+ dnsConfig:
+{{ toYaml .Values.controller.dnsConfig | indent 8 }}
+{{- end }}
+ dnsPolicy: {{ .Values.controller.dnsPolicy }}
+{{- if .Values.controller.imageCredentials.registry }}
+ imagePullSecrets:
+ - name: {{ include "ats-ingress.fullname" . }}
+{{- end }}
+{{- if .Values.controller.priorityClassName }}
+ priorityClassName: {{ .Values.controller.priorityClassName }}
+{{- end }}
containers:
- name: {{ .Chart.Name }}
- image: {{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}
- imagePullPolicy: {{ .Values.image.pullPolicy }}
+ image: {{ .Values.controller.image.repository }}:{{ .Values.controller.image.tag | default .Chart.AppVersion }}
+ imagePullPolicy: {{ .Values.controller.image.pullPolicy }}
volumeMounts:
- - mountPath: {{ .Values.ats.ssl.path | quote }}
- name: {{ .Values.ats.ssl.name }}
+ - mountPath: {{ .Values.controller.ssl.path | quote }}
+ name: {{ .Values.controller.ssl.name }}
readOnly: true
- name: log-trafficserver
- mountPath: {{ .Values.ats.log.trafficserver.dir }}
+ mountPath: {{ .Values.controller.log.trafficserver.dir }}
- name: log-ingress
- mountPath: {{ .Values.ats.log.ingress.dir }}
+ mountPath: {{ .Values.controller.log.ingress.dir }}
env:
- name: POD_NAME
valueFrom:
@@ -55,38 +89,64 @@ spec:
fieldRef:
fieldPath: metadata.namespace
- name: POD_TLS_PATH
- value: {{ .Values.ats.ssl.path | quote }}
+ value: {{ .Values.controller.ssl.path | quote }}
+ {{- range .Values.controller.extraEnvs }}
+ - name: {{ .name }}
+ value: {{ .value }}
+ {{- end }}
ports:
- containerPort: 80
- hostPort: 80
name: http
protocol: TCP
- containerPort: 443
- hostPort: 443
name: https
protocol: TCP
- - name: {{ .Values.collector.name }}
- image: {{ .Values.collector.image.repository }}:{{ .Values.collector.image.tag }}
- volumeMounts:
- - name: log-ingress
- mountPath: {{ .Values.collector.path.ingress | quote }}
- - name: log-trafficserver
- mountPath: {{ .Values.collector.path.trafficserver | quote }}
- - name: config-volume
- mountPath: {{ .Values.collector.fluentdConfigPath | quote }}
- - name: {{ .Values.exporter.name }}
- image: {{ .Values.exporter.image.repository }}:{{ .Values.exporter.image.tag }}
- imagePullPolicy: {{ .Values.exporter.image.pullPolicy }}
- ports:
- - containerPort: {{ .Values.exporter.service.port }}
+ resources:
+ {{- toYaml .Values.controller.resources | nindent 12 }}
+ {{- if .Values.controller.lifecycle }}
+ lifecycle:
+ {{- if eq "string" (printf "%T" .Values.controller.lifecycle) }}
+{{ tpl .Values.controller.lifecycle . | indent 12 }}
+ {{- else }}
+{{ toYaml .Values.controller.lifecycle | indent 12 }}
+ {{- end }}
+ {{- end }}
+ {{- if .Values.controller.extraContainers }}
+ {{- if eq "string" (printf "%T" .Values.controller.extraContainers) }}
+{{ tpl .Values.controller.extraContainers . | indent 8 }}
+ {{- else }}
+{{ toYaml .Values.controller.extraContainers | indent 8 }}
+ {{- end }}
+ {{- end }}
volumes:
- - name: {{ .Values.ats.ssl.name }}
+ - name: {{ .Values.controller.ssl.name }}
secret:
- secretName: {{ .Values.ats.ssl.secret }}
+ secretName: {{ .Values.controller.ssl.secret }}
- name: log-trafficserver
emptyDir: {}
- name: log-ingress
emptyDir: {}
- - name: config-volume
- configMap:
- name: fluentd-config
+ {{- if .Values.controller.extraVolumes }}
+ {{- if eq "string" (printf "%T" .Values.controller.extraVolumes) }}
+{{ tpl .Values.controller.extraVolumes . | indent 8 }}
+ {{- else }}
+{{ toYaml .Values.controller.extraVolumes | indent 8 }}
+ {{- end }}
+ {{- end }}
+ {{- with.Values.controller.initContainers }}
+ initContainers:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.controller.nodeSelector }}
+ nodeSelector:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.controller.affinity }}
+ affinity:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.controller.tolerations }}
+ tolerations:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+
diff --git a/charts/ats-ingress/templates/fluentd-configmap.yaml b/charts/ats-ingress/templates/fluentd-configmap.yaml
deleted file mode 100644
index addf35e..0000000
--- a/charts/ats-ingress/templates/fluentd-configmap.yaml
+++ /dev/null
@@ -1,55 +0,0 @@
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements. See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership. The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License. You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: fluentd-config
- namespace: {{ .Release.Namespace }}
- annotations:
- "helm.sh/hook": pre-install
- "helm.sh/hook-weight": "0"
- "helm.sh/hook-delete-policy": before-hook-creation
-data:
- fluent.conf: |
- <source>
- type tail
- path {{ .Values.collector.path.trafficserver }}/squid.log
- pos_file {{ .Values.collector.path.trafficserver }}/squid.log.pos
- <parse>
- @type regexp
- expression {{ .Values.collector.parse.trafficserver.defaultRegex }}
- </parse>
- tag trafficserver.access
- </source>
-
- <source>
- type tail
- path {{ .Values.collector.path.ingress }}/ingress_ats.err
- pos_file {{ .Values.collector.path.ingress }}/ingress_ats.err.pos
- <parse>
- @type regexp
- expression {{ .Values.collector.parse.ingress.defaultRegex }}
- </parse>
- tag ingress.log
- </source>
-
- <match **>
- @type stdout
- </match>
-
- <match fluent.**>
- @type null
- </match>
diff --git a/charts/ats-ingress/templates/pullsecret.yaml b/charts/ats-ingress/templates/pullsecret.yaml
new file mode 100644
index 0000000..0e44670
--- /dev/null
+++ b/charts/ats-ingress/templates/pullsecret.yaml
@@ -0,0 +1,34 @@
+{{/*
+Licensed to the Apache Software Foundation (ASF) under one
+or more contributor license agreements. See the NOTICE file
+distributed with this work for additional information
+regarding copyright ownership. The ASF licenses this file
+to you under the Apache License, Version 2.0 (the
+"License"); you may not use this file except in compliance
+with the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/}}
+
+{{- if .Values.controller.imageCredentials.registry -}}
+apiVersion: v1
+kind: Secret
+metadata:
+ name: {{ include "ats-ingress.fullname" . }}
+ namespace: {{ .Release.Namespace }}
+ labels:
+ app.kubernetes.io/name: {{ include "ats-ingress.name" . }}
+ helm.sh/chart: {{ include "ats-ingress.chart" . }}
+ app.kubernetes.io/managed-by: {{ .Release.Service }}
+ app.kubernetes.io/instance: {{ .Release.Name }}
+ app.kubernetes.io/version: {{ .Chart.AppVersion }}
+type: kubernetes.io/dockerconfigjson
+data:
+ .dockerconfigjson: {{ include "ats-ingress.imagePullSecret" . }}
+{{- end -}}
diff --git a/charts/ats-ingress/templates/rbac.yaml b/charts/ats-ingress/templates/rbac.yaml
deleted file mode 100644
index 7dc0429..0000000
--- a/charts/ats-ingress/templates/rbac.yaml
+++ /dev/null
@@ -1,51 +0,0 @@
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements. See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership. The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License. You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-apiVersion: rbac.authorization.k8s.io/v1beta1
-kind: ClusterRole
-metadata:
- name: {{ include "ats-ingress.fullname" . }}
-rules:
-- apiGroups:
- - '*'
- resources:
- - ingresses
- - secrets
- - services
- - pods
- - namespaces
- - replicationcontrollers
- - endpoints
- - configmaps
- verbs:
- - get
- - list
- - watch
-
----
-
-apiVersion: rbac.authorization.k8s.io/v1beta1
-kind: ClusterRoleBinding
-metadata:
- name: {{ include "ats-ingress.fullname" . }}
-subjects:
-- kind: ServiceAccount
- name: default
- namespace: {{ .Release.Namespace }}
-roleRef:
- apiGroup: rbac.authorization.k8s.io
- kind: ClusterRole
- name: {{ include "ats-ingress.fullname" . }}
-
diff --git a/charts/ats-ingress/templates/service.yaml b/charts/ats-ingress/templates/service.yaml
index 042e5b9..4f29113 100644
--- a/charts/ats-ingress/templates/service.yaml
+++ b/charts/ats-ingress/templates/service.yaml
@@ -13,38 +13,61 @@
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
+
apiVersion: v1
kind: Service
metadata:
name: {{ include "ats-ingress.fullname" . }}
namespace: {{ .Release.Namespace }}
labels:
- {{- include "ats-ingress.labels" . | nindent 4 }}
+ app.kubernetes.io/name: {{ include "ats-ingress.name" . }}
+ helm.sh/chart: {{ include "ats-ingress.chart" . }}
+ app.kubernetes.io/managed-by: {{ .Release.Service }}
+ app.kubernetes.io/instance: {{ .Release.Name }}
+ app.kubernetes.io/version: {{ .Chart.AppVersion }}
+{{- if .Values.controller.service.labels }}
+{{ toYaml .Values.controller.service.labels | indent 4 }}
+{{- end }}
+ annotations:
+{{- range $key, $value := .Values.controller.service.annotations }}
+ {{ $key }}: {{ $value | quote }}
+{{- end }}
spec:
- type: {{ .Values.service.type }}
+ {{ with .Values.controller.service.clusterIP }}clusterIP: {{ . }}{{ end }}
+ type: {{ .Values.controller.service.type }}
+ {{- if .Values.controller.service.externalTrafficPolicy }}
+ externalTrafficPolicy: {{ .Values.controller.service.externalTrafficPolicy }}
+ {{- end }}
+ {{- if .Values.controller.service.healthCheckNodePort }}
+ healthCheckNodePort: {{ .Values.controller.service.healthCheckNodePort }}
+ {{- end }}
ports:
- name: http
- port: {{ .Values.service.http.port }}
+ port: {{ .Values.controller.service.http.port }}
protocol: TCP
- targetPort: {{ .Values.service.http.targetPort }}
- nodePort: {{ .Values.service.http.nodePort }}
+ targetPort: {{ .Values.controller.service.http.targetPort }}
+ nodePort: {{ .Values.controller.service.http.nodePort }}
- name: https
- port: {{ .Values.service.https.port }}
+ port: {{ .Values.controller.service.https.port }}
protocol: TCP
- targetPort: {{ .Values.service.https.targetPort }}
- nodePort: {{ .Values.service.https.nodePort }}
+ targetPort: {{ .Values.controller.service.https.targetPort }}
+ nodePort: {{ .Values.controller.service.https.nodePort }}
selector:
- {{- include "ats-ingress.selectorLabels" . | nindent 4 }}
----
-apiVersion: v1
-kind: Service
-metadata:
- name: {{ .Values.exporter.service.name }}
- namespace: {{ .Release.Namespace }}
-spec:
- type: {{ .Values.exporter.service.type }}
- ports:
- - port: 80
- targetPort: {{ .Values.exporter.service.port }}
- selector:
- {{- include "ats-ingress.selectorLabels" . | nindent 4 }}
+ app.kubernetes.io/name: {{ template "ats-ingress.name" . }}
+ app.kubernetes.io/instance: {{ .Release.Name }}
+ {{- if .Values.controller.service.sessionAffinity }}
+ sessionAffinity: {{ .Values.controller.service.sessionAffinity }}
+ {{- end }}
+ externalIPs:
+{{- if .Values.controller.service.externalIPs }}
+{{ toYaml .Values.controller.service.externalIPs | indent 4 }}
+{{- end -}}
+{{- if (eq .Values.controller.service.type "LoadBalancer") }}
+{{- if .Values.controller.service.loadBalancerIP }}
+ loadBalancerIP: "{{ .Values.controller.service.loadBalancerIP }}"
+{{- end }}
+{{- if .Values.controller.service.loadBalancerSourceRanges }}
+ loadBalancerSourceRanges:
+{{ toYaml .Values.controller.service.loadBalancerSourceRanges | indent 4 }}
+{{- end }}
+{{- end }}
diff --git a/charts/ats-ingress/templates/serviceaccount.yaml b/charts/ats-ingress/templates/serviceaccount.yaml
new file mode 100644
index 0000000..d83f369
--- /dev/null
+++ b/charts/ats-ingress/templates/serviceaccount.yaml
@@ -0,0 +1,32 @@
+{{/*
+Licensed to the Apache Software Foundation (ASF) under one
+or more contributor license agreements. See the NOTICE file
+distributed with this work for additional information
+regarding copyright ownership. The ASF licenses this file
+to you under the Apache License, Version 2.0 (the
+"License"); you may not use this file except in compliance
+with the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/}}
+
+{{- if .Values.serviceAccount.create -}}
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+ name: {{ include "ats-ingress.serviceAccountName" . }}
+ namespace: {{ .Release.Namespace }}
+ labels:
+ app.kubernetes.io/name: {{ include "ats-ingress.name" . }}
+ helm.sh/chart: {{ include "ats-ingress.chart" . }}
+ app.kubernetes.io/managed-by: {{ .Release.Service }}
+ app.kubernetes.io/instance: {{ .Release.Name }}
+ app.kubernetes.io/version: {{ .Chart.AppVersion }}
+{{- end -}}
+
diff --git a/charts/ats-ingress/values.yaml b/charts/ats-ingress/values.yaml
index 687ae26..51e6ae4 100644
--- a/charts/ats-ingress/values.yaml
+++ b/charts/ats-ingress/values.yaml
@@ -18,91 +18,154 @@
# This is a YAML-formatted file.
# Declare variables to be passed into your templates.
-replicaCount: 1
+## Enable RBAC Authorization
+## ref: https://kubernetes.io/docs/reference/access-authn-authz/rbac/
+rbac:
+ create: true
-image:
- repository: kichan/ats-ingress
- pullPolicy: IfNotPresent
- tag: latest
+## Configure Service Account
+## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/
+serviceAccount:
+ create: true
+ name:
-imagePullSecrets: []
+## Override name / fullname for the controller
nameOverride: ""
fullnameOverride: ""
-serviceAccount:
- # Specifies whether a service account should be created
- create: true
- # Annotations to add to the service account
- annotations: {}
- # The name of the service account to use.
- # If not set and create is true, a name is generated using the fullname template
- name: ""
+## Controller default values
+controller:
+ name: controller
-podAnnotations: {}
+ ## Image Information
+ image:
+ repository: kichan/ats-ingress
+ pullPolicy: IfNotPresent
+ tag: latest
-podSecurityContext: {}
+ ## Private Registry configuration
+ ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
+ imageCredentials:
+ registry: null
+ username: null
+ password: null
+
+ ## Controller Service configuration
+ ## ref: https://kubernetes.io/docs/concepts/services-networking/service/
+ service:
+ type: NodePort
-securityContext: {}
+ ## Service annotations
+ ## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/
+ annotations: {}
-service:
- type: NodePort
- http:
- port: 80
- targetPort: 80
- nodePort: 30000
- https:
- port: 443
- targetPort: 443
- nodePort: 30043
+ ## Service labels
+ ## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/
+ labels: {}
+
+ http:
+ port: 80
+ targetPort: 80
+ nodePort: 30000
+ https:
+ port: 443
+ targetPort: 443
+ nodePort: 30043
-resources: {}
+ # clusterIP: ""
-autoscaling:
- enabled: false
- minReplicas: 2
- maxReplicas: 5
- # only used if the cluster doesn't support autoscaling/v2beta
- targetCPUUtilizationPercentage: 80
+ # sessionAffinity: ""
-nodeSelector: {}
+ # externalTrafficPolicy: "Local"
+
+ healthCheckNodePort: 0
-tolerations: []
+ externalIPs: []
-affinity: {}
+ loadBalancerIP: ""
-ats:
- ssl:
+ loadBalancerSourceRanges: []
+
+ replicaCount: 1
+
+ ## SSL certificate information
+ ssl:
path: "/etc/ats/ssl"
name: ats-ssl
secret: tls-secret
+
+ ## log location for ATS and controller program
log:
trafficserver:
dir: /usr/local/var/log/trafficserver
ingress:
dir: /usr/local/var/log/ingress
-exporter:
- name: trafficserver-exporter
- image:
- repository: kichan/ats-ingress-exporter
- pullPolicy: IfNotPresent
- tag: latest
- service:
- name: ats-stats-exporter
- port: 9122
- type: ClusterIP
-
-collector:
- name: log-collector
- path:
- trafficserver: "/var/log/trafficserver"
- ingress: "/var/log/ingress"
- fluentdConfigPath: "/fluentd/etc"
- image:
- repository: fluent/fluentd
- tag: v1.6-debian-1
- parse:
- trafficserver:
- defaultRegex: ^(?<timestamp>[^ ]*)\s(?<processing_time>[^ ]*)\s(?<client_ip>[^ ]*)\s(?<cache_result>[^ ]*)\s(?<response_length>[^ ]*)\s(?<request_method>[^ ]*)\s(?<url>[^ ]*)\s(?<username_authenticated_client>[^ ]*)\s(?<heirarchy_route>[^ ]*)\s(?<content_type>[^ ]*)$
- ingress:
- defaultRegex: ^(?<date>[^ ]*)\s(?<timestamp>[^ ]*)\s(?<log>.*)$
+ ## Additional labels to add to the deployment or daemonset metadata
+ ## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/
+ extraLabels: {}
+
+ ## Additional labels to add to the pod container metadata
+ ## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/
+ podLabels: {}
+
+ ## Additional annotations to add to the pod container metadata
+ ## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/
+ podAnnotations: {}
+
+ ## Set additional environment variables
+ extraEnvs: []
+
+ ## Add additional containers
+ extraContainers: []
+
+ ## Volumes required by additional containers
+ extraVolumes: []
+
+ ## Init Containers
+ ## ref: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/
+ initContainers: []
+
+ ## Pod Node assignment
+ ## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/
+ nodeSelector: {}
+
+ ## Node Taints and Tolerations for pod-node scheduling through attraction/repelling
+ ## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
+ tolerations: []
+
+ ## Node Affinity for pod-node scheduling constraints
+ ## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity
+ affinity: {}
+
+ ## Pod DNS Config
+ ## ref: https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/
+ dnsConfig: {}
+
+ ## Pod DNS Policy
+ ## ref: https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/#pod-s-dns-policy
+ dnsPolicy: Default
+
+ ## Controller Pod PriorityClass
+ ## ref: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/#priorityclass
+ priorityClassName: ""
+
+ ## Compute Resources for controller container
+ ## ref: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/
+ resources: {}
+
+ ## Controller deployment strategy definition
+ ## ref: https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#strategy
+ strategy: {}
+
+ ## Controller container lifecycle handlers
+ ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/attach-handler-lifecycle-event/
+ lifecycle: {}
+
+ ## Pod termination grace period
+ ## ref: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/
+ terminationGracePeriodSeconds: 60
+
+ ## minimum number of seconds for which a newly created Pod should be ready
+ ## ref: https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#min-ready-seconds
+ minReadySeconds: 30
diff --git a/docs/ats-ingress-0.1.0.tgz b/docs/ats-ingress-0.1.0.tgz
index 5daf4fd..5885dd7 100644
Binary files a/docs/ats-ingress-0.1.0.tgz and b/docs/ats-ingress-0.1.0.tgz differ
diff --git a/docs/index.html b/docs/index.html
index ab42728..f0b5199 100644
--- a/docs/index.html
+++ b/docs/index.html
@@ -16,7 +16,7 @@
<title>Chart repo</title>
</head>
<body>
- <h1><a href="https://github.com/apache/trafficserver-ingress-controller">Apache Traffic Server Ingress Controller</a>Charts Repo</h1>
+ <h1><a href="https://github.com/apache/trafficserver-ingress-controller">Apache Traffic Server Ingress Controller</a> Charts Repo</h1>
<p>Point Helm at this repo to see charts.</p>
</body>
</html>
diff --git a/docs/index.yaml b/docs/index.yaml
index 5ac9762..b6e9061 100644
--- a/docs/index.yaml
+++ b/docs/index.yaml
@@ -3,12 +3,12 @@ entries:
ats-ingress:
- apiVersion: v2
appVersion: 0.1.0
- created: "2020-11-25T15:31:08.491437-08:00"
+ created: "2020-11-28T02:57:15.235894-08:00"
description: A Helm chart for Kubernetes
- digest: ec9fea823a790c7aeee13a94bda4c61f775423edffe7c997736635fc74fa3d0f
+ digest: 01bd483f8632c6dfc3de85a1dc54aee3d4e1072fc28da91558006fc7e0b8b17c
name: ats-ingress
type: application
urls:
- https://apache.github.io/trafficserver-ingress-controller/ats-ingress-0.1.0.tgz
version: 0.1.0
-generated: "2020-11-25T15:31:08.490626-08:00"
+generated: "2020-11-28T02:57:15.234409-08:00"