You are viewing a plain text version of this content. The canonical link for it is here.
Posted to notifications@skywalking.apache.org by ke...@apache.org on 2023/03/24 09:44:24 UTC
[skywalking-kubernetes] branch master updated: Add `cert-manager` sub-chart as quick start (#115)
This is an automated email from the ASF dual-hosted git repository.
kezhenxu94 pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/skywalking-kubernetes.git
The following commit(s) were added to refs/heads/master by this push:
new 8cf4be8 Add `cert-manager` sub-chart as quick start (#115)
8cf4be8 is described below
commit 8cf4be873ca693340408b854d128d97fd088614e
Author: kezhenxu94 <ke...@apache.org>
AuthorDate: Fri Mar 24 17:44:18 2023 +0800
Add `cert-manager` sub-chart as quick start (#115)
Also unify the feature switch name to `enabled`.
---
.gitignore | 4 +++
chart/operator/Chart.yaml | 5 ++++
chart/operator/README.md | 31 +++++++++++-----------
chart/operator/templates/_helpers.tpl | 9 +------
chart/operator/templates/cert.yaml | 10 +++++--
chart/operator/templates/configmap.yaml | 6 ++---
chart/operator/templates/deployment.yaml | 12 ++++-----
chart/operator/templates/java-agent-configmap.yaml | 4 +--
chart/operator/templates/service.yaml | 6 ++---
chart/operator/templates/webhook.yaml | 4 +--
chart/operator/values.yaml | 11 ++++++--
test/e2e/swck/e2e.yaml | 1 +
12 files changed, 60 insertions(+), 43 deletions(-)
diff --git a/.gitignore b/.gitignore
index 2f4c86e..7e8eb29 100644
--- a/.gitignore
+++ b/.gitignore
@@ -4,4 +4,8 @@
.vscode
chart/skywalking/charts/
chart/skywalking/Chart.lock
+chart/operator/charts
+chart/operator/Chart.lock
+chart/adapter/charts
+chart/adapter/Chart.lock
*.tgz
diff --git a/chart/operator/Chart.yaml b/chart/operator/Chart.yaml
index c6dab8f..b7e3693 100644
--- a/chart/operator/Chart.yaml
+++ b/chart/operator/Chart.yaml
@@ -26,3 +26,8 @@ maintainers:
email: hanahmily@gmail.com
- name: dashanji
email: dashanjic@gmail.com
+dependencies:
+ - name: cert-manager
+ version: 1.9.1
+ repository: https://charts.jetstack.io
+ condition: cert-manager.enabled
diff --git a/chart/operator/README.md b/chart/operator/README.md
index 6e54aed..406b3be 100644
--- a/chart/operator/README.md
+++ b/chart/operator/README.md
@@ -37,21 +37,22 @@ The command removes all the operator components associated with the chart and de
The following table lists the configurable parameters of the operator chart and their default values.
-| Parameter | Description | Default |
-|--------------------------------------------------------------|--------------------------------------------------------------------------------------------------|--------------------------------------|
-| `fullnameOverride` | Override fullname | `nil` |
-| `.replicaCount` | The replicas of operator | `1` |
-| `.serviceAccountName` | The service account name of operator | `skywalking-swck-controller-manager` |
-| `.image.repository` | Operator container image name | `docker.io/apache/skywalking-swck` |
-| `.image.pullPolicy` | Operator container image pull policy | `IfNotPresent` |
-| `.image.tag` | Operator container image tag | `v0.7.0` |
-| `.metrics.service.port` | The port for the operator metrics service | `8443` |
-| `.webhook.service.port` | The port for the operator web hook service | `9443` |
-| `.resources.limits.cpu` | The limits of cpu in the operator | `200m` |
-| `.resources.limits.memory` | The limits of memory in the operator | `300Mi` |
-| `.resources.requests.cpu` | The requests of cpu in the operator | `200m` |
-| `.resources.requests.memory` | The requests of memory in the operator | `300Mi` |
-| `.affinity` | The affinity policy of operator | `{}` |
+| Parameter | Description | Default |
+|------------------------------|------------------------------------------------------------------------------------------------------------------------------|--------------------------------------|
+| `fullnameOverride` | Override fullname | `nil` |
+| `.replicaCount` | The replicas of operator | `1` |
+| `.serviceAccountName` | The service account name of operator | `skywalking-swck-controller-manager` |
+| `.image.repository` | Operator container image name | `docker.io/apache/skywalking-swck` |
+| `.image.pullPolicy` | Operator container image pull policy | `IfNotPresent` |
+| `.image.tag` | Operator container image tag | `v0.7.0` |
+| `.metrics.service.port` | The port for the operator metrics service | `8443` |
+| `.webhook.service.port` | The port for the operator web hook service | `9443` |
+| `.resources.limits.cpu` | The limits of cpu in the operator | `200m` |
+| `.resources.limits.memory` | The limits of memory in the operator | `300Mi` |
+| `.resources.requests.cpu` | The requests of cpu in the operator | `200m` |
+| `.resources.requests.memory` | The requests of memory in the operator | `300Mi` |
+| `.affinity` | The affinity policy of operator | `{}` |
+| `cert-manager.enabled` | Whether to install demo cert-manager. DO NOT use this in production, this is for quick start. | `false` |
Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. For example,
diff --git a/chart/operator/templates/_helpers.tpl b/chart/operator/templates/_helpers.tpl
index e6a38f5..26cfe39 100644
--- a/chart/operator/templates/_helpers.tpl
+++ b/chart/operator/templates/_helpers.tpl
@@ -15,13 +15,6 @@ See the License for the specific language governing permissions and
limitations under the License.
*/}}
-{{/*
-Expand the name of the chart.
-*/}}
-{{- define "operator.name" -}}
-{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
-{{- end }}
-
{{/*
Create a default fully qualified app name.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
@@ -63,7 +56,7 @@ app.kubernetes.io/managed-by: {{ .Release.Service }}
Selector labels
*/}}
{{- define "operator.selectorLabels" -}}
-app.kubernetes.io/name: {{ include "operator.name" . }}
+app.kubernetes.io/name: {{ include "operator.fullname" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
{{- end }}
diff --git a/chart/operator/templates/cert.yaml b/chart/operator/templates/cert.yaml
index 6a945be..2f43d41 100644
--- a/chart/operator/templates/cert.yaml
+++ b/chart/operator/templates/cert.yaml
@@ -13,12 +13,15 @@
# See the License for the specific language governing permissions and
# limitations under the License.
-{{- if .Values.webhook.enable }}
+{{- if .Values.webhook.enabled }}
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
name: {{ include "operator.fullname" . }}-serving-cert
namespace: {{ .Release.Namespace }}
+ annotations:
+ "helm.sh/hook": post-install,post-upgrade
+ "helm.sh/hook-weight": "2"
spec:
dnsNames:
- {{ include "operator.fullname" . }}-webhook-service.{{ .Release.Namespace }}.svc
@@ -33,6 +36,9 @@ kind: Issuer
metadata:
name: {{ include "operator.fullname" . }}-selfsigned-issuer
namespace: {{ .Release.Namespace }}
+ annotations:
+ "helm.sh/hook": post-install,post-upgrade
+ "helm.sh/hook-weight": "1"
spec:
selfSigned: {}
-{{- end }}
\ No newline at end of file
+{{- end }}
diff --git a/chart/operator/templates/configmap.yaml b/chart/operator/templates/configmap.yaml
index 265e4b1..8590b73 100644
--- a/chart/operator/templates/configmap.yaml
+++ b/chart/operator/templates/configmap.yaml
@@ -41,14 +41,14 @@ data:
kind: ControllerManagerConfig
health:
healthProbeBindAddress: :8081
- {{- if .Values.webhook.enable }}
+ {{- if .Values.webhook.enabled }}
metrics:
bindAddress: 127.0.0.1:8080
{{- end }}
- {{- if .Values.webhook.enable }}
+ {{- if .Values.webhook.enabled }}
webhook:
port: {{ .Values.webhook.service.port }}
{{- end }}
leaderElection:
leaderElect: true
- resourceName: v1alpha1.swck.skywalking.apache.org
\ No newline at end of file
+ resourceName: v1alpha1.swck.skywalking.apache.org
diff --git a/chart/operator/templates/deployment.yaml b/chart/operator/templates/deployment.yaml
index e8c2ac4..8206931 100644
--- a/chart/operator/templates/deployment.yaml
+++ b/chart/operator/templates/deployment.yaml
@@ -47,7 +47,7 @@ spec:
initialDelaySeconds: 15
periodSeconds: 20
name: manager
- {{- if .Values.webhook.enable }}
+ {{- if .Values.webhook.enabled }}
ports:
- containerPort: {{ .Values.webhook.service.port }}
name: webhook-server
@@ -64,7 +64,7 @@ spec:
securityContext:
{{- toYaml .Values.securityContext | nindent 10 }}
volumeMounts:
- {{- if .Values.webhook.enable }}
+ {{- if .Values.webhook.enabled }}
- mountPath: /tmp/k8s-webhook-server/serving-certs
name: cert
readOnly: true
@@ -73,7 +73,7 @@ spec:
name: manager-config
subPath: controller_manager_config.yaml
- args:
- {{- if .Values.metrics.enable }}
+ {{- if .Values.metrics.enabled }}
- --secure-listen-address=0.0.0.0:{{ .Values.metrics.service.port }}
{{- end }}
- --upstream=http://127.0.0.1:8080/
@@ -81,7 +81,7 @@ spec:
- --v=10
image: gcr.io/kubebuilder/kube-rbac-proxy:v0.8.0
name: kube-rbac-proxy
- {{- if .Values.metrics.enable }}
+ {{- if .Values.metrics.enabled }}
ports:
- containerPort: {{ .Values.metrics.service.port }}
name: https
@@ -92,7 +92,7 @@ spec:
serviceAccountName: {{ include "operator.fullname" . }}-controller-manager
terminationGracePeriodSeconds: 10
volumes:
- {{- if .Values.webhook.enable }}
+ {{- if .Values.webhook.enabled }}
- name: cert
secret:
defaultMode: 420
@@ -104,4 +104,4 @@ spec:
{{- with .Values.affinity }}
affinity:
{{- toYaml . | nindent 8 }}
- {{- end }}
\ No newline at end of file
+ {{- end }}
diff --git a/chart/operator/templates/java-agent-configmap.yaml b/chart/operator/templates/java-agent-configmap.yaml
index 6161bfe..6e80871 100644
--- a/chart/operator/templates/java-agent-configmap.yaml
+++ b/chart/operator/templates/java-agent-configmap.yaml
@@ -1,4 +1,4 @@
-{{- if .Values.webhook.enable }}
+{{- if .Values.webhook.enabled }}
apiVersion: v1
kind: ConfigMap
metadata:
@@ -13,4 +13,4 @@ data:
collector.backend_service=${SW_AGENT_COLLECTOR_BACKEND_SERVICES:127.0.0.1:11800}
# Please refer to https://skywalking.apache.org/docs/skywalking-java/latest/en/setup/service-agent/java-agent/configurations/#table-of-agent-configuration-properties to get more details.
-{{- end }}
\ No newline at end of file
+{{- end }}
diff --git a/chart/operator/templates/service.yaml b/chart/operator/templates/service.yaml
index 83231a5..0d8e2d1 100644
--- a/chart/operator/templates/service.yaml
+++ b/chart/operator/templates/service.yaml
@@ -13,7 +13,7 @@
# See the License for the specific language governing permissions and
# limitations under the License.
-{{- if .Values.metrics.enable }}
+{{- if .Values.metrics.enabled }}
apiVersion: v1
kind: Service
metadata:
@@ -31,7 +31,7 @@ spec:
control-plane: {{ include "operator.fullname" . }}-controller-manager
{{- end }}
---
-{{- if .Values.webhook.enable }}
+{{- if .Values.webhook.enabled }}
apiVersion: v1
kind: Service
metadata:
@@ -44,4 +44,4 @@ spec:
targetPort: {{ .Values.webhook.service.port }}
selector:
control-plane: {{ include "operator.fullname" . }}-controller-manager
-{{- end }}
\ No newline at end of file
+{{- end }}
diff --git a/chart/operator/templates/webhook.yaml b/chart/operator/templates/webhook.yaml
index 4d38c08..db16a44 100644
--- a/chart/operator/templates/webhook.yaml
+++ b/chart/operator/templates/webhook.yaml
@@ -13,7 +13,7 @@
# See the License for the specific language governing permissions and
# limitations under the License.
-{{- if .Values.webhook.enable }}
+{{- if .Values.webhook.enabled }}
apiVersion: admissionregistration.k8s.io/v1
kind: MutatingWebhookConfiguration
metadata:
@@ -412,4 +412,4 @@ webhooks:
resources:
- uis
sideEffects: None
-{{- end }}
\ No newline at end of file
+{{- end }}
diff --git a/chart/operator/values.yaml b/chart/operator/values.yaml
index f10c96c..ddbed3a 100644
--- a/chart/operator/values.yaml
+++ b/chart/operator/values.yaml
@@ -27,7 +27,7 @@ image:
securityContext:
allowPrivilegeEscalation: false
metrics:
- enable: true
+ enabled: true
service:
port: 8443
# install crds
@@ -36,7 +36,7 @@ crds:
# enable webhook.
webhook:
# If set to false, java agent injector is disabled.
- enable: true
+ enabled: true
service:
port: 9443
resources:
@@ -51,3 +51,10 @@ resources:
cpu: 200m
memory: 300Mi
affinity: {}
+
+nameOverride: ""
+fullnameOverride: ""
+
+cert-manager:
+ enabled: false
+ installCRDs: true
diff --git a/test/e2e/swck/e2e.yaml b/test/e2e/swck/e2e.yaml
index 57ac70a..c83863e 100644
--- a/test/e2e/swck/e2e.yaml
+++ b/test/e2e/swck/e2e.yaml
@@ -40,6 +40,7 @@ setup:
for: condition=Available
- name: Install operator
command: |
+ helm dep up chart/operator
helm install operator chart/operator --namespace=skywalking-swck-system \
--create-namespace \
--set fullnameOverride=skywalking-swck