diff --git a/stable/kommander/Chart.yaml b/stable/kommander/Chart.yaml index e9d11075e..ef2b7c406 100644 --- a/stable/kommander/Chart.yaml +++ b/stable/kommander/Chart.yaml @@ -3,6 +3,6 @@ name: kommander home: https://github.com/mesosphere/kommander appVersion: "1.40.0" description: Kommander -version: 0.1.6 +version: 0.1.7 maintainers: - name: hectorj2f diff --git a/stable/kommander/templates/crd.yaml b/stable/kommander/templates/crd.yaml index 768c5f7f8..89d6b521d 100644 --- a/stable/kommander/templates/crd.yaml +++ b/stable/kommander/templates/crd.yaml @@ -8,13 +8,16 @@ metadata: chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" release: "{{ .Release.name }}" heritage: "{{ .Release.Service }}" + annotations: + "helm.sh/hook": crd-install + "helm.sh/hook-delete-policy": "before-hook-creation" spec: group: stable.mesosphere.com versions: - name: v1 served: true storage: true - scope: Cluster + scope: Namespaced names: plural: observableclusters singular: observablecluster diff --git a/stable/kommander/templates/deployment.yaml b/stable/kommander/templates/deployment.yaml index ca0874ef1..c53dbb5ec 100644 --- a/stable/kommander/templates/deployment.yaml +++ b/stable/kommander/templates/deployment.yaml @@ -19,7 +19,7 @@ spec: app: {{ template "kommander.fullname" . }} namespace: {{ .Release.Namespace }} spec: - serviceAccountName: admin-user-kommander + serviceAccountName: {{ template "kommander.fullname" . }} imagePullSecrets: - name: dockerhub initContainers: @@ -54,3 +54,5 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace + - name: MODE + value: {{ .Values.mode }} diff --git a/stable/kommander/templates/ingress.yaml b/stable/kommander/templates/ingress.yaml index d3c4370b8..0c70e5e0b 100644 --- a/stable/kommander/templates/ingress.yaml +++ b/stable/kommander/templates/ingress.yaml @@ -10,14 +10,20 @@ metadata: heritage: "{{ .Release.Service }}" annotations: kubernetes.io/ingress.class: traefik +{{- if (eq "konvoy" .Values.mode) }} + traefik.ingress.kubernetes.io/rewrite-target: / + traefik.ingress.kubernetes.io/priority: "1" +{{- else }} traefik.frontend.rule.type: {{ .Values.ingress.traefikFrontendRuleType }} {{- with .Values.ingress.extraAnnotations }} {{- toYaml . | nindent 4 }} {{- end }} +{{- end }} spec: rules: - http: paths: - {{- with .Values.ingress.paths }} - {{- toYaml . | nindent 10 }} - {{- end }} + - backend: + serviceName: {{ .Values.service.name }} + servicePort: 80 + path: {{ .Values.ingress.path }} diff --git a/stable/kommander/templates/observablecluster.yaml b/stable/kommander/templates/observablecluster.yaml new file mode 100644 index 000000000..138bcf09c --- /dev/null +++ b/stable/kommander/templates/observablecluster.yaml @@ -0,0 +1,23 @@ +{{- if (eq "konvoy" .Values.mode) }} +--- +apiVersion: v1 +kind: Secret +type: kubernetes.io/service-account-token +metadata: + name: {{ template "kommander.fullname" . }}-token + annotations: + kubernetes.io/service-account.name: {{ template "kommander.fullname" . }} + namespace: {{ .Release.Namespace }} + labels: + kommanderType: clusterToken +--- +apiVersion: "stable.mesosphere.com/v1" +kind: ObservableCluster +metadata: + name: konvoy + namespace: {{ .Release.Namespace }} +spec: + displayName: konvoy + authenticationSecretName: {{ template "kommander.fullname" . }}-token + apiServer: https://kubernetes.default +{{ end }} diff --git a/stable/kommander/templates/serviceaccount.yaml b/stable/kommander/templates/serviceaccount.yaml index c794dd3cc..e951a1726 100644 --- a/stable/kommander/templates/serviceaccount.yaml +++ b/stable/kommander/templates/serviceaccount.yaml @@ -3,11 +3,15 @@ apiVersion: v1 kind: ServiceAccount metadata: name: {{ template "kommander.fullname" . }} + namespace: {{ .Release.Namespace }} labels: app: {{ template "kommander.fullname" . }} chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" release: "{{ .Release.name }}" heritage: "{{ .Release.Service }}" + # pre-install for kubernetes.io/service-account-token + annotations: + helm.sh/hook: pre-install --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding diff --git a/stable/kommander/values.yaml b/stable/kommander/values.yaml index 89cfe0a7c..fc5dc4cc1 100644 --- a/stable/kommander/values.yaml +++ b/stable/kommander/values.yaml @@ -4,6 +4,9 @@ image: pullPolicy: IfNotPresent replicas: 1 +# Mode must be either production|konvoy +mode: production + extraInitContainers: resources: @@ -29,10 +32,4 @@ ingress: traefikFrontendRuleType: PathPrefixStrip # extraAnnotations: # ingress.kubernetes.io/foo: bar - paths: - # kommander - - backend: - ### This must match the service name set above - serviceName: kommander - servicePort: 4000 - path: /ops/portal/kommander + path: /ops/portal/kommander diff --git a/stable/opsportal/Chart.yaml b/stable/opsportal/Chart.yaml index ae7b42c6c..0657d6e39 100644 --- a/stable/opsportal/Chart.yaml +++ b/stable/opsportal/Chart.yaml @@ -2,4 +2,4 @@ apiVersion: v1 appVersion: "1.0.0" description: OpsPortal Chart name: opsportal -version: 0.0.1 +version: 0.0.2 diff --git a/stable/opsportal/html-templates/index.html b/stable/opsportal/html-templates/index.html deleted file mode 100644 index 1561fa9ed..000000000 --- a/stable/opsportal/html-templates/index.html +++ /dev/null @@ -1,24 +0,0 @@ - - - -Konvoy - - -
- -
-
-
-

Welcome to Konvoy!

-
- - Kubernetes logo

Kubernetes Dashboard

 Grafana logo

Grafana Metrics

 Kibana logo

Kibana Logs

 Prometheus logo

Prometheus

 Prometheus logo

Prometheus Alert Manager

 Traefik logo -

Traefik Dashboard

- -
-
-
- \ No newline at end of file diff --git a/stable/opsportal/templates/_helperts.tpl b/stable/opsportal/templates/_helperts.tpl new file mode 100644 index 000000000..f9425bda4 --- /dev/null +++ b/stable/opsportal/templates/_helperts.tpl @@ -0,0 +1,32 @@ +{{/* vim: set filetype=mustache: */}} +{{/* +Expand the name of the chart. +*/}} +{{- define "opsportal.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "opsportal.fullname" -}} +{{- if .Values.fullnameOverride -}} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- $name := default .Chart.Name .Values.nameOverride -}} +{{- if contains $name .Release.Name -}} +{{- .Release.Name | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} +{{- end -}} +{{- end -}} +{{- end -}} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "opsportal.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} +{{- end -}} diff --git a/stable/opsportal/templates/configmap-landing.yaml b/stable/opsportal/templates/configmap-landing.yaml deleted file mode 100644 index 5a69df7ec..000000000 --- a/stable/opsportal/templates/configmap-landing.yaml +++ /dev/null @@ -1,40 +0,0 @@ ---- -apiVersion: v1 -kind: ConfigMap -metadata: - creationTimestamp: null - name: opsportal-landing-html - namespace: {{ .Release.Namespace }} - labels: - app: opsportal-landing -data: -{{ (.Files.Glob "html-templates/index.html").AsConfig | indent 2 }} - ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: opsportal-landing-conf - namespace: {{ .Release.Namespace }} - labels: - app: opsportal-landing -data: - nginx.conf: | - worker_processes 1; - error_log /dev/stdout info; - events { - worker_connections 1024; - } - http { - server { - access_log /dev/stdout; - listen 80; - root /usr/share/nginx/html; - location / { - try_files $uri /index.html; - } - location = /index.html { - expires 30s; - } - } - } diff --git a/stable/opsportal/templates/deployment-bearerproxy.yaml b/stable/opsportal/templates/deployment-bearerproxy.yaml index 48a674359..6ec7569d3 100644 --- a/stable/opsportal/templates/deployment-bearerproxy.yaml +++ b/stable/opsportal/templates/deployment-bearerproxy.yaml @@ -1,4 +1,3 @@ -{{- if .Values.bearerproxy.enabled }} --- apiVersion: apps/v1 kind: Deployment @@ -32,5 +31,4 @@ spec: valueFrom: secretKeyRef: key: token - name: ops-portal-admin-token -{{- end }} + name: {{ template "opsportal.fullname" . }}-token diff --git a/stable/opsportal/templates/deployment-landing.yaml b/stable/opsportal/templates/deployment-landing.yaml deleted file mode 100644 index 494af45dd..000000000 --- a/stable/opsportal/templates/deployment-landing.yaml +++ /dev/null @@ -1,36 +0,0 @@ ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - app: opsportal-landing - name: opsportal-landing - namespace: {{ .Release.Namespace }} -spec: - selector: - matchLabels: - app: opsportal-landing - template: - metadata: - labels: - app: opsportal-landing - spec: - containers: - - name: opsportal-landing - image: "{{ .Values.landing.image.repository }}:{{ .Values.landing.image.tag }}" - imagePullPolicy: "{{ .Values.landing.image.pullPolicy }}" - ports: - - containerPort: 80 - protocol: TCP - volumeMounts: - - name: landing-html - mountPath: /usr/share/nginx/html - - name: landing-conf - mountPath: /etc/nginx - volumes: - - name: landing-html - configMap: - name: opsportal-landing-html - - name: landing-conf - configMap: - name: opsportal-landing-conf diff --git a/stable/opsportal/templates/ingress-landing.yaml b/stable/opsportal/templates/ingress-landing.yaml deleted file mode 100644 index 25fa04a46..000000000 --- a/stable/opsportal/templates/ingress-landing.yaml +++ /dev/null @@ -1,19 +0,0 @@ ---- -apiVersion: extensions/v1beta1 -kind: Ingress -metadata: - annotations: - kubernetes.io/ingress.class: traefik - traefik.ingress.kubernetes.io/rewrite-target: / - traefik.ingress.kubernetes.io/priority: "1" - ingress.kubernetes.io/auth-secret: ops-portal-htpasswd - ingress.kubernetes.io/auth-type: basic - name: opsportal-landing - namespace: {{ .Release.Namespace }} -spec: - rules: - - http: - paths: - - backend: - serviceName: {{ .Values.landing.ingress.backend.serviceName }} - servicePort: {{ .Values.landing.ingress.backend.servicePort }} diff --git a/stable/opsportal/templates/ingress-opsportal.yaml b/stable/opsportal/templates/ingress-opsportal.yaml index 434306907..5c2d1d69e 100644 --- a/stable/opsportal/templates/ingress-opsportal.yaml +++ b/stable/opsportal/templates/ingress-opsportal.yaml @@ -5,22 +5,12 @@ metadata: annotations: kubernetes.io/ingress.class: traefik traefik.frontend.rule.type: PathPrefixStrip - ingress.kubernetes.io/auth-secret: ops-portal-htpasswd - ingress.kubernetes.io/auth-type: basic - ingress.kubernetes.io/auth-header-field: X-WebAuth-User - name: ops-portal + name: {{ template "opsportal.fullname" . }}-addons namespace: {{ .Release.Namespace }} spec: rules: - http: paths: -{{- if .Values.bearerproxy.enabled }} - # kubernetes-dashboard - - backend: - serviceName: {{ .Values.bearerproxy.ingress.backend.serviceName }} - servicePort: {{ .Values.bearerproxy.port }} - path: {{ .Values.bearerproxy.ingress.path }} -{{- end }} {{- with .Values.opsportal.ingress.paths }} {{ toYaml . | indent 10 }} {{- end }} diff --git a/stable/opsportal/templates/roles-bearerproxy.yaml b/stable/opsportal/templates/roles-bearerproxy.yaml index 5afa6e3e0..d4a82562a 100644 --- a/stable/opsportal/templates/roles-bearerproxy.yaml +++ b/stable/opsportal/templates/roles-bearerproxy.yaml @@ -1,22 +1,31 @@ -{{- if .Values.bearerproxy.enabled }} --- apiVersion: v1 kind: ServiceAccount metadata: - name: ops-portal-admin + name: {{ template "opsportal.fullname" . }} namespace: {{ .Release.Namespace }} - + # pre-install for kubernetes.io/service-account-token + annotations: + helm.sh/hook: pre-install --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: - name: ops-portal-admin + name: {{ template "opsportal.fullname" . }} roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole name: cluster-admin subjects: - kind: ServiceAccount - name: ops-portal-admin + name: {{ template "opsportal.fullname" . }} namespace: {{ .Release.Namespace }} -{{- end }} \ No newline at end of file +--- +apiVersion: v1 +kind: Secret +type: kubernetes.io/service-account-token +metadata: + name: {{ template "opsportal.fullname" . }}-token + annotations: + kubernetes.io/service-account.name: {{ template "opsportal.fullname" . }} + namespace: {{ .Release.Namespace }} diff --git a/stable/opsportal/templates/service-bearerproxy.yaml b/stable/opsportal/templates/service-bearerproxy.yaml index 777e2accc..642995c06 100644 --- a/stable/opsportal/templates/service-bearerproxy.yaml +++ b/stable/opsportal/templates/service-bearerproxy.yaml @@ -1,4 +1,3 @@ -{{- if .Values.bearerproxy.enabled }} --- apiVersion: v1 kind: Service @@ -15,4 +14,3 @@ spec: targetPort: 9091 selector: app: bearerproxy -{{- end }} \ No newline at end of file diff --git a/stable/opsportal/templates/service-landing.yaml b/stable/opsportal/templates/service-landing.yaml deleted file mode 100644 index 50e948f9b..000000000 --- a/stable/opsportal/templates/service-landing.yaml +++ /dev/null @@ -1,16 +0,0 @@ ---- -apiVersion: v1 -kind: Service -metadata: - labels: - app: opsportal-landing - name: opsportal-landing - namespace: {{ .Release.Namespace }} -spec: - ports: - - name: opsportal-landing - port: {{ .Values.landing.port }} - protocol: TCP - targetPort: 80 - selector: - app: opsportal-landing diff --git a/stable/opsportal/values.yaml b/stable/opsportal/values.yaml index c8322b6d8..344df67b1 100644 --- a/stable/opsportal/values.yaml +++ b/stable/opsportal/values.yaml @@ -1,19 +1,18 @@ bearerproxy: - enabled: false port: 9091 image: repository: "quay.io/joejulian/bearerproxy" tag: "latest" pullPolicy: "Always" - # kubernetes-dashboard - ingress: - backend: - serviceName: bearerproxy - path: /ops/portal/kubernetes opsportal: ingress: paths: + # kubernetes-dashboard + - backend: + serviceName: bearerproxy + servicePort: 9091 + path: /ops/portal/kubernetes # kibana - backend: serviceName: kibana-kubeaddons @@ -39,14 +38,3 @@ opsportal: serviceName: traefik-kubeaddons-dashboard servicePort: 80 path: /ops/portal/traefik - -landing: - port: 80 - image: - repository: "nginx" - tag: "1.15-alpine" - pullPolicy: "IfNotPresent" - ingress: - backend: - serviceName: opsportal-landing - servicePort: 80 \ No newline at end of file