Merge "helm chart for local static volume provisioner"
This commit is contained in:
commit
81d2e09a92
16
charts/local-static-provisioner/Chart.yaml
Normal file
16
charts/local-static-provisioner/Chart.yaml
Normal file
@ -0,0 +1,16 @@
|
||||
apiVersion: v1
|
||||
name: provisioner
|
||||
description: local provisioner chart
|
||||
keywords:
|
||||
- storage
|
||||
- local
|
||||
|
||||
# This is the chart version. This version number should be incremented each time you make changes
|
||||
# to the chart and its templates, including the app version.
|
||||
# Versions are expected to follow Semantic Versioning (https://semver.org/)
|
||||
version: 2.4.0
|
||||
|
||||
# This is the version number of the application being deployed. This version number should be
|
||||
# incremented each time you make changes to the application. Versions are not expected to
|
||||
# follow Semantic Versioning. They should reflect the version the application is using.
|
||||
appVersion: 2.4.0
|
1
charts/local-static-provisioner/templates/NOTES.txt
Normal file
1
charts/local-static-provisioner/templates/NOTES.txt
Normal file
@ -0,0 +1 @@
|
||||
provisioner installed
|
42
charts/local-static-provisioner/templates/_helpers.tpl
Normal file
42
charts/local-static-provisioner/templates/_helpers.tpl
Normal file
@ -0,0 +1,42 @@
|
||||
{{/*
|
||||
Create chart name and version as used by the chart label.
|
||||
*/}}
|
||||
{{- define "provisioner.chart" -}}
|
||||
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Expand the name of the chart.
|
||||
*/}}
|
||||
{{- define "provisioner.name" -}}
|
||||
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Create a default fully qualified app name.
|
||||
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
|
||||
If release name contains chart name it will be used as a full name.
|
||||
*/}}
|
||||
{{- define "provisioner.fullname" -}}
|
||||
{{- if .Values.fullnameOverride -}}
|
||||
{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
|
||||
{{- else -}}
|
||||
{{- $name := default .Chart.Name .Values.nameOverride -}}
|
||||
{{- if contains $name .Release.Name -}}
|
||||
{{- .Release.Name | trunc 63 | trimSuffix "-" -}}
|
||||
{{- else -}}
|
||||
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Create the name of the service account to use
|
||||
*/}}
|
||||
{{- define "provisioner.serviceAccountName" -}}
|
||||
{{- if .Values.common.serviceAccount.create -}}
|
||||
{{ default (include "provisioner.fullname" .) .Values.common.serviceAccount.name }}
|
||||
{{- else -}}
|
||||
{{ default "default" .Values.common.serviceAccount.name }}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
59
charts/local-static-provisioner/templates/configmap.yaml
Normal file
59
charts/local-static-provisioner/templates/configmap.yaml
Normal file
@ -0,0 +1,59 @@
|
||||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
name: {{ template "provisioner.fullname" . }}-config
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
helm.sh/chart: {{ template "provisioner.chart" . }}
|
||||
app.kubernetes.io/name: {{ template "provisioner.name" . }}
|
||||
app.kubernetes.io/managed-by: {{ .Release.Service }}
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
data:
|
||||
{{- if .Values.daemonset.nodeLabels }}
|
||||
nodeLabelsForPV: |
|
||||
{{- range $label := .Values.daemonset.nodeLabels }}
|
||||
- {{$label}}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- if .Values.common.labelsForPV }}
|
||||
labelsForPV: |
|
||||
{{- range $label, $value := .Values.common.labelsForPV }}
|
||||
{{$label}} : {{$value}}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- if .Values.common.useAlphaAPI }}
|
||||
useAlphaAPI: "true"
|
||||
{{- end }}
|
||||
{{- if .Values.common.setPVOwnerRef }}
|
||||
setPVOwnerRef: "true"
|
||||
{{- end }}
|
||||
{{- if .Values.common.useJobForCleaning }}
|
||||
useJobForCleaning: "yes"
|
||||
{{- end}}
|
||||
{{- if .Values.common.useNodeNameOnly }}
|
||||
useNodeNameOnly: "true"
|
||||
{{- end }}
|
||||
{{- if .Values.common.minResyncPeriod }}
|
||||
minResyncPeriod: {{ .Values.common.minResyncPeriod | quote }}
|
||||
{{- end}}
|
||||
storageClassMap: |
|
||||
{{- range $classConfig := .Values.classes }}
|
||||
{{ $classConfig.name }}:
|
||||
hostDir: {{ $classConfig.hostDir }}
|
||||
mountDir: {{ $classConfig.mountDir | default $classConfig.hostDir }}
|
||||
{{- if $classConfig.blockCleanerCommand }}
|
||||
blockCleanerCommand:
|
||||
{{- range $val := $classConfig.blockCleanerCommand }}
|
||||
- {{ $val | quote }}
|
||||
{{- end}}
|
||||
{{- end }}
|
||||
{{- if $classConfig.volumeMode }}
|
||||
volumeMode: {{ $classConfig.volumeMode }}
|
||||
{{- end }}
|
||||
{{- if $classConfig.fsType }}
|
||||
fsType: {{ $classConfig.fsType }}
|
||||
{{- end }}
|
||||
{{- if $classConfig.namePattern }}
|
||||
namePattern: {{ $classConfig.namePattern | quote }}
|
||||
{{- end }}
|
||||
{{- end }}
|
103
charts/local-static-provisioner/templates/daemonset.yaml
Normal file
103
charts/local-static-provisioner/templates/daemonset.yaml
Normal file
@ -0,0 +1,103 @@
|
||||
---
|
||||
apiVersion: apps/v1
|
||||
kind: DaemonSet
|
||||
metadata:
|
||||
name: {{ include "provisioner.fullname" . }}
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
helm.sh/chart: {{ template "provisioner.chart" . }}
|
||||
app.kubernetes.io/name: {{ template "provisioner.name" . }}
|
||||
app.kubernetes.io/managed-by: {{ .Release.Service }}
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
spec:
|
||||
selector:
|
||||
matchLabels:
|
||||
app.kubernetes.io/name: {{ template "provisioner.name" . }}
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app.kubernetes.io/name: {{ template "provisioner.name" . }}
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
{{- if .Values.daemonset.podLabels }}
|
||||
{{ .Values.daemonset.podLabels | toYaml | trim | indent 8 }}
|
||||
{{- end }}
|
||||
annotations:
|
||||
checksum/config: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }}
|
||||
{{- if .Values.daemonset.podAnnotations }}
|
||||
{{ .Values.daemonset.podAnnotations | toYaml | trim | indent 8 }}
|
||||
{{- end }}
|
||||
spec:
|
||||
serviceAccountName: {{ template "provisioner.serviceAccountName" . }}
|
||||
{{- if .Values.daemonset.priorityClassName }}
|
||||
priorityClassName: {{.Values.daemonset.priorityClassName}}
|
||||
{{- end }}
|
||||
{{- if .Values.daemonset.nodeSelector }}
|
||||
nodeSelector:
|
||||
{{ toYaml .Values.daemonset.nodeSelector | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- if .Values.daemonset.tolerations }}
|
||||
tolerations:
|
||||
{{ toYaml .Values.daemonset.tolerations | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- if .Values.daemonset.affinity }}
|
||||
affinity:
|
||||
{{ toYaml .Values.daemonset.affinity | nindent 8 }}
|
||||
{{- end }}
|
||||
containers:
|
||||
- name: provisioner
|
||||
image: {{ .Values.daemonset.image }}
|
||||
{{- if .Values.daemonset.imagePullPolicy }}
|
||||
imagePullPolicy: {{ .Values.daemonset.imagePullPolicy }}
|
||||
{{- end }}
|
||||
securityContext:
|
||||
privileged: {{ .Values.daemonset.privileged }}
|
||||
{{- if .Values.daemonset.resources }}
|
||||
resources:
|
||||
{{ toYaml .Values.daemonset.resources | nindent 12 }}
|
||||
{{- end }}
|
||||
env:
|
||||
- name: MY_NODE_NAME
|
||||
valueFrom:
|
||||
fieldRef:
|
||||
fieldPath: spec.nodeName
|
||||
- name: MY_NAMESPACE
|
||||
valueFrom:
|
||||
fieldRef:
|
||||
fieldPath: metadata.namespace
|
||||
- name: JOB_CONTAINER_IMAGE
|
||||
value: {{ .Values.daemonset.image }}
|
||||
{{- if .Values.daemonset.kubeConfigEnv }}
|
||||
- name: KUBECONFIG
|
||||
value: {{.Values.daemonset.kubeConfigEnv}}
|
||||
{{- end }}
|
||||
ports:
|
||||
- name: metrics
|
||||
containerPort: 8080
|
||||
volumeMounts:
|
||||
- name: provisioner-config
|
||||
mountPath: /etc/provisioner/config
|
||||
readOnly: true
|
||||
{{- if .Values.common.mountDevVolume }}
|
||||
- name: provisioner-dev
|
||||
mountPath: /dev
|
||||
{{- end }}
|
||||
{{- range $classConfig := .Values.classes }}
|
||||
- name: {{ $classConfig.name }}
|
||||
mountPath: {{ $classConfig.mountDir | default $classConfig.hostDir }}
|
||||
mountPropagation: HostToContainer
|
||||
{{- end }}
|
||||
volumes:
|
||||
- name: provisioner-config
|
||||
configMap:
|
||||
name: {{ template "provisioner.fullname" . }}-config
|
||||
{{- if .Values.common.mountDevVolume }}
|
||||
- name: provisioner-dev
|
||||
hostPath:
|
||||
path: /dev
|
||||
{{- end }}
|
||||
{{- range $classConfig := .Values.classes }}
|
||||
- name: {{ $classConfig.name }}
|
||||
hostPath:
|
||||
path: {{ $classConfig.hostDir }}
|
||||
{{- end }}
|
38
charts/local-static-provisioner/templates/psp.yaml
Normal file
38
charts/local-static-provisioner/templates/psp.yaml
Normal file
@ -0,0 +1,38 @@
|
||||
{{- if .Values.common.rbac.pspEnabled -}}
|
||||
apiVersion: policy/v1beta1
|
||||
kind: PodSecurityPolicy
|
||||
metadata:
|
||||
name: {{ template "provisioner.fullname" . }}
|
||||
labels:
|
||||
helm.sh/chart: {{ template "provisioner.chart" . }}
|
||||
app.kubernetes.io/name: {{ template "provisioner.name" . }}
|
||||
app.kubernetes.io/managed-by: {{ .Release.Service }}
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
spec:
|
||||
allowPrivilegeEscalation: true
|
||||
allowedHostPaths:
|
||||
{{- if .Values.common.mountDevVolume }}
|
||||
- pathPrefix: /dev
|
||||
{{- end }}
|
||||
{{- range $classConfig := .Values.classes }}
|
||||
- pathPrefix: {{ $classConfig.hostDir }}
|
||||
{{- end }}
|
||||
fsGroup:
|
||||
rule: RunAsAny
|
||||
privileged: {{ .Values.daemonset.privileged }}
|
||||
requiredDropCapabilities:
|
||||
- ALL
|
||||
runAsUser:
|
||||
ranges:
|
||||
- max: 65535
|
||||
min: 1
|
||||
rule: MustRunAs
|
||||
seLinux:
|
||||
rule: RunAsAny
|
||||
supplementalGroups:
|
||||
rule: RunAsAny
|
||||
volumes:
|
||||
- configMap
|
||||
- secret
|
||||
- hostPath
|
||||
{{- end }}
|
131
charts/local-static-provisioner/templates/rbac.yaml
Normal file
131
charts/local-static-provisioner/templates/rbac.yaml
Normal file
@ -0,0 +1,131 @@
|
||||
{{- if .Values.common.rbac.create }}
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: ClusterRoleBinding
|
||||
metadata:
|
||||
name: {{ template "provisioner.fullname" . }}-pv-binding
|
||||
labels:
|
||||
helm.sh/chart: {{ template "provisioner.chart" . }}
|
||||
app.kubernetes.io/name: {{ template "provisioner.name" . }}
|
||||
app.kubernetes.io/managed-by: {{ .Release.Service }}
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
subjects:
|
||||
- kind: ServiceAccount
|
||||
name: {{ template "provisioner.serviceAccountName" . }}
|
||||
namespace: {{ .Release.Namespace }}
|
||||
roleRef:
|
||||
kind: ClusterRole
|
||||
name: system:persistent-volume-provisioner
|
||||
apiGroup: rbac.authorization.k8s.io
|
||||
---
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: ClusterRole
|
||||
metadata:
|
||||
name: {{ template "provisioner.fullname" . }}-node-clusterrole
|
||||
labels:
|
||||
helm.sh/chart: {{ template "provisioner.chart" . }}
|
||||
app.kubernetes.io/name: {{ template "provisioner.name" . }}
|
||||
app.kubernetes.io/managed-by: {{ .Release.Service }}
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
rules:
|
||||
- apiGroups: [""]
|
||||
resources: ["nodes"]
|
||||
verbs: ["get"]
|
||||
---
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: ClusterRoleBinding
|
||||
metadata:
|
||||
name: {{ template "provisioner.fullname" . }}-node-binding
|
||||
labels:
|
||||
helm.sh/chart: {{ template "provisioner.chart" . }}
|
||||
app.kubernetes.io/name: {{ template "provisioner.name" . }}
|
||||
app.kubernetes.io/managed-by: {{ .Release.Service }}
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
subjects:
|
||||
- kind: ServiceAccount
|
||||
name: {{ template "provisioner.serviceAccountName" . }}
|
||||
namespace: {{ .Release.Namespace }}
|
||||
roleRef:
|
||||
kind: ClusterRole
|
||||
name: {{ template "provisioner.fullname" . }}-node-clusterrole
|
||||
apiGroup: rbac.authorization.k8s.io
|
||||
{{- if .Values.common.useJobForCleaning }}
|
||||
---
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: Role
|
||||
metadata:
|
||||
name: {{ template "provisioner.fullname" . }}-jobs-role
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
helm.sh/chart: {{ template "provisioner.chart" . }}
|
||||
app.kubernetes.io/name: {{ template "provisioner.name" . }}
|
||||
app.kubernetes.io/managed-by: {{ .Release.Service }}
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
rules:
|
||||
- apiGroups:
|
||||
- 'batch'
|
||||
resources:
|
||||
- jobs
|
||||
verbs:
|
||||
- '*'
|
||||
---
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: RoleBinding
|
||||
metadata:
|
||||
name: {{ template "provisioner.fullname" . }}-jobs-rolebinding
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
helm.sh/chart: {{ template "provisioner.chart" . }}
|
||||
app.kubernetes.io/name: {{ template "provisioner.name" . }}
|
||||
app.kubernetes.io/managed-by: {{ .Release.Service }}
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
subjects:
|
||||
- kind: ServiceAccount
|
||||
name: {{ template "provisioner.serviceAccountName" . }}
|
||||
namespace: {{ .Release.Namespace }}
|
||||
roleRef:
|
||||
kind: Role
|
||||
name: {{ template "provisioner.fullname" . }}-jobs-role
|
||||
apiGroup: rbac.authorization.k8s.io
|
||||
{{- end }}
|
||||
{{- if .Values.common.rbac.pspEnabled }}
|
||||
---
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: Role
|
||||
metadata:
|
||||
name: {{ template "provisioner.fullname" . }}-psp-role
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
helm.sh/chart: {{ template "provisioner.chart" . }}
|
||||
app.kubernetes.io/name: {{ template "provisioner.name" . }}
|
||||
app.kubernetes.io/managed-by: {{ .Release.Service }}
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
rules:
|
||||
- apiGroups:
|
||||
- policy
|
||||
resources:
|
||||
- podsecuritypolicies
|
||||
resourceNames:
|
||||
- {{ template "provisioner.fullname" . }}
|
||||
verbs:
|
||||
- use
|
||||
---
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: RoleBinding
|
||||
metadata:
|
||||
name: {{ template "provisioner.fullname" . }}-psp-rolebinding
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
helm.sh/chart: {{ template "provisioner.chart" . }}
|
||||
app.kubernetes.io/name: {{ template "provisioner.name" . }}
|
||||
app.kubernetes.io/managed-by: {{ .Release.Service }}
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
subjects:
|
||||
- kind: ServiceAccount
|
||||
name: {{ template "provisioner.serviceAccountName" . }}
|
||||
namespace: {{ .Release.Namespace }}
|
||||
roleRef:
|
||||
kind: Role
|
||||
name: {{ template "provisioner.fullname" . }}-psp-role
|
||||
apiGroup: rbac.authorization.k8s.io
|
||||
{{- end }}
|
||||
{{- end }}
|
@ -0,0 +1,12 @@
|
||||
{{- if .Values.common.serviceAccount.create }}
|
||||
apiVersion: v1
|
||||
kind: ServiceAccount
|
||||
metadata:
|
||||
name: {{ template "provisioner.serviceAccountName" . }}
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
helm.sh/chart: {{ template "provisioner.chart" . }}
|
||||
app.kubernetes.io/name: {{ template "provisioner.name" . }}
|
||||
app.kubernetes.io/managed-by: {{ .Release.Service }}
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
{{- end }}
|
@ -0,0 +1,53 @@
|
||||
{{- if .Values.serviceMonitor.enabled }}
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: {{ include "provisioner.fullname" . }}
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels:
|
||||
helm.sh/chart: {{ template "provisioner.chart" . }}
|
||||
app.kubernetes.io/name: {{ template "provisioner.name" . }}
|
||||
app.kubernetes.io/managed-by: {{ .Release.Service }}
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
spec:
|
||||
type: ClusterIP
|
||||
ports:
|
||||
- port: 8080
|
||||
targetPort: 8080
|
||||
name: metrics
|
||||
selector:
|
||||
app.kubernetes.io/name: {{ template "provisioner.name" . }}
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
---
|
||||
apiVersion: monitoring.coreos.com/v1
|
||||
kind: ServiceMonitor
|
||||
metadata:
|
||||
name: {{ include "provisioner.fullname" . }}
|
||||
namespace: {{ .Values.serviceMonitor.namespace | default .Release.Namespace }}
|
||||
labels:
|
||||
helm.sh/chart: {{ template "provisioner.chart" . }}
|
||||
app.kubernetes.io/name: {{ template "provisioner.name" . }}
|
||||
app.kubernetes.io/managed-by: {{ .Release.Service }}
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
{{- range $k, $v := .Values.serviceMonitor.additionalLabels }}
|
||||
{{ $k }}: {{ $v | quote }}
|
||||
{{- end }}
|
||||
spec:
|
||||
jobLabel: app.kubernetes.io/name
|
||||
endpoints:
|
||||
- port: metrics
|
||||
interval: {{ .Values.serviceMonitor.interval }}
|
||||
scheme: http
|
||||
{{- if .Values.serviceMonitor.relabelings }}
|
||||
relabelings:
|
||||
{{ toYaml .Values.serviceMonitor.relabelings | nindent 4 }}
|
||||
{{- end }}
|
||||
namespaceSelector:
|
||||
matchNames:
|
||||
- {{ .Release.Namespace }}
|
||||
selector:
|
||||
matchLabels:
|
||||
app.kubernetes.io/name: {{ template "provisioner.name" . }}
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
{{- end }}
|
27
charts/local-static-provisioner/templates/storageclass.yaml
Normal file
27
charts/local-static-provisioner/templates/storageclass.yaml
Normal file
@ -0,0 +1,27 @@
|
||||
{{- range $val := .Values.classes }}
|
||||
{{- if $val.storageClass }}
|
||||
---
|
||||
apiVersion: storage.k8s.io/v1
|
||||
kind: StorageClass
|
||||
metadata:
|
||||
name: {{ $val.name }}
|
||||
{{- if kindIs "map" $val.storageClass }}
|
||||
{{- if $val.storageClass.isDefaultClass }}
|
||||
annotations:
|
||||
storageclass.kubernetes.io/is-default-class: "true"
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
labels:
|
||||
helm.sh/chart: {{ template "provisioner.chart" $ }}
|
||||
app.kubernetes.io/name: {{ template "provisioner.name" $ }}
|
||||
app.kubernetes.io/managed-by: {{ $.Release.Service }}
|
||||
app.kubernetes.io/instance: {{ $.Release.Name }}
|
||||
provisioner: kubernetes.io/no-provisioner
|
||||
volumeBindingMode: WaitForFirstConsumer
|
||||
{{- if kindIs "map" $val.storageClass }}
|
||||
reclaimPolicy: {{ $val.storageClass.reclaimPolicy | default "Delete" }}
|
||||
{{- else }}
|
||||
reclaimPolicy: Delete
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
184
charts/local-static-provisioner/values.yaml
Normal file
184
charts/local-static-provisioner/values.yaml
Normal file
@ -0,0 +1,184 @@
|
||||
#
|
||||
# Common options.
|
||||
#
|
||||
common:
|
||||
#
|
||||
# Defines whether to generate rbac roles
|
||||
#
|
||||
rbac:
|
||||
# rbac.create: `true` if rbac resources should be created
|
||||
create: true
|
||||
# rbac.pspEnabled: `true` if PodSecurityPolicy resources should be created
|
||||
pspEnabled: false
|
||||
#
|
||||
# Defines whether to generate a serviceAccount
|
||||
#
|
||||
serviceAccount:
|
||||
# serviceAccount.create: Whether to create a service account or not
|
||||
create: true
|
||||
# serviceAccount.name: The name of the service account to create or use
|
||||
name: ""
|
||||
#
|
||||
# Beta PV.NodeAffinity field is used by default. If running against pre-1.10
|
||||
# k8s version, the `useAlphaAPI` flag must be enabled in the configMap.
|
||||
#
|
||||
useAlphaAPI: false
|
||||
#
|
||||
# Indicates if PVs should be dependents of the owner Node.
|
||||
#
|
||||
setPVOwnerRef: false
|
||||
#
|
||||
# Provisioner clean volumes in process by default. If set to true, provisioner
|
||||
# will use Jobs to clean.
|
||||
#
|
||||
useJobForCleaning: false
|
||||
#
|
||||
# Provisioner name contains Node.UID by default. If set to true, the provisioner
|
||||
# name will only use Node.Name.
|
||||
#
|
||||
useNodeNameOnly: false
|
||||
#
|
||||
# Resync period in reflectors will be random between minResyncPeriod and
|
||||
# 2*minResyncPeriod. Default: 5m0s.
|
||||
#
|
||||
#minResyncPeriod: 5m0s
|
||||
#
|
||||
# Mount the host's `/dev/` by default so that block device symlinks can be
|
||||
# resolved by the containers
|
||||
#
|
||||
mountDevVolume: true
|
||||
#
|
||||
# Map of label key-value pairs to apply to the PVs created by the
|
||||
# provisioner. Uncomment to add labels to the list.
|
||||
#
|
||||
#labelsForPV:
|
||||
# pv-labels: can-be-selected
|
||||
#
|
||||
# Configure storage classes.
|
||||
#
|
||||
classes:
|
||||
- name: fast-disks # Defines name of storage classe.
|
||||
# Path on the host where local volumes of this storage class are mounted
|
||||
# under.
|
||||
hostDir: /mnt/fast-disks
|
||||
# Optionally specify mount path of local volumes. By default, we use same
|
||||
# path as hostDir in container.
|
||||
# mountDir: /mnt/fast-disks
|
||||
# The volume mode of created PersistentVolume object. Default to Filesystem
|
||||
# if not specified.
|
||||
volumeMode: Filesystem
|
||||
# Filesystem type to mount.
|
||||
# It applies only when the source path is a block device,
|
||||
# and desire volume mode is Filesystem.
|
||||
# Must be a filesystem type supported by the host operating system.
|
||||
fsType: ext4
|
||||
# File name pattern to discover. By default, discover all file names.
|
||||
namePattern: "*"
|
||||
blockCleanerCommand:
|
||||
# Do a quick reset of the block device during its cleanup.
|
||||
# - "/scripts/quick_reset.sh"
|
||||
# or use dd to zero out block dev in two iterations by uncommenting these lines
|
||||
# - "/scripts/dd_zero.sh"
|
||||
# - "2"
|
||||
# or run shred utility for 2 iteration.s
|
||||
- "/scripts/shred.sh"
|
||||
- "2"
|
||||
# or blkdiscard utility by uncommenting the line below.
|
||||
# - "/scripts/blkdiscard.sh"
|
||||
# Uncomment to create storage class object with default configuration.
|
||||
# storageClass: true
|
||||
# Uncomment to create storage class object and configure it.
|
||||
# storageClass:
|
||||
# reclaimPolicy: Delete # Available reclaim policies: Delete/Retain, defaults: Delete.
|
||||
# isDefaultClass: true # set as default class
|
||||
#
|
||||
# Configure DaemonSet for provisioner.
|
||||
#
|
||||
daemonset:
|
||||
#
|
||||
# Defines annotations for each Pod in the DaemonSet.
|
||||
#
|
||||
podAnnotations: {}
|
||||
#
|
||||
# Defines labels for each Pod in the DaemonSet.
|
||||
#
|
||||
podLabels: {}
|
||||
#
|
||||
# Defines Provisioner's image name including container registry.
|
||||
#
|
||||
image: k8s.gcr.io/sig-storage/local-volume-provisioner:v2.4.0
|
||||
#
|
||||
# Defines Image download policy, see kubernetes documentation for available values.
|
||||
#
|
||||
#imagePullPolicy: Always
|
||||
#
|
||||
# Defines a name of the Pod Priority Class to use with the Provisioner DaemonSet
|
||||
#
|
||||
# Note that if you want to make it critical, specify "system-cluster-critical"
|
||||
# or "system-node-critical" and deploy in kube-system namespace.
|
||||
# Ref: https://k8s.io/docs/tasks/administer-cluster/guaranteed-scheduling-critical-addon-pods/#marking-pod-as-critical
|
||||
#
|
||||
#priorityClassName: system-node-critical
|
||||
# If configured, nodeSelector will add a nodeSelector field to the DaemonSet PodSpec.
|
||||
#
|
||||
# NodeSelector constraint for local-volume-provisioner scheduling to nodes.
|
||||
# Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector
|
||||
nodeSelector: {}
|
||||
#
|
||||
# If configured KubeConfigEnv will (optionally) specify the location of kubeconfig file on the node.
|
||||
# kubeConfigEnv: KUBECONFIG
|
||||
#
|
||||
# List of node labels to be copied to the PVs created by the provisioner in a format:
|
||||
#
|
||||
# nodeLabels:
|
||||
# - failure-domain.beta.kubernetes.io/zone
|
||||
# - failure-domain.beta.kubernetes.io/region
|
||||
#
|
||||
# If configured, tolerations will add a toleration field to the DaemonSet PodSpec.
|
||||
#
|
||||
# Node tolerations for local-volume-provisioner scheduling to nodes with taints.
|
||||
# Ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
|
||||
tolerations: []
|
||||
#
|
||||
# If configured, affinity will add a affinity filed to the DeamonSet PodSpec.
|
||||
# Ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity
|
||||
affinity: {}
|
||||
#
|
||||
# If configured, resources will set the requests/limits field to the Daemonset PodSpec.
|
||||
# Ref: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/
|
||||
resources: {}
|
||||
# limits:
|
||||
# memory: "512Mi"
|
||||
# cpu: "1000m"
|
||||
# requests:
|
||||
# memory: "32Mi"
|
||||
# cpu: "10m"
|
||||
#
|
||||
# If set to false, containers created by the Provisioner Daemonset will run without extra privileges.
|
||||
privileged: true
|
||||
#
|
||||
# Configure Prometheus monitoring
|
||||
#
|
||||
serviceMonitor:
|
||||
enabled: false
|
||||
## Interval at which Prometheus scrapes the provisioner
|
||||
interval: 10s
|
||||
# Namespace Prometheus is installed in defaults to release namespace
|
||||
namespace:
|
||||
## Defaults to whats used if you follow CoreOS [Prometheus Install Instructions](https://github.com/coreos/prometheus-operator/tree/master/helm#tldr)
|
||||
## [Prometheus Selector Label](https://github.com/coreos/prometheus-operator/blob/master/helm/prometheus/templates/prometheus.yaml#L65)
|
||||
## [Kube Prometheus Selector Label](https://github.com/coreos/prometheus-operator/blob/master/helm/kube-prometheus/values.yaml#L298)
|
||||
additionalLabels: {}
|
||||
relabelings: []
|
||||
# - sourceLabels: [__meta_kubernetes_pod_node_name]
|
||||
# separator: ;
|
||||
# regex: ^(.*)$
|
||||
# targetLabel: nodename
|
||||
# replacement: $1
|
||||
# action: replace
|
||||
|
||||
#
|
||||
# Overrice the default chartname or releasename
|
||||
#
|
||||
nameOverride: ""
|
||||
fullnameOverride: ""
|
Loading…
Reference in New Issue
Block a user