diff --git a/README.md b/README.md index 3bacb22b..443f114c 100644 --- a/README.md +++ b/README.md @@ -26,7 +26,7 @@ You can then run `helm search repo christianhuth` to see the charts. | Chart name | Image source | Description | |---------------------------------------------------------------|------------------------------------------------------------------------------------------------------------------------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------| -| [argocd-metrics-server](./charts/argocd-metrics-server) | [argoprojlabs/argocd-extension-metrics](https://quay.io/argoprojlabs/argocd-extension-metrics) | [The ArgoCD Metrics Server connects to Prometheus and displays Metrics in the ArgoCD UI.](https://github.com/argoproj-labs/argocd-extension-metrics) | +| [argocd-metrics-server](./charts/argocd-metrics-server) | [argoprojlabs/argocd-extension-metrics](https://quay.io/argoprojlabs/argocd-extension-metrics) | [The ArgoCD Metrics Server connects to Prometheus and displays Metrics in the ArgoCD UI.](https://github.com/argoproj-labs/argocd-extension-metrics) | | [baserow](./charts/baserow) | [baserow/backend](https://hub.docker.com/r/baserow/backend), [baserow/web-frontend](https://hub.docker.com/r/baserow/web-frontend) | [Baserow is an open source no-code database and Airtable alternative.](https://baserow.io) | | [cluster-api-visualizer](./charts/cluster-api-visualizer) | [jont828/cluster-api-visualizer](https://ghcr.io/jont828/cluster-api-visualizer) | [Multicluster resource visualization tool for Cluster API.](https://github.com/Jont828/cluster-api-visualizer) | | [etcd-defrag](./charts/etcd-defrag) | [bitnami/etcd](https://hub.docker.com/r/bitnami/etcd) | [Runs a defragmentation CronJob for ETCD](https://etcd.io/docs/latest/op-guide/maintenance/#defragmentation) | @@ -34,6 +34,7 @@ You can then run `helm search repo christianhuth` to see the charts. | [kube-ops-view](./charts/kube-ops-view) | [hjacobs/kube-ops-view](https://hub.docker.com/r/hjacobs/kube-ops-view) | [Kubernetes Operational View is a read-only system dashboard for multiple K8s clusters](https://codeberg.org/hjacobs/kube-ops-view) | | [kubedoom](./charts/kubedoom) | [storax/kubedoom](https://ghcr.io/storax/kubedoom) | [Kill pods inside your Kubernetes cluster by shooting them in Doom!](https://github.com/storax/kubedoom) | | [kubenav](./charts/kubenav) | none | [Bootstraps RBAC rules for kubenav](https://github.com/kubenav/kubenav) | +| [kubevirt-manager](./charts/kubevirt-manager) | [kubevirtmanager/kubevirt-manager](https://hub.docker.com/r/kubevirtmanager/kubevirt-manager) | [KubeVirt Web UI to manage the lifecycle of Virtual Machines and more](https://kubevirt-manager.io) | | [kutt](./charts/kutt) | [kutt/kutt](https://hub.docker.com/r/kutt/kutt) | [Kutt is a free modern URL shortener](https://kutt.it) | | [maildev](./charts/maildev) | [maildev/maildev](https://hub.docker.com/r/maildev/maildev) | [SMTP server & web interface for viewing and testing emails during development.](https://maildev.github.io/maildev/) | | [netcupscp-exporter](./charts/netcupscp-exporter) | [mrueg/netcupscp-exporter](https://ghcr.io/mrueg/netcupscp-exporter) | [Prometheus Exporter for Netcup Server Control Panel (SCP)](https://github.com/mrueg/netcupscp-exporter) | diff --git a/charts/kubevirt-manager/.helmignore b/charts/kubevirt-manager/.helmignore new file mode 100644 index 00000000..0e8a0eb3 --- /dev/null +++ b/charts/kubevirt-manager/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/charts/kubevirt-manager/Chart.yaml b/charts/kubevirt-manager/Chart.yaml new file mode 100644 index 00000000..04f5f77d --- /dev/null +++ b/charts/kubevirt-manager/Chart.yaml @@ -0,0 +1,53 @@ +apiVersion: v2 +name: kubevirt-manager +description: KubeVirt Web UI to manage the lifecycle of Virtual Machines and more +type: application +version: 0.0.1 +appVersion: "1.4.2" +home: https://github.com/christianhuth/helm-charts +icon: https://yt3.googleusercontent.com/oTCjudmpLXspEh3g5VraUfZ_1_PZxXXI6kgorNCI9kEqnDICrWEkNUmVGkEtA6WfRbT0GCzjeA=s160-c-k-c0x00ffffff-no-rj +maintainers: + - name: christianhuth + email: christian@knell.it +sources: + - https://github.com/kubevirt-manager/kubevirt-manager +annotations: + artifacthub.io/changes: | + - kind: added + description: initial commit + artifacthub.io/screenshots: | + - title: Manage Virtual Machines lifecycle. Support for operations like start/stop/reboot, as well as pause/resume and scaling, directly from the Web Interface. + url: https://raw.githubusercontent.com/kubevirt-manager/kubevirt-manager/refs/heads/main/images/screenshot_01.png + - title: Manage Virtual Machines lifecycle. Support for operations like start/stop/reboot, as well as pause/resume and scaling, directly from the Web Interface. + url: https://raw.githubusercontent.com/kubevirt-manager/kubevirt-manager/refs/heads/main/images/screenshot_02.png + - title: Manage Virtual Machines lifecycle. Support for operations like start/stop/reboot, as well as pause/resume and scaling, directly from the Web Interface. + url: https://raw.githubusercontent.com/kubevirt-manager/kubevirt-manager/refs/heads/main/images/screenshot_03.png + - title: Create and manage Virtual Machine Pools by specifying a template for the Virtual Machines as well as the number of replicas and labels. + url: https://raw.githubusercontent.com/kubevirt-manager/kubevirt-manager/refs/heads/main/images/screenshot_04.png + - title: Create and manage Virtual Machine Pools by specifying a template for the Virtual Machines as well as the number of replicas and labels. + url: https://raw.githubusercontent.com/kubevirt-manager/kubevirt-manager/refs/heads/main/images/screenshot_05.png + - title: Support for Horizontal Pod Autoscaling on Kubevirt 0.59.0 for Virtual Machine Pools. Determine your pool autoscaling strategy based on CPU Utilization metrics. + url: https://raw.githubusercontent.com/kubevirt-manager/kubevirt-manager/refs/heads/main/images/screenshot_06.png + - title: Support for Kubevirt Cluster API Provider to execute Kubernetes clusters within you Kubevirt environment. Select between Standard and Custom clusters. + url: https://raw.githubusercontent.com/kubevirt-manager/kubevirt-manager/refs/heads/main/images/screenshot_07.png + - title: Support for Kubevirt Cluster API Provider to execute Kubernetes clusters within you Kubevirt environment. Select between Standard and Custom clusters. + url: https://raw.githubusercontent.com/kubevirt-manager/kubevirt-manager/refs/heads/main/images/screenshot_08.png + - title: Support for Kubevirt Cluster API Provider to execute Kubernetes clusters within you Kubevirt environment. Select between Standard and Custom clusters. + url: https://raw.githubusercontent.com/kubevirt-manager/kubevirt-manager/refs/heads/main/images/screenshot_09.png + - title: Support for Kubevirt Cluster API Provider to execute Kubernetes clusters within you Kubevirt environment. Select between Standard and Custom clusters. + url: https://raw.githubusercontent.com/kubevirt-manager/kubevirt-manager/refs/heads/main/images/screenshot_10.png + - title: Create, manage and provision Data Volumes directly from the Web Interface. + url: https://raw.githubusercontent.com/kubevirt-manager/kubevirt-manager/refs/heads/main/images/screenshot_11.png + - title: Create and manage instance types selecting appropriate values for CPU and Memory. Select between standard and preemptible classes when creating your Virtual Machines and Virtual Machine Pools. + url: https://raw.githubusercontent.com/kubevirt-manager/kubevirt-manager/refs/heads/main/images/screenshot_12.png + - title: Create and operate Services to Load Balance traffic to your Virtual Machine Pools. Hability to select between ClusterIP, LoadBalancer and NodePort service types. + url: https://raw.githubusercontent.com/kubevirt-manager/kubevirt-manager/refs/heads/main/images/screenshot_13.png + - title: Support for Images helps operator maintain a repository of images from different sources. Select between HTTP, S3and GCS among other options. + url: https://raw.githubusercontent.com/kubevirt-manager/kubevirt-manager/refs/heads/main/images/screenshot_14.png + - title: Easily manage and access your SSH Keys to access your Virtual Machines through new integration of Kubevirt Manager to Kubernetes Secrets API. + url: https://raw.githubusercontent.com/kubevirt-manager/kubevirt-manager/refs/heads/main/images/screenshot_15.png + - title: Select the appropriate network for your Virtual Machine by using Multus as a backend. + url: https://raw.githubusercontent.com/kubevirt-manager/kubevirt-manager/refs/heads/main/images/screenshot_16.png + artifacthub.io/signKey: | + fingerprint: EE24F8BB6D099E78FD704F83B5ECDBCDDD485D0E + url: https://charts.christianhuth.de/public.key diff --git a/charts/kubevirt-manager/README.md b/charts/kubevirt-manager/README.md new file mode 100644 index 00000000..30041dc9 --- /dev/null +++ b/charts/kubevirt-manager/README.md @@ -0,0 +1,100 @@ +# kubevirt-manager + +KubeVirt Web UI to manage the lifecycle of Virtual Machines and more + +## TL;DR; + +```console +helm repo add christianhuth https://charts.christianhuth.de +helm repo update +helm install my-release christianhuth/kubevirt-manager +``` + +## Introduction + +This chart bootstraps the KubeVirt Web UI called [KubeVirt Manager](https://kubevirt-manager.io) using the [Helm](https://helm.sh) package manager. + +## Prerequisites + +- Kubernetes 1.19+ + +## Installing the Chart + +To install the chart with the release name `my-release`: + +```console +helm repo add christianhuth https://charts.christianhuth.de +helm repo update +helm install my-release christianhuth/kubevirt-manager +``` + +These commands deploy the KubeVirt Manager on the Kubernetes cluster in the default configuration. The [Values](#values) section lists the values that can be configured during installation. + +> **Tip**: List all releases using `helm list` + +## Uninstalling the Chart + +To uninstall the `my-release` deployment: + +```console +helm uninstall my-release +``` + +The command removes all the Kubernetes components associated with the chart and deletes the release. + +## Values + +| Key | Type | Default | Description | +| ------------------------------------------ | ------ | ------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| affinity | object | `{}` | Affinity settings for pod assignment | +| autoscaling.enabled | bool | `false` | Enable Horizontal POD autoscaling | +| autoscaling.maxReplicas | int | `100` | Maximum number of replicas | +| autoscaling.minReplicas | int | `1` | Minimum number of replicas | +| autoscaling.targetCPUUtilizationPercentage | int | `80` | Target CPU utilization percentage | +| extraEnv | list | `[]` | additional environment variables to be added to the pods | +| fullnameOverride | string | `""` | String to fully override `"kubevirt-manager.fullname"` | +| image.pullPolicy | string | `"Always"` | image pull policy | +| image.repository | string | `"kubevirtmanager/kubevirt-manager"` | image repository | +| image.tag | string | `"1.4.2"` | Overrides the image tag | +| imagePullSecrets | list | `[]` | If defined, uses a Secret to pull an image from a private Docker registry or repository. | +| ingress.annotations | object | `{}` | Additional annotations for the Ingress resource | +| ingress.basicAuth.enabled | bool | `false` | enable the configuration of basic authentication with nginx | +| ingress.basicAuth.existingSecret | string | `""` | An existing Secret containing the username and password for basic authentication. Username and password have to be base64 encoded in the form username:password. The Secret needs to contain a key `.htpasswd` with the base64 encoded authentication information. If set `ingress.basicAuth.username` and `ingress.basicAuth.password` will be ignored. | +| ingress.basicAuth.password | string | `"password"` | Password for authentication | +| ingress.basicAuth.username | string | `"admin"` | Username for authentication | +| ingress.className | string | `""` | IngressClass that will be be used to implement the Ingress | +| ingress.enabled | bool | `false` | Enable ingress record generation | +| ingress.hosts | list | see [values.yaml](./values.yaml) | An array with the hosts configuration | +| ingress.tls | list | `[]` | An array with the tls configuration | +| nameOverride | string | `""` | Provide a name in place of `kubevirt-manager` | +| nodeSelector | object | `{}` | Node labels for pod assignment | +| podAnnotations | object | `{}` | Annotations to be added to exporter pods | +| podSecurityContext | object | `{}` | pod-level security context | +| prometheus.additionalLabels | object | `{}` | Prometheus ServiceMonitor labels | +| prometheus.enabled | bool | `false` | Enable a Prometheus ServiceMonitor | +| prometheus.interval | string | `"30s"` | Prometheus ServiceMonitor interval | +| prometheus.metricRelabelings | list | `[]` | Prometheus [MetricRelabelConfigs] to apply to samples before ingestion | +| prometheus.namespace | string | `""` | Prometheus ServiceMonitor namespace | +| prometheus.relabelings | list | `[]` | Prometheus [RelabelConfigs] to apply to samples before scraping | +| prometheus.selector | object | `{}` | Prometheus ServiceMonitor selector | +| prometheus.service.name | string | `""` | Name of the Prometheus Service | +| prometheus.service.namespace | string | `""` | Namespace of the Prometheus Service | +| prometheus.service.port | string | `""` | Port of the Prometheus Service | +| replicaCount | int | `1` | Number of replicas | +| resources | object | `{}` | Resource limits and requests for the pods. | +| revisionHistoryLimit | int | `0` | The number of old ReplicaSets to retain | +| securityContext | object | `{"allowPrivilegeEscalation":false,"readOnlyRootFilesystem":true,"runAsGroup":30000,"runAsUser":10000}` | container-level security context | +| service.port | int | `8080` | Kubernetes port where service is exposed | +| service.type | string | `"ClusterIP"` | Kubernetes service type | +| serviceAccount.annotations | object | `{}` | Annotations to add to the service account | +| serviceAccount.create | bool | `true` | Specifies whether a service account should be created | +| serviceAccount.name | string | `""` | The name of the service account to use. If not set and create is true, a name is generated using the fullname template | +| tolerations | list | `[]` | Toleration labels for pod assignment | + +Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. + +Alternatively, a YAML file that specifies the values for the parameters can be provided while installing the chart. For example, + +```console +helm install my-release -f values.yaml christianhuth/kubevirt-manager +``` diff --git a/charts/kubevirt-manager/README.md.gotmpl b/charts/kubevirt-manager/README.md.gotmpl new file mode 100644 index 00000000..acfafd0d --- /dev/null +++ b/charts/kubevirt-manager/README.md.gotmpl @@ -0,0 +1,52 @@ +{{ template "chart.header" . }} +{{ template "chart.description" . }} + +## TL;DR; + +```console +helm repo add christianhuth https://charts.christianhuth.de +helm repo update +helm install my-release christianhuth/kubevirt-manager +``` + +## Introduction + +This chart bootstraps the KubeVirt Web UI called [KubeVirt Manager](https://kubevirt-manager.io) using the [Helm](https://helm.sh) package manager. + +## Prerequisites + +- Kubernetes 1.19+ + +## Installing the Chart + +To install the chart with the release name `my-release`: + +```console +helm repo add christianhuth https://charts.christianhuth.de +helm repo update +helm install my-release christianhuth/kubevirt-manager +``` + +These commands deploy the KubeVirt Manager on the Kubernetes cluster in the default configuration. The [Values](#values) section lists the values that can be configured during installation. + +> **Tip**: List all releases using `helm list` + +## Uninstalling the Chart + +To uninstall the `my-release` deployment: + +```console +helm uninstall my-release +``` + +The command removes all the Kubernetes components associated with the chart and deletes the release. + +{{ template "chart.valuesSection" . }} + +Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. + +Alternatively, a YAML file that specifies the values for the parameters can be provided while installing the chart. For example, + +```console +helm install my-release -f values.yaml christianhuth/kubevirt-manager +``` diff --git a/charts/kubevirt-manager/templates/_helpers.tpl b/charts/kubevirt-manager/templates/_helpers.tpl new file mode 100644 index 00000000..c234e4af --- /dev/null +++ b/charts/kubevirt-manager/templates/_helpers.tpl @@ -0,0 +1,94 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "kubevirt-manager.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "kubevirt-manager.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "kubevirt-manager.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "kubevirt-manager.labels" -}} +helm.sh/chart: {{ include "kubevirt-manager.chart" . }} +{{ include "kubevirt-manager.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "kubevirt-manager.selectorLabels" -}} +app.kubernetes.io/name: {{ include "kubevirt-manager.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "kubevirt-manager.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "kubevirt-manager.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} + +{{/* +Create the name of the clusterrole for the cas management +*/}} +{{- define "kubevirt-manager.clusterRole.cas-management" -}} +{{- printf "%s-%s" (include "kubevirt-manager.fullname" .) "cas-management" | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create the name of the clusterrole for the cas workload +*/}} +{{- define "kubevirt-manager.clusterRole.cas-workload" -}} +{{- printf "%s-%s" (include "kubevirt-manager.fullname" .) "cas-workload" | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create the name of the clusterrole for the kccm +*/}} +{{- define "kubevirt-manager.clusterRole.kccm" -}} +{{- printf "%s-%s" (include "kubevirt-manager.fullname" .) "kccm" | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Get the name of the secret containing the information for basic authentication +*/}} +{{- define "kubevirt-manager.ingress.basicAuth.secretName" -}} + {{- if .Values.ingress.basicAuth.existingSecret -}} + {{- printf "%s" (tpl .Values.ingress.basicAuth.existingSecret $) -}} + {{- else -}} + {{- printf "%s" (include "kubevirt-manager.fullname" .) -}} + {{- end -}} +{{- end -}} diff --git a/charts/kubevirt-manager/templates/kubevirt-manager/configmap.yaml b/charts/kubevirt-manager/templates/kubevirt-manager/configmap.yaml new file mode 100644 index 00000000..1ceb3e4a --- /dev/null +++ b/charts/kubevirt-manager/templates/kubevirt-manager/configmap.yaml @@ -0,0 +1,29 @@ +{{- if or .Values.ingress.basicAuth.enabled .Values.prometheus.enabled }} +apiVersion: v1 +kind: ConfigMap +metadata: + labels: + {{- include "kubevirt-manager.labels" . | nindent 4 }} + name: {{ template "kubevirt-manager.fullname" . }} +data: + {{- if .Values.ingress.basicAuth.enabled }} + basicauth.conf: | + auth_basic "Restricted Content"; + auth_basic_user_file /etc/nginx/secret.d/.htpasswd; + {{- end }} + {{- if .Values.prometheus.enabled }} + prometheus.conf: | + location /api { + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_set_header Authorization ""; + proxy_pass_request_body on; + proxy_pass_request_headers on; + client_max_body_size 5g; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection $connection_upgrade; + proxy_pass http://{{ .Values.prometheus.service.name }}.{{ .Values.prometheus.service.namespace }}.svc:{{ .Values.prometheus.service.port }}; + } + {{- end }} +{{- end }} diff --git a/charts/kubevirt-manager/templates/kubevirt-manager/deployment.yaml b/charts/kubevirt-manager/templates/kubevirt-manager/deployment.yaml new file mode 100644 index 00000000..16e6012a --- /dev/null +++ b/charts/kubevirt-manager/templates/kubevirt-manager/deployment.yaml @@ -0,0 +1,117 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + {{- include "kubevirt-manager.labels" . | nindent 4 }} + name: {{ include "kubevirt-manager.fullname" . }} +spec: + {{- if not .Values.autoscaling.enabled }} + replicas: {{ .Values.replicaCount }} + {{- end }} + revisionHistoryLimit: {{ .Values.revisionHistoryLimit }} + selector: + matchLabels: + {{- include "kubevirt-manager.selectorLabels" . | nindent 6 }} + template: + metadata: + {{- with .Values.podAnnotations }} + annotations: + {{- toYaml . | nindent 8 }} + {{- end }} + labels: + {{- include "kubevirt-manager.selectorLabels" . | nindent 8 }} + spec: + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "kubevirt-manager.serviceAccountName" . }} + {{- with .Values.podSecurityContext }} + securityContext: + {{- toYaml . | nindent 8 }} + {{- end }} + containers: + - name: {{ .Chart.Name }} + image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + env: + {{- range .Values.extraEnv }} + {{- if and (.name) (.value) }} + - name: {{ .name | quote }} + value: {{ .value | quote }} + {{- end }} + {{- end }} + ports: + - name: http + containerPort: 8080 + protocol: TCP + livenessProbe: + httpGet: + path: / + port: http + readinessProbe: + httpGet: + path: / + port: http + {{- with .Values.securityContext }} + securityContext: + {{- toYaml . | nindent 12 }} + {{- end }} + {{- with .Values.resources }} + resources: + {{- toYaml . | nindent 12 }} + {{- end }} + volumeMounts: + - name: cache-volume + mountPath: /var/cache/nginx + - name: run-volume + mountPath: /var/run + {{- if .Values.ingress.basicAuth.enabled }} + - name: auth-config + mountPath: /etc/nginx/auth.d/ + - name: auth-secret + mountPath: /etc/nginx/secret.d/ + {{- end }} + {{- if .Values.prometheus.enabled }} + - name: prometheus-config + mountPath: /etc/nginx/location.d/ + {{- end }} + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} + volumes: + - name: cache-volume + emptyDir: {} + - name: run-volume + emptyDir: {} + {{- if .Values.ingress.basicAuth.enabled }} + - name: auth-config + configMap: + name: {{ template "kubevirt-manager.fullname" . }} + items: + - key: basicauth.conf + path: basicauth.conf + - name: auth-secret + secret: + secretName: {{ include "kubevirt-manager.ingress.basicAuth.secretName" . }} + items: + - key: .htpasswd + path: .htpasswd + {{- end }} + {{- if .Values.prometheus.enabled }} + - name: prometheus-config + configMap: + name: {{ template "kubevirt-manager.fullname" . }} + items: + - key: prometheus.conf + path: prometheus.conf + {{- end }} diff --git a/charts/kubevirt-manager/templates/kubevirt-manager/hpa.yaml b/charts/kubevirt-manager/templates/kubevirt-manager/hpa.yaml new file mode 100644 index 00000000..772439a8 --- /dev/null +++ b/charts/kubevirt-manager/templates/kubevirt-manager/hpa.yaml @@ -0,0 +1,32 @@ +{{- if .Values.autoscaling.enabled }} +{{- if semverCompare ">=1.23-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: autoscaling/v2 +{{- else -}} +apiVersion: autoscaling/v2beta1 +{{- end }} +kind: HorizontalPodAutoscaler +metadata: + labels: + {{- include "kubevirt-manager.labels" . | nindent 4 }} + name: {{ include "kubevirt-manager.fullname" . }} +spec: + scaleTargetRef: + apiVersion: apps/v1 + kind: Deployment + name: {{ include "kubevirt-manager.fullname" . }} + minReplicas: {{ .Values.autoscaling.minReplicas }} + maxReplicas: {{ .Values.autoscaling.maxReplicas }} + metrics: + {{- if .Values.autoscaling.targetCPUUtilizationPercentage }} + - type: Resource + resource: + name: cpu + targetAverageUtilization: {{ .Values.autoscaling.targetCPUUtilizationPercentage }} + {{- end }} + {{- if .Values.autoscaling.targetMemoryUtilizationPercentage }} + - type: Resource + resource: + name: memory + targetAverageUtilization: {{ .Values.autoscaling.targetMemoryUtilizationPercentage }} + {{- end }} +{{- end }} diff --git a/charts/kubevirt-manager/templates/kubevirt-manager/ingress.yaml b/charts/kubevirt-manager/templates/kubevirt-manager/ingress.yaml new file mode 100644 index 00000000..305fd3ba --- /dev/null +++ b/charts/kubevirt-manager/templates/kubevirt-manager/ingress.yaml @@ -0,0 +1,61 @@ +{{- if .Values.ingress.enabled -}} +{{- $fullName := include "kubevirt-manager.fullname" . -}} +{{- $svcPort := .Values.service.port -}} +{{- if and .Values.ingress.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }} + {{- if not (hasKey .Values.ingress.annotations "kubernetes.io/ingress.class") }} + {{- $_ := set .Values.ingress.annotations "kubernetes.io/ingress.class" .Values.ingress.className}} + {{- end }} +{{- end }} +{{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1 +{{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}} +apiVersion: networking.k8s.io/v1beta1 +{{- else -}} +apiVersion: extensions/v1beta1 +{{- end }} +kind: Ingress +metadata: + {{- with .Values.ingress.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} + labels: + {{- include "kubevirt-manager.labels" . | nindent 4 }} + name: {{ $fullName }} +spec: + {{- if and .Values.ingress.className (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion) }} + ingressClassName: {{ .Values.ingress.className }} + {{- end }} + {{- if .Values.ingress.tls }} + tls: + {{- range .Values.ingress.tls }} + - hosts: + {{- range .hosts }} + - {{ . | quote }} + {{- end }} + secretName: {{ .secretName }} + {{- end }} + {{- end }} + rules: + {{- range .Values.ingress.hosts }} + - host: {{ .host | quote }} + http: + paths: + {{- range .paths }} + - path: {{ .path }} + {{- if and .pathType (semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion) }} + pathType: {{ .pathType }} + {{- end }} + backend: + {{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }} + service: + name: {{ $fullName }} + port: + number: {{ $svcPort }} + {{- else }} + serviceName: {{ $fullName }} + servicePort: {{ $svcPort }} + {{- end }} + {{- end }} + {{- end }} +{{- end }} diff --git a/charts/kubevirt-manager/templates/kubevirt-manager/secret.yaml b/charts/kubevirt-manager/templates/kubevirt-manager/secret.yaml new file mode 100644 index 00000000..60159c7f --- /dev/null +++ b/charts/kubevirt-manager/templates/kubevirt-manager/secret.yaml @@ -0,0 +1,10 @@ +{{- if and .Values.ingress.basicAuth.enabled (not .Values.ingress.basicAuth.existingSecret) }} +apiVersion: v1 +kind: Secret +metadata: + labels: + {{- include "kubevirt-manager.labels" . | nindent 4 }} + name: {{ include "kubevirt-manager.ingress.basicAuth.secretName" . }} +stringData: + .htpasswd: {{ .Values.ingress.basicAuth.username }}:{{ .Values.ingress.basicAuth.password }} +{{- end }} diff --git a/charts/kubevirt-manager/templates/kubevirt-manager/service.yaml b/charts/kubevirt-manager/templates/kubevirt-manager/service.yaml new file mode 100644 index 00000000..a6c83d62 --- /dev/null +++ b/charts/kubevirt-manager/templates/kubevirt-manager/service.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ include "kubevirt-manager.fullname" . }} + labels: + {{- include "kubevirt-manager.labels" . | nindent 4 }} +spec: + type: {{ .Values.service.type }} + ports: + - port: {{ .Values.service.port }} + targetPort: http + protocol: TCP + name: http + selector: + {{- include "kubevirt-manager.selectorLabels" . | nindent 4 }} diff --git a/charts/kubevirt-manager/templates/prometheus/servicemonitor.yaml b/charts/kubevirt-manager/templates/prometheus/servicemonitor.yaml new file mode 100644 index 00000000..d0fe4e0f --- /dev/null +++ b/charts/kubevirt-manager/templates/prometheus/servicemonitor.yaml @@ -0,0 +1,39 @@ +{{- if and .Values.prometheus.enabled }} +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + name: {{ template "kubevirt-manager.fullname" . }} + {{- with .Values.serviceMonitor.namespace }} + namespace: {{ . }} + {{- end }} + labels: + {{- include "kubevirt-manager.labels" . | nindent 4 }} + {{- with .Values.serviceMonitor.selector }} + {{- toYaml . | nindent 4 }} + {{- end }} + {{- with .Values.serviceMonitor.additionalLabels }} + {{- toYaml . | nindent 4 }} + {{- end }} +spec: + endpoints: + - port: http + {{- with .Values.serviceMonitor.interval }} + interval: {{ . }} + {{- end }} + path: /metrics + {{- with .Values.serviceMonitor.relabelings }} + relabelings: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.serviceMonitor.metricRelabelings }} + metricRelabelings: + {{- toYaml . | nindent 8 }} + {{- end }} + jobLabel: prometheus.kubevirt.io + namespaceSelector: + matchNames: + - {{ .Release.Namespace }} + selector: + matchLabels: + {{- include "kubevirt-manager.selectorLabels" . | nindent 6 }} +{{- end }} diff --git a/charts/kubevirt-manager/templates/rbac/kubevirt-manager-cas-management/clusterrole.yaml b/charts/kubevirt-manager/templates/rbac/kubevirt-manager-cas-management/clusterrole.yaml new file mode 100644 index 00000000..b92ae591 --- /dev/null +++ b/charts/kubevirt-manager/templates/rbac/kubevirt-manager-cas-management/clusterrole.yaml @@ -0,0 +1,14 @@ +--- +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + labels: + {{- include "kubevirt-manager.labels" . | nindent 4 }} + name: {{ include "kubevirt-manager.clusterRole.cas-management" . }} +rules: + - apiGroups: ["cluster.x-k8s.io"] + resources: ["machinedeployments", "machinedeployments/scale", "machines", "machinesets", "machinepools"] + verbs: ["get", "list", "watch", "udate"] + - apiGroups: ["infrastructure.cluster.x-k8s.io"] + resources: ["kubevirtcluster", "kubevirtmachinetemplate", "kubevirtmachinetemplates"] + verbs: ["get", "list", "watch", "udate"] diff --git a/charts/kubevirt-manager/templates/rbac/kubevirt-manager-cas-management/clusterrolebinding.yaml b/charts/kubevirt-manager/templates/rbac/kubevirt-manager-cas-management/clusterrolebinding.yaml new file mode 100644 index 00000000..754fb659 --- /dev/null +++ b/charts/kubevirt-manager/templates/rbac/kubevirt-manager-cas-management/clusterrolebinding.yaml @@ -0,0 +1,15 @@ +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + labels: + {{- include "kubevirt-manager.labels" . | nindent 4 }} + name: {{ include "kubevirt-manager.clusterRole.cas-management" . }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: {{ include "kubevirt-manager.clusterRole.cas-management" . }} +subjects: + - kind: ServiceAccount + name: {{ include "kubevirt-manager.serviceAccountName" . }} + namespace: {{ .Release.Namespace }} diff --git a/charts/kubevirt-manager/templates/rbac/kubevirt-manager-cas-workload/clusterrole.yaml b/charts/kubevirt-manager/templates/rbac/kubevirt-manager-cas-workload/clusterrole.yaml new file mode 100644 index 00000000..941fea65 --- /dev/null +++ b/charts/kubevirt-manager/templates/rbac/kubevirt-manager-cas-workload/clusterrole.yaml @@ -0,0 +1,38 @@ +--- +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + labels: + {{- include "kubevirt-manager.labels" . | nindent 4 }} + name: {{ include "kubevirt-manager.clusterRole.cas-workload" . }} +rules: + - apiGroups: [""] + resources: ["namespaces", "persistentvolumeclaims", "persistentvolumes", "pods", "replicationcontrollers", "services", "secrets"] + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: ["nodes"] + verbs: ["get", "list", "watch", "udate"] + - apiGroups: [""] + resources: ["pods/eviction"] + verbs: ["create"] + - apiGroups: ["policy"] + resources: ["poddisruptionbudgets"] + verbs: ["list", "watch"] + - apiGroups: ["storage.k8s.io"] + resources: ["csinodes", "storageclasses", "csidrivers", "csistoragecapacities"] + verbs: ["get", "list", "watch"] + - apiGroups: ["batch"] + resources: ["jobs"] + verbs: ["list", "watch"] + - apiGroups: ["apps"] + resources: ["daemonsets", "replicasets", "statefulsets"] + verbs: ["list", "watch"] + - apiGroups: [""] + resources: ["events"] + verbs: ["create", "patch"] + - apiGroups: [""] + resources: ["configmaps"] + verbs: ["create", "delete", "get", "update"] + - apiGroups: ["coordination.k8s.io"] + resources: ["leases"] + verbs: ["create", "get", "update"] diff --git a/charts/kubevirt-manager/templates/rbac/kubevirt-manager-cas-workload/clusterrolebinding.yaml b/charts/kubevirt-manager/templates/rbac/kubevirt-manager-cas-workload/clusterrolebinding.yaml new file mode 100644 index 00000000..dd752705 --- /dev/null +++ b/charts/kubevirt-manager/templates/rbac/kubevirt-manager-cas-workload/clusterrolebinding.yaml @@ -0,0 +1,15 @@ +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + labels: + {{- include "kubevirt-manager.labels" . | nindent 4 }} + name: {{ include "kubevirt-manager.clusterRole.cas-workload" . }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: {{ include "kubevirt-manager.clusterRole.cas-workload" . }} +subjects: + - kind: ServiceAccount + name: {{ include "kubevirt-manager.serviceAccountName" . }} + namespace: {{ .Release.Namespace }} diff --git a/charts/kubevirt-manager/templates/rbac/kubevirt-manager-kccm/clusterrole.yaml b/charts/kubevirt-manager/templates/rbac/kubevirt-manager-kccm/clusterrole.yaml new file mode 100644 index 00000000..3963ac47 --- /dev/null +++ b/charts/kubevirt-manager/templates/rbac/kubevirt-manager-kccm/clusterrole.yaml @@ -0,0 +1,20 @@ +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + labels: + {{- include "kubevirt-manager.labels" . | nindent 4 }} + name: {{ include "kubevirt-manager.clusterRole.kccm" . }} +rules: + - apiGroups: ["kubevirt.io"] + resources: ["virtualmachines"] + verbs: ["get", "list", "watch"] + - apiGroups: ["kubevirt.io"] + resources: ["virtualmachineinstances"] + verbs: ["get", "list", "watch", "update"] + - apiGroups: [""] + resources: ["pods"] + verbs: ["get", "list", "watch"] + - apiGroups: [""] + resources: ["services"] + verbs: ["*"] diff --git a/charts/kubevirt-manager/templates/rbac/kubevirt-manager-kccm/clusterrolebinding.yaml b/charts/kubevirt-manager/templates/rbac/kubevirt-manager-kccm/clusterrolebinding.yaml new file mode 100644 index 00000000..ea92ebf4 --- /dev/null +++ b/charts/kubevirt-manager/templates/rbac/kubevirt-manager-kccm/clusterrolebinding.yaml @@ -0,0 +1,16 @@ + +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + labels: + {{- include "kubevirt-manager.labels" . | nindent 4 }} + name: {{ include "kubevirt-manager.clusterRole.kccm" . }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: {{ include "kubevirt-manager.clusterRole.kccm" . }} +subjects: + - kind: ServiceAccount + name: {{ include "kubevirt-manager.serviceAccountName" . }} + namespace: {{ .Release.Namespace }} diff --git a/charts/kubevirt-manager/templates/rbac/kubevirt-manager/clusterrole.yaml b/charts/kubevirt-manager/templates/rbac/kubevirt-manager/clusterrole.yaml new file mode 100644 index 00000000..3209068e --- /dev/null +++ b/charts/kubevirt-manager/templates/rbac/kubevirt-manager/clusterrole.yaml @@ -0,0 +1,80 @@ +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + labels: + {{- include "kubevirt-manager.labels" . | nindent 4 }} + name: {{ include "kubevirt-manager.fullname" . }} +rules: + - apiGroups: [""] + resources: ["nodes", "namespaces", "pods"] + verbs: ["get", "list"] + - apiGroups: [""] + resources: ["pods/log"] + verbs: ["get"] + - apiGroups: [""] + resources: ["customresourcedefinitions"] + verbs: ["get", "list"] + - apiGroups: ["networking.k8s.io"] + resources: ["networkpolicies"] + verbs: ["*"] + - apiGroups: [""] + resources: ["persistentvolumeclaims", "persistentvolumes", "services", "secrets", "serviceaccounts", "configmaps"] + verbs: ["*"] + - apiGroups: ["apps"] + resources: ["deployments"] + verbs: ["*"] + - apiGroups: ["rbac.authorization.k8s.io"] + resources: ["role", "clusterrole"] + verbs: ["get", "list"] + - apiGroups: ["rbac.authorization.k8s.io"] + resources: ["rolebindings", "clusterrolebindings"] + verbs: ["*"] + - apiGroups: ["storage.k8s.io"] + resources: ["storageclasses"] + verbs: ["get", "list"] + - apiGroups: ["apiextensions.k8s.io"] + resources: ["customresourcedefinitions"] + verbs: ["get", "list"] + - apiGroups: ["k8s.cni.cncf.io"] + resources: ["network-attachment-definitions"] + verbs: ["get", "list"] + - apiGroups: ["kubevirt.io"] + resources: ["virtualmachines", "virtualmachineinstances", "virtualmachineinstancemigrations"] + verbs: ["*"] + - apiGroups: ["subresources.kubevirt.io"] + resources: ["*"] + verbs: ["get", "list", "update", "patch"] + - apiGroups: ["instancetype.kubevirt.io"] + resources: ["*"] + verbs: ["*"] + - apiGroups: ["cdi.kubevirt.io"] + resources: ["*"] + verbs: ["*"] + - apiGroups: ["pool.kubevirt.io"] + resources: ["*"] + verbs: ["*"] + - apiGroups: ["scheduling.k8s.io"] + resources: ["priorityclasses"] + verbs: ["get", "list"] + - apiGroups: ["autoscaling"] + resources: ["horizontalpodautoscalers"] + verbs: ["*"] + - apiGroups: ["cluster.x-k8s.io"] + resources: ["clusters", "machinedeployments"] + verbs: ["*"] + - apiGroups: ["controlplane.cluster.x-k8s.io"] + resources: ["kubeadmcontrolplanes"] + verbs: ["*"] + - apiGroups: ["infrastructure.cluster.x-k8s.io"] + resources: ["kubevirtmachinetemplates", "kubevirtclusters"] + verbs: ["*"] + - apiGroups: ["bootstrap.cluster.x-k8s.io"] + resources: ["kubeadmconfigtemplates"] + verbs: ["*"] + - apiGroups: ["addons.cluster.x-k8s.io"] + resources: ["clusterresourcesets"] + verbs: ["*"] + - apiGroups: ["kubevirt-manager.io"] + resources: ["images"] + verbs: ["*"] diff --git a/charts/kubevirt-manager/templates/rbac/kubevirt-manager/clusterrolebinding.yaml b/charts/kubevirt-manager/templates/rbac/kubevirt-manager/clusterrolebinding.yaml new file mode 100644 index 00000000..fdf1b1a9 --- /dev/null +++ b/charts/kubevirt-manager/templates/rbac/kubevirt-manager/clusterrolebinding.yaml @@ -0,0 +1,15 @@ +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + labels: + {{- include "kubevirt-manager.labels" . | nindent 4 }} + name: {{ include "kubevirt-manager.fullname" . }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: {{ include "kubevirt-manager.fullname" . }} +subjects: + - kind: ServiceAccount + name: {{ include "kubevirt-manager.serviceAccountName" . }} + namespace: {{ .Release.Namespace }} diff --git a/charts/kubevirt-manager/templates/rbac/serviceaccount.yaml b/charts/kubevirt-manager/templates/rbac/serviceaccount.yaml new file mode 100644 index 00000000..465f06a5 --- /dev/null +++ b/charts/kubevirt-manager/templates/rbac/serviceaccount.yaml @@ -0,0 +1,12 @@ +{{- if .Values.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "kubevirt-manager.serviceAccountName" . }} + labels: + {{- include "kubevirt-manager.labels" . | nindent 4 }} + {{- with .Values.serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +{{- end }} diff --git a/charts/kubevirt-manager/values.schema.json b/charts/kubevirt-manager/values.schema.json new file mode 100644 index 00000000..71d5a461 --- /dev/null +++ b/charts/kubevirt-manager/values.schema.json @@ -0,0 +1,214 @@ +{ + "$schema": "http://json-schema.org/schema#", + "type": "object", + "properties": { + "affinity": { + "type": "object" + }, + "autoscaling": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean" + }, + "maxReplicas": { + "type": "integer" + }, + "minReplicas": { + "type": "integer" + }, + "targetCPUUtilizationPercentage": { + "type": "integer" + } + } + }, + "extraEnv": { + "type": "array" + }, + "fullnameOverride": { + "type": "string" + }, + "image": { + "type": "object", + "properties": { + "pullPolicy": { + "type": "string" + }, + "repository": { + "type": "string" + }, + "tag": { + "type": "string" + } + } + }, + "imagePullSecrets": { + "type": "array" + }, + "ingress": { + "type": "object", + "properties": { + "annotations": { + "type": "object" + }, + "basicAuth": { + "type": "object", + "properties": { + "enabled": { + "type": "boolean" + }, + "existingSecret": { + "type": "string" + }, + "password": { + "type": "string" + }, + "username": { + "type": "string" + } + } + }, + "className": { + "type": "string" + }, + "enabled": { + "type": "boolean" + }, + "hosts": { + "type": "array", + "items": { + "type": "object", + "properties": { + "host": { + "type": "string" + }, + "paths": { + "type": "array", + "items": { + "type": "object", + "properties": { + "path": { + "type": "string" + }, + "pathType": { + "type": "string" + } + } + } + } + } + } + }, + "tls": { + "type": "array" + } + } + }, + "nameOverride": { + "type": "string" + }, + "nodeSelector": { + "type": "object" + }, + "podAnnotations": { + "type": "object" + }, + "podSecurityContext": { + "type": "object" + }, + "prometheus": { + "type": "object", + "properties": { + "additionalLabels": { + "type": "object" + }, + "enabled": { + "type": "boolean" + }, + "interval": { + "type": "string" + }, + "metricRelabelings": { + "type": "array" + }, + "namespace": { + "type": "string" + }, + "relabelings": { + "type": "array" + }, + "selector": { + "type": "object" + }, + "service": { + "type": "object", + "properties": { + "name": { + "type": "string" + }, + "namespace": { + "type": "string" + }, + "port": { + "type": "string" + } + } + } + } + }, + "replicaCount": { + "type": "integer" + }, + "resources": { + "type": "object" + }, + "revisionHistoryLimit": { + "type": "integer" + }, + "securityContext": { + "type": "object", + "properties": { + "allowPrivilegeEscalation": { + "type": "boolean" + }, + "readOnlyRootFilesystem": { + "type": "boolean" + }, + "runAsGroup": { + "type": "integer" + }, + "runAsUser": { + "type": "integer" + } + } + }, + "service": { + "type": "object", + "properties": { + "port": { + "type": "integer" + }, + "type": { + "type": "string" + } + } + }, + "serviceAccount": { + "type": "object", + "properties": { + "annotations": { + "type": "object" + }, + "create": { + "type": "boolean" + }, + "name": { + "type": "string" + } + } + }, + "tolerations": { + "type": "array" + } + } +} diff --git a/charts/kubevirt-manager/values.yaml b/charts/kubevirt-manager/values.yaml new file mode 100644 index 00000000..880c21fa --- /dev/null +++ b/charts/kubevirt-manager/values.yaml @@ -0,0 +1,146 @@ +# -- Provide a name in place of `kubevirt-manager` +nameOverride: "" + +# -- String to fully override `"kubevirt-manager.fullname"` +fullnameOverride: "" + +image: + # -- image repository + repository: kubevirtmanager/kubevirt-manager + # -- image pull policy + pullPolicy: Always + # -- Overrides the image tag + tag: "1.4.2" + +# -- If defined, uses a Secret to pull an image from a private Docker registry or repository. +imagePullSecrets: [] + +# -- Number of replicas +replicaCount: 1 + +# -- The number of old ReplicaSets to retain +revisionHistoryLimit: 0 + +serviceAccount: + # -- Specifies whether a service account should be created + create: true + # -- Annotations to add to the service account + annotations: {} + # -- The name of the service account to use. + # If not set and create is true, a name is generated using the fullname template + name: "" + +# -- Annotations to be added to exporter pods +podAnnotations: {} + +# -- pod-level security context +podSecurityContext: {} + # fsGroup: 2000 + +# -- container-level security context +securityContext: + allowPrivilegeEscalation: false + readOnlyRootFilesystem: true + runAsUser: 10000 + runAsGroup: 30000 + +service: + # -- Kubernetes service type + type: ClusterIP + # -- Kubernetes port where service is exposed + port: 8080 + +ingress: + # -- Enable ingress record generation + enabled: false + basicAuth: + # -- enable the configuration of basic authentication with nginx + enabled: false + # -- An existing Secret containing the username and password for basic authentication. Username and password have to be base64 encoded in the form username:password. The Secret needs to contain a key `.htpasswd` with the base64 encoded authentication information. If set `ingress.basicAuth.username` and `ingress.basicAuth.password` will be ignored. + existingSecret: "" + # -- Username for authentication + username: "admin" + # -- Password for authentication + password: "password" + # -- IngressClass that will be be used to implement the Ingress + className: "" + # -- Additional annotations for the Ingress resource + annotations: {} + # kubernetes.io/ingress.class: nginx + # kubernetes.io/tls-acme: "true" + # -- An array with the hosts configuration + # @default -- see [values.yaml](./values.yaml) + hosts: + - host: chart-example.local + paths: + - path: / + pathType: ImplementationSpecific + # -- An array with the tls configuration + tls: [] + # - secretName: chart-example-tls + # hosts: + # - chart-example.local + +# -- Resource limits and requests for the pods. +resources: {} + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # limits: + # cpu: 100m + # memory: 128Mi + # requests: + # cpu: 100m + # memory: 128Mi + +autoscaling: + # -- Enable Horizontal POD autoscaling + enabled: false + # -- Minimum number of replicas + minReplicas: 1 + # -- Maximum number of replicas + maxReplicas: 100 + # -- Target CPU utilization percentage + targetCPUUtilizationPercentage: 80 + # -- Target Memory utilization percentage + # targetMemoryUtilizationPercentage: 80 + +# -- Node labels for pod assignment +nodeSelector: {} + +# -- Toleration labels for pod assignment +tolerations: [] + +# -- Affinity settings for pod assignment +affinity: {} + +# -- additional environment variables to be added to the pods +extraEnv: [] + # - name: FOO + # value: BAR + +prometheus: + # -- Enable a Prometheus ServiceMonitor + enabled: false + # -- Prometheus ServiceMonitor labels + additionalLabels: {} + # release: prometheus + # -- Prometheus ServiceMonitor selector + selector: {} + # prometheus: kube-prometheus + # -- Prometheus ServiceMonitor interval + interval: 30s + # -- Prometheus ServiceMonitor namespace + namespace: "" + # -- Prometheus [MetricRelabelConfigs] to apply to samples before ingestion + metricRelabelings: [] + # -- Prometheus [RelabelConfigs] to apply to samples before scraping + relabelings: [] + service: + # -- Name of the Prometheus Service + name: "" + # -- Namespace of the Prometheus Service + namespace: "" + # -- Port of the Prometheus Service + port: ""