master-group/charts
2
0
Fork 0
mirror of https://github.com/k8s-at-home/charts.git synced 2025-01-23 23:49:12 +00:00
Code Issues Packages Projects Releases Wiki Activity

Remove submodule (#82)

Browse Source 
* removing submodule

Signed-off-by: Jeff Billimek <jeffrey_k_billimek@homedepot.com>

* removing submodule

Signed-off-by: Jeff Billimek <jeffrey_k_billimek@homedepot.com>

* removing submodule

Signed-off-by: Jeff Billimek <jeffrey_k_billimek@homedepot.com>
This commit is contained in:
Jeff Billimek 2019-10-19 20:11:30 -04:00 committed by GitHub
parent d7ee691ea9
commit 87cc1ee645
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
9 changed files with 0 additions and 571 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
.gitmodules vendored
View File

@ -1,6 +1,3 @@
[submodule "kube-plex"]
path = .submodules/kube-plex
url = https://github.com/billimek/kube-plex.git
[submodule ".submodules/sig-storage-local-static-provisioner"]
path = .submodules/sig-storage-local-static-provisioner
url = https://github.com/kubernetes-sigs/sig-storage-local-static-provisioner.git

1
.submodules/sig-storage-local-static-provisioner

@ -1 +0,0 @@
Subproject commit 747ad24a8984fd89021e88b0369043a412fb4cf8

12
provisioner/Chart.yaml
View File

@ -1,12 +0,0 @@
apiVersion: v1
version: 2.3.2
description: local provisioner chart
name: provisioner
appVersion: 2.3.2
keywords:
- storage
- local
engine: gotpl
home: https://github.com/kubernetes-sigs/sig-storage-local-static-provisioner/tree/master/helm/provisioner
maintainers:
- name: billimek

10
provisioner/templates/namespace.yaml
View File

@ -1,10 +0,0 @@
{{- if .Values.common.createNamespace }}
apiVersion: v1
kind: Namespace
metadata:
name: {{ .Values.common.namespace | quote }}
labels:
heritage: {{ .Release.Service | quote }}
release: {{ .Release.Name | quote }}
chart: {{ replace "+" "_" .Chart.Version | printf "%s-%s" .Chart.Name }}
{{- end }}

35
provisioner/templates/pod-security-policy.yaml
View File

@ -1,35 +0,0 @@
{{- if .Values.common.podSecurityPolicy -}}
apiVersion: policy/v1beta1
kind: PodSecurityPolicy
metadata:
name: local-storage-provisioner-pod-security-policy
labels:
heritage: {{ .Release.Service | quote }}
release: {{ .Release.Name | quote }}
chart: {{ replace "+" "_" .Chart.Version | printf "%s-%s" .Chart.Name }}
spec:
allowPrivilegeEscalation: true
allowedHostPaths:
- pathPrefix: /dev
{{- range $classConfig := .Values.classes }}
- pathPrefix: {{ $classConfig.hostDir }}
{{- end }}
fsGroup:
rule: RunAsAny
privileged: true
requiredDropCapabilities:
- ALL
runAsUser:
ranges:
- max: 65535
min: 1
rule: MustRunAs
seLinux:
rule: RunAsAny
supplementalGroups:
rule: RunAsAny
volumes:
- configMap
- secret
- hostPath
{{- end }}

124
provisioner/templates/provisioner-cluster-role-binding.yaml
View File

@ -1,124 +0,0 @@
{{- if .Values.common.rbac }}
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: local-storage-provisioner-pv-binding
labels:
heritage: {{ .Release.Service | quote }}
release: {{ .Release.Name | quote }}
chart: {{ replace "+" "_" .Chart.Version | printf "%s-%s" .Chart.Name }}
subjects:
- kind: ServiceAccount
name: {{ .Values.daemonset.serviceAccount }}
namespace: {{ .Values.common.namespace }}
roleRef:
kind: ClusterRole
name: system:persistent-volume-provisioner
apiGroup: rbac.authorization.k8s.io
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: local-storage-provisioner-node-clusterrole
labels:
heritage: {{ .Release.Service | quote }}
release: {{ .Release.Name | quote }}
chart: {{ replace "+" "_" .Chart.Version | printf "%s-%s" .Chart.Name }}
rules:
- apiGroups: [""]
resources: ["nodes"]
verbs: ["get"]
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: local-storage-provisioner-node-binding
labels:
heritage: {{ .Release.Service | quote }}
release: {{ .Release.Name | quote }}
chart: {{ replace "+" "_" .Chart.Version | printf "%s-%s" .Chart.Name }}
subjects:
- kind: ServiceAccount
name: {{ .Values.daemonset.serviceAccount }}
namespace: {{ .Values.common.namespace }}
roleRef:
kind: ClusterRole
name: local-storage-provisioner-node-clusterrole
apiGroup: rbac.authorization.k8s.io
{{- if .Values.common.useJobForCleaning }}
---
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
name: local-storage-provisioner-jobs-role
namespace: {{ .Values.common.namespace }}
labels:
heritage: {{ .Release.Service | quote }}
release: {{ .Release.Name | quote }}
chart: {{ replace "+" "_" .Chart.Version | printf "%s-%s" .Chart.Name }}
rules:
- apiGroups:
- 'batch'
resources:
- jobs
verbs:
- '*'
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
name: local-storage-provisioner-jobs-rolebinding
namespace: {{ .Values.common.namespace }}
labels:
heritage: {{ .Release.Service | quote }}
release: {{ .Release.Name | quote }}
chart: {{ replace "+" "_" .Chart.Version | printf "%s-%s" .Chart.Name }}
subjects:
- kind: ServiceAccount
name: {{ .Values.daemonset.serviceAccount }}
namespace: {{ .Values.common.namespace }}
roleRef:
kind: Role
name: local-storage-provisioner-jobs-role
apiGroup: rbac.authorization.k8s.io
{{- end }}
{{- if .Values.common.podSecurityPolicy }}
---
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
name: local-storage-provisioner-psp-role
namespace: {{ .Values.common.namespace }}
labels:
heritage: {{ .Release.Service | quote }}
release: {{ .Release.Name | quote }}
chart: {{ replace "+" "_" .Chart.Version | printf "%s-%s" .Chart.Name }}
rules:
- apiGroups:
- policy
resources:
- podsecuritypolicies
resourceNames:
- local-storage-provisioner-pod-security-policy
verbs:
- use
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
name: local-storage-provisioner-psp-rolebinding
namespace: {{ .Values.common.namespace }}
labels:
heritage: {{ .Release.Service | quote }}
release: {{ .Release.Name | quote }}
chart: {{ replace "+" "_" .Chart.Version | printf "%s-%s" .Chart.Name }}
subjects:
- kind: ServiceAccount
name: {{ .Values.daemonset.serviceAccount }}
namespace: {{ .Values.common.namespace }}
roleRef:
kind: Role
name: local-storage-provisioner-psp-role
apiGroup: rbac.authorization.k8s.io
{{- end }}
{{- end }}

11
provisioner/templates/provisioner-service-account.yaml
View File

@ -1,11 +0,0 @@
{{- if .Values.common.rbac }}
apiVersion: v1
kind: ServiceAccount
metadata:
name: {{ .Values.daemonset.serviceAccount }}
namespace: {{ .Values.common.namespace }}
labels:
heritage: {{ .Release.Service | quote }}
release: {{ .Release.Name | quote }}
chart: {{ replace "+" "_" .Chart.Version | printf "%s-%s" .Chart.Name }}
{{- end }}

218
provisioner/templates/provisioner.yaml
View File

@ -1,218 +0,0 @@
apiVersion: v1
kind: ConfigMap
metadata:
name: {{ .Values.common.configMapName }}
namespace: {{ .Values.common.namespace }}
labels:
heritage: {{ .Release.Service | quote }}
release: {{ .Release.Name | quote }}
chart: {{ replace "+" "_" .Chart.Version | printf "%s-%s" .Chart.Name }}
data:
{{- if .Values.daemonset.nodeLabels }}
nodeLabelsForPV: |
{{- range $label := .Values.daemonset.nodeLabels }}
- {{$label}}
{{- end }}
{{- end }}
{{- if .Values.common.useAlphaAPI }}
useAlphaAPI: "true"
{{- end }}
{{- if .Values.common.setPVOwnerRef }}
setPVOwnerRef: "true"
{{- end }}
{{- if .Values.common.useJobForCleaning }}
useJobForCleaning: "yes"
{{- end}}
{{- if .Values.common.useNodeNameOnly }}
useNodeNameOnly: "true"
{{- end }}
{{- if .Values.common.minResyncPeriod }}
minResyncPeriod: {{ .Values.common.minResyncPeriod | quote }}
{{- end}}
storageClassMap: |
{{- range $classConfig := .Values.classes }}
{{ $classConfig.name }}:
hostDir: {{ $classConfig.hostDir }}
mountDir: {{ if $classConfig.mountDir }} {{- $classConfig.mountDir -}} {{ else }} {{- $classConfig.hostDir -}} {{ end }}
{{- if $classConfig.blockCleanerCommand }}
blockCleanerCommand:
{{- range $val := $classConfig.blockCleanerCommand }}
- "{{ $val -}}"{{- end}}
{{- end }}
{{- if $classConfig.volumeMode }}
volumeMode: {{ $classConfig.volumeMode }}
{{- end }}
{{- if $classConfig.fsType }}
fsType: {{ $classConfig.fsType }}
{{- end }}
{{- end }}
---
apiVersion: apps/v1
kind: DaemonSet
metadata:
name: {{ .Values.daemonset.name }}
namespace: {{ .Values.common.namespace }}
labels:
app: local-volume-provisioner
heritage: {{ .Release.Service | quote }}
release: {{ .Release.Name | quote }}
chart: {{ replace "+" "_" .Chart.Version | printf "%s-%s" .Chart.Name }}
spec:
selector:
matchLabels:
app: local-volume-provisioner
template:
metadata:
labels:
app: local-volume-provisioner
spec:
serviceAccountName: {{.Values.daemonset.serviceAccount}}
{{- if .Values.daemonset.priorityClassName }}
{{- if eq .Values.common.namespace "kube-system" }}
priorityClassName: {{.Values.daemonset.priorityClassName}}
{{- else }}
{{- $systemCriticalClasses := list "system-cluster-critical" "system-node-critical" }}
{{- if not (has .Values.daemonset.priorityClassName $systemCriticalClasses) }}
priorityClassName: {{.Values.daemonset.priorityClassName}}
{{- end }}
{{- end }}
{{- end }}
{{- if .Values.daemonset.nodeSelector }}
nodeSelector:
{{ .Values.daemonset.nodeSelector | toYaml | trim | indent 8 }}
{{- end }}
{{- if .Values.daemonset.tolerations }}
tolerations:
{{ .Values.daemonset.tolerations | toYaml | trim | indent 8 }}
{{- end }}
containers:
- image: "{{ .Values.daemonset.image }}"
{{- if .Values.daemonset.imagePullPolicy }}
imagePullPolicy: {{ .Values.daemonset.imagePullPolicy | quote }}
{{- end }}
name: provisioner
securityContext:
privileged: true
{{- if .Values.daemonset.resources }}
resources:
{{ .Values.daemonset.resources | toYaml | trim | indent 12 }}
{{- end }}
env:
- name: MY_NODE_NAME
valueFrom:
fieldRef:
fieldPath: spec.nodeName
- name: MY_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
- name: JOB_CONTAINER_IMAGE
value: "{{ .Values.daemonset.image }}"
{{- if .Values.daemonset.kubeConfigEnv }}
- name: KUBECONFIG
value: {{.Values.daemonset.kubeConfigEnv}}
{{- end }}
{{- if .Values.prometheus.operator.enabled }}
ports:
- containerPort: 8080
name: http
{{- end }}
volumeMounts:
- mountPath: /etc/provisioner/config
name: provisioner-config
readOnly: true
- mountPath: /dev
name: provisioner-dev
{{- range $classConfig := .Values.classes }}
- mountPath: {{ if $classConfig.mountDir }} {{- $classConfig.mountDir -}} {{ else }} {{- $classConfig.hostDir -}} {{ end }}
name: {{ $classConfig.name }}
mountPropagation: "HostToContainer"
{{- end }}
volumes:
- name: provisioner-config
configMap:
name: {{ .Values.common.configMapName }}
- name: provisioner-dev
hostPath:
path: /dev
{{- range $classConfig := .Values.classes }}
- name: {{ $classConfig.name }}
hostPath:
path: {{ $classConfig.hostDir }}
{{- end }}
{{- $release := .Release }}
{{- $chart := .Chart }}
{{- range $val := .Values.classes }}
{{- if $val.storageClass }}
---
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
name: {{ $val.name }}
{{- if kindIs "map" $val.storageClass }}
{{- if $val.storageClass.isDefaultClass }}
annotations:
storageclass.kubernetes.io/is-default-class: "true"
{{- end }}
{{- end }}
labels:
heritage: {{ $release.Service | quote }}
release: {{ $release.Name | quote }}
chart: {{ replace "+" "_" $chart.Version | printf "%s-%s" $chart.Name }}
provisioner: kubernetes.io/no-provisioner
volumeBindingMode: WaitForFirstConsumer
{{- if kindIs "map" $val.storageClass }}
reclaimPolicy: {{ $val.storageClass.reclaimPolicy | default "Delete" }}
{{- else }}
reclaimPolicy: Delete
{{- end }}
{{- end }}
{{- end }}
{{- if .Values.prometheus.operator.enabled }}
---
apiVersion: v1
kind: Service
metadata:
name: {{ .Values.daemonset.name }}
namespace: {{ .Values.common.namespace }}
labels:
app: local-volume-provisioner
heritage: {{ .Release.Service | quote }}
release: {{ .Release.Name | quote }}
chart: {{ replace "+" "_" .Chart.Version | printf "%s-%s" .Chart.Name }}
spec:
type: ClusterIP
ports:
- port: 8080
targetPort: 8080
name: http
selector:
app: local-volume-provisioner
---
apiVersion: monitoring.coreos.com/v1
kind: ServiceMonitor
metadata:
name: {{ .Values.daemonset.name }}
namespace: {{ .Values.prometheus.operator.serviceMonitor.namespace }}
labels:
app: local-volume-provisioner
heritage: {{ .Release.Service | quote }}
release: {{ .Release.Name | quote }}
chart: {{ replace "+" "_" .Chart.Version | printf "%s-%s" .Chart.Name }}
{{- if .Values.prometheus.operator.serviceMonitor.selector }}
{{ toYaml .Values.prometheus.operator.serviceMonitor.selector }}
{{- end -}}
spec:
jobLabel: app
selector:
matchLabels:
app: local-volume-provisioner
release: {{ .Release.Name | quote }}
namespaceSelector:
matchNames:
- {{ .Values.common.namespace }}
endpoints:
- port: http
interval: {{ .Values.prometheus.operator.serviceMonitor.interval }}
scheme: http
{{- end }}

157
provisioner/values.yaml
View File

@ -1,157 +0,0 @@
#
# Common options.
#
common:
#
# Defines whether to generate service account and role bindings.
#
rbac: true
#
# Defines the namespace where provisioner runs
#
namespace: default
#
# Defines whether to create provisioner namespace
#
createNamespace: false
#
# Beta PV.NodeAffinity field is used by default. If running against pre-1.10
# k8s version, the `useAlphaAPI` flag must be enabled in the configMap.
#
useAlphaAPI: false
#
# Indicates if PVs should be dependents of the owner Node.
#
setPVOwnerRef: false
#
# Provisioner clean volumes in process by default. If set to true, provisioner
# will use Jobs to clean.
#
useJobForCleaning: false
#
# Provisioner name contains Node.UID by default. If set to true, the provisioner
# name will only use Node.Name.
#
useNodeNameOnly: false
#
# Resync period in reflectors will be random between minResyncPeriod and
# 2*minResyncPeriod. Default: 5m0s.
#
# minResyncPeriod: 5m0s
#
# Defines the name of configmap used by Provisioner
#
configMapName: "local-provisioner-config"
#
# Enables or disables Pod Security Policy creation and binding
#
podSecurityPolicy: false
#
# Configure storage classes.
#
classes:
- name: fast-disks # Defines name of storage classe.
# Path on the host where local volumes of this storage class are mounted
# under.
hostDir: /mnt/fast-disks
# Optionally specify mount path of local volumes. By default, we use same
# path as hostDir in container.
# mountDir: /mnt/fast-disks
# The volume mode of created PersistentVolume object. Default to Filesystem
# if not specified.
volumeMode: Filesystem
# Filesystem type to mount.
# It applies only when the source path is a block device,
# and desire volume mode is Filesystem.
# Must be a filesystem type supported by the host operating system.
fsType: ext4
blockCleanerCommand:
# Do a quick reset of the block device during its cleanup.
# - "/scripts/quick_reset.sh"
# or use dd to zero out block dev in two iterations by uncommenting these lines
# - "/scripts/dd_zero.sh"
# - "2"
# or run shred utility for 2 iteration.s
- "/scripts/shred.sh"
- "2"
# or blkdiscard utility by uncommenting the line below.
# - "/scripts/blkdiscard.sh"
# Uncomment to create storage class object with default configuration.
# storageClass: true
# Uncomment to create storage class object and configure it.
# storageClass:
# reclaimPolicy: Delete # Available reclaim policies: Delete/Retain, defaults: Delete.
# isDefaultClass: true # set as default class
#
# Configure DaemonSet for provisioner.
#
daemonset:
#
# Defines the name of a Provisioner
#
name: "local-volume-provisioner"
#
# Defines Provisioner's image name including container registry.
#
image: quay.io/external_storage/local-volume-provisioner:v2.3.2
#
# Defines Image download policy, see kubernetes documentation for available values.
#
# imagePullPolicy: Always
#
# Defines a name of the service account which Provisioner will use to communicate with API server.
#
serviceAccount: local-storage-admin
#
# Defines a name of the Pod Priority Class to use with the Provisioner DaemonSet
#
# Note that if you want to make it critical, specify "system-cluster-critical"
# or "system-node-critical" and deploy in kube-system namespace.
# Ref: https://k8s.io/docs/tasks/administer-cluster/guaranteed-scheduling-critical-addon-pods/#marking-pod-as-critical
#
# priorityClassName: system-node-critical
# If configured, nodeSelector will add a nodeSelector field to the DaemonSet PodSpec.
#
# NodeSelector constraint for local-volume-provisioner scheduling to nodes.
# Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector
nodeSelector: {}
#
# If configured KubeConfigEnv will (optionally) specify the location of kubeconfig file on the node.
# kubeConfigEnv: KUBECONFIG
#
# List of node labels to be copied to the PVs created by the provisioner in a format:
#
# nodeLabels:
# - failure-domain.beta.kubernetes.io/zone
# - failure-domain.beta.kubernetes.io/region
#
# If configured, tolerations will add a toleration field to the DaemonSet PodSpec.
#
# Node tolerations for local-volume-provisioner scheduling to nodes with taints.
# Ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
tolerations: []
#
# If configured, resources will set the requests/limits field to the Daemonset PodSpec.
# Ref: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/
resources: {}
#
# Configure Prometheus monitoring
#
prometheus:
operator:
## Are you using Prometheus Operator?
enabled: false
serviceMonitor:
## Interval at which Prometheus scrapes the provisioner
interval: 10s
# Namespace Prometheus is installed in
namespace: monitoring
## Defaults to whats used if you follow CoreOS [Prometheus Install Instructions](https://github.com/coreos/prometheus-operator/tree/master/helm#tldr)
## [Prometheus Selector Label](https://github.com/coreos/prometheus-operator/blob/master/helm/prometheus/templates/prometheus.yaml#L65)
## [Kube Prometheus Selector Label](https://github.com/coreos/prometheus-operator/blob/master/helm/kube-prometheus/values.yaml#L298)
selector:
prometheus: kube-prometheus