Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
k8s-ingress
Project
Project
Details
Activity
Releases
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
3
Merge Requests
3
Wiki
Wiki
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Commits
Issue Boards
Open sidebar
uplex-varnish
k8s-ingress
Commits
04507d1c
Commit
04507d1c
authored
May 18, 2020
by
Lars Fenneberg
Committed by
Tim Leers
Jul 06, 2020
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Add Helm charts
parent
ec3301ff
Changes
24
Show whitespace changes
Inline
Side-by-side
Showing
24 changed files
with
1566 additions
and
0 deletions
+1566
-0
.helmignore
charts/viking-controller/.helmignore
+21
-0
Chart.yaml
charts/viking-controller/Chart.yaml
+5
-0
backendcfg-crd.yaml
charts/viking-controller/crds/backendcfg-crd.yaml
+112
-0
varnishcfg-crd.yaml
charts/viking-controller/crds/varnishcfg-crd.yaml
+384
-0
NOTES.txt
charts/viking-controller/templates/NOTES.txt
+1
-0
_helpers.tpl
charts/viking-controller/templates/_helpers.tpl
+53
-0
clusterrole.yaml
charts/viking-controller/templates/clusterrole.yaml
+82
-0
clusterrolebinding.yaml
charts/viking-controller/templates/clusterrolebinding.yaml
+17
-0
deployment.yaml
charts/viking-controller/templates/deployment.yaml
+120
-0
poddisruptionbudget.yaml
charts/viking-controller/templates/poddisruptionbudget.yaml
+19
-0
serviceaccount.yaml
charts/viking-controller/templates/serviceaccount.yaml
+9
-0
values.yaml
charts/viking-controller/values.yaml
+125
-0
.helmignore
charts/viking-service/.helmignore
+21
-0
Chart.yaml
charts/viking-service/Chart.yaml
+5
-0
NOTES.txt
charts/viking-service/templates/NOTES.txt
+1
-0
_helpers.tpl
charts/viking-service/templates/_helpers.tpl
+68
-0
admin-secret.yaml
charts/viking-service/templates/admin-secret.yaml
+14
-0
admin-service.yaml
charts/viking-service/templates/admin-service.yaml
+39
-0
deployment.yaml
charts/viking-service/templates/deployment.yaml
+190
-0
poddisruptionbudget.yaml
charts/viking-service/templates/poddisruptionbudget.yaml
+19
-0
service.yaml
charts/viking-service/templates/service.yaml
+66
-0
serviceaccount.yaml
charts/viking-service/templates/serviceaccount.yaml
+9
-0
tls-cert-secret.yaml
charts/viking-service/templates/tls-cert-secret.yaml
+11
-0
values.yaml
charts/viking-service/values.yaml
+175
-0
No files found.
charts/viking-controller/.helmignore
0 → 100644
View file @
04507d1c
# Patterns to ignore when building packages.
# This supports shell glob matching, relative path matching, and
# negation (prefixed with !). Only one pattern per line.
.DS_Store
# Common VCS dirs
.git/
.gitignore
.bzr/
.bzrignore
.hg/
.hgignore
.svn/
# Common backup files
*.swp
*.bak
*.tmp
*~
# Various IDEs
.project
.idea/
*.tmproj
charts/viking-controller/Chart.yaml
0 → 100644
View file @
04507d1c
apiVersion
:
v2
name
:
viking-controller
version
:
0.1.0
description
:
Viking is a Varnish based Ingress controller with additional features
engine
:
gotpl
charts/viking-controller/crds/backendcfg-crd.yaml
0 → 100644
View file @
04507d1c
apiVersion
:
apiextensions.k8s.io/v1beta1
kind
:
CustomResourceDefinition
metadata
:
name
:
backendconfigs.ingress.varnish-cache.org
spec
:
group
:
ingress.varnish-cache.org
names
:
kind
:
BackendConfig
listKind
:
BackendConfigList
plural
:
backendconfigs
singular
:
backendconfig
shortNames
:
-
becfg
scope
:
Namespaced
version
:
v1alpha1
versions
:
-
name
:
v1alpha1
served
:
true
storage
:
true
validation
:
openAPIV3Schema
:
required
:
-
spec
properties
:
spec
:
required
:
-
services
properties
:
services
:
type
:
array
minItems
:
1
items
:
type
:
string
minLength
:
1
host-header
:
type
:
string
minLength
:
1
connect-timeout
:
type
:
string
pattern
:
'
^\d+(\.\d+)?(ms|[smhdwy])$'
first-byte-timeout
:
type
:
string
pattern
:
'
^\d+(\.\d+)?(ms|[smhdwy])$'
between-bytes-timeout
:
type
:
string
pattern
:
'
^\d+(\.\d+)?(ms|[smhdwy])$'
proxy-header
:
type
:
integer
minimum
:
1
maximum
:
2
max-connections
:
type
:
integer
minimum
:
1
probe
:
type
:
object
properties
:
url
:
type
:
string
pattern
:
^/
request
:
type
:
array
minItems
:
1
items
:
type
:
string
expected-response
:
type
:
integer
minimum
:
100
maximum
:
599
timeout
:
type
:
string
pattern
:
'
^\d+(\.\d+)?(ms|[smhdwy])$'
interval
:
type
:
string
pattern
:
'
^\d+(\.\d+)?(ms|[smhdwy])$'
initial
:
type
:
integer
minimum
:
0
window
:
type
:
integer
minimum
:
0
maximum
:
64
threshold
:
type
:
integer
minimum
:
0
maximum
:
64
director
:
type
:
object
properties
:
type
:
enum
:
-
round-robin
-
random
-
shard
type
:
string
warmup
:
type
:
integer
minimum
:
0
maximum
:
100
rampup
:
type
:
string
pattern
:
'
^\d+(\.\d+)?(ms|[smhdwy])$'
status
:
acceptedNames
:
kind
:
BackendConfig
listKind
:
BackendConfigList
plural
:
backendconfigs
singular
:
backendconfig
shortNames
:
-
becfg
storedVersions
:
-
v1alphav1
conditions
:
[]
charts/viking-controller/crds/varnishcfg-crd.yaml
0 → 100644
View file @
04507d1c
apiVersion
:
apiextensions.k8s.io/v1beta1
kind
:
CustomResourceDefinition
metadata
:
name
:
varnishconfigs.ingress.varnish-cache.org
spec
:
group
:
ingress.varnish-cache.org
names
:
kind
:
VarnishConfig
listKind
:
VarnishConfigList
plural
:
varnishconfigs
singular
:
varnishconfig
shortNames
:
-
vcfg
scope
:
Namespaced
version
:
v1alpha1
versions
:
-
name
:
v1alpha1
served
:
true
storage
:
true
validation
:
openAPIV3Schema
:
required
:
-
spec
properties
:
spec
:
required
:
-
services
properties
:
services
:
type
:
array
minItems
:
1
items
:
type
:
string
self-sharding
:
type
:
object
properties
:
max-secondary-ttl
:
type
:
string
pattern
:
'
^\d+(\.\d+)?(ms|[smhdwy])$'
probe
:
type
:
object
properties
:
timeout
:
type
:
string
pattern
:
'
^\d+(\.\d+)?(ms|[smhdwy])$'
interval
:
type
:
string
pattern
:
'
^\d+(\.\d+)?(ms|[smhdwy])$'
initial
:
type
:
integer
minimum
:
0
window
:
type
:
integer
minimum
:
0
maximum
:
64
threshold
:
type
:
integer
minimum
:
0
maximum
:
64
auth
:
type
:
array
minItems
:
1
items
:
type
:
object
required
:
-
realm
-
secretName
properties
:
realm
:
type
:
string
minLength
:
1
secretName
:
type
:
string
minLength
:
1
type
:
enum
:
-
basic
-
proxy
type
:
string
utf8
:
type
:
boolean
conditions
:
type
:
array
minItems
:
1
items
:
type
:
object
required
:
-
comparand
-
value
properties
:
comparand
:
type
:
string
pattern
:
"
^req
\\
.(url|http
\\
.[a-zA-Z0-9!#$%&'*+.^_`|~-]+)$"
compare
:
enum
:
-
equal
-
not-equal
-
match
-
not-match
type
:
string
value
:
type
:
string
minLength
:
1
acl
:
type
:
array
minItems
:
1
items
:
type
:
object
required
:
-
name
-
addrs
properties
:
name
:
type
:
string
minLength
:
1
addrs
:
type
:
array
minItems
:
1
items
:
type
:
object
required
:
-
addr
properties
:
addr
:
type
:
string
pattern
:
'
^[^"]+$'
mask-bits
:
type
:
integer
minimum
:
0
maximum
:
128
negate
:
type
:
boolean
type
:
enum
:
-
whitelist
-
blacklist
type
:
string
fail-status
:
type
:
integer
minimum
:
0
maximum
:
599
comparand
:
type
:
string
pattern
:
"
^((client|server|local|remote)
\\
.ip|xff-(first|2ndlast)|req
\\
.http
\\
.[a-zA-Z0-9!#$%&'*+.^_`|~-]+)$"
conditions
:
type
:
array
minItems
:
1
items
:
type
:
object
required
:
-
comparand
-
value
properties
:
comparand
:
type
:
string
pattern
:
"
^req
\\
.(url|http
\\
.[a-zA-Z0-9!#$%&'*+.^_`|~-]+)$"
compare
:
enum
:
-
equal
-
not-equal
-
match
-
not-match
type
:
string
value
:
type
:
string
minLength
:
1
result-header
:
type
:
object
required
:
-
header
-
success
-
failure
properties
:
header
:
type
:
string
pattern
:
"
^req
\\
.http
\\
.[a-zA-Z0-9!#$%&'*+.^_`|~-]+$"
success
:
type
:
string
minLength
:
1
failure
:
type
:
string
minLength
:
1
vcl
:
type
:
string
minLength
:
1
rewrites
:
type
:
array
minItems
:
1
items
:
type
:
object
required
:
-
target
-
method
properties
:
target
:
type
:
string
pattern
:
"
^(be)?(req
\\
.url|re(q|sp)
\\
.http
\\
.[a-zA-Z0-9!#$%&'*+.^_`|~-]+)$"
source
:
type
:
string
pattern
:
"
^(be)?(req
\\
.url|re(q|sp)
\\
.http
\\
.[a-zA-Z0-9!#$%&'*+.^_`|~-]+)$"
method
:
type
:
string
enum
:
-
replace
-
sub
-
suball
-
rewrite
-
append
-
prepend
-
delete
select
:
type
:
string
enum
:
-
unique
-
first
-
last
-
exact
-
longest
-
shortest
compare
:
type
:
string
enum
:
-
match
-
equal
-
prefix
vcl-sub
:
type
:
string
enum
:
-
recv
-
pipe
-
pass
-
hash
-
purge
-
miss
-
hit
-
deliver
-
synth
-
backend_fetch
-
backend_response
-
backend_error
rules
:
type
:
array
minItems
:
1
items
:
type
:
object
properties
:
rewrite
:
type
:
string
minLength
:
1
value
:
type
:
string
minLength
:
1
match-flags
:
type
:
object
properties
:
max-mem
:
type
:
integer
min
:
0
anchor
:
type
:
string
enum
:
-
none
-
start
-
both
utf8
:
type
:
boolean
posix-syntax
:
type
:
boolean
longest-match
:
type
:
boolean
literal
:
type
:
boolean
never-capture
:
type
:
boolean
case-sensitive
:
type
:
boolean
perl-classes
:
type
:
boolean
word-boundary
:
type
:
boolean
req-disposition
:
type
:
array
minItems
:
1
items
:
type
:
object
required
:
-
conditions
-
disposition
properties
:
conditions
:
type
:
array
minItems
:
1
items
:
type
:
object
required
:
-
comparand
properties
:
comparand
:
type
:
string
pattern
:
"
^req
\\
.(url|method|proto|esi_level|restarts|http
\\
.[a-zA-Z0-9!#$%&'*+.^_`|~-]+)$"
compare
:
enum
:
-
equal
-
not-equal
-
match
-
not-match
-
prefix
-
not-prefix
-
exists
-
not-exists
-
greater
-
greater-equal
-
less
-
less-equal
type
:
string
values
:
type
:
array
minItems
:
1
items
:
type
:
string
count
:
type
:
integer
minimum
:
0
match-flags
:
type
:
object
properties
:
max-mem
:
type
:
integer
min
:
0
anchor
:
type
:
string
enum
:
-
none
-
start
-
both
utf8
:
type
:
boolean
posix-syntax
:
type
:
boolean
longest-match
:
type
:
boolean
literal
:
type
:
boolean
never-capture
:
type
:
boolean
case-sensitive
:
type
:
boolean
perl-classes
:
type
:
boolean
word-boundary
:
type
:
boolean
disposition
:
type
:
object
required
:
-
action
properties
:
action
:
enum
:
-
hash
-
pass
-
pipe
-
purge
-
synth
-
fail
-
restart
type
:
string
status
:
type
:
integer
minimum
:
200
maximum
:
599
reason
:
type
:
string
minLength
:
1
status
:
acceptedNames
:
kind
:
VarnishConfig
listKind
:
VarnishConfigList
plural
:
varnishconfigs
singular
:
varnishconfig
shortNames
:
-
vcfg
storedVersions
:
-
v1alphav1
conditions
:
[]
charts/viking-controller/templates/NOTES.txt
0 → 100644
View file @
04507d1c
The Viking ingress controller has been installed.
charts/viking-controller/templates/_helpers.tpl
0 → 100644
View file @
04507d1c
{{
/*
vim
:
set
filetype
=
mustache
:
*/
}}
{
{
/*
Expand
the
name
of
the
chart
.
*/
}
}
{{- define "viking-controller.name" -}}
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{
{
/*
Create
chart
name
and
version
as
used
by
the
chart
label
.
*/
}
}
{{- define "viking-controller.chart" -}}
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{
{
/*
Create
a
default
fully
qualified
app
name
.
We
truncate
at
63
chars
because
some
Kubernetes
name
fields
are
limited
to
this
(
by
the
DNS
naming
spec
).
*/
}
}
{{- define "viking-controller.fullname" -}}
{{- if .Values.fullnameOverride -}}
{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
{{- else -}}
{{- $name := default .Chart.Name .Values.nameOverride -}}
{{- if contains $name .Release.Name -}}
{{- .Release.Name | trunc 63 | trimSuffix "-" -}}
{{- else -}}
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{- end -}}
{{- end -}}
{
{
/*
Return
the
appropriate
apiVersion
for
deployment
.
*/
}
}
{{- define "deployment.apiVersion" -}}
{{- if semverCompare ">=1.9-0" .Capabilities.KubeVersion.GitVersion -}}
{{- print "apps/v1" -}}
{{- else -}}
{{- print "extensions/v1beta1" -}}
{{- end -}}
{{- end -}}
{
{
/*
Return
the
appropriate
apiVersion
for
podSecurityPolicy
.
*/
}
}
{{- define "podSecurityPolicy.apiVersion" -}}
{{- if semverCompare ">=1.10-0" .Capabilities.KubeVersion.GitVersion -}}
{{- print "policy/v1beta1" -}}
{{- else -}}
{{- print "extensions/v1beta1" -}}
{{- end -}}
{{- end -}}
charts/viking-controller/templates/clusterrole.yaml
0 → 100644
View file @
04507d1c
kind
:
ClusterRole
apiVersion
:
rbac.authorization.k8s.io/v1
metadata
:
labels
:
app.kubernetes.io/name
:
{{
template "viking-controller.name" .
}}
helm.sh/chart
:
{{
template "viking-controller.chart" .
}}
app.kubernetes.io/managed-by
:
{{
.Release.Service
}}
app.kubernetes.io/instance
:
{{
.Release.Name
}}
name
:
{{
template "viking-controller.fullname" .
}}
rules
:
-
apiGroups
:
-
"
"
resources
:
-
services
-
endpoints
verbs
:
-
get
-
list
-
watch
-
apiGroups
:
-
"
"
resources
:
-
secrets
verbs
:
-
get
-
list
-
watch
-
apiGroups
:
-
"
"
resources
:
-
secrets
resourceNames
:
-
tls-cert
verbs
:
-
get
-
list
-
watch
-
update
-
apiGroups
:
-
"
"
resources
:
-
pods
verbs
:
-
list
-
apiGroups
:
-
"
"
resources
:
-
events
verbs
:
-
create
-
patch
-
apiGroups
:
-
extensions
resources
:
-
ingresses
verbs
:
-
list
-
watch
-
get
-
apiGroups
:
-
"
extensions"
resources
:
-
ingresses/status
verbs
:
-
update
-
apiGroups
:
-
ingress.varnish-cache.org
resources
:
-
varnishconfigs
-
backendconfigs
verbs
:
-
list
-
watch
-
get
-
apiGroups
:
-
"
ingress.varnish-cache.org"
resources
:
-
varnishconfigs/status
-
backendconfigs/status
verbs
:
-
update
charts/viking-controller/templates/clusterrolebinding.yaml
0 → 100644
View file @
04507d1c
apiVersion
:
rbac.authorization.k8s.io/v1
kind
:
ClusterRoleBinding
metadata
:
labels
:
app.kubernetes.io/name
:
{{
template "viking-controller.name" .
}}
helm.sh/chart
:
{{
template "viking-controller.chart" .
}}
app.kubernetes.io/managed-by
:
{{
.Release.Service
}}
app.kubernetes.io/instance
:
{{
.Release.Name
}}
name
:
{{
template "viking-controller.fullname" .
}}
subjects
:
-
kind
:
ServiceAccount
name
:
{{
template "viking-controller.fullname" .
}}
namespace
:
{{
.Release.Namespace
}}
roleRef
:
kind
:
ClusterRole
name
:
{{
template "viking-controller.fullname" .
}}
apiGroup
:
rbac.authorization.k8s.io
charts/viking-controller/templates/deployment.yaml
0 → 100644
View file @
04507d1c
apiVersion
:
{{
template "deployment.apiVersion" .
}}
kind
:
Deployment
metadata
:
labels
:
app.kubernetes.io/name
:
{{
template "viking-controller.name" .
}}
helm.sh/chart
:
{{
template "viking-controller.chart" .
}}
app.kubernetes.io/component
:
"
{{
.Values.vikingController.name
}}"
app.kubernetes.io/managed-by
:
{{
.Release.Service
}}
app.kubernetes.io/instance
:
{{
.Release.Name
}}
name
:
{{
template "viking-controller.fullname" .
}}
annotations
:
{{
toYaml .Values.vikingController.annotations | nindent 4
}}
spec
:
selector
:
matchLabels
:
app.kubernetes.io/name
:
{{
template "viking-controller.name" .
}}
app.kubernetes.io/instance
:
{{
.Release.Name
}}
replicas
:
{{
.Values.vikingController.replicaCount
}}
revisionHistoryLimit
:
{{
.Values.revisionHistoryLimit
}}
strategy
:
{{
toYaml .Values.vikingController.updateStrategy | nindent 4
}}
minReadySeconds
:
{{
.Values.vikingController.minReadySeconds
}}
template
:
metadata
:
annotations
:
{{
toYaml .Values.vikingController.podAnnotations | nindent 8
}}
labels
:
app.kubernetes.io/name
:
{{
template "viking-controller.name" .
}}
app.kubernetes.io/component
:
"
{{
.Values.vikingController.name
}}"
app.kubernetes.io/instance
:
{{
.Release.Name
}}
{{
- if .Values.vikingController.podLabels
}}
{{
toYaml .Values.vikingController.podLabels | nindent 8
}}
{{
- end
}}
spec
:
{{
- if .Values.vikingController.dnsConfig
}}
dnsConfig
:
{{
toYaml .Values.vikingController.dnsConfig | nindent 8
}}
{{
- end
}}
dnsPolicy
:
{{
.Values.vikingController.dnsPolicy
}}
{{
- if .Values.imagePullSecrets
}}
imagePullSecrets
:
{{
toYaml .Values.imagePullSecrets | nindent 8
}}
{{
- end
}}
{{
- if .Values.vikingController.priorityClassName
}}
priorityClassName
:
"
{{
.Values.vikingController.priorityClassName
}}"
{{
- end
}}
securityContext
:
{{
toYaml .Values.vikingController.podSecurityContext | nindent 8
}}
containers
:
-
name
:
controller
image
:
"
{{
.Values.vikingController.image.repository
}}:{{
.Values.vikingController.image.tag
}}"
imagePullPolicy
:
"
{{
.Values.vikingController.image.pullPolicy
}}"
args
:
-
-readyfile=/run/controller-ready
-
-class={{ .Values.vikingController.ingressClass }}
{{
- if .Values.vikingController.namespace
}}
-
-namespace={{ .Values.vikingController.namespace }}
{{
- end
}}
{{
- if .Values.vikingController.extraArgs
}}
{{
toYaml .Values.vikingController.extraArgs | nindent 12
}}
{{
- end
}}
env
:
-
name
:
POD_NAME
valueFrom
:
fieldRef
:
fieldPath
:
metadata.name
-
name
:
POD_NAMESPACE
valueFrom
:
fieldRef
:
fieldPath
:
metadata.namespace
{{
- if .Values.vikingController.extraEnvs
}}
{{
toYaml .Values.vikingController.extraEnvs | nindent 12
}}
{{
- end
}}
livenessProbe
:
exec
:
command
:
-
/usr/bin/pgrep
-
-P
-
"
0"
-
k8s-ingress
readinessProbe
:
exec
:
command
:
-
/usr/bin/test
-
-e
-
/run/controller-ready
ports
:
-
name
:
http
containerPort
:
8080
volumeMounts
:
-
name
:
run
mountPath
:
"
/run"
-
name
:
tmp
mountPath
:
"
/tmp"
securityContext
:
readOnlyRootFilesystem
:
true
resources
:
{{
toYaml .Values.vikingController.resources | nindent 12
}}
hostNetwork
:
false
{{
- if .Values.vikingController.nodeSelector
}}
nodeSelector
:
{{
toYaml .Values.vikingController.nodeSelector | nindent 8
}}
{{
- end
}}
{{
- if .Values.vikingController.tolerations
}}
tolerations
:
{{
toYaml .Values.vikingController.tolerations | nindent 8
}}
{{
- end
}}
{{
- if .Values.vikingController.affinity
}}
affinity
:
{{
toYaml .Values.vikingController.affinity | nindent 8
}}
{{
- end
}}
serviceAccountName
:
{{
template "viking-controller.fullname" .
}}
terminationGracePeriodSeconds
:
{{
.Values.vikingController.terminationGracePeriodSeconds
}}
volumes
:
-
name
:
run
emptyDir
:
medium
:
"
Memory"
-
name
:
tmp
emptyDir
:
medium
:
"
Memory"
charts/viking-controller/templates/poddisruptionbudget.yaml
0 → 100644
View file @
04507d1c
{{
- if gt (.Values.vikingController.replicaCount | int) 1
}}
apiVersion
:
policy/v1beta1
kind
:
PodDisruptionBudget
metadata
:
labels
:
app.kubernetes.io/name
:
{{
template "viking-controller.name" .
}}
helm.sh/chart
:
{{
template "viking-controller.chart" .
}}
app.kubernetes.io/component
:
"
{{
.Values.vikingController.name
}}"
app.kubernetes.io/managed-by
:
{{
.Release.Service
}}
app.kubernetes.io/instance
:
{{
.Release.Name
}}
name
:
{{
template "viking-controller.fullname" .
}}
spec
:
selector
:
matchLabels
:
app.kubernetes.io/name
:
{{
template "viking-controller.name" .
}}
app.kubernetes.io/instance
:
{{
.Release.Name
}}
app.kubernetes.io/component
:
controller
minAvailable
:
{{
.Values.vikingController.minAvailable
}}
{{
- end
}}
charts/viking-controller/templates/serviceaccount.yaml
0 → 100644
View file @
04507d1c
apiVersion
:
v1
kind
:
ServiceAccount
metadata
:
labels
:
app.kubernetes.io/name
:
{{
template "viking-controller.name" .
}}
helm.sh/chart
:
{{
template "viking-controller.chart" .
}}
app.kubernetes.io/managed-by
:
{{
.Release.Service
}}
app.kubernetes.io/instance
:
{{
.Release.Name
}}
name
:
{{
template "viking-controller.fullname" .
}}
charts/viking-controller/values.yaml
0 → 100644
View file @
04507d1c
vikingController
:
image
:
repository
:
registry.gitlab.com/uplex/varnish/k8s-ingress/varnish-ingress/controller
tag
:
"
master"
pullPolicy
:
IfNotPresent
# Optionally customize the pod dnsConfig.
dnsConfig
:
{}
dnsPolicy
:
ClusterFirst
## Name of the ingress class to route through this controller
##
ingressClass
:
viking
## Only listen for resources in this namespace (default all)
# namespace:
# labels to add to the pod container metadata
podLabels
:
{}
# key: value
## Security Context policies for controller pods
## See https://kubernetes.io/docs/tasks/administer-cluster/sysctl-cluster/ for
## notes on enabling and using sysctls
##
podSecurityContext
:
{}
## Additional command line arguments to pass to nginx-ingress-controller
extraArgs
:
{}
## Additional environment variables to set
extraEnvs
:
[]
# extraEnvs:
# - name: FOO
# valueFrom:
# secretKeyRef:
# key: FOO
# name: secret-resource
## Annotations to be added to the controller deployment
##
annotations
:
{}
# The update strategy to apply to the Deployment or DaemonSet
##
updateStrategy
:
{}
# rollingUpdate:
# maxUnavailable: 1
# type: RollingUpdate
# minReadySeconds to avoid killing pods before we are ready
##
minReadySeconds
:
0
## Node tolerations for server scheduling to nodes with taints
## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/
##
tolerations
:
[]
# - key: "key"
# operator: "Equal|Exists"
# value: "value"
# effect: "NoSchedule|PreferNoSchedule|NoExecute(1.6 only)"
## Affinity and anti-affinity
## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity
##
affinity
:
{}
# # An example of preferred pod anti-affinity, weight is in the range 1-100
# podAntiAffinity:
# preferredDuringSchedulingIgnoredDuringExecution:
# - weight: 100
# podAffinityTerm:
# labelSelector:
# matchExpressions:
# - key: app
# operator: In
# values:
# - nginx-ingress
# topologyKey: kubernetes.io/hostname
# # An example of required pod anti-affinity
# podAntiAffinity:
# requiredDuringSchedulingIgnoredDuringExecution:
# - labelSelector:
# matchExpressions:
# - key: app
# operator: In
# values:
# - nginx-ingress
# topologyKey: "kubernetes.io/hostname"
## terminationGracePeriodSeconds
##
terminationGracePeriodSeconds
:
60
## Node labels for controller pod assignment
## Ref: https://kubernetes.io/docs/user-guide/node-selection/
##
nodeSelector
:
{}
## Annotations to be added to controller pods
##
podAnnotations
:
{}
# Currently the controller only works with one replica
replicaCount
:
1
minAvailable
:
1
resources
:
{}
# limits:
# cpu: 100m
# memory: 64Mi
# requests:
# cpu: 100m
# memory: 64Mi
## Rollback limit
##
revisionHistoryLimit
:
10
## Optional array of imagePullSecrets containing private registry credentials
## Ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
imagePullSecrets
:
[]
# - name: secretName
charts/viking-service/.helmignore
0 → 100644
View file @
04507d1c
# Patterns to ignore when building packages.
# This supports shell glob matching, relative path matching, and
# negation (prefixed with !). Only one pattern per line.
.DS_Store
# Common VCS dirs
.git/
.gitignore
.bzr/
.bzrignore
.hg/
.hgignore
.svn/
# Common backup files
*.swp
*.bak
*.tmp
*~
# Various IDEs
.project
.idea/
*.tmproj
charts/viking-service/Chart.yaml
0 → 100644
View file @
04507d1c
apiVersion
:
v2
name
:
viking-service
version
:
0.1.0
description
:
Viking is a Varnish based Ingress controller with additional features
engine
:
gotpl
charts/viking-service/templates/NOTES.txt
0 → 100644
View file @
04507d1c
The Viking ingress service has been installed.
charts/viking-service/templates/_helpers.tpl
0 → 100644
View file @
04507d1c
{{
/*
vim
:
set
filetype
=
mustache
:
*/
}}
{
{
/*
Expand
the
name
of
the
chart
.
*/
}
}
{{- define "viking-service.name" -}}
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{
{
/*
Create
chart
name
and
version
as
used
by
the
chart
label
.
*/
}
}
{{- define "viking-service.chart" -}}
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{
{
/*
Create
a
admin
secret
name
*/
}
}
{{- define "viking-service.admin-secret-name" -}}
{{- printf "%s-admin" (include "viking-service.name" . | trunc 55) -}}
{{- end -}}
{
{
/*
Create
a
TLS
secret
name
*/
}
}
{{- define "viking-service.tls-secret-name" -}}
{
{
/*
{{
-
printf
"%s-tls-crt"
(
include
"viking-service.name"
.
|
trunc
55
)
-
}}
*/
}
}
{{- printf "tls-cert" -}}
{{- end -}}
{
{
/*
Create
a
default
fully
qualified
app
name
.
We
truncate
at
63
chars
because
some
Kubernetes
name
fields
are
limited
to
this
(
by
the
DNS
naming
spec
).
*/
}
}
{{- define "viking-service.fullname" -}}
{{- if .Values.fullnameOverride -}}
{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
{{- else -}}
{{- $name := default .Chart.Name .Values.nameOverride -}}
{{- if contains $name .Release.Name -}}
{{- .Release.Name | trunc 63 | trimSuffix "-" -}}
{{- else -}}
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{- end -}}
{{- end -}}
{
{
/*
Return
the
appropriate
apiVersion
for
deployment
.
*/
}
}
{{- define "deployment.apiVersion" -}}
{{- if semverCompare ">=1.9-0" .Capabilities.KubeVersion.GitVersion -}}
{{- print "apps/v1" -}}
{{- else -}}
{{- print "extensions/v1beta1" -}}
{{- end -}}
{{- end -}}
{
{
/*
Return
the
appropriate
apiVersion
for
podSecurityPolicy
.
*/
}
}
{{- define "podSecurityPolicy.apiVersion" -}}
{{- if semverCompare ">=1.10-0" .Capabilities.KubeVersion.GitVersion -}}
{{- print "policy/v1beta1" -}}
{{- else -}}
{{- print "extensions/v1beta1" -}}
{{- end -}}
{{- end -}}
charts/viking-service/templates/admin-secret.yaml
0 → 100644
View file @
04507d1c
apiVersion
:
v1
kind
:
Secret
metadata
:
name
:
{{
template "viking-service.admin-secret-name" .
}}
labels
:
app.kubernetes.io/name
:
{{
template "viking-service.name" .
}}
helm.sh/chart
:
{{
template "viking-service.chart" .
}}
app.kubernetes.io/managed-by
:
{{
.Release.Service
}}
app.kubernetes.io/instance
:
{{
.Release.Name
}}
viking.uplex.de/secret
:
admin
type
:
Opaque
data
:
admin
:
{{
.Values.vikingService.secrets.admin | b64enc | quote
}}
dataplaneapi
:
{{
.Values.vikingService.secrets.dataplaneapi | b64enc | quote
}}
charts/viking-service/templates/admin-service.yaml
0 → 100644
View file @
04507d1c
apiVersion
:
v1
kind
:
Service
metadata
:
labels
:
app.kubernetes.io/name
:
{{
template "viking-service.fullname" .
}}
helm.sh/chart
:
{{
template "viking-service.chart" .
}}
app.kubernetes.io/managed-by
:
{{
.Release.Service
}}
app.kubernetes.io/instance
:
{{
.Release.Name
}}
# This label is used by the controller to find the pods to control.
app
:
varnish-ingress
name
:
{{
printf "%s-admin" (include "viking-service.name" . | trunc 57)
}}
spec
:
clusterIP
:
None
ports
:
-
name
:
varnishadm
port
:
6081
targetPort
:
6081
protocol
:
TCP
-
name
:
dataplane
port
:
5555
targetPort
:
5555
protocol
:
TCP
-
name
:
faccess
port
:
5556
targetPort
:
5556
protocol
:
TCP
-
name
:
stats
port
:
9443
targetPort
:
9443
protocol
:
TCP
selector
:
app.kubernetes.io/name
:
{{
template "viking-service.name" .
}}
app.kubernetes.io/component
:
service
app.kubernetes.io/instance
:
{{
.Release.Name
}}
{{
- if .Values.vikingService.podLabels
}}
{{
toYaml .Values.vikingService.podLabels | nindent 4
}}
{{
- end
}}
type
:
ClusterIP
publishNotReadyAddresses
:
true
charts/viking-service/templates/deployment.yaml
0 → 100644
View file @
04507d1c
apiVersion
:
{{
template "deployment.apiVersion" .
}}
kind
:
Deployment
metadata
:
labels
:
app.kubernetes.io/name
:
{{
template "viking-service.name" .
}}
helm.sh/chart
:
{{
template "viking-service.chart" .
}}
app.kubernetes.io/component
:
service
app.kubernetes.io/managed-by
:
{{
.Release.Service
}}
app.kubernetes.io/instance
:
{{
.Release.Name
}}
# Must match secret name
name
:
{{
template "viking-service.fullname" .
}}
{{
- if .Values.vikingService.annotations
}}
annotations
:
{{
toYaml .Values.vikingService.annotations | nindent 4
}}
{{
- end
}}
spec
:
selector
:
matchLabels
:
app.kubernetes.io/name
:
{{
template "viking-service.name" .
}}
app.kubernetes.io/instance
:
{{
.Release.Name
}}
replicas
:
{{
.Values.vikingService.replicaCount
}}
revisionHistoryLimit
:
{{
.Values.revisionHistoryLimit
}}
{{
- if .Values.vikingService.updateStrategy
}}
strategy
:
{{
toYaml .Values.vikingService.updateStrategy | nindent 4
}}
{{
- end
}}
minReadySeconds
:
{{
.Values.vikingService.minReadySeconds
}}
template
:
metadata
:
{{
- if .Values.vikingService.podAnnotations
}}
annotations
:
{{
toYaml .Values.vikingService.podAnnotations | nindent 8
}}
{{
- end
}}
labels
:
app.kubernetes.io/name
:
{{
template "viking-service.name" .
}}
app.kubernetes.io/component
:
service
app.kubernetes.io/instance
:
{{
.Release.Name
}}
{{
- if .Values.vikingService.podLabels
}}
{{
toYaml .Values.vikingService.podLabels | nindent 8
}}
{{
- end
}}
spec
:
{{
- if .Values.vikingService.dnsConfig
}}
dnsConfig
:
{{
toYaml .Values.vikingService.dnsConfig | nindent 8
}}
{{
- end
}}
dnsPolicy
:
{{
.Values.vikingService.dnsPolicy
}}
{{
- if .Values.imagePullSecrets
}}
imagePullSecrets
:
{{
toYaml .Values.imagePullSecrets | nindent 8
}}
{{
- end
}}
{{
- if .Values.vikingService.priorityClassName
}}
priorityClassName
:
"
{{
.Values.vikingService.priorityClassName
}}"
{{
- end
}}
{{
- if .Values.vikingService.podSecurityContext
}}
securityContext
:
{{
toYaml .Values.vikingService.podSecurityContext | nindent 8
}}
{{
- end
}}
containers
:
-
name
:
varnish
image
:
"
{{
.Values.vikingService.varnish.image.repository
}}:{{
.Values.vikingService.varnish.image.tag
}}"
imagePullPolicy
:
"
{{
.Values.vikingService.varnish.image.pullPolicy
}}"
args
:
-
-n
-
/run/varnish-home
{{
- if .Values.vikingService.varnish.extraArgs
}}
{{
toYaml .Values.vikingService.varnish.extraArgs | nindent 12
}}
{{
- end
}}
env
:
-
name
:
POD_NAME
valueFrom
:
fieldRef
:
fieldPath
:
metadata.name
-
name
:
POD_NAMESPACE
valueFrom
:
fieldRef
:
fieldPath
:
metadata.namespace
{{
- if .Values.vikingService.varnish.extraEnvs
}}
{{
toYaml .Values.vikingService.varnish.extraEnvs | nindent 12
}}
{{
- end
}}
livenessProbe
:
exec
:
command
:
-
/usr/bin/pgrep
-
-P
-
"
0"
-
varnishd
{{
- if .Values.vikingService.readinessProbe.enabled
}}
readinessProbe
:
httpGet
:
path
:
/ready
port
:
k8s
{{
- end
}}
ports
:
-
name
:
http
containerPort
:
80
-
name
:
k8s
containerPort
:
8080
-
name
:
varnishadm
containerPort
:
6081
volumeMounts
:
-
name
:
adm-secret
mountPath
:
"
/run/varnish"
readOnly
:
true
-
name
:
run-varnish-home
mountPath
:
"
/run/varnish-home"
-
name
:
run-offload
mountPath
:
"
/run/offload"
securityContext
:
readOnlyRootFilesystem
:
true
resources
:
{{
toYaml .Values.vikingService.varnish.resources | nindent 12
}}
-
name
:
haproxy
image
:
"
{{
.Values.vikingService.haproxy.image.repository
}}:{{
.Values.vikingService.haproxy.image.tag
}}"
imagePullPolicy
:
"
{{
.Values.vikingService.haproxy.image.pullPolicy
}}"
env
:
-
name
:
SECRET_DATAPLANEAPI
valueFrom
:
secretKeyRef
:
name
:
{{
template "viking-service.fullname" .
}}
-admin
key
:
dataplaneapi
livenessProbe
:
exec
:
command
:
-
/usr/bin/pgrep
-
-P
-
"
0"
-
haproxy
{{
- if .Values.vikingService.readinessProbe.enabled
}}
readinessProbe
:
httpGet
:
path
:
/healthz
port
:
k8s
{{
- end
}}
ports
:
-
name
:
https
containerPort
:
443
-
name
:
k8s
containerPort
:
8443
volumeMounts
:
-
name
:
tls-cert
mountPath
:
"
/etc/ssl/private"
readOnly
:
true
-
name
:
run-offload
mountPath
:
"
/run/offload"
-
name
:
run-haproxy
mountPath
:
"
/run/haproxy"
-
name
:
tmp
mountPath
:
"
/tmp"
securityContext
:
readOnlyRootFilesystem
:
true
resources
:
{{
toYaml .Values.vikingService.haproxy.resources | nindent 12
}}
hostNetwork
:
{{
.Values.vikingService.hostNetwork
}}
{{
- if .Values.vikingService.nodeSelector
}}
nodeSelector
:
{{
toYaml .Values.vikingService.nodeSelector | nindent 8
}}
{{
- end
}}
{{
- if .Values.vikingService.tolerations
}}
tolerations
:
{{
toYaml .Values.vikingService.tolerations | nindent 8
}}
{{
- end
}}
{{
- if .Values.vikingService.affinity
}}
affinity
:
{{
toYaml .Values.vikingService.affinity | nindent 8
}}
{{
- end
}}
serviceAccountName
:
{{
template "viking-service.fullname" .
}}
terminationGracePeriodSeconds
:
{{
.Values.vikingService.terminationGracePeriodSeconds
}}
volumes
:
-
name
:
adm-secret
secret
:
secretName
:
{{
template "viking-service.admin-secret-name" .
}}
items
:
-
key
:
admin
path
:
_.secret
-
name
:
tls-cert
secret
:
secretName
:
{{
template "viking-service.tls-secret-name" .
}}
defaultMode
:
0440
-
name
:
run-varnish-home
emptyDir
:
medium
:
"
Memory"
-
name
:
run-offload
emptyDir
:
medium
:
"
Memory"
-
name
:
run-haproxy
emptyDir
:
medium
:
"
Memory"
-
name
:
tmp
emptyDir
:
medium
:
"
Memory"
charts/viking-service/templates/poddisruptionbudget.yaml
0 → 100644
View file @
04507d1c
{{
- if gt (.Values.vikingService.replicaCount | int) 1
}}
apiVersion
:
policy/v1beta1
kind
:
PodDisruptionBudget
metadata
:
labels
:
app.kubernetes.io/name
:
{{
template "viking-service.name" .
}}
helm.sh/chart
:
{{
template "viking-service.chart" .
}}
app.kubernetes.io/component
:
service
app.kubernetes.io/managed-by
:
{{
.Release.Service
}}
app.kubernetes.io/instance
:
{{
.Release.Name
}}
name
:
{{
template "viking-service.fullname" .
}}
spec
:
selector
:
matchLabels
:
app.kubernetes.io/name
:
{{
template "viking-service.name" .
}}
app.kubernetes.io/instance
:
{{
.Release.Name
}}
app.kubernetes.io/component
:
service
minAvailable
:
{{
.Values.vikingService.minAvailable
}}
{{
- end
}}
charts/viking-service/templates/service.yaml
0 → 100644
View file @
04507d1c
apiVersion
:
v1
kind
:
Service
metadata
:
annotations
:
{{
toYaml .Values.vikingService.service.annotations | nindent 4
}}
labels
:
{{
- if .Values.vikingService.service.labels
}}
{{
toYaml .Values.vikingService.service.labels | nindent 4
}}
{{
- end
}}
app.kubernetes.io/name
:
{{
template "viking-service.name" .
}}
helm.sh/chart
:
{{
template "viking-service.chart" .
}}
app.kubernetes.io/managed-by
:
{{
.Release.Service
}}
app.kubernetes.io/instance
:
{{
.Release.Name
}}
name
:
{{
template "viking-service.fullname" .
}}
spec
:
{{
- with .Values.vikingService.service.clusterIP
}}
clusterIP
:
{{
if eq "-" .
}}
"
"
{{
else
}}{{
. | quote
}}{{
end
}}
{{
- end
}}
{{
- if .Values.vikingService.service.externalIPs
}}
externalIPs
:
{{
toYaml .Values.vikingService.service.externalIPs | nindent 4
}}
{{
- end
}}
{{
- if .Values.vikingService.service.loadBalancerIP
}}
loadBalancerIP
:
"
{{
.Values.vikingService.service.loadBalancerIP
}}"
{{
- end
}}
{{
- if .Values.vikingService.service.loadBalancerSourceRanges
}}
loadBalancerSourceRanges
:
{{
toYaml .Values.vikingService.service.loadBalancerSourceRanges | nindent 4
}}
{{
- end
}}
{{
- if .Values.vikingService.service.externalTrafficPolicy
}}
externalTrafficPolicy
:
"
{{
.Values.vikingService.service.externalTrafficPolicy
}}"
{{
- end
}}
{{
- if .Values.vikingService.service.sessionAffinity
}}
sessionAffinity
:
"
{{
.Values.vikingService.service.sessionAffinity
}}"
{{
- end
}}
{{
- if .Values.vikingService.service.healthCheckNodePort
}}
healthCheckNodePort
:
{{
.Values.vikingService.service.healthCheckNodePort
}}
{{
- end
}}
ports
:
{{
- $setNodePorts
:
= (or (eq .Values.vikingService.service.type "NodePort") (eq .Values.vikingService.service.type "LoadBalancer"))
}}
{{
- if .Values.vikingService.service.enableHTTP
}}
-
name
:
http
port
:
{{
.Values.vikingService.service.ports.http
}}
protocol
:
TCP
targetPort
:
http
{{
- if (and $setNodePorts (not (empty .Values.vikingService.service.nodePorts.http)))
}}
nodePort
:
{{
.Values.vikingService.service.nodePorts.http
}}
{{
- end
}}
{{
- end
}}
{{
- if .Values.vikingService.service.enableHTTPS
}}
-
name
:
https
port
:
{{
.Values.vikingService.service.ports.https
}}
protocol
:
TCP
targetPort
:
https
{{
- if (and $setNodePorts (not (empty .Values.vikingService.service.nodePorts.https)))
}}
nodePort
:
{{
.Values.vikingService.service.nodePorts.https
}}
{{
- end
}}
{{
- end
}}
selector
:
app.kubernetes.io/name
:
{{
template "viking-service.name" .
}}
app.kubernetes.io/component
:
service
app.kubernetes.io/instance
:
{{
.Release.Name
}}
{{
- if .Values.vikingService.podLabels
}}
{{
toYaml .Values.vikingService.podLabels | nindent 4
}}
{{
- end
}}
type
:
"
{{
.Values.vikingService.service.type
}}"
charts/viking-service/templates/serviceaccount.yaml
0 → 100644
View file @
04507d1c
apiVersion
:
v1
kind
:
ServiceAccount
metadata
:
labels
:
app.kubernetes.io/name
:
{{
template "viking-service.name" .
}}
helm.sh/chart
:
{{
template "viking-service.chart" .
}}
app.kubernetes.io/managed-by
:
{{
.Release.Service
}}
app.kubernetes.io/instance
:
{{
.Release.Name
}}
name
:
{{
template "viking-service.fullname" .
}}
charts/viking-service/templates/tls-cert-secret.yaml
0 → 100644
View file @
04507d1c
apiVersion
:
v1
kind
:
Secret
metadata
:
name
:
{{
template "viking-service.tls-secret-name" .
}}
labels
:
app.kubernetes.io/name
:
{{
template "viking-service.name" .
}}
helm.sh/chart
:
{{
template "viking-service.chart" .
}}
app.kubernetes.io/managed-by
:
{{
.Release.Service
}}
app.kubernetes.io/instance
:
{{
.Release.Name
}}
viking.uplex.de/secret
:
pem
type
:
Opaque
charts/viking-service/values.yaml
0 → 100644
View file @
04507d1c
vikingService
:
varnish
:
image
:
repository
:
registry.gitlab.com/uplex/varnish/k8s-ingress/varnish-ingress/varnish
tag
:
"
master"
pullPolicy
:
IfNotPresent
extraArgs
:
{}
extraEnvs
:
[]
resources
:
{}
haproxy
:
image
:
repository
:
registry.gitlab.com/uplex/varnish/k8s-ingress/varnish-ingress/haproxy
tag
:
"
master"
pullPolicy
:
IfNotPresent
extraArgs
:
{}
extraEnvs
:
[]
resources
:
{}
secrets
:
admin
:
"
21d0ac6c-83d5-11ea-8acc-1ff3820da75e"
dataplaneapi
:
"
e24bb312-cb21-46d6-aaec-8ae676f06fea"
readinessProbe
:
enabled
:
false
# Optionally customize the pod dnsConfig.
dnsConfig
:
{}
dnsPolicy
:
ClusterFirst
hostNetwork
:
false
## Name of the ingress class to route through this controller
##
ingressClass
:
viking
# labels to add to the pod container metadata
podLabels
:
{}
# key: value
## Security Context policies for controller pods
## See https://kubernetes.io/docs/tasks/administer-cluster/sysctl-cluster/ for
## notes on enabling and using sysctls
##
podSecurityContext
:
# ID 998 is group varnish in the varnish and haproxy containers.
# The varnish and haproxy users belong to this group.
fsGroup
:
998
## Annotations to be added to the controller deployment
##
annotations
:
{}
# The update strategy to apply to the Deployment or DaemonSet
##
updateStrategy
:
{}
# rollingUpdate:
# maxUnavailable: 1
# type: RollingUpdate
# minReadySeconds to avoid killing pods before we are ready
##
minReadySeconds
:
0
## Node tolerations for server scheduling to nodes with taints
## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/
##
tolerations
:
[]
# - key: "key"
# operator: "Equal|Exists"
# value: "value"
# effect: "NoSchedule|PreferNoSchedule|NoExecute(1.6 only)"
## Affinity and anti-affinity
## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity
##
affinity
:
{}
# # An example of preferred pod anti-affinity, weight is in the range 1-100
# podAntiAffinity:
# preferredDuringSchedulingIgnoredDuringExecution:
# - weight: 100
# podAffinityTerm:
# labelSelector:
# matchExpressions:
# - key: app
# operator: In
# values:
# - nginx-ingress
# topologyKey: kubernetes.io/hostname
# # An example of required pod anti-affinity
# podAntiAffinity:
# requiredDuringSchedulingIgnoredDuringExecution:
# - labelSelector:
# matchExpressions:
# - key: app
# operator: In
# values:
# - nginx-ingress
# topologyKey: "kubernetes.io/hostname"
## terminationGracePeriodSeconds
##
terminationGracePeriodSeconds
:
60
## Node labels for controller pod assignment
## Ref: https://kubernetes.io/docs/user-guide/node-selection/
##
nodeSelector
:
{}
## Annotations to be added to controller pods
##
podAnnotations
:
{}
replicaCount
:
2
minAvailable
:
1
service
:
annotations
:
{}
labels
:
{}
# If left unset or set to"-" a headless service will be defined.
clusterIP
:
"
"
## List of IP addresses at which the controller services are available
## Ref: https://kubernetes.io/docs/user-guide/services/#external-ips
##
externalIPs
:
[]
loadBalancerIP
:
"
"
loadBalancerSourceRanges
:
[]
enableHTTP
:
true
enableHTTPS
:
true
## Set external traffic policy to: "Local" to preserve source IP on
## providers supporting it
## Ref: https://kubernetes.io/docs/tutorials/services/source-ip/#source-ip-for-services-with-typeloadbalancer
externalTrafficPolicy
:
"
"
# Must be either "None" or "ClientIP" if set. Kubernetes will default to "None".
# Ref: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies
sessionAffinity
:
"
"
healthCheckNodePort
:
0
ports
:
http
:
80
https
:
443
type
:
ClusterIP
# type: NodePort
nodePorts
:
http
:
"
"
https
:
"
"
## Rollback limit
##
revisionHistoryLimit
:
10
serviceAccount
:
create
:
true
# Set name of service account.
# name:
## Optional array of imagePullSecrets containing private registry credentials
## Ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
imagePullSecrets
:
[]
# - name: secretName
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment