Commit new Chart releases for TrueCharts
Signed-off-by: TrueCharts-Bot <bot@truecharts.org>
This commit is contained in:
0
enterprise/grafana/6.0.23/CHANGELOG.md
Normal file
0
enterprise/grafana/6.0.23/CHANGELOG.md
Normal file
32
enterprise/grafana/6.0.23/Chart.yaml
Normal file
32
enterprise/grafana/6.0.23/Chart.yaml
Normal file
@@ -0,0 +1,32 @@
|
||||
apiVersion: v2
|
||||
appVersion: "9.3.2"
|
||||
dependencies:
|
||||
- name: common
|
||||
repository: https://library-charts.truecharts.org
|
||||
version: 11.1.2
|
||||
deprecated: false
|
||||
description: Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, Elasticsearch, OpenTSDB, Prometheus and InfluxDB.
|
||||
home: https://truecharts.org/charts/stable/grafana
|
||||
icon: https://truecharts.org/img/hotlink-ok/chart-icons/grafana.png
|
||||
keywords:
|
||||
- analytics
|
||||
- monitoring
|
||||
- metrics
|
||||
- logs
|
||||
kubeVersion: ">=1.16.0-0"
|
||||
maintainers:
|
||||
- email: info@truecharts.org
|
||||
name: TrueCharts
|
||||
url: https://truecharts.org
|
||||
name: grafana
|
||||
sources:
|
||||
- https://github.com/truecharts/charts/tree/master/charts/stable/grafana
|
||||
- https://github.com/bitnami/bitnami-docker-grafana
|
||||
- https://grafana.com/
|
||||
type: application
|
||||
version: 6.0.23
|
||||
annotations:
|
||||
truecharts.org/catagories: |
|
||||
- metrics
|
||||
truecharts.org/SCALE-support: "true"
|
||||
truecharts.org/grade: U
|
||||
27
enterprise/grafana/6.0.23/README.md
Normal file
27
enterprise/grafana/6.0.23/README.md
Normal file
@@ -0,0 +1,27 @@
|
||||
# README
|
||||
|
||||
## General Info
|
||||
|
||||
TrueCharts can be installed as both *normal* Helm Charts or as Apps on TrueNAS SCALE.
|
||||
However only installations using the TrueNAS SCALE Apps system are supported.
|
||||
|
||||
For more information about this App, please check the docs on the TrueCharts [website](https://truecharts.org/charts/stable/)
|
||||
|
||||
**This chart is not maintained by the upstream project and any issues with the chart should be raised [here](https://github.com/truecharts/charts/issues/new/choose)**
|
||||
|
||||
|
||||
## Support
|
||||
|
||||
- Please check our [quick-start guides for TrueNAS SCALE](https://truecharts.org/manual/SCALE%20Apps/Important-MUST-READ).
|
||||
- See the [Website](https://truecharts.org)
|
||||
- Check our [Discord](https://discord.gg/tVsPTHWTtr)
|
||||
- Open a [issue](https://github.com/truecharts/charts/issues/new/choose)
|
||||
|
||||
---
|
||||
|
||||
## Sponsor TrueCharts
|
||||
|
||||
TrueCharts can only exist due to the incredible effort of our staff.
|
||||
Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
|
||||
|
||||
*All Rights Reserved - The TrueCharts Project*
|
||||
0
enterprise/grafana/6.0.23/app-changelog.md
Normal file
0
enterprise/grafana/6.0.23/app-changelog.md
Normal file
8
enterprise/grafana/6.0.23/app-readme.md
Normal file
8
enterprise/grafana/6.0.23/app-readme.md
Normal file
@@ -0,0 +1,8 @@
|
||||
Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, Elasticsearch, OpenTSDB, Prometheus and InfluxDB.
|
||||
|
||||
This App is supplied by TrueCharts, for more information visit the manual: [https://truecharts.org/charts/enterprise/grafana](https://truecharts.org/charts/enterprise/grafana)
|
||||
|
||||
---
|
||||
|
||||
TrueCharts can only exist due to the incredible effort of our staff.
|
||||
Please consider making a [donation](https://truecharts.org/about/sponsor) or contributing back to the project any way you can!
|
||||
BIN
enterprise/grafana/6.0.23/charts/common-11.1.2.tgz
Normal file
BIN
enterprise/grafana/6.0.23/charts/common-11.1.2.tgz
Normal file
Binary file not shown.
79
enterprise/grafana/6.0.23/ix_values.yaml
Normal file
79
enterprise/grafana/6.0.23/ix_values.yaml
Normal file
@@ -0,0 +1,79 @@
|
||||
image:
|
||||
repository: tccr.io/truecharts/grafana
|
||||
pullPolicy: IfNotPresent
|
||||
tag: 9.3.2@sha256:21b9ef183533b4f4bec2f2b13b0e648086d8896aa3d2423fb99607965c713053
|
||||
|
||||
securityContext:
|
||||
readOnlyRootFilesystem: false
|
||||
|
||||
service:
|
||||
main:
|
||||
ports:
|
||||
main:
|
||||
protocol: HTTP
|
||||
targetPort: 3000
|
||||
port: 10038
|
||||
|
||||
probes:
|
||||
liveness:
|
||||
path: "/api/health"
|
||||
|
||||
readiness:
|
||||
path: "/api/health"
|
||||
|
||||
startup:
|
||||
path: "/api/health"
|
||||
|
||||
secretEnv:
|
||||
GF_SECURITY_ADMIN_USER: "admin"
|
||||
GF_SECURITY_ADMIN_PASSWORD: "testpassword"
|
||||
|
||||
env:
|
||||
GF_INSTALL_PLUGINS: ""
|
||||
GF_PATHS_PLUGINS: "/opt/bitnami/grafana/data/plugins"
|
||||
GF_AUTH_LDAP_ENABLED: "false"
|
||||
GF_AUTH_LDAP_CONFIG_FILE: "/opt/bitnami/grafana/conf/ldap.toml"
|
||||
GF_AUTH_LDAP_ALLOW_SIGN_UP: "false"
|
||||
GF_PATHS_PROVISIONING: "/opt/bitnami/grafana/conf/provisioning"
|
||||
GF_PATHS_CONFIG: "/opt/bitnami/grafana/conf/grafana.ini"
|
||||
GF_PATHS_DATA: "/opt/bitnami/grafana/data"
|
||||
GF_PATHS_LOGS: "/opt/bitnami/grafana/logs"
|
||||
|
||||
persistence:
|
||||
config:
|
||||
enabled: true
|
||||
mountPath: "/opt/bitnami/grafana/data"
|
||||
grafana-tmp:
|
||||
enabled: true
|
||||
type: emptyDir
|
||||
mountPath: /opt/bitnami/grafana/tmp
|
||||
|
||||
metrics:
|
||||
# -- Enable and configure a Prometheus serviceMonitor for the chart under this key.
|
||||
# @default -- See values.yaml
|
||||
enabled: false
|
||||
serviceMonitor:
|
||||
interval: 1m
|
||||
scrapeTimeout: 30s
|
||||
labels: {}
|
||||
# -- Enable and configure Prometheus Rules for the chart under this key.
|
||||
# @default -- See values.yaml
|
||||
prometheusRule:
|
||||
enabled: false
|
||||
labels: {}
|
||||
# -- Configure additionial rules for the chart under this key.
|
||||
# @default -- See prometheusrules.yaml
|
||||
rules:
|
||||
[]
|
||||
# - alert: UnifiPollerAbsent
|
||||
# annotations:
|
||||
# description: Unifi Poller has disappeared from Prometheus service discovery.
|
||||
# summary: Unifi Poller is down.
|
||||
# expr: |
|
||||
# absent(up{job=~".*unifi-poller.*"} == 1)
|
||||
# for: 5m
|
||||
# labels:
|
||||
# severity: critical
|
||||
|
||||
portal:
|
||||
enabled: true
|
||||
1926
enterprise/grafana/6.0.23/questions.yaml
Normal file
1926
enterprise/grafana/6.0.23/questions.yaml
Normal file
File diff suppressed because it is too large
Load Diff
1
enterprise/grafana/6.0.23/templates/common.yaml
Normal file
1
enterprise/grafana/6.0.23/templates/common.yaml
Normal file
@@ -0,0 +1 @@
|
||||
{{ include "tc.common.loader.all" . }}
|
||||
18
enterprise/grafana/6.0.23/templates/prometheusrules.yaml
Normal file
18
enterprise/grafana/6.0.23/templates/prometheusrules.yaml
Normal file
@@ -0,0 +1,18 @@
|
||||
{{- if and .Values.metrics.enabled .Values.metrics.prometheusRule.enabled }}
|
||||
apiVersion: monitoring.coreos.com/v1
|
||||
kind: PrometheusRule
|
||||
metadata:
|
||||
name: {{ include "tc.common.names.fullname" . }}
|
||||
labels:
|
||||
{{- include "tc.common.labels" . | nindent 4 }}
|
||||
{{- with .Values.metrics.prometheusRule.labels }}
|
||||
{{- toYaml . | nindent 4 }}
|
||||
{{- end }}
|
||||
spec:
|
||||
groups:
|
||||
- name: {{ include "tc.common.names.fullname" . }}
|
||||
rules:
|
||||
{{- with .Values.metrics.prometheusRule.rules }}
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
24
enterprise/grafana/6.0.23/templates/servicemonitor.yaml
Normal file
24
enterprise/grafana/6.0.23/templates/servicemonitor.yaml
Normal file
@@ -0,0 +1,24 @@
|
||||
{{- if .Values.metrics.enabled }}
|
||||
apiVersion: monitoring.coreos.com/v1
|
||||
kind: ServiceMonitor
|
||||
metadata:
|
||||
name: {{ include "tc.common.names.fullname" . }}
|
||||
labels:
|
||||
{{- include "tc.common.labels" . | nindent 4 }}
|
||||
{{- with .Values.metrics.serviceMonitor.labels }}
|
||||
{{- toYaml . | nindent 4 }}
|
||||
{{- end }}
|
||||
spec:
|
||||
selector:
|
||||
matchLabels:
|
||||
{{- include "tc.common.labels.selectorLabels" . | nindent 6 }}
|
||||
endpoints:
|
||||
- port: main
|
||||
{{- with .Values.metrics.serviceMonitor.interval }}
|
||||
interval: {{ . }}
|
||||
{{- end }}
|
||||
{{- with .Values.metrics.serviceMonitor.scrapeTimeout }}
|
||||
scrapeTimeout: {{ . }}
|
||||
{{- end }}
|
||||
path: /metrics
|
||||
{{- end }}
|
||||
0
enterprise/grafana/6.0.23/values.yaml
Normal file
0
enterprise/grafana/6.0.23/values.yaml
Normal file
4
enterprise/grafana/item.yaml
Normal file
4
enterprise/grafana/item.yaml
Normal file
@@ -0,0 +1,4 @@
|
||||
icon_url: https://truecharts.org/img/hotlink-ok/chart-icons/grafana.png
|
||||
categories:
|
||||
- metrics
|
||||
|
||||
0
enterprise/prometheus/7.0.42/CHANGELOG.md
Normal file
0
enterprise/prometheus/7.0.42/CHANGELOG.md
Normal file
37
enterprise/prometheus/7.0.42/Chart.yaml
Normal file
37
enterprise/prometheus/7.0.42/Chart.yaml
Normal file
@@ -0,0 +1,37 @@
|
||||
apiVersion: v2
|
||||
appVersion: "2.41.0"
|
||||
dependencies:
|
||||
- name: common
|
||||
repository: https://library-charts.truecharts.org
|
||||
version: 11.1.2
|
||||
- condition: exporters.enabled,exporters.node-exporter.enabled
|
||||
name: node-exporter
|
||||
repository: https://charts.bitnami.com/bitnami
|
||||
version: 3.2.6
|
||||
- condition: exporters.enabled,exporters.kube-state-metrics.enabled
|
||||
name: kube-state-metrics
|
||||
repository: https://charts.bitnami.com/bitnami
|
||||
version: 3.2.7
|
||||
deprecated: false
|
||||
description: kube-prometheus-stack collects Kubernetes manifests, Grafana dashboards, and Prometheus rules combined with documentation and scripts to provide easy to operate end-to-end Kubernetes cluster monitoring with Prometheus using the Prometheus Operator.
|
||||
icon: https://truecharts.org/img/hotlink-ok/chart-icons/prometheus.png
|
||||
home: https://truecharts.org/charts/stable/prometheus
|
||||
keywords:
|
||||
- metrics
|
||||
kubeVersion: ">=1.16.0-0"
|
||||
maintainers:
|
||||
- email: info@truecharts.org
|
||||
name: TrueCharts
|
||||
url: https://truecharts.org
|
||||
name: prometheus
|
||||
sources:
|
||||
- https://github.com/truecharts/charts/tree/master/charts/stable/prometheus
|
||||
- https://github.com/prometheus-community/helm-charts
|
||||
- https://github.com/prometheus-operator/kube-prometheus
|
||||
type: application
|
||||
version: 7.0.42
|
||||
annotations:
|
||||
truecharts.org/catagories: |
|
||||
- metrics
|
||||
truecharts.org/SCALE-support: "true"
|
||||
truecharts.org/grade: U
|
||||
27
enterprise/prometheus/7.0.42/README.md
Normal file
27
enterprise/prometheus/7.0.42/README.md
Normal file
@@ -0,0 +1,27 @@
|
||||
# README
|
||||
|
||||
## General Info
|
||||
|
||||
TrueCharts can be installed as both *normal* Helm Charts or as Apps on TrueNAS SCALE.
|
||||
However only installations using the TrueNAS SCALE Apps system are supported.
|
||||
|
||||
For more information about this App, please check the docs on the TrueCharts [website](https://truecharts.org/charts/stable/)
|
||||
|
||||
**This chart is not maintained by the upstream project and any issues with the chart should be raised [here](https://github.com/truecharts/charts/issues/new/choose)**
|
||||
|
||||
|
||||
## Support
|
||||
|
||||
- Please check our [quick-start guides for TrueNAS SCALE](https://truecharts.org/manual/SCALE%20Apps/Important-MUST-READ).
|
||||
- See the [Website](https://truecharts.org)
|
||||
- Check our [Discord](https://discord.gg/tVsPTHWTtr)
|
||||
- Open a [issue](https://github.com/truecharts/charts/issues/new/choose)
|
||||
|
||||
---
|
||||
|
||||
## Sponsor TrueCharts
|
||||
|
||||
TrueCharts can only exist due to the incredible effort of our staff.
|
||||
Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
|
||||
|
||||
*All Rights Reserved - The TrueCharts Project*
|
||||
0
enterprise/prometheus/7.0.42/app-changelog.md
Normal file
0
enterprise/prometheus/7.0.42/app-changelog.md
Normal file
8
enterprise/prometheus/7.0.42/app-readme.md
Normal file
8
enterprise/prometheus/7.0.42/app-readme.md
Normal file
@@ -0,0 +1,8 @@
|
||||
kube-prometheus-stack collects Kubernetes manifests, Grafana dashboards, and Prometheus rules combined with documentation and scripts to provide easy to operate end-to-end Kubernetes cluster monitoring with Prometheus using the Prometheus Operator.
|
||||
|
||||
This App is supplied by TrueCharts, for more information visit the manual: [https://truecharts.org/charts/enterprise/prometheus](https://truecharts.org/charts/enterprise/prometheus)
|
||||
|
||||
---
|
||||
|
||||
TrueCharts can only exist due to the incredible effort of our staff.
|
||||
Please consider making a [donation](https://truecharts.org/about/sponsor) or contributing back to the project any way you can!
|
||||
BIN
enterprise/prometheus/7.0.42/charts/common-11.1.2.tgz
Normal file
BIN
enterprise/prometheus/7.0.42/charts/common-11.1.2.tgz
Normal file
Binary file not shown.
BIN
enterprise/prometheus/7.0.42/charts/kube-state-metrics-3.2.7.tgz
Normal file
BIN
enterprise/prometheus/7.0.42/charts/kube-state-metrics-3.2.7.tgz
Normal file
Binary file not shown.
BIN
enterprise/prometheus/7.0.42/charts/node-exporter-3.2.6.tgz
Normal file
BIN
enterprise/prometheus/7.0.42/charts/node-exporter-3.2.6.tgz
Normal file
Binary file not shown.
1364
enterprise/prometheus/7.0.42/ix_values.yaml
Normal file
1364
enterprise/prometheus/7.0.42/ix_values.yaml
Normal file
File diff suppressed because it is too large
Load Diff
1247
enterprise/prometheus/7.0.42/questions.yaml
Normal file
1247
enterprise/prometheus/7.0.42/questions.yaml
Normal file
File diff suppressed because it is too large
Load Diff
198
enterprise/prometheus/7.0.42/templates/_helpers.tpl
Normal file
198
enterprise/prometheus/7.0.42/templates/_helpers.tpl
Normal file
@@ -0,0 +1,198 @@
|
||||
{{/* Name suffixed with operator */}}
|
||||
{{- define "kube-prometheus.fullname" -}}
|
||||
{{- printf "%s" (include "tc.common.names.fullname" . ) -}}
|
||||
{{- end }}
|
||||
|
||||
{{/* Name suffixed with operator */}}
|
||||
{{- define "kube-prometheus.name" -}}
|
||||
{{- printf "%s" (include "tc.common.names.fullname" . ) -}}
|
||||
{{- end }}
|
||||
|
||||
{{/* Name suffixed with operator */}}
|
||||
{{- define "kube-prometheus.operator.name" -}}
|
||||
{{- printf "%s-operator" (include "tc.common.names.fullname" . ) -}}
|
||||
{{- end }}
|
||||
|
||||
{{/* Name suffixed with prometheus */}}
|
||||
{{- define "kube-prometheus.prometheus.name" -}}
|
||||
{{- printf "%s-prometheus" (include "tc.common.names.fullname" . ) -}}
|
||||
{{- end }}
|
||||
|
||||
{{/* Name suffixed with alertmanager */}}
|
||||
{{- define "kube-prometheus.alertmanager.name" -}}
|
||||
{{- printf "%s-alertmanager" (include "tc.common.names.fullname" . ) -}}
|
||||
{{- end }}
|
||||
|
||||
{{/* Name suffixed with thanos */}}
|
||||
{{- define "kube-prometheus.thanos.name" -}}
|
||||
{{- printf "%s-thanos" (include "tc.common.names.fullname" . ) -}}
|
||||
{{- end }}
|
||||
|
||||
{{/* Fullname suffixed with operator */}}
|
||||
{{- define "kube-prometheus.operator.fullname" -}}
|
||||
{{- printf "%s-operator" (include "tc.common.names.fullname" . ) -}}
|
||||
{{- end }}
|
||||
|
||||
{{/* Fullname suffixed with prometheus */}}
|
||||
{{- define "kube-prometheus.prometheus.fullname" -}}
|
||||
{{- printf "%s-prometheus" (include "tc.common.names.fullname" . ) -}}
|
||||
{{- end }}
|
||||
|
||||
{{/* Fullname suffixed with alertmanager */}}
|
||||
{{- define "kube-prometheus.alertmanager.fullname" -}}
|
||||
{{- printf "%s-alertmanager" (include "tc.common.names.fullname" . ) -}}
|
||||
{{- end }}
|
||||
|
||||
{{/* Fullname suffixed with thanos */}}
|
||||
{{- define "kube-prometheus.thanos.fullname" -}}
|
||||
{{- printf "%s-thanos" (include "kube-prometheus.prometheus.fullname" .) -}}
|
||||
{{- end }}
|
||||
|
||||
{{- define "kube-prometheus.chart" -}}
|
||||
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Common Labels
|
||||
*/}}
|
||||
{{- define "kube-prometheus.labels" -}}
|
||||
{{ include "tc.common.labels" . }}
|
||||
{{- if .Values.global.labels }}
|
||||
{{ toYaml .Values.global.labels }}
|
||||
{{- end }}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Labels for operator
|
||||
*/}}
|
||||
{{- define "kube-prometheus.operator.labels" -}}
|
||||
{{ include "tc.common.labels" . }}
|
||||
app.kubernetes.io/component: operator
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Labels for prometheus
|
||||
*/}}
|
||||
{{- define "kube-prometheus.prometheus.labels" -}}
|
||||
{{ include "tc.common.labels" . }}
|
||||
app.kubernetes.io/component: prometheus
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Labels for alertmanager
|
||||
*/}}
|
||||
{{- define "kube-prometheus.alertmanager.labels" -}}
|
||||
{{ include "tc.common.labels" . }}
|
||||
app.kubernetes.io/component: alertmanager
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
matchLabels for operator
|
||||
*/}}
|
||||
{{- define "kube-prometheus.operator.matchLabels" -}}
|
||||
{{ include "tc.common.labels.selectorLabels" . }}
|
||||
app.kubernetes.io/component: operator
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
matchLabels for prometheus
|
||||
*/}}
|
||||
{{- define "kube-prometheus.prometheus.matchLabels" -}}
|
||||
{{ include "tc.common.labels.selectorLabels" . }}
|
||||
app.kubernetes.io/component: prometheus
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
matchLabels for alertmanager
|
||||
*/}}
|
||||
{{- define "kube-prometheus.alertmanager.matchLabels" -}}
|
||||
{{ include "tc.common.labels.selectorLabels" . }}
|
||||
app.kubernetes.io/component: alertmanager
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Return the proper Prometheus Operator image name
|
||||
*/}}
|
||||
{{- define "kube-prometheus.image" -}}
|
||||
{{ printf "%s:%s" .Values.image.repository (default .Chart.AppVersion .Values.image.tag) | quote }}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Return the proper Prometheus Operator Reloader image name
|
||||
*/}}
|
||||
{{- define "kube-prometheus.prometheusConfigReloader.image" -}}
|
||||
{{- include "kube-prometheus.image" . -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Return the proper Prometheus Image name
|
||||
*/}}
|
||||
{{- define "kube-prometheus.prometheus.image" -}}
|
||||
{{ printf "%s:%s" .Values.image.repository (default .Chart.AppVersion .Values.image.tag) | quote }}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Return the proper Thanos Image name
|
||||
*/}}
|
||||
{{- define "kube-prometheus.prometheus.thanosImage" -}}
|
||||
{{ printf "%s:%s" .Values.thanosImage.repository (default .Chart.AppVersion .Values.thanosImage.tag) | quote }}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Return the proper Alertmanager Image name
|
||||
*/}}
|
||||
{{- define "kube-prometheus.alertmanager.image" -}}
|
||||
{{ printf "%s:%s" .Values.alertmanagerImage.repository (default .Chart.AppVersion .Values.alertmanagerImage.tag) | quote }}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Return the proper Docker Image Registry Secret Names
|
||||
*/}}
|
||||
{{- define "kube-prometheus.imagePullSecrets" -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Create the name of the operator service account to use
|
||||
*/}}
|
||||
{{- define "kube-prometheus.operator.serviceAccountName" -}}
|
||||
{{- if .Values.operator.serviceAccount.create -}}
|
||||
{{ default (include "kube-prometheus.operator.fullname" .) .Values.operator.serviceAccount.name }}
|
||||
{{- else -}}
|
||||
{{ default "default" .Values.operator.serviceAccount.name }}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Create the name of the prometheus service account to use
|
||||
*/}}
|
||||
{{- define "kube-prometheus.prometheus.serviceAccountName" -}}
|
||||
{{- if .Values.prometheus.serviceAccount.create -}}
|
||||
{{ default (include "kube-prometheus.prometheus.fullname" .) .Values.prometheus.serviceAccount.name }}
|
||||
{{- else -}}
|
||||
{{ default "default" .Values.prometheus.serviceAccount.name }}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Create the name of the alertmanager service account to use
|
||||
*/}}
|
||||
{{- define "kube-prometheus.alertmanager.serviceAccountName" -}}
|
||||
{{- if .Values.alertmanager.serviceAccount.create -}}
|
||||
{{ default (include "kube-prometheus.alertmanager.fullname" .) .Values.alertmanager.serviceAccount.name }}
|
||||
{{- else -}}
|
||||
{{ default "default" .Values.alertmanager.serviceAccount.name }}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Compile all warnings into a single message, and call fail.
|
||||
*/}}
|
||||
{{- define "kube-prometheus.validateValues" -}}
|
||||
{{- $messages := list -}}
|
||||
{{- $messages := without $messages "" -}}
|
||||
{{- $message := join "\n" $messages -}}
|
||||
|
||||
{{- if $message -}}
|
||||
{{- printf "\nVALUES VALIDATION:\n%s" $message | fail -}}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
@@ -0,0 +1,183 @@
|
||||
{{- define "prometheus.alertmanager.alertmanager" -}}
|
||||
{{- if .Values.alertmanager.enabled }}
|
||||
---
|
||||
apiVersion: monitoring.coreos.com/v1
|
||||
kind: Alertmanager
|
||||
metadata:
|
||||
name: {{ template "kube-prometheus.alertmanager.fullname" . }}
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels: {{- include "kube-prometheus.alertmanager.labels" . | nindent 4 }}
|
||||
spec:
|
||||
replicas: {{ .Values.alertmanager.replicaCount }}
|
||||
serviceAccountName: {{ template "kube-prometheus.alertmanager.serviceAccountName" . }}
|
||||
{{- if .Values.alertmanager.image }}
|
||||
image: {{ template "kube-prometheus.alertmanager.image" . }}
|
||||
{{- end }}
|
||||
listenLocal: {{ .Values.alertmanager.listenLocal }}
|
||||
{{- if index .Values.alertmanager "externalUrl" }}
|
||||
externalUrl: "{{ .Values.alertmanager.externalUrl }}"
|
||||
{{- else if and .Values.ingress.alertmanager.enabled .Values.ingress.alertmanager.hosts }}
|
||||
externalUrl: {{ if .Values.ingress.alertmanager.tls }}https{{else}}http{{ end }}://{{ (index .Values.ingress.alertmanager.hosts 0).name }}{{ .Values.alertmanager.routePrefix }}
|
||||
{{- else }}
|
||||
externalUrl: http://{{ template "kube-prometheus.alertmanager.fullname" . }}.{{ .Release.Namespace }}:{{ .Values.service.alertmanager.ports.alertmanager.port }}{{ .Values.alertmanager.routePrefix }}
|
||||
{{- end }}
|
||||
portName: "{{ .Values.alertmanager.portName }}"
|
||||
paused: {{ .Values.alertmanager.paused }}
|
||||
logFormat: {{ .Values.alertmanager.logFormat }}
|
||||
logLevel: {{ .Values.alertmanager.logLevel }}
|
||||
retention: {{ .Values.alertmanager.retention }}
|
||||
{{- if .Values.alertmanager.secrets }}
|
||||
secrets: {{- include "tc.common.tplvalues.render" (dict "value" .Values.alertmanager.secrets "context" $) | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- if .Values.alertmanager.configMaps }}
|
||||
configMaps: {{- include "tc.common.tplvalues.render" (dict "value" .Values.alertmanager.configMaps "context" $) | nindent 4 }}
|
||||
{{- end }}
|
||||
resources: {{- toYaml .Values.alertmanager.resources | nindent 4 }}
|
||||
routePrefix: "{{ .Values.alertmanager.routePrefix }}"
|
||||
{{- if .Values.alertmanager.podSecurityContext.enabled }}
|
||||
securityContext: {{- omit .Values.alertmanager.podSecurityContext "enabled" | toYaml | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- if .Values.alertmanager.storageSpec }}
|
||||
storage: {{- include "tc.common.tplvalues.render" (dict "value" .Values.alertmanager.storageSpec "context" $) | nindent 4 }}
|
||||
{{- else }}
|
||||
{{- if .Values.alertmanager.persistence.enabled }}
|
||||
storage:
|
||||
volumeClaimTemplate:
|
||||
spec:
|
||||
accessModes:
|
||||
{{- range .Values.alertmanager.persistence.accessModes }}
|
||||
- {{ . | quote }}
|
||||
{{- end }}
|
||||
resources:
|
||||
requests:
|
||||
storage: {{ .Values.alertmanager.persistence.size | quote }}
|
||||
{{- include "tc.common.storage.storageClassName" (dict "persistence" .Values.alertmanager.persistence "global" $ ) | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- if or .Values.alertmanager.podMetadata.labels .Values.alertmanager.podMetadata.annotations (eq .Values.alertmanager.podAntiAffinityPreset "soft") (eq .Values.alertmanager.podAntiAffinityPreset "hard") }}
|
||||
podMetadata:
|
||||
labels:
|
||||
{{- if .Values.alertmanager.podMetadata.labels }}
|
||||
{{- include "tc.common.tplvalues.render" (dict "value" .Values.alertmanager.podMetadata.labels "context" $) | nindent 6 }}
|
||||
{{- end }}
|
||||
{{- if or (eq .Values.alertmanager.podAntiAffinityPreset "soft") (eq .Values.alertmanager.podAntiAffinityPreset "hard") }}
|
||||
{{- include "kube-prometheus.alertmanager.matchLabels" . | nindent 6 }}
|
||||
{{- end }}
|
||||
{{- if .Values.alertmanager.podMetadata.annotations }}
|
||||
annotations:
|
||||
{{- include "tc.common.tplvalues.render" (dict "value" .Values.alertmanager.podMetadata.annotations "context" $) | nindent 6 }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- if .Values.alertmanager.affinity }}
|
||||
affinity: {{- include "tc.common.tplvalues.render" (dict "value" .Values.alertmanager.affinity "context" $) | nindent 4 }}
|
||||
{{- else }}
|
||||
affinity:
|
||||
{{- if not (empty .Values.alertmanager.podAffinityPreset) }}
|
||||
podAffinity: {{- include "tc.common.affinities.pods" (dict "type" .Values.alertmanager.podAffinityPreset "component" "alertmanager" "context" $) | nindent 6 }}
|
||||
{{- end }}
|
||||
{{- if not (empty .Values.alertmanager.podAntiAffinityPreset) }}
|
||||
podAntiAffinity: {{- include "tc.common.affinities.pods" (dict "type" .Values.alertmanager.podAntiAffinityPreset "component" "alertmanager" "context" $) | nindent 6 }}
|
||||
{{- end }}
|
||||
{{- if not (empty .Values.alertmanager.nodeAffinityPreset.values) }}
|
||||
nodeAffinity: {{- include "tc.common.affinities.nodes" (dict "type" .Values.alertmanager.nodeAffinityPreset.type "key" .Values.alertmanager.nodeAffinityPreset.key "values" .Values.alertmanager.nodeAffinityPreset.values) | nindent 6 }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- if .Values.alertmanager.nodeSelector }}
|
||||
nodeSelector: {{- include "tc.common.tplvalues.render" (dict "value" .Values.alertmanager.nodeSelector "context" $) | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- if .Values.alertmanager.tolerations }}
|
||||
tolerations: {{- include "tc.common.tplvalues.render" (dict "value" .Values.alertmanager.tolerations "context" $) | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- if .Values.alertmanager.volumes }}
|
||||
volumes: {{- include "tc.common.tplvalues.render" (dict "value" .Values.alertmanager.volumes "context" $) | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- if .Values.alertmanager.volumeMounts }}
|
||||
volumeMounts: {{- include "tc.common.tplvalues.render" (dict "value" .Values.alertmanager.volumeMounts "context" $) | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- include "kube-prometheus.imagePullSecrets" . | indent 2 }}
|
||||
{{- if or .Values.alertmanager.containers .Values.alertmanager.containerSecurityContext.enabled .Values.operator.prometheusConfigReloader.containerSecurityContext.enabled }}
|
||||
containers:
|
||||
{{- if or .Values.alertmanager.containerSecurityContext.enabled .Values.alertmanager.livenessProbe.enabled .Values.alertmanager.readinessProbe.enabled }}
|
||||
## This monkey patching is needed until the securityContexts are
|
||||
## directly patchable via the CRD.
|
||||
## ref: https://github.com/prometheus-operator/prometheus-operator/issues/3947
|
||||
## currently implemented with strategic merge
|
||||
## ref: https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/user-guides/strategic-merge-patch.md
|
||||
- name: alertmanager
|
||||
{{- if .Values.alertmanager.containerSecurityContext.enabled }}
|
||||
securityContext: {{- omit .Values.alertmanager.containerSecurityContext "enabled" | toYaml | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- if .Values.alertmanager.livenessProbe.enabled }}
|
||||
livenessProbe:
|
||||
httpGet:
|
||||
path: {{ .Values.alertmanager.livenessProbe.path }}
|
||||
port: alertmanager
|
||||
scheme: HTTP
|
||||
initialDelaySeconds: {{ .Values.alertmanager.livenessProbe.initialDelaySeconds }}
|
||||
periodSeconds: {{ .Values.alertmanager.livenessProbe.periodSeconds }}
|
||||
timeoutSeconds: {{ .Values.alertmanager.livenessProbe.timeoutSeconds }}
|
||||
failureThreshold: {{ .Values.alertmanager.livenessProbe.failureThreshold }}
|
||||
successThreshold: {{ .Values.alertmanager.livenessProbe.successThreshold }}
|
||||
{{- end }}
|
||||
{{- if .Values.alertmanager.readinessProbe.enabled }}
|
||||
readinessProbe:
|
||||
httpGet:
|
||||
path: {{ .Values.alertmanager.readinessProbe.path }}
|
||||
port: alertmanager
|
||||
scheme: HTTP
|
||||
initialDelaySeconds: {{ .Values.alertmanager.readinessProbe.initialDelaySeconds }}
|
||||
periodSeconds: {{ .Values.alertmanager.readinessProbe.periodSeconds }}
|
||||
timeoutSeconds: {{ .Values.alertmanager.readinessProbe.timeoutSeconds }}
|
||||
failureThreshold: {{ .Values.alertmanager.readinessProbe.failureThreshold }}
|
||||
successThreshold: {{ .Values.alertmanager.readinessProbe.successThreshold }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- if or .Values.operator.prometheusConfigReloader.containerSecurityContext.enabled .Values.operator.prometheusConfigReloader.livenessProbe.enabled .Values.operator.prometheusConfigReloader.readinessProbe.enabled }}
|
||||
## This monkey patching is needed until the securityContexts are
|
||||
## directly patchable via the CRD.
|
||||
## ref: https://github.com/prometheus-operator/prometheus-operator/issues/3947
|
||||
## currently implemented with strategic merge
|
||||
## ref: https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/user-guides/strategic-merge-patch.md
|
||||
- name: config-reloader
|
||||
{{- if .Values.operator.prometheusConfigReloader.containerSecurityContext.enabled }}
|
||||
securityContext: {{- omit .Values.operator.prometheusConfigReloader.containerSecurityContext "enabled" | toYaml | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- if .Values.operator.prometheusConfigReloader.livenessProbe.enabled }}
|
||||
livenessProbe:
|
||||
tcpSocket:
|
||||
port: reloader-web
|
||||
initialDelaySeconds: {{ .Values.operator.prometheusConfigReloader.livenessProbe.initialDelaySeconds }}
|
||||
periodSeconds: {{ .Values.operator.prometheusConfigReloader.livenessProbe.periodSeconds }}
|
||||
timeoutSeconds: {{ .Values.operator.prometheusConfigReloader.livenessProbe.timeoutSeconds }}
|
||||
failureThreshold: {{ .Values.operator.prometheusConfigReloader.livenessProbe.failureThreshold }}
|
||||
successThreshold: {{ .Values.operator.prometheusConfigReloader.livenessProbe.successThreshold }}
|
||||
{{- end }}
|
||||
{{- if .Values.operator.prometheusConfigReloader.readinessProbe.enabled }}
|
||||
readinessProbe:
|
||||
tcpSocket:
|
||||
port: reloader-web
|
||||
initialDelaySeconds: {{ .Values.operator.prometheusConfigReloader.readinessProbe.initialDelaySeconds }}
|
||||
periodSeconds: {{ .Values.operator.prometheusConfigReloader.readinessProbe.periodSeconds }}
|
||||
timeoutSeconds: {{ .Values.operator.prometheusConfigReloader.readinessProbe.timeoutSeconds }}
|
||||
failureThreshold: {{ .Values.operator.prometheusConfigReloader.readinessProbe.failureThreshold }}
|
||||
successThreshold: {{ .Values.operator.prometheusConfigReloader.readinessProbe.successThreshold }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- if .Values.alertmanager.containers }}
|
||||
{{- include "tc.common.tplvalues.render" (dict "value" .Values.alertmanager.containers "context" $) | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- if .Values.alertmanager.priorityClassName }}
|
||||
priorityClassName: {{ .Values.alertmanager.priorityClassName }}
|
||||
{{- end }}
|
||||
{{- if .Values.alertmanager.additionalPeers }}
|
||||
additionalPeers: {{ .Values.alertmanager.additionalPeers }}
|
||||
{{- end }}
|
||||
{{- if .Values.alertmanager.configNamespaceSelector }}
|
||||
alertmanagerConfigNamespaceSelector: {{- include "tc.common.tplvalues.render" (dict "value" .Values.alertmanager.configNamespaceSelector "context" $) | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- if .Values.alertmanager.configSelector }}
|
||||
alertmanagerConfigSelector: {{- include "tc.common.tplvalues.render" (dict "value" .Values.alertmanager.configSelector "context" $) | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
@@ -0,0 +1,13 @@
|
||||
{{- if (and .Values.alertmanager.enabled (not .Values.alertmanager.externalConfig) ) }}
|
||||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: alertmanager-{{ template "kube-prometheus.alertmanager.fullname" . }}
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels: {{- include "kube-prometheus.alertmanager.labels" . | nindent 4 }}
|
||||
data:
|
||||
alertmanager.yaml: {{ toYaml .Values.alertmanager.config | b64enc | quote }}
|
||||
{{- range $key, $val := .Values.alertmanager.templateFiles }}
|
||||
{{ $key }}: {{ $val | b64enc | quote }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
@@ -0,0 +1,12 @@
|
||||
{{- if and .Values.alertmanager.enabled .Values.alertmanager.serviceAccount.create }}
|
||||
apiVersion: v1
|
||||
kind: ServiceAccount
|
||||
metadata:
|
||||
name: {{ template "kube-prometheus.alertmanager.serviceAccountName" . }}
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels: {{- include "kube-prometheus.alertmanager.labels" . | nindent 4 }}
|
||||
{{- if index .Values.alertmanager.serviceAccount "annotations" }}
|
||||
annotations: {{- include "tc.common.tplvalues.render" (dict "value" .Values.alertmanager.serviceAccount.annotations "context" $) | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- include "kube-prometheus.imagePullSecrets" . }}
|
||||
{{- end }}
|
||||
@@ -0,0 +1,26 @@
|
||||
{{- if and .Values.alertmanager.enabled .Values.alertmanager.serviceMonitor.enabled }}
|
||||
apiVersion: monitoring.coreos.com/v1
|
||||
kind: ServiceMonitor
|
||||
metadata:
|
||||
name: {{ template "kube-prometheus.alertmanager.fullname" . }}
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels: {{- include "kube-prometheus.alertmanager.labels" . | nindent 4 }}
|
||||
spec:
|
||||
selector:
|
||||
matchLabels: {{- include "kube-prometheus.alertmanager.matchLabels" . | nindent 6 }}
|
||||
namespaceSelector:
|
||||
matchNames:
|
||||
- {{ .Release.Namespace }}
|
||||
endpoints:
|
||||
- port: http
|
||||
{{- if .Values.alertmanager.serviceMonitor.interval }}
|
||||
interval: {{ .Values.alertmanager.serviceMonitor.interval }}
|
||||
{{- end }}
|
||||
path: {{ trimSuffix "/" .Values.alertmanager.routePrefix }}/metrics
|
||||
{{- if .Values.alertmanager.serviceMonitor.metricRelabelings }}
|
||||
metricRelabelings: {{- include "tc.common.tplvalues.render" ( dict "value" .Values.alertmanager.serviceMonitor.metricRelabelings "context" $) | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- if .Values.alertmanager.serviceMonitor.relabelings }}
|
||||
relabelings: {{- toYaml .Values.alertmanager.serviceMonitor.relabelings | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
13
enterprise/prometheus/7.0.42/templates/common.yaml
Normal file
13
enterprise/prometheus/7.0.42/templates/common.yaml
Normal file
@@ -0,0 +1,13 @@
|
||||
{{/* Make sure all variables are set properly */}}
|
||||
{{- include "tc.common.loader.init" . }}
|
||||
|
||||
{{- include "prometheus.prometheus.prometheus" . }}
|
||||
{{- include "prometheus.prometheus.additionalprometheusrules" . }}
|
||||
{{- include "prometheus.prometheus.additionalscrapejobs" . }}
|
||||
{{- include "prometheus.prometheus.servicemonitor" . }}
|
||||
|
||||
{{- include "prometheus.alertmanager.alertmanager" . }}
|
||||
|
||||
|
||||
{{/* Render the templates */}}
|
||||
{{ include "tc.common.loader.apply" . }}
|
||||
@@ -0,0 +1,22 @@
|
||||
{{- if and .Values.coreDns.enabled .Values.coreDns.service.enabled }}
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: {{ template "kube-prometheus.fullname" . }}-coredns
|
||||
namespace: {{ .Values.coreDns.namespace }}
|
||||
labels: {{- include "kube-prometheus.labels" . | nindent 4 }}
|
||||
app.kubernetes.io/component: {{ template "kube-prometheus.fullname" . }}-coredns
|
||||
spec:
|
||||
clusterIP: None
|
||||
ports:
|
||||
- name: http-metrics
|
||||
port: {{ .Values.coreDns.service.port }}
|
||||
protocol: TCP
|
||||
targetPort: {{ .Values.coreDns.service.targetPort }}
|
||||
selector:
|
||||
{{- if .Values.coreDns.service.selector }}
|
||||
{{ toYaml .Values.coreDns.service.selector | indent 4 }}
|
||||
{{- else}}
|
||||
k8s-app: kube-dns
|
||||
{{- end}}
|
||||
{{- end }}
|
||||
@@ -0,0 +1,29 @@
|
||||
{{- if .Values.coreDns.enabled }}
|
||||
apiVersion: monitoring.coreos.com/v1
|
||||
kind: ServiceMonitor
|
||||
metadata:
|
||||
name: {{ template "kube-prometheus.fullname" . }}-coredns
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels: {{- include "kube-prometheus.labels" . | nindent 4 }}
|
||||
app.kubernetes.io/component: {{ template "kube-prometheus.fullname" . }}-coredns
|
||||
spec:
|
||||
jobLabel: k8s-app
|
||||
selector:
|
||||
matchLabels:
|
||||
app.kubernetes.io/component: {{ template "kube-prometheus.fullname" . }}-coredns
|
||||
namespaceSelector:
|
||||
matchNames:
|
||||
- {{ .Values.coreDns.namespace }}
|
||||
endpoints:
|
||||
- port: http-metrics
|
||||
{{- if .Values.coreDns.serviceMonitor.interval}}
|
||||
interval: {{ .Values.coreDns.serviceMonitor.interval }}
|
||||
{{- end }}
|
||||
bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token
|
||||
{{- if .Values.coreDns.serviceMonitor.metricRelabelings }}
|
||||
metricRelabelings: {{- include "tc.common.tplvalues.render" (dict "value" .Values.coreDns.serviceMonitor.metricRelabelings "context" $) | nindent 6 }}
|
||||
{{- end }}
|
||||
{{- if .Values.coreDns.serviceMonitor.relabelings }}
|
||||
relabelings: {{- include "tc.common.tplvalues.render" (dict "value" .Values.coreDns.serviceMonitor.relabelings "context" $) | nindent 6 }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
@@ -0,0 +1,35 @@
|
||||
{{- if .Values.kubeApiServer.enabled }}
|
||||
apiVersion: monitoring.coreos.com/v1
|
||||
kind: ServiceMonitor
|
||||
metadata:
|
||||
name: {{ template "kube-prometheus.fullname" . }}-apiserver
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels: {{- include "kube-prometheus.labels" . | nindent 4 }}
|
||||
app.kubernetes.io/component: apiserver
|
||||
spec:
|
||||
jobLabel: component
|
||||
selector:
|
||||
matchLabels:
|
||||
component: apiserver
|
||||
provider: kubernetes
|
||||
namespaceSelector:
|
||||
matchNames:
|
||||
- default
|
||||
endpoints:
|
||||
- port: https
|
||||
scheme: https
|
||||
tlsConfig:
|
||||
caFile: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt
|
||||
serverName: kubernetes
|
||||
insecureSkipVerify: true
|
||||
bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token
|
||||
{{- if .Values.kubeApiServer.serviceMonitor.interval }}
|
||||
interval: {{ .Values.kubeApiServer.serviceMonitor.interval }}
|
||||
{{- end }}
|
||||
{{- if .Values.kubeApiServer.serviceMonitor.metricRelabelings }}
|
||||
metricRelabelings: {{- include "tc.common.tplvalues.render" ( dict "value" .Values.kubeApiServer.serviceMonitor.metricRelabelings "context" $) | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- if .Values.kubeApiServer.serviceMonitor.relabelings }}
|
||||
relabelings: {{- toYaml .Values.kubeApiServer.serviceMonitor.relabelings | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
@@ -0,0 +1,18 @@
|
||||
{{- if and .Values.kubeControllerManager.enabled .Values.kubeControllerManager.endpoints }}
|
||||
apiVersion: v1
|
||||
kind: Endpoints
|
||||
metadata:
|
||||
name: {{ template "kube-prometheus.fullname" . }}-kube-controller-manager
|
||||
namespace: {{ .Values.kubeControllerManager.namespace }}
|
||||
labels: {{- include "kube-prometheus.labels" . | nindent 4 }}
|
||||
app.kubernetes.io/component: kube-controller-manager
|
||||
subsets:
|
||||
- addresses:
|
||||
{{- range .Values.kubeControllerManager.endpoints }}
|
||||
- ip: {{ . }}
|
||||
{{- end }}
|
||||
ports:
|
||||
- name: http-metrics
|
||||
port: {{ .Values.kubeControllerManager.service.port }}
|
||||
protocol: TCP
|
||||
{{- end }}
|
||||
@@ -0,0 +1,25 @@
|
||||
{{- if and .Values.kubeControllerManager.enabled .Values.kubeControllerManager.service.enabled }}
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: {{ template "kube-prometheus.fullname" . }}-kube-controller-manager
|
||||
namespace: {{ .Values.kubeControllerManager.namespace }}
|
||||
labels: {{- include "kube-prometheus.labels" . | nindent 4 }}
|
||||
app.kubernetes.io/component: {{ template "kube-prometheus.fullname" . }}-kube-controller-manager
|
||||
spec:
|
||||
clusterIP: None
|
||||
ports:
|
||||
- name: http-metrics
|
||||
port: {{ .Values.kubeControllerManager.service.port }}
|
||||
protocol: TCP
|
||||
targetPort: {{ .Values.kubeControllerManager.service.targetPort }}
|
||||
{{- if .Values.kubeControllerManager.endpoints }}{{- else }}
|
||||
selector:
|
||||
{{- if .Values.kubeControllerManager.service.selector }}
|
||||
{{ toYaml .Values.kubeControllerManager.service.selector | indent 4 }}
|
||||
{{- else}}
|
||||
component: kube-controller-manager
|
||||
{{- end}}
|
||||
{{- end }}
|
||||
type: ClusterIP
|
||||
{{- end }}
|
||||
@@ -0,0 +1,40 @@
|
||||
{{- if .Values.kubeControllerManager.enabled }}
|
||||
apiVersion: monitoring.coreos.com/v1
|
||||
kind: ServiceMonitor
|
||||
metadata:
|
||||
name: {{ template "kube-prometheus.fullname" . }}-kube-controller-manager
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels: {{- include "kube-prometheus.labels" . | nindent 4 }}
|
||||
app.kubernetes.io/component: {{ template "kube-prometheus.fullname" . }}-kube-controller-manager
|
||||
spec:
|
||||
jobLabel: component
|
||||
selector:
|
||||
matchLabels:
|
||||
app.kubernetes.io/component: {{ template "kube-prometheus.fullname" . }}-kube-controller-manager
|
||||
namespaceSelector:
|
||||
matchNames:
|
||||
- {{ .Values.kubeControllerManager.namespace }}
|
||||
endpoints:
|
||||
- port: http-metrics
|
||||
{{- if .Values.kubeControllerManager.serviceMonitor.interval }}
|
||||
interval: {{ .Values.kubeControllerManager.serviceMonitor.interval }}
|
||||
{{- end }}
|
||||
bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token
|
||||
{{- if .Values.kubeControllerManager.serviceMonitor.https }}
|
||||
scheme: https
|
||||
tlsConfig:
|
||||
caFile: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt
|
||||
{{- if .Values.kubeControllerManager.serviceMonitor.insecureSkipVerify }}
|
||||
insecureSkipVerify: {{ .Values.kubeControllerManager.serviceMonitor.insecureSkipVerify }}
|
||||
{{- end }}
|
||||
{{- if .Values.kubeControllerManager.serviceMonitor.serverName }}
|
||||
serverName: {{ .Values.kubeControllerManager.serviceMonitor.serverName }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- if .Values.kubeControllerManager.serviceMonitor.metricRelabelings }}
|
||||
metricRelabelings: {{- include "tc.common.tplvalues.render" (dict "value" .Values.kubeControllerManager.serviceMonitor.metricRelabelings "context" $) | nindent 6 }}
|
||||
{{- end }}
|
||||
{{- if .Values.kubeControllerManager.serviceMonitor.relabelings }}
|
||||
relabelings: {{- include "tc.common.tplvalues.render" (dict "value" .Values.kubeControllerManager.serviceMonitor.relabelings "context" $) | nindent 6 }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
@@ -0,0 +1,18 @@
|
||||
{{- if and .Values.kubeScheduler.enabled .Values.kubeScheduler.endpoints }}
|
||||
apiVersion: v1
|
||||
kind: Endpoints
|
||||
metadata:
|
||||
name: {{ template "kube-prometheus.fullname" . }}-kube-scheduler
|
||||
namespace: {{ .Values.kubeScheduler.namespace }}
|
||||
labels: {{- include "kube-prometheus.labels" . | nindent 4 }}
|
||||
app.kubernetes.io/component: kube-scheduler
|
||||
subsets:
|
||||
- addresses:
|
||||
{{- range .Values.kubeScheduler.endpoints }}
|
||||
- ip: {{ . }}
|
||||
{{- end }}
|
||||
ports:
|
||||
- name: http-metrics
|
||||
port: {{ .Values.kubeScheduler.service.port }}
|
||||
protocol: TCP
|
||||
{{- end }}
|
||||
@@ -0,0 +1,25 @@
|
||||
{{- if and .Values.kubeScheduler.enabled .Values.kubeScheduler.service.enabled }}
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: {{ template "kube-prometheus.fullname" . }}-kube-scheduler
|
||||
namespace: {{ .Values.kubeScheduler.namespace }}
|
||||
labels: {{- include "kube-prometheus.labels" . | nindent 4 }}
|
||||
app.kubernetes.io/component: {{ template "kube-prometheus.fullname" . }}-kube-scheduler
|
||||
spec:
|
||||
clusterIP: None
|
||||
ports:
|
||||
- name: http-metrics
|
||||
port: {{ .Values.kubeScheduler.service.port}}
|
||||
protocol: TCP
|
||||
targetPort: {{ .Values.kubeScheduler.service.targetPort}}
|
||||
{{- if .Values.kubeScheduler.endpoints }}{{- else }}
|
||||
selector:
|
||||
{{- if .Values.kubeScheduler.service.selector }}
|
||||
{{ toYaml .Values.kubeScheduler.service.selector | indent 4 }}
|
||||
{{- else}}
|
||||
component: kube-scheduler
|
||||
{{- end}}
|
||||
{{- end }}
|
||||
type: ClusterIP
|
||||
{{- end -}}
|
||||
@@ -0,0 +1,40 @@
|
||||
{{- if .Values.kubeScheduler.enabled }}
|
||||
apiVersion: monitoring.coreos.com/v1
|
||||
kind: ServiceMonitor
|
||||
metadata:
|
||||
name: {{ template "kube-prometheus.fullname" . }}-kube-scheduler
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels: {{- include "kube-prometheus.labels" . | nindent 4 }}
|
||||
app.kubernetes.io/component: {{ template "kube-prometheus.fullname" . }}-kube-scheduler
|
||||
spec:
|
||||
jobLabel: component
|
||||
selector:
|
||||
matchLabels:
|
||||
app.kubernetes.io/component: {{ template "kube-prometheus.fullname" . }}-kube-scheduler
|
||||
namespaceSelector:
|
||||
matchNames:
|
||||
- {{ .Values.kubeScheduler.namespace }}
|
||||
endpoints:
|
||||
- port: http-metrics
|
||||
{{- if .Values.kubeScheduler.serviceMonitor.interval }}
|
||||
interval: {{ .Values.kubeScheduler.serviceMonitor.interval }}
|
||||
{{- end }}
|
||||
bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token
|
||||
{{- if .Values.kubeScheduler.serviceMonitor.https }}
|
||||
scheme: https
|
||||
tlsConfig:
|
||||
caFile: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt
|
||||
{{- if .Values.kubeScheduler.serviceMonitor.insecureSkipVerify }}
|
||||
insecureSkipVerify: {{ .Values.kubeScheduler.serviceMonitor.insecureSkipVerify }}
|
||||
{{- end}}
|
||||
{{- if .Values.kubeScheduler.serviceMonitor.serverName }}
|
||||
serverName: {{ .Values.kubeScheduler.serviceMonitor.serverName }}
|
||||
{{- end}}
|
||||
{{- end}}
|
||||
{{- if .Values.kubeScheduler.serviceMonitor.metricRelabelings }}
|
||||
metricRelabelings: {{- include "tc.common.tplvalues.render" (dict "value" .Values.kubeScheduler.serviceMonitor.metricRelabelings "context" $) | nindent 6 }}
|
||||
{{- end }}
|
||||
{{- if .Values.kubeScheduler.serviceMonitor.relabelings }}
|
||||
metricRelabelings: {{- include "tc.common.tplvalues.render" (dict "value" .Values.kubeScheduler.serviceMonitor.relabelings "context" $) | nindent 6 }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
@@ -0,0 +1,85 @@
|
||||
{{- if .Values.kubelet.enabled }}
|
||||
apiVersion: monitoring.coreos.com/v1
|
||||
kind: ServiceMonitor
|
||||
metadata:
|
||||
name: {{ template "kube-prometheus.fullname" . }}-kubelet
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels: {{- include "kube-prometheus.labels" . | nindent 4 }}
|
||||
app.kubernetes.io/component: kubelet
|
||||
spec:
|
||||
jobLabel: k8s-app
|
||||
selector:
|
||||
matchLabels:
|
||||
k8s-app: kubelet
|
||||
namespaceSelector:
|
||||
matchNames:
|
||||
- {{ .Values.kubelet.namespace }}
|
||||
endpoints:
|
||||
{{- if .Values.kubelet.serviceMonitor.https }}
|
||||
- port: https-metrics
|
||||
scheme: https
|
||||
tlsConfig:
|
||||
caFile: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt
|
||||
serverName: kubernetes
|
||||
insecureSkipVerify: true
|
||||
bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token
|
||||
honorLabels: true
|
||||
{{- if .Values.kubelet.serviceMonitor.interval }}
|
||||
interval: {{ .Values.kubelet.serviceMonitor.interval }}
|
||||
{{- end }}
|
||||
{{- if .Values.kubelet.serviceMonitor.metricRelabelings }}
|
||||
metricRelabelings: {{- include "tc.common.tplvalues.render" ( dict "value" .Values.kubelet.serviceMonitor.metricRelabelings "context" $) | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- if .Values.kubelet.serviceMonitor.relabelings }}
|
||||
relabelings: {{- toYaml .Values.kubelet.serviceMonitor.relabelings | nindent 8 }}
|
||||
{{- end }}
|
||||
- port: https-metrics
|
||||
path: /metrics/cadvisor
|
||||
scheme: https
|
||||
tlsConfig:
|
||||
caFile: /var/run/secrets/kubernetes.io/serviceaccount/ca.crt
|
||||
serverName: kubernetes
|
||||
insecureSkipVerify: true
|
||||
bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token
|
||||
honorLabels: true
|
||||
{{- if .Values.kubelet.serviceMonitor.interval }}
|
||||
interval: {{ .Values.kubelet.serviceMonitor.interval }}
|
||||
{{- end }}
|
||||
{{- if .Values.kubelet.serviceMonitor.cAdvisorMetricRelabelings }}
|
||||
metricRelabelings: {{- include "tc.common.tplvalues.render" ( dict "value" .Values.kubelet.serviceMonitor.cAdvisorMetricRelabelings "context" $) | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- if .Values.kubelet.serviceMonitor.cAdvisorRelabelings }}
|
||||
relabelings: {{- toYaml .Values.kubelet.serviceMonitor.cAdvisorRelabelings | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- else }}
|
||||
- port: http-metrics
|
||||
scheme: http
|
||||
tlsConfig:
|
||||
insecureSkipVerify: false
|
||||
honorLabels: true
|
||||
{{- if .Values.kubelet.serviceMonitor.interval }}
|
||||
interval: {{ .Values.kubelet.serviceMonitor.interval }}
|
||||
{{- end }}
|
||||
{{- if .Values.kubelet.serviceMonitor.metricRelabelings }}
|
||||
metricRelabelings: {{- include "tc.common.tplvalues.render" ( dict "value" .Values.kubelet.serviceMonitor.metricRelabelings "context" $) | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- if .Values.kubelet.serviceMonitor.relabelings }}
|
||||
relabelings: {{- toYaml .Values.kubelet.serviceMonitor.relabelings | nindent 8 }}
|
||||
{{- end }}
|
||||
- port: http-metrics
|
||||
path: /metrics/cadvisor
|
||||
scheme: http
|
||||
tlsConfig:
|
||||
insecureSkipVerify: false
|
||||
honorLabels: true
|
||||
{{- if .Values.kubelet.serviceMonitor.interval }}
|
||||
interval: {{ .Values.kubelet.serviceMonitor.interval }}
|
||||
{{- end }}
|
||||
{{- if .Values.kubelet.serviceMonitor.cAdvisorMetricRelabelings }}
|
||||
metricRelabelings: {{- include "tc.common.tplvalues.render" ( dict "value" .Values.kubelet.serviceMonitor.cAdvisorMetricRelabelings "context" $) | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- if .Values.kubelet.serviceMonitor.cAdvisorRelabelings }}
|
||||
relabelings: {{- toYaml .Values.kubelet.serviceMonitor.cAdvisorRelabelings | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
@@ -0,0 +1,15 @@
|
||||
{{- define "prometheus.prometheus.additionalprometheusrules" -}}
|
||||
{{- if and .Values.prometheus.enabled .Values.prometheus.additionalPrometheusRules}}
|
||||
{{- range .Values.prometheus.additionalPrometheusRules }}
|
||||
---
|
||||
apiVersion: monitoring.coreos.com/v1
|
||||
kind: PrometheusRule
|
||||
metadata:
|
||||
name: {{ template "kube-prometheus.name" $ }}-{{ .name }}
|
||||
namespace: {{ $.Release.Namespace }}
|
||||
labels: {{ include "kube-prometheus.prometheus.labels" $ | nindent 4 }}
|
||||
spec:
|
||||
groups: {{- toYaml .groups | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
@@ -0,0 +1,13 @@
|
||||
{{- define "prometheus.prometheus.additionalscrapejobs" -}}
|
||||
{{- if (and .Values.prometheus.additionalScrapeConfigs.enabled (eq .Values.prometheus.additionalScrapeConfigs.type "internal") ) }}
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: additional-scrape-jobs-{{ template "kube-prometheus.prometheus.fullname" . }}
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels: {{- include "kube-prometheus.prometheus.labels" . | nindent 4 }}
|
||||
data:
|
||||
scrape-jobs.yaml: {{ include "tc.common.tplvalues.render" ( dict "value" .Values.prometheus.additionalScrapeConfigs.internal.jobList "context" $ ) | b64enc | quote }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
@@ -0,0 +1,361 @@
|
||||
{{- define "prometheus.prometheus.prometheus" -}}
|
||||
{{- if .Values.prometheus.enabled }}
|
||||
---
|
||||
apiVersion: monitoring.coreos.com/v1
|
||||
kind: Prometheus
|
||||
metadata:
|
||||
name: {{ template "kube-prometheus.prometheus.fullname" . }}
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels: {{- include "kube-prometheus.prometheus.labels" . | nindent 4 }}
|
||||
spec:
|
||||
replicas: {{ .Values.prometheus.replicaCount }}
|
||||
serviceAccountName: {{ template "kube-prometheus.prometheus.serviceAccountName" . }}
|
||||
{{- if .Values.prometheus.serviceMonitorSelector }}
|
||||
serviceMonitorSelector: {{- include "tc.common.tplvalues.render" (dict "value" .Values.prometheus.serviceMonitorSelector "context" $) | nindent 4 }}
|
||||
{{- else }}
|
||||
serviceMonitorSelector: {}
|
||||
{{- end }}
|
||||
{{- if .Values.prometheus.podMonitorSelector }}
|
||||
podMonitorSelector: {{- include "tc.common.tplvalues.render" (dict "value" .Values.prometheus.podMonitorSelector "context" $) | nindent 4 }}
|
||||
{{- else }}
|
||||
podMonitorSelector: {}
|
||||
{{- end }}
|
||||
{{- if .Values.prometheus.probeSelector }}
|
||||
probeSelector: {{- include "tc.common.tplvalues.render" (dict "value" .Values.prometheus.probeSelector "context" $) | nindent 4 }}
|
||||
{{- else }}
|
||||
probeSelector: {}
|
||||
{{- end }}
|
||||
alerting:
|
||||
alertmanagers:
|
||||
{{- if .Values.prometheus.alertingEndpoints }}
|
||||
{{- include "tc.common.tplvalues.render" (dict "value" .Values.prometheus.alertingEndpoints "context" $) | nindent 6 }}
|
||||
{{- else if .Values.alertmanager.enabled }}
|
||||
- namespace: {{ .Release.Namespace }}
|
||||
name: {{ template "kube-prometheus.alertmanager.fullname" . }}
|
||||
port: http
|
||||
pathPrefix: "{{ .Values.alertmanager.routePrefix }}"
|
||||
{{- else }}
|
||||
[]
|
||||
{{- end }}
|
||||
{{- if .Values.prometheus.image }}
|
||||
image: {{ template "kube-prometheus.prometheus.image" . }}
|
||||
{{- end }}
|
||||
{{- if .Values.prometheus.externalLabels }}
|
||||
externalLabels: {{- include "tc.common.tplvalues.render" (dict "value" .Values.prometheus.externalLabels "context" $) | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- if .Values.prometheus.prometheusExternalLabelNameClear }}
|
||||
prometheusExternalLabelName: ""
|
||||
{{- else if .Values.prometheus.prometheusExternalLabelName }}
|
||||
prometheusExternalLabelName: "{{ .Values.prometheus.prometheusExternalLabelName }}"
|
||||
{{- end }}
|
||||
{{- if .Values.prometheus.replicaExternalLabelNameClear }}
|
||||
replicaExternalLabelName: ""
|
||||
{{- else if .Values.prometheus.replicaExternalLabelName }}
|
||||
replicaExternalLabelName: "{{ .Values.prometheus.replicaExternalLabelName }}"
|
||||
{{- end }}
|
||||
{{- if index .Values.prometheus "externalUrl" }}
|
||||
externalUrl: "{{ .Values.prometheus.externalUrl }}"
|
||||
{{- else if and .Values.ingress.main.enabled .Values.ingress.main.hosts }}
|
||||
externalUrl: {{ if .Values.ingress.main.tls }}https{{else}}http{{ end }}://{{ (index .Values.ingress.main.hosts 0).name }}{{ .Values.prometheus.routePrefix }}
|
||||
{{- else }}
|
||||
externalUrl: http://{{ template "kube-prometheus.prometheus.fullname" . }}.{{ .Release.Namespace }}:9090{{ .Values.prometheus.routePrefix }}
|
||||
{{- end }}
|
||||
paused: {{ .Values.prometheus.paused }}
|
||||
logLevel: {{ .Values.prometheus.logLevel }}
|
||||
logFormat: {{ .Values.prometheus.logFormat }}
|
||||
listenLocal: {{ .Values.prometheus.listenLocal }}
|
||||
enableAdminAPI: {{ .Values.prometheus.enableAdminAPI }}
|
||||
{{- if .Values.prometheus.enableFeatures }}
|
||||
enableFeatures:
|
||||
{{- range .Values.prometheus.enableFeatures }}
|
||||
- {{ . | quote }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- if .Values.prometheus.scrapeInterval }}
|
||||
scrapeInterval: {{ .Values.prometheus.scrapeInterval }}
|
||||
{{- end }}
|
||||
{{- if .Values.prometheus.evaluationInterval }}
|
||||
evaluationInterval: {{ .Values.prometheus.evaluationInterval }}
|
||||
{{- end }}
|
||||
{{- if .Values.prometheus.resources }}
|
||||
resources: {{- toYaml .Values.prometheus.resources | nindent 4 }}
|
||||
{{- end }}
|
||||
retention: {{ .Values.prometheus.retention }}
|
||||
{{- if .Values.prometheus.retentionSize }}
|
||||
retentionSize: {{ .Values.prometheus.retentionSize }}
|
||||
{{- end }}
|
||||
{{- if .Values.prometheus.disableCompaction }}
|
||||
disableCompaction: {{ .Values.prometheus.disableCompaction }}
|
||||
{{- end }}
|
||||
{{- if .Values.prometheus.walCompression }}
|
||||
walCompression: {{ .Values.prometheus.walCompression }}
|
||||
{{- end }}
|
||||
portName: "{{ .Values.prometheus.portName }}"
|
||||
routePrefix: "{{ .Values.prometheus.routePrefix }}"
|
||||
{{- if .Values.prometheus.secrets }}
|
||||
secrets: {{- include "tc.common.tplvalues.render" (dict "value" .Values.prometheus.secrets "context" $) | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- if .Values.prometheus.configMaps }}
|
||||
configMaps: {{- include "tc.common.tplvalues.render" (dict "value" .Values.prometheus.configMaps "context" $) | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- if .Values.prometheus.serviceMonitorNamespaceSelector }}
|
||||
serviceMonitorNamespaceSelector: {{- include "tc.common.tplvalues.render" (dict "value" .Values.prometheus.serviceMonitorNamespaceSelector "context" $) | nindent 4 }}
|
||||
{{- else }}
|
||||
serviceMonitorNamespaceSelector: {}
|
||||
{{- end }}
|
||||
{{- if .Values.prometheus.podMonitorNamespaceSelector }}
|
||||
podMonitorNamespaceSelector: {{- include "tc.common.tplvalues.render" (dict "value" .Values.prometheus.podMonitorNamespaceSelector "context" $) | nindent 4 }}
|
||||
{{- else }}
|
||||
podMonitorNamespaceSelector: {}
|
||||
{{- end }}
|
||||
{{- if .Values.prometheus.probeNamespaceSelector }}
|
||||
probeNamespaceSelector: {{- include "tc.common.tplvalues.render" (dict "value" .Values.prometheus.probeNamespaceSelector "context" $) | nindent 4 }}
|
||||
{{- else }}
|
||||
probeNamespaceSelector: {}
|
||||
{{- end }}
|
||||
{{- if .Values.prometheus.remoteRead }}
|
||||
remoteRead: {{- include "tc.common.tplvalues.render" (dict "value" .Values.prometheus.remoteRead "context" $) | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- if .Values.prometheus.remoteWrite }}
|
||||
remoteWrite: {{- include "tc.common.tplvalues.render" (dict "value" .Values.prometheus.remoteWrite "context" $) | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- if .Values.prometheus.podSecurityContext.enabled }}
|
||||
securityContext: {{- omit .Values.prometheus.podSecurityContext "enabled" | toYaml | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- if .Values.prometheus.ruleNamespaceSelector }}
|
||||
ruleNamespaceSelector: {{- include "tc.common.tplvalues.render" (dict "value" .Values.prometheus.ruleNamespaceSelector "context" $) | nindent 4 }}
|
||||
{{- else }}
|
||||
ruleNamespaceSelector: {}
|
||||
{{- end }}
|
||||
{{- if .Values.prometheus.ruleSelector }}
|
||||
ruleSelector: {{- include "tc.common.tplvalues.render" (dict "value" .Values.prometheus.ruleSelector "context" $) | nindent 4 }}
|
||||
{{- else }}
|
||||
ruleSelector: {}
|
||||
{{- end }}
|
||||
{{- if .Values.prometheus.storageSpec }}
|
||||
storage: {{- include "tc.common.tplvalues.render" (dict "value" .Values.prometheus.storageSpec "context" $) | nindent 4 }}
|
||||
{{- else if .Values.prometheus.persistence.enabled }}
|
||||
storage:
|
||||
volumeClaimTemplate:
|
||||
spec:
|
||||
accessModes:
|
||||
{{- range .Values.prometheus.persistence.accessModes }}
|
||||
- {{ . | quote }}
|
||||
{{- end }}
|
||||
resources:
|
||||
requests:
|
||||
storage: {{ .Values.prometheus.persistence.size | quote }}
|
||||
{{- include "tc.common.storage.storageClassName" (dict "persistence" .Values.prometheus.persistence "global" $ ) | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- if or .Values.prometheus.podMetadata.labels .Values.prometheus.podMetadata.annotations (eq .Values.prometheus.podAntiAffinityPreset "soft") (eq .Values.prometheus.podAntiAffinityPreset "hard") }}
|
||||
podMetadata:
|
||||
labels:
|
||||
{{- if .Values.prometheus.podMetadata.labels }}
|
||||
{{- include "tc.common.tplvalues.render" (dict "value" .Values.prometheus.podMetadata.labels "context" $) | nindent 6 }}
|
||||
{{- end }}
|
||||
{{- if or (eq .Values.prometheus.podAntiAffinityPreset "soft") (eq .Values.prometheus.podAntiAffinityPreset "hard") }}
|
||||
{{- include "kube-prometheus.prometheus.matchLabels" . | nindent 6 }}
|
||||
{{- end }}
|
||||
{{- if .Values.prometheus.podMetadata.annotations }}
|
||||
annotations:
|
||||
{{- include "tc.common.tplvalues.render" (dict "value" .Values.prometheus.podMetadata.annotations "context" $) | nindent 6 }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- if .Values.prometheus.querySpec }}
|
||||
query: {{- include "tc.common.tplvalues.render" (dict "value" .Values.prometheus.querySpec "context" $) | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- if .Values.prometheus.affinity }}
|
||||
affinity: {{- include "tc.common.tplvalues.render" (dict "value" .Values.prometheus.affinity "context" $) | nindent 4 }}
|
||||
{{- else }}
|
||||
affinity:
|
||||
{{- if not (empty .Values.prometheus.podAffinityPreset) }}
|
||||
podAffinity: {{- include "tc.common.affinities.pods" (dict "type" .Values.prometheus.podAffinityPreset "component" "prometheus" "context" $) | nindent 6 }}
|
||||
{{- end }}
|
||||
{{- if not (empty .Values.prometheus.podAntiAffinityPreset) }}
|
||||
podAntiAffinity: {{- include "tc.common.affinities.pods" (dict "type" .Values.prometheus.podAntiAffinityPreset "component" "prometheus" "context" $) | nindent 6 }}
|
||||
{{- end }}
|
||||
{{- if not (empty .Values.prometheus.nodeAffinityPreset.values) }}
|
||||
nodeAffinity: {{- include "tc.common.affinities.nodes" (dict "type" .Values.prometheus.nodeAffinityPreset.type "key" .Values.prometheus.nodeAffinityPreset.key "values" .Values.prometheus.nodeAffinityPreset.values) | nindent 6 }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- if .Values.prometheus.nodeSelector }}
|
||||
nodeSelector: {{- include "tc.common.tplvalues.render" (dict "value" .Values.prometheus.nodeSelector "context" $) | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- if .Values.prometheus.tolerations }}
|
||||
tolerations: {{- include "tc.common.tplvalues.render" (dict "value" .Values.prometheus.tolerations "context" $) | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- if .Values.prometheus.volumes }}
|
||||
volumes: {{- include "tc.common.tplvalues.render" (dict "value" .Values.prometheus.volumes "context" $) | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- if .Values.prometheus.volumeMounts }}
|
||||
volumeMounts: {{- include "tc.common.tplvalues.render" (dict "value" .Values.prometheus.volumeMounts "context" $) | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- if or .Values.prometheus.additionalScrapeConfigs.enabled .Values.prometheus.additionalScrapeConfigsExternal.enabled }}
|
||||
additionalScrapeConfigs:
|
||||
{{- if and .Values.prometheus.additionalScrapeConfigs.enabled (eq .Values.prometheus.additionalScrapeConfigs.type "external") }}
|
||||
name: {{ .Values.prometheus.additionalScrapeConfigs.external.name }}
|
||||
key: {{ .Values.prometheus.additionalScrapeConfigs.external.key }}
|
||||
{{- else if and .Values.prometheus.additionalScrapeConfigs.enabled (eq .Values.prometheus.additionalScrapeConfigs.type "internal") }}
|
||||
name: additional-scrape-jobs-{{ template "kube-prometheus.prometheus.fullname" . }}
|
||||
key: scrape-jobs.yaml
|
||||
{{- else if and (not .Values.prometheus.additionalScrapeConfigs.enabled) .Values.prometheus.additionalScrapeConfigsExternal.enabled }}
|
||||
name: {{ .Values.prometheus.additionalScrapeConfigsExternal.name }}
|
||||
key: {{ .Values.prometheus.additionalScrapeConfigsExternal.key }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- if .Values.prometheus.additionalAlertRelabelConfigsExternal.enabled }}
|
||||
additionalAlertRelabelConfigs:
|
||||
name: {{ .Values.prometheus.additionalAlertRelabelConfigsExternal.name }}
|
||||
key: {{ .Values.prometheus.additionalAlertRelabelConfigsExternal.key }}
|
||||
{{- end }}
|
||||
{{- include "kube-prometheus.imagePullSecrets" . | indent 2 }}
|
||||
{{- if or .Values.prometheus.containers .Values.prometheus.thanos.create .Values.prometheus.containerSecurityContext.enabled .Values.prometheus.containerSecurityContext.enabled .Values.operator.prometheusConfigReloader.containerSecurityContext.enabled }}
|
||||
containers:
|
||||
{{- if .Values.prometheus.thanos.create }}
|
||||
- name: thanos-sidecar
|
||||
image: {{ template "kube-prometheus.prometheus.thanosImage" . }}
|
||||
imagePullPolicy: {{ .Values.prometheus.thanos.image.pullPolicy }}
|
||||
args:
|
||||
- sidecar
|
||||
- --prometheus.url={{ default "http://localhost:9090" .Values.prometheus.thanos.prometheusUrl }}
|
||||
- --grpc-address=0.0.0.0:10901
|
||||
- --http-address=0.0.0.0:10902
|
||||
- --tsdb.path=/prometheus/
|
||||
{{- if .Values.prometheus.thanos.objectStorageConfig }}
|
||||
- --objstore.config=$(OBJSTORE_CONFIG)
|
||||
{{- end }}
|
||||
{{- if .Values.prometheus.thanos.extraArgs }}
|
||||
{{ toYaml .Values.prometheus.thanos.extraArgs | indent 8 | trim }}
|
||||
{{- end }}
|
||||
{{- if .Values.prometheus.thanos.objectStorageConfig }}
|
||||
env:
|
||||
- name: OBJSTORE_CONFIG
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: {{ .Values.prometheus.thanos.objectStorageConfig.secretName }}
|
||||
key: {{ .Values.prometheus.thanos.objectStorageConfig.secretKey | default "thanos.yaml" }}
|
||||
{{- end }}
|
||||
{{- if .Values.prometheus.thanos.resources }}
|
||||
resources: {{- toYaml .Values.prometheus.thanos.resources | nindent 8 }}
|
||||
{{- end }}
|
||||
ports:
|
||||
- name: thanos
|
||||
containerPort: 10901
|
||||
protocol: TCP
|
||||
- name: http
|
||||
containerPort: 10902
|
||||
protocol: TCP
|
||||
volumeMounts:
|
||||
- mountPath: /prometheus
|
||||
name: prometheus-{{ template "kube-prometheus.prometheus.fullname" . }}-db
|
||||
{{- if not (.Values.prometheus.storageSpec.disableMountSubPath | default (not .Values.prometheus.persistence.enabled)) }}
|
||||
subPath: prometheus-db
|
||||
{{- end }}
|
||||
{{- if .Values.prometheus.thanos.extraVolumeMounts }}
|
||||
{{- include "tc.common.tplvalues.render" (dict "value" .Values.prometheus.thanos.extraVolumeMounts "context" $) | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- if .Values.prometheus.thanos.containerSecurityContext.enabled }}
|
||||
# yamllint disable rule:indentation
|
||||
securityContext: {{- omit .Values.prometheus.thanos.containerSecurityContext "enabled" | toYaml | nindent 8 }}
|
||||
# yamllint enable rule:indentation
|
||||
{{- end }}
|
||||
{{- if .Values.prometheus.thanos.livenessProbe.enabled }}
|
||||
livenessProbe:
|
||||
httpGet:
|
||||
path: {{ .Values.prometheus.thanos.livenessProbe.path }}
|
||||
port: http
|
||||
scheme: HTTP
|
||||
initialDelaySeconds: {{ .Values.prometheus.thanos.livenessProbe.initialDelaySeconds }}
|
||||
periodSeconds: {{ .Values.prometheus.thanos.livenessProbe.periodSeconds }}
|
||||
timeoutSeconds: {{ .Values.prometheus.thanos.livenessProbe.timeoutSeconds }}
|
||||
failureThreshold: {{ .Values.prometheus.thanos.livenessProbe.failureThreshold }}
|
||||
successThreshold: {{ .Values.prometheus.thanos.livenessProbe.successThreshold }}
|
||||
{{- end }}
|
||||
{{- if .Values.prometheus.thanos.readinessProbe.enabled }}
|
||||
readinessProbe:
|
||||
httpGet:
|
||||
path: {{ .Values.prometheus.thanos.readinessProbe.path }}
|
||||
port: http
|
||||
scheme: HTTP
|
||||
initialDelaySeconds: {{ .Values.prometheus.thanos.readinessProbe.initialDelaySeconds }}
|
||||
periodSeconds: {{ .Values.prometheus.thanos.readinessProbe.periodSeconds }}
|
||||
timeoutSeconds: {{ .Values.prometheus.thanos.readinessProbe.timeoutSeconds }}
|
||||
failureThreshold: {{ .Values.prometheus.thanos.readinessProbe.failureThreshold }}
|
||||
successThreshold: {{ .Values.prometheus.thanos.readinessProbe.successThreshold }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- if or .Values.prometheus.containerSecurityContext.enabled .Values.prometheus.livenessProbe.enabled .Values.prometheus.readinessProbe.enabled }}
|
||||
## This monkey patching is needed until the securityContexts are
|
||||
## directly patchable via the CRD.
|
||||
## ref: https://github.com/prometheus-operator/prometheus-operator/issues/3947
|
||||
## currently implemented with strategic merge
|
||||
## ref: https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/user-guides/strategic-merge-patch.md
|
||||
- name: prometheus
|
||||
{{- if .Values.prometheus.containerSecurityContext.enabled }}
|
||||
securityContext: {{- omit .Values.prometheus.containerSecurityContext "enabled" | toYaml | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- if .Values.prometheus.livenessProbe.enabled }}
|
||||
livenessProbe:
|
||||
httpGet:
|
||||
path: {{ .Values.prometheus.livenessProbe.path }}
|
||||
port: main
|
||||
scheme: HTTP
|
||||
initialDelaySeconds: {{ .Values.prometheus.livenessProbe.initialDelaySeconds }}
|
||||
periodSeconds: {{ .Values.prometheus.livenessProbe.periodSeconds }}
|
||||
timeoutSeconds: {{ .Values.prometheus.livenessProbe.timeoutSeconds }}
|
||||
failureThreshold: {{ .Values.prometheus.livenessProbe.failureThreshold }}
|
||||
successThreshold: {{ .Values.prometheus.livenessProbe.successThreshold }}
|
||||
{{- end }}
|
||||
{{- if .Values.prometheus.readinessProbe.enabled }}
|
||||
readinessProbe:
|
||||
httpGet:
|
||||
path: {{ .Values.prometheus.readinessProbe.path }}
|
||||
port: main
|
||||
scheme: HTTP
|
||||
initialDelaySeconds: {{ .Values.prometheus.readinessProbe.initialDelaySeconds }}
|
||||
periodSeconds: {{ .Values.prometheus.readinessProbe.periodSeconds }}
|
||||
timeoutSeconds: {{ .Values.prometheus.readinessProbe.timeoutSeconds }}
|
||||
failureThreshold: {{ .Values.prometheus.readinessProbe.failureThreshold }}
|
||||
successThreshold: {{ .Values.prometheus.readinessProbe.successThreshold }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- if or .Values.operator.prometheusConfigReloader.containerSecurityContext.enabled .Values.operator.prometheusConfigReloader.livenessProbe.enabled .Values.operator.prometheusConfigReloader.readinessProbe.enabled }}
|
||||
## This monkey patching is needed until the securityContexts are
|
||||
## directly patchable via the CRD.
|
||||
## ref: https://github.com/prometheus-operator/prometheus-operator/issues/3947
|
||||
## currently implemented with strategic merge
|
||||
## ref: https://github.com/prometheus-operator/prometheus-operator/blob/master/Documentation/user-guides/strategic-merge-patch.md
|
||||
- name: config-reloader
|
||||
{{- if .Values.operator.prometheusConfigReloader.containerSecurityContext.enabled }}
|
||||
securityContext: {{- omit .Values.operator.prometheusConfigReloader.containerSecurityContext "enabled" | toYaml | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- if .Values.operator.prometheusConfigReloader.livenessProbe.enabled }}
|
||||
livenessProbe:
|
||||
tcpSocket:
|
||||
port: reloader-web
|
||||
initialDelaySeconds: {{ .Values.operator.prometheusConfigReloader.livenessProbe.initialDelaySeconds }}
|
||||
periodSeconds: {{ .Values.operator.prometheusConfigReloader.livenessProbe.periodSeconds }}
|
||||
timeoutSeconds: {{ .Values.operator.prometheusConfigReloader.livenessProbe.timeoutSeconds }}
|
||||
failureThreshold: {{ .Values.operator.prometheusConfigReloader.livenessProbe.failureThreshold }}
|
||||
successThreshold: {{ .Values.operator.prometheusConfigReloader.livenessProbe.successThreshold }}
|
||||
{{- end }}
|
||||
{{- if .Values.operator.prometheusConfigReloader.readinessProbe.enabled }}
|
||||
readinessProbe:
|
||||
tcpSocket:
|
||||
port: reloader-web
|
||||
initialDelaySeconds: {{ .Values.operator.prometheusConfigReloader.readinessProbe.initialDelaySeconds }}
|
||||
periodSeconds: {{ .Values.operator.prometheusConfigReloader.readinessProbe.periodSeconds }}
|
||||
timeoutSeconds: {{ .Values.operator.prometheusConfigReloader.readinessProbe.timeoutSeconds }}
|
||||
failureThreshold: {{ .Values.operator.prometheusConfigReloader.readinessProbe.failureThreshold }}
|
||||
successThreshold: {{ .Values.operator.prometheusConfigReloader.readinessProbe.successThreshold }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- if .Values.prometheus.containers }}
|
||||
{{- include "tc.common.tplvalues.render" (dict "value" .Values.prometheus.containers "context" $) | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- if .Values.prometheus.priorityClassName }}
|
||||
priorityClassName: {{ .Values.prometheus.priorityClassName }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
@@ -0,0 +1,29 @@
|
||||
{{- define "prometheus.prometheus.servicemonitor" -}}
|
||||
{{- if and .Values.prometheus.enabled .Values.prometheus.serviceMonitor.enabled }}
|
||||
---
|
||||
apiVersion: monitoring.coreos.com/v1
|
||||
kind: ServiceMonitor
|
||||
metadata:
|
||||
name: {{ template "kube-prometheus.prometheus.fullname" . }}
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels: {{- include "kube-prometheus.prometheus.labels" . | nindent 4 }}
|
||||
spec:
|
||||
selector:
|
||||
matchLabels: {{- include "kube-prometheus.prometheus.matchLabels" . | nindent 6 }}
|
||||
namespaceSelector:
|
||||
matchNames:
|
||||
- {{ .Release.Namespace }}
|
||||
endpoints:
|
||||
- port: http
|
||||
{{- if .Values.prometheus.serviceMonitor.interval }}
|
||||
interval: {{ .Values.prometheus.serviceMonitor.interval }}
|
||||
{{- end }}
|
||||
path: {{ trimSuffix "/" .Values.prometheus.routePrefix }}/metrics
|
||||
{{- if .Values.prometheus.serviceMonitor.metricRelabelings }}
|
||||
metricRelabelings: {{- include "tc.common.tplvalues.render" ( dict "value" .Values.prometheus.serviceMonitor.metricRelabelings "context" $) | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- if .Values.prometheus.serviceMonitor.relabelings }}
|
||||
relabelings: {{- toYaml .Values.prometheus.serviceMonitor.relabelings | nindent 8 }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
@@ -0,0 +1,41 @@
|
||||
{{- if .Values.prometheus.enabled -}}
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: ClusterRole
|
||||
metadata:
|
||||
name: {{ template "kube-prometheus.prometheus.fullname" . }}
|
||||
labels: {{- include "kube-prometheus.prometheus.labels" . | nindent 4 }}
|
||||
rules:
|
||||
- apiGroups:
|
||||
- ""
|
||||
resources:
|
||||
- nodes/metrics
|
||||
verbs:
|
||||
- get
|
||||
- list
|
||||
- watch
|
||||
- apiGroups:
|
||||
- ""
|
||||
resources:
|
||||
- nodes
|
||||
- nodes/proxy
|
||||
- services
|
||||
- endpoints
|
||||
- pods
|
||||
verbs:
|
||||
- "get"
|
||||
- "list"
|
||||
- "watch"
|
||||
- apiGroups:
|
||||
- extensions
|
||||
- "networking.k8s.io"
|
||||
resources:
|
||||
- ingresses
|
||||
verbs:
|
||||
- get
|
||||
- list
|
||||
- watch
|
||||
- nonResourceURLs:
|
||||
- "/metrics"
|
||||
verbs:
|
||||
- "get"
|
||||
{{- end }}
|
||||
@@ -0,0 +1,15 @@
|
||||
{{- if .Values.prometheus.enabled }}
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: ClusterRoleBinding
|
||||
metadata:
|
||||
name: {{ template "kube-prometheus.prometheus.fullname" . }}
|
||||
labels: {{- include "kube-prometheus.prometheus.labels" . | nindent 4 }}
|
||||
roleRef:
|
||||
apiGroup: rbac.authorization.k8s.io
|
||||
kind: ClusterRole
|
||||
name: {{ template "kube-prometheus.prometheus.fullname" . }}
|
||||
subjects:
|
||||
- kind: ServiceAccount
|
||||
name: {{ template "kube-prometheus.prometheus.serviceAccountName" . }}
|
||||
namespace: {{ .Release.Namespace }}
|
||||
{{- end }}
|
||||
@@ -0,0 +1,12 @@
|
||||
{{- if and .Values.prometheus.enabled .Values.prometheus.serviceAccount.create }}
|
||||
apiVersion: v1
|
||||
kind: ServiceAccount
|
||||
metadata:
|
||||
name: {{ template "kube-prometheus.prometheus.serviceAccountName" . }}
|
||||
namespace: {{ .Release.Namespace }}
|
||||
labels: {{- include "kube-prometheus.prometheus.labels" . | nindent 4 }}
|
||||
{{- if index .Values.prometheus.serviceAccount "annotations" }}
|
||||
annotations: {{- include "tc.common.tplvalues.render" (dict "value" .Values.prometheus.serviceAccount.annotations "context" $) | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- include "kube-prometheus.imagePullSecrets" . }}
|
||||
{{- end }}
|
||||
0
enterprise/prometheus/7.0.42/values.yaml
Normal file
0
enterprise/prometheus/7.0.42/values.yaml
Normal file
4
enterprise/prometheus/item.yaml
Normal file
4
enterprise/prometheus/item.yaml
Normal file
@@ -0,0 +1,4 @@
|
||||
icon_url: https://truecharts.org/img/hotlink-ok/chart-icons/prometheus.png
|
||||
categories:
|
||||
- metrics
|
||||
|
||||
0
enterprise/traefik/16.0.11/CHANGELOG.md
Normal file
0
enterprise/traefik/16.0.11/CHANGELOG.md
Normal file
31
enterprise/traefik/16.0.11/Chart.yaml
Normal file
31
enterprise/traefik/16.0.11/Chart.yaml
Normal file
@@ -0,0 +1,31 @@
|
||||
apiVersion: v2
|
||||
appVersion: "2.9.6"
|
||||
dependencies:
|
||||
- name: common
|
||||
repository: https://library-charts.truecharts.org
|
||||
version: 11.1.2
|
||||
deprecated: false
|
||||
description: Traefik is a flexible reverse proxy and Ingress Provider.
|
||||
home: https://truecharts.org/charts/stable/traefik
|
||||
icon: https://truecharts.org/img/hotlink-ok/chart-icons/traefik.png
|
||||
keywords:
|
||||
- traefik
|
||||
- ingress
|
||||
kubeVersion: ">=1.16.0-0"
|
||||
maintainers:
|
||||
- email: info@truecharts.org
|
||||
name: TrueCharts
|
||||
url: https://truecharts.org
|
||||
name: traefik
|
||||
sources:
|
||||
- https://github.com/truecharts/charts/tree/master/charts/stable/traefik
|
||||
- https://github.com/traefik/traefik
|
||||
- https://github.com/traefik/traefik-helm-chart
|
||||
- https://traefik.io/
|
||||
type: application
|
||||
version: 16.0.11
|
||||
annotations:
|
||||
truecharts.org/catagories: |
|
||||
- network
|
||||
truecharts.org/SCALE-support: "true"
|
||||
truecharts.org/grade: U
|
||||
27
enterprise/traefik/16.0.11/README.md
Normal file
27
enterprise/traefik/16.0.11/README.md
Normal file
@@ -0,0 +1,27 @@
|
||||
# README
|
||||
|
||||
## General Info
|
||||
|
||||
TrueCharts can be installed as both *normal* Helm Charts or as Apps on TrueNAS SCALE.
|
||||
However only installations using the TrueNAS SCALE Apps system are supported.
|
||||
|
||||
For more information about this App, please check the docs on the TrueCharts [website](https://truecharts.org/charts/stable/)
|
||||
|
||||
**This chart is not maintained by the upstream project and any issues with the chart should be raised [here](https://github.com/truecharts/charts/issues/new/choose)**
|
||||
|
||||
|
||||
## Support
|
||||
|
||||
- Please check our [quick-start guides for TrueNAS SCALE](https://truecharts.org/manual/SCALE%20Apps/Important-MUST-READ).
|
||||
- See the [Website](https://truecharts.org)
|
||||
- Check our [Discord](https://discord.gg/tVsPTHWTtr)
|
||||
- Open a [issue](https://github.com/truecharts/charts/issues/new/choose)
|
||||
|
||||
---
|
||||
|
||||
## Sponsor TrueCharts
|
||||
|
||||
TrueCharts can only exist due to the incredible effort of our staff.
|
||||
Please consider making a [donation](https://truecharts.org/sponsor) or contributing back to the project any way you can!
|
||||
|
||||
*All Rights Reserved - The TrueCharts Project*
|
||||
0
enterprise/traefik/16.0.11/app-changelog.md
Normal file
0
enterprise/traefik/16.0.11/app-changelog.md
Normal file
8
enterprise/traefik/16.0.11/app-readme.md
Normal file
8
enterprise/traefik/16.0.11/app-readme.md
Normal file
@@ -0,0 +1,8 @@
|
||||
Traefik is a flexible reverse proxy and Ingress Provider.
|
||||
|
||||
This App is supplied by TrueCharts, for more information visit the manual: [https://truecharts.org/charts/enterprise/traefik](https://truecharts.org/charts/enterprise/traefik)
|
||||
|
||||
---
|
||||
|
||||
TrueCharts can only exist due to the incredible effort of our staff.
|
||||
Please consider making a [donation](https://truecharts.org/about/sponsor) or contributing back to the project any way you can!
|
||||
BIN
enterprise/traefik/16.0.11/charts/common-11.1.2.tgz
Normal file
BIN
enterprise/traefik/16.0.11/charts/common-11.1.2.tgz
Normal file
Binary file not shown.
406
enterprise/traefik/16.0.11/ix_values.yaml
Normal file
406
enterprise/traefik/16.0.11/ix_values.yaml
Normal file
@@ -0,0 +1,406 @@
|
||||
image:
|
||||
repository: tccr.io/truecharts/traefik
|
||||
# defaults to appVersion
|
||||
tag: 2.9.6@sha256:a4f065a7a34902e7d8179680b8c344e70cf90ed80c7a396b5f42ecabfa3c0321
|
||||
pullPolicy: IfNotPresent
|
||||
|
||||
# -- Use ingressClass. Ignored if Traefik version < 2.3 / kubernetes < 1.18.x
|
||||
ingressClass:
|
||||
# true is not unit-testable yet, pending https://github.com/rancher/helm-unittest/pull/12
|
||||
enabled: false
|
||||
isDefaultClass: false
|
||||
# Use to force a networking.k8s.io API Version for certain CI/CD applications. E.g. "v1beta1"
|
||||
fallbackApiVersion: ""
|
||||
|
||||
# -- Create an IngressRoute for the dashboard
|
||||
ingressRoute:
|
||||
dashboard:
|
||||
enabled: true
|
||||
# Additional ingressRoute annotations (e.g. for kubernetes.io/ingress.class)
|
||||
annotations: {}
|
||||
# Additional ingressRoute labels (e.g. for filtering IngressRoute by custom labels)
|
||||
labels: {}
|
||||
|
||||
podAnnotations:
|
||||
prometheus.io/scrape: "true"
|
||||
prometheus.io/path: "/metrics"
|
||||
prometheus.io/port: "9180"
|
||||
|
||||
#
|
||||
# -- Configure providers
|
||||
providers:
|
||||
kubernetesCRD:
|
||||
enabled: true
|
||||
namespaces:
|
||||
[]
|
||||
# - "default"
|
||||
kubernetesIngress:
|
||||
enabled: true
|
||||
# labelSelector: environment=production,method=traefik
|
||||
namespaces:
|
||||
[]
|
||||
# - "default"
|
||||
# IP used for Kubernetes Ingress endpoints
|
||||
publishedService:
|
||||
enabled: true
|
||||
# Published Kubernetes Service to copy status from. Format: namespace/servicename
|
||||
# By default this Traefik service
|
||||
# pathOverride: ""
|
||||
|
||||
# -- Logs
|
||||
# https://docs.traefik.io/observability/logs/
|
||||
logs:
|
||||
# Traefik logs concern everything that happens to Traefik itself (startup, configuration, events, shutdown, and so on).
|
||||
general:
|
||||
# By default, the level is set to ERROR. Alternative logging levels are DEBUG, PANIC, FATAL, ERROR, WARN, and INFO.
|
||||
level: ERROR
|
||||
# -- Set the format of General Logs to be either Common Log Format or JSON. For more information: https://doc.traefik.io/traefik/observability/logs/#format
|
||||
format: common
|
||||
access:
|
||||
# To enable access logs
|
||||
enabled: false
|
||||
# To write the logs in an asynchronous fashion, specify a bufferingSize option.
|
||||
# This option represents the number of log lines Traefik will keep in memory before writing
|
||||
# them to the selected output. In some cases, this option can greatly help performances.
|
||||
# bufferingSize: 100
|
||||
# Filtering https://docs.traefik.io/observability/access-logs/#filtering
|
||||
filters:
|
||||
{}
|
||||
# statuscodes: "200,300-302"
|
||||
# retryattempts: true
|
||||
# minduration: 10ms
|
||||
# Fields
|
||||
# https://docs.traefik.io/observability/access-logs/#limiting-the-fieldsincluding-headers
|
||||
fields:
|
||||
general:
|
||||
defaultmode: keep
|
||||
names:
|
||||
{}
|
||||
# Examples:
|
||||
# ClientUsername: drop
|
||||
headers:
|
||||
defaultmode: drop
|
||||
names:
|
||||
{}
|
||||
# Examples:
|
||||
# User-Agent: redact
|
||||
# Authorization: drop
|
||||
# Content-Type: keep
|
||||
# -- Set the format of Access Logs to be either Common Log Format or JSON. For more information: https://doc.traefik.io/traefik/observability/access-logs/#format
|
||||
format: common
|
||||
|
||||
metrics:
|
||||
# datadog:
|
||||
# address: 127.0.0.1:8125
|
||||
# influxdb:
|
||||
# address: localhost:8089
|
||||
# protocol: udp
|
||||
prometheus:
|
||||
entryPoint: metrics
|
||||
# statsd:
|
||||
# address: localhost:8125
|
||||
|
||||
globalArguments:
|
||||
- "--global.checknewversion"
|
||||
|
||||
##
|
||||
# -- Additional arguments to be passed at Traefik's binary
|
||||
# All available options available on https://docs.traefik.io/reference/static-configuration/cli/
|
||||
## Use curly braces to pass values: `helm install --set="additionalArguments={--providers.kubernetesingress.ingressclass=traefik-internal,--log.level=DEBUG}"`
|
||||
additionalArguments:
|
||||
- "--metrics.prometheus"
|
||||
- "--ping"
|
||||
- "--serverstransport.insecureskipverify=true"
|
||||
- "--providers.kubernetesingress.allowexternalnameservices=true"
|
||||
|
||||
# -- TLS Options to be created as TLSOption CRDs
|
||||
# https://doc.traefik.io/tccr.io/truecharts/https/tls/#tls-options
|
||||
# Example:
|
||||
tlsOptions:
|
||||
default:
|
||||
sniStrict: false
|
||||
minVersion: VersionTLS12
|
||||
curvePreferences:
|
||||
- CurveP521
|
||||
- CurveP384
|
||||
cipherSuites:
|
||||
- TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
|
||||
- TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
|
||||
- TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305
|
||||
- TLS_AES_128_GCM_SHA256
|
||||
- TLS_AES_256_GCM_SHA384
|
||||
- TLS_CHACHA20_POLY1305_SHA256
|
||||
|
||||
# -- Options for the main traefik service, where the entrypoints traffic comes from
|
||||
# from.
|
||||
service:
|
||||
main:
|
||||
type: LoadBalancer
|
||||
ports:
|
||||
main:
|
||||
port: 9000
|
||||
targetPort: 9000
|
||||
protocol: HTTP
|
||||
# -- Forwarded Headers should never be enabled on Main entrypoint
|
||||
forwardedHeaders:
|
||||
enabled: false
|
||||
# -- Proxy Protocol should never be enabled on Main entrypoint
|
||||
proxyProtocol:
|
||||
enabled: false
|
||||
tcp:
|
||||
enabled: true
|
||||
type: LoadBalancer
|
||||
ports:
|
||||
web:
|
||||
enabled: true
|
||||
port: 9080
|
||||
protocol: HTTP
|
||||
redirectTo: websecure
|
||||
# Options: Empty, 0 (ingore), or positive int
|
||||
# redirectPort:
|
||||
# -- Configure (Forwarded Headers)[https://doc.traefik.io/traefik/routing/entrypoints/#forwarded-headers] Support
|
||||
forwardedHeaders:
|
||||
enabled: false
|
||||
# -- List of trusted IP and CIDR references
|
||||
trustedIPs: []
|
||||
# -- Trust all forwarded headers
|
||||
insecureMode: false
|
||||
# -- Configure (Proxy Protocol Headers)[https://doc.traefik.io/traefik/routing/entrypoints/#proxyprotocol] Support
|
||||
proxyProtocol:
|
||||
enabled: false
|
||||
# -- Only IPs in trustedIPs will lead to remote client address replacement
|
||||
trustedIPs: []
|
||||
# -- Trust every incoming connection
|
||||
insecureMode: false
|
||||
websecure:
|
||||
enabled: true
|
||||
port: 9443
|
||||
protocol: HTTPS
|
||||
# -- Configure (Forwarded Headers)[https://doc.traefik.io/traefik/routing/entrypoints/#forwarded-headers] Support
|
||||
forwardedHeaders:
|
||||
enabled: false
|
||||
# -- List of trusted IP and CIDR references
|
||||
trustedIPs: []
|
||||
# -- Trust all forwarded headers
|
||||
insecureMode: false
|
||||
# -- Configure (Proxy Protocol Headers)[https://doc.traefik.io/traefik/routing/entrypoints/#proxyprotocol] Support
|
||||
proxyProtocol:
|
||||
enabled: false
|
||||
# -- Only IPs in trustedIPs will lead to remote client address replacement
|
||||
trustedIPs: []
|
||||
# -- Trust every incoming connection
|
||||
insecureMode: false
|
||||
# tcpexample:
|
||||
# enabled: true
|
||||
# targetPort: 9443
|
||||
# protocol: TCP
|
||||
# tls:
|
||||
# enabled: false
|
||||
# # this is the name of a TLSOption definition
|
||||
# options: ""
|
||||
# certResolver: ""
|
||||
# domains: []
|
||||
# # - main: example.com
|
||||
# # sans:
|
||||
# # - foo.example.com
|
||||
# # - bar.example.com
|
||||
metrics:
|
||||
enabled: true
|
||||
type: ClusterIP
|
||||
ports:
|
||||
metrics:
|
||||
enabled: true
|
||||
port: 9180
|
||||
targetPort: 9180
|
||||
protocol: HTTP
|
||||
# -- Forwarded Headers should never be enabled on Metrics entrypoint
|
||||
forwardedHeaders:
|
||||
enabled: false
|
||||
# -- Proxy Protocol should never be enabled on Metrics entrypoint
|
||||
proxyProtocol:
|
||||
enabled: false
|
||||
udp:
|
||||
enabled: false
|
||||
|
||||
# probes:
|
||||
# # -- Liveness probe configuration
|
||||
# # @default -- See below
|
||||
# liveness:
|
||||
# # -- sets the probe type when not using a custom probe
|
||||
# # @default -- "TCP"
|
||||
# type: HTTP
|
||||
# # -- If a HTTP probe is used (default for HTTP/HTTPS services) this path is used
|
||||
# # @default -- "/"
|
||||
# path: "/ping"
|
||||
|
||||
# # -- Redainess probe configuration
|
||||
# # @default -- See below
|
||||
# readiness:
|
||||
# # -- sets the probe type when not using a custom probe
|
||||
# # @default -- "TCP"
|
||||
# type: HTTP
|
||||
# # -- If a HTTP probe is used (default for HTTP/HTTPS services) this path is used
|
||||
# # @default -- "/"
|
||||
# path: "/ping"
|
||||
|
||||
# # -- Startup probe configuration
|
||||
# # @default -- See below
|
||||
# startup:
|
||||
# # -- sets the probe type when not using a custom probe
|
||||
# # @default -- "TCP"
|
||||
# type: HTTP
|
||||
# # -- If a HTTP probe is used (default for HTTP/HTTPS services) this path is used
|
||||
# # @default -- "/"
|
||||
# path: "/ping"
|
||||
|
||||
# -- Whether Role Based Access Control objects like roles and rolebindings should be created
|
||||
rbac:
|
||||
main:
|
||||
enabled: true
|
||||
rules:
|
||||
- apiGroups:
|
||||
- ""
|
||||
resources:
|
||||
- services
|
||||
- endpoints
|
||||
- secrets
|
||||
verbs:
|
||||
- get
|
||||
- list
|
||||
- watch
|
||||
- apiGroups:
|
||||
- extensions
|
||||
- networking.k8s.io
|
||||
resources:
|
||||
- ingresses
|
||||
- ingressclasses
|
||||
verbs:
|
||||
- get
|
||||
- list
|
||||
- watch
|
||||
- apiGroups:
|
||||
- extensions
|
||||
- networking.k8s.io
|
||||
resources:
|
||||
- ingresses/status
|
||||
verbs:
|
||||
- update
|
||||
- apiGroups:
|
||||
- traefik.containo.us
|
||||
resources:
|
||||
- ingressroutes
|
||||
- ingressroutetcps
|
||||
- ingressrouteudps
|
||||
- middlewares
|
||||
- middlewaretcps
|
||||
- tlsoptions
|
||||
- tlsstores
|
||||
- traefikservices
|
||||
- serverstransports
|
||||
verbs:
|
||||
- get
|
||||
- list
|
||||
- watch
|
||||
|
||||
# -- The service account the pods will use to interact with the Kubernetes API
|
||||
serviceAccount:
|
||||
main:
|
||||
enabled: true
|
||||
|
||||
# -- SCALE Middleware Handlers
|
||||
middlewares:
|
||||
basicAuth: []
|
||||
# - name: basicauthexample
|
||||
# users:
|
||||
# - username: testuser
|
||||
# password: testpassword
|
||||
forwardAuth: []
|
||||
# - name: forwardAuthexample
|
||||
# address: https://auth.example.com/
|
||||
# authResponseHeaders:
|
||||
# - X-Secret
|
||||
# - X-Auth-User
|
||||
# authRequestHeaders:
|
||||
# - "Accept"
|
||||
# - "X-CustomHeader"
|
||||
# authResponseHeadersRegex: "^X-"
|
||||
# trustForwardHeader: true
|
||||
chain: []
|
||||
# - name: chainname
|
||||
# middlewares:
|
||||
# - name: compress
|
||||
redirectScheme: []
|
||||
# - name: redirectSchemeName
|
||||
# scheme: https
|
||||
# permanent: true
|
||||
rateLimit: []
|
||||
# - name: rateLimitName
|
||||
# average: 300
|
||||
# burst: 200
|
||||
redirectRegex: []
|
||||
# - name: redirectRegexName
|
||||
# regex: putregexhere
|
||||
# replacement: replacementurlhere
|
||||
# permanent: false
|
||||
stripPrefixRegex: []
|
||||
# - name: stripPrefixRegexName
|
||||
# regex: []
|
||||
ipWhiteList: []
|
||||
# - name: ipWhiteListName
|
||||
# sourceRange: []
|
||||
# ipStrategy:
|
||||
# depth: 2
|
||||
# excludedIPs: []
|
||||
themeParkVersion: v1.3.0
|
||||
themePark: []
|
||||
# - name: themeParkName
|
||||
# -- Supported apps, lower case name
|
||||
# -- https://docs.theme-park.dev/themes
|
||||
# app: appnamehere
|
||||
# -- Supported themes, lower case name
|
||||
# -- https://docs.theme-park.dev/themes/APPNAMEHERE
|
||||
# -- https://docs.theme-park.dev/community-themes
|
||||
# theme: themenamehere
|
||||
# -- https://theme-park.dev or a self hosted url
|
||||
# baseUrl: https://theme-park.dev
|
||||
realIPVersion: v1.0.3
|
||||
# Sets X-Real-Ip with an IP from the X-Forwarded-For or
|
||||
# Cf-Connecting-Ip (If from Cloudflare)
|
||||
# Evaluation of those headers will go from last to first
|
||||
realIP: []
|
||||
# - name: realIPName
|
||||
# -- The real IP will be the first one that is
|
||||
# -- not included in any of the CIDRs passed here
|
||||
# excludedNetworks:
|
||||
# - 1.1.1.1/24
|
||||
addPrefix: []
|
||||
# - name: addPrefixName
|
||||
# prefix: "/foo"
|
||||
geoBlockVersion: v0.2.3
|
||||
geoBlock: []
|
||||
# -- https://github.com/PascalMinder/geoblock
|
||||
# - name: geoBlockName
|
||||
# allowLocalRequests: true
|
||||
# logLocalRequests: false
|
||||
# logAllowedRequests: false
|
||||
# logApiRequests: false
|
||||
# api: https://get.geojs.io/v1/ip/country/{ip}
|
||||
# apiTimeoutMs: 500
|
||||
# cacheSize: 25
|
||||
# forceMonthlyUpdate: true
|
||||
# allowUnknownCountries: false
|
||||
# unknownCountryApiResponse: nil
|
||||
# countries:
|
||||
# - RU
|
||||
|
||||
portalhook:
|
||||
enabled: true
|
||||
|
||||
persistence:
|
||||
plugins:
|
||||
enabled: true
|
||||
mountPath: "/plugins-storage"
|
||||
type: emptyDir
|
||||
|
||||
portal:
|
||||
enabled: true
|
||||
2487
enterprise/traefik/16.0.11/questions.yaml
Normal file
2487
enterprise/traefik/16.0.11/questions.yaml
Normal file
File diff suppressed because it is too large
Load Diff
178
enterprise/traefik/16.0.11/templates/_args.tpl
Normal file
178
enterprise/traefik/16.0.11/templates/_args.tpl
Normal file
@@ -0,0 +1,178 @@
|
||||
{{/* Define the args */}}
|
||||
{{- define "traefik.args" -}}
|
||||
args:
|
||||
{{/* merge all ports */}}
|
||||
{{- $ports := dict }}
|
||||
{{- range $.Values.service }}
|
||||
{{- range $name, $value := .ports }}
|
||||
{{- $_ := set $ports $name $value }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{/* start of actual arguments */}}
|
||||
{{- with .Values.globalArguments }}
|
||||
{{- range . }}
|
||||
- {{ . | quote }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- range $name, $config := $ports }}
|
||||
{{- if $config }}
|
||||
{{- if or ( eq $config.protocol "HTTP" ) ( eq $config.protocol "HTTPS" ) ( eq $config.protocol "TCP" ) }}
|
||||
{{- $_ := set $config "protocol" "TCP" }}
|
||||
{{- end }}
|
||||
- "--entryPoints.{{$name}}.address=:{{ $config.port }}/{{ default "tcp" $config.protocol | lower }}"
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
- "--api.dashboard=true"
|
||||
- "--ping=true"
|
||||
{{- if .Values.metrics }}
|
||||
{{- if .Values.metrics.datadog }}
|
||||
- "--metrics.datadog=true"
|
||||
- "--metrics.datadog.address={{ .Values.metrics.datadog.address }}"
|
||||
{{- end }}
|
||||
{{- if .Values.metrics.influxdb }}
|
||||
- "--metrics.influxdb=true"
|
||||
- "--metrics.influxdb.address={{ .Values.metrics.influxdb.address }}"
|
||||
- "--metrics.influxdb.protocol={{ .Values.metrics.influxdb.protocol }}"
|
||||
{{- end }}
|
||||
{{- if .Values.metrics.prometheus }}
|
||||
- "--metrics.prometheus=true"
|
||||
- "--metrics.prometheus.entrypoint={{ .Values.metrics.prometheus.entryPoint }}"
|
||||
{{- end }}
|
||||
{{- if .Values.metrics.statsd }}
|
||||
- "--metrics.statsd=true"
|
||||
- "--metrics.statsd.address={{ .Values.metrics.statsd.address }}"
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- if .Values.providers.kubernetesCRD.enabled }}
|
||||
- "--providers.kubernetescrd"
|
||||
{{- end }}
|
||||
{{- if .Values.providers.kubernetesIngress.enabled }}
|
||||
- "--providers.kubernetesingress"
|
||||
{{- if .Values.providers.kubernetesIngress.publishedService.enabled }}
|
||||
- "--providers.kubernetesingress.ingressendpoint.publishedservice={{ template "providers.kubernetesIngress.publishedServicePath" . }}"
|
||||
{{- end }}
|
||||
{{- if .Values.providers.kubernetesIngress.labelSelector }}
|
||||
- "--providers.kubernetesingress.labelSelector={{ .Values.providers.kubernetesIngress.labelSelector }}"
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- if and .Values.rbac.enabled .Values.rbac.namespaced }}
|
||||
{{- if .Values.providers.kubernetesCRD.enabled }}
|
||||
- "--providers.kubernetescrd.namespaces={{ template "providers.kubernetesCRD.namespaces" . }}"
|
||||
{{- end }}
|
||||
{{- if .Values.providers.kubernetesIngress.enabled }}
|
||||
- "--providers.kubernetesingress.namespaces={{ template "providers.kubernetesIngress.namespaces" . }}"
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- if .Values.ingressClass.enabled }}
|
||||
- "--providers.kubernetesingress.ingressclass={{ .Release.Name }}"
|
||||
{{- end }}
|
||||
{{- range $entrypoint, $config := $ports }}
|
||||
{{/* add args for proxyProtocol support */}}
|
||||
{{- if $config.proxyProtocol }}
|
||||
{{- if $config.proxyProtocol.enabled }}
|
||||
{{- if $config.proxyProtocol.insecureMode }}
|
||||
- "--entrypoints.{{ $entrypoint }}.proxyProtocol.insecure"
|
||||
{{- end }}
|
||||
{{- if not ( empty $config.proxyProtocol.trustedIPs ) }}
|
||||
- "--entrypoints.{{ $entrypoint }}.proxyProtocol.trustedIPs={{ join "," $config.proxyProtocol.trustedIPs }}"
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{/* add args for forwardedHeaders support */}}
|
||||
{{- if $config.forwardedHeaders.enabled }}
|
||||
{{- if not ( empty $config.forwardedHeaders.trustedIPs ) }}
|
||||
- "--entrypoints.{{ $entrypoint }}.forwardedHeaders.trustedIPs={{ join "," $config.forwardedHeaders.trustedIPs }}"
|
||||
{{- end }}
|
||||
{{- if $config.forwardedHeaders.insecureMode }}
|
||||
- "--entrypoints.{{ $entrypoint }}.forwardedHeaders.insecure"
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{/* end forwardedHeaders configuration */}}
|
||||
{{- if $config.redirectTo }}
|
||||
{{- $toPort := index $ports $config.redirectTo }}
|
||||
- "--entrypoints.{{ $entrypoint }}.http.redirections.entryPoint.to=:{{ $toPort.port }}"
|
||||
- "--entrypoints.{{ $entrypoint }}.http.redirections.entryPoint.scheme=https"
|
||||
{{- else if $config.redirectPort }}
|
||||
{{ if gt $config.redirectPort 0.0 }}
|
||||
- "--entrypoints.{{ $entrypoint }}.http.redirections.entryPoint.to=:{{ $config.redirectPort }}"
|
||||
- "--entrypoints.{{ $entrypoint }}.http.redirections.entryPoint.scheme=https"
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- if or ( $config.tls ) ( eq $config.protocol "HTTPS" ) }}
|
||||
{{- if or ( $config.tls.enabled ) ( eq $config.protocol "HTTPS" ) }}
|
||||
- "--entrypoints.{{ $entrypoint }}.http.tls=true"
|
||||
{{- if $config.tls.options }}
|
||||
- "--entrypoints.{{ $entrypoint }}.http.tls.options={{ $config.tls.options }}"
|
||||
{{- end }}
|
||||
{{- if $config.tls.certResolver }}
|
||||
- "--entrypoints.{{ $entrypoint }}.http.tls.certResolver={{ $config.tls.certResolver }}"
|
||||
{{- end }}
|
||||
{{- if $config.tls.domains }}
|
||||
{{- range $index, $domain := $config.tls.domains }}
|
||||
{{- if $domain.main }}
|
||||
- "--entrypoints.{{ $entrypoint }}.http.tls.domains[{{ $index }}].main={{ $domain.main }}"
|
||||
{{- end }}
|
||||
{{- if $domain.sans }}
|
||||
- "--entrypoints.{{ $entrypoint }}.http.tls.domains[{{ $index }}].sans={{ join "," $domain.sans }}"
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- with .Values.logs }}
|
||||
- "--log.format={{ .general.format }}"
|
||||
{{- if ne .general.level "ERROR" }}
|
||||
- "--log.level={{ .general.level | upper }}"
|
||||
{{- end }}
|
||||
{{- if .access.enabled }}
|
||||
- "--accesslog=true"
|
||||
- "--accesslog.format={{ .access.format }}"
|
||||
{{- if .access.bufferingsize }}
|
||||
- "--accesslog.bufferingsize={{ .access.bufferingsize }}"
|
||||
{{- end }}
|
||||
{{- if .access.filters }}
|
||||
{{- if .access.filters.statuscodes }}
|
||||
- "--accesslog.filters.statuscodes={{ .access.filters.statuscodes }}"
|
||||
{{- end }}
|
||||
{{- if .access.filters.retryattempts }}
|
||||
- "--accesslog.filters.retryattempts"
|
||||
{{- end }}
|
||||
{{- if .access.filters.minduration }}
|
||||
- "--accesslog.filters.minduration={{ .access.filters.minduration }}"
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
- "--accesslog.fields.defaultmode={{ .access.fields.general.defaultmode }}"
|
||||
{{- range $fieldname, $fieldaction := .access.fields.general.names }}
|
||||
- "--accesslog.fields.names.{{ $fieldname }}={{ $fieldaction }}"
|
||||
{{- end }}
|
||||
- "--accesslog.fields.headers.defaultmode={{ .access.fields.headers.defaultmode }}"
|
||||
{{- range $fieldname, $fieldaction := .access.fields.headers.names }}
|
||||
- "--accesslog.fields.headers.names.{{ $fieldname }}={{ $fieldaction }}"
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{/* theme.park */}}
|
||||
{{- if .Values.middlewares.themePark }}
|
||||
- "--experimental.plugins.traefik-themepark.modulename=github.com/packruler/traefik-themepark"
|
||||
- "--experimental.plugins.traefik-themepark.version={{ .Values.middlewares.themeParkVersion }}"
|
||||
{{- end }}
|
||||
{{/* End of theme.park */}}
|
||||
{{/* GeoBlock */}}
|
||||
{{- if .Values.middlewares.geoBlock }}
|
||||
- "--experimental.plugins.GeoBlock.modulename=github.com/PascalMinder/geoblock"
|
||||
- "--experimental.plugins.GeoBlock.version={{ .Values.middlewares.geoBlockVersion }}"
|
||||
{{- end }}
|
||||
{{/* End of GeoBlock */}}
|
||||
{{/* RealIP */}}
|
||||
{{- if .Values.middlewares.realIP }}
|
||||
- "--experimental.plugins.traefik-real-ip.modulename=github.com/soulbalz/traefik-real-ip"
|
||||
- "--experimental.plugins.traefik-real-ip.version={{ .Values.middlewares.realIPVersion }}"
|
||||
{{- end }}
|
||||
{{/* End of RealIP */}}
|
||||
{{- with .Values.additionalArguments }}
|
||||
{{- range . }}
|
||||
- {{ . | quote }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end -}}
|
||||
22
enterprise/traefik/16.0.11/templates/_helpers.tpl
Normal file
22
enterprise/traefik/16.0.11/templates/_helpers.tpl
Normal file
@@ -0,0 +1,22 @@
|
||||
{{/*
|
||||
Construct the path for the providers.kubernetesingress.ingressendpoint.publishedservice.
|
||||
By convention this will simply use the <namespace>/<service-name> to match the name of the
|
||||
service generated.
|
||||
Users can provide an override for an explicit service they want bound via `.Values.providers.kubernetesIngress.publishedService.pathOverride`
|
||||
*/}}
|
||||
{{- define "providers.kubernetesIngress.publishedServicePath" -}}
|
||||
{{- $fullName := include "tc.common.names.fullname" . -}}
|
||||
{{- $defServiceName := printf "%s/%s-tcp" .Release.Namespace $fullName -}}
|
||||
{{- $servicePath := default $defServiceName .Values.providers.kubernetesIngress.publishedService.pathOverride }}
|
||||
{{- print $servicePath | trimSuffix "-" -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Construct a comma-separated list of whitelisted namespaces
|
||||
*/}}
|
||||
{{- define "providers.kubernetesIngress.namespaces" -}}
|
||||
{{- default .Release.Namespace (join "," .Values.providers.kubernetesIngress.namespaces) }}
|
||||
{{- end -}}
|
||||
{{- define "providers.kubernetesCRD.namespaces" -}}
|
||||
{{- default .Release.Namespace (join "," .Values.providers.kubernetesCRD.namespaces) }}
|
||||
{{- end -}}
|
||||
24
enterprise/traefik/16.0.11/templates/_ingressclass.tpl
Normal file
24
enterprise/traefik/16.0.11/templates/_ingressclass.tpl
Normal file
@@ -0,0 +1,24 @@
|
||||
{{/* Define the ingressClass */}}
|
||||
{{- define "traefik.ingressClass" -}}
|
||||
---
|
||||
{{ if .Values.ingressClass.enabled }}
|
||||
{{- if .Capabilities.APIVersions.Has "networking.k8s.io/v1/IngressClass" }}
|
||||
apiVersion: networking.k8s.io/v1
|
||||
{{- else if .Capabilities.APIVersions.Has "networking.k8s.io/v1beta1/IngressClass" }}
|
||||
apiVersion: networking.k8s.io/v1beta1
|
||||
{{- else if or (eq .Values.ingressClass.fallbackApiVersion "v1beta1") (eq .Values.ingressClass.fallbackApiVersion "v1") }}
|
||||
apiVersion: {{ printf "networking.k8s.io/%s" .Values.ingressClass.fallbackApiVersion }}
|
||||
{{- else }}
|
||||
{{- fail "\n\n ERROR: You must have at least networking.k8s.io/v1beta1 to use ingressClass" }}
|
||||
{{- end }}
|
||||
kind: IngressClass
|
||||
metadata:
|
||||
annotations:
|
||||
ingressclass.kubernetes.io/is-default-class: {{ .Values.ingressClass.isDefaultClass | quote }}
|
||||
labels:
|
||||
{{- include "tc.common.labels" . | nindent 4 }}
|
||||
name: {{ .Release.Name }}
|
||||
spec:
|
||||
controller: traefik.io/ingress-controller
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
25
enterprise/traefik/16.0.11/templates/_ingressroute.tpl
Normal file
25
enterprise/traefik/16.0.11/templates/_ingressroute.tpl
Normal file
@@ -0,0 +1,25 @@
|
||||
{{/* Define the ingressRoute */}}
|
||||
{{- define "traefik.ingressRoute" -}}
|
||||
{{ if .Values.ingressRoute.dashboard.enabled }}
|
||||
---
|
||||
apiVersion: traefik.containo.us/v1alpha1
|
||||
kind: IngressRoute
|
||||
metadata:
|
||||
name: {{ include "tc.common.names.fullname" . }}-dashboard
|
||||
annotations:
|
||||
{{- with .Values.ingressRoute.dashboard.annotations }}
|
||||
{{- toYaml . | nindent 4 }}
|
||||
{{- end }}
|
||||
labels:
|
||||
{{- include "tc.common.labels" . | nindent 4 }}
|
||||
spec:
|
||||
entryPoints:
|
||||
- main
|
||||
routes:
|
||||
- match: PathPrefix(`/dashboard`) || PathPrefix(`/api`)
|
||||
kind: Rule
|
||||
services:
|
||||
- name: api@internal
|
||||
kind: TraefikService
|
||||
{{ end }}
|
||||
{{- end -}}
|
||||
26
enterprise/traefik/16.0.11/templates/_portalhook.tpl
Normal file
26
enterprise/traefik/16.0.11/templates/_portalhook.tpl
Normal file
@@ -0,0 +1,26 @@
|
||||
{{/* Define the portalHook */}}
|
||||
{{- define "traefik.portalhook" -}}
|
||||
{{- if .Values.portalhook.enabled }}
|
||||
{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
|
||||
{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
|
||||
{{- $namespace = "default" }}
|
||||
{{- end }}
|
||||
---
|
||||
|
||||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
name: portalhook
|
||||
namespace: {{ $namespace }}
|
||||
data:
|
||||
{{- $ports := dict }}
|
||||
{{- range $.Values.service }}
|
||||
{{- range $name, $value := .ports }}
|
||||
{{- $_ := set $ports $name $value }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- range $name, $value := $ports }}
|
||||
{{ $name }}: {{ $value.port | quote }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end -}}
|
||||
12
enterprise/traefik/16.0.11/templates/_tlsoptions.tpl
Normal file
12
enterprise/traefik/16.0.11/templates/_tlsoptions.tpl
Normal file
@@ -0,0 +1,12 @@
|
||||
{{/* Define the tlsOptions */}}
|
||||
{{- define "traefik.tlsOptions" -}}
|
||||
{{- range $name, $config := .Values.tlsOptions }}
|
||||
---
|
||||
apiVersion: traefik.containo.us/v1alpha1
|
||||
kind: TLSOption
|
||||
metadata:
|
||||
name: {{ $name }}
|
||||
spec:
|
||||
{{- toYaml $config | nindent 2 }}
|
||||
{{- end }}
|
||||
{{- end -}}
|
||||
24
enterprise/traefik/16.0.11/templates/common.yaml
Normal file
24
enterprise/traefik/16.0.11/templates/common.yaml
Normal file
@@ -0,0 +1,24 @@
|
||||
{{/* Make sure all variables are set properly */}}
|
||||
{{- include "tc.common.loader.init" . }}
|
||||
|
||||
{{- if .Values.metrics }}
|
||||
{{- if .Values.metrics.prometheus }}
|
||||
{{- $_ := set .Values.podAnnotations "prometheus.io/scrape" "true" -}}
|
||||
{{- $_ := set .Values.podAnnotations "prometheus.io/path" "/metrics" -}}
|
||||
{{- $_ := set .Values.podAnnotations "prometheus.io/port" "9180" -}}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
|
||||
{{- $newArgs := (include "traefik.args" . | fromYaml) }}
|
||||
{{- $_ := set .Values "newArgs" $newArgs -}}
|
||||
{{- $mergedargs := concat .Values.args .Values.newArgs.args }}
|
||||
{{- $_ := set .Values "args" $mergedargs -}}
|
||||
|
||||
{{- include "traefik.portalhook" . }}
|
||||
{{- include "traefik.tlsOptions" . }}
|
||||
{{- include "traefik.ingressRoute" . }}
|
||||
{{- include "traefik.ingressClass" . }}
|
||||
|
||||
|
||||
{{/* Render the templates */}}
|
||||
{{ include "tc.common.loader.apply" . }}
|
||||
@@ -0,0 +1,17 @@
|
||||
{{- $values := .Values }}
|
||||
{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
|
||||
{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
|
||||
{{- $namespace = "default" }}
|
||||
{{- end }}
|
||||
{{- range $index, $middlewareData := .Values.middlewares.addPrefix }}
|
||||
|
||||
---
|
||||
apiVersion: traefik.containo.us/v1alpha1
|
||||
kind: Middleware
|
||||
metadata:
|
||||
name: {{ $middlewareData.name }}
|
||||
namespace: {{ $namespace }}
|
||||
spec:
|
||||
addPrefix:
|
||||
prefix: {{ $middlewareData.prefix }}
|
||||
{{- end }}
|
||||
@@ -0,0 +1,62 @@
|
||||
{{- $values := .Values }}
|
||||
{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
|
||||
{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
|
||||
{{- $namespace = "default" }}
|
||||
{{- end }}
|
||||
---
|
||||
apiVersion: traefik.containo.us/v1alpha1
|
||||
kind: Middleware
|
||||
metadata:
|
||||
name: compress
|
||||
namespace: {{ $namespace }}
|
||||
spec:
|
||||
compress: {}
|
||||
---
|
||||
# Here, an average of 300 requests per second is allowed.
|
||||
# In addition, a burst of 200 requests is allowed.
|
||||
apiVersion: traefik.containo.us/v1alpha1
|
||||
kind: Middleware
|
||||
metadata:
|
||||
name: basic-ratelimit
|
||||
namespace: {{ $namespace }}
|
||||
spec:
|
||||
rateLimit:
|
||||
average: 600
|
||||
burst: 400
|
||||
---
|
||||
apiVersion: traefik.containo.us/v1alpha1
|
||||
kind: Middleware
|
||||
metadata:
|
||||
name: basic-secure-headers
|
||||
namespace: {{ $namespace }}
|
||||
spec:
|
||||
headers:
|
||||
accessControlAllowMethods:
|
||||
- GET
|
||||
- OPTIONS
|
||||
- HEAD
|
||||
- PUT
|
||||
accessControlMaxAge: 100
|
||||
stsSeconds: 63072000
|
||||
# stsIncludeSubdomains: false
|
||||
# stsPreload: false
|
||||
forceSTSHeader: true
|
||||
contentTypeNosniff: true
|
||||
browserXssFilter: true
|
||||
referrerPolicy: same-origin
|
||||
customRequestHeaders:
|
||||
X-Forwarded-Proto: "https"
|
||||
customResponseHeaders:
|
||||
server: ''
|
||||
---
|
||||
apiVersion: traefik.containo.us/v1alpha1
|
||||
kind: Middleware
|
||||
metadata:
|
||||
name: chain-basic
|
||||
namespace: {{ $namespace }}
|
||||
spec:
|
||||
chain:
|
||||
middlewares:
|
||||
- name: basic-ratelimit
|
||||
- name: basic-secure-headers
|
||||
- name: compress
|
||||
@@ -0,0 +1,34 @@
|
||||
{{- $values := .Values }}
|
||||
{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
|
||||
{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
|
||||
{{- $namespace = "default" }}
|
||||
{{- end }}
|
||||
{{ range $index, $middlewareData := .Values.middlewares.basicAuth }}
|
||||
---
|
||||
{{- $users := list }}
|
||||
{{ range $index, $userdata := $middlewareData.users }}
|
||||
{{ $users = append $users ( htpasswd $userdata.username $userdata.password ) }}
|
||||
{{ end }}
|
||||
|
||||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: {{printf "%v-%v" $middlewareData.name "secret" }}
|
||||
namespace: {{ $namespace }}
|
||||
type: Opaque
|
||||
stringData:
|
||||
users: |
|
||||
{{- range $index, $user := $users }}
|
||||
{{ printf "%s" $user }}
|
||||
{{- end }}
|
||||
---
|
||||
# Declaring the user list
|
||||
apiVersion: traefik.containo.us/v1alpha1
|
||||
kind: Middleware
|
||||
metadata:
|
||||
name: {{ $middlewareData.name }}
|
||||
namespace: {{ $namespace }}
|
||||
spec:
|
||||
basicAuth:
|
||||
secret: {{printf "%v-%v" $middlewareData.name "secret" }}
|
||||
{{ end }}
|
||||
21
enterprise/traefik/16.0.11/templates/middlewares/chain.yaml
Normal file
21
enterprise/traefik/16.0.11/templates/middlewares/chain.yaml
Normal file
@@ -0,0 +1,21 @@
|
||||
{{- $values := .Values }}
|
||||
{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
|
||||
{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
|
||||
{{- $namespace = "default" }}
|
||||
{{- end }}
|
||||
{{ range $index, $middlewareData := .Values.middlewares.chain }}
|
||||
|
||||
---
|
||||
# Declaring the user list
|
||||
apiVersion: traefik.containo.us/v1alpha1
|
||||
kind: Middleware
|
||||
metadata:
|
||||
name: {{ $middlewareData.name }}
|
||||
namespace: {{ $namespace }}
|
||||
spec:
|
||||
chain:
|
||||
middlewares:
|
||||
{{ range $index, $middleware := .middlewares }}
|
||||
- name: {{ printf "%v-%v@%v" $namespace $middleware "kubernetescrd" }}
|
||||
{{ end }}
|
||||
{{ end }}
|
||||
@@ -0,0 +1,34 @@
|
||||
{{- $values := .Values }}
|
||||
{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
|
||||
{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
|
||||
{{- $namespace = "default" }}
|
||||
{{- end }}
|
||||
{{ range $index, $middlewareData := .Values.middlewares.forwardAuth }}
|
||||
---
|
||||
apiVersion: traefik.containo.us/v1alpha1
|
||||
kind: Middleware
|
||||
metadata:
|
||||
name: {{ $middlewareData.name }}
|
||||
namespace: {{ $namespace }}
|
||||
spec:
|
||||
forwardAuth:
|
||||
address: {{ $middlewareData.address }}
|
||||
{{- with $middlewareData.authResponseHeaders }}
|
||||
authResponseHeaders:
|
||||
{{- toYaml . | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- with $middlewareData.authRequestHeaders }}
|
||||
authRequestHeaders:
|
||||
{{- toYaml . | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- if $middlewareData.authResponseHeadersRegex }}
|
||||
authResponseHeadersRegex: {{ $middlewareData.authResponseHeadersRegex }}
|
||||
{{- end }}
|
||||
{{- if $middlewareData.trustForwardHeader }}
|
||||
trustForwardHeader: true
|
||||
{{- end }}
|
||||
{{- with $middlewareData.tls }}
|
||||
tls:
|
||||
insecureSkipVerify: {{ .insecureSkipVerify | default false }}
|
||||
{{- end }}
|
||||
{{ end }}
|
||||
@@ -0,0 +1,34 @@
|
||||
{{- $values := .Values }}
|
||||
{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
|
||||
{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
|
||||
{{- $namespace = "default" }}
|
||||
{{- end }}
|
||||
{{- range $index, $middlewareData := .Values.middlewares.geoBlock }}
|
||||
|
||||
---
|
||||
apiVersion: traefik.containo.us/v1alpha1
|
||||
kind: Middleware
|
||||
metadata:
|
||||
name: {{ $middlewareData.name }}
|
||||
namespace: {{ $namespace }}
|
||||
spec:
|
||||
plugin:
|
||||
GeoBlock:
|
||||
allowLocalRequests: {{ $middlewareData.allowLocalRequests }}
|
||||
logLocalRequests: {{ $middlewareData.logLocalRequests }}
|
||||
logAllowedRequests: {{ $middlewareData.logAllowedRequests }}
|
||||
logApiRequests: {{ $middlewareData.logApiRequests }}
|
||||
api: {{ $middlewareData.api }}
|
||||
apiTimeoutMs: {{ $middlewareData.apiTimeoutMs }}
|
||||
cacheSize: {{ $middlewareData.cacheSize }}
|
||||
forceMonthlyUpdate: {{ $middlewareData.forceMonthlyUpdate }}
|
||||
allowUnknownCountries: {{ $middlewareData.allowUnknownCountries }}
|
||||
unknownCountryApiResponse: {{ $middlewareData.unknownCountryApiResponse }}
|
||||
{{- if not $middlewareData.countries }}
|
||||
{{- fail "You have to define at least one country..." }}
|
||||
{{- end }}
|
||||
countries:
|
||||
{{- range $middlewareData.countries }}
|
||||
- {{ . }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
@@ -0,0 +1,33 @@
|
||||
{{- $values := .Values }}
|
||||
{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
|
||||
{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
|
||||
{{- $namespace = "default" }}
|
||||
{{- end }}
|
||||
{{ range $index, $middlewareData := .Values.middlewares.ipWhiteList }}
|
||||
|
||||
---
|
||||
# Declaring the user list
|
||||
apiVersion: traefik.containo.us/v1alpha1
|
||||
kind: Middleware
|
||||
metadata:
|
||||
name: {{ $middlewareData.name }}
|
||||
namespace: {{ $namespace }}
|
||||
spec:
|
||||
ipWhiteList:
|
||||
sourceRange:
|
||||
{{- range $middlewareData.sourceRange }}
|
||||
- {{ . }}
|
||||
{{- end }}
|
||||
{{- if $middlewareData.ipStrategy }}
|
||||
ipStrategy:
|
||||
{{- if $middlewareData.ipStrategy.depth }}
|
||||
depth: {{ $middlewareData.ipStrategy.depth }}
|
||||
{{- end }}
|
||||
{{- if $middlewareData.ipStrategy.excludedIPs }}
|
||||
excludedIPs:
|
||||
{{- range $middlewareData.ipStrategy.excludedIPs }}
|
||||
- {{ . }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{ end }}
|
||||
@@ -0,0 +1,19 @@
|
||||
{{- $values := .Values }}
|
||||
{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
|
||||
{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
|
||||
{{- $namespace = "default" }}
|
||||
{{- end }}
|
||||
{{ range $index, $middlewareData := .Values.middlewares.rateLimit }}
|
||||
|
||||
---
|
||||
# Declaring the user list
|
||||
apiVersion: traefik.containo.us/v1alpha1
|
||||
kind: Middleware
|
||||
metadata:
|
||||
name: {{ $middlewareData.name }}
|
||||
namespace: {{ $namespace }}
|
||||
spec:
|
||||
rateLimit:
|
||||
average: {{ $middlewareData.average }}
|
||||
burst: {{ $middlewareData.burst }}
|
||||
{{ end }}
|
||||
@@ -0,0 +1,21 @@
|
||||
{{- $values := .Values }}
|
||||
{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
|
||||
{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
|
||||
{{- $namespace = "default" }}
|
||||
{{- end }}
|
||||
{{- range $index, $middlewareData := .Values.middlewares.realIP }}
|
||||
|
||||
---
|
||||
apiVersion: traefik.containo.us/v1alpha1
|
||||
kind: Middleware
|
||||
metadata:
|
||||
name: {{ $middlewareData.name }}
|
||||
namespace: {{ $namespace }}
|
||||
spec:
|
||||
plugin:
|
||||
traefik-real-ip:
|
||||
excludednets:
|
||||
{{- range $middlewareData.excludedNetworks }}
|
||||
- {{ . | quote }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
@@ -0,0 +1,19 @@
|
||||
{{- $values := .Values }}
|
||||
{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
|
||||
{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
|
||||
{{- $namespace = "default" }}
|
||||
{{- end }}
|
||||
{{ range $index, $middlewareData := .Values.middlewares.redirectScheme }}
|
||||
|
||||
---
|
||||
# Declaring the user list
|
||||
apiVersion: traefik.containo.us/v1alpha1
|
||||
kind: Middleware
|
||||
metadata:
|
||||
name: {{ $middlewareData.name }}
|
||||
namespace: {{ $namespace }}
|
||||
spec:
|
||||
redirectScheme:
|
||||
scheme: {{ $middlewareData.scheme }}
|
||||
permanent: {{ $middlewareData.permanent }}
|
||||
{{ end }}
|
||||
@@ -0,0 +1,20 @@
|
||||
{{- $values := .Values }}
|
||||
{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
|
||||
{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
|
||||
{{- $namespace = "default" }}
|
||||
{{- end }}
|
||||
{{ range $index, $middlewareData := .Values.middlewares.redirectRegex }}
|
||||
|
||||
---
|
||||
# Declaring the user list
|
||||
apiVersion: traefik.containo.us/v1alpha1
|
||||
kind: Middleware
|
||||
metadata:
|
||||
name: {{ $middlewareData.name }}
|
||||
namespace: {{ $namespace }}
|
||||
spec:
|
||||
redirectRegex:
|
||||
regex: {{ $middlewareData.regex | quote }}
|
||||
replacement: {{ $middlewareData.replacement | quote }}
|
||||
permanent: {{ $middlewareData.permanent }}
|
||||
{{ end }}
|
||||
@@ -0,0 +1,20 @@
|
||||
{{- $values := .Values }}
|
||||
{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
|
||||
{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
|
||||
{{- $namespace = "default" }}
|
||||
{{- end }}
|
||||
|
||||
{{ range $index, $middlewareData := .Values.middlewares.stripPrefixRegex }}
|
||||
---
|
||||
apiVersion: traefik.containo.us/v1alpha1
|
||||
kind: Middleware
|
||||
metadata:
|
||||
name: {{ $middlewareData.name }}
|
||||
namespace: {{ $namespace }}
|
||||
spec:
|
||||
stripPrefixRegex:
|
||||
regex:
|
||||
{{- range $middlewareData.regex }}
|
||||
- {{ . | quote }}
|
||||
{{- end }}
|
||||
{{ end }}
|
||||
@@ -0,0 +1,29 @@
|
||||
{{- $values := .Values }}
|
||||
{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
|
||||
{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
|
||||
{{- $namespace = "default" }}
|
||||
{{- end }}
|
||||
---
|
||||
apiVersion: traefik.containo.us/v1alpha1
|
||||
kind: Middleware
|
||||
metadata:
|
||||
name: tc-opencors-chain
|
||||
namespace: {{ $namespace }}
|
||||
spec:
|
||||
chain:
|
||||
middlewares:
|
||||
- name: basic-ratelimit
|
||||
- name: tc-opencors-headers
|
||||
- name: compress
|
||||
---
|
||||
apiVersion: traefik.containo.us/v1alpha1
|
||||
kind: Middleware
|
||||
metadata:
|
||||
name: tc-closedcors-chain
|
||||
namespace: {{ $namespace }}
|
||||
spec:
|
||||
chain:
|
||||
middlewares:
|
||||
- name: basic-ratelimit
|
||||
- name: tc-closedcors-headers
|
||||
- name: compress
|
||||
@@ -0,0 +1,62 @@
|
||||
{{- $values := .Values }}
|
||||
{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
|
||||
{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
|
||||
{{- $namespace = "default" }}
|
||||
{{- end }}
|
||||
---
|
||||
apiVersion: traefik.containo.us/v1alpha1
|
||||
kind: Middleware
|
||||
metadata:
|
||||
name: tc-opencors-headers
|
||||
namespace: {{ $namespace }}
|
||||
spec:
|
||||
headers:
|
||||
accessControlAllowHeaders:
|
||||
- '*'
|
||||
accessControlAllowMethods:
|
||||
- GET
|
||||
- OPTIONS
|
||||
- HEAD
|
||||
- PUT
|
||||
- POST
|
||||
accessControlAllowOriginList:
|
||||
- '*'
|
||||
accessControlMaxAge: 100
|
||||
browserXssFilter: true
|
||||
contentTypeNosniff: true
|
||||
customRequestHeaders:
|
||||
X-Forwarded-Proto: https
|
||||
customResponseHeaders:
|
||||
server: ""
|
||||
forceSTSHeader: true
|
||||
referrerPolicy: same-origin
|
||||
sslForceHost: true
|
||||
sslRedirect: true
|
||||
stsSeconds: 63072000
|
||||
---
|
||||
apiVersion: traefik.containo.us/v1alpha1
|
||||
kind: Middleware
|
||||
metadata:
|
||||
name: tc-closedcors-headers
|
||||
namespace: {{ $namespace }}
|
||||
spec:
|
||||
headers:
|
||||
accessControlAllowMethods:
|
||||
- GET
|
||||
- OPTIONS
|
||||
- HEAD
|
||||
- PUT
|
||||
accessControlMaxAge: 100
|
||||
sslRedirect: true
|
||||
stsSeconds: 63072000
|
||||
# stsIncludeSubdomains: false
|
||||
# stsPreload: false
|
||||
forceSTSHeader: true
|
||||
contentTypeNosniff: true
|
||||
browserXssFilter: true
|
||||
sslForceHost: true
|
||||
referrerPolicy: same-origin
|
||||
customRequestHeaders:
|
||||
X-Forwarded-Proto: "https"
|
||||
customResponseHeaders:
|
||||
server: ''
|
||||
@@ -0,0 +1,25 @@
|
||||
{{- $values := .Values }}
|
||||
{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
|
||||
{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
|
||||
{{- $namespace = "default" }}
|
||||
{{- end }}
|
||||
---
|
||||
apiVersion: traefik.containo.us/v1alpha1
|
||||
kind: Middleware
|
||||
metadata:
|
||||
name: tc-nextcloud-redirectregex-dav
|
||||
namespace: {{ $namespace }}
|
||||
spec:
|
||||
redirectRegex:
|
||||
regex: "https://(.*)/.well-known/(card|cal)dav"
|
||||
replacement: "https://${1}/remote.php/dav/"
|
||||
---
|
||||
apiVersion: traefik.containo.us/v1alpha1
|
||||
kind: Middleware
|
||||
metadata:
|
||||
name: tc-nextcloud-chain
|
||||
namespace: {{ $namespace }}
|
||||
spec:
|
||||
chain:
|
||||
middlewares:
|
||||
- name: tc-nextcloud-redirectregex-dav
|
||||
@@ -0,0 +1,26 @@
|
||||
{{- $values := .Values }}
|
||||
{{- $namespace := ( printf "ix-%s" .Release.Name ) }}
|
||||
{{- if or ( not .Values.ingressClass.enabled ) ( and ( .Values.ingressClass.enabled ) ( .Values.ingressClass.isDefaultClass ) ) }}
|
||||
{{- $namespace = "default" }}
|
||||
{{- end }}
|
||||
{{- range $index, $middlewareData := .Values.middlewares.themePark }}
|
||||
|
||||
---
|
||||
apiVersion: traefik.containo.us/v1alpha1
|
||||
kind: Middleware
|
||||
metadata:
|
||||
name: {{ $middlewareData.name }}
|
||||
namespace: {{ $namespace }}
|
||||
spec:
|
||||
plugin:
|
||||
traefik-themepark:
|
||||
app: {{ $middlewareData.appName }}
|
||||
theme: {{ $middlewareData.themeName }}
|
||||
baseUrl: {{ $middlewareData.baseUrl }}
|
||||
{{- if $middlewareData.addons }}
|
||||
addons:
|
||||
{{- range $middlewareData.addons }}
|
||||
- {{ . | quote }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
0
enterprise/traefik/16.0.11/values.yaml
Normal file
0
enterprise/traefik/16.0.11/values.yaml
Normal file
4
enterprise/traefik/item.yaml
Normal file
4
enterprise/traefik/item.yaml
Normal file
@@ -0,0 +1,4 @@
|
||||
icon_url: https://truecharts.org/img/hotlink-ok/chart-icons/traefik.png
|
||||
categories:
|
||||
- network
|
||||
|
||||
Reference in New Issue
Block a user