diff options
author | Pramod <pramod.raghavendra.jayathirth@intel.com> | 2019-07-31 14:11:31 -0700 |
---|---|---|
committer | Marco Platania <platania@research.att.com> | 2019-08-06 13:46:52 +0000 |
commit | 5c2e32383495486611c1a8976fc937129414933d (patch) | |
tree | 63e66a50d98211f4162c9fe95e0dcf67eaddb2fd /vnfs | |
parent | c453b17f1d0144ca0e084da00f2e55de5e922d31 (diff) |
Helm charts for Metallb
Metallb is a loadbalancer for Kubernetes
Issue-ID: MULTICLOUD-747
Signed-off-by: Pramod <pramod.raghavendra.jayathirth@intel.com>
Change-Id: If5501da743ad37c6e343a0f460f0674d1554704c
Diffstat (limited to 'vnfs')
12 files changed, 704 insertions, 0 deletions
diff --git a/vnfs/DAaaS/deploy/00-init/metallb/.helmignore b/vnfs/DAaaS/deploy/00-init/metallb/.helmignore new file mode 100644 index 00000000..f0c13194 --- /dev/null +++ b/vnfs/DAaaS/deploy/00-init/metallb/.helmignore @@ -0,0 +1,21 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj diff --git a/vnfs/DAaaS/deploy/00-init/metallb/Chart.yaml b/vnfs/DAaaS/deploy/00-init/metallb/Chart.yaml new file mode 100644 index 00000000..5b627411 --- /dev/null +++ b/vnfs/DAaaS/deploy/00-init/metallb/Chart.yaml @@ -0,0 +1,22 @@ +#/*Copyright 2019 Intel Corporation, Inc +# * +# * Licensed under the Apache License, Version 2.0 (the "License"); +# * you may not use this file except in compliance with the License. +# * You may obtain a copy of the License at +# * +# * http://www.apache.org/licenses/LICENSE-2.0 +# * +# * Unless required by applicable law or agreed to in writing, software +# * distributed under the License is distributed on an "AS IS" BASIS, +# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# * See the License for the specific language governing permissions and +# * limitations under the License. +# */ +version: 0.10.0 + +name: metallb +appVersion: 0.8.1 +description: MetalLB is a load-balancer implementation for bare metal Kubernetes clusters +keywords: ["load-balancer", "balancer", "lb", "bgp", "arp", "vrrp", "vip"] +home: https://metallb.universe.tf +icon: https://metallb.universe.tf/images/logo.png diff --git a/vnfs/DAaaS/deploy/00-init/metallb/README.md b/vnfs/DAaaS/deploy/00-init/metallb/README.md new file mode 100644 index 00000000..1edd5c11 --- /dev/null +++ b/vnfs/DAaaS/deploy/00-init/metallb/README.md @@ -0,0 +1,127 @@ +/* + * Copyright 2019 Intel Corporation, Inc + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + + +NOTE - A configMap of available IPs is to applied in order for services to +get external IP address assigned.Please Update values.yaml before deploying + +Prerequisites +------------- + +- Kubernetes 1.9+ + +Installing the Chart +-------------------- + +The chart can be installed as follows: + +```console +$ helm install --name metallb metallb +``` + +The command deploys MetalLB on the Kubernetes cluster. This chart does +not provide a default configuration; MetalLB will not act on your +Kubernetes Services until you provide +one. The [configuration](#configuration) section lists various ways to +provide this configuration. + +Uninstalling the Chart +---------------------- + +To uninstall/delete the `metallb` deployment: + +```console +$ helm delete metallb +``` + +The command removes all the Kubernetes components associated with the +chart, but will not remove the release metadata from `helm` — this will prevent +you, for example, if you later try to create a release also named `metallb`). To +fully delete the release and release history, simply [include the `--purge` +flag][helm-usage]: + +```console +$ helm delete --purge metallb +``` + +Configuration +------------- + +See `values.yaml` for configuration notes. Specify each parameter +using the `--set key=value[,key=value]` argument to `helm +install`. For example, + +```console +$ helm install --name metallb \ + --set rbac.create=false \ + stable/metallb +``` + +The above command disables the use of RBAC rules. + +Alternatively, a YAML file that specifies the values for the above +parameters can be provided while installing the chart. For example, + +```console +$ helm install --name metallb -f values.yaml metallb +``` + +By default, this chart does not install a configuration for MetalLB, and simply +warns you that you must follow [the configuration instructions on MetalLB's +website][metallb-config] to create an appropriate ConfigMap. + +**Please note:** By default, this chart expects a ConfigMap named +'metallb-config' within the same namespace as the chart is +deployed. _This is different than the MetalLB documentation_, which +asks you to create a ConfigMap in the `metallb-system` namespace, with +the name of 'config'. + +For simple setups that only use MetalLB's [ARP mode][metallb-arpndp-concepts], +you can specify a single IP range using the `arpAddresses` parameter to have the +chart install a working configuration for you: + +```console +$ helm install --name metallb \ + --set arpAddresses=192.168.16.240/30 \ + stable/metallb +``` + +If you have a more complex configuration and want Helm to manage it for you, you +can provide it in the `config` parameter. The configuration format is +[documented on MetalLB's website][metallb-config]. + +```console +$ cat values.yaml +configInline: + peers: + - peer-address: 10.0.0.1 + peer-asn: 64512 + my-asn: 64512 + address-pools: + - name: default + protocol: bgp + addresses: + - 198.51.100.0/24 + +$ helm install --name metallb -f values.yaml metallb +``` + +[helm-home]: https://helm.sh +[helm-usage]: https://docs.helm.sh/using_helm/ +[k8s-home]: https://kubernetes.io +[metallb-arpndp-concepts]: https://metallb.universe.tf/concepts/arp-ndp/ +[metallb-config]: https://metallb.universe.tf/configuration/ +[metallb-home]: https://metallb.universe.tf diff --git a/vnfs/DAaaS/deploy/00-init/metallb/templates/NOTES.txt b/vnfs/DAaaS/deploy/00-init/metallb/templates/NOTES.txt new file mode 100644 index 00000000..64df7a0d --- /dev/null +++ b/vnfs/DAaaS/deploy/00-init/metallb/templates/NOTES.txt @@ -0,0 +1,29 @@ + +#/* +# * Copyright 2019 Intel Corporation, Inc +# * +# * Licensed under the Apache License, Version 2.0 (the "License"); +# * you may not use this file except in compliance with the License. +# * You may obtain a copy of the License at +# * +# * http://www.apache.org/licenses/LICENSE-2.0 +# * +# * Unless required by applicable law or agreed to in writing, software +# * distributed under the License is distributed on an "AS IS" BASIS, +# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# * See the License for the specific language governing permissions and +# * limitations under the License. +# */ + +A config map is to applied with available IPs that MetalLB can use to +Assign to service with type:LoadBalancer +MetalLB is now running in the cluster. +{{- if .Values.configInline }} +LoadBalancer Services in your cluster are now available on the IPs you +defined in MetalLB's configuration. To see IP assignments, +try `kubectl get services`. +{{- else }} +WARNING: you specified a ConfigMap that isn't managed by +Helm. LoadBalancer services will not function until you add that +ConfigMap to your cluster yourself. +{{- end }} diff --git a/vnfs/DAaaS/deploy/00-init/metallb/templates/_helpers.tpl b/vnfs/DAaaS/deploy/00-init/metallb/templates/_helpers.tpl new file mode 100644 index 00000000..5e59e6cd --- /dev/null +++ b/vnfs/DAaaS/deploy/00-init/metallb/templates/_helpers.tpl @@ -0,0 +1,80 @@ +#/* +# * Copyright 2019 Intel Corporation, Inc +# * +# * Licensed under the Apache License, Version 2.0 (the "License"); +# * you may not use this file except in compliance with the License. +# * You may obtain a copy of the License at +# * +# * http://www.apache.org/licenses/LICENSE-2.0 +# * +# * Unless required by applicable law or agreed to in writing, software +# * distributed under the License is distributed on an "AS IS" BASIS, +# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# * See the License for the specific language governing permissions and +# * limitations under the License. +# */ + + +Expand the name of the chart. +*/}} +{{- define "metallb.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "metallb.fullname" -}} +{{- if .Values.fullnameOverride -}} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- $name := default .Chart.Name .Values.nameOverride -}} +{{- if contains $name .Release.Name -}} +{{- .Release.Name | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} +{{- end -}} +{{- end -}} +{{- end -}} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "metallb.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Create the name of the controller service account to use +*/}} +{{- define "metallb.controllerServiceAccountName" -}} +{{- if .Values.serviceAccounts.controller.create -}} + {{ default (printf "%s-controller" (include "metallb.fullname" .)) .Values.serviceAccounts.controller.name }} +{{- else -}} + {{ default "default" .Values.serviceAccounts.controller.name }} +{{- end -}} +{{- end -}} + +{{/* +Create the name of the speaker service account to use +*/}} +{{- define "metallb.speakerServiceAccountName" -}} +{{- if .Values.serviceAccounts.speaker.create -}} + {{ default (printf "%s-speaker" (include "metallb.fullname" .)) .Values.serviceAccounts.speaker.name }} +{{- else -}} + {{ default "default" .Values.serviceAccounts.speaker.name }} +{{- end -}} +{{- end -}} + +{{/* +Create the name of the settings ConfigMap to use. +*/}} +{{- define "metallb.configMapName" -}} +{{- if .Values.config -}} + {{ include "metallb.fullname" . }} +{{- else -}} + {{ .Values.existingConfigMap }} +{{- end -}} +{{- end -}} diff --git a/vnfs/DAaaS/deploy/00-init/metallb/templates/config.yaml b/vnfs/DAaaS/deploy/00-init/metallb/templates/config.yaml new file mode 100644 index 00000000..da27eb38 --- /dev/null +++ b/vnfs/DAaaS/deploy/00-init/metallb/templates/config.yaml @@ -0,0 +1,9 @@ +{{- if .Values.config }} +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ template "metallb.fullname" . }} +data: + config: | +{{ toYaml .Values.config | indent 4 }} +{{- end }} diff --git a/vnfs/DAaaS/deploy/00-init/metallb/templates/controller.yaml b/vnfs/DAaaS/deploy/00-init/metallb/templates/controller.yaml new file mode 100644 index 00000000..f993ca32 --- /dev/null +++ b/vnfs/DAaaS/deploy/00-init/metallb/templates/controller.yaml @@ -0,0 +1,67 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ template "metallb.fullname" . }}-controller + labels: + heritage: {{ .Release.Service | quote }} + release: {{ .Release.Name | quote }} + chart: {{ template "metallb.chart" . }} + app: {{ template "metallb.name" . }} + component: controller +spec: + revisionHistoryLimit: 3 + selector: + matchLabels: + app: {{ template "metallb.name" . }} + component: controller + release: {{ .Release.Name | quote }} + template: + metadata: + labels: + heritage: {{ .Release.Service | quote }} + release: {{ .Release.Name | quote }} + chart: {{ template "metallb.chart" . }} + app: {{ template "metallb.name" . }} + component: controller +{{- if .Values.prometheus.scrapeAnnotations }} + annotations: + prometheus.io/scrape: "true" + prometheus.io/port: "7472" +{{- end }} + spec: + serviceAccountName: {{ template "metallb.controllerServiceAccountName" . }} + terminationGracePeriodSeconds: 0 + securityContext: + runAsNonRoot: true + runAsUser: 65534 # nobody + nodeSelector: + "beta.kubernetes.io/os": linux + {{- with .Values.controller.nodeSelector }} +{{ toYaml . | indent 8 }} + {{- end }} + {{- with .Values.controller.tolerations }} + tolerations: +{{ toYaml . | indent 8 }} + {{- end }} + {{- with .Values.controller.affinity }} + affinity: +{{ toYaml . | indent 8 }} + {{- end }} + containers: + - name: controller + image: {{ .Values.controller.image.repository }}:{{ .Values.controller.image.tag }} + imagePullPolicy: {{ .Values.controller.image.pullPolicy }} + args: + - --port=7472 + - --config={{ template "metallb.configMapName" . }} + ports: + - name: monitoring + containerPort: 7472 + resources: +{{ toYaml .Values.controller.resources | indent 10 }} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - all + readOnlyRootFilesystem: true diff --git a/vnfs/DAaaS/deploy/00-init/metallb/templates/psp.yaml b/vnfs/DAaaS/deploy/00-init/metallb/templates/psp.yaml new file mode 100644 index 00000000..891aeb60 --- /dev/null +++ b/vnfs/DAaaS/deploy/00-init/metallb/templates/psp.yaml @@ -0,0 +1,33 @@ +{{- if .Values.psp.create -}} + +apiVersion: policy/v1beta1 +kind: PodSecurityPolicy +metadata: + name: {{ template "metallb.fullname" . }}-speaker + labels: + heritage: {{ .Release.Service | quote }} + release: {{ .Release.Name | quote }} + chart: {{ template "metallb.chart" . }} + app: {{ template "metallb.name" . }} +spec: + hostNetwork: true + hostPorts: + - min: 7472 + max: 7472 + privileged: true + allowPrivilegeEscalation: false + allowedCapabilities: + - 'NET_ADMIN' + - 'NET_RAW' + - 'SYS_ADMIN' + volumes: + - '*' + fsGroup: + rule: RunAsAny + runAsUser: + rule: RunAsAny + seLinux: + rule: RunAsAny + supplementalGroups: + rule: RunAsAny +{{- end -}} diff --git a/vnfs/DAaaS/deploy/00-init/metallb/templates/rbac.yaml b/vnfs/DAaaS/deploy/00-init/metallb/templates/rbac.yaml new file mode 100644 index 00000000..658df7e6 --- /dev/null +++ b/vnfs/DAaaS/deploy/00-init/metallb/templates/rbac.yaml @@ -0,0 +1,117 @@ +{{- if .Values.rbac.create -}} + +# Roles +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: {{ template "metallb.fullname" . }}:controller + labels: + heritage: {{ .Release.Service | quote }} + release: {{ .Release.Name | quote }} + chart: {{ template "metallb.chart" . }} + app: {{ template "metallb.name" . }} +rules: +- apiGroups: [""] + resources: ["services"] + verbs: ["get", "list", "watch", "update"] +- apiGroups: [""] + resources: ["services/status"] + verbs: ["update"] +- apiGroups: [""] + resources: ["events"] + verbs: ["create", "patch"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: {{ template "metallb.fullname" . }}:speaker + labels: + heritage: {{ .Release.Service | quote }} + release: {{ .Release.Name | quote }} + chart: {{ template "metallb.chart" . }} + app: {{ template "metallb.name" . }} +rules: +- apiGroups: [""] + resources: ["services", "endpoints", "nodes"] + verbs: ["get", "list", "watch"] +- apiGroups: [""] + resources: ["events"] + verbs: ["create", "patch"] +{{- if .Values.psp.create }} +- apiGroups: ["extensions"] + resources: ["podsecuritypolicies"] + resourceNames: [{{ printf "%s-speaker" (include "metallb.fullname" .) | quote}}] + verbs: ["use"] +{{- end }} +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: {{ template "metallb.fullname" . }}-config-watcher + labels: + heritage: {{ .Release.Service | quote }} + release: {{ .Release.Name | quote }} + chart: {{ template "metallb.chart" . }} + app: {{ template "metallb.name" . }} +rules: +- apiGroups: [""] + resources: ["configmaps"] + verbs: ["get", "list", "watch"] +--- + +## Role bindings +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: {{ template "metallb.fullname" . }}:controller + labels: + heritage: {{ .Release.Service | quote }} + release: {{ .Release.Name | quote }} + chart: {{ template "metallb.chart" . }} + app: {{ template "metallb.name" . }} +subjects: +- kind: ServiceAccount + name: {{ template "metallb.controllerServiceAccountName" . }} + namespace: {{ .Release.Namespace }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: {{ template "metallb.fullname" . }}:controller +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: {{ template "metallb.fullname" . }}:speaker + labels: + heritage: {{ .Release.Service | quote }} + release: {{ .Release.Name | quote }} + chart: {{ template "metallb.chart" . }} + app: {{ template "metallb.name" . }} +subjects: +- kind: ServiceAccount + name: {{ template "metallb.speakerServiceAccountName" . }} + namespace: {{ .Release.Namespace }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: {{ template "metallb.fullname" . }}:speaker +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: {{ template "metallb.fullname" . }}-config-watcher + labels: + heritage: {{ .Release.Service | quote }} + release: {{ .Release.Name | quote }} + chart: {{ template "metallb.chart" . }} + app: {{ template "metallb.name" . }} +subjects: +- kind: ServiceAccount + name: {{ template "metallb.controllerServiceAccountName" . }} +- kind: ServiceAccount + name: {{ template "metallb.speakerServiceAccountName" . }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: {{ template "metallb.fullname" . }}-config-watcher +{{- end -}} diff --git a/vnfs/DAaaS/deploy/00-init/metallb/templates/service-accounts.yaml b/vnfs/DAaaS/deploy/00-init/metallb/templates/service-accounts.yaml new file mode 100644 index 00000000..5b87a652 --- /dev/null +++ b/vnfs/DAaaS/deploy/00-init/metallb/templates/service-accounts.yaml @@ -0,0 +1,23 @@ +{{- if .Values.serviceAccounts.controller.create }} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ template "metallb.controllerServiceAccountName" . }} + labels: + heritage: {{ .Release.Service | quote }} + release: {{ .Release.Name | quote }} + chart: {{ template "metallb.chart" . }} + app: {{ template "metallb.name" . }} +{{- end }} +--- +{{- if .Values.serviceAccounts.speaker.create }} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ template "metallb.speakerServiceAccountName" . }} + labels: + heritage: {{ .Release.Service | quote }} + release: {{ .Release.Name | quote }} + chart: {{ template "metallb.chart" . }} + app: {{ template "metallb.name" . }} +{{- end }} diff --git a/vnfs/DAaaS/deploy/00-init/metallb/templates/speaker.yaml b/vnfs/DAaaS/deploy/00-init/metallb/templates/speaker.yaml new file mode 100644 index 00000000..53e2c675 --- /dev/null +++ b/vnfs/DAaaS/deploy/00-init/metallb/templates/speaker.yaml @@ -0,0 +1,80 @@ +apiVersion: apps/v1 +kind: DaemonSet +metadata: + name: {{ template "metallb.fullname" . }}-speaker + labels: + heritage: {{ .Release.Service | quote }} + release: {{ .Release.Name | quote }} + chart: {{ template "metallb.chart" . }} + app: {{ template "metallb.name" . }} + component: speaker +spec: + selector: + matchLabels: + app: {{ template "metallb.name" . }} + component: speaker + release: {{ .Release.Name | quote }} + template: + metadata: + labels: + heritage: {{ .Release.Service | quote }} + release: {{ .Release.Name | quote }} + chart: {{ template "metallb.chart" . }} + app: {{ template "metallb.name" . }} + component: speaker +{{- if .Values.prometheus.scrapeAnnotations }} + annotations: + prometheus.io/scrape: "true" + prometheus.io/port: "7472" +{{- end }} + spec: + tolerations: + - key: node-role.kubernetes.io/master + effect: NoSchedule + serviceAccountName: {{ template "metallb.speakerServiceAccountName" . }} + terminationGracePeriodSeconds: 0 + hostNetwork: true + containers: + - name: speaker + image: {{ .Values.speaker.image.repository }}:{{ .Values.speaker.image.tag }} + imagePullPolicy: {{ .Values.speaker.image.pullPolicy }} + args: + - --port=7472 + - --config={{ template "metallb.configMapName" . }} + env: + - name: METALLB_NODE_NAME + valueFrom: + fieldRef: + fieldPath: spec.nodeName + - name: METALLB_HOST + valueFrom: + fieldRef: + fieldPath: status.hostIP + ports: + - name: monitoring + containerPort: 7472 + resources: +{{ toYaml .Values.speaker.resources | indent 10 }} + securityContext: + allowPrivilegeEscalation: false + readOnlyRootFilesystem: true + capabilities: + drop: + - ALL + add: + - NET_ADMIN + - NET_RAW + - SYS_ADMIN + nodeSelector: + "beta.kubernetes.io/os": linux + {{- with .Values.speaker.nodeSelector }} +{{ toYaml . | indent 8 }} + {{- end }} + {{- with .Values.speaker.tolerations }} + tolerations: +{{ toYaml . | indent 8 }} + {{- end }} + {{- with .Values.speaker.affinity }} + affinity: +{{ toYaml . | indent 8 }} + {{- end }} diff --git a/vnfs/DAaaS/deploy/00-init/metallb/values.yaml b/vnfs/DAaaS/deploy/00-init/metallb/values.yaml new file mode 100644 index 00000000..e03a0b76 --- /dev/null +++ b/vnfs/DAaaS/deploy/00-init/metallb/values.yaml @@ -0,0 +1,96 @@ +#/*Copyright 2019 Intel Corporation, Inc +# * +# * Licensed under the Apache License, Version 2.0 (the "License"); +# * you may not use this file except in compliance with the License. +# * You may obtain a copy of the License at +# * +# * http://www.apache.org/licenses/LICENSE-2.0 +# * +# * Unless required by applicable law or agreed to in writing, software +# * distributed under the License is distributed on an "AS IS" BASIS, +# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# * See the License for the specific language governing permissions and +# * limitations under the License. +# */ + +# existingConfigMap specifies the name of an externally-defined +# ConfigMap to use as the configuration. Helm will not manage the +# contents of this ConfigMap, it is your responsibility to create it. +existingConfigMap: metallb-config + +# configInline specifies MetalLB's configuration directly, in yaml +# format. When configInline is used, Helm manages MetalLB's +# configuration ConfigMap as part of the release, and +# existingConfigMap is ignored. +# +# Refer to https://metallb.universe.tf/configuration/ for +# available options. +config: + address-pools: + - name: default + protocol: layer2 + addresses: + - <IP Address/IP Address Pool> + +rbac: + # create specifies whether to install and use RBAC rules. + create: true + +psp: + # create specifies whether to install and use Pod Security Policies. + create: true + +prometheus: + # scrape annotations specifies whether to add Prometheus metric + # auto-collection annotations to pods. See + # https://github.com/prometheus/prometheus/blob/release-2.1/documentation/examples/prometheus-kubernetes.yml + # for a corresponding Prometheus configuration. Alternatively, you + # may want to use the Prometheus Operator + # (https://github.com/coreos/prometheus-operator) for more powerful + # monitoring configuration. If you use the Prometheus operator, this + # can be left at false. + scrapeAnnotations: false + +serviceAccounts: + controller: + # Specifies whether a ServiceAccount should be created + create: true + # The name of the ServiceAccount to use. If not set and create is + # true, a name is generated using the fullname template + name: "" + speaker: + # Specifies whether a ServiceAccount should be created + create: true + # The name of the ServiceAccount to use. If not set and create is + # true, a name is generated using the fullname template + name: "" + +# controller contains configuration specific to the MetalLB cluster +# controller. +controller: + image: + repository: metallb/controller + tag: v0.8.1 + pullPolicy: IfNotPresent + resources: {} + # limits: + # cpu: 100m + # memory: 100Mi + nodeSelector: {} + tolerations: [] + affinity: {} + +# speaker contains configuration specific to the MetalLB speaker +# daemonset. +speaker: + image: + repository: metallb/speaker + tag: v0.8.1 + pullPolicy: IfNotPresent + resources: {} + # limits: + # cpu: 100m + # memory: 100Mi + nodeSelector: {} + tolerations: [] + affinity: {} |