diff options
Diffstat (limited to 'kud/tests/vnfs/comp-app/collection/app2/helm/prometheus-operator/charts/prometheus-node-exporter/templates')
10 files changed, 394 insertions, 0 deletions
diff --git a/kud/tests/vnfs/comp-app/collection/app2/helm/prometheus-operator/charts/prometheus-node-exporter/templates/NOTES.txt b/kud/tests/vnfs/comp-app/collection/app2/helm/prometheus-operator/charts/prometheus-node-exporter/templates/NOTES.txt new file mode 100755 index 00000000..dc272fa9 --- /dev/null +++ b/kud/tests/vnfs/comp-app/collection/app2/helm/prometheus-operator/charts/prometheus-node-exporter/templates/NOTES.txt @@ -0,0 +1,15 @@ +1. Get the application URL by running these commands: +{{- if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ template "prometheus-node-exporter.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ template "prometheus-node-exporter.fullname" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ template "prometheus-node-exporter.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get svc -w {{ template "prometheus-node-exporter.fullname" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ template "prometheus-node-exporter.namespace" . }} {{ template "prometheus-node-exporter.fullname" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') + echo http://$SERVICE_IP:{{ .Values.service.port }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ template "prometheus-node-exporter.namespace" . }} -l "app={{ template "prometheus-node-exporter.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + echo "Visit http://127.0.0.1:9100 to use your application" + kubectl port-forward --namespace {{ template "prometheus-node-exporter.namespace" . }} $POD_NAME 9100 +{{- end }} diff --git a/kud/tests/vnfs/comp-app/collection/app2/helm/prometheus-operator/charts/prometheus-node-exporter/templates/_helpers.tpl b/kud/tests/vnfs/comp-app/collection/app2/helm/prometheus-operator/charts/prometheus-node-exporter/templates/_helpers.tpl new file mode 100755 index 00000000..e8260688 --- /dev/null +++ b/kud/tests/vnfs/comp-app/collection/app2/helm/prometheus-operator/charts/prometheus-node-exporter/templates/_helpers.tpl @@ -0,0 +1,66 @@ +{{/* vim: set filetype=mustache: */}} +{{/* +Expand the name of the chart. +*/}} +{{- define "prometheus-node-exporter.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "prometheus-node-exporter.fullname" -}} +{{- if .Values.fullnameOverride -}} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- $name := default .Chart.Name .Values.nameOverride -}} +{{- if contains $name .Release.Name -}} +{{- .Release.Name | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} +{{- end -}} +{{- end -}} +{{- end -}} + +{{/* Generate basic labels */}} +{{- define "prometheus-node-exporter.labels" }} +app: {{ template "prometheus-node-exporter.name" . }} +heritage: {{.Release.Service }} +release: {{.Release.Name }} +chart: {{ template "prometheus-node-exporter.chart" . }} +{{- if .Values.podLabels}} +{{ toYaml .Values.podLabels }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "prometheus-node-exporter.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} +{{- end -}} + + +{{/* +Create the name of the service account to use +*/}} +{{- define "prometheus-node-exporter.serviceAccountName" -}} +{{- if .Values.serviceAccount.create -}} + {{ default (include "prometheus-node-exporter.fullname" .) .Values.serviceAccount.name }} +{{- else -}} + {{ default "default" .Values.serviceAccount.name }} +{{- end -}} +{{- end -}} + +{{/* +Allow the release namespace to be overridden for multi-namespace deployments in combined charts +*/}} +{{- define "prometheus-node-exporter.namespace" -}} + {{- if .Values.namespaceOverride -}} + {{- .Values.namespaceOverride -}} + {{- else -}} + {{- .Release.Namespace -}} + {{- end -}} +{{- end -}} diff --git a/kud/tests/vnfs/comp-app/collection/app2/helm/prometheus-operator/charts/prometheus-node-exporter/templates/daemonset.yaml b/kud/tests/vnfs/comp-app/collection/app2/helm/prometheus-operator/charts/prometheus-node-exporter/templates/daemonset.yaml new file mode 100755 index 00000000..765e5389 --- /dev/null +++ b/kud/tests/vnfs/comp-app/collection/app2/helm/prometheus-operator/charts/prometheus-node-exporter/templates/daemonset.yaml @@ -0,0 +1,151 @@ +apiVersion: apps/v1 +kind: DaemonSet +metadata: + name: {{ template "prometheus-node-exporter.fullname" . }} + namespace: {{ template "prometheus-node-exporter.namespace" . }} + labels: {{ include "prometheus-node-exporter.labels" . | indent 4 }} +spec: + selector: + matchLabels: + app: {{ template "prometheus-node-exporter.name" . }} + release: {{ .Release.Name }} + {{- if .Values.updateStrategy }} + updateStrategy: +{{ toYaml .Values.updateStrategy | indent 4 }} + {{- end }} + template: + metadata: + labels: {{ include "prometheus-node-exporter.labels" . | indent 8 }} + {{- if .Values.podAnnotations }} + annotations: + {{- toYaml .Values.podAnnotations | nindent 8 }} + {{- end }} + spec: +{{- if and .Values.rbac.create .Values.serviceAccount.create }} + serviceAccountName: {{ template "prometheus-node-exporter.serviceAccountName" . }} +{{- end }} +{{- if .Values.securityContext }} + securityContext: +{{ toYaml .Values.securityContext | indent 8 }} +{{- end }} +{{- if .Values.priorityClassName }} + priorityClassName: {{ .Values.priorityClassName }} +{{- end }} + containers: + - name: node-exporter + image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + args: + - --path.procfs=/host/proc + - --path.sysfs=/host/sys + - --web.listen-address=$(HOST_IP):{{ .Values.service.port }} +{{- if .Values.extraArgs }} +{{ toYaml .Values.extraArgs | indent 12 }} +{{- end }} + env: + - name: HOST_IP + {{- if .Values.service.listenOnAllInterfaces }} + value: 0.0.0.0 + {{- else }} + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: status.hostIP + {{- end }} + ports: + - name: metrics + containerPort: {{ .Values.service.targetPort }} + protocol: TCP + livenessProbe: + httpGet: + path: / + port: {{ .Values.service.port }} + readinessProbe: + httpGet: + path: / + port: {{ .Values.service.port }} + resources: +{{ toYaml .Values.resources | indent 12 }} + volumeMounts: + - name: proc + mountPath: /host/proc + readOnly: true + - name: sys + mountPath: /host/sys + readOnly: true + {{- if .Values.extraHostVolumeMounts }} + {{- range $_, $mount := .Values.extraHostVolumeMounts }} + - name: {{ $mount.name }} + mountPath: {{ $mount.mountPath }} + readOnly: {{ $mount.readOnly }} + {{- if $mount.mountPropagation }} + mountPropagation: {{ $mount.mountPropagation }} + {{- end }} + {{- end }} + {{- end }} + {{- if .Values.sidecarVolumeMount }} + {{- range $_, $mount := .Values.sidecarVolumeMount }} + - name: {{ $mount.name }} + mountPath: {{ $mount.mountPath }} + readOnly: true + {{- end }} + {{- end }} + {{- if .Values.configmaps }} + {{- range $_, $mount := .Values.configmaps }} + - name: {{ $mount.name }} + mountPath: {{ $mount.mountPath }} + {{- end }} + {{- end }} +{{- if .Values.sidecars }} +{{ toYaml .Values.sidecars | indent 8 }} + {{- if .Values.sidecarVolumeMount }} + volumeMounts: + {{- range $_, $mount := .Values.sidecarVolumeMount }} + - name: {{ $mount.name }} + mountPath: {{ $mount.mountPath }} + readOnly: {{ $mount.readOnly }} + {{- end }} + {{- end }} +{{- end }} + hostNetwork: {{ .Values.hostNetwork }} + hostPID: true +{{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 8 }} +{{- end }} +{{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 8 }} +{{- end }} + {{- with .Values.tolerations }} + tolerations: +{{ toYaml . | indent 8 }} + {{- end }} + volumes: + - name: proc + hostPath: + path: /proc + - name: sys + hostPath: + path: /sys + {{- if .Values.extraHostVolumeMounts }} + {{- range $_, $mount := .Values.extraHostVolumeMounts }} + - name: {{ $mount.name }} + hostPath: + path: {{ $mount.hostPath }} + {{- end }} + {{- end }} + {{- if .Values.sidecarVolumeMount }} + {{- range $_, $mount := .Values.sidecarVolumeMount }} + - name: {{ $mount.name }} + emptyDir: + medium: Memory + {{- end }} + {{- end }} + {{- if .Values.configmaps }} + {{- range $_, $mount := .Values.configmaps }} + - name: {{ $mount.name }} + configMap: + name: {{ $mount.name }} + {{- end }} + {{- end }} diff --git a/kud/tests/vnfs/comp-app/collection/app2/helm/prometheus-operator/charts/prometheus-node-exporter/templates/endpoints.yaml b/kud/tests/vnfs/comp-app/collection/app2/helm/prometheus-operator/charts/prometheus-node-exporter/templates/endpoints.yaml new file mode 100755 index 00000000..8daaeaaf --- /dev/null +++ b/kud/tests/vnfs/comp-app/collection/app2/helm/prometheus-operator/charts/prometheus-node-exporter/templates/endpoints.yaml @@ -0,0 +1,18 @@ +{{- if .Values.endpoints }} +apiVersion: v1 +kind: Endpoints +metadata: + name: {{ template "prometheus-node-exporter.fullname" . }} + namespace: {{ template "prometheus-node-exporter.namespace" . }} + labels: +{{ include "prometheus-node-exporter.labels" . | indent 4 }} +subsets: + - addresses: + {{- range .Values.endpoints }} + - ip: {{ . }} + {{- end }} + ports: + - name: metrics + port: 9100 + protocol: TCP +{{- end }} diff --git a/kud/tests/vnfs/comp-app/collection/app2/helm/prometheus-operator/charts/prometheus-node-exporter/templates/monitor.yaml b/kud/tests/vnfs/comp-app/collection/app2/helm/prometheus-operator/charts/prometheus-node-exporter/templates/monitor.yaml new file mode 100755 index 00000000..f92fae8a --- /dev/null +++ b/kud/tests/vnfs/comp-app/collection/app2/helm/prometheus-operator/charts/prometheus-node-exporter/templates/monitor.yaml @@ -0,0 +1,21 @@ +{{- if .Values.prometheus.monitor.enabled }} +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + name: {{ template "prometheus-node-exporter.fullname" . }} + namespace: {{ template "prometheus-node-exporter.namespace" . }} + labels: {{ include "prometheus-node-exporter.labels" . | indent 4 }} + {{- if .Values.prometheus.monitor.additionalLabels }} +{{ toYaml .Values.prometheus.monitor.additionalLabels | indent 4 }} + {{- end }} +spec: + selector: + matchLabels: + app: {{ template "prometheus-node-exporter.name" . }} + release: {{ .Release.Name }} + endpoints: + - port: metrics + {{- if .Values.prometheus.monitor.scrapeTimeout }} + scrapeTimeout: {{ .Values.prometheus.monitor.scrapeTimeout }} + {{- end }} +{{- end }} diff --git a/kud/tests/vnfs/comp-app/collection/app2/helm/prometheus-operator/charts/prometheus-node-exporter/templates/psp-clusterrole.yaml b/kud/tests/vnfs/comp-app/collection/app2/helm/prometheus-operator/charts/prometheus-node-exporter/templates/psp-clusterrole.yaml new file mode 100755 index 00000000..cb433369 --- /dev/null +++ b/kud/tests/vnfs/comp-app/collection/app2/helm/prometheus-operator/charts/prometheus-node-exporter/templates/psp-clusterrole.yaml @@ -0,0 +1,15 @@ +{{- if .Values.rbac.create }} +{{- if .Values.rbac.pspEnabled }} +kind: ClusterRole +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: psp-{{ template "prometheus-node-exporter.fullname" . }} + labels: {{ include "prometheus-node-exporter.labels" . | indent 4 }} +rules: +- apiGroups: ['extensions'] + resources: ['podsecuritypolicies'] + verbs: ['use'] + resourceNames: + - {{ template "prometheus-node-exporter.fullname" . }} +{{- end }} +{{- end }} diff --git a/kud/tests/vnfs/comp-app/collection/app2/helm/prometheus-operator/charts/prometheus-node-exporter/templates/psp-clusterrolebinding.yaml b/kud/tests/vnfs/comp-app/collection/app2/helm/prometheus-operator/charts/prometheus-node-exporter/templates/psp-clusterrolebinding.yaml new file mode 100755 index 00000000..d36d93ec --- /dev/null +++ b/kud/tests/vnfs/comp-app/collection/app2/helm/prometheus-operator/charts/prometheus-node-exporter/templates/psp-clusterrolebinding.yaml @@ -0,0 +1,17 @@ +{{- if .Values.rbac.create }} +{{- if .Values.rbac.pspEnabled }} +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: psp-{{ template "prometheus-node-exporter.fullname" . }} + labels: {{ include "prometheus-node-exporter.labels" . | indent 4 }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: psp-{{ template "prometheus-node-exporter.fullname" . }} +subjects: + - kind: ServiceAccount + name: {{ template "prometheus-node-exporter.fullname" . }} + namespace: {{ template "prometheus-node-exporter.namespace" . }} +{{- end }} +{{- end }} diff --git a/kud/tests/vnfs/comp-app/collection/app2/helm/prometheus-operator/charts/prometheus-node-exporter/templates/psp.yaml b/kud/tests/vnfs/comp-app/collection/app2/helm/prometheus-operator/charts/prometheus-node-exporter/templates/psp.yaml new file mode 100755 index 00000000..f00506c9 --- /dev/null +++ b/kud/tests/vnfs/comp-app/collection/app2/helm/prometheus-operator/charts/prometheus-node-exporter/templates/psp.yaml @@ -0,0 +1,52 @@ +{{- if .Values.rbac.create }} +{{- if .Values.rbac.pspEnabled }} +apiVersion: policy/v1beta1 +kind: PodSecurityPolicy +metadata: + name: {{ template "prometheus-node-exporter.fullname" . }} + namespace: {{ template "prometheus-node-exporter.namespace" . }} + labels: {{ include "prometheus-node-exporter.labels" . | indent 4 }} +spec: + privileged: false + # Required to prevent escalations to root. + # allowPrivilegeEscalation: false + # This is redundant with non-root + disallow privilege escalation, + # but we can provide it for defense in depth. + #requiredDropCapabilities: + # - ALL + # Allow core volume types. + volumes: + - 'configMap' + - 'emptyDir' + - 'projected' + - 'secret' + - 'downwardAPI' + - 'persistentVolumeClaim' + - 'hostPath' + hostNetwork: true + hostIPC: false + hostPID: true + hostPorts: + - min: 0 + max: 65535 + runAsUser: + # Permits the container to run with root privileges as well. + rule: 'RunAsAny' + seLinux: + # This policy assumes the nodes are using AppArmor rather than SELinux. + rule: 'RunAsAny' + supplementalGroups: + rule: 'MustRunAs' + ranges: + # Forbid adding the root group. + - min: 0 + max: 65535 + fsGroup: + rule: 'MustRunAs' + ranges: + # Forbid adding the root group. + - min: 0 + max: 65535 + readOnlyRootFilesystem: false +{{- end }} +{{- end }} diff --git a/kud/tests/vnfs/comp-app/collection/app2/helm/prometheus-operator/charts/prometheus-node-exporter/templates/service.yaml b/kud/tests/vnfs/comp-app/collection/app2/helm/prometheus-operator/charts/prometheus-node-exporter/templates/service.yaml new file mode 100755 index 00000000..b0a447fe --- /dev/null +++ b/kud/tests/vnfs/comp-app/collection/app2/helm/prometheus-operator/charts/prometheus-node-exporter/templates/service.yaml @@ -0,0 +1,23 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ template "prometheus-node-exporter.fullname" . }} + namespace: {{ template "prometheus-node-exporter.namespace" . }} +{{- if .Values.service.annotations }} + annotations: +{{ toYaml .Values.service.annotations | indent 4 }} +{{- end }} + labels: {{ include "prometheus-node-exporter.labels" . | indent 4 }} +spec: + type: {{ .Values.service.type }} + ports: + - port: {{ .Values.service.port }} + {{- if ( and (eq .Values.service.type "NodePort" ) (not (empty .Values.service.nodePort)) ) }} + nodePort: {{ .Values.service.nodePort }} + {{- end }} + targetPort: {{ .Values.service.targetPort }} + protocol: TCP + name: metrics + selector: + app: {{ template "prometheus-node-exporter.name" . }} + release: {{ .Release.Name }} diff --git a/kud/tests/vnfs/comp-app/collection/app2/helm/prometheus-operator/charts/prometheus-node-exporter/templates/serviceaccount.yaml b/kud/tests/vnfs/comp-app/collection/app2/helm/prometheus-operator/charts/prometheus-node-exporter/templates/serviceaccount.yaml new file mode 100755 index 00000000..bd1c223b --- /dev/null +++ b/kud/tests/vnfs/comp-app/collection/app2/helm/prometheus-operator/charts/prometheus-node-exporter/templates/serviceaccount.yaml @@ -0,0 +1,16 @@ +{{- if .Values.rbac.create -}} +{{- if .Values.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ template "prometheus-node-exporter.serviceAccountName" . }} + namespace: {{ template "prometheus-node-exporter.namespace" . }} + labels: + app: {{ template "prometheus-node-exporter.name" . }} + chart: {{ template "prometheus-node-exporter.chart" . }} + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" +imagePullSecrets: +{{ toYaml .Values.serviceAccount.imagePullSecrets | indent 2 }} +{{- end -}} +{{- end -}} |