summaryrefslogtreecommitdiffstats
path: root/kubernetes/contrib
diff options
context:
space:
mode:
Diffstat (limited to 'kubernetes/contrib')
-rwxr-xr-xkubernetes/contrib/charts/awx/charts/awx-postgres/templates/pv.yaml5
-rwxr-xr-xkubernetes/contrib/charts/awx/charts/awx-postgres/templates/pvc.yaml13
-rwxr-xr-xkubernetes/contrib/charts/awx/requirements.yaml2
-rwxr-xr-xkubernetes/contrib/charts/netbox/charts/netbox-app/templates/pv.yaml5
-rwxr-xr-xkubernetes/contrib/charts/netbox/charts/netbox-app/templates/pvc.yaml15
-rwxr-xr-xkubernetes/contrib/charts/netbox/charts/netbox-postgres/templates/pv.yaml5
-rwxr-xr-xkubernetes/contrib/charts/netbox/charts/netbox-postgres/templates/pvc.yaml13
-rw-r--r--kubernetes/contrib/ingress-nginx-post-inst/nginx_ingress_cluster_config.yaml317
8 files changed, 331 insertions, 44 deletions
diff --git a/kubernetes/contrib/charts/awx/charts/awx-postgres/templates/pv.yaml b/kubernetes/contrib/charts/awx/charts/awx-postgres/templates/pv.yaml
index a8cf9f6d9d..da68e3400c 100755
--- a/kubernetes/contrib/charts/awx/charts/awx-postgres/templates/pv.yaml
+++ b/kubernetes/contrib/charts/awx/charts/awx-postgres/templates/pv.yaml
@@ -15,7 +15,7 @@
*/}}
{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}}
-{{- if not .Values.persistence.storageClass -}}
+{{- if eq "True" (include "common.needPV" .) -}}
kind: PersistentVolume
apiVersion: v1
metadata:
@@ -33,7 +33,8 @@ spec:
accessModes:
- {{ .Values.persistence.accessMode }}
persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }}
+ storageClassName: "{{ include "common.fullname" . }}-data"
hostPath:
path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}
{{- end -}}
-{{- end -}} \ No newline at end of file
+{{- end -}}
diff --git a/kubernetes/contrib/charts/awx/charts/awx-postgres/templates/pvc.yaml b/kubernetes/contrib/charts/awx/charts/awx-postgres/templates/pvc.yaml
index 52891ffda0..6d51a09232 100755
--- a/kubernetes/contrib/charts/awx/charts/awx-postgres/templates/pvc.yaml
+++ b/kubernetes/contrib/charts/awx/charts/awx-postgres/templates/pvc.yaml
@@ -30,21 +30,10 @@ metadata:
{{ .Values.persistence.annotations | indent 4 }}
{{- end }}
spec:
-{{- if not .Values.persistence.storageClass }}
- selector:
- matchLabels:
- name: {{ include "common.fullname" . }}
-{{- end }}
accessModes:
- {{ .Values.persistence.accessMode }}
+ storageClassName: {{ include "common.storageClass" . }}
resources:
requests:
storage: {{ .Values.persistence.size }}
-{{- if .Values.persistence.storageClass }}
-{{- if (eq "-" .Values.persistence.storageClass) }}
- storageClassName: ""
-{{- else }}
- storageClassName: "{{ .Values.persistence.storageClass }}"
-{{- end }}
-{{- end }}
{{- end -}}
diff --git a/kubernetes/contrib/charts/awx/requirements.yaml b/kubernetes/contrib/charts/awx/requirements.yaml
index 486fc6585c..ca8971c138 100755
--- a/kubernetes/contrib/charts/awx/requirements.yaml
+++ b/kubernetes/contrib/charts/awx/requirements.yaml
@@ -14,5 +14,5 @@
dependencies:
- name: common
- version: ~4.x-0
+ version: ~5.x-0
repository: '@local' \ No newline at end of file
diff --git a/kubernetes/contrib/charts/netbox/charts/netbox-app/templates/pv.yaml b/kubernetes/contrib/charts/netbox/charts/netbox-app/templates/pv.yaml
index f741cba64c..d2783cc628 100755
--- a/kubernetes/contrib/charts/netbox/charts/netbox-app/templates/pv.yaml
+++ b/kubernetes/contrib/charts/netbox/charts/netbox-app/templates/pv.yaml
@@ -19,20 +19,21 @@
kind: PersistentVolume
apiVersion: v1
metadata:
- name: {{ .Release.Name }}-{{ .Values.persistence.staticPvName }}
+ name: {{ include "common.fullname" . }}-data
namespace: {{ include "common.namespace" . }}
labels:
app: {{ include "common.name" . }}
chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
release: "{{ .Release.Name }}"
heritage: "{{ .Release.Service }}"
- name: {{ .Release.Name }}-{{ .Values.persistence.staticPvName }}
+ name: {{ include "common.fullname" . }}
spec:
capacity:
storage: {{ .Values.persistence.size}}
accessModes:
- {{ .Values.persistence.accessMode }}
persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }}
+ storageClassName: "{{ include "common.fullname" . }}-data"
hostPath:
path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}/app
{{- end -}}
diff --git a/kubernetes/contrib/charts/netbox/charts/netbox-app/templates/pvc.yaml b/kubernetes/contrib/charts/netbox/charts/netbox-app/templates/pvc.yaml
index 3489049602..a72d8277a4 100755
--- a/kubernetes/contrib/charts/netbox/charts/netbox-app/templates/pvc.yaml
+++ b/kubernetes/contrib/charts/netbox/charts/netbox-app/templates/pvc.yaml
@@ -30,21 +30,10 @@ metadata:
{{ .Values.persistence.annotations | indent 4 }}
{{- end }}
spec:
-{{- if not .Values.persistence.storageClass }}
- selector:
- matchLabels:
- name: {{ .Release.Name }}-{{ .Values.persistence.staticPvName }}
-{{- end }}
accessModes:
- {{ .Values.persistence.accessMode }}
resources:
requests:
storage: {{ .Values.persistence.size }}
- {{- if .Values.persistence.storageClass }}
- {{- if (eq "-" .Values.persistence.storageClass) }}
- storageClassName: ""
- {{- else }}
- storageClassName: "{{ .Values.persistence.storageClass }}"
- {{- end }}
- {{- end }}
-{{- end -}} \ No newline at end of file
+ storageClassName: {{ include "common.storageClass" . }}
+{{- end -}}
diff --git a/kubernetes/contrib/charts/netbox/charts/netbox-postgres/templates/pv.yaml b/kubernetes/contrib/charts/netbox/charts/netbox-postgres/templates/pv.yaml
index a19f5001e5..9b6ee1b59a 100755
--- a/kubernetes/contrib/charts/netbox/charts/netbox-postgres/templates/pv.yaml
+++ b/kubernetes/contrib/charts/netbox/charts/netbox-postgres/templates/pv.yaml
@@ -15,7 +15,7 @@
*/}}
{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}}
-{{- if not .Values.persistence.storageClass -}}
+{{- if eq "True" (include "common.needPV" .) -}}
kind: PersistentVolume
apiVersion: v1
metadata:
@@ -33,7 +33,8 @@ spec:
accessModes:
- {{ .Values.persistence.accessMode }}
persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }}
+ storageClassName: "{{ include "common.fullname" . }}-data"
hostPath:
path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}
{{- end -}}
-{{- end -}} \ No newline at end of file
+{{- end -}}
diff --git a/kubernetes/contrib/charts/netbox/charts/netbox-postgres/templates/pvc.yaml b/kubernetes/contrib/charts/netbox/charts/netbox-postgres/templates/pvc.yaml
index 30bba6da31..022a0fa8d8 100755
--- a/kubernetes/contrib/charts/netbox/charts/netbox-postgres/templates/pvc.yaml
+++ b/kubernetes/contrib/charts/netbox/charts/netbox-postgres/templates/pvc.yaml
@@ -30,21 +30,10 @@ metadata:
{{ .Values.persistence.annotations | indent 4 }}
{{- end }}
spec:
-{{- if not .Values.persistence.storageClass }}
- selector:
- matchLabels:
- name: {{ include "common.fullname" . }}
-{{- end }}
accessModes:
- {{ .Values.persistence.accessMode }}
resources:
requests:
storage: {{ .Values.persistence.size }}
-{{- if .Values.persistence.storageClass }}
-{{- if (eq "-" .Values.persistence.storageClass) }}
- storageClassName: ""
-{{- else }}
- storageClassName: "{{ .Values.persistence.storageClass }}"
-{{- end }}
-{{- end }}
+ storageClassName: {{ include "common.storageClass" . }}
{{- end -}}
diff --git a/kubernetes/contrib/ingress-nginx-post-inst/nginx_ingress_cluster_config.yaml b/kubernetes/contrib/ingress-nginx-post-inst/nginx_ingress_cluster_config.yaml
new file mode 100644
index 0000000000..937828a759
--- /dev/null
+++ b/kubernetes/contrib/ingress-nginx-post-inst/nginx_ingress_cluster_config.yaml
@@ -0,0 +1,317 @@
+apiVersion: v1
+kind: Namespace
+metadata:
+ name: ingress-nginx
+ labels:
+ app.kubernetes.io/name: ingress-nginx
+ app.kubernetes.io/part-of: ingress-nginx
+
+---
+
+kind: ConfigMap
+apiVersion: v1
+metadata:
+ name: nginx-configuration
+ namespace: ingress-nginx
+ labels:
+ app.kubernetes.io/name: ingress-nginx
+ app.kubernetes.io/part-of: ingress-nginx
+
+---
+kind: ConfigMap
+apiVersion: v1
+metadata:
+ name: tcp-services
+ namespace: ingress-nginx
+ labels:
+ app.kubernetes.io/name: ingress-nginx
+ app.kubernetes.io/part-of: ingress-nginx
+
+---
+kind: ConfigMap
+apiVersion: v1
+metadata:
+ name: udp-services
+ namespace: ingress-nginx
+ labels:
+ app.kubernetes.io/name: ingress-nginx
+ app.kubernetes.io/part-of: ingress-nginx
+
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+ name: nginx-ingress-serviceaccount
+ namespace: ingress-nginx
+ labels:
+ app.kubernetes.io/name: ingress-nginx
+ app.kubernetes.io/part-of: ingress-nginx
+
+---
+apiVersion: rbac.authorization.k8s.io/v1beta1
+kind: ClusterRole
+metadata:
+ name: nginx-ingress-clusterrole
+ labels:
+ app.kubernetes.io/name: ingress-nginx
+ app.kubernetes.io/part-of: ingress-nginx
+rules:
+ - apiGroups:
+ - ""
+ resources:
+ - configmaps
+ - endpoints
+ - nodes
+ - pods
+ - secrets
+ verbs:
+ - list
+ - watch
+ - apiGroups:
+ - ""
+ resources:
+ - nodes
+ verbs:
+ - get
+ - apiGroups:
+ - ""
+ resources:
+ - services
+ verbs:
+ - get
+ - list
+ - watch
+ - apiGroups:
+ - ""
+ resources:
+ - events
+ verbs:
+ - create
+ - patch
+ - apiGroups:
+ - "extensions"
+ - "networking.k8s.io"
+ resources:
+ - ingresses
+ verbs:
+ - get
+ - list
+ - watch
+ - apiGroups:
+ - "extensions"
+ - "networking.k8s.io"
+ resources:
+ - ingresses/status
+ verbs:
+ - update
+
+---
+apiVersion: rbac.authorization.k8s.io/v1beta1
+kind: Role
+metadata:
+ name: nginx-ingress-role
+ namespace: ingress-nginx
+ labels:
+ app.kubernetes.io/name: ingress-nginx
+ app.kubernetes.io/part-of: ingress-nginx
+rules:
+ - apiGroups:
+ - ""
+ resources:
+ - configmaps
+ - pods
+ - secrets
+ - namespaces
+ verbs:
+ - get
+ - apiGroups:
+ - ""
+ resources:
+ - configmaps
+ resourceNames:
+ # Defaults to "<election-id>-<ingress-class>"
+ # Here: "<ingress-controller-leader>-<nginx>"
+ # This has to be adapted if you change either parameter
+ # when launching the nginx-ingress-controller.
+ - "ingress-controller-leader-nginx"
+ verbs:
+ - get
+ - update
+ - apiGroups:
+ - ""
+ resources:
+ - configmaps
+ verbs:
+ - create
+ - apiGroups:
+ - ""
+ resources:
+ - endpoints
+ verbs:
+ - get
+
+---
+apiVersion: rbac.authorization.k8s.io/v1beta1
+kind: RoleBinding
+metadata:
+ name: nginx-ingress-role-nisa-binding
+ namespace: ingress-nginx
+ labels:
+ app.kubernetes.io/name: ingress-nginx
+ app.kubernetes.io/part-of: ingress-nginx
+roleRef:
+ apiGroup: rbac.authorization.k8s.io
+ kind: Role
+ name: nginx-ingress-role
+subjects:
+ - kind: ServiceAccount
+ name: nginx-ingress-serviceaccount
+ namespace: ingress-nginx
+
+---
+apiVersion: rbac.authorization.k8s.io/v1beta1
+kind: ClusterRoleBinding
+metadata:
+ name: nginx-ingress-clusterrole-nisa-binding
+ labels:
+ app.kubernetes.io/name: ingress-nginx
+ app.kubernetes.io/part-of: ingress-nginx
+roleRef:
+ apiGroup: rbac.authorization.k8s.io
+ kind: ClusterRole
+ name: nginx-ingress-clusterrole
+subjects:
+ - kind: ServiceAccount
+ name: nginx-ingress-serviceaccount
+ namespace: ingress-nginx
+
+---
+
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ name: nginx-ingress-controller
+ namespace: ingress-nginx
+ labels:
+ app.kubernetes.io/name: ingress-nginx
+ app.kubernetes.io/part-of: ingress-nginx
+spec:
+ replicas: 1
+ selector:
+ matchLabels:
+ app.kubernetes.io/name: ingress-nginx
+ app.kubernetes.io/part-of: ingress-nginx
+ template:
+ metadata:
+ labels:
+ app.kubernetes.io/name: ingress-nginx
+ app.kubernetes.io/part-of: ingress-nginx
+ annotations:
+ prometheus.io/port: "10254"
+ prometheus.io/scrape: "true"
+ spec:
+ serviceAccountName: nginx-ingress-serviceaccount
+ containers:
+ - name: nginx-ingress-controller
+ image: quay.io/kubernetes-ingress-controller/nginx-ingress-controller:0.25.1
+ args:
+ - /nginx-ingress-controller
+ - --configmap=$(POD_NAMESPACE)/nginx-configuration
+ - --tcp-services-configmap=$(POD_NAMESPACE)/tcp-services
+ - --udp-services-configmap=$(POD_NAMESPACE)/udp-services
+ - --publish-service=$(POD_NAMESPACE)/ingress-nginx
+ - --annotations-prefix=nginx.ingress.kubernetes.io
+ - --enable-ssl-passthrough=true
+ securityContext:
+ allowPrivilegeEscalation: true
+ capabilities:
+ drop:
+ - ALL
+ add:
+ - NET_BIND_SERVICE
+ # www-data -> 33
+ runAsUser: 33
+ env:
+ - name: POD_NAME
+ valueFrom:
+ fieldRef:
+ fieldPath: metadata.name
+ - name: POD_NAMESPACE
+ valueFrom:
+ fieldRef:
+ fieldPath: metadata.namespace
+ ports:
+ - name: http
+ containerPort: 80
+ - name: https
+ containerPort: 443
+ livenessProbe:
+ failureThreshold: 3
+ httpGet:
+ path: /healthz
+ port: 10254
+ scheme: HTTP
+ initialDelaySeconds: 10
+ periodSeconds: 10
+ successThreshold: 1
+ timeoutSeconds: 10
+ readinessProbe:
+ failureThreshold: 3
+ httpGet:
+ path: /healthz
+ port: 10254
+ scheme: HTTP
+ periodSeconds: 10
+ successThreshold: 1
+ timeoutSeconds: 10
+
+---
+kind: Service
+apiVersion: v1
+metadata:
+ name: ingress-nginx
+ namespace: ingress-nginx
+ labels:
+ app.kubernetes.io/name: ingress-nginx
+ app.kubernetes.io/part-of: ingress-nginx
+spec:
+ externalTrafficPolicy: Local
+ type: LoadBalancer
+ selector:
+ app.kubernetes.io/name: ingress-nginx
+ app.kubernetes.io/part-of: ingress-nginx
+ ports:
+ - name: http
+ port: 80
+ targetPort: http
+ - name: https
+ port: 443
+ targetPort: https
+
+---
+
+apiVersion: v1
+kind: Service
+metadata:
+ name: ingress-nginx
+ namespace: ingress-nginx
+ labels:
+ app.kubernetes.io/name: ingress-nginx
+ app.kubernetes.io/part-of: ingress-nginx
+spec:
+ type: NodePort
+ ports:
+ - name: http
+ port: 80
+ targetPort: 80
+ protocol: TCP
+ - name: https
+ port: 443
+ targetPort: 443
+ protocol: TCP
+ selector:
+ app.kubernetes.io/name: ingress-nginx
+ app.kubernetes.io/part-of: ingress-nginx
+
+---
+