diff --git a/assets/fleet-agent/fleet-agent-0.3.500-rc06.tgz b/assets/fleet-agent/fleet-agent-0.3.500-rc06.tgz new file mode 100755 index 00000000000..628416ee483 Binary files /dev/null and b/assets/fleet-agent/fleet-agent-0.3.500-rc06.tgz differ diff --git a/assets/fleet-crd/fleet-crd-0.3.500-rc06.tgz b/assets/fleet-crd/fleet-crd-0.3.500-rc06.tgz new file mode 100755 index 00000000000..1787d42b709 Binary files /dev/null and b/assets/fleet-crd/fleet-crd-0.3.500-rc06.tgz differ diff --git a/assets/fleet/fleet-0.3.500-rc06.tgz b/assets/fleet/fleet-0.3.500-rc06.tgz new file mode 100755 index 00000000000..07984efc196 Binary files /dev/null and b/assets/fleet/fleet-0.3.500-rc06.tgz differ diff --git a/assets/rancher-istio-1.8/rancher-istio-1.8.500-rc03.tgz b/assets/rancher-istio-1.8/rancher-istio-1.8.500-rc03.tgz new file mode 100755 index 00000000000..a1318e1aa72 Binary files /dev/null and b/assets/rancher-istio-1.8/rancher-istio-1.8.500-rc03.tgz differ diff --git a/assets/rancher-istio-1.9/rancher-istio-1.9.300-rc03.tgz b/assets/rancher-istio-1.9/rancher-istio-1.9.300-rc03.tgz new file mode 100755 index 00000000000..dbbe9984eb6 Binary files /dev/null and b/assets/rancher-istio-1.9/rancher-istio-1.9.300-rc03.tgz differ diff --git a/assets/rancher-logging/rancher-logging-3.9.400-rc06.tgz b/assets/rancher-logging/rancher-logging-3.9.400-rc06.tgz new file mode 100755 index 00000000000..4f504a8a445 Binary files /dev/null and b/assets/rancher-logging/rancher-logging-3.9.400-rc06.tgz differ diff --git a/assets/rancher-logging/rancher-logging-crd-3.9.400-rc06.tgz b/assets/rancher-logging/rancher-logging-crd-3.9.400-rc06.tgz new file mode 100755 index 00000000000..3ddab33a33f Binary files /dev/null and b/assets/rancher-logging/rancher-logging-crd-3.9.400-rc06.tgz differ diff --git a/charts/fleet-agent/fleet-agent/0.3.500-rc06/Chart.yaml b/charts/fleet-agent/fleet-agent/0.3.500-rc06/Chart.yaml new file mode 100755 index 00000000000..1ca380a4f21 --- /dev/null +++ b/charts/fleet-agent/fleet-agent/0.3.500-rc06/Chart.yaml @@ -0,0 +1,12 @@ +annotations: + catalog.cattle.io/certified: rancher + catalog.cattle.io/hidden: "true" + catalog.cattle.io/namespace: fleet-system + catalog.cattle.io/os: linux + catalog.cattle.io/release-name: fleet-agent +apiVersion: v2 +appVersion: 0.3.5 +description: Fleet Manager Agent - GitOps at Scale +icon: https://charts.rancher.io/assets/logos/fleet.svg +name: fleet-agent +version: 0.3.500-rc06 diff --git a/charts/fleet-agent/fleet-agent/0.3.500-rc06/templates/_helpers.tpl b/charts/fleet-agent/fleet-agent/0.3.500-rc06/templates/_helpers.tpl new file mode 100755 index 00000000000..f652b5643de --- /dev/null +++ b/charts/fleet-agent/fleet-agent/0.3.500-rc06/templates/_helpers.tpl @@ -0,0 +1,7 @@ +{{- define "system_default_registry" -}} +{{- if .Values.global.cattle.systemDefaultRegistry -}} +{{- printf "%s/" .Values.global.cattle.systemDefaultRegistry -}} +{{- else -}} +{{- "" -}} +{{- end -}} +{{- end -}} \ No newline at end of file diff --git a/charts/fleet-agent/fleet-agent/0.3.500-rc06/templates/configmap.yaml b/charts/fleet-agent/fleet-agent/0.3.500-rc06/templates/configmap.yaml new file mode 100755 index 00000000000..ce61a875683 --- /dev/null +++ b/charts/fleet-agent/fleet-agent/0.3.500-rc06/templates/configmap.yaml @@ -0,0 +1,12 @@ +kind: ConfigMap +apiVersion: v1 +metadata: + name: fleet-agent +data: + config: |- + { + {{ if .Values.labels }} + "labels":{{toJson .Values.labels}}, + {{ end }} + "clientID":"{{.Values.clientID}}" + } diff --git a/charts/fleet-agent/fleet-agent/0.3.500-rc06/templates/deployment.yaml b/charts/fleet-agent/fleet-agent/0.3.500-rc06/templates/deployment.yaml new file mode 100755 index 00000000000..72323dc763a --- /dev/null +++ b/charts/fleet-agent/fleet-agent/0.3.500-rc06/templates/deployment.yaml @@ -0,0 +1,30 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: fleet-agent +spec: + selector: + matchLabels: + app: fleet-agent + template: + metadata: + labels: + app: fleet-agent + spec: + containers: + - env: + - name: NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + image: '{{ template "system_default_registry" . }}{{.Values.image.repository}}:{{.Values.image.tag}}' + name: fleet-agent + serviceAccountName: fleet-agent + {{- with .Values.fleetAgent.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.fleetAgent.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} diff --git a/charts/fleet-agent/fleet-agent/0.3.500-rc06/templates/network_policy_allow_all.yaml b/charts/fleet-agent/fleet-agent/0.3.500-rc06/templates/network_policy_allow_all.yaml new file mode 100755 index 00000000000..a72109a0627 --- /dev/null +++ b/charts/fleet-agent/fleet-agent/0.3.500-rc06/templates/network_policy_allow_all.yaml @@ -0,0 +1,15 @@ +--- +apiVersion: networking.k8s.io/v1 +kind: NetworkPolicy +metadata: + name: default-allow-all + namespace: {{ .Values.internal.systemNamespace }} +spec: + podSelector: {} + ingress: + - {} + egress: + - {} + policyTypes: + - Ingress + - Egress diff --git a/charts/fleet-agent/fleet-agent/0.3.500-rc06/templates/patch_default_serviceaccount.yaml b/charts/fleet-agent/fleet-agent/0.3.500-rc06/templates/patch_default_serviceaccount.yaml new file mode 100755 index 00000000000..2448cb4f32d --- /dev/null +++ b/charts/fleet-agent/fleet-agent/0.3.500-rc06/templates/patch_default_serviceaccount.yaml @@ -0,0 +1,28 @@ +--- +apiVersion: batch/v1 +kind: Job +metadata: + name: patch-fleet-sa + annotations: + "helm.sh/hook": post-install, post-upgrade + "helm.sh/hook-delete-policy": hook-succeeded, before-hook-creation +spec: + template: + spec: + serviceAccountName: fleet-agent + restartPolicy: Never + containers: + - name: sa + image: "{{ template "system_default_registry" . }}{{ .Values.global.kubectl.repository }}:{{ .Values.global.kubectl.tag }}" + imagePullPolicy: {{ .Values.global.imagePullPolicy }} + command: ["kubectl", "patch", "serviceaccount", "default", "-p", "{\"automountServiceAccountToken\": false}"] + args: ["-n", {{ .Values.internal.systemNamespace }}] + {{- with .Values.kubectl.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.kubectl.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + backoffLimit: 1 diff --git a/charts/fleet-agent/fleet-agent/0.3.500-rc06/templates/rbac.yaml b/charts/fleet-agent/fleet-agent/0.3.500-rc06/templates/rbac.yaml new file mode 100755 index 00000000000..805949bf2c6 --- /dev/null +++ b/charts/fleet-agent/fleet-agent/0.3.500-rc06/templates/rbac.yaml @@ -0,0 +1,25 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: fleet-agent-system-fleet-agent-role +rules: +- apiGroups: + - '*' + resources: + - '*' + verbs: + - '*' + +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: fleet-agent-system-fleet-agent-role-binding +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: fleet-agent-system-fleet-agent-role +subjects: +- kind: ServiceAccount + name: fleet-agent + namespace: {{.Release.Namespace}} diff --git a/charts/fleet-agent/fleet-agent/0.3.500-rc06/templates/secret.yaml b/charts/fleet-agent/fleet-agent/0.3.500-rc06/templates/secret.yaml new file mode 100755 index 00000000000..4715882047c --- /dev/null +++ b/charts/fleet-agent/fleet-agent/0.3.500-rc06/templates/secret.yaml @@ -0,0 +1,10 @@ +apiVersion: v1 +data: + systemRegistrationNamespace: "{{b64enc .Values.systemRegistrationNamespace}}" + clusterNamespace: "{{b64enc .Values.clusterNamespace}}" + token: "{{b64enc .Values.token}}" + apiServerURL: "{{b64enc .Values.apiServerURL}}" + apiServerCA: "{{b64enc .Values.apiServerCA}}" +kind: Secret +metadata: + name: fleet-agent-bootstrap diff --git a/charts/fleet-agent/fleet-agent/0.3.500-rc06/templates/serviceaccount.yaml b/charts/fleet-agent/fleet-agent/0.3.500-rc06/templates/serviceaccount.yaml new file mode 100755 index 00000000000..73e27f0be92 --- /dev/null +++ b/charts/fleet-agent/fleet-agent/0.3.500-rc06/templates/serviceaccount.yaml @@ -0,0 +1,4 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + name: fleet-agent diff --git a/charts/fleet-agent/fleet-agent/0.3.500-rc06/templates/validate.yaml b/charts/fleet-agent/fleet-agent/0.3.500-rc06/templates/validate.yaml new file mode 100755 index 00000000000..d53ff1c5080 --- /dev/null +++ b/charts/fleet-agent/fleet-agent/0.3.500-rc06/templates/validate.yaml @@ -0,0 +1,11 @@ +{{if ne .Release.Namespace .Values.internal.systemNamespace }} +{{ fail (printf "This chart must be installed in the namespace %s as the release name fleet-agent" .Values.internal.systemNamespace) }} +{{end}} + +{{if ne .Release.Name .Values.internal.managedReleaseName }} +{{ fail (printf "This chart must be installed in the namespace %s as the release name fleet-agent" .Values.internal.managedReleaseName) }} +{{end}} + +{{if not .Values.apiServerURL }} +{{ fail "apiServerURL is required to be set, and most likely also apiServerCA" }} +{{end}} diff --git a/charts/fleet-agent/fleet-agent/0.3.500-rc06/values.yaml b/charts/fleet-agent/fleet-agent/0.3.500-rc06/values.yaml new file mode 100755 index 00000000000..5d4c1f9ac66 --- /dev/null +++ b/charts/fleet-agent/fleet-agent/0.3.500-rc06/values.yaml @@ -0,0 +1,56 @@ +image: + repository: rancher/fleet-agent + tag: v0.3.5-rc6 + +# The public URL of the Kubernetes API server running the Fleet Manager must be set here +# Example: https://example.com:6443 +apiServerURL: "" + +# The the pem encoded value of the CA of the Kubernetes API server running the Fleet Manager. +# If left empty it is assumed this Kubernetes API TLS is signed by a well known CA. +apiServerCA: "" + +# The cluster registration value +token: "" + +# Labels to add to the cluster upon registration only. They are not added after the fact. +#labels: +# foo: bar + +# The client ID of the cluster to associate with +clientID: "" + +# The namespace of the cluster we are register with +clusterNamespace: "" + +# The namespace containing the clusters registration secrets +systemRegistrationNamespace: fleet-clusters-system + +# Please do not change the below setting unless you really know what you are doing +internal: + systemNamespace: fleet-system + managedReleaseName: fleet-agent + +# The nodeSelector and tolerations for the agent deployment +fleetAgent: + nodeSelector: {} + tolerations: [] +kubectl: + nodeSelector: + kubernetes.io/os: linux + tolerations: + - key: cattle.io/os + operator: "Equal" + value: "linux" + effect: NoSchedule + - key: node.cloudprovider.kubernetes.io/uninitialized + operator: "Equal" + value: "true" + effect: NoSchedule + +global: + cattle: + systemDefaultRegistry: "" + kubectl: + repository: rancher/kubectl + tag: v1.20.2 diff --git a/charts/fleet-crd/fleet-crd/0.3.500-rc06/Chart.yaml b/charts/fleet-crd/fleet-crd/0.3.500-rc06/Chart.yaml new file mode 100755 index 00000000000..f97ab842ed7 --- /dev/null +++ b/charts/fleet-crd/fleet-crd/0.3.500-rc06/Chart.yaml @@ -0,0 +1,12 @@ +annotations: + catalog.cattle.io/certified: rancher + catalog.cattle.io/hidden: "true" + catalog.cattle.io/namespace: fleet-system + catalog.cattle.io/os: linux + catalog.cattle.io/release-name: fleet-crd +apiVersion: v2 +appVersion: 0.3.5 +description: Fleet Manager CustomResourceDefinitions +icon: https://charts.rancher.io/assets/logos/fleet.svg +name: fleet-crd +version: 0.3.500-rc06 diff --git a/charts/fleet-crd/fleet-crd/0.3.500-rc06/templates/crds.yaml b/charts/fleet-crd/fleet-crd/0.3.500-rc06/templates/crds.yaml new file mode 100755 index 00000000000..9fc559d8c7f --- /dev/null +++ b/charts/fleet-crd/fleet-crd/0.3.500-rc06/templates/crds.yaml @@ -0,0 +1,2314 @@ +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: bundles.fleet.cattle.io +spec: + additionalPrinterColumns: + - JSONPath: .status.display.readyClusters + name: BundleDeployments-Ready + type: string + - JSONPath: .status.conditions[?(@.type=="Ready")].message + name: Status + type: string + group: fleet.cattle.io + names: + kind: Bundle + plural: bundles + singular: bundle + scope: Namespaced + subresources: + status: {} + validation: + openAPIV3Schema: + properties: + spec: + properties: + defaultNamespace: + nullable: true + type: string + diff: + nullable: true + properties: + comparePatches: + items: + properties: + apiVersion: + nullable: true + type: string + jsonPointers: + items: + nullable: true + type: string + nullable: true + type: array + kind: + nullable: true + type: string + name: + nullable: true + type: string + namespace: + nullable: true + type: string + operations: + items: + properties: + op: + nullable: true + type: string + path: + nullable: true + type: string + value: + nullable: true + type: string + type: object + nullable: true + type: array + type: object + nullable: true + type: array + type: object + forceSyncGeneration: + type: integer + helm: + nullable: true + properties: + chart: + nullable: true + type: string + force: + type: boolean + maxHistory: + type: integer + releaseName: + nullable: true + type: string + repo: + nullable: true + type: string + takeOwnership: + type: boolean + timeoutSeconds: + type: integer + values: + nullable: true + type: object + valuesFiles: + items: + nullable: true + type: string + nullable: true + type: array + version: + nullable: true + type: string + type: object + kustomize: + nullable: true + properties: + dir: + nullable: true + type: string + type: object + namespace: + nullable: true + type: string + paused: + type: boolean + resources: + items: + properties: + content: + nullable: true + type: string + encoding: + nullable: true + type: string + name: + nullable: true + type: string + type: object + nullable: true + type: array + rolloutStrategy: + nullable: true + properties: + autoPartitionSize: + nullable: true + type: string + maxUnavailable: + nullable: true + type: string + maxUnavailablePartitions: + nullable: true + type: string + partitions: + items: + properties: + clusterGroup: + nullable: true + type: string + clusterGroupSelector: + nullable: true + properties: + matchExpressions: + items: + properties: + key: + nullable: true + type: string + operator: + nullable: true + type: string + values: + items: + nullable: true + type: string + nullable: true + type: array + type: object + nullable: true + type: array + matchLabels: + additionalProperties: + nullable: true + type: string + nullable: true + type: object + type: object + clusterName: + nullable: true + type: string + clusterSelector: + nullable: true + properties: + matchExpressions: + items: + properties: + key: + nullable: true + type: string + operator: + nullable: true + type: string + values: + items: + nullable: true + type: string + nullable: true + type: array + type: object + nullable: true + type: array + matchLabels: + additionalProperties: + nullable: true + type: string + nullable: true + type: object + type: object + maxUnavailable: + nullable: true + type: string + name: + nullable: true + type: string + type: object + nullable: true + type: array + type: object + serviceAccount: + nullable: true + type: string + targetRestrictions: + items: + properties: + clusterGroup: + nullable: true + type: string + clusterGroupSelector: + nullable: true + properties: + matchExpressions: + items: + properties: + key: + nullable: true + type: string + operator: + nullable: true + type: string + values: + items: + nullable: true + type: string + nullable: true + type: array + type: object + nullable: true + type: array + matchLabels: + additionalProperties: + nullable: true + type: string + nullable: true + type: object + type: object + clusterName: + nullable: true + type: string + clusterSelector: + nullable: true + properties: + matchExpressions: + items: + properties: + key: + nullable: true + type: string + operator: + nullable: true + type: string + values: + items: + nullable: true + type: string + nullable: true + type: array + type: object + nullable: true + type: array + matchLabels: + additionalProperties: + nullable: true + type: string + nullable: true + type: object + type: object + name: + nullable: true + type: string + type: object + nullable: true + type: array + targets: + items: + properties: + clusterGroup: + nullable: true + type: string + clusterGroupSelector: + nullable: true + properties: + matchExpressions: + items: + properties: + key: + nullable: true + type: string + operator: + nullable: true + type: string + values: + items: + nullable: true + type: string + nullable: true + type: array + type: object + nullable: true + type: array + matchLabels: + additionalProperties: + nullable: true + type: string + nullable: true + type: object + type: object + clusterName: + nullable: true + type: string + clusterSelector: + nullable: true + properties: + matchExpressions: + items: + properties: + key: + nullable: true + type: string + operator: + nullable: true + type: string + values: + items: + nullable: true + type: string + nullable: true + type: array + type: object + nullable: true + type: array + matchLabels: + additionalProperties: + nullable: true + type: string + nullable: true + type: object + type: object + defaultNamespace: + nullable: true + type: string + diff: + nullable: true + properties: + comparePatches: + items: + properties: + apiVersion: + nullable: true + type: string + jsonPointers: + items: + nullable: true + type: string + nullable: true + type: array + kind: + nullable: true + type: string + name: + nullable: true + type: string + namespace: + nullable: true + type: string + operations: + items: + properties: + op: + nullable: true + type: string + path: + nullable: true + type: string + value: + nullable: true + type: string + type: object + nullable: true + type: array + type: object + nullable: true + type: array + type: object + forceSyncGeneration: + type: integer + helm: + nullable: true + properties: + chart: + nullable: true + type: string + force: + type: boolean + maxHistory: + type: integer + releaseName: + nullable: true + type: string + repo: + nullable: true + type: string + takeOwnership: + type: boolean + timeoutSeconds: + type: integer + values: + nullable: true + type: object + valuesFiles: + items: + nullable: true + type: string + nullable: true + type: array + version: + nullable: true + type: string + type: object + kustomize: + nullable: true + properties: + dir: + nullable: true + type: string + type: object + name: + nullable: true + type: string + namespace: + nullable: true + type: string + serviceAccount: + nullable: true + type: string + yaml: + nullable: true + properties: + overlays: + items: + nullable: true + type: string + nullable: true + type: array + type: object + type: object + nullable: true + type: array + yaml: + nullable: true + properties: + overlays: + items: + nullable: true + type: string + nullable: true + type: array + type: object + type: object + status: + properties: + conditions: + items: + properties: + lastTransitionTime: + nullable: true + type: string + lastUpdateTime: + nullable: true + type: string + message: + nullable: true + type: string + reason: + nullable: true + type: string + status: + nullable: true + type: string + type: + nullable: true + type: string + type: object + nullable: true + type: array + display: + properties: + readyClusters: + nullable: true + type: string + state: + nullable: true + type: string + type: object + maxNew: + type: integer + maxUnavailable: + type: integer + maxUnavailablePartitions: + type: integer + newlyCreated: + type: integer + observedGeneration: + type: integer + partitions: + items: + properties: + count: + type: integer + maxUnavailable: + type: integer + name: + nullable: true + type: string + summary: + properties: + desiredReady: + type: integer + errApplied: + type: integer + modified: + type: integer + nonReadyResources: + items: + properties: + bundleState: + nullable: true + type: string + message: + nullable: true + type: string + modifiedStatus: + items: + properties: + apiVersion: + nullable: true + type: string + delete: + type: boolean + kind: + nullable: true + type: string + missing: + type: boolean + name: + nullable: true + type: string + namespace: + nullable: true + type: string + patch: + nullable: true + type: string + type: object + nullable: true + type: array + name: + nullable: true + type: string + nonReadyStatus: + items: + properties: + apiVersion: + nullable: true + type: string + kind: + nullable: true + type: string + name: + nullable: true + type: string + namespace: + nullable: true + type: string + summary: + properties: + error: + type: boolean + message: + items: + nullable: true + type: string + nullable: true + type: array + state: + nullable: true + type: string + transitioning: + type: boolean + type: object + uid: + nullable: true + type: string + type: object + nullable: true + type: array + type: object + nullable: true + type: array + notReady: + type: integer + outOfSync: + type: integer + pending: + type: integer + ready: + type: integer + waitApplied: + type: integer + type: object + unavailable: + type: integer + type: object + nullable: true + type: array + resourceKey: + items: + properties: + apiVersion: + nullable: true + type: string + kind: + nullable: true + type: string + name: + nullable: true + type: string + namespace: + nullable: true + type: string + type: object + nullable: true + type: array + summary: + properties: + desiredReady: + type: integer + errApplied: + type: integer + modified: + type: integer + nonReadyResources: + items: + properties: + bundleState: + nullable: true + type: string + message: + nullable: true + type: string + modifiedStatus: + items: + properties: + apiVersion: + nullable: true + type: string + delete: + type: boolean + kind: + nullable: true + type: string + missing: + type: boolean + name: + nullable: true + type: string + namespace: + nullable: true + type: string + patch: + nullable: true + type: string + type: object + nullable: true + type: array + name: + nullable: true + type: string + nonReadyStatus: + items: + properties: + apiVersion: + nullable: true + type: string + kind: + nullable: true + type: string + name: + nullable: true + type: string + namespace: + nullable: true + type: string + summary: + properties: + error: + type: boolean + message: + items: + nullable: true + type: string + nullable: true + type: array + state: + nullable: true + type: string + transitioning: + type: boolean + type: object + uid: + nullable: true + type: string + type: object + nullable: true + type: array + type: object + nullable: true + type: array + notReady: + type: integer + outOfSync: + type: integer + pending: + type: integer + ready: + type: integer + waitApplied: + type: integer + type: object + unavailable: + type: integer + unavailablePartitions: + type: integer + type: object + type: object + version: v1alpha1 + versions: + - name: v1alpha1 + served: true + storage: true + +--- +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: bundledeployments.fleet.cattle.io +spec: + additionalPrinterColumns: + - JSONPath: .status.display.deployed + name: Deployed + type: string + - JSONPath: .status.display.monitored + name: Monitored + type: string + - JSONPath: .status.conditions[?(@.type=="Ready")].message + name: Status + type: string + group: fleet.cattle.io + names: + kind: BundleDeployment + plural: bundledeployments + singular: bundledeployment + scope: Namespaced + subresources: + status: {} + validation: + openAPIV3Schema: + properties: + spec: + properties: + deploymentID: + nullable: true + type: string + options: + properties: + defaultNamespace: + nullable: true + type: string + diff: + nullable: true + properties: + comparePatches: + items: + properties: + apiVersion: + nullable: true + type: string + jsonPointers: + items: + nullable: true + type: string + nullable: true + type: array + kind: + nullable: true + type: string + name: + nullable: true + type: string + namespace: + nullable: true + type: string + operations: + items: + properties: + op: + nullable: true + type: string + path: + nullable: true + type: string + value: + nullable: true + type: string + type: object + nullable: true + type: array + type: object + nullable: true + type: array + type: object + forceSyncGeneration: + type: integer + helm: + nullable: true + properties: + chart: + nullable: true + type: string + force: + type: boolean + maxHistory: + type: integer + releaseName: + nullable: true + type: string + repo: + nullable: true + type: string + takeOwnership: + type: boolean + timeoutSeconds: + type: integer + values: + nullable: true + type: object + valuesFiles: + items: + nullable: true + type: string + nullable: true + type: array + version: + nullable: true + type: string + type: object + kustomize: + nullable: true + properties: + dir: + nullable: true + type: string + type: object + namespace: + nullable: true + type: string + serviceAccount: + nullable: true + type: string + yaml: + nullable: true + properties: + overlays: + items: + nullable: true + type: string + nullable: true + type: array + type: object + type: object + stagedDeploymentID: + nullable: true + type: string + stagedOptions: + properties: + defaultNamespace: + nullable: true + type: string + diff: + nullable: true + properties: + comparePatches: + items: + properties: + apiVersion: + nullable: true + type: string + jsonPointers: + items: + nullable: true + type: string + nullable: true + type: array + kind: + nullable: true + type: string + name: + nullable: true + type: string + namespace: + nullable: true + type: string + operations: + items: + properties: + op: + nullable: true + type: string + path: + nullable: true + type: string + value: + nullable: true + type: string + type: object + nullable: true + type: array + type: object + nullable: true + type: array + type: object + forceSyncGeneration: + type: integer + helm: + nullable: true + properties: + chart: + nullable: true + type: string + force: + type: boolean + maxHistory: + type: integer + releaseName: + nullable: true + type: string + repo: + nullable: true + type: string + takeOwnership: + type: boolean + timeoutSeconds: + type: integer + values: + nullable: true + type: object + valuesFiles: + items: + nullable: true + type: string + nullable: true + type: array + version: + nullable: true + type: string + type: object + kustomize: + nullable: true + properties: + dir: + nullable: true + type: string + type: object + namespace: + nullable: true + type: string + serviceAccount: + nullable: true + type: string + yaml: + nullable: true + properties: + overlays: + items: + nullable: true + type: string + nullable: true + type: array + type: object + type: object + type: object + status: + properties: + appliedDeploymentID: + nullable: true + type: string + conditions: + items: + properties: + lastTransitionTime: + nullable: true + type: string + lastUpdateTime: + nullable: true + type: string + message: + nullable: true + type: string + reason: + nullable: true + type: string + status: + nullable: true + type: string + type: + nullable: true + type: string + type: object + nullable: true + type: array + display: + properties: + deployed: + nullable: true + type: string + monitored: + nullable: true + type: string + state: + nullable: true + type: string + type: object + modifiedStatus: + items: + properties: + apiVersion: + nullable: true + type: string + delete: + type: boolean + kind: + nullable: true + type: string + missing: + type: boolean + name: + nullable: true + type: string + namespace: + nullable: true + type: string + patch: + nullable: true + type: string + type: object + nullable: true + type: array + nonModified: + type: boolean + nonReadyStatus: + items: + properties: + apiVersion: + nullable: true + type: string + kind: + nullable: true + type: string + name: + nullable: true + type: string + namespace: + nullable: true + type: string + summary: + properties: + error: + type: boolean + message: + items: + nullable: true + type: string + nullable: true + type: array + state: + nullable: true + type: string + transitioning: + type: boolean + type: object + uid: + nullable: true + type: string + type: object + nullable: true + type: array + ready: + type: boolean + release: + nullable: true + type: string + syncGeneration: + nullable: true + type: integer + type: object + type: object + version: v1alpha1 + versions: + - name: v1alpha1 + served: true + storage: true + +--- +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: bundlenamespacemappings.fleet.cattle.io +spec: + group: fleet.cattle.io + names: + kind: BundleNamespaceMapping + plural: bundlenamespacemappings + singular: bundlenamespacemapping + scope: Namespaced + subresources: + status: {} + validation: + openAPIV3Schema: + properties: + bundleSelector: + nullable: true + properties: + matchExpressions: + items: + properties: + key: + nullable: true + type: string + operator: + nullable: true + type: string + values: + items: + nullable: true + type: string + nullable: true + type: array + type: object + nullable: true + type: array + matchLabels: + additionalProperties: + nullable: true + type: string + nullable: true + type: object + type: object + namespaceSelector: + nullable: true + properties: + matchExpressions: + items: + properties: + key: + nullable: true + type: string + operator: + nullable: true + type: string + values: + items: + nullable: true + type: string + nullable: true + type: array + type: object + nullable: true + type: array + matchLabels: + additionalProperties: + nullable: true + type: string + nullable: true + type: object + type: object + type: object + version: v1alpha1 + versions: + - name: v1alpha1 + served: true + storage: true + +--- +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: clustergroups.fleet.cattle.io +spec: + additionalPrinterColumns: + - JSONPath: .status.display.readyClusters + name: Clusters-Ready + type: string + - JSONPath: .status.display.readyBundles + name: Bundles-Ready + type: string + - JSONPath: .status.conditions[?(@.type=="Ready")].message + name: Status + type: string + group: fleet.cattle.io + names: + categories: + - fleet + kind: ClusterGroup + plural: clustergroups + singular: clustergroup + scope: Namespaced + subresources: + status: {} + validation: + openAPIV3Schema: + properties: + spec: + properties: + selector: + nullable: true + properties: + matchExpressions: + items: + properties: + key: + nullable: true + type: string + operator: + nullable: true + type: string + values: + items: + nullable: true + type: string + nullable: true + type: array + type: object + nullable: true + type: array + matchLabels: + additionalProperties: + nullable: true + type: string + nullable: true + type: object + type: object + type: object + status: + properties: + clusterCount: + type: integer + conditions: + items: + properties: + lastTransitionTime: + nullable: true + type: string + lastUpdateTime: + nullable: true + type: string + message: + nullable: true + type: string + reason: + nullable: true + type: string + status: + nullable: true + type: string + type: + nullable: true + type: string + type: object + nullable: true + type: array + display: + properties: + readyBundles: + nullable: true + type: string + readyClusters: + nullable: true + type: string + state: + nullable: true + type: string + type: object + nonReadyClusterCount: + type: integer + nonReadyClusters: + items: + nullable: true + type: string + nullable: true + type: array + resourceCounts: + properties: + desiredReady: + type: integer + missing: + type: integer + modified: + type: integer + notReady: + type: integer + orphaned: + type: integer + ready: + type: integer + unknown: + type: integer + waitApplied: + type: integer + type: object + summary: + properties: + desiredReady: + type: integer + errApplied: + type: integer + modified: + type: integer + nonReadyResources: + items: + properties: + bundleState: + nullable: true + type: string + message: + nullable: true + type: string + modifiedStatus: + items: + properties: + apiVersion: + nullable: true + type: string + delete: + type: boolean + kind: + nullable: true + type: string + missing: + type: boolean + name: + nullable: true + type: string + namespace: + nullable: true + type: string + patch: + nullable: true + type: string + type: object + nullable: true + type: array + name: + nullable: true + type: string + nonReadyStatus: + items: + properties: + apiVersion: + nullable: true + type: string + kind: + nullable: true + type: string + name: + nullable: true + type: string + namespace: + nullable: true + type: string + summary: + properties: + error: + type: boolean + message: + items: + nullable: true + type: string + nullable: true + type: array + state: + nullable: true + type: string + transitioning: + type: boolean + type: object + uid: + nullable: true + type: string + type: object + nullable: true + type: array + type: object + nullable: true + type: array + notReady: + type: integer + outOfSync: + type: integer + pending: + type: integer + ready: + type: integer + waitApplied: + type: integer + type: object + type: object + type: object + version: v1alpha1 + versions: + - name: v1alpha1 + served: true + storage: true + +--- +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: clusters.fleet.cattle.io +spec: + additionalPrinterColumns: + - JSONPath: .status.display.readyBundles + name: Bundles-Ready + type: string + - JSONPath: .status.display.readyNodes + name: Nodes-Ready + type: string + - JSONPath: .status.display.sampleNode + name: Sample-Node + type: string + - JSONPath: .status.agent.lastSeen + name: Last-Seen + type: string + - JSONPath: .status.conditions[?(@.type=="Ready")].message + name: Status + type: string + group: fleet.cattle.io + names: + kind: Cluster + plural: clusters + singular: cluster + scope: Namespaced + subresources: + status: {} + validation: + openAPIV3Schema: + properties: + spec: + properties: + agentEnvVars: + items: + properties: + name: + nullable: true + type: string + value: + nullable: true + type: string + valueFrom: + nullable: true + properties: + configMapKeyRef: + nullable: true + properties: + key: + nullable: true + type: string + name: + nullable: true + type: string + optional: + nullable: true + type: boolean + type: object + fieldRef: + nullable: true + properties: + apiVersion: + nullable: true + type: string + fieldPath: + nullable: true + type: string + type: object + resourceFieldRef: + nullable: true + properties: + containerName: + nullable: true + type: string + divisor: + nullable: true + type: string + resource: + nullable: true + type: string + type: object + secretKeyRef: + nullable: true + properties: + key: + nullable: true + type: string + name: + nullable: true + type: string + optional: + nullable: true + type: boolean + type: object + type: object + type: object + nullable: true + type: array + clientID: + nullable: true + type: string + kubeConfigSecret: + nullable: true + type: string + paused: + type: boolean + redeployAgentGeneration: + type: integer + type: object + status: + properties: + agent: + properties: + lastSeen: + nullable: true + type: string + namespace: + nullable: true + type: string + nonReadyNodeNames: + items: + nullable: true + type: string + nullable: true + type: array + nonReadyNodes: + type: integer + readyNodeNames: + items: + nullable: true + type: string + nullable: true + type: array + readyNodes: + type: integer + type: object + agentDeployedGeneration: + nullable: true + type: integer + conditions: + items: + properties: + lastTransitionTime: + nullable: true + type: string + lastUpdateTime: + nullable: true + type: string + message: + nullable: true + type: string + reason: + nullable: true + type: string + status: + nullable: true + type: string + type: + nullable: true + type: string + type: object + nullable: true + type: array + desiredReadyGitRepos: + type: integer + display: + properties: + readyBundles: + nullable: true + type: string + readyNodes: + nullable: true + type: string + sampleNode: + nullable: true + type: string + state: + nullable: true + type: string + type: object + namespace: + nullable: true + type: string + readyGitRepos: + type: integer + resourceCounts: + properties: + desiredReady: + type: integer + missing: + type: integer + modified: + type: integer + notReady: + type: integer + orphaned: + type: integer + ready: + type: integer + unknown: + type: integer + waitApplied: + type: integer + type: object + summary: + properties: + desiredReady: + type: integer + errApplied: + type: integer + modified: + type: integer + nonReadyResources: + items: + properties: + bundleState: + nullable: true + type: string + message: + nullable: true + type: string + modifiedStatus: + items: + properties: + apiVersion: + nullable: true + type: string + delete: + type: boolean + kind: + nullable: true + type: string + missing: + type: boolean + name: + nullable: true + type: string + namespace: + nullable: true + type: string + patch: + nullable: true + type: string + type: object + nullable: true + type: array + name: + nullable: true + type: string + nonReadyStatus: + items: + properties: + apiVersion: + nullable: true + type: string + kind: + nullable: true + type: string + name: + nullable: true + type: string + namespace: + nullable: true + type: string + summary: + properties: + error: + type: boolean + message: + items: + nullable: true + type: string + nullable: true + type: array + state: + nullable: true + type: string + transitioning: + type: boolean + type: object + uid: + nullable: true + type: string + type: object + nullable: true + type: array + type: object + nullable: true + type: array + notReady: + type: integer + outOfSync: + type: integer + pending: + type: integer + ready: + type: integer + waitApplied: + type: integer + type: object + type: object + type: object + version: v1alpha1 + versions: + - name: v1alpha1 + served: true + storage: true + +--- +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: clusterregistrationtokens.fleet.cattle.io +spec: + additionalPrinterColumns: + - JSONPath: .status.secretName + name: Secret-Name + type: string + group: fleet.cattle.io + names: + kind: ClusterRegistrationToken + plural: clusterregistrationtokens + singular: clusterregistrationtoken + scope: Namespaced + subresources: + status: {} + validation: + openAPIV3Schema: + properties: + spec: + properties: + ttl: + nullable: true + type: string + type: object + status: + properties: + expires: + nullable: true + type: string + secretName: + nullable: true + type: string + type: object + type: object + version: v1alpha1 + versions: + - name: v1alpha1 + served: true + storage: true + +--- +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: gitrepos.fleet.cattle.io +spec: + additionalPrinterColumns: + - JSONPath: .spec.repo + name: Repo + type: string + - JSONPath: .status.commit + name: Commit + type: string + - JSONPath: .status.display.readyBundleDeployments + name: BundleDeployments-Ready + type: string + - JSONPath: .status.conditions[?(@.type=="Ready")].message + name: Status + type: string + group: fleet.cattle.io + names: + categories: + - fleet + kind: GitRepo + plural: gitrepos + singular: gitrepo + scope: Namespaced + subresources: + status: {} + validation: + openAPIV3Schema: + properties: + spec: + properties: + branch: + nullable: true + type: string + caBundle: + nullable: true + type: string + clientSecretName: + nullable: true + type: string + forceSyncGeneration: + type: integer + helmSecretName: + nullable: true + type: string + insecureSkipTLSVerify: + type: boolean + paths: + items: + nullable: true + type: string + nullable: true + type: array + paused: + type: boolean + pollingInterval: + nullable: true + type: string + repo: + nullable: true + type: string + revision: + nullable: true + type: string + serviceAccount: + nullable: true + type: string + targetNamespace: + nullable: true + type: string + targets: + items: + properties: + clusterGroup: + nullable: true + type: string + clusterGroupSelector: + nullable: true + properties: + matchExpressions: + items: + properties: + key: + nullable: true + type: string + operator: + nullable: true + type: string + values: + items: + nullable: true + type: string + nullable: true + type: array + type: object + nullable: true + type: array + matchLabels: + additionalProperties: + nullable: true + type: string + nullable: true + type: object + type: object + clusterName: + nullable: true + type: string + clusterSelector: + nullable: true + properties: + matchExpressions: + items: + properties: + key: + nullable: true + type: string + operator: + nullable: true + type: string + values: + items: + nullable: true + type: string + nullable: true + type: array + type: object + nullable: true + type: array + matchLabels: + additionalProperties: + nullable: true + type: string + nullable: true + type: object + type: object + name: + nullable: true + type: string + type: object + nullable: true + type: array + type: object + status: + properties: + commit: + nullable: true + type: string + conditions: + items: + properties: + lastTransitionTime: + nullable: true + type: string + lastUpdateTime: + nullable: true + type: string + message: + nullable: true + type: string + reason: + nullable: true + type: string + status: + nullable: true + type: string + type: + nullable: true + type: string + type: object + nullable: true + type: array + desiredReadyClusters: + type: integer + display: + properties: + error: + type: boolean + message: + nullable: true + type: string + readyBundleDeployments: + nullable: true + type: string + state: + nullable: true + type: string + type: object + gitJobStatus: + nullable: true + type: string + observedGeneration: + type: integer + readyClusters: + type: integer + resourceCounts: + properties: + desiredReady: + type: integer + missing: + type: integer + modified: + type: integer + notReady: + type: integer + orphaned: + type: integer + ready: + type: integer + unknown: + type: integer + waitApplied: + type: integer + type: object + resourceErrors: + items: + nullable: true + type: string + nullable: true + type: array + resources: + items: + properties: + apiVersion: + nullable: true + type: string + error: + type: boolean + id: + nullable: true + type: string + incompleteState: + type: boolean + kind: + nullable: true + type: string + message: + nullable: true + type: string + name: + nullable: true + type: string + namespace: + nullable: true + type: string + perClusterState: + items: + properties: + clusterId: + nullable: true + type: string + error: + type: boolean + message: + nullable: true + type: string + patch: + nullable: true + type: object + state: + nullable: true + type: string + transitioning: + type: boolean + type: object + nullable: true + type: array + state: + nullable: true + type: string + transitioning: + type: boolean + type: + nullable: true + type: string + type: object + nullable: true + type: array + summary: + properties: + desiredReady: + type: integer + errApplied: + type: integer + modified: + type: integer + nonReadyResources: + items: + properties: + bundleState: + nullable: true + type: string + message: + nullable: true + type: string + modifiedStatus: + items: + properties: + apiVersion: + nullable: true + type: string + delete: + type: boolean + kind: + nullable: true + type: string + missing: + type: boolean + name: + nullable: true + type: string + namespace: + nullable: true + type: string + patch: + nullable: true + type: string + type: object + nullable: true + type: array + name: + nullable: true + type: string + nonReadyStatus: + items: + properties: + apiVersion: + nullable: true + type: string + kind: + nullable: true + type: string + name: + nullable: true + type: string + namespace: + nullable: true + type: string + summary: + properties: + error: + type: boolean + message: + items: + nullable: true + type: string + nullable: true + type: array + state: + nullable: true + type: string + transitioning: + type: boolean + type: object + uid: + nullable: true + type: string + type: object + nullable: true + type: array + type: object + nullable: true + type: array + notReady: + type: integer + outOfSync: + type: integer + pending: + type: integer + ready: + type: integer + waitApplied: + type: integer + type: object + type: object + type: object + version: v1alpha1 + versions: + - name: v1alpha1 + served: true + storage: true + +--- +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: clusterregistrations.fleet.cattle.io +spec: + additionalPrinterColumns: + - JSONPath: .status.clusterName + name: Cluster-Name + type: string + - JSONPath: .spec.clusterLabels + name: Labels + type: string + group: fleet.cattle.io + names: + kind: ClusterRegistration + plural: clusterregistrations + singular: clusterregistration + scope: Namespaced + subresources: + status: {} + validation: + openAPIV3Schema: + properties: + spec: + properties: + clientID: + nullable: true + type: string + clientRandom: + nullable: true + type: string + clusterLabels: + additionalProperties: + nullable: true + type: string + nullable: true + type: object + type: object + status: + properties: + clusterName: + nullable: true + type: string + granted: + type: boolean + type: object + type: object + version: v1alpha1 + versions: + - name: v1alpha1 + served: true + storage: true + +--- +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: gitreporestrictions.fleet.cattle.io +spec: + additionalPrinterColumns: + - JSONPath: .defaultServiceAccount + name: Default-ServiceAccount + type: string + - JSONPath: .allowedServiceAccounts + name: Allowed-ServiceAccounts + type: string + group: fleet.cattle.io + names: + kind: GitRepoRestriction + plural: gitreporestrictions + singular: gitreporestriction + scope: Namespaced + subresources: + status: {} + validation: + openAPIV3Schema: + properties: + allowedClientSecretNames: + items: + nullable: true + type: string + nullable: true + type: array + allowedRepoPatterns: + items: + nullable: true + type: string + nullable: true + type: array + allowedServiceAccounts: + items: + nullable: true + type: string + nullable: true + type: array + defaultClientSecretName: + nullable: true + type: string + defaultServiceAccount: + nullable: true + type: string + type: object + version: v1alpha1 + versions: + - name: v1alpha1 + served: true + storage: true + +--- +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: contents.fleet.cattle.io +spec: + group: fleet.cattle.io + names: + kind: Content + plural: contents + singular: content + scope: Cluster + validation: + openAPIV3Schema: + properties: + content: + nullable: true + type: string + type: object + version: v1alpha1 + versions: + - name: v1alpha1 + served: true + storage: true diff --git a/charts/fleet-crd/fleet-crd/0.3.500-rc06/templates/gitjobs-crds.yaml b/charts/fleet-crd/fleet-crd/0.3.500-rc06/templates/gitjobs-crds.yaml new file mode 100755 index 00000000000..2c26f79ff36 --- /dev/null +++ b/charts/fleet-crd/fleet-crd/0.3.500-rc06/templates/gitjobs-crds.yaml @@ -0,0 +1,3208 @@ +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: gitjobs.gitjob.cattle.io +spec: + additionalPrinterColumns: + - JSONPath: .spec.git.repo + name: REPO + type: string + - JSONPath: .spec.git.branch + name: BRANCH + type: string + - JSONPath: .status.commit + name: COMMIT + type: string + - JSONPath: .status.jobStatus + name: JOBSTATUS + type: string + - JSONPath: .metadata.creationTimestamp + name: Age + type: date + group: gitjob.cattle.io + names: + kind: GitJob + plural: gitjobs + scope: Namespaced + subresources: + status: {} + validation: + openAPIV3Schema: + properties: + spec: + properties: + forceUpdateGeneration: + type: integer + git: + properties: + branch: + nullable: true + type: string + caBundle: + nullable: true + type: string + clientSecretName: + nullable: true + type: string + insecureSkipTLSVerify: + type: boolean + provider: + nullable: true + type: string + repo: + nullable: true + type: string + revision: + nullable: true + type: string + secret: + nullable: true + type: string + type: object + jobSpec: + properties: + activeDeadlineSeconds: + nullable: true + type: integer + backoffLimit: + nullable: true + type: integer + completions: + nullable: true + type: integer + manualSelector: + nullable: true + type: boolean + parallelism: + nullable: true + type: integer + selector: + nullable: true + properties: + matchExpressions: + items: + properties: + key: + nullable: true + type: string + operator: + nullable: true + type: string + values: + items: + nullable: true + type: string + nullable: true + type: array + type: object + nullable: true + type: array + matchLabels: + additionalProperties: + nullable: true + type: string + nullable: true + type: object + type: object + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + nullable: true + type: string + nullable: true + type: object + clusterName: + nullable: true + type: string + creationTimestamp: + nullable: true + type: string + deletionGracePeriodSeconds: + nullable: true + type: integer + deletionTimestamp: + nullable: true + type: string + finalizers: + items: + nullable: true + type: string + nullable: true + type: array + generateName: + nullable: true + type: string + generation: + type: integer + labels: + additionalProperties: + nullable: true + type: string + nullable: true + type: object + managedFields: + items: + properties: + apiVersion: + nullable: true + type: string + fieldsType: + nullable: true + type: string + fieldsV1: + nullable: true + type: object + manager: + nullable: true + type: string + operation: + nullable: true + type: string + time: + nullable: true + type: string + type: object + nullable: true + type: array + name: + nullable: true + type: string + namespace: + nullable: true + type: string + ownerReferences: + items: + properties: + apiVersion: + nullable: true + type: string + blockOwnerDeletion: + nullable: true + type: boolean + controller: + nullable: true + type: boolean + kind: + nullable: true + type: string + name: + nullable: true + type: string + uid: + nullable: true + type: string + type: object + nullable: true + type: array + resourceVersion: + nullable: true + type: string + selfLink: + nullable: true + type: string + uid: + nullable: true + type: string + type: object + spec: + properties: + activeDeadlineSeconds: + nullable: true + type: integer + affinity: + nullable: true + properties: + nodeAffinity: + nullable: true + properties: + preferredDuringSchedulingIgnoredDuringExecution: + items: + properties: + preference: + properties: + matchExpressions: + items: + properties: + key: + nullable: true + type: string + operator: + nullable: true + type: string + values: + items: + nullable: true + type: string + nullable: true + type: array + type: object + nullable: true + type: array + matchFields: + items: + properties: + key: + nullable: true + type: string + operator: + nullable: true + type: string + values: + items: + nullable: true + type: string + nullable: true + type: array + type: object + nullable: true + type: array + type: object + weight: + type: integer + type: object + nullable: true + type: array + requiredDuringSchedulingIgnoredDuringExecution: + nullable: true + properties: + nodeSelectorTerms: + items: + properties: + matchExpressions: + items: + properties: + key: + nullable: true + type: string + operator: + nullable: true + type: string + values: + items: + nullable: true + type: string + nullable: true + type: array + type: object + nullable: true + type: array + matchFields: + items: + properties: + key: + nullable: true + type: string + operator: + nullable: true + type: string + values: + items: + nullable: true + type: string + nullable: true + type: array + type: object + nullable: true + type: array + type: object + nullable: true + type: array + type: object + type: object + podAffinity: + nullable: true + properties: + preferredDuringSchedulingIgnoredDuringExecution: + items: + properties: + podAffinityTerm: + properties: + labelSelector: + nullable: true + properties: + matchExpressions: + items: + properties: + key: + nullable: true + type: string + operator: + nullable: true + type: string + values: + items: + nullable: true + type: string + nullable: true + type: array + type: object + nullable: true + type: array + matchLabels: + additionalProperties: + nullable: true + type: string + nullable: true + type: object + type: object + namespaces: + items: + nullable: true + type: string + nullable: true + type: array + topologyKey: + nullable: true + type: string + type: object + weight: + type: integer + type: object + nullable: true + type: array + requiredDuringSchedulingIgnoredDuringExecution: + items: + properties: + labelSelector: + nullable: true + properties: + matchExpressions: + items: + properties: + key: + nullable: true + type: string + operator: + nullable: true + type: string + values: + items: + nullable: true + type: string + nullable: true + type: array + type: object + nullable: true + type: array + matchLabels: + additionalProperties: + nullable: true + type: string + nullable: true + type: object + type: object + namespaces: + items: + nullable: true + type: string + nullable: true + type: array + topologyKey: + nullable: true + type: string + type: object + nullable: true + type: array + type: object + podAntiAffinity: + nullable: true + properties: + preferredDuringSchedulingIgnoredDuringExecution: + items: + properties: + podAffinityTerm: + properties: + labelSelector: + nullable: true + properties: + matchExpressions: + items: + properties: + key: + nullable: true + type: string + operator: + nullable: true + type: string + values: + items: + nullable: true + type: string + nullable: true + type: array + type: object + nullable: true + type: array + matchLabels: + additionalProperties: + nullable: true + type: string + nullable: true + type: object + type: object + namespaces: + items: + nullable: true + type: string + nullable: true + type: array + topologyKey: + nullable: true + type: string + type: object + weight: + type: integer + type: object + nullable: true + type: array + requiredDuringSchedulingIgnoredDuringExecution: + items: + properties: + labelSelector: + nullable: true + properties: + matchExpressions: + items: + properties: + key: + nullable: true + type: string + operator: + nullable: true + type: string + values: + items: + nullable: true + type: string + nullable: true + type: array + type: object + nullable: true + type: array + matchLabels: + additionalProperties: + nullable: true + type: string + nullable: true + type: object + type: object + namespaces: + items: + nullable: true + type: string + nullable: true + type: array + topologyKey: + nullable: true + type: string + type: object + nullable: true + type: array + type: object + type: object + automountServiceAccountToken: + nullable: true + type: boolean + containers: + items: + properties: + args: + items: + nullable: true + type: string + nullable: true + type: array + command: + items: + nullable: true + type: string + nullable: true + type: array + env: + items: + properties: + name: + nullable: true + type: string + value: + nullable: true + type: string + valueFrom: + nullable: true + properties: + configMapKeyRef: + nullable: true + properties: + key: + nullable: true + type: string + name: + nullable: true + type: string + optional: + nullable: true + type: boolean + type: object + fieldRef: + nullable: true + properties: + apiVersion: + nullable: true + type: string + fieldPath: + nullable: true + type: string + type: object + resourceFieldRef: + nullable: true + properties: + containerName: + nullable: true + type: string + divisor: + nullable: true + type: string + resource: + nullable: true + type: string + type: object + secretKeyRef: + nullable: true + properties: + key: + nullable: true + type: string + name: + nullable: true + type: string + optional: + nullable: true + type: boolean + type: object + type: object + type: object + nullable: true + type: array + envFrom: + items: + properties: + configMapRef: + nullable: true + properties: + name: + nullable: true + type: string + optional: + nullable: true + type: boolean + type: object + prefix: + nullable: true + type: string + secretRef: + nullable: true + properties: + name: + nullable: true + type: string + optional: + nullable: true + type: boolean + type: object + type: object + nullable: true + type: array + image: + nullable: true + type: string + imagePullPolicy: + nullable: true + type: string + lifecycle: + nullable: true + properties: + postStart: + nullable: true + properties: + exec: + nullable: true + properties: + command: + items: + nullable: true + type: string + nullable: true + type: array + type: object + httpGet: + nullable: true + properties: + host: + nullable: true + type: string + httpHeaders: + items: + properties: + name: + nullable: true + type: string + value: + nullable: true + type: string + type: object + nullable: true + type: array + path: + nullable: true + type: string + port: + nullable: true + type: string + scheme: + nullable: true + type: string + type: object + tcpSocket: + nullable: true + properties: + host: + nullable: true + type: string + port: + nullable: true + type: string + type: object + type: object + preStop: + nullable: true + properties: + exec: + nullable: true + properties: + command: + items: + nullable: true + type: string + nullable: true + type: array + type: object + httpGet: + nullable: true + properties: + host: + nullable: true + type: string + httpHeaders: + items: + properties: + name: + nullable: true + type: string + value: + nullable: true + type: string + type: object + nullable: true + type: array + path: + nullable: true + type: string + port: + nullable: true + type: string + scheme: + nullable: true + type: string + type: object + tcpSocket: + nullable: true + properties: + host: + nullable: true + type: string + port: + nullable: true + type: string + type: object + type: object + type: object + livenessProbe: + nullable: true + properties: + exec: + nullable: true + properties: + command: + items: + nullable: true + type: string + nullable: true + type: array + type: object + failureThreshold: + type: integer + httpGet: + nullable: true + properties: + host: + nullable: true + type: string + httpHeaders: + items: + properties: + name: + nullable: true + type: string + value: + nullable: true + type: string + type: object + nullable: true + type: array + path: + nullable: true + type: string + port: + nullable: true + type: string + scheme: + nullable: true + type: string + type: object + initialDelaySeconds: + type: integer + periodSeconds: + type: integer + successThreshold: + type: integer + tcpSocket: + nullable: true + properties: + host: + nullable: true + type: string + port: + nullable: true + type: string + type: object + timeoutSeconds: + type: integer + type: object + name: + nullable: true + type: string + ports: + items: + properties: + containerPort: + type: integer + hostIP: + nullable: true + type: string + hostPort: + type: integer + name: + nullable: true + type: string + protocol: + nullable: true + type: string + type: object + nullable: true + type: array + readinessProbe: + nullable: true + properties: + exec: + nullable: true + properties: + command: + items: + nullable: true + type: string + nullable: true + type: array + type: object + failureThreshold: + type: integer + httpGet: + nullable: true + properties: + host: + nullable: true + type: string + httpHeaders: + items: + properties: + name: + nullable: true + type: string + value: + nullable: true + type: string + type: object + nullable: true + type: array + path: + nullable: true + type: string + port: + nullable: true + type: string + scheme: + nullable: true + type: string + type: object + initialDelaySeconds: + type: integer + periodSeconds: + type: integer + successThreshold: + type: integer + tcpSocket: + nullable: true + properties: + host: + nullable: true + type: string + port: + nullable: true + type: string + type: object + timeoutSeconds: + type: integer + type: object + resources: + properties: + limits: + additionalProperties: + nullable: true + type: string + nullable: true + type: object + requests: + additionalProperties: + nullable: true + type: string + nullable: true + type: object + type: object + securityContext: + nullable: true + properties: + allowPrivilegeEscalation: + nullable: true + type: boolean + capabilities: + nullable: true + properties: + add: + items: + nullable: true + type: string + nullable: true + type: array + drop: + items: + nullable: true + type: string + nullable: true + type: array + type: object + privileged: + nullable: true + type: boolean + procMount: + nullable: true + type: string + readOnlyRootFilesystem: + nullable: true + type: boolean + runAsGroup: + nullable: true + type: integer + runAsNonRoot: + nullable: true + type: boolean + runAsUser: + nullable: true + type: integer + seLinuxOptions: + nullable: true + properties: + level: + nullable: true + type: string + role: + nullable: true + type: string + type: + nullable: true + type: string + user: + nullable: true + type: string + type: object + windowsOptions: + nullable: true + properties: + gmsaCredentialSpec: + nullable: true + type: string + gmsaCredentialSpecName: + nullable: true + type: string + runAsUserName: + nullable: true + type: string + type: object + type: object + startupProbe: + nullable: true + properties: + exec: + nullable: true + properties: + command: + items: + nullable: true + type: string + nullable: true + type: array + type: object + failureThreshold: + type: integer + httpGet: + nullable: true + properties: + host: + nullable: true + type: string + httpHeaders: + items: + properties: + name: + nullable: true + type: string + value: + nullable: true + type: string + type: object + nullable: true + type: array + path: + nullable: true + type: string + port: + nullable: true + type: string + scheme: + nullable: true + type: string + type: object + initialDelaySeconds: + type: integer + periodSeconds: + type: integer + successThreshold: + type: integer + tcpSocket: + nullable: true + properties: + host: + nullable: true + type: string + port: + nullable: true + type: string + type: object + timeoutSeconds: + type: integer + type: object + stdin: + type: boolean + stdinOnce: + type: boolean + terminationMessagePath: + nullable: true + type: string + terminationMessagePolicy: + nullable: true + type: string + tty: + type: boolean + volumeDevices: + items: + properties: + devicePath: + nullable: true + type: string + name: + nullable: true + type: string + type: object + nullable: true + type: array + volumeMounts: + items: + properties: + mountPath: + nullable: true + type: string + mountPropagation: + nullable: true + type: string + name: + nullable: true + type: string + readOnly: + type: boolean + subPath: + nullable: true + type: string + subPathExpr: + nullable: true + type: string + type: object + nullable: true + type: array + workingDir: + nullable: true + type: string + type: object + nullable: true + type: array + dnsConfig: + nullable: true + properties: + nameservers: + items: + nullable: true + type: string + nullable: true + type: array + options: + items: + properties: + name: + nullable: true + type: string + value: + nullable: true + type: string + type: object + nullable: true + type: array + searches: + items: + nullable: true + type: string + nullable: true + type: array + type: object + dnsPolicy: + nullable: true + type: string + enableServiceLinks: + nullable: true + type: boolean + ephemeralContainers: + items: + properties: + args: + items: + nullable: true + type: string + nullable: true + type: array + command: + items: + nullable: true + type: string + nullable: true + type: array + env: + items: + properties: + name: + nullable: true + type: string + value: + nullable: true + type: string + valueFrom: + nullable: true + properties: + configMapKeyRef: + nullable: true + properties: + key: + nullable: true + type: string + name: + nullable: true + type: string + optional: + nullable: true + type: boolean + type: object + fieldRef: + nullable: true + properties: + apiVersion: + nullable: true + type: string + fieldPath: + nullable: true + type: string + type: object + resourceFieldRef: + nullable: true + properties: + containerName: + nullable: true + type: string + divisor: + nullable: true + type: string + resource: + nullable: true + type: string + type: object + secretKeyRef: + nullable: true + properties: + key: + nullable: true + type: string + name: + nullable: true + type: string + optional: + nullable: true + type: boolean + type: object + type: object + type: object + nullable: true + type: array + envFrom: + items: + properties: + configMapRef: + nullable: true + properties: + name: + nullable: true + type: string + optional: + nullable: true + type: boolean + type: object + prefix: + nullable: true + type: string + secretRef: + nullable: true + properties: + name: + nullable: true + type: string + optional: + nullable: true + type: boolean + type: object + type: object + nullable: true + type: array + image: + nullable: true + type: string + imagePullPolicy: + nullable: true + type: string + lifecycle: + nullable: true + properties: + postStart: + nullable: true + properties: + exec: + nullable: true + properties: + command: + items: + nullable: true + type: string + nullable: true + type: array + type: object + httpGet: + nullable: true + properties: + host: + nullable: true + type: string + httpHeaders: + items: + properties: + name: + nullable: true + type: string + value: + nullable: true + type: string + type: object + nullable: true + type: array + path: + nullable: true + type: string + port: + nullable: true + type: string + scheme: + nullable: true + type: string + type: object + tcpSocket: + nullable: true + properties: + host: + nullable: true + type: string + port: + nullable: true + type: string + type: object + type: object + preStop: + nullable: true + properties: + exec: + nullable: true + properties: + command: + items: + nullable: true + type: string + nullable: true + type: array + type: object + httpGet: + nullable: true + properties: + host: + nullable: true + type: string + httpHeaders: + items: + properties: + name: + nullable: true + type: string + value: + nullable: true + type: string + type: object + nullable: true + type: array + path: + nullable: true + type: string + port: + nullable: true + type: string + scheme: + nullable: true + type: string + type: object + tcpSocket: + nullable: true + properties: + host: + nullable: true + type: string + port: + nullable: true + type: string + type: object + type: object + type: object + livenessProbe: + nullable: true + properties: + exec: + nullable: true + properties: + command: + items: + nullable: true + type: string + nullable: true + type: array + type: object + failureThreshold: + type: integer + httpGet: + nullable: true + properties: + host: + nullable: true + type: string + httpHeaders: + items: + properties: + name: + nullable: true + type: string + value: + nullable: true + type: string + type: object + nullable: true + type: array + path: + nullable: true + type: string + port: + nullable: true + type: string + scheme: + nullable: true + type: string + type: object + initialDelaySeconds: + type: integer + periodSeconds: + type: integer + successThreshold: + type: integer + tcpSocket: + nullable: true + properties: + host: + nullable: true + type: string + port: + nullable: true + type: string + type: object + timeoutSeconds: + type: integer + type: object + name: + nullable: true + type: string + ports: + items: + properties: + containerPort: + type: integer + hostIP: + nullable: true + type: string + hostPort: + type: integer + name: + nullable: true + type: string + protocol: + nullable: true + type: string + type: object + nullable: true + type: array + readinessProbe: + nullable: true + properties: + exec: + nullable: true + properties: + command: + items: + nullable: true + type: string + nullable: true + type: array + type: object + failureThreshold: + type: integer + httpGet: + nullable: true + properties: + host: + nullable: true + type: string + httpHeaders: + items: + properties: + name: + nullable: true + type: string + value: + nullable: true + type: string + type: object + nullable: true + type: array + path: + nullable: true + type: string + port: + nullable: true + type: string + scheme: + nullable: true + type: string + type: object + initialDelaySeconds: + type: integer + periodSeconds: + type: integer + successThreshold: + type: integer + tcpSocket: + nullable: true + properties: + host: + nullable: true + type: string + port: + nullable: true + type: string + type: object + timeoutSeconds: + type: integer + type: object + resources: + properties: + limits: + additionalProperties: + nullable: true + type: string + nullable: true + type: object + requests: + additionalProperties: + nullable: true + type: string + nullable: true + type: object + type: object + securityContext: + nullable: true + properties: + allowPrivilegeEscalation: + nullable: true + type: boolean + capabilities: + nullable: true + properties: + add: + items: + nullable: true + type: string + nullable: true + type: array + drop: + items: + nullable: true + type: string + nullable: true + type: array + type: object + privileged: + nullable: true + type: boolean + procMount: + nullable: true + type: string + readOnlyRootFilesystem: + nullable: true + type: boolean + runAsGroup: + nullable: true + type: integer + runAsNonRoot: + nullable: true + type: boolean + runAsUser: + nullable: true + type: integer + seLinuxOptions: + nullable: true + properties: + level: + nullable: true + type: string + role: + nullable: true + type: string + type: + nullable: true + type: string + user: + nullable: true + type: string + type: object + windowsOptions: + nullable: true + properties: + gmsaCredentialSpec: + nullable: true + type: string + gmsaCredentialSpecName: + nullable: true + type: string + runAsUserName: + nullable: true + type: string + type: object + type: object + startupProbe: + nullable: true + properties: + exec: + nullable: true + properties: + command: + items: + nullable: true + type: string + nullable: true + type: array + type: object + failureThreshold: + type: integer + httpGet: + nullable: true + properties: + host: + nullable: true + type: string + httpHeaders: + items: + properties: + name: + nullable: true + type: string + value: + nullable: true + type: string + type: object + nullable: true + type: array + path: + nullable: true + type: string + port: + nullable: true + type: string + scheme: + nullable: true + type: string + type: object + initialDelaySeconds: + type: integer + periodSeconds: + type: integer + successThreshold: + type: integer + tcpSocket: + nullable: true + properties: + host: + nullable: true + type: string + port: + nullable: true + type: string + type: object + timeoutSeconds: + type: integer + type: object + stdin: + type: boolean + stdinOnce: + type: boolean + targetContainerName: + nullable: true + type: string + terminationMessagePath: + nullable: true + type: string + terminationMessagePolicy: + nullable: true + type: string + tty: + type: boolean + volumeDevices: + items: + properties: + devicePath: + nullable: true + type: string + name: + nullable: true + type: string + type: object + nullable: true + type: array + volumeMounts: + items: + properties: + mountPath: + nullable: true + type: string + mountPropagation: + nullable: true + type: string + name: + nullable: true + type: string + readOnly: + type: boolean + subPath: + nullable: true + type: string + subPathExpr: + nullable: true + type: string + type: object + nullable: true + type: array + workingDir: + nullable: true + type: string + type: object + nullable: true + type: array + hostAliases: + items: + properties: + hostnames: + items: + nullable: true + type: string + nullable: true + type: array + ip: + nullable: true + type: string + type: object + nullable: true + type: array + hostIPC: + type: boolean + hostNetwork: + type: boolean + hostPID: + type: boolean + hostname: + nullable: true + type: string + imagePullSecrets: + items: + properties: + name: + nullable: true + type: string + type: object + nullable: true + type: array + initContainers: + items: + properties: + args: + items: + nullable: true + type: string + nullable: true + type: array + command: + items: + nullable: true + type: string + nullable: true + type: array + env: + items: + properties: + name: + nullable: true + type: string + value: + nullable: true + type: string + valueFrom: + nullable: true + properties: + configMapKeyRef: + nullable: true + properties: + key: + nullable: true + type: string + name: + nullable: true + type: string + optional: + nullable: true + type: boolean + type: object + fieldRef: + nullable: true + properties: + apiVersion: + nullable: true + type: string + fieldPath: + nullable: true + type: string + type: object + resourceFieldRef: + nullable: true + properties: + containerName: + nullable: true + type: string + divisor: + nullable: true + type: string + resource: + nullable: true + type: string + type: object + secretKeyRef: + nullable: true + properties: + key: + nullable: true + type: string + name: + nullable: true + type: string + optional: + nullable: true + type: boolean + type: object + type: object + type: object + nullable: true + type: array + envFrom: + items: + properties: + configMapRef: + nullable: true + properties: + name: + nullable: true + type: string + optional: + nullable: true + type: boolean + type: object + prefix: + nullable: true + type: string + secretRef: + nullable: true + properties: + name: + nullable: true + type: string + optional: + nullable: true + type: boolean + type: object + type: object + nullable: true + type: array + image: + nullable: true + type: string + imagePullPolicy: + nullable: true + type: string + lifecycle: + nullable: true + properties: + postStart: + nullable: true + properties: + exec: + nullable: true + properties: + command: + items: + nullable: true + type: string + nullable: true + type: array + type: object + httpGet: + nullable: true + properties: + host: + nullable: true + type: string + httpHeaders: + items: + properties: + name: + nullable: true + type: string + value: + nullable: true + type: string + type: object + nullable: true + type: array + path: + nullable: true + type: string + port: + nullable: true + type: string + scheme: + nullable: true + type: string + type: object + tcpSocket: + nullable: true + properties: + host: + nullable: true + type: string + port: + nullable: true + type: string + type: object + type: object + preStop: + nullable: true + properties: + exec: + nullable: true + properties: + command: + items: + nullable: true + type: string + nullable: true + type: array + type: object + httpGet: + nullable: true + properties: + host: + nullable: true + type: string + httpHeaders: + items: + properties: + name: + nullable: true + type: string + value: + nullable: true + type: string + type: object + nullable: true + type: array + path: + nullable: true + type: string + port: + nullable: true + type: string + scheme: + nullable: true + type: string + type: object + tcpSocket: + nullable: true + properties: + host: + nullable: true + type: string + port: + nullable: true + type: string + type: object + type: object + type: object + livenessProbe: + nullable: true + properties: + exec: + nullable: true + properties: + command: + items: + nullable: true + type: string + nullable: true + type: array + type: object + failureThreshold: + type: integer + httpGet: + nullable: true + properties: + host: + nullable: true + type: string + httpHeaders: + items: + properties: + name: + nullable: true + type: string + value: + nullable: true + type: string + type: object + nullable: true + type: array + path: + nullable: true + type: string + port: + nullable: true + type: string + scheme: + nullable: true + type: string + type: object + initialDelaySeconds: + type: integer + periodSeconds: + type: integer + successThreshold: + type: integer + tcpSocket: + nullable: true + properties: + host: + nullable: true + type: string + port: + nullable: true + type: string + type: object + timeoutSeconds: + type: integer + type: object + name: + nullable: true + type: string + ports: + items: + properties: + containerPort: + type: integer + hostIP: + nullable: true + type: string + hostPort: + type: integer + name: + nullable: true + type: string + protocol: + nullable: true + type: string + type: object + nullable: true + type: array + readinessProbe: + nullable: true + properties: + exec: + nullable: true + properties: + command: + items: + nullable: true + type: string + nullable: true + type: array + type: object + failureThreshold: + type: integer + httpGet: + nullable: true + properties: + host: + nullable: true + type: string + httpHeaders: + items: + properties: + name: + nullable: true + type: string + value: + nullable: true + type: string + type: object + nullable: true + type: array + path: + nullable: true + type: string + port: + nullable: true + type: string + scheme: + nullable: true + type: string + type: object + initialDelaySeconds: + type: integer + periodSeconds: + type: integer + successThreshold: + type: integer + tcpSocket: + nullable: true + properties: + host: + nullable: true + type: string + port: + nullable: true + type: string + type: object + timeoutSeconds: + type: integer + type: object + resources: + properties: + limits: + additionalProperties: + nullable: true + type: string + nullable: true + type: object + requests: + additionalProperties: + nullable: true + type: string + nullable: true + type: object + type: object + securityContext: + nullable: true + properties: + allowPrivilegeEscalation: + nullable: true + type: boolean + capabilities: + nullable: true + properties: + add: + items: + nullable: true + type: string + nullable: true + type: array + drop: + items: + nullable: true + type: string + nullable: true + type: array + type: object + privileged: + nullable: true + type: boolean + procMount: + nullable: true + type: string + readOnlyRootFilesystem: + nullable: true + type: boolean + runAsGroup: + nullable: true + type: integer + runAsNonRoot: + nullable: true + type: boolean + runAsUser: + nullable: true + type: integer + seLinuxOptions: + nullable: true + properties: + level: + nullable: true + type: string + role: + nullable: true + type: string + type: + nullable: true + type: string + user: + nullable: true + type: string + type: object + windowsOptions: + nullable: true + properties: + gmsaCredentialSpec: + nullable: true + type: string + gmsaCredentialSpecName: + nullable: true + type: string + runAsUserName: + nullable: true + type: string + type: object + type: object + startupProbe: + nullable: true + properties: + exec: + nullable: true + properties: + command: + items: + nullable: true + type: string + nullable: true + type: array + type: object + failureThreshold: + type: integer + httpGet: + nullable: true + properties: + host: + nullable: true + type: string + httpHeaders: + items: + properties: + name: + nullable: true + type: string + value: + nullable: true + type: string + type: object + nullable: true + type: array + path: + nullable: true + type: string + port: + nullable: true + type: string + scheme: + nullable: true + type: string + type: object + initialDelaySeconds: + type: integer + periodSeconds: + type: integer + successThreshold: + type: integer + tcpSocket: + nullable: true + properties: + host: + nullable: true + type: string + port: + nullable: true + type: string + type: object + timeoutSeconds: + type: integer + type: object + stdin: + type: boolean + stdinOnce: + type: boolean + terminationMessagePath: + nullable: true + type: string + terminationMessagePolicy: + nullable: true + type: string + tty: + type: boolean + volumeDevices: + items: + properties: + devicePath: + nullable: true + type: string + name: + nullable: true + type: string + type: object + nullable: true + type: array + volumeMounts: + items: + properties: + mountPath: + nullable: true + type: string + mountPropagation: + nullable: true + type: string + name: + nullable: true + type: string + readOnly: + type: boolean + subPath: + nullable: true + type: string + subPathExpr: + nullable: true + type: string + type: object + nullable: true + type: array + workingDir: + nullable: true + type: string + type: object + nullable: true + type: array + nodeName: + nullable: true + type: string + nodeSelector: + additionalProperties: + nullable: true + type: string + nullable: true + type: object + overhead: + additionalProperties: + nullable: true + type: string + nullable: true + type: object + preemptionPolicy: + nullable: true + type: string + priority: + nullable: true + type: integer + priorityClassName: + nullable: true + type: string + readinessGates: + items: + properties: + conditionType: + nullable: true + type: string + type: object + nullable: true + type: array + restartPolicy: + nullable: true + type: string + runtimeClassName: + nullable: true + type: string + schedulerName: + nullable: true + type: string + securityContext: + nullable: true + properties: + fsGroup: + nullable: true + type: integer + fsGroupChangePolicy: + nullable: true + type: string + runAsGroup: + nullable: true + type: integer + runAsNonRoot: + nullable: true + type: boolean + runAsUser: + nullable: true + type: integer + seLinuxOptions: + nullable: true + properties: + level: + nullable: true + type: string + role: + nullable: true + type: string + type: + nullable: true + type: string + user: + nullable: true + type: string + type: object + supplementalGroups: + items: + type: integer + nullable: true + type: array + sysctls: + items: + properties: + name: + nullable: true + type: string + value: + nullable: true + type: string + type: object + nullable: true + type: array + windowsOptions: + nullable: true + properties: + gmsaCredentialSpec: + nullable: true + type: string + gmsaCredentialSpecName: + nullable: true + type: string + runAsUserName: + nullable: true + type: string + type: object + type: object + serviceAccount: + nullable: true + type: string + serviceAccountName: + nullable: true + type: string + shareProcessNamespace: + nullable: true + type: boolean + subdomain: + nullable: true + type: string + terminationGracePeriodSeconds: + nullable: true + type: integer + tolerations: + items: + properties: + effect: + nullable: true + type: string + key: + nullable: true + type: string + operator: + nullable: true + type: string + tolerationSeconds: + nullable: true + type: integer + value: + nullable: true + type: string + type: object + nullable: true + type: array + topologySpreadConstraints: + items: + properties: + labelSelector: + nullable: true + properties: + matchExpressions: + items: + properties: + key: + nullable: true + type: string + operator: + nullable: true + type: string + values: + items: + nullable: true + type: string + nullable: true + type: array + type: object + nullable: true + type: array + matchLabels: + additionalProperties: + nullable: true + type: string + nullable: true + type: object + type: object + maxSkew: + type: integer + topologyKey: + nullable: true + type: string + whenUnsatisfiable: + nullable: true + type: string + type: object + nullable: true + type: array + volumes: + items: + properties: + awsElasticBlockStore: + nullable: true + properties: + fsType: + nullable: true + type: string + partition: + type: integer + readOnly: + type: boolean + volumeID: + nullable: true + type: string + type: object + azureDisk: + nullable: true + properties: + cachingMode: + nullable: true + type: string + diskName: + nullable: true + type: string + diskURI: + nullable: true + type: string + fsType: + nullable: true + type: string + kind: + nullable: true + type: string + readOnly: + nullable: true + type: boolean + type: object + azureFile: + nullable: true + properties: + readOnly: + type: boolean + secretName: + nullable: true + type: string + shareName: + nullable: true + type: string + type: object + cephfs: + nullable: true + properties: + monitors: + items: + nullable: true + type: string + nullable: true + type: array + path: + nullable: true + type: string + readOnly: + type: boolean + secretFile: + nullable: true + type: string + secretRef: + nullable: true + properties: + name: + nullable: true + type: string + type: object + user: + nullable: true + type: string + type: object + cinder: + nullable: true + properties: + fsType: + nullable: true + type: string + readOnly: + type: boolean + secretRef: + nullable: true + properties: + name: + nullable: true + type: string + type: object + volumeID: + nullable: true + type: string + type: object + configMap: + nullable: true + properties: + defaultMode: + nullable: true + type: integer + items: + items: + properties: + key: + nullable: true + type: string + mode: + nullable: true + type: integer + path: + nullable: true + type: string + type: object + nullable: true + type: array + name: + nullable: true + type: string + optional: + nullable: true + type: boolean + type: object + csi: + nullable: true + properties: + driver: + nullable: true + type: string + fsType: + nullable: true + type: string + nodePublishSecretRef: + nullable: true + properties: + name: + nullable: true + type: string + type: object + readOnly: + nullable: true + type: boolean + volumeAttributes: + additionalProperties: + nullable: true + type: string + nullable: true + type: object + type: object + downwardAPI: + nullable: true + properties: + defaultMode: + nullable: true + type: integer + items: + items: + properties: + fieldRef: + nullable: true + properties: + apiVersion: + nullable: true + type: string + fieldPath: + nullable: true + type: string + type: object + mode: + nullable: true + type: integer + path: + nullable: true + type: string + resourceFieldRef: + nullable: true + properties: + containerName: + nullable: true + type: string + divisor: + nullable: true + type: string + resource: + nullable: true + type: string + type: object + type: object + nullable: true + type: array + type: object + emptyDir: + nullable: true + properties: + medium: + nullable: true + type: string + sizeLimit: + nullable: true + type: string + type: object + fc: + nullable: true + properties: + fsType: + nullable: true + type: string + lun: + nullable: true + type: integer + readOnly: + type: boolean + targetWWNs: + items: + nullable: true + type: string + nullable: true + type: array + wwids: + items: + nullable: true + type: string + nullable: true + type: array + type: object + flexVolume: + nullable: true + properties: + driver: + nullable: true + type: string + fsType: + nullable: true + type: string + options: + additionalProperties: + nullable: true + type: string + nullable: true + type: object + readOnly: + type: boolean + secretRef: + nullable: true + properties: + name: + nullable: true + type: string + type: object + type: object + flocker: + nullable: true + properties: + datasetName: + nullable: true + type: string + datasetUUID: + nullable: true + type: string + type: object + gcePersistentDisk: + nullable: true + properties: + fsType: + nullable: true + type: string + partition: + type: integer + pdName: + nullable: true + type: string + readOnly: + type: boolean + type: object + gitRepo: + nullable: true + properties: + directory: + nullable: true + type: string + repository: + nullable: true + type: string + revision: + nullable: true + type: string + type: object + glusterfs: + nullable: true + properties: + endpoints: + nullable: true + type: string + path: + nullable: true + type: string + readOnly: + type: boolean + type: object + hostPath: + nullable: true + properties: + path: + nullable: true + type: string + type: + nullable: true + type: string + type: object + iscsi: + nullable: true + properties: + chapAuthDiscovery: + type: boolean + chapAuthSession: + type: boolean + fsType: + nullable: true + type: string + initiatorName: + nullable: true + type: string + iqn: + nullable: true + type: string + iscsiInterface: + nullable: true + type: string + lun: + type: integer + portals: + items: + nullable: true + type: string + nullable: true + type: array + readOnly: + type: boolean + secretRef: + nullable: true + properties: + name: + nullable: true + type: string + type: object + targetPortal: + nullable: true + type: string + type: object + name: + nullable: true + type: string + nfs: + nullable: true + properties: + path: + nullable: true + type: string + readOnly: + type: boolean + server: + nullable: true + type: string + type: object + persistentVolumeClaim: + nullable: true + properties: + claimName: + nullable: true + type: string + readOnly: + type: boolean + type: object + photonPersistentDisk: + nullable: true + properties: + fsType: + nullable: true + type: string + pdID: + nullable: true + type: string + type: object + portworxVolume: + nullable: true + properties: + fsType: + nullable: true + type: string + readOnly: + type: boolean + volumeID: + nullable: true + type: string + type: object + projected: + nullable: true + properties: + defaultMode: + nullable: true + type: integer + sources: + items: + properties: + configMap: + nullable: true + properties: + items: + items: + properties: + key: + nullable: true + type: string + mode: + nullable: true + type: integer + path: + nullable: true + type: string + type: object + nullable: true + type: array + name: + nullable: true + type: string + optional: + nullable: true + type: boolean + type: object + downwardAPI: + nullable: true + properties: + items: + items: + properties: + fieldRef: + nullable: true + properties: + apiVersion: + nullable: true + type: string + fieldPath: + nullable: true + type: string + type: object + mode: + nullable: true + type: integer + path: + nullable: true + type: string + resourceFieldRef: + nullable: true + properties: + containerName: + nullable: true + type: string + divisor: + nullable: true + type: string + resource: + nullable: true + type: string + type: object + type: object + nullable: true + type: array + type: object + secret: + nullable: true + properties: + items: + items: + properties: + key: + nullable: true + type: string + mode: + nullable: true + type: integer + path: + nullable: true + type: string + type: object + nullable: true + type: array + name: + nullable: true + type: string + optional: + nullable: true + type: boolean + type: object + serviceAccountToken: + nullable: true + properties: + audience: + nullable: true + type: string + expirationSeconds: + nullable: true + type: integer + path: + nullable: true + type: string + type: object + type: object + nullable: true + type: array + type: object + quobyte: + nullable: true + properties: + group: + nullable: true + type: string + readOnly: + type: boolean + registry: + nullable: true + type: string + tenant: + nullable: true + type: string + user: + nullable: true + type: string + volume: + nullable: true + type: string + type: object + rbd: + nullable: true + properties: + fsType: + nullable: true + type: string + image: + nullable: true + type: string + keyring: + nullable: true + type: string + monitors: + items: + nullable: true + type: string + nullable: true + type: array + pool: + nullable: true + type: string + readOnly: + type: boolean + secretRef: + nullable: true + properties: + name: + nullable: true + type: string + type: object + user: + nullable: true + type: string + type: object + scaleIO: + nullable: true + properties: + fsType: + nullable: true + type: string + gateway: + nullable: true + type: string + protectionDomain: + nullable: true + type: string + readOnly: + type: boolean + secretRef: + nullable: true + properties: + name: + nullable: true + type: string + type: object + sslEnabled: + type: boolean + storageMode: + nullable: true + type: string + storagePool: + nullable: true + type: string + system: + nullable: true + type: string + volumeName: + nullable: true + type: string + type: object + secret: + nullable: true + properties: + defaultMode: + nullable: true + type: integer + items: + items: + properties: + key: + nullable: true + type: string + mode: + nullable: true + type: integer + path: + nullable: true + type: string + type: object + nullable: true + type: array + optional: + nullable: true + type: boolean + secretName: + nullable: true + type: string + type: object + storageos: + nullable: true + properties: + fsType: + nullable: true + type: string + readOnly: + type: boolean + secretRef: + nullable: true + properties: + name: + nullable: true + type: string + type: object + volumeName: + nullable: true + type: string + volumeNamespace: + nullable: true + type: string + type: object + vsphereVolume: + nullable: true + properties: + fsType: + nullable: true + type: string + storagePolicyID: + nullable: true + type: string + storagePolicyName: + nullable: true + type: string + volumePath: + nullable: true + type: string + type: object + type: object + nullable: true + type: array + type: object + type: object + ttlSecondsAfterFinished: + nullable: true + type: integer + type: object + syncInterval: + type: integer + type: object + status: + properties: + commit: + nullable: true + type: string + conditions: + items: + properties: + lastTransitionTime: + nullable: true + type: string + lastUpdateTime: + nullable: true + type: string + message: + nullable: true + type: string + reason: + nullable: true + type: string + status: + nullable: true + type: string + type: + nullable: true + type: string + type: object + nullable: true + type: array + event: + nullable: true + type: string + hookId: + nullable: true + type: string + jobStatus: + nullable: true + type: string + lastExecutedCommit: + nullable: true + type: string + observedGeneration: + type: integer + secretToken: + nullable: true + type: string + updateGeneration: + type: integer + type: object + type: object + version: v1 + versions: + - name: v1 + served: true + storage: true + diff --git a/charts/fleet/fleet/0.3.500-rc06/Chart.yaml b/charts/fleet/fleet/0.3.500-rc06/Chart.yaml new file mode 100755 index 00000000000..48171e6de19 --- /dev/null +++ b/charts/fleet/fleet/0.3.500-rc06/Chart.yaml @@ -0,0 +1,15 @@ +annotations: + catalog.cattle.io/auto-install: fleet-crd=match + catalog.cattle.io/certified: rancher + catalog.cattle.io/experimental: "true" + catalog.cattle.io/hidden: "true" + catalog.cattle.io/namespace: fleet-system + catalog.cattle.io/os: linux + catalog.cattle.io/provides-gvr: clusters.fleet.cattle.io/v1alpha1 + catalog.cattle.io/release-name: fleet +apiVersion: v2 +appVersion: 0.3.5 +description: Fleet Manager - GitOps at Scale +icon: https://charts.rancher.io/assets/logos/fleet.svg +name: fleet +version: 0.3.500-rc06 diff --git a/charts/fleet/fleet/0.3.500-rc06/charts/gitjob/.helmignore b/charts/fleet/fleet/0.3.500-rc06/charts/gitjob/.helmignore new file mode 100755 index 00000000000..691fa13d6a5 --- /dev/null +++ b/charts/fleet/fleet/0.3.500-rc06/charts/gitjob/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ \ No newline at end of file diff --git a/charts/fleet/fleet/0.3.500-rc06/charts/gitjob/Chart.yaml b/charts/fleet/fleet/0.3.500-rc06/charts/gitjob/Chart.yaml new file mode 100755 index 00000000000..62e1e02553b --- /dev/null +++ b/charts/fleet/fleet/0.3.500-rc06/charts/gitjob/Chart.yaml @@ -0,0 +1,5 @@ +apiVersion: v2 +appVersion: 0.1.15 +description: Controller that run jobs based on git events +name: gitjob +version: 0.1.15 diff --git a/charts/fleet/fleet/0.3.500-rc06/charts/gitjob/templates/_helpers.tpl b/charts/fleet/fleet/0.3.500-rc06/charts/gitjob/templates/_helpers.tpl new file mode 100755 index 00000000000..f652b5643de --- /dev/null +++ b/charts/fleet/fleet/0.3.500-rc06/charts/gitjob/templates/_helpers.tpl @@ -0,0 +1,7 @@ +{{- define "system_default_registry" -}} +{{- if .Values.global.cattle.systemDefaultRegistry -}} +{{- printf "%s/" .Values.global.cattle.systemDefaultRegistry -}} +{{- else -}} +{{- "" -}} +{{- end -}} +{{- end -}} \ No newline at end of file diff --git a/charts/fleet/fleet/0.3.500-rc06/charts/gitjob/templates/clusterrole.yaml b/charts/fleet/fleet/0.3.500-rc06/charts/gitjob/templates/clusterrole.yaml new file mode 100755 index 00000000000..bcad90164f6 --- /dev/null +++ b/charts/fleet/fleet/0.3.500-rc06/charts/gitjob/templates/clusterrole.yaml @@ -0,0 +1,38 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: gitjob +rules: + - apiGroups: + - "batch" + resources: + - 'jobs' + verbs: + - '*' + - apiGroups: + - "" + resources: + - 'pods' + verbs: + - 'list' + - 'get' + - 'watch' + - apiGroups: + - "" + resources: + - 'secrets' + verbs: + - '*' + - apiGroups: + - "" + resources: + - 'configmaps' + verbs: + - '*' + - apiGroups: + - "gitjob.cattle.io" + resources: + - "gitjobs" + - "gitjobs/status" + verbs: + - "*" \ No newline at end of file diff --git a/charts/fleet/fleet/0.3.500-rc06/charts/gitjob/templates/clusterrolebinding.yaml b/charts/fleet/fleet/0.3.500-rc06/charts/gitjob/templates/clusterrolebinding.yaml new file mode 100755 index 00000000000..0bf07c4ef8d --- /dev/null +++ b/charts/fleet/fleet/0.3.500-rc06/charts/gitjob/templates/clusterrolebinding.yaml @@ -0,0 +1,12 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: gitjob-binding +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: gitjob +subjects: + - kind: ServiceAccount + name: gitjob + namespace: {{ .Release.Namespace }} \ No newline at end of file diff --git a/charts/fleet/fleet/0.3.500-rc06/charts/gitjob/templates/deployment.yaml b/charts/fleet/fleet/0.3.500-rc06/charts/gitjob/templates/deployment.yaml new file mode 100755 index 00000000000..a12a30d92ee --- /dev/null +++ b/charts/fleet/fleet/0.3.500-rc06/charts/gitjob/templates/deployment.yaml @@ -0,0 +1,42 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: gitjob +spec: + selector: + matchLabels: + app: "gitjob" + template: + metadata: + labels: + app: "gitjob" + spec: + serviceAccountName: gitjob + containers: + - image: "{{ template "system_default_registry" . }}{{ .Values.gitjob.repository }}:{{ .Values.gitjob.tag }}" + name: gitjob + command: + - gitjob + - --tekton-image + - "{{ template "system_default_registry" . }}{{ .Values.tekton.repository }}:{{ .Values.tekton.tag }}" + env: + - name: NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + {{- if .Values.proxy }} + - name: HTTP_PROXY + value: {{ .Values.proxy }} + - name: HTTPS_PROXY + value: {{ .Values.proxy }} + - name: NO_PROXY + value: {{ .Values.noProxy }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} diff --git a/charts/fleet/fleet/0.3.500-rc06/charts/gitjob/templates/service.yaml b/charts/fleet/fleet/0.3.500-rc06/charts/gitjob/templates/service.yaml new file mode 100755 index 00000000000..bf57c1b55c7 --- /dev/null +++ b/charts/fleet/fleet/0.3.500-rc06/charts/gitjob/templates/service.yaml @@ -0,0 +1,12 @@ +apiVersion: v1 +kind: Service +metadata: + name: gitjob +spec: + ports: + - name: http-80 + port: 80 + protocol: TCP + targetPort: 8080 + selector: + app: "gitjob" \ No newline at end of file diff --git a/charts/fleet/fleet/0.3.500-rc06/charts/gitjob/templates/serviceaccount.yaml b/charts/fleet/fleet/0.3.500-rc06/charts/gitjob/templates/serviceaccount.yaml new file mode 100755 index 00000000000..5f8aecb0451 --- /dev/null +++ b/charts/fleet/fleet/0.3.500-rc06/charts/gitjob/templates/serviceaccount.yaml @@ -0,0 +1,4 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + name: gitjob diff --git a/charts/fleet/fleet/0.3.500-rc06/charts/gitjob/values.yaml b/charts/fleet/fleet/0.3.500-rc06/charts/gitjob/values.yaml new file mode 100755 index 00000000000..90ca446a922 --- /dev/null +++ b/charts/fleet/fleet/0.3.500-rc06/charts/gitjob/values.yaml @@ -0,0 +1,26 @@ +gitjob: + repository: rancher/gitjob + tag: v0.1.15 + +tekton: + repository: rancher/tekton-utils + tag: v0.1.1 + +global: + cattle: + systemDefaultRegistry: "" + +# http[s] proxy server +# proxy: http://@:: + +# comma separated list of domains or ip addresses that will not use the proxy +noProxy: 127.0.0.0/8,10.0.0.0/8,172.16.0.0/12,192.168.0.0/16,.svc,.cluster.local + +nodeSelector: + kubernetes.io/os: linux + +tolerations: + - key: cattle.io/os + operator: "Equal" + value: "linux" + effect: NoSchedule diff --git a/charts/fleet/fleet/0.3.500-rc06/templates/_helpers.tpl b/charts/fleet/fleet/0.3.500-rc06/templates/_helpers.tpl new file mode 100755 index 00000000000..f652b5643de --- /dev/null +++ b/charts/fleet/fleet/0.3.500-rc06/templates/_helpers.tpl @@ -0,0 +1,7 @@ +{{- define "system_default_registry" -}} +{{- if .Values.global.cattle.systemDefaultRegistry -}} +{{- printf "%s/" .Values.global.cattle.systemDefaultRegistry -}} +{{- else -}} +{{- "" -}} +{{- end -}} +{{- end -}} \ No newline at end of file diff --git a/charts/fleet/fleet/0.3.500-rc06/templates/configmap.yaml b/charts/fleet/fleet/0.3.500-rc06/templates/configmap.yaml new file mode 100755 index 00000000000..c546c4b9752 --- /dev/null +++ b/charts/fleet/fleet/0.3.500-rc06/templates/configmap.yaml @@ -0,0 +1,23 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: fleet-controller +data: + config: | + { + "agentImage": "{{ template "system_default_registry" . }}{{.Values.agentImage.repository}}:{{.Values.agentImage.tag}}", + "agentImagePullPolicy": "{{ .Values.agentImage.imagePullPolicy }}", + "apiServerURL": "{{.Values.apiServerURL}}", + "apiServerCA": "{{b64enc .Values.apiServerCA}}", + "agentCheckinInterval": "{{.Values.agentCheckinInterval}}", + "ignoreClusterRegistrationLabels": {{.Values.ignoreClusterRegistrationLabels}}, + "bootstrap": { + "paths": "{{.Values.bootstrap.paths}}", + "repo": "{{.Values.bootstrap.repo}}", + "secret": "{{.Values.bootstrap.secret}}", + "branch": "{{.Values.bootstrap.branch}}", + "namespace": "{{.Values.bootstrap.namespace}}", + }, + "webhookReceiverURL": "{{.Values.webhookReceiverURL}}", + "githubURLPrefix": "{{.Values.githubURLPrefix}}" + } diff --git a/charts/fleet/fleet/0.3.500-rc06/templates/deployment.yaml b/charts/fleet/fleet/0.3.500-rc06/templates/deployment.yaml new file mode 100755 index 00000000000..c64f94ddb22 --- /dev/null +++ b/charts/fleet/fleet/0.3.500-rc06/templates/deployment.yaml @@ -0,0 +1,31 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: fleet-controller +spec: + selector: + matchLabels: + app: fleet-controller + template: + metadata: + labels: + app: fleet-controller + spec: + containers: + - env: + - name: NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + image: '{{ template "system_default_registry" . }}{{ .Values.image.repository }}:{{ .Values.image.tag }}' + name: fleet-controller + imagePullPolicy: "{{ .Values.image.imagePullPolicy }}" + serviceAccountName: fleet-controller + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} diff --git a/charts/fleet/fleet/0.3.500-rc06/templates/rbac.yaml b/charts/fleet/fleet/0.3.500-rc06/templates/rbac.yaml new file mode 100755 index 00000000000..59df51b1ff9 --- /dev/null +++ b/charts/fleet/fleet/0.3.500-rc06/templates/rbac.yaml @@ -0,0 +1,106 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: fleet-controller +rules: +- apiGroups: + - gitjob.cattle.io + resources: + - '*' + verbs: + - '*' +- apiGroups: + - fleet.cattle.io + resources: + - '*' + verbs: + - '*' +- apiGroups: + - "" + resources: + - namespaces + - serviceaccounts + verbs: + - '*' +- apiGroups: + - "" + resources: + - secrets + - configmaps + verbs: + - '*' +- apiGroups: + - rbac.authorization.k8s.io + resources: + - clusterroles + - clusterrolebindings + - roles + - rolebindings + verbs: + - '*' + +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: fleet-controller +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: fleet-controller +subjects: +- kind: ServiceAccount + name: fleet-controller + namespace: {{.Release.Namespace}} + +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: fleet-controller +rules: +- apiGroups: + - "" + resources: + - configmaps + verbs: + - '*' + +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: fleet-controller +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: fleet-controller +subjects: +- kind: ServiceAccount + name: fleet-controller + +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: fleet-controller-bootstrap +rules: +- apiGroups: + - '*' + resources: + - '*' + verbs: + - '*' +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: fleet-controller-bootstrap +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: fleet-controller-bootstrap +subjects: +- kind: ServiceAccount + name: fleet-controller-bootstrap + namespace: {{.Release.Namespace}} diff --git a/charts/fleet/fleet/0.3.500-rc06/templates/serviceaccount.yaml b/charts/fleet/fleet/0.3.500-rc06/templates/serviceaccount.yaml new file mode 100755 index 00000000000..bd99d995810 --- /dev/null +++ b/charts/fleet/fleet/0.3.500-rc06/templates/serviceaccount.yaml @@ -0,0 +1,10 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + name: fleet-controller + +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: fleet-controller-bootstrap diff --git a/charts/fleet/fleet/0.3.500-rc06/values.yaml b/charts/fleet/fleet/0.3.500-rc06/values.yaml new file mode 100755 index 00000000000..e2b9525acd3 --- /dev/null +++ b/charts/fleet/fleet/0.3.500-rc06/values.yaml @@ -0,0 +1,47 @@ +image: + repository: rancher/fleet + tag: v0.3.5-rc6 + imagePullPolicy: IfNotPresent + +agentImage: + repository: rancher/fleet-agent + tag: v0.3.5-rc6 + imagePullPolicy: IfNotPresent + +# For cluster registration the public URL of the Kubernetes API server must be set here +# Example: https://example.com:6443 +apiServerURL: "" + +# For cluster registration the pem encoded value of the CA of the Kubernetes API server must be set here +# If left empty it is assumed this Kubernetes API TLS is signed by a well known CA. +apiServerCA: "" + +# A duration string for how often agents should report a heartbeat +agentCheckinInterval: "15m" + +# Whether you want to allow cluster upon registration to specify their labels. +ignoreClusterRegistrationLabels: false + +bootstrap: + # The namespace that will be autocreated and the local cluster will be registered in + namespace: fleet-local + # A repo to add at install time that will deploy to the local cluster. This allows + # one to fully bootstrap fleet, it's configuration and all it's downstream clusters + # in one shot. + repo: "" + secret: "" + branch: master + paths: "" + +global: + cattle: + systemDefaultRegistry: "" + +nodeSelector: + kubernetes.io/os: linux + +tolerations: + - key: cattle.io/os + operator: "Equal" + value: "linux" + effect: NoSchedule \ No newline at end of file diff --git a/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/Chart.yaml b/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/Chart.yaml new file mode 100755 index 00000000000..11c19bdea1e --- /dev/null +++ b/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/Chart.yaml @@ -0,0 +1,21 @@ +annotations: + catalog.cattle.io/auto-install: rancher-kiali-server-crd=1.32.100-rc01 + catalog.cattle.io/certified: rancher + catalog.cattle.io/display-name: Istio + catalog.cattle.io/namespace: istio-system + catalog.cattle.io/os: linux + catalog.cattle.io/provides-gvr: networking.istio.io.virtualservice/v1beta1 + catalog.cattle.io/release-name: rancher-istio + catalog.cattle.io/requests-cpu: 710m + catalog.cattle.io/requests-memory: 2314Mi + catalog.cattle.io/ui-component: istio +apiVersion: v1 +appVersion: 1.8.5 +description: A basic Istio setup that installs with the istioctl. Refer to https://istio.io/latest/ + for details. +icon: https://charts.rancher.io/assets/logos/istio.svg +keywords: +- networking +- infrastructure +name: rancher-istio +version: 1.8.500-rc03 diff --git a/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/README.md b/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/README.md new file mode 100755 index 00000000000..199e4531269 --- /dev/null +++ b/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/README.md @@ -0,0 +1,69 @@ +# Rancher Istio Installers + +A Rancher created chart that packages the istioctl binary to install via a helm chart. + +# Installation Requirements + +## Chart Dependencies +- rancher-kiali-server-crd chart + +# Uninstallation Requirements +To ensure rancher-istio uninstalls correctly, you must uninstall rancher-istio prior to uninstalling chart dependencies (see installation requirements for chart dependencies). This is because all definitions need to be available in order to properly build the rancher-istio objects for removal. + +If you remove dependent CRD charts prior to removing rancher-istio, you may encounter the following error:: + +`Error: uninstallation completed with 1 error(s): unable to build kubernetes objects for delete: unable to recognize "": no matches for kind "MonitoringDashboard" in version "monitoring.kiali.io/v1alpha1"` + +# Addons + +## Kiali + +Kiali allows you to view and manage your istio-based service mesh through an easy to use dashboard. + +#### Dependencies +- rancher-monitoring chart or other Prometheus installation + +This dependecy installs the required CRDs for installing Kiali. Since Kiali is bundled in with Istio in this chart, if you do not have these dependencies installed, your Istio installation will fail. If you do not plan on using Kiali, set `kiali.enabled=false` when installing Istio for a succesful installation. + +> **Note:** The following configuration options assume you have installed the dependecies for Kiali. Please ensure you have Promtheus in your cluster before proceeding. + +The Monitoring app sets `prometheus.prometheusSpec.ignoreNamespaceSelectors=false` which means all namespaces will be scraped by Prometheus by default. This ensures you can view traffic, metrics and graphs for resources deployed in other namespaces. + +To limit scraping to specific namespaces, set `prometheus.prometheusSpec.ignoreNamespaceSelectors=true` and add one of the following configurations to ensure you can continue to view traffic, metrics and graphs for your deployed resources. + +1. Add a Service Monitor or Pod Monitor in the namespace with the targets you want to scrape. +1. Add an additionalScrapeConfig to your rancher-monitoring instance to scrape all targets in all namespaces. + +#### External Services + +##### Prometheus +The `kiali.external_services.prometheus` url is set in the values.yaml: +``` +http://{{ .Values.nameOverride }}-prometheus.{{ .Values.namespaceOverride }}.svc:{{ prometheus.service.port }} +``` +The url depends on the default values for `nameOverride`, `namespaceOverride`, and `prometheus.service.port` being set in your rancher-monitoring or other monitoring instance. + +##### Grafana +The `kiali.external_services.grafana` url is set in the values.yaml: +``` +http://{{ .Values.nameOverride }}-grafana.{{ .Values.namespaceOverride }}.svc:{{ grafana.service.port }} +``` +The url depends on the default values for `nameOverride`, `namespaceOverride`, and `grafana.service.port` being set in your rancher-monitoring or other monitoring instance. + +##### Tracing +The `kiali.external_services.tracing` url and `.Values.tracing.contextPath` is set in the rancher-istio values.yaml: +``` +http://tracing.{{ .Values.namespaceOverride }}.svc:{{ .Values.service.externalPort }}/{{ .Values.tracing.contextPath }} +``` +The url depends on the default values for `namespaceOverride`, and `.Values.service.externalPort` being set in your rancher-tracing or other tracing instance. + +## Jaeger + +Jaeger allows you to trace and monitor distributed microservices. + +> **Note:** This addon is using the all-in-one Jaeger installation which is not qualified for production. Use the [Jaeger Tracing](https://www.jaegertracing.io/docs/1.21/getting-started/) documentation to determine which installation you will need for your production needs. + +# Installation +``` +helm install rancher-istio . --create-namespace -n istio-system +``` \ No newline at end of file diff --git a/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/app-readme.md b/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/app-readme.md new file mode 100755 index 00000000000..0e42df08369 --- /dev/null +++ b/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/app-readme.md @@ -0,0 +1,45 @@ +# Rancher Istio + +Our [Istio](https://istio.io/) installer wraps the istioctl binary commands in a handy helm chart, including an overlay file option to allow complex customization. It also includes: +* **[Kiali](https://kiali.io/)**: Used for graphing traffic flow throughout the mesh +* **[Jaeger](https://www.jaegertracing.io/)**: A quick start, all-in-one installation used for tracing distributed systemm. This is not production qualified, please refer to jaeger documentation to determine which installation you may need instead. + +### Dependencies + +**Rancher Monitoring or other Prometheus installation** + +The Prometheus CRDs are required for installing Kiali which is enabled by default. If you do not have Prometheus installed your Istio installation will fail. If you do not plan on using Kiali, set `kiali.enabled=false` to bypass this requirement. + +### Customization + +**Rancher Monitoring** + +The Rancher Monitoring app sets `prometheus.prometheusSpec.ignoreNamespaceSelectors=false` which means all namespaces will be scraped by Prometheus by default. This ensures you can view traffic, metrics and graphs for resources deployed in other namespaces. + +To limit scraping to specific namespaces, set `prometheus.prometheusSpec.ignoreNamespaceSelectors=true` and add one of the following configurations to ensure you can continue to view traffic, metrics and graphs for your deployed resources. + +1. Add a Service Monitor or Pod Monitor in the namespace with the targets you want to scrape. +1. Add an additionalScrapeConfig to your rancher-monitoring instance to scrape all targets in all namespaces. + +**Custom Prometheus Installation with Kiali** + +To use a custom Monitoring installation, set the `kiali.external_services.prometheus` url in the values.yaml. This url depends on the values for `nameOverride`, `namespaceOverride`, and `prometheus.service.port` in your rancher-monitoring or other monitoring instance: +``` +http://{{ .Values.nameOverride }}-prometheus.{{ .Values.namespaceOverride }}.svc:{{ prometheus.service.port }} +``` +**Custom Grafana Installation with Kiali** + +To use a custom Grafana installation, set the `kiali.external_services.grafana` url in the values.yaml. This url depends on the values for `nameOverride`, `namespaceOverride`, and `granfa.service.port` in your rancher-monitoring or other grafana instance: +``` +http://{{ .Values.nameOverride }}-grafana.{{ .Values.namespaceOverride }}.svc:{{ grafana.service.port }} +``` +**Custom Tracing Installation with Kiali** + +To use a custom Tracing installation, set the `kiali.external_services.tracing` url and update the `.Values.tracing.contextPath` in the rancher-istio values.yaml. + +This url depends on the values for `namespaceOverride`, and `.Values.service.externalPort` in your rancher-tracing or other tracing instance.: +``` +http://tracing.{{ .Values.namespaceOverride }}.svc:{{ .Values.service.externalPort }}/{{ .Values.tracing.contextPath }} +``` + +For more information on how to use the feature, refer to our [docs](https://rancher.com/docs/rancher/v2.x/en/istio/v2.5/). diff --git a/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/kiali/Chart.yaml b/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/kiali/Chart.yaml new file mode 100755 index 00000000000..9b6fdf385f8 --- /dev/null +++ b/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/kiali/Chart.yaml @@ -0,0 +1,31 @@ +annotations: + catalog.cattle.io/auto-install: rancher-kiali-server-crd=match + catalog.cattle.io/hidden: "true" + catalog.cattle.io/os: linux + catalog.cattle.io/provides-gvr: monitoringdashboards.monitoring.kiali.io/v1alpha1 + catalog.cattle.io/requires-gvr: monitoring.coreos.com.prometheus/v1 + catalog.rancher.io/namespace: cattle-istio-system + catalog.rancher.io/release-name: rancher-kiali-server +apiVersion: v2 +appVersion: v1.32.0 +description: Kiali is an open source project for service mesh observability, refer + to https://www.kiali.io for details. This is installed as sub-chart with customized + values in Rancher's Istio. +home: https://github.com/kiali/kiali +icon: https://raw.githubusercontent.com/kiali/kiali.io/master/themes/kiali/static/img/kiali_logo_masthead.png +keywords: +- istio +- kiali +- networking +- infrastructure +maintainers: +- email: kiali-users@googlegroups.com + name: Kiali + url: https://kiali.io +name: kiali +sources: +- https://github.com/kiali/kiali +- https://github.com/kiali/kiali-ui +- https://github.com/kiali/kiali-operator +- https://github.com/kiali/helm-charts +version: 1.32.1 diff --git a/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/kiali/templates/NOTES.txt b/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/kiali/templates/NOTES.txt new file mode 100755 index 00000000000..751019401be --- /dev/null +++ b/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/kiali/templates/NOTES.txt @@ -0,0 +1,5 @@ +Welcome to Kiali! For more details on Kiali, see: https://kiali.io + +The Kiali Server [{{ .Chart.AppVersion }}] has been installed in namespace [{{ .Release.Namespace }}]. It will be ready soon. + +(Helm: Chart=[{{ .Chart.Name }}], Release=[{{ .Release.Name }}], Version=[{{ .Chart.Version }}]) diff --git a/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/kiali/templates/_helpers.tpl b/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/kiali/templates/_helpers.tpl new file mode 100755 index 00000000000..dd33bbe480e --- /dev/null +++ b/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/kiali/templates/_helpers.tpl @@ -0,0 +1,192 @@ +{{/* vim: set filetype=mustache: */}} + +{{/* +Expand the name of the chart. +*/}} +{{- define "kiali-server.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "kiali-server.fullname" -}} +{{- if .Values.fullnameOverride }} + {{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} + {{- $name := default .Chart.Name .Values.nameOverride }} + {{- printf "%s" $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "kiali-server.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Identifies the log_level with the old verbose_mode and the new log_level considered. +*/}} +{{- define "kiali-server.logLevel" -}} +{{- if .Values.deployment.verbose_mode -}} +{{- .Values.deployment.verbose_mode -}} +{{- else -}} +{{- .Values.deployment.logger.log_level -}} +{{- end -}} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "kiali-server.labels" -}} +helm.sh/chart: {{ include "kiali-server.chart" . }} +app: {{ include "kiali-server.name" . }} +{{ include "kiali-server.selectorLabels" . }} +version: {{ .Values.deployment.version_label | default .Chart.AppVersion | quote }} +app.kubernetes.io/version: {{ .Values.deployment.version_label | default .Chart.AppVersion | quote }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +app.kubernetes.io/part-of: "kiali" +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "kiali-server.selectorLabels" -}} +app.kubernetes.io/name: {{ include "kiali-server.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Used to determine if a custom dashboard (defined in .Template.Name) should be deployed. +*/}} +{{- define "kiali-server.isDashboardEnabled" -}} +{{- if .Values.external_services.custom_dashboards.enabled }} + {{- $includere := "" }} + {{- range $_, $s := .Values.deployment.custom_dashboards.includes }} + {{- if $s }} + {{- if $includere }} + {{- $includere = printf "%s|^%s$" $includere ($s | replace "*" ".*" | replace "?" ".") }} + {{- else }} + {{- $includere = printf "^%s$" ($s | replace "*" ".*" | replace "?" ".") }} + {{- end }} + {{- end }} + {{- end }} + {{- $excludere := "" }} + {{- range $_, $s := .Values.deployment.custom_dashboards.excludes }} + {{- if $s }} + {{- if $excludere }} + {{- $excludere = printf "%s|^%s$" $excludere ($s | replace "*" ".*" | replace "?" ".") }} + {{- else }} + {{- $excludere = printf "^%s$" ($s | replace "*" ".*" | replace "?" ".") }} + {{- end }} + {{- end }} + {{- end }} + {{- if (and (mustRegexMatch (default "no-matches" $includere) (base .Template.Name)) (not (mustRegexMatch (default "no-matches" $excludere) (base .Template.Name)))) }} + {{- print "enabled" }} + {{- else }} + {{- print "" }} + {{- end }} +{{- else }} + {{- print "" }} +{{- end }} +{{- end }} + +{{/* +Determine the default login token signing key. +*/}} +{{- define "kiali-server.login_token.signing_key" -}} +{{- if .Values.login_token.signing_key }} + {{- .Values.login_token.signing_key }} +{{- else }} + {{- randAlphaNum 16 }} +{{- end }} +{{- end }} + +{{/* +Determine the default web root. +*/}} +{{- define "kiali-server.server.web_root" -}} +{{- if .Values.server.web_root }} + {{- .Values.server.web_root | trimSuffix "/" }} +{{- else }} + {{- if .Capabilities.APIVersions.Has "route.openshift.io/v1" }} + {{- "/" }} + {{- else }} + {{- "/kiali" }} + {{- end }} +{{- end }} +{{- end }} + +{{/* +Determine the default identity cert file. There is no default if on k8s; only on OpenShift. +*/}} +{{- define "kiali-server.identity.cert_file" -}} +{{- if hasKey .Values.identity "cert_file" }} + {{- .Values.identity.cert_file }} +{{- else }} + {{- if .Capabilities.APIVersions.Has "route.openshift.io/v1" }} + {{- "/kiali-cert/tls.crt" }} + {{- else }} + {{- "" }} + {{- end }} +{{- end }} +{{- end }} + +{{/* +Determine the default identity private key file. There is no default if on k8s; only on OpenShift. +*/}} +{{- define "kiali-server.identity.private_key_file" -}} +{{- if hasKey .Values.identity "private_key_file" }} + {{- .Values.identity.private_key_file }} +{{- else }} + {{- if .Capabilities.APIVersions.Has "route.openshift.io/v1" }} + {{- "/kiali-cert/tls.key" }} + {{- else }} + {{- "" }} + {{- end }} +{{- end }} +{{- end }} + +{{/* +Determine the istio namespace - default is where Kiali is installed. +*/}} +{{- define "kiali-server.istio_namespace" -}} +{{- if .Values.istio_namespace }} + {{- .Values.istio_namespace }} +{{- else }} + {{- .Release.Namespace }} +{{- end }} +{{- end }} + +{{/* +Determine the auth strategy to use - default is "token" on Kubernetes and "openshift" on OpenShift. +*/}} +{{- define "kiali-server.auth.strategy" -}} +{{- if .Values.auth.strategy }} + {{- if (and (eq .Values.auth.strategy "openshift") (not .Values.kiali_route_url)) }} + {{- fail "You did not define what the Kiali Route URL will be (--set kiali_route_url=...). Without this set, the openshift auth strategy will not work. Either set that or use a different auth strategy via the --set auth.strategy=... option." }} + {{- end }} + {{- .Values.auth.strategy }} +{{- else }} + {{- if .Capabilities.APIVersions.Has "route.openshift.io/v1" }} + {{- if not .Values.kiali_route_url }} + {{- fail "You did not define what the Kiali Route URL will be (--set kiali_route_url=...). Without this set, the openshift auth strategy will not work. Either set that or explicitly indicate another auth strategy you want via the --set auth.strategy=... option." }} + {{- end }} + {{- "openshift" }} + {{- else }} + {{- "token" }} + {{- end }} +{{- end }} +{{- end }} + +{{- define "system_default_registry" -}} +{{- if .Values.global.cattle.systemDefaultRegistry -}} +{{- printf "%s/" .Values.global.cattle.systemDefaultRegistry -}} +{{- else -}} +{{- "" -}} +{{- end -}} +{{- end -}} diff --git a/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/kiali/templates/cabundle.yaml b/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/kiali/templates/cabundle.yaml new file mode 100755 index 00000000000..7462b95a7f3 --- /dev/null +++ b/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/kiali/templates/cabundle.yaml @@ -0,0 +1,13 @@ +{{- if .Capabilities.APIVersions.Has "route.openshift.io/v1" }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "kiali-server.fullname" . }}-cabundle + namespace: {{ .Release.Namespace }} + labels: + {{- include "kiali-server.labels" . | nindent 4 }} + annotations: + service.beta.openshift.io/inject-cabundle: "true" +... +{{- end }} diff --git a/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/kiali/templates/configmap.yaml b/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/kiali/templates/configmap.yaml new file mode 100755 index 00000000000..b1bf531731f --- /dev/null +++ b/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/kiali/templates/configmap.yaml @@ -0,0 +1,24 @@ +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "kiali-server.fullname" . }} + namespace: {{ .Release.Namespace }} + labels: + {{- include "kiali-server.labels" . | nindent 4 }} +data: + config.yaml: | + {{- /* Most of .Values is simply the ConfigMap - strip out the keys that are not part of the ConfigMap */}} + {{- $cm := omit .Values "nameOverride" "fullnameOverride" "kiali_route_url" }} + {{- /* The helm chart defines namespace for us, but pass it to the ConfigMap in case the server needs it */}} + {{- $_ := set $cm.deployment "namespace" .Release.Namespace }} + {{- /* Some values of the ConfigMap are generated, but might not be identical, from .Values */}} + {{- $_ := set $cm "istio_namespace" (include "kiali-server.istio_namespace" .) }} + {{- $_ := set $cm.auth "strategy" (include "kiali-server.auth.strategy" .) }} + {{- $_ := set $cm.auth.openshift "client_id_prefix" (include "kiali-server.fullname" .) }} + {{- $_ := set $cm.identity "cert_file" (include "kiali-server.identity.cert_file" .) }} + {{- $_ := set $cm.identity "private_key_file" (include "kiali-server.identity.private_key_file" .) }} + {{- $_ := set $cm.login_token "signing_key" (include "kiali-server.login_token.signing_key" .) }} + {{- $_ := set $cm.server "web_root" (include "kiali-server.server.web_root" .) }} + {{- toYaml $cm | nindent 4 }} +... diff --git a/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/kiali/templates/dashboards/envoy.yaml b/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/kiali/templates/dashboards/envoy.yaml new file mode 100755 index 00000000000..85b4020175c --- /dev/null +++ b/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/kiali/templates/dashboards/envoy.yaml @@ -0,0 +1,56 @@ +{{- if (include "kiali-server.isDashboardEnabled" .) }} +--- +apiVersion: "monitoring.kiali.io/v1alpha1" +kind: MonitoringDashboard +metadata: + name: envoy + namespace: {{ .Release.Namespace }} + labels: + {{- include "kiali-server.labels" . | nindent 4 }} +spec: + title: Envoy Metrics + discoverOn: "envoy_server_uptime" + items: + - chart: + name: "Pods uptime" + spans: 4 + metricName: "envoy_server_uptime" + dataType: "raw" + - chart: + name: "Allocated memory" + unit: "bytes" + spans: 4 + metricName: "envoy_server_memory_allocated" + dataType: "raw" + min: 0 + - chart: + name: "Heap size" + unit: "bytes" + spans: 4 + metricName: "envoy_server_memory_heap_size" + dataType: "raw" + min: 0 + - chart: + name: "Upstream active connections" + spans: 6 + metricName: "envoy_cluster_upstream_cx_active" + dataType: "raw" + - chart: + name: "Upstream total requests" + spans: 6 + metricName: "envoy_cluster_upstream_rq_total" + unit: "rps" + dataType: "rate" + - chart: + name: "Downstream active connections" + spans: 6 + metricName: "envoy_listener_downstream_cx_active" + dataType: "raw" + - chart: + name: "Downstream HTTP requests" + spans: 6 + metricName: "envoy_listener_http_downstream_rq" + unit: "rps" + dataType: "rate" +... +{{- end }} diff --git a/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/kiali/templates/dashboards/go.yaml b/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/kiali/templates/dashboards/go.yaml new file mode 100755 index 00000000000..2d2f42a938d --- /dev/null +++ b/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/kiali/templates/dashboards/go.yaml @@ -0,0 +1,67 @@ +{{- if (include "kiali-server.isDashboardEnabled" .) }} +--- +apiVersion: "monitoring.kiali.io/v1alpha1" +kind: MonitoringDashboard +metadata: + name: go + namespace: {{ .Release.Namespace }} + labels: + {{- include "kiali-server.labels" . | nindent 4 }} +spec: + title: Go Metrics + runtime: Go + discoverOn: "go_info" + items: + - chart: + name: "CPU ratio" + spans: 6 + metricName: "process_cpu_seconds_total" + dataType: "rate" + aggregations: + - label: "pod_name" + displayName: "Pod" + - chart: + name: "RSS Memory" + unit: "bytes" + spans: 6 + metricName: "process_resident_memory_bytes" + dataType: "raw" + aggregations: + - label: "pod_name" + displayName: "Pod" + - chart: + name: "Goroutines" + spans: 6 + metricName: "go_goroutines" + dataType: "raw" + aggregations: + - label: "pod_name" + displayName: "Pod" + - chart: + name: "Heap allocation rate" + unit: "bytes/s" + spans: 6 + metricName: "go_memstats_alloc_bytes_total" + dataType: "rate" + aggregations: + - label: "pod_name" + displayName: "Pod" + - chart: + name: "GC rate" + spans: 6 + metricName: "go_gc_duration_seconds_count" + dataType: "rate" + aggregations: + - label: "pod_name" + displayName: "Pod" + - chart: + name: "Next GC" + unit: "bytes" + spans: 6 + metricName: "go_memstats_next_gc_bytes" + dataType: "raw" + aggregations: + - label: "pod_name" + displayName: "Pod" +... +{{- end }} diff --git a/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/kiali/templates/dashboards/kiali.yaml b/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/kiali/templates/dashboards/kiali.yaml new file mode 100755 index 00000000000..b1f011b4f95 --- /dev/null +++ b/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/kiali/templates/dashboards/kiali.yaml @@ -0,0 +1,44 @@ +{{- if (include "kiali-server.isDashboardEnabled" .) }} +--- +apiVersion: "monitoring.kiali.io/v1alpha1" +kind: MonitoringDashboard +metadata: + name: kiali + namespace: {{ .Release.Namespace }} + labels: + {{- include "kiali-server.labels" . | nindent 4 }} +spec: + title: Kiali Internal Metrics + items: + - chart: + name: "API processing duration" + unit: "seconds" + spans: 6 + metricName: "kiali_api_processing_duration_seconds" + dataType: "histogram" + aggregations: + - label: "route" + displayName: "Route" + - chart: + name: "Functions processing duration" + unit: "seconds" + spans: 6 + metricName: "kiali_go_function_processing_duration_seconds" + dataType: "histogram" + aggregations: + - label: "function" + displayName: "Function" + - label: "package" + displayName: "Package" + - chart: + name: "Failures" + spans: 12 + metricName: "kiali_go_function_failures_total" + dataType: "raw" + aggregations: + - label: "function" + displayName: "Function" + - label: "package" + displayName: "Package" +... +{{- end }} diff --git a/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/kiali/templates/dashboards/micrometer-1.0.6-jvm-pool.yaml b/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/kiali/templates/dashboards/micrometer-1.0.6-jvm-pool.yaml new file mode 100755 index 00000000000..2e1ed5cfff3 --- /dev/null +++ b/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/kiali/templates/dashboards/micrometer-1.0.6-jvm-pool.yaml @@ -0,0 +1,43 @@ +{{- if (include "kiali-server.isDashboardEnabled" .) }} +--- +apiVersion: "monitoring.kiali.io/v1alpha1" +kind: MonitoringDashboard +metadata: + name: micrometer-1.0.6-jvm-pool + namespace: {{ .Release.Namespace }} + labels: + {{- include "kiali-server.labels" . | nindent 4 }} +spec: + runtime: JVM + title: JVM Pool Metrics + discoverOn: "jvm_buffer_total_capacity_bytes" + items: + - chart: + name: "Pool buffer memory used" + unit: "bytes" + spans: 4 + metricName: "jvm_buffer_memory_used_bytes" + dataType: "raw" + aggregations: + - label: "id" + displayName: "Pool" + - chart: + name: "Pool buffer capacity" + unit: "bytes" + spans: 4 + metricName: "jvm_buffer_total_capacity_bytes" + dataType: "raw" + aggregations: + - label: "id" + displayName: "Pool" + - chart: + name: "Pool buffer count" + unit: "bytes" + spans: 4 + metricName: "jvm_buffer_count" + dataType: "raw" + aggregations: + - label: "id" + displayName: "Pool" +... +{{- end }} diff --git a/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/kiali/templates/dashboards/micrometer-1.0.6-jvm.yaml b/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/kiali/templates/dashboards/micrometer-1.0.6-jvm.yaml new file mode 100755 index 00000000000..d645968820a --- /dev/null +++ b/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/kiali/templates/dashboards/micrometer-1.0.6-jvm.yaml @@ -0,0 +1,65 @@ +{{- if (include "kiali-server.isDashboardEnabled" .) }} +--- +apiVersion: "monitoring.kiali.io/v1alpha1" +kind: MonitoringDashboard +metadata: + name: micrometer-1.0.6-jvm + namespace: {{ .Release.Namespace }} + labels: + {{- include "kiali-server.labels" . | nindent 4 }} +spec: + runtime: JVM + title: JVM Metrics + discoverOn: "jvm_threads_live" + items: + - chart: + name: "Total live threads" + spans: 4 + metricName: "jvm_threads_live" + dataType: "raw" + - chart: + name: "Daemon threads" + spans: 4 + metricName: "jvm_threads_daemon" + dataType: "raw" + - chart: + name: "Loaded classes" + spans: 4 + metricName: "jvm_classes_loaded" + dataType: "raw" + + - chart: + name: "Memory used" + unit: "bytes" + spans: 4 + metricName: "jvm_memory_used_bytes" + dataType: "raw" + aggregations: + - label: "area" + displayName: "Area" + - label: "id" + displayName: "Space" + - chart: + name: "Memory commited" + unit: "bytes" + spans: 4 + metricName: "jvm_memory_committed_bytes" + dataType: "raw" + aggregations: + - label: "area" + displayName: "Area" + - label: "id" + displayName: "Space" + - chart: + name: "Memory max" + unit: "bytes" + spans: 4 + metricName: "jvm_memory_max_bytes" + dataType: "raw" + aggregations: + - label: "area" + displayName: "Area" + - label: "id" + displayName: "Space" +... +{{- end }} diff --git a/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/kiali/templates/dashboards/micrometer-1.1-jvm.yaml b/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/kiali/templates/dashboards/micrometer-1.1-jvm.yaml new file mode 100755 index 00000000000..76e8d0a4a0c --- /dev/null +++ b/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/kiali/templates/dashboards/micrometer-1.1-jvm.yaml @@ -0,0 +1,68 @@ +{{- if (include "kiali-server.isDashboardEnabled" .) }} +--- +apiVersion: "monitoring.kiali.io/v1alpha1" +kind: MonitoringDashboard +metadata: + name: micrometer-1.1-jvm + namespace: {{ .Release.Namespace }} + labels: + {{- include "kiali-server.labels" . | nindent 4 }} +spec: + runtime: JVM + title: JVM Metrics + discoverOn: "jvm_threads_live_threads" + items: + - chart: + name: "Memory used" + unit: "bytes" + spans: 4 + metricName: "jvm_memory_used_bytes" + dataType: "raw" + aggregations: + - label: "area" + displayName: "Area" + - label: "id" + displayName: "Space" + - chart: + name: "Memory commited" + unit: "bytes" + spans: 4 + metricName: "jvm_memory_committed_bytes" + dataType: "raw" + aggregations: + - label: "area" + displayName: "Area" + - label: "id" + displayName: "Space" + - chart: + name: "Memory max" + unit: "bytes" + spans: 4 + metricName: "jvm_memory_max_bytes" + dataType: "raw" + aggregations: + - label: "area" + displayName: "Area" + - label: "id" + displayName: "Space" + + - chart: + name: "Total live threads" + spans: 4 + metricName: "jvm_threads_live_threads" + dataType: "raw" + - chart: + name: "Daemon threads" + spans: 4 + metricName: "jvm_threads_daemon_threads" + dataType: "raw" + - chart: + name: "Threads states" + spans: 4 + metricName: "jvm_threads_states_threads" + dataType: "raw" + aggregations: + - label: "state" + displayName: "State" +... +{{- end }} diff --git a/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/kiali/templates/dashboards/microprofile-1.1.yaml b/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/kiali/templates/dashboards/microprofile-1.1.yaml new file mode 100755 index 00000000000..1d495119640 --- /dev/null +++ b/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/kiali/templates/dashboards/microprofile-1.1.yaml @@ -0,0 +1,59 @@ +{{- if (include "kiali-server.isDashboardEnabled" .) }} +--- +apiVersion: "monitoring.kiali.io/v1alpha1" +kind: MonitoringDashboard +metadata: + name: microprofile-1.1 + namespace: {{ .Release.Namespace }} + labels: + {{- include "kiali-server.labels" . | nindent 4 }} +spec: + title: MicroProfile Metrics + runtime: MicroProfile + discoverOn: "base:thread_count" + items: + - chart: + name: "Current loaded classes" + spans: 6 + metricName: "base:classloader_current_loaded_class_count" + dataType: "raw" + - chart: + name: "Unloaded classes" + spans: 6 + metricName: "base:classloader_total_unloaded_class_count" + dataType: "raw" + - chart: + name: "Thread count" + spans: 4 + metricName: "base:thread_count" + dataType: "raw" + - chart: + name: "Thread max count" + spans: 4 + metricName: "base:thread_max_count" + dataType: "raw" + - chart: + name: "Thread daemon count" + spans: 4 + metricName: "base:thread_daemon_count" + dataType: "raw" + - chart: + name: "Committed heap" + unit: "bytes" + spans: 4 + metricName: "base:memory_committed_heap_bytes" + dataType: "raw" + - chart: + name: "Max heap" + unit: "bytes" + spans: 4 + metricName: "base:memory_max_heap_bytes" + dataType: "raw" + - chart: + name: "Used heap" + unit: "bytes" + spans: 4 + metricName: "base:memory_used_heap_bytes" + dataType: "raw" +... +{{- end }} diff --git a/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/kiali/templates/dashboards/microprofile-x.y.yaml b/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/kiali/templates/dashboards/microprofile-x.y.yaml new file mode 100755 index 00000000000..57ddc60ef64 --- /dev/null +++ b/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/kiali/templates/dashboards/microprofile-x.y.yaml @@ -0,0 +1,38 @@ +{{- if (include "kiali-server.isDashboardEnabled" .) }} +--- +apiVersion: "monitoring.kiali.io/v1alpha1" +kind: MonitoringDashboard +metadata: + name: microprofile-x.y + namespace: {{ .Release.Namespace }} + labels: + {{- include "kiali-server.labels" . | nindent 4 }} +spec: + title: MicroProfile Metrics + runtime: MicroProfile + discoverOn: "base:gc_complete_scavenger_count" + items: + - chart: + name: "Young GC time" + unit: "seconds" + spans: 3 + metricName: "base:gc_young_generation_scavenger_time_seconds" + dataType: "raw" + - chart: + name: "Young GC count" + spans: 3 + metricName: "base:gc_young_generation_scavenger_count" + dataType: "raw" + - chart: + name: "Total GC time" + unit: "seconds" + spans: 3 + metricName: "base:gc_complete_scavenger_time_seconds" + dataType: "raw" + - chart: + name: "Total GC count" + spans: 3 + metricName: "base:gc_complete_scavenger_count" + dataType: "raw" +... +{{- end }} diff --git a/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/kiali/templates/dashboards/nodejs.yaml b/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/kiali/templates/dashboards/nodejs.yaml new file mode 100755 index 00000000000..1ffe0aa10dc --- /dev/null +++ b/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/kiali/templates/dashboards/nodejs.yaml @@ -0,0 +1,59 @@ +{{- if (include "kiali-server.isDashboardEnabled" .) }} +--- +apiVersion: "monitoring.kiali.io/v1alpha1" +kind: MonitoringDashboard +metadata: + name: nodejs + namespace: {{ .Release.Namespace }} + labels: + {{- include "kiali-server.labels" . | nindent 4 }} +spec: + runtime: Node.js + title: Node.js Metrics + discoverOn: "nodejs_active_handles_total" + items: + - chart: + name: "Active handles" + spans: 4 + metricName: "nodejs_active_handles_total" + dataType: "raw" + - chart: + name: "Active requests" + spans: 4 + metricName: "nodejs_active_requests_total" + dataType: "raw" + - chart: + name: "Event loop lag" + unit: "seconds" + spans: 4 + metricName: "nodejs_eventloop_lag_seconds" + dataType: "raw" + - chart: + name: "Total heap size" + unit: "bytes" + spans: 12 + metricName: "nodejs_heap_space_size_total_bytes" + dataType: "raw" + aggregations: + - label: "space" + displayName: "Space" + - chart: + name: "Used heap size" + unit: "bytes" + spans: 6 + metricName: "nodejs_heap_space_size_used_bytes" + dataType: "raw" + aggregations: + - label: "space" + displayName: "Space" + - chart: + name: "Available heap size" + unit: "bytes" + spans: 6 + metricName: "nodejs_heap_space_size_available_bytes" + dataType: "raw" + aggregations: + - label: "space" + displayName: "Space" +... +{{- end }} diff --git a/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/kiali/templates/dashboards/quarkus.yaml b/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/kiali/templates/dashboards/quarkus.yaml new file mode 100755 index 00000000000..cef5f3dce5f --- /dev/null +++ b/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/kiali/templates/dashboards/quarkus.yaml @@ -0,0 +1,33 @@ +{{- if (include "kiali-server.isDashboardEnabled" .) }} +--- +apiVersion: "monitoring.kiali.io/v1alpha1" +kind: MonitoringDashboard +metadata: + name: quarkus + namespace: {{ .Release.Namespace }} + labels: + {{- include "kiali-server.labels" . | nindent 4 }} +spec: + title: Quarkus Metrics + runtime: Quarkus + items: + - chart: + name: "Thread count" + spans: 4 + metricName: "vendor:thread_count" + dataType: "raw" + - chart: + name: "Used heap" + unit: "bytes" + spans: 4 + metricName: "vendor:memory_heap_usage_bytes" + dataType: "raw" + - chart: + name: "Used non-heap" + unit: "bytes" + spans: 4 + metricName: "vendor:memory_non_heap_usage_bytes" + dataType: "raw" + - include: "microprofile-x.y" +... +{{- end }} diff --git a/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/kiali/templates/dashboards/springboot-jvm-pool.yaml b/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/kiali/templates/dashboards/springboot-jvm-pool.yaml new file mode 100755 index 00000000000..42d87d89016 --- /dev/null +++ b/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/kiali/templates/dashboards/springboot-jvm-pool.yaml @@ -0,0 +1,16 @@ +{{- if (include "kiali-server.isDashboardEnabled" .) }} +--- +apiVersion: "monitoring.kiali.io/v1alpha1" +kind: MonitoringDashboard +metadata: + name: springboot-jvm-pool + namespace: {{ .Release.Namespace }} + labels: + {{- include "kiali-server.labels" . | nindent 4 }} +spec: + runtime: Spring Boot + title: JVM Pool Metrics + items: + - include: "micrometer-1.0.6-jvm-pool" +... +{{- end }} diff --git a/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/kiali/templates/dashboards/springboot-jvm.yaml b/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/kiali/templates/dashboards/springboot-jvm.yaml new file mode 100755 index 00000000000..ced3acdd94c --- /dev/null +++ b/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/kiali/templates/dashboards/springboot-jvm.yaml @@ -0,0 +1,16 @@ +{{- if (include "kiali-server.isDashboardEnabled" .) }} +--- +apiVersion: "monitoring.kiali.io/v1alpha1" +kind: MonitoringDashboard +metadata: + name: springboot-jvm + namespace: {{ .Release.Namespace }} + labels: + {{- include "kiali-server.labels" . | nindent 4 }} +spec: + runtime: Spring Boot + title: JVM Metrics + items: + - include: "micrometer-1.0.6-jvm" +... +{{- end }} diff --git a/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/kiali/templates/dashboards/springboot-tomcat.yaml b/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/kiali/templates/dashboards/springboot-tomcat.yaml new file mode 100755 index 00000000000..c07016aa2a2 --- /dev/null +++ b/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/kiali/templates/dashboards/springboot-tomcat.yaml @@ -0,0 +1,16 @@ +{{- if (include "kiali-server.isDashboardEnabled" .) }} +--- +apiVersion: "monitoring.kiali.io/v1alpha1" +kind: MonitoringDashboard +metadata: + name: springboot-tomcat + namespace: {{ .Release.Namespace }} + labels: + {{- include "kiali-server.labels" . | nindent 4 }} +spec: + runtime: Spring Boot + title: Tomcat Metrics + items: + - include: "tomcat" +... +{{- end }} diff --git a/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/kiali/templates/dashboards/thorntail.yaml b/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/kiali/templates/dashboards/thorntail.yaml new file mode 100755 index 00000000000..6bd85e6f571 --- /dev/null +++ b/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/kiali/templates/dashboards/thorntail.yaml @@ -0,0 +1,22 @@ +{{- if (include "kiali-server.isDashboardEnabled" .) }} +--- +apiVersion: "monitoring.kiali.io/v1alpha1" +kind: MonitoringDashboard +metadata: + name: thorntail + namespace: {{ .Release.Namespace }} + labels: + {{- include "kiali-server.labels" . | nindent 4 }} +spec: + runtime: Thorntail + title: Thorntail Metrics + discoverOn: "vendor:loaded_modules" + items: + - include: "microprofile-1.1" + - chart: + name: "Loaded modules" + spans: 6 + metricName: "vendor:loaded_modules" + dataType: "raw" +... +{{- end }} diff --git a/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/kiali/templates/dashboards/tomcat.yaml b/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/kiali/templates/dashboards/tomcat.yaml new file mode 100755 index 00000000000..9a803342fe0 --- /dev/null +++ b/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/kiali/templates/dashboards/tomcat.yaml @@ -0,0 +1,67 @@ +{{- if (include "kiali-server.isDashboardEnabled" .) }} +--- +apiVersion: "monitoring.kiali.io/v1alpha1" +kind: MonitoringDashboard +metadata: + name: tomcat + namespace: {{ .Release.Namespace }} + labels: + {{- include "kiali-server.labels" . | nindent 4 }} +spec: + runtime: Tomcat + title: Tomcat Metrics + discoverOn: "tomcat_sessions_created_total" + items: + - chart: + name: "Sessions created" + spans: 4 + metricName: "tomcat_sessions_created_total" + dataType: "raw" + - chart: + name: "Active sessions" + spans: 4 + metricName: "tomcat_sessions_active_current" + dataType: "raw" + - chart: + name: "Sessions rejected" + spans: 4 + metricName: "tomcat_sessions_rejected_total" + dataType: "raw" + + - chart: + name: "Bytes sent" + unit: "bitrate" + spans: 6 + metricName: "tomcat_global_sent_bytes_total" + dataType: "rate" + aggregations: + - label: "name" + displayName: "Name" + - chart: + name: "Bytes received" + unit: "bitrate" + spans: 6 + metricName: "tomcat_global_received_bytes_total" + dataType: "rate" + aggregations: + - label: "name" + displayName: "Name" + + - chart: + name: "Global errors" + spans: 6 + metricName: "tomcat_global_error_total" + dataType: "raw" + aggregations: + - label: "name" + displayName: "Name" + - chart: + name: "Servlet errors" + spans: 6 + metricName: "tomcat_servlet_error_total" + dataType: "raw" + aggregations: + - label: "name" + displayName: "Name" +... +{{- end }} diff --git a/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/kiali/templates/dashboards/vertx-client.yaml b/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/kiali/templates/dashboards/vertx-client.yaml new file mode 100755 index 00000000000..2d591d6b0bb --- /dev/null +++ b/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/kiali/templates/dashboards/vertx-client.yaml @@ -0,0 +1,60 @@ +{{- if (include "kiali-server.isDashboardEnabled" .) }} +--- +apiVersion: "monitoring.kiali.io/v1alpha1" +kind: MonitoringDashboard +metadata: + name: vertx-client + namespace: {{ .Release.Namespace }} + labels: + {{- include "kiali-server.labels" . | nindent 4 }} +spec: + runtime: Vert.x + title: Vert.x Client Metrics + discoverOn: "vertx_http_client_connections" + items: + - chart: + name: "Client response time" + unit: "seconds" + spans: 6 + metricName: "vertx_http_client_responseTime_seconds" + dataType: "histogram" + aggregations: + - label: "path" + displayName: "Path" + - label: "method" + displayName: "Method" + - chart: + name: "Client request count rate" + unit: "ops" + spans: 6 + metricName: "vertx_http_client_requestCount_total" + dataType: "rate" + aggregations: + - label: "path" + displayName: "Path" + - label: "method" + displayName: "Method" + - chart: + name: "Client active connections" + spans: 6 + metricName: "vertx_http_client_connections" + dataType: "raw" + - chart: + name: "Client active websockets" + spans: 6 + metricName: "vertx_http_client_wsConnections" + dataType: "raw" + - chart: + name: "Client bytes sent" + unit: "bytes" + spans: 6 + metricName: "vertx_http_client_bytesSent" + dataType: "histogram" + - chart: + name: "Client bytes received" + unit: "bytes" + spans: 6 + metricName: "vertx_http_client_bytesReceived" + dataType: "histogram" +... +{{- end }} diff --git a/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/kiali/templates/dashboards/vertx-eventbus.yaml b/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/kiali/templates/dashboards/vertx-eventbus.yaml new file mode 100755 index 00000000000..65f9ee2ecaf --- /dev/null +++ b/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/kiali/templates/dashboards/vertx-eventbus.yaml @@ -0,0 +1,59 @@ +{{- if (include "kiali-server.isDashboardEnabled" .) }} +--- +apiVersion: "monitoring.kiali.io/v1alpha1" +kind: MonitoringDashboard +metadata: + name: vertx-eventbus + namespace: {{ .Release.Namespace }} + labels: + {{- include "kiali-server.labels" . | nindent 4 }} +spec: + runtime: Vert.x + title: Vert.x Eventbus Metrics + discoverOn: "vertx_eventbus_handlers" + items: + - chart: + name: "Event bus handlers" + spans: 6 + metricName: "vertx_eventbus_handlers" + dataType: "raw" + aggregations: + - label: "address" + displayName: "Eventbus address" + - chart: + name: "Event bus pending messages" + spans: 6 + metricName: "vertx_eventbus_pending" + dataType: "raw" + aggregations: + - label: "address" + displayName: "Eventbus address" + - chart: + name: "Event bus processing time" + unit: "seconds" + spans: 6 + metricName: "vertx_eventbus_processingTime_seconds" + dataType: "histogram" + aggregations: + - label: "address" + displayName: "Eventbus address" + - chart: + name: "Event bus bytes read" + unit: "bytes" + spans: 6 + metricName: "vertx_eventbus_bytesRead" + dataType: "histogram" + aggregations: + - label: "address" + displayName: "Eventbus address" + - chart: + name: "Event bus bytes written" + unit: "bytes" + spans: 6 + metricName: "vertx_eventbus_bytesWritten" + dataType: "histogram" + aggregations: + - label: "address" + displayName: "Eventbus address" +... +{{- end }} diff --git a/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/kiali/templates/dashboards/vertx-jvm.yaml b/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/kiali/templates/dashboards/vertx-jvm.yaml new file mode 100755 index 00000000000..2663186f3e6 --- /dev/null +++ b/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/kiali/templates/dashboards/vertx-jvm.yaml @@ -0,0 +1,16 @@ +{{- if (include "kiali-server.isDashboardEnabled" .) }} +--- +apiVersion: "monitoring.kiali.io/v1alpha1" +kind: MonitoringDashboard +metadata: + name: vertx-jvm + namespace: {{ .Release.Namespace }} + labels: + {{- include "kiali-server.labels" . | nindent 4 }} +spec: + runtime: Vert.x + title: JVM Metrics + items: + - include: "micrometer-1.1-jvm" +... +{{- end }} diff --git a/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/kiali/templates/dashboards/vertx-pool.yaml b/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/kiali/templates/dashboards/vertx-pool.yaml new file mode 100755 index 00000000000..f6af921b356 --- /dev/null +++ b/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/kiali/templates/dashboards/vertx-pool.yaml @@ -0,0 +1,68 @@ +{{- if (include "kiali-server.isDashboardEnabled" .) }} +--- +apiVersion: "monitoring.kiali.io/v1alpha1" +kind: MonitoringDashboard +metadata: + name: vertx-pool + namespace: {{ .Release.Namespace }} + labels: + {{- include "kiali-server.labels" . | nindent 4 }} +spec: + runtime: Vert.x + title: Vert.x Pools Metrics + discoverOn: "vertx_pool_ratio" + items: + - chart: + name: "Usage duration" + unit: "seconds" + spans: 6 + metricName: "vertx_pool_usage_seconds" + dataType: "histogram" + aggregations: + - label: "pool_name" + displayName: "Name" + - label: "pool_type" + displayName: "Type" + - chart: + name: "Usage ratio" + spans: 6 + metricName: "vertx_pool_ratio" + dataType: "raw" + aggregations: + - label: "pool_name" + displayName: "Name" + - label: "pool_type" + displayName: "Type" + - chart: + name: "Queue size" + spans: 6 + metricName: "vertx_pool_queue_size" + dataType: "raw" + aggregations: + - label: "pool_name" + displayName: "Name" + - label: "pool_type" + displayName: "Type" + - chart: + name: "Time in queue" + unit: "seconds" + spans: 6 + metricName: "vertx_pool_queue_delay_seconds" + dataType: "histogram" + aggregations: + - label: "pool_name" + displayName: "Name" + - label: "pool_type" + displayName: "Type" + - chart: + name: "Resources used" + spans: 6 + metricName: "vertx_pool_inUse" + dataType: "raw" + aggregations: + - label: "pool_name" + displayName: "Name" + - label: "pool_type" + displayName: "Type" +... +{{- end }} diff --git a/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/kiali/templates/dashboards/vertx-server.yaml b/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/kiali/templates/dashboards/vertx-server.yaml new file mode 100755 index 00000000000..de6b89df9fd --- /dev/null +++ b/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/kiali/templates/dashboards/vertx-server.yaml @@ -0,0 +1,62 @@ +{{- if (include "kiali-server.isDashboardEnabled" .) }} +--- +apiVersion: "monitoring.kiali.io/v1alpha1" +kind: MonitoringDashboard +metadata: + name: vertx-server + namespace: {{ .Release.Namespace }} + labels: + {{- include "kiali-server.labels" . | nindent 4 }} +spec: + runtime: Vert.x + title: Vert.x Server Metrics + discoverOn: "vertx_http_server_connections" + items: + - chart: + name: "Server response time" + unit: "seconds" + spans: 6 + metricName: "vertx_http_server_responseTime_seconds" + dataType: "histogram" + aggregations: + - label: "path" + displayName: "Path" + - label: "method" + displayName: "Method" + - chart: + name: "Server request count rate" + unit: "ops" + spans: 6 + metricName: "vertx_http_server_requestCount_total" + dataType: "rate" + aggregations: + - label: "code" + displayName: "Error code" + - label: "path" + displayName: "Path" + - label: "method" + displayName: "Method" + - chart: + name: "Server active connections" + spans: 6 + metricName: "vertx_http_server_connections" + dataType: "raw" + - chart: + name: "Server active websockets" + spans: 6 + metricName: "vertx_http_server_wsConnections" + dataType: "raw" + - chart: + name: "Server bytes sent" + unit: "bytes" + spans: 6 + metricName: "vertx_http_server_bytesSent" + dataType: "histogram" + - chart: + name: "Server bytes received" + unit: "bytes" + spans: 6 + metricName: "vertx_http_server_bytesReceived" + dataType: "histogram" +... +{{- end }} diff --git a/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/kiali/templates/deployment.yaml b/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/kiali/templates/deployment.yaml new file mode 100755 index 00000000000..100c5792288 --- /dev/null +++ b/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/kiali/templates/deployment.yaml @@ -0,0 +1,174 @@ +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "kiali-server.fullname" . }} + namespace: {{ .Release.Namespace }} + labels: + {{- include "kiali-server.labels" . | nindent 4 }} +spec: + replicas: {{ .Values.deployment.replicas }} + selector: + matchLabels: + {{- include "kiali-server.selectorLabels" . | nindent 6 }} + strategy: + rollingUpdate: + maxSurge: 1 + maxUnavailable: 1 + type: RollingUpdate + template: + metadata: + name: {{ include "kiali-server.fullname" . }} + labels: + {{- include "kiali-server.labels" . | nindent 8 }} + {{- if .Values.deployment.pod_labels }} + {{- toYaml .Values.deployment.pod_labels | nindent 8 }} + {{- end }} + annotations: + {{- if .Values.server.metrics_enabled }} + prometheus.io/scrape: "true" + prometheus.io/port: {{ .Values.server.metrics_port | quote }} + {{- else }} + prometheus.io/scrape: "false" + prometheus.io/port: "" + {{- end }} + kiali.io/runtimes: go,kiali + {{- if .Values.deployment.pod_annotations }} + {{- toYaml .Values.deployment.pod_annotations | nindent 8 }} + {{- end }} + spec: + serviceAccountName: {{ include "kiali-server.fullname" . }} + {{- if .Values.deployment.priority_class_name }} + priorityClassName: {{ .Values.deployment.priority_class_name | quote }} + {{- end }} + {{- if .Values.deployment.image_pull_secrets }} + imagePullSecrets: + {{- range .Values.deployment.image_pull_secrets }} + - name: {{ . }} + {{- end }} + {{- end }} + containers: + - image: "{{ template "system_default_registry" . }}{{ .Values.deployment.repository }}:{{ .Values.deployment.tag }}" + imagePullPolicy: {{ .Values.deployment.image_pull_policy | default "Always" }} + name: {{ include "kiali-server.fullname" . }} + command: + - "/opt/kiali/kiali" + - "-config" + - "/kiali-configuration/config.yaml" + ports: + - name: api-port + containerPort: {{ .Values.server.port | default 20001 }} + {{- if .Values.server.metrics_enabled }} + - name: http-metrics + containerPort: {{ .Values.server.metrics_port | default 9090 }} + {{- end }} + readinessProbe: + httpGet: + path: {{ include "kiali-server.server.web_root" . | trimSuffix "/" }}/healthz + port: api-port + {{- if (include "kiali-server.identity.cert_file" .) }} + scheme: HTTPS + {{- else }} + scheme: HTTP + {{- end }} + initialDelaySeconds: 5 + periodSeconds: 30 + livenessProbe: + httpGet: + path: {{ include "kiali-server.server.web_root" . | trimSuffix "/" }}/healthz + port: api-port + {{- if (include "kiali-server.identity.cert_file" .) }} + scheme: HTTPS + {{- else }} + scheme: HTTP + {{- end }} + initialDelaySeconds: 5 + periodSeconds: 30 + env: + - name: ACTIVE_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: LOG_LEVEL + value: "{{ include "kiali-server.logLevel" . }}" + - name: LOG_FORMAT + value: "{{ .Values.deployment.logger.log_format }}" + - name: LOG_TIME_FIELD_FORMAT + value: "{{ .Values.deployment.logger.time_field_format }}" + - name: LOG_SAMPLER_RATE + value: "{{ .Values.deployment.logger.sampler_rate }}" + volumeMounts: + {{- if .Values.web_root_override }} + - name: kiali-console + subPath: env.js + mountPath: /opt/kiali/console/env.js + {{- end }} + - name: {{ include "kiali-server.fullname" . }}-configuration + mountPath: "/kiali-configuration" + - name: {{ include "kiali-server.fullname" . }}-cert + mountPath: "/kiali-cert" + - name: {{ include "kiali-server.fullname" . }}-secret + mountPath: "/kiali-secret" + {{- if .Capabilities.APIVersions.Has "route.openshift.io/v1" }} + - name: {{ include "kiali-server.fullname" . }}-cabundle + mountPath: "/kiali-cabundle" + {{- end }} + {{- if .Values.deployment.resources }} + resources: + {{- toYaml .Values.deployment.resources | nindent 10 }} + {{- end }} + volumes: + {{- if .Values.web_root_override }} + - name: kiali-console + configMap: + name: kiali-console + items: + - key: env.js + path: env.js + {{- end }} + - name: {{ include "kiali-server.fullname" . }}-configuration + configMap: + name: {{ include "kiali-server.fullname" . }} + - name: {{ include "kiali-server.fullname" . }}-cert + secret: + {{- if .Capabilities.APIVersions.Has "route.openshift.io/v1" }} + secretName: {{ include "kiali-server.fullname" . }}-cert-secret + {{- else }} + secretName: istio.{{ include "kiali-server.fullname" . }}-service-account + {{- end }} + {{- if not (include "kiali-server.identity.cert_file" .) }} + optional: true + {{- end }} + - name: {{ include "kiali-server.fullname" . }}-secret + secret: + secretName: {{ .Values.deployment.secret_name }} + optional: true + {{- if .Capabilities.APIVersions.Has "route.openshift.io/v1" }} + - name: {{ include "kiali-server.fullname" . }}-cabundle + configMap: + name: {{ include "kiali-server.fullname" . }}-cabundle + {{- end }} + {{- if or (.Values.deployment.affinity.node) (or (.Values.deployment.pod) (.Values.deployment.pod_anti)) }} + affinity: + {{- if .Values.deployment.affinity.node }} + nodeAffinity: + {{- toYaml .Values.deployment.affinity.node | nindent 10 }} + {{- end }} + {{- if .Values.deployment.affinity.pod }} + podAffinity: + {{- toYaml .Values.deployment.affinity.pod | nindent 10 }} + {{- end }} + {{- if .Values.deployment.affinity.pod_anti }} + podAntiAffinity: + {{- toYaml .Values.deployment.affinity.pod_anti | nindent 10 }} + {{- end }} + {{- end }} + {{- if .Values.deployment.tolerations }} + tolerations: + {{- toYaml .Values.deployment.tolerations | nindent 8 }} + {{- end }} + {{- if .Values.deployment.node_selector }} + nodeSelector: + {{- toYaml .Values.deployment.node_selector | nindent 8 }} + {{- end }} +... diff --git a/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/kiali/templates/hpa.yaml b/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/kiali/templates/hpa.yaml new file mode 100755 index 00000000000..934c4c1e9d7 --- /dev/null +++ b/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/kiali/templates/hpa.yaml @@ -0,0 +1,17 @@ +{{- if .Values.deployment.hpa.spec }} +--- +apiVersion: {{ .Values.deployment.hpa.api_version }} +kind: HorizontalPodAutoscaler +metadata: + name: {{ include "kiali-server.fullname" . }} + namespace: {{ .Release.Namespace }} + labels: + {{- include "kiali-server.labels" . | nindent 4 }} +spec: + scaleTargetRef: + apiVersion: apps/v1 + kind: Deployment + name: {{ include "kiali-server.fullname" . }} + {{- toYaml .Values.deployment.hpa.spec | nindent 2 }} +... +{{- end }} diff --git a/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/kiali/templates/ingress.yaml b/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/kiali/templates/ingress.yaml new file mode 100755 index 00000000000..e4c98db1b82 --- /dev/null +++ b/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/kiali/templates/ingress.yaml @@ -0,0 +1,40 @@ +{{- if not (.Capabilities.APIVersions.Has "route.openshift.io/v1") }} +{{- if .Values.deployment.ingress_enabled }} +--- +apiVersion: networking.k8s.io/v1beta1 +kind: Ingress +metadata: + name: {{ include "kiali-server.fullname" . }} + namespace: {{ .Release.Namespace }} + labels: + {{- include "kiali-server.labels" . | nindent 4 }} + annotations: + {{- if hasKey .Values.deployment.override_ingress_yaml.metadata "annotations" }} + {{- toYaml .Values.deployment.override_ingress_yaml.metadata.annotations | nindent 4 }} + {{- else }} + # For ingress-nginx versions older than 0.20.0 use secure-backends. + # (see: https://github.com/kubernetes/ingress-nginx/issues/3416#issuecomment-438247948) + # For ingress-nginx versions 0.20.0 and later use backend-protocol. + {{- if (include "kiali-server.identity.cert_file" .) }} + nginx.ingress.kubernetes.io/secure-backends: "true" + nginx.ingress.kubernetes.io/backend-protocol: "HTTPS" + {{- else }} + nginx.ingress.kubernetes.io/secure-backends: "false" + nginx.ingress.kubernetes.io/backend-protocol: "HTTP" + {{- end }} + {{- end }} +spec: + {{- if hasKey .Values.deployment.override_ingress_yaml "spec" }} + {{- toYaml .Values.deployment.override_ingress_yaml.spec | nindent 2 }} + {{- else }} + rules: + - http: + paths: + - path: {{ include "kiali-server.server.web_root" . }} + backend: + serviceName: {{ include "kiali-server.fullname" . }} + servicePort: {{ .Values.server.port }} + {{- end }} +... +{{- end }} +{{- end }} diff --git a/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/kiali/templates/oauth.yaml b/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/kiali/templates/oauth.yaml new file mode 100755 index 00000000000..a178bb85efc --- /dev/null +++ b/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/kiali/templates/oauth.yaml @@ -0,0 +1,17 @@ +{{- if .Capabilities.APIVersions.Has "route.openshift.io/v1" }} +{{- if .Values.kiali_route_url }} +--- +apiVersion: oauth.openshift.io/v1 +kind: OAuthClient +metadata: + name: {{ include "kiali-server.fullname" . }}-{{ .Release.Namespace }} + namespace: {{ .Release.Namespace }} + labels: + {{- include "kiali-server.labels" . | nindent 4 }} +redirectURIs: +- {{ .Values.kiali_route_url }} +grantMethod: auto +allowAnyScope: true +... +{{- end }} +{{- end }} diff --git a/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/kiali/templates/psp.yaml b/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/kiali/templates/psp.yaml new file mode 100755 index 00000000000..f891892cc4a --- /dev/null +++ b/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/kiali/templates/psp.yaml @@ -0,0 +1,67 @@ +{{- if .Values.global.rbac.pspEnabled }} +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: {{ include "kiali-server.fullname" . }}-psp + namespace: {{ .Release.Namespace }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: {{ include "kiali-server.fullname" . }}-psp +subjects: + - kind: ServiceAccount + name: kiali +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: {{ include "kiali-server.fullname" . }}-psp + namespace: {{ .Release.Namespace }} +rules: +- apiGroups: + - policy + resourceNames: + - {{ include "kiali-server.fullname" . }}-psp + resources: + - podsecuritypolicies + verbs: + - use +--- +apiVersion: policy/v1beta1 +kind: PodSecurityPolicy +metadata: + name: {{ include "kiali-server.fullname" . }}-psp + namespace: {{ .Release.Namespace }} +spec: + allowPrivilegeEscalation: false + forbiddenSysctls: + - '*' + fsGroup: + ranges: + - max: 65535 + min: 1 + rule: MustRunAs + requiredDropCapabilities: + - ALL + runAsUser: + rule: MustRunAsNonRoot + runAsGroup: + rule: MustRunAs + ranges: + - min: 1 + max: 65535 + seLinux: + rule: RunAsAny + supplementalGroups: + ranges: + - max: 65535 + min: 1 + rule: MustRunAs + volumes: + - configMap + - emptyDir + - projected + - secret + - downwardAPI + - persistentVolumeClaim +{{- end }} \ No newline at end of file diff --git a/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/kiali/templates/role-controlplane.yaml b/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/kiali/templates/role-controlplane.yaml new file mode 100755 index 00000000000..a22c76756a7 --- /dev/null +++ b/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/kiali/templates/role-controlplane.yaml @@ -0,0 +1,15 @@ +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: {{ include "kiali-server.fullname" . }}-controlplane + namespace: {{ include "kiali-server.istio_namespace" . }} + labels: + {{- include "kiali-server.labels" . | nindent 4 }} +rules: +- apiGroups: [""] + resources: + - secrets + verbs: + - list +... diff --git a/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/kiali/templates/role-viewer.yaml b/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/kiali/templates/role-viewer.yaml new file mode 100755 index 00000000000..9fdd9fd1de8 --- /dev/null +++ b/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/kiali/templates/role-viewer.yaml @@ -0,0 +1,97 @@ +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: {{ include "kiali-server.fullname" . }}-viewer + labels: + {{- include "kiali-server.labels" . | nindent 4 }} +rules: +- apiGroups: [""] + resources: + - configmaps + - endpoints + - namespaces + - nodes + - pods + - pods/log + - pods/proxy + - replicationcontrollers + - services + verbs: + - get + - list + - watch +- apiGroups: [""] + resources: + - pods/portforward + verbs: + - create + - post +- apiGroups: ["extensions", "apps"] + resources: + - daemonsets + - deployments + - replicasets + - statefulsets + verbs: + - get + - list + - watch +- apiGroups: ["autoscaling"] + resources: + - horizontalpodautoscalers + verbs: + - get + - list + - watch +- apiGroups: ["batch"] + resources: + - cronjobs + - jobs + verbs: + - get + - list + - watch +- apiGroups: + - networking.istio.io + - security.istio.io + resources: ["*"] + verbs: + - get + - list + - watch +- apiGroups: ["apps.openshift.io"] + resources: + - deploymentconfigs + verbs: + - get + - list + - watch +- apiGroups: ["project.openshift.io"] + resources: + - projects + verbs: + - get +- apiGroups: ["route.openshift.io"] + resources: + - routes + verbs: + - get +- apiGroups: ["monitoring.kiali.io"] + resources: + - monitoringdashboards + verbs: + - get + - list +- apiGroups: ["iter8.tools"] + resources: + - experiments + verbs: + - get + - list +- apiGroups: ["authentication.k8s.io"] + resources: + - tokenreviews + verbs: + - create +... diff --git a/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/kiali/templates/role.yaml b/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/kiali/templates/role.yaml new file mode 100755 index 00000000000..8444bc753ae --- /dev/null +++ b/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/kiali/templates/role.yaml @@ -0,0 +1,108 @@ +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: {{ include "kiali-server.fullname" . }} + labels: + {{- include "kiali-server.labels" . | nindent 4 }} +rules: +- apiGroups: [""] + resources: + - configmaps + - endpoints + - namespaces + - nodes + - pods + - pods/log + - pods/proxy + - replicationcontrollers + - services + verbs: + - get + - list + - patch + - watch +- apiGroups: [""] + resources: + - pods/portforward + verbs: + - create + - post +- apiGroups: ["extensions", "apps"] + resources: + - daemonsets + - deployments + - replicasets + - statefulsets + verbs: + - get + - list + - patch + - watch +- apiGroups: ["autoscaling"] + resources: + - horizontalpodautoscalers + verbs: + - get + - list + - watch +- apiGroups: ["batch"] + resources: + - cronjobs + - jobs + verbs: + - get + - list + - patch + - watch +- apiGroups: + - networking.istio.io + - security.istio.io + resources: ["*"] + verbs: + - create + - delete + - get + - list + - patch + - watch +- apiGroups: ["apps.openshift.io"] + resources: + - deploymentconfigs + verbs: + - get + - list + - patch + - watch +- apiGroups: ["project.openshift.io"] + resources: + - projects + verbs: + - get +- apiGroups: ["route.openshift.io"] + resources: + - routes + verbs: + - get +- apiGroups: ["monitoring.kiali.io"] + resources: + - monitoringdashboards + verbs: + - get + - list +- apiGroups: ["iter8.tools"] + resources: + - experiments + verbs: + - create + - delete + - get + - list + - patch + - watch +- apiGroups: ["authentication.k8s.io"] + resources: + - tokenreviews + verbs: + - create +... diff --git a/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/kiali/templates/rolebinding-controlplane.yaml b/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/kiali/templates/rolebinding-controlplane.yaml new file mode 100755 index 00000000000..5a00158360c --- /dev/null +++ b/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/kiali/templates/rolebinding-controlplane.yaml @@ -0,0 +1,17 @@ +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: {{ include "kiali-server.fullname" . }}-controlplane + namespace: {{ include "kiali-server.istio_namespace" . }} + labels: + {{- include "kiali-server.labels" . | nindent 4 }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: {{ include "kiali-server.fullname" . }}-controlplane +subjects: +- kind: ServiceAccount + name: {{ include "kiali-server.fullname" . }} + namespace: {{ .Release.Namespace }} +... diff --git a/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/kiali/templates/rolebinding.yaml b/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/kiali/templates/rolebinding.yaml new file mode 100755 index 00000000000..1eaabd65f59 --- /dev/null +++ b/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/kiali/templates/rolebinding.yaml @@ -0,0 +1,20 @@ +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: {{ include "kiali-server.fullname" . }} + labels: + {{- include "kiali-server.labels" . | nindent 4 }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + {{- if .Values.deployment.view_only_mode }} + name: {{ include "kiali-server.fullname" . }}-viewer + {{- else }} + name: {{ include "kiali-server.fullname" . }} + {{- end }} +subjects: +- kind: ServiceAccount + name: {{ include "kiali-server.fullname" . }} + namespace: {{ .Release.Namespace }} +... diff --git a/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/kiali/templates/route.yaml b/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/kiali/templates/route.yaml new file mode 100755 index 00000000000..27940dc96cc --- /dev/null +++ b/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/kiali/templates/route.yaml @@ -0,0 +1,30 @@ +{{- if .Capabilities.APIVersions.Has "route.openshift.io/v1" }} +{{- if .Values.deployment.ingress_enabled }} +# As of OpenShift 4.5, need to use --disable-openapi-validation when installing via Helm +--- +apiVersion: route.openshift.io/v1 +kind: Route +metadata: + name: {{ include "kiali-server.fullname" . }} + namespace: {{ .Release.Namespace }} + labels: + {{- include "kiali-server.labels" . | nindent 4 }} + {{- if hasKey .Values.deployment.override_ingress_yaml.metadata "annotations" }}} + annotations: + {{- toYaml .Values.deployment.override_ingress_yaml.metadata.annotations | nindent 4 }} + {{- end }} +spec: + {{- if hasKey .Values.deployment.override_ingress_yaml "spec" }} + {{- toYaml .Values.deployment.override_ingress_yaml.spec | nindent 2 }} + {{- else }} + tls: + termination: reencrypt + insecureEdgeTerminationPolicy: Redirect + to: + kind: Service + targetPort: {{ .Values.server.port }} + name: {{ include "kiali-server.fullname" . }} + {{- end }} +... +{{- end }} +{{- end }} diff --git a/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/kiali/templates/service.yaml b/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/kiali/templates/service.yaml new file mode 100755 index 00000000000..9ccf4f388f7 --- /dev/null +++ b/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/kiali/templates/service.yaml @@ -0,0 +1,47 @@ +--- +apiVersion: v1 +kind: Service +metadata: + name: {{ include "kiali-server.fullname" . }} + namespace: {{ .Release.Namespace }} + labels: + {{- include "kiali-server.labels" . | nindent 4 }} + annotations: + {{- if .Capabilities.APIVersions.Has "route.openshift.io/v1" }} + service.beta.openshift.io/serving-cert-secret-name: {{ include "kiali-server.fullname" . }}-cert-secret + {{- end }} + kiali.io/api-spec: https://kiali.io/api + kiali.io/api-type: rest + {{- if and (not (empty .Values.server.web_fqdn)) (not (empty .Values.server.web_schema)) }} + {{- if empty .Values.server.web_port }} + kiali.io/external-url: {{ .Values.server.web_schema }}://{{ .Values.server.web_fqdn }}{{ default "" .Values.server.web_root }} + {{- else }} + kiali.io/external-url: {{ .Values.server.web_schema }}://{{ .Values.server.web_fqdn }}:{{ .Values.server.web_port }}{{(default "" .Values.server.web_root) }} + {{- end }} + {{- end }} + {{- if .Values.deployment.service_annotations }} + {{- toYaml .Values.deployment.service_annotations | nindent 4 }} + {{- end }} +spec: + {{- if .Values.deployment.service_type }} + type: {{ .Values.deployment.service_type }} + {{- end }} + ports: + {{- if (include "kiali-server.identity.cert_file" .) }} + - name: tcp + {{- else }} + - name: http + {{- end }} + protocol: TCP + port: {{ .Values.server.port }} + {{- if .Values.server.metrics_enabled }} + - name: http-metrics + protocol: TCP + port: {{ .Values.server.metrics_port }} + {{- end }} + selector: + {{- include "kiali-server.selectorLabels" . | nindent 4 }} + {{- if .Values.deployment.additional_service_yaml }} + {{- toYaml .Values.deployment.additional_service_yaml | nindent 2 }} + {{- end }} +... diff --git a/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/kiali/templates/serviceaccount.yaml b/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/kiali/templates/serviceaccount.yaml new file mode 100755 index 00000000000..9151b6f6a1b --- /dev/null +++ b/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/kiali/templates/serviceaccount.yaml @@ -0,0 +1,9 @@ +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "kiali-server.fullname" . }} + namespace: {{ .Release.Namespace }} + labels: + {{- include "kiali-server.labels" . | nindent 4 }} +... diff --git a/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/kiali/templates/validate-install-crd.yaml b/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/kiali/templates/validate-install-crd.yaml new file mode 100755 index 00000000000..b42eeb2669d --- /dev/null +++ b/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/kiali/templates/validate-install-crd.yaml @@ -0,0 +1,14 @@ +#{{- if gt (len (lookup "rbac.authorization.k8s.io/v1" "ClusterRole" "" "")) 0 -}} +# {{- $found := dict -}} +# {{- set $found "monitoring.kiali.io/v1alpha1/MonitoringDashboard" false -}} +# {{- range .Capabilities.APIVersions -}} +# {{- if hasKey $found (toString .) -}} +# {{- set $found (toString .) true -}} +# {{- end -}} +# {{- end -}} +# {{- range $_, $exists := $found -}} +# {{- if (eq $exists false) -}} +# {{- required "Required CRDs are missing. Please install the corresponding CRD chart before installing this chart." "" -}} +# {{- end -}} +# {{- end -}} +#{{- end -}} \ No newline at end of file diff --git a/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/kiali/templates/web-root-configmap.yaml b/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/kiali/templates/web-root-configmap.yaml new file mode 100755 index 00000000000..970d4e4f5d0 --- /dev/null +++ b/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/kiali/templates/web-root-configmap.yaml @@ -0,0 +1,12 @@ +{{- if .Values.web_root_override }} +apiVersion: v1 +kind: ConfigMap +metadata: + name: kiali-console + namespace: {{ .Release.Namespace }} + labels: + {{- include "kiali-server.labels" . | nindent 4 }} +data: + env.js: | + window.WEB_ROOT='/k8s/clusters/{{ .Values.global.cattle.clusterId }}/api/v1/namespaces/{{ .Release.Namespace }}/services/http:kiali:20001/proxy/kiali'; +{{- end }} diff --git a/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/kiali/values.yaml b/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/kiali/values.yaml new file mode 100755 index 00000000000..aada4e09a9a --- /dev/null +++ b/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/kiali/values.yaml @@ -0,0 +1,93 @@ +nameOverride: "kiali" +fullnameOverride: "kiali" + +# This is required for "openshift" auth strategy. +# You have to know ahead of time what your Route URL will be because +# right now the helm chart can't figure this out at runtime (it would +# need to wait for the Kiali Route to be deployed and for OpenShift +# to start it up). If someone knows how to update this helm chart to +# do this, a PR would be welcome. +kiali_route_url: "" + +# rancher specific override that allows proxy access to kiali url +web_root_override: true + +# +# Settings that mimic the Kiali CR which are placed in the ConfigMap. +# Note that only those values used by the Helm Chart will be here. +# + +istio_namespace: "" # default is where Kiali is installed + +auth: + openid: {} + openshift: {} + strategy: "" + +deployment: + # This only limits what Kiali will attempt to see, but Kiali Service Account has permissions to see everything. + # For more control over what the Kial Service Account can see, use the Kiali Operator + accessible_namespaces: + - "**" + additional_service_yaml: {} + affinity: + node: {} + pod: {} + pod_anti: {} + custom_dashboards: + excludes: [''] + includes: ['*'] + hpa: + api_version: "autoscaling/v2beta2" + spec: {} + repository: rancher/mirrored-kiali-kiali + image_pull_policy: "Always" + image_pull_secrets: [] + tag: v1.32.0 + ingress_enabled: true + logger: + log_format: "text" + log_level: "info" + time_field_format: "2006-01-02T15:04:05Z07:00" + sampler_rate: "1" + node_selector: {} + override_ingress_yaml: + metadata: {} + pod_annotations: {} + pod_labels: {} + priority_class_name: "" + replicas: 1 + resources: {} + secret_name: "kiali" + service_annotations: {} + service_type: "" + tolerations: [] + version_label: v1.32.0 + view_only_mode: false + +external_services: + custom_dashboards: + enabled: true + +identity: {} + #cert_file: + #private_key_file: + +login_token: + signing_key: "" + +server: + port: 20001 + metrics_enabled: true + metrics_port: 9090 + web_root: "" + +# Common settings used among istio subcharts. +global: + # Specify rancher clusterId of external tracing config + # https://github.com/istio/istio.io/issues/4146#issuecomment-493543032 + cattle: + systemDefaultRegistry: "" + clusterId: + rbac: + pspEnabled: false diff --git a/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/tracing/.helmignore b/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/tracing/.helmignore new file mode 100755 index 00000000000..0e8a0eb36f4 --- /dev/null +++ b/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/tracing/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/tracing/Chart.yaml b/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/tracing/Chart.yaml new file mode 100755 index 00000000000..6e368616d7b --- /dev/null +++ b/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/tracing/Chart.yaml @@ -0,0 +1,12 @@ +annotations: + catalog.cattle.io/hidden: "true" + catalog.cattle.io/os: linux + catalog.rancher.io/certified: rancher + catalog.rancher.io/namespace: istio-system + catalog.rancher.io/release-name: rancher-tracing +apiVersion: v1 +appVersion: 1.20.0 +description: A quick start Jaeger Tracing installation using the all-in-one demo. + This is not production qualified. Refer to https://www.jaegertracing.io/ for details. +name: tracing +version: 1.20.1 diff --git a/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/tracing/README.md b/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/tracing/README.md new file mode 100755 index 00000000000..25534c6288c --- /dev/null +++ b/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/tracing/README.md @@ -0,0 +1,5 @@ +# Jaeger + +A Rancher chart based on the Jaeger all-in-one quick installation option. This chart will allow you to trace and monitor distributed microservices. + +> **Note:** The basic all-in-one Jaeger installation which is not qualified for production. Use the [Jaeger Tracing](https://www.jaegertracing.io) documentation to determine which installation you will need for your production needs. diff --git a/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/tracing/templates/_affinity.tpl b/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/tracing/templates/_affinity.tpl new file mode 100755 index 00000000000..bf6a9aee5c5 --- /dev/null +++ b/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/tracing/templates/_affinity.tpl @@ -0,0 +1,92 @@ +{{/* affinity - https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ */}} +{{- define "nodeAffinity" }} + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + {{- include "nodeAffinityRequiredDuringScheduling" . }} + preferredDuringSchedulingIgnoredDuringExecution: + {{- include "nodeAffinityPreferredDuringScheduling" . }} +{{- end }} + +{{- define "nodeAffinityRequiredDuringScheduling" }} + nodeSelectorTerms: + - matchExpressions: + - key: beta.kubernetes.io/arch + operator: In + values: + {{- range $key, $val := .Values.global.arch }} + {{- if gt ($val | int) 0 }} + - {{ $key | quote }} + {{- end }} + {{- end }} + {{- $nodeSelector := default .Values.global.defaultNodeSelector .Values.nodeSelector -}} + {{- range $key, $val := $nodeSelector }} + - key: {{ $key }} + operator: In + values: + - {{ $val | quote }} + {{- end }} +{{- end }} + +{{- define "nodeAffinityPreferredDuringScheduling" }} + {{- range $key, $val := .Values.global.arch }} + {{- if gt ($val | int) 0 }} + - weight: {{ $val | int }} + preference: + matchExpressions: + - key: beta.kubernetes.io/arch + operator: In + values: + - {{ $key | quote }} + {{- end }} + {{- end }} +{{- end }} + +{{- define "podAntiAffinity" }} +{{- if or .Values.podAntiAffinityLabelSelector .Values.podAntiAffinityTermLabelSelector}} + podAntiAffinity: + {{- if .Values.podAntiAffinityLabelSelector }} + requiredDuringSchedulingIgnoredDuringExecution: + {{- include "podAntiAffinityRequiredDuringScheduling" . }} + {{- end }} + {{- if or .Values.podAntiAffinityTermLabelSelector}} + preferredDuringSchedulingIgnoredDuringExecution: + {{- include "podAntiAffinityPreferredDuringScheduling" . }} + {{- end }} +{{- end }} +{{- end }} + +{{- define "podAntiAffinityRequiredDuringScheduling" }} + {{- range $index, $item := .Values.podAntiAffinityLabelSelector }} + - labelSelector: + matchExpressions: + - key: {{ $item.key }} + operator: {{ $item.operator }} + {{- if $item.values }} + values: + {{- $vals := split "," $item.values }} + {{- range $i, $v := $vals }} + - {{ $v | quote }} + {{- end }} + {{- end }} + topologyKey: {{ $item.topologyKey }} + {{- end }} +{{- end }} + +{{- define "podAntiAffinityPreferredDuringScheduling" }} + {{- range $index, $item := .Values.podAntiAffinityTermLabelSelector }} + - podAffinityTerm: + labelSelector: + matchExpressions: + - key: {{ $item.key }} + operator: {{ $item.operator }} + {{- if $item.values }} + values: + {{- $vals := split "," $item.values }} + {{- range $i, $v := $vals }} + - {{ $v | quote }} + {{- end }} + {{- end }} + topologyKey: {{ $item.topologyKey }} + weight: 100 + {{- end }} +{{- end }} diff --git a/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/tracing/templates/_helpers.tpl b/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/tracing/templates/_helpers.tpl new file mode 100755 index 00000000000..56cfa733533 --- /dev/null +++ b/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/tracing/templates/_helpers.tpl @@ -0,0 +1,32 @@ +{{- define "system_default_registry" -}} +{{- if .Values.global.cattle.systemDefaultRegistry -}} +{{- printf "%s/" .Values.global.cattle.systemDefaultRegistry -}} +{{- else -}} +{{- "" -}} +{{- end -}} +{{- end -}} + +{{/* +Expand the name of the chart. +*/}} +{{- define "tracing.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "tracing.fullname" -}} +{{- if .Values.fullnameOverride -}} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- $name := default .Chart.Name .Values.nameOverride -}} +{{- if contains $name .Release.Name -}} +{{- .Release.Name | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} +{{- end -}} +{{- end -}} +{{- end -}} diff --git a/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/tracing/templates/deployment.yaml b/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/tracing/templates/deployment.yaml new file mode 100755 index 00000000000..25bb67fd3d4 --- /dev/null +++ b/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/tracing/templates/deployment.yaml @@ -0,0 +1,86 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "tracing.fullname" . }} + namespace: {{ .Release.Namespace }} + labels: + app: {{ .Values.provider }} + heritage: {{ .Release.Service }} + release: {{ .Release.Name }} +spec: + selector: + matchLabels: + app: {{ .Values.provider }} + template: + metadata: + labels: + app: {{ .Values.provider }} + heritage: {{ .Release.Service }} + release: {{ .Release.Name }} + annotations: + sidecar.istio.io/inject: "false" + prometheus.io/scrape: "true" + prometheus.io/port: "14269" +{{- if .Values.jaeger.podAnnotations }} +{{ toYaml .Values.jaeger.podAnnotations | indent 8 }} +{{- end }} + spec: + containers: + - name: jaeger + image: "{{ template "system_default_registry" . }}{{ .Values.jaeger.repository }}:{{ .Values.jaeger.tag }}" + imagePullPolicy: {{ .Values.global.imagePullPolicy }} + env: + {{- if eq .Values.jaeger.spanStorageType "badger" }} + - name: BADGER_EPHEMERAL + value: "false" + - name: SPAN_STORAGE_TYPE + value: "badger" + - name: BADGER_DIRECTORY_VALUE + value: "/badger/data" + - name: BADGER_DIRECTORY_KEY + value: "/badger/key" + {{- end }} + - name: COLLECTOR_ZIPKIN_HTTP_PORT + value: "9411" + - name: MEMORY_MAX_TRACES + value: "{{ .Values.jaeger.memory.max_traces }}" + - name: QUERY_BASE_PATH + value: {{ if .Values.contextPath }} {{ .Values.contextPath }} {{ else }} /{{ .Values.provider }} {{ end }} + livenessProbe: + httpGet: + path: / + port: 14269 + readinessProbe: + httpGet: + path: / + port: 14269 +{{- if eq .Values.jaeger.spanStorageType "badger" }} + volumeMounts: + - name: data + mountPath: /badger +{{- end }} + resources: +{{- if .Values.jaeger.resources }} +{{ toYaml .Values.jaeger.resources | indent 12 }} +{{- else }} +{{ toYaml .Values.global.defaultResources | indent 12 }} +{{- end }} + affinity: + {{- include "nodeAffinity" . | indent 6 }} + {{- include "podAntiAffinity" . | indent 6 }} + {{- if .Values.global.rbac.pspEnabled }} + securityContext: + runAsNonRoot: true + runAsUser: 1000 + serviceAccountName: {{ include "tracing.fullname" . }} + {{- end }} +{{- if eq .Values.jaeger.spanStorageType "badger" }} + volumes: + - name: data +{{- if .Values.jaeger.persistentVolumeClaim.enabled }} + persistentVolumeClaim: + claimName: istio-jaeger-pvc +{{- else }} + emptyDir: {} +{{- end }} +{{- end }} diff --git a/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/tracing/templates/psp.yaml b/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/tracing/templates/psp.yaml new file mode 100755 index 00000000000..44b230492b6 --- /dev/null +++ b/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/tracing/templates/psp.yaml @@ -0,0 +1,86 @@ +{{- if .Values.global.rbac.pspEnabled }} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "tracing.fullname" . }} + namespace: {{ .Release.Namespace }} + labels: + app: {{ .Values.provider }} + heritage: {{ .Release.Service }} + release: {{ .Release.Name }} +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: {{ include "tracing.fullname" . }} + namespace: {{ .Release.Namespace }} + labels: + app: {{ .Values.provider }} + heritage: {{ .Release.Service }} + release: {{ .Release.Name }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: {{ include "tracing.fullname" . }} +subjects: + - kind: ServiceAccount + name: {{ include "tracing.fullname" . }} +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: {{ include "tracing.fullname" . }} + namespace: {{ .Release.Namespace }} + labels: + app: {{ .Values.provider }} + heritage: {{ .Release.Service }} + release: {{ .Release.Name }} +rules: +- apiGroups: + - policy + resourceNames: + - {{ include "tracing.fullname" . }} + resources: + - podsecuritypolicies + verbs: + - use +--- +apiVersion: policy/v1beta1 +kind: PodSecurityPolicy +metadata: + name: {{ include "tracing.fullname" . }} + namespace: {{ .Release.Namespace }} + labels: + app: {{ .Values.provider }} + heritage: {{ .Release.Service }} + release: {{ .Release.Name }} +spec: + allowPrivilegeEscalation: false + forbiddenSysctls: + - '*' + fsGroup: + ranges: + - max: 65535 + min: 1 + rule: MustRunAs + requiredDropCapabilities: + - ALL + runAsUser: + rule: MustRunAsNonRoot + runAsGroup: + rule: MustRunAs + ranges: + - min: 1 + max: 65535 + seLinux: + rule: RunAsAny + supplementalGroups: + ranges: + - max: 65535 + min: 1 + rule: MustRunAs + volumes: + - emptyDir + - secret + - persistentVolumeClaim +{{- end }} \ No newline at end of file diff --git a/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/tracing/templates/pvc.yaml b/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/tracing/templates/pvc.yaml new file mode 100755 index 00000000000..9b4c55e4fb3 --- /dev/null +++ b/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/tracing/templates/pvc.yaml @@ -0,0 +1,16 @@ +{{- if .Values.jaeger.persistentVolumeClaim.enabled }} +kind: PersistentVolumeClaim +apiVersion: v1 +metadata: + name: istio-jaeger-pvc + namespace: {{ .Release.Namespace }} + labels: + app: {{ .Values.provider }} +spec: + storageClassName: {{ .Values.jaeger.storageClassName }} + accessModes: + - {{ .Values.jaeger.accessMode }} + resources: + requests: + storage: {{.Values.jaeger.persistentVolumeClaim.storage }} +{{- end }} diff --git a/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/tracing/templates/service.yaml b/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/tracing/templates/service.yaml new file mode 100755 index 00000000000..4210a9b5fc4 --- /dev/null +++ b/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/tracing/templates/service.yaml @@ -0,0 +1,63 @@ +apiVersion: v1 +kind: Service +metadata: + name: tracing + namespace: {{ .Release.Namespace }} + annotations: + {{- range $key, $val := .Values.service.annotations }} + {{ $key }}: {{ $val | quote }} + {{- end }} + labels: + app: {{ .Values.provider }} + heritage: {{ .Release.Service }} + release: {{ .Release.Name }} +spec: + type: {{ .Values.service.type }} + ports: + - name: {{ .Values.service.name }} + port: {{ .Values.service.externalPort }} + protocol: TCP + targetPort: 16686 + selector: + app: {{ .Values.provider }} +--- +# Jaeger implements the Zipkin API. To support swapping out the tracing backend, we use a Service named Zipkin. +apiVersion: v1 +kind: Service +metadata: + name: zipkin + namespace: {{ .Release.Namespace }} + labels: + name: zipkin + heritage: {{ .Release.Service }} + release: {{ .Release.Name }} +spec: + ports: + - name: {{ .Values.service.name }} + port: {{ .Values.zipkin.queryPort }} + targetPort: {{ .Values.zipkin.queryPort }} + selector: + app: {{ .Values.provider }} +--- +apiVersion: v1 +kind: Service +metadata: + name: jaeger-collector + namespace: {{ .Release.Namespace }} + labels: + app: {{ .Values.provider }} + heritage: {{ .Release.Service }} + release: {{ .Release.Name }} +spec: + type: ClusterIP + ports: + - name: jaeger-collector-http + port: 14268 + targetPort: 14268 + protocol: TCP + - name: jaeger-collector-grpc + port: 14250 + targetPort: 14250 + protocol: TCP + selector: + app: {{ .Values.provider }} diff --git a/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/tracing/values.yaml b/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/tracing/values.yaml new file mode 100755 index 00000000000..18ff81c3c8c --- /dev/null +++ b/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/charts/tracing/values.yaml @@ -0,0 +1,44 @@ +provider: jaeger +contextPath: "" +nodeSelector: {} +podAntiAffinityLabelSelector: [] +podAntiAffinityTermLabelSelector: [] +nameOverride: "" +fullnameOverride: "" + +global: + cattle: + systemDefaultRegistry: "" + defaultResources: {} + imagePullPolicy: IfNotPresent + imagePullSecrets: [] + arch: + amd64: 2 + s390x: 2 + ppc64le: 2 + defaultNodeSelector: {} + rbac: + pspEnabled: false + +jaeger: + repository: rancher/mirrored-jaegertracing-all-in-one + tag: 1.20.0 + # spanStorageType value can be "memory" and "badger" for all-in-one image + spanStorageType: badger + resources: + requests: + cpu: 10m + persistentVolumeClaim: + enabled: false + storage: 5Gi + storageClassName: "" + accessMode: ReadWriteMany + memory: + max_traces: 50000 +zipkin: + queryPort: 9411 +service: + annotations: {} + name: http-query + type: ClusterIP + externalPort: 16686 diff --git a/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/configs/istio-base.yaml b/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/configs/istio-base.yaml new file mode 100755 index 00000000000..7ff972e2d74 --- /dev/null +++ b/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/configs/istio-base.yaml @@ -0,0 +1,89 @@ +apiVersion: install.istio.io/v1alpha1 +kind: IstioOperator +spec: + addonComponents: + istiocoredns: + enabled: {{ .Values.istiocoredns.enabled }} + components: + base: + enabled: {{ .Values.base.enabled }} + cni: + enabled: {{ .Values.cni.enabled }} + egressGateways: + - enabled: {{ .Values.egressGateways.enabled }} + name: istio-egressgateway + ingressGateways: + - enabled: {{ .Values.ingressGateways.enabled }} + name: istio-ingressgateway + k8s: + service: + ports: + - name: status-port + port: 15021 + targetPort: 15021 + - name: http2 + port: 80 + targetPort: 8080 + nodePort: 31380 + - name: https + port: 443 + targetPort: 8443 + nodePort: 31390 + - name: tcp + port: 31400 + targetPort: 31400 + nodePort: 31400 + - name: tls + port: 15443 + targetPort: 15443 + istiodRemote: + enabled: {{ .Values.istiodRemote.enabled }} + pilot: + enabled: {{ .Values.pilot.enabled }} + hub: {{ .Values.systemDefaultRegistry | default "docker.io" }} + profile: default + tag: {{ .Values.tag }} + revision: {{ .Values.revision }} + meshConfig: + defaultConfig: + proxyMetadata: + {{- if .Values.dns.enabled }} + ISTIO_META_DNS_CAPTURE: "true" + {{- end }} + values: + gateways: + istio-egressgateway: + name: istio-egressgateway + type: {{ .Values.egressGateways.type }} + istio-ingressgateway: + name: istio-ingressgateway + type: {{ .Values.ingressGateways.type }} + global: + istioNamespace: {{ template "istio.namespace" . }} + proxy: + image: {{ template "system_default_registry" . }}{{ .Values.global.proxy.repository }}:{{ .Values.global.proxy.tag }} + proxy_init: + image: {{ template "system_default_registry" . }}{{ .Values.global.proxy_init.repository }}:{{ .Values.global.proxy_init.tag }} + {{- if .Values.global.defaultPodDisruptionBudget.enabled }} + defaultPodDisruptionBudget: + enabled: {{ .Values.global.defaultPodDisruptionBudget.enabled }} + {{- end }} + istiocoredns: + coreDNSImage: {{ template "system_default_registry" . }}{{ .Values.istiocoredns.image.repository }} + coreDNSPluginImage: {{ template "system_default_registry" . }}{{ .Values.istiocoredns.pluginImage.repository }}:{{ .Values.istiocoredns.pluginImage.tag }} + coreDNSTag: {{ .Values.istiocoredns.image.tag }} + {{- if .Values.pilot.enabled }} + pilot: + image: {{ template "system_default_registry" . }}{{ .Values.pilot.repository }}:{{ .Values.pilot.tag }} + {{- end }} + telemetry: + enabled: {{ .Values.telemetry.enabled }} + v2: + enabled: {{ .Values.telemetry.v2.enabled }} + {{- if .Values.cni.enabled }} + cni: + image: {{ template "system_default_registry" . }}{{ .Values.cni.repository }}:{{ .Values.cni.tag }} + excludeNamespaces: + {{- toYaml .Values.cni.excludeNamespaces | nindent 8 }} + logLevel: {{ .Values.cni.logLevel }} + {{- end }} diff --git a/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/requirements.yaml b/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/requirements.yaml new file mode 100755 index 00000000000..b607457802d --- /dev/null +++ b/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/requirements.yaml @@ -0,0 +1,17 @@ +dependencies: +- name: kiali + version: "" + repository: file://./charts/kiali + condition: kiali.enabled + tags: [] + enabled: false + importvalues: [] + alias: "" +- name: tracing + version: "" + repository: file://./charts/tracing + condition: tracing.enabled + tags: [] + enabled: false + importvalues: [] + alias: "" diff --git a/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/samples/overlay-example.yaml b/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/samples/overlay-example.yaml new file mode 100755 index 00000000000..5cf3cf3b0b6 --- /dev/null +++ b/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/samples/overlay-example.yaml @@ -0,0 +1,37 @@ +apiVersion: install.istio.io/v1alpha1 +kind: IstioOperator +spec: + components: + ingressGateways: + - enabled: true + name: ilb-gateway + namespace: user-ingressgateway-ns + k8s: + resources: + requests: + cpu: 200m + service: + ports: + - name: tcp-citadel-grpc-tls + port: 8060 + targetPort: 8060 + - name: tcp-dns + port: 5353 + serviceAnnotations: + cloud.google.com/load-balancer-type: internal + - enabled: true + name: other-gateway + namespace: cattle-istio-system + k8s: + resources: + requests: + cpu: 200m + service: + ports: + - name: tcp-citadel-grpc-tls + port: 8060 + targetPort: 8060 + - name: tcp-dns + port: 5353 + serviceAnnotations: + cloud.google.com/load-balancer-type: internal diff --git a/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/templates/_helpers.tpl b/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/templates/_helpers.tpl new file mode 100755 index 00000000000..3f7af953a8d --- /dev/null +++ b/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/templates/_helpers.tpl @@ -0,0 +1,12 @@ +{{/* Ensure namespace is set the same everywhere */}} +{{- define "istio.namespace" -}} + {{- .Release.Namespace | default "istio-system" -}} +{{- end -}} + +{{- define "system_default_registry" -}} +{{- if .Values.global.cattle.systemDefaultRegistry -}} +{{- printf "%s/" .Values.global.cattle.systemDefaultRegistry -}} +{{- else -}} +{{- "" -}} +{{- end -}} +{{- end -}} diff --git a/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/templates/admin-role.yaml b/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/templates/admin-role.yaml new file mode 100755 index 00000000000..ad1313c4f1a --- /dev/null +++ b/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/templates/admin-role.yaml @@ -0,0 +1,43 @@ +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + labels: + rbac.authorization.k8s.io/aggregate-to-admin: "true" + name: istio-admin + namespace: {{ template "istio.namespace" . }} +rules: + - apiGroups: + - config.istio.io + resources: + - adapters + - attributemanifests + - handlers + - httpapispecbindings + - httpapispecs + - instances + - quotaspecbindings + - quotaspecs + - rules + - templates + verbs: ["get", "watch", "list"] + - apiGroups: + - networking.istio.io + resources: + - destinationrules + - envoyfilters + - gateways + - serviceentries + - sidecars + - virtualservices + - workloadentries + verbs: + - '*' + - apiGroups: + - security.istio.io + resources: + - authorizationpolicies + - peerauthentications + - requestauthentications + verbs: + - '*' diff --git a/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/templates/base-config-map.yaml b/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/templates/base-config-map.yaml new file mode 100755 index 00000000000..5323917bc3d --- /dev/null +++ b/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/templates/base-config-map.yaml @@ -0,0 +1,7 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: istio-installer-base + namespace: {{ template "istio.namespace" . }} +data: +{{ tpl (.Files.Glob "configs/*").AsConfig . | indent 2 }} diff --git a/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/templates/clusterrole.yaml b/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/templates/clusterrole.yaml new file mode 100755 index 00000000000..a93b3df95d0 --- /dev/null +++ b/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/templates/clusterrole.yaml @@ -0,0 +1,120 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: istio-installer +rules: +# istio groups +- apiGroups: + - authentication.istio.io + resources: + - '*' + verbs: + - '*' +- apiGroups: + - config.istio.io + resources: + - '*' + verbs: + - '*' +- apiGroups: + - install.istio.io + resources: + - '*' + verbs: + - '*' +- apiGroups: + - networking.istio.io + resources: + - '*' + verbs: + - '*' +- apiGroups: + - rbac.istio.io + resources: + - '*' + verbs: + - '*' +- apiGroups: + - security.istio.io + resources: + - '*' + verbs: + - '*' +# k8s groups +- apiGroups: + - admissionregistration.k8s.io + resources: + - mutatingwebhookconfigurations + - validatingwebhookconfigurations + verbs: + - '*' +- apiGroups: + - apiextensions.k8s.io + resources: + - customresourcedefinitions.apiextensions.k8s.io + - customresourcedefinitions + verbs: + - '*' +- apiGroups: + - apps + - extensions + resources: + - daemonsets + - deployments + - deployments/finalizers + - ingresses + - replicasets + - statefulsets + verbs: + - '*' +- apiGroups: + - autoscaling + resources: + - horizontalpodautoscalers + verbs: + - '*' +- apiGroups: + - monitoring.coreos.com + resources: + - servicemonitors + verbs: + - get + - create +- apiGroups: + - policy + resources: + - poddisruptionbudgets + verbs: + - '*' +- apiGroups: + - rbac.authorization.k8s.io + resources: + - clusterrolebindings + - clusterroles + - roles + - rolebindings + verbs: + - '*' +- apiGroups: + - "" + resources: + - configmaps + - endpoints + - events + - namespaces + - pods + - pods/exec + - persistentvolumeclaims + - secrets + - services + - serviceaccounts + verbs: + - '*' +- apiGroups: + - policy + resourceNames: + - istio-installer + resources: + - podsecuritypolicies + verbs: + - use diff --git a/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/templates/clusterrolebinding.yaml b/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/templates/clusterrolebinding.yaml new file mode 100755 index 00000000000..9d74a043451 --- /dev/null +++ b/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/templates/clusterrolebinding.yaml @@ -0,0 +1,12 @@ +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: istio-installer +subjects: +- kind: ServiceAccount + name: istio-installer + namespace: {{ template "istio.namespace" . }} +roleRef: + kind: ClusterRole + name: istio-installer + apiGroup: rbac.authorization.k8s.io diff --git a/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/templates/edit-role.yaml b/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/templates/edit-role.yaml new file mode 100755 index 00000000000..d1059d58d7d --- /dev/null +++ b/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/templates/edit-role.yaml @@ -0,0 +1,43 @@ +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + labels: + rbac.authorization.k8s.io/aggregate-to-edit: "true" + namespace: {{ template "istio.namespace" . }} + name: istio-edit +rules: + - apiGroups: + - config.istio.io + resources: + - adapters + - attributemanifests + - handlers + - httpapispecbindings + - httpapispecs + - instances + - quotaspecbindings + - quotaspecs + - rules + - templates + verbs: ["get", "watch", "list"] + - apiGroups: + - networking.istio.io + resources: + - destinationrules + - envoyfilters + - gateways + - serviceentries + - sidecars + - virtualservices + - workloadentries + verbs: + - '*' + - apiGroups: + - security.istio.io + resources: + - authorizationpolicies + - peerauthentications + - requestauthentications + verbs: + - '*' diff --git a/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/templates/istio-cni-psp.yaml b/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/templates/istio-cni-psp.yaml new file mode 100755 index 00000000000..5b94c8503fb --- /dev/null +++ b/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/templates/istio-cni-psp.yaml @@ -0,0 +1,51 @@ +{{- if .Values.global.rbac.pspEnabled }} +apiVersion: policy/v1beta1 +kind: PodSecurityPolicy +metadata: + name: psp-istio-cni + namespace: {{ template "istio.namespace" . }} +spec: + allowPrivilegeEscalation: true + fsGroup: + rule: RunAsAny + hostNetwork: true + runAsUser: + rule: RunAsAny + seLinux: + rule: RunAsAny + supplementalGroups: + rule: RunAsAny + volumes: + - secret + - configMap + - emptyDir + - hostPath +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: psp-istio-cni + namespace: {{ template "istio.namespace" . }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: psp-istio-cni +subjects: + - kind: ServiceAccount + name: istio-cni +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: psp-istio-cni + namespace: {{ template "istio.namespace" . }} +rules: +- apiGroups: + - policy + resourceNames: + - psp-istio-cni + resources: + - podsecuritypolicies + verbs: + - use +{{- end }} \ No newline at end of file diff --git a/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/templates/istio-install-job.yaml b/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/templates/istio-install-job.yaml new file mode 100755 index 00000000000..9a13f5698f3 --- /dev/null +++ b/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/templates/istio-install-job.yaml @@ -0,0 +1,50 @@ +apiVersion: batch/v1 +kind: Job +metadata: + name: istioctl-installer + namespace: {{ template "istio.namespace" . }} + annotations: + "helm.sh/hook": post-install,post-upgrade + "helm.sh/hook-weight": "-5" + "helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded +spec: + backoffLimit: 1 + template: + spec: + containers: + - name: istioctl-installer + image: {{ template "system_default_registry" . }}{{ .Values.installer.repository }}:{{ .Values.installer.tag }} + env: + - name: RELEASE_NAME + value: {{ .Release.Name }} + - name: ISTIO_NAMESPACE + value: {{ template "istio.namespace" . }} + - name: FORCE_INSTALL + value: {{ .Values.forceInstall | default "false" | quote }} + command: ["/bin/sh","-c"] + args: ["/usr/local/app/scripts/run.sh"] + volumeMounts: + - name: config-volume + mountPath: /app/istio-base.yaml + subPath: istio-base.yaml + {{- if .Values.overlayFile }} + - name: overlay-volume + mountPath: /app/overlay-config.yaml + subPath: overlay-config.yaml + {{- end }} + volumes: + - name: config-volume + configMap: + name: istio-installer-base + {{- if .Values.overlayFile }} + - name: overlay-volume + configMap: + name: istio-installer-overlay + {{- end }} + serviceAccountName: istio-installer + {{- if .Values.global.rbac.pspEnabled }} + securityContext: + runAsUser: 101 + runAsGroup: 101 + {{- end }} + restartPolicy: Never diff --git a/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/templates/istio-install-psp.yaml b/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/templates/istio-install-psp.yaml new file mode 100755 index 00000000000..f0b5ee565fe --- /dev/null +++ b/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/templates/istio-install-psp.yaml @@ -0,0 +1,30 @@ +{{- if .Values.global.rbac.pspEnabled }} +apiVersion: policy/v1beta1 +kind: PodSecurityPolicy +metadata: + name: istio-installer + namespace: {{ template "istio.namespace" . }} +spec: + privileged: false + hostNetwork: false + hostIPC: false + hostPID: false + runAsUser: + rule: 'MustRunAsNonRoot' + seLinux: + rule: 'RunAsAny' + supplementalGroups: + rule: 'MustRunAs' + ranges: + - min: 1 + max: 65535 + fsGroup: + rule: 'MustRunAs' + ranges: + - min: 1 + max: 65535 + readOnlyRootFilesystem: false + volumes: + - 'configMap' + - 'secret' +{{- end }} \ No newline at end of file diff --git a/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/templates/istio-psp.yaml b/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/templates/istio-psp.yaml new file mode 100755 index 00000000000..b3758b74f1c --- /dev/null +++ b/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/templates/istio-psp.yaml @@ -0,0 +1,81 @@ +{{- if .Values.global.rbac.pspEnabled }} +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: istio-psp + namespace: {{ template "istio.namespace" . }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: istio-psp +subjects: + - kind: ServiceAccount + name: istio-egressgateway-service-account + - kind: ServiceAccount + name: istio-ingressgateway-service-account + - kind: ServiceAccount + name: istio-mixer-service-account + - kind: ServiceAccount + name: istio-operator-authproxy + - kind: ServiceAccount + name: istiod-service-account + - kind: ServiceAccount + name: istio-sidecar-injector-service-account + - kind: ServiceAccount + name: istiocoredns-service-account + - kind: ServiceAccount + name: default +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: istio-psp + namespace: {{ template "istio.namespace" . }} +rules: +- apiGroups: + - policy + resourceNames: + - istio-psp + resources: + - podsecuritypolicies + verbs: + - use +--- +apiVersion: policy/v1beta1 +kind: PodSecurityPolicy +metadata: + name: istio-psp + namespace: {{ template "istio.namespace" . }} +spec: + allowPrivilegeEscalation: false + forbiddenSysctls: + - '*' + fsGroup: + ranges: + - max: 65535 + min: 1 + rule: MustRunAs + requiredDropCapabilities: + - ALL + runAsUser: + rule: MustRunAsNonRoot + runAsGroup: + rule: MustRunAs + ranges: + - min: 1 + max: 65535 + seLinux: + rule: RunAsAny + supplementalGroups: + ranges: + - max: 65535 + min: 1 + rule: MustRunAs + volumes: + - configMap + - emptyDir + - projected + - secret + - downwardAPI + - persistentVolumeClaim +{{- end }} \ No newline at end of file diff --git a/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/templates/istio-uninstall-job.yaml b/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/templates/istio-uninstall-job.yaml new file mode 100755 index 00000000000..a7f15632579 --- /dev/null +++ b/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/templates/istio-uninstall-job.yaml @@ -0,0 +1,45 @@ +apiVersion: batch/v1 +kind: Job +metadata: + name: istioctl-uninstaller + namespace: {{ template "istio.namespace" . }} + annotations: + "helm.sh/hook": pre-delete + "helm.sh/hook-weight": "-5" + "helm.sh/hook-delete-policy": hook-succeeded +spec: + template: + spec: + containers: + - name: istioctl-uninstaller + image: {{ template "system_default_registry" . }}{{ .Values.installer.repository }}:{{ .Values.installer.tag }} + env: + - name: RELEASE_NAME + value: {{ .Release.Name }} + - name: ISTIO_NAMESPACE + value: {{ template "istio.namespace" . }} + command: ["/bin/sh","-c"] + args: ["/usr/local/app/scripts/uninstall_istio_system.sh"] + volumeMounts: + - name: config-volume + mountPath: /app/istio-base.yaml + subPath: istio-base.yaml + {{- if .Values.overlayFile }} + - name: overlay-volume + mountPath: /app/overlay-config.yaml + subPath: overlay-config.yaml + {{ end }} + volumes: + - name: config-volume + configMap: + name: istio-installer-base + {{- if .Values.overlayFile }} + - name: overlay-volume + configMap: + name: istio-installer-overlay + {{ end }} + serviceAccountName: istio-installer + securityContext: + runAsUser: 101 + runAsGroup: 101 + restartPolicy: OnFailure diff --git a/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/templates/overlay-config-map.yaml b/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/templates/overlay-config-map.yaml new file mode 100755 index 00000000000..287d26b2c32 --- /dev/null +++ b/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/templates/overlay-config-map.yaml @@ -0,0 +1,9 @@ +{{- if .Values.overlayFile }} +apiVersion: v1 +kind: ConfigMap +metadata: + name: istio-installer-overlay + namespace: {{ template "istio.namespace" . }} +data: + overlay-config.yaml: {{ toYaml .Values.overlayFile | indent 2 }} +{{- end }} diff --git a/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/templates/service-monitors.yaml b/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/templates/service-monitors.yaml new file mode 100755 index 00000000000..c3d60c4fce9 --- /dev/null +++ b/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/templates/service-monitors.yaml @@ -0,0 +1,51 @@ +{{- if .Values.kiali.enabled }} +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + name: envoy-stats-monitor + namespace: {{ template "istio.namespace" . }} + labels: + monitoring: istio-proxies +spec: + selector: + matchExpressions: + - {key: istio-prometheus-ignore, operator: DoesNotExist} + namespaceSelector: + any: true + jobLabel: envoy-stats + endpoints: + - path: /stats/prometheus + targetPort: 15090 + interval: 15s + relabelings: + - sourceLabels: [__meta_kubernetes_pod_container_port_name] + action: keep + regex: '.*-envoy-prom' + - action: labeldrop + regex: "__meta_kubernetes_pod_label_(.+)" + - sourceLabels: [__meta_kubernetes_namespace] + action: replace + targetLabel: namespace + - sourceLabels: [__meta_kubernetes_pod_name] + action: replace + targetLabel: pod_name +--- +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + name: istio-component-monitor + namespace: {{ template "istio.namespace" . }} + labels: + monitoring: istio-components +spec: + jobLabel: istio + targetLabels: [app] + selector: + matchExpressions: + - {key: istio, operator: In, values: [pilot]} + namespaceSelector: + any: true + endpoints: + - port: http-monitoring + interval: 15s +{{- end -}} diff --git a/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/templates/serviceaccount.yaml b/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/templates/serviceaccount.yaml new file mode 100755 index 00000000000..82b6cbb7e62 --- /dev/null +++ b/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/templates/serviceaccount.yaml @@ -0,0 +1,5 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + name: istio-installer + namespace: {{ template "istio.namespace" . }} diff --git a/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/templates/view-role.yaml b/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/templates/view-role.yaml new file mode 100755 index 00000000000..5947d3eba97 --- /dev/null +++ b/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/templates/view-role.yaml @@ -0,0 +1,41 @@ +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + labels: + rbac.authorization.k8s.io/aggregate-to-view: "true" + namespace: {{ template "istio.namespace" . }} + name: istio-view +rules: + - apiGroups: + - config.istio.io + resources: + - adapters + - attributemanifests + - handlers + - httpapispecbindings + - httpapispecs + - instances + - quotaspecbindings + - quotaspecs + - rules + - templates + verbs: ["get", "watch", "list"] + - apiGroups: + - networking.istio.io + resources: + - destinationrules + - envoyfilters + - gateways + - serviceentries + - sidecars + - virtualservices + - workloadentries + verbs: ["get", "watch", "list"] + - apiGroups: + - security.istio.io + resources: + - authorizationpolicies + - peerauthentications + - requestauthentications + verbs: ["get", "watch", "list"] diff --git a/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/values.yaml b/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/values.yaml new file mode 100755 index 00000000000..8b97b704569 --- /dev/null +++ b/charts/rancher-istio-1.8/rancher-istio/1.8.500-rc03/values.yaml @@ -0,0 +1,95 @@ +overlayFile: "" +tag: 1.8.5 +##Setting forceInstall: true will remove the check for istio version < 1.6.x and will not analyze your install cluster prior to install +forceInstall: false + +installer: + repository: rancher/istio-installer + tag: 1.8.5-rancher1 + +##Deprecated as of 1.8 and unsupported in 1.9, native support provided by enabling `dns.enabled=true` +istiocoredns: + enabled: false + image: + repository: rancher/mirrored-coredns-coredns + tag: 1.6.2 + pluginImage: + repository: rancher/mirrored-istio-coredns-plugin + tag: 0.2-istio-1.1 + +##Native support for dns added in 1.8 +dns: + enabled: false + +base: + enabled: true + +cni: + enabled: false + repository: rancher/mirrored-istio-install-cni + tag: 1.8.5 + logLevel: info + excludeNamespaces: + - istio-system + - kube-system + +egressGateways: + enabled: false + type: NodePort + +ingressGateways: + enabled: true + type: NodePort + +istiodRemote: + enabled: false + +pilot: + enabled: true + repository: rancher/mirrored-istio-pilot + tag: 1.8.5 + +telemetry: + enabled: true + v2: + enabled: true + +global: + cattle: + systemDefaultRegistry: "" + proxy: + repository: rancher/mirrored-istio-proxyv2 + tag: 1.8.5 + proxy_init: + repository: rancher/mirrored-istio-proxyv2 + tag: 1.8.5 + defaultPodDisruptionBudget: + enabled: true + rbac: + pspEnabled: false + +# Kiali subchart from rancher-kiali-server +kiali: + enabled: true + auth: + strategy: anonymous + deployment: + ingress_enabled: false + repository: rancher/mirrored-kiali-kiali + tag: v1.32.0 + external_services: + prometheus: + custom_metrics_url: "http://rancher-monitoring-prometheus.cattle-monitoring-system.svc:9090" + url: "http://rancher-monitoring-prometheus.cattle-monitoring-system.svc:9090" + tracing: + in_cluster_url: "http://tracing.istio-system.svc:16686/jaeger" + grafana: + in_cluster_url: "http://rancher-monitoring-grafana.cattle-monitoring-system.svc:80" + url: "http://rancher-monitoring-grafana.cattle-monitoring-system.svc:80" + +tracing: + enabled: false + contextPath: "/jaeger" + jaeger: + repository: rancher/mirrored-jaegertracing-all-in-one + tag: 1.20.0 diff --git a/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/Chart.yaml b/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/Chart.yaml new file mode 100755 index 00000000000..3ae0e168658 --- /dev/null +++ b/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/Chart.yaml @@ -0,0 +1,21 @@ +annotations: + catalog.cattle.io/auto-install: rancher-kiali-server-crd=1.32.100-rc01 + catalog.cattle.io/certified: rancher + catalog.cattle.io/display-name: Istio + catalog.cattle.io/namespace: istio-system + catalog.cattle.io/os: linux + catalog.cattle.io/provides-gvr: networking.istio.io.virtualservice/v1beta1 + catalog.cattle.io/release-name: rancher-istio + catalog.cattle.io/requests-cpu: 710m + catalog.cattle.io/requests-memory: 2314Mi + catalog.cattle.io/ui-component: istio +apiVersion: v1 +appVersion: 1.9.3 +description: A basic Istio setup that installs with the istioctl. Refer to https://istio.io/latest/ + for details. +icon: https://charts.rancher.io/assets/logos/istio.svg +keywords: +- networking +- infrastructure +name: rancher-istio +version: 1.9.300-rc03 diff --git a/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/README.md b/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/README.md new file mode 100755 index 00000000000..199e4531269 --- /dev/null +++ b/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/README.md @@ -0,0 +1,69 @@ +# Rancher Istio Installers + +A Rancher created chart that packages the istioctl binary to install via a helm chart. + +# Installation Requirements + +## Chart Dependencies +- rancher-kiali-server-crd chart + +# Uninstallation Requirements +To ensure rancher-istio uninstalls correctly, you must uninstall rancher-istio prior to uninstalling chart dependencies (see installation requirements for chart dependencies). This is because all definitions need to be available in order to properly build the rancher-istio objects for removal. + +If you remove dependent CRD charts prior to removing rancher-istio, you may encounter the following error:: + +`Error: uninstallation completed with 1 error(s): unable to build kubernetes objects for delete: unable to recognize "": no matches for kind "MonitoringDashboard" in version "monitoring.kiali.io/v1alpha1"` + +# Addons + +## Kiali + +Kiali allows you to view and manage your istio-based service mesh through an easy to use dashboard. + +#### Dependencies +- rancher-monitoring chart or other Prometheus installation + +This dependecy installs the required CRDs for installing Kiali. Since Kiali is bundled in with Istio in this chart, if you do not have these dependencies installed, your Istio installation will fail. If you do not plan on using Kiali, set `kiali.enabled=false` when installing Istio for a succesful installation. + +> **Note:** The following configuration options assume you have installed the dependecies for Kiali. Please ensure you have Promtheus in your cluster before proceeding. + +The Monitoring app sets `prometheus.prometheusSpec.ignoreNamespaceSelectors=false` which means all namespaces will be scraped by Prometheus by default. This ensures you can view traffic, metrics and graphs for resources deployed in other namespaces. + +To limit scraping to specific namespaces, set `prometheus.prometheusSpec.ignoreNamespaceSelectors=true` and add one of the following configurations to ensure you can continue to view traffic, metrics and graphs for your deployed resources. + +1. Add a Service Monitor or Pod Monitor in the namespace with the targets you want to scrape. +1. Add an additionalScrapeConfig to your rancher-monitoring instance to scrape all targets in all namespaces. + +#### External Services + +##### Prometheus +The `kiali.external_services.prometheus` url is set in the values.yaml: +``` +http://{{ .Values.nameOverride }}-prometheus.{{ .Values.namespaceOverride }}.svc:{{ prometheus.service.port }} +``` +The url depends on the default values for `nameOverride`, `namespaceOverride`, and `prometheus.service.port` being set in your rancher-monitoring or other monitoring instance. + +##### Grafana +The `kiali.external_services.grafana` url is set in the values.yaml: +``` +http://{{ .Values.nameOverride }}-grafana.{{ .Values.namespaceOverride }}.svc:{{ grafana.service.port }} +``` +The url depends on the default values for `nameOverride`, `namespaceOverride`, and `grafana.service.port` being set in your rancher-monitoring or other monitoring instance. + +##### Tracing +The `kiali.external_services.tracing` url and `.Values.tracing.contextPath` is set in the rancher-istio values.yaml: +``` +http://tracing.{{ .Values.namespaceOverride }}.svc:{{ .Values.service.externalPort }}/{{ .Values.tracing.contextPath }} +``` +The url depends on the default values for `namespaceOverride`, and `.Values.service.externalPort` being set in your rancher-tracing or other tracing instance. + +## Jaeger + +Jaeger allows you to trace and monitor distributed microservices. + +> **Note:** This addon is using the all-in-one Jaeger installation which is not qualified for production. Use the [Jaeger Tracing](https://www.jaegertracing.io/docs/1.21/getting-started/) documentation to determine which installation you will need for your production needs. + +# Installation +``` +helm install rancher-istio . --create-namespace -n istio-system +``` \ No newline at end of file diff --git a/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/app-readme.md b/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/app-readme.md new file mode 100755 index 00000000000..0e42df08369 --- /dev/null +++ b/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/app-readme.md @@ -0,0 +1,45 @@ +# Rancher Istio + +Our [Istio](https://istio.io/) installer wraps the istioctl binary commands in a handy helm chart, including an overlay file option to allow complex customization. It also includes: +* **[Kiali](https://kiali.io/)**: Used for graphing traffic flow throughout the mesh +* **[Jaeger](https://www.jaegertracing.io/)**: A quick start, all-in-one installation used for tracing distributed systemm. This is not production qualified, please refer to jaeger documentation to determine which installation you may need instead. + +### Dependencies + +**Rancher Monitoring or other Prometheus installation** + +The Prometheus CRDs are required for installing Kiali which is enabled by default. If you do not have Prometheus installed your Istio installation will fail. If you do not plan on using Kiali, set `kiali.enabled=false` to bypass this requirement. + +### Customization + +**Rancher Monitoring** + +The Rancher Monitoring app sets `prometheus.prometheusSpec.ignoreNamespaceSelectors=false` which means all namespaces will be scraped by Prometheus by default. This ensures you can view traffic, metrics and graphs for resources deployed in other namespaces. + +To limit scraping to specific namespaces, set `prometheus.prometheusSpec.ignoreNamespaceSelectors=true` and add one of the following configurations to ensure you can continue to view traffic, metrics and graphs for your deployed resources. + +1. Add a Service Monitor or Pod Monitor in the namespace with the targets you want to scrape. +1. Add an additionalScrapeConfig to your rancher-monitoring instance to scrape all targets in all namespaces. + +**Custom Prometheus Installation with Kiali** + +To use a custom Monitoring installation, set the `kiali.external_services.prometheus` url in the values.yaml. This url depends on the values for `nameOverride`, `namespaceOverride`, and `prometheus.service.port` in your rancher-monitoring or other monitoring instance: +``` +http://{{ .Values.nameOverride }}-prometheus.{{ .Values.namespaceOverride }}.svc:{{ prometheus.service.port }} +``` +**Custom Grafana Installation with Kiali** + +To use a custom Grafana installation, set the `kiali.external_services.grafana` url in the values.yaml. This url depends on the values for `nameOverride`, `namespaceOverride`, and `granfa.service.port` in your rancher-monitoring or other grafana instance: +``` +http://{{ .Values.nameOverride }}-grafana.{{ .Values.namespaceOverride }}.svc:{{ grafana.service.port }} +``` +**Custom Tracing Installation with Kiali** + +To use a custom Tracing installation, set the `kiali.external_services.tracing` url and update the `.Values.tracing.contextPath` in the rancher-istio values.yaml. + +This url depends on the values for `namespaceOverride`, and `.Values.service.externalPort` in your rancher-tracing or other tracing instance.: +``` +http://tracing.{{ .Values.namespaceOverride }}.svc:{{ .Values.service.externalPort }}/{{ .Values.tracing.contextPath }} +``` + +For more information on how to use the feature, refer to our [docs](https://rancher.com/docs/rancher/v2.x/en/istio/v2.5/). diff --git a/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/kiali/Chart.yaml b/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/kiali/Chart.yaml new file mode 100755 index 00000000000..9b6fdf385f8 --- /dev/null +++ b/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/kiali/Chart.yaml @@ -0,0 +1,31 @@ +annotations: + catalog.cattle.io/auto-install: rancher-kiali-server-crd=match + catalog.cattle.io/hidden: "true" + catalog.cattle.io/os: linux + catalog.cattle.io/provides-gvr: monitoringdashboards.monitoring.kiali.io/v1alpha1 + catalog.cattle.io/requires-gvr: monitoring.coreos.com.prometheus/v1 + catalog.rancher.io/namespace: cattle-istio-system + catalog.rancher.io/release-name: rancher-kiali-server +apiVersion: v2 +appVersion: v1.32.0 +description: Kiali is an open source project for service mesh observability, refer + to https://www.kiali.io for details. This is installed as sub-chart with customized + values in Rancher's Istio. +home: https://github.com/kiali/kiali +icon: https://raw.githubusercontent.com/kiali/kiali.io/master/themes/kiali/static/img/kiali_logo_masthead.png +keywords: +- istio +- kiali +- networking +- infrastructure +maintainers: +- email: kiali-users@googlegroups.com + name: Kiali + url: https://kiali.io +name: kiali +sources: +- https://github.com/kiali/kiali +- https://github.com/kiali/kiali-ui +- https://github.com/kiali/kiali-operator +- https://github.com/kiali/helm-charts +version: 1.32.1 diff --git a/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/kiali/templates/NOTES.txt b/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/kiali/templates/NOTES.txt new file mode 100755 index 00000000000..751019401be --- /dev/null +++ b/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/kiali/templates/NOTES.txt @@ -0,0 +1,5 @@ +Welcome to Kiali! For more details on Kiali, see: https://kiali.io + +The Kiali Server [{{ .Chart.AppVersion }}] has been installed in namespace [{{ .Release.Namespace }}]. It will be ready soon. + +(Helm: Chart=[{{ .Chart.Name }}], Release=[{{ .Release.Name }}], Version=[{{ .Chart.Version }}]) diff --git a/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/kiali/templates/_helpers.tpl b/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/kiali/templates/_helpers.tpl new file mode 100755 index 00000000000..dd33bbe480e --- /dev/null +++ b/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/kiali/templates/_helpers.tpl @@ -0,0 +1,192 @@ +{{/* vim: set filetype=mustache: */}} + +{{/* +Expand the name of the chart. +*/}} +{{- define "kiali-server.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "kiali-server.fullname" -}} +{{- if .Values.fullnameOverride }} + {{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} + {{- $name := default .Chart.Name .Values.nameOverride }} + {{- printf "%s" $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "kiali-server.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Identifies the log_level with the old verbose_mode and the new log_level considered. +*/}} +{{- define "kiali-server.logLevel" -}} +{{- if .Values.deployment.verbose_mode -}} +{{- .Values.deployment.verbose_mode -}} +{{- else -}} +{{- .Values.deployment.logger.log_level -}} +{{- end -}} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "kiali-server.labels" -}} +helm.sh/chart: {{ include "kiali-server.chart" . }} +app: {{ include "kiali-server.name" . }} +{{ include "kiali-server.selectorLabels" . }} +version: {{ .Values.deployment.version_label | default .Chart.AppVersion | quote }} +app.kubernetes.io/version: {{ .Values.deployment.version_label | default .Chart.AppVersion | quote }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +app.kubernetes.io/part-of: "kiali" +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "kiali-server.selectorLabels" -}} +app.kubernetes.io/name: {{ include "kiali-server.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Used to determine if a custom dashboard (defined in .Template.Name) should be deployed. +*/}} +{{- define "kiali-server.isDashboardEnabled" -}} +{{- if .Values.external_services.custom_dashboards.enabled }} + {{- $includere := "" }} + {{- range $_, $s := .Values.deployment.custom_dashboards.includes }} + {{- if $s }} + {{- if $includere }} + {{- $includere = printf "%s|^%s$" $includere ($s | replace "*" ".*" | replace "?" ".") }} + {{- else }} + {{- $includere = printf "^%s$" ($s | replace "*" ".*" | replace "?" ".") }} + {{- end }} + {{- end }} + {{- end }} + {{- $excludere := "" }} + {{- range $_, $s := .Values.deployment.custom_dashboards.excludes }} + {{- if $s }} + {{- if $excludere }} + {{- $excludere = printf "%s|^%s$" $excludere ($s | replace "*" ".*" | replace "?" ".") }} + {{- else }} + {{- $excludere = printf "^%s$" ($s | replace "*" ".*" | replace "?" ".") }} + {{- end }} + {{- end }} + {{- end }} + {{- if (and (mustRegexMatch (default "no-matches" $includere) (base .Template.Name)) (not (mustRegexMatch (default "no-matches" $excludere) (base .Template.Name)))) }} + {{- print "enabled" }} + {{- else }} + {{- print "" }} + {{- end }} +{{- else }} + {{- print "" }} +{{- end }} +{{- end }} + +{{/* +Determine the default login token signing key. +*/}} +{{- define "kiali-server.login_token.signing_key" -}} +{{- if .Values.login_token.signing_key }} + {{- .Values.login_token.signing_key }} +{{- else }} + {{- randAlphaNum 16 }} +{{- end }} +{{- end }} + +{{/* +Determine the default web root. +*/}} +{{- define "kiali-server.server.web_root" -}} +{{- if .Values.server.web_root }} + {{- .Values.server.web_root | trimSuffix "/" }} +{{- else }} + {{- if .Capabilities.APIVersions.Has "route.openshift.io/v1" }} + {{- "/" }} + {{- else }} + {{- "/kiali" }} + {{- end }} +{{- end }} +{{- end }} + +{{/* +Determine the default identity cert file. There is no default if on k8s; only on OpenShift. +*/}} +{{- define "kiali-server.identity.cert_file" -}} +{{- if hasKey .Values.identity "cert_file" }} + {{- .Values.identity.cert_file }} +{{- else }} + {{- if .Capabilities.APIVersions.Has "route.openshift.io/v1" }} + {{- "/kiali-cert/tls.crt" }} + {{- else }} + {{- "" }} + {{- end }} +{{- end }} +{{- end }} + +{{/* +Determine the default identity private key file. There is no default if on k8s; only on OpenShift. +*/}} +{{- define "kiali-server.identity.private_key_file" -}} +{{- if hasKey .Values.identity "private_key_file" }} + {{- .Values.identity.private_key_file }} +{{- else }} + {{- if .Capabilities.APIVersions.Has "route.openshift.io/v1" }} + {{- "/kiali-cert/tls.key" }} + {{- else }} + {{- "" }} + {{- end }} +{{- end }} +{{- end }} + +{{/* +Determine the istio namespace - default is where Kiali is installed. +*/}} +{{- define "kiali-server.istio_namespace" -}} +{{- if .Values.istio_namespace }} + {{- .Values.istio_namespace }} +{{- else }} + {{- .Release.Namespace }} +{{- end }} +{{- end }} + +{{/* +Determine the auth strategy to use - default is "token" on Kubernetes and "openshift" on OpenShift. +*/}} +{{- define "kiali-server.auth.strategy" -}} +{{- if .Values.auth.strategy }} + {{- if (and (eq .Values.auth.strategy "openshift") (not .Values.kiali_route_url)) }} + {{- fail "You did not define what the Kiali Route URL will be (--set kiali_route_url=...). Without this set, the openshift auth strategy will not work. Either set that or use a different auth strategy via the --set auth.strategy=... option." }} + {{- end }} + {{- .Values.auth.strategy }} +{{- else }} + {{- if .Capabilities.APIVersions.Has "route.openshift.io/v1" }} + {{- if not .Values.kiali_route_url }} + {{- fail "You did not define what the Kiali Route URL will be (--set kiali_route_url=...). Without this set, the openshift auth strategy will not work. Either set that or explicitly indicate another auth strategy you want via the --set auth.strategy=... option." }} + {{- end }} + {{- "openshift" }} + {{- else }} + {{- "token" }} + {{- end }} +{{- end }} +{{- end }} + +{{- define "system_default_registry" -}} +{{- if .Values.global.cattle.systemDefaultRegistry -}} +{{- printf "%s/" .Values.global.cattle.systemDefaultRegistry -}} +{{- else -}} +{{- "" -}} +{{- end -}} +{{- end -}} diff --git a/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/kiali/templates/cabundle.yaml b/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/kiali/templates/cabundle.yaml new file mode 100755 index 00000000000..7462b95a7f3 --- /dev/null +++ b/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/kiali/templates/cabundle.yaml @@ -0,0 +1,13 @@ +{{- if .Capabilities.APIVersions.Has "route.openshift.io/v1" }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "kiali-server.fullname" . }}-cabundle + namespace: {{ .Release.Namespace }} + labels: + {{- include "kiali-server.labels" . | nindent 4 }} + annotations: + service.beta.openshift.io/inject-cabundle: "true" +... +{{- end }} diff --git a/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/kiali/templates/configmap.yaml b/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/kiali/templates/configmap.yaml new file mode 100755 index 00000000000..b1bf531731f --- /dev/null +++ b/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/kiali/templates/configmap.yaml @@ -0,0 +1,24 @@ +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "kiali-server.fullname" . }} + namespace: {{ .Release.Namespace }} + labels: + {{- include "kiali-server.labels" . | nindent 4 }} +data: + config.yaml: | + {{- /* Most of .Values is simply the ConfigMap - strip out the keys that are not part of the ConfigMap */}} + {{- $cm := omit .Values "nameOverride" "fullnameOverride" "kiali_route_url" }} + {{- /* The helm chart defines namespace for us, but pass it to the ConfigMap in case the server needs it */}} + {{- $_ := set $cm.deployment "namespace" .Release.Namespace }} + {{- /* Some values of the ConfigMap are generated, but might not be identical, from .Values */}} + {{- $_ := set $cm "istio_namespace" (include "kiali-server.istio_namespace" .) }} + {{- $_ := set $cm.auth "strategy" (include "kiali-server.auth.strategy" .) }} + {{- $_ := set $cm.auth.openshift "client_id_prefix" (include "kiali-server.fullname" .) }} + {{- $_ := set $cm.identity "cert_file" (include "kiali-server.identity.cert_file" .) }} + {{- $_ := set $cm.identity "private_key_file" (include "kiali-server.identity.private_key_file" .) }} + {{- $_ := set $cm.login_token "signing_key" (include "kiali-server.login_token.signing_key" .) }} + {{- $_ := set $cm.server "web_root" (include "kiali-server.server.web_root" .) }} + {{- toYaml $cm | nindent 4 }} +... diff --git a/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/kiali/templates/dashboards/envoy.yaml b/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/kiali/templates/dashboards/envoy.yaml new file mode 100755 index 00000000000..85b4020175c --- /dev/null +++ b/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/kiali/templates/dashboards/envoy.yaml @@ -0,0 +1,56 @@ +{{- if (include "kiali-server.isDashboardEnabled" .) }} +--- +apiVersion: "monitoring.kiali.io/v1alpha1" +kind: MonitoringDashboard +metadata: + name: envoy + namespace: {{ .Release.Namespace }} + labels: + {{- include "kiali-server.labels" . | nindent 4 }} +spec: + title: Envoy Metrics + discoverOn: "envoy_server_uptime" + items: + - chart: + name: "Pods uptime" + spans: 4 + metricName: "envoy_server_uptime" + dataType: "raw" + - chart: + name: "Allocated memory" + unit: "bytes" + spans: 4 + metricName: "envoy_server_memory_allocated" + dataType: "raw" + min: 0 + - chart: + name: "Heap size" + unit: "bytes" + spans: 4 + metricName: "envoy_server_memory_heap_size" + dataType: "raw" + min: 0 + - chart: + name: "Upstream active connections" + spans: 6 + metricName: "envoy_cluster_upstream_cx_active" + dataType: "raw" + - chart: + name: "Upstream total requests" + spans: 6 + metricName: "envoy_cluster_upstream_rq_total" + unit: "rps" + dataType: "rate" + - chart: + name: "Downstream active connections" + spans: 6 + metricName: "envoy_listener_downstream_cx_active" + dataType: "raw" + - chart: + name: "Downstream HTTP requests" + spans: 6 + metricName: "envoy_listener_http_downstream_rq" + unit: "rps" + dataType: "rate" +... +{{- end }} diff --git a/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/kiali/templates/dashboards/go.yaml b/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/kiali/templates/dashboards/go.yaml new file mode 100755 index 00000000000..2d2f42a938d --- /dev/null +++ b/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/kiali/templates/dashboards/go.yaml @@ -0,0 +1,67 @@ +{{- if (include "kiali-server.isDashboardEnabled" .) }} +--- +apiVersion: "monitoring.kiali.io/v1alpha1" +kind: MonitoringDashboard +metadata: + name: go + namespace: {{ .Release.Namespace }} + labels: + {{- include "kiali-server.labels" . | nindent 4 }} +spec: + title: Go Metrics + runtime: Go + discoverOn: "go_info" + items: + - chart: + name: "CPU ratio" + spans: 6 + metricName: "process_cpu_seconds_total" + dataType: "rate" + aggregations: + - label: "pod_name" + displayName: "Pod" + - chart: + name: "RSS Memory" + unit: "bytes" + spans: 6 + metricName: "process_resident_memory_bytes" + dataType: "raw" + aggregations: + - label: "pod_name" + displayName: "Pod" + - chart: + name: "Goroutines" + spans: 6 + metricName: "go_goroutines" + dataType: "raw" + aggregations: + - label: "pod_name" + displayName: "Pod" + - chart: + name: "Heap allocation rate" + unit: "bytes/s" + spans: 6 + metricName: "go_memstats_alloc_bytes_total" + dataType: "rate" + aggregations: + - label: "pod_name" + displayName: "Pod" + - chart: + name: "GC rate" + spans: 6 + metricName: "go_gc_duration_seconds_count" + dataType: "rate" + aggregations: + - label: "pod_name" + displayName: "Pod" + - chart: + name: "Next GC" + unit: "bytes" + spans: 6 + metricName: "go_memstats_next_gc_bytes" + dataType: "raw" + aggregations: + - label: "pod_name" + displayName: "Pod" +... +{{- end }} diff --git a/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/kiali/templates/dashboards/kiali.yaml b/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/kiali/templates/dashboards/kiali.yaml new file mode 100755 index 00000000000..b1f011b4f95 --- /dev/null +++ b/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/kiali/templates/dashboards/kiali.yaml @@ -0,0 +1,44 @@ +{{- if (include "kiali-server.isDashboardEnabled" .) }} +--- +apiVersion: "monitoring.kiali.io/v1alpha1" +kind: MonitoringDashboard +metadata: + name: kiali + namespace: {{ .Release.Namespace }} + labels: + {{- include "kiali-server.labels" . | nindent 4 }} +spec: + title: Kiali Internal Metrics + items: + - chart: + name: "API processing duration" + unit: "seconds" + spans: 6 + metricName: "kiali_api_processing_duration_seconds" + dataType: "histogram" + aggregations: + - label: "route" + displayName: "Route" + - chart: + name: "Functions processing duration" + unit: "seconds" + spans: 6 + metricName: "kiali_go_function_processing_duration_seconds" + dataType: "histogram" + aggregations: + - label: "function" + displayName: "Function" + - label: "package" + displayName: "Package" + - chart: + name: "Failures" + spans: 12 + metricName: "kiali_go_function_failures_total" + dataType: "raw" + aggregations: + - label: "function" + displayName: "Function" + - label: "package" + displayName: "Package" +... +{{- end }} diff --git a/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/kiali/templates/dashboards/micrometer-1.0.6-jvm-pool.yaml b/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/kiali/templates/dashboards/micrometer-1.0.6-jvm-pool.yaml new file mode 100755 index 00000000000..2e1ed5cfff3 --- /dev/null +++ b/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/kiali/templates/dashboards/micrometer-1.0.6-jvm-pool.yaml @@ -0,0 +1,43 @@ +{{- if (include "kiali-server.isDashboardEnabled" .) }} +--- +apiVersion: "monitoring.kiali.io/v1alpha1" +kind: MonitoringDashboard +metadata: + name: micrometer-1.0.6-jvm-pool + namespace: {{ .Release.Namespace }} + labels: + {{- include "kiali-server.labels" . | nindent 4 }} +spec: + runtime: JVM + title: JVM Pool Metrics + discoverOn: "jvm_buffer_total_capacity_bytes" + items: + - chart: + name: "Pool buffer memory used" + unit: "bytes" + spans: 4 + metricName: "jvm_buffer_memory_used_bytes" + dataType: "raw" + aggregations: + - label: "id" + displayName: "Pool" + - chart: + name: "Pool buffer capacity" + unit: "bytes" + spans: 4 + metricName: "jvm_buffer_total_capacity_bytes" + dataType: "raw" + aggregations: + - label: "id" + displayName: "Pool" + - chart: + name: "Pool buffer count" + unit: "bytes" + spans: 4 + metricName: "jvm_buffer_count" + dataType: "raw" + aggregations: + - label: "id" + displayName: "Pool" +... +{{- end }} diff --git a/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/kiali/templates/dashboards/micrometer-1.0.6-jvm.yaml b/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/kiali/templates/dashboards/micrometer-1.0.6-jvm.yaml new file mode 100755 index 00000000000..d645968820a --- /dev/null +++ b/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/kiali/templates/dashboards/micrometer-1.0.6-jvm.yaml @@ -0,0 +1,65 @@ +{{- if (include "kiali-server.isDashboardEnabled" .) }} +--- +apiVersion: "monitoring.kiali.io/v1alpha1" +kind: MonitoringDashboard +metadata: + name: micrometer-1.0.6-jvm + namespace: {{ .Release.Namespace }} + labels: + {{- include "kiali-server.labels" . | nindent 4 }} +spec: + runtime: JVM + title: JVM Metrics + discoverOn: "jvm_threads_live" + items: + - chart: + name: "Total live threads" + spans: 4 + metricName: "jvm_threads_live" + dataType: "raw" + - chart: + name: "Daemon threads" + spans: 4 + metricName: "jvm_threads_daemon" + dataType: "raw" + - chart: + name: "Loaded classes" + spans: 4 + metricName: "jvm_classes_loaded" + dataType: "raw" + + - chart: + name: "Memory used" + unit: "bytes" + spans: 4 + metricName: "jvm_memory_used_bytes" + dataType: "raw" + aggregations: + - label: "area" + displayName: "Area" + - label: "id" + displayName: "Space" + - chart: + name: "Memory commited" + unit: "bytes" + spans: 4 + metricName: "jvm_memory_committed_bytes" + dataType: "raw" + aggregations: + - label: "area" + displayName: "Area" + - label: "id" + displayName: "Space" + - chart: + name: "Memory max" + unit: "bytes" + spans: 4 + metricName: "jvm_memory_max_bytes" + dataType: "raw" + aggregations: + - label: "area" + displayName: "Area" + - label: "id" + displayName: "Space" +... +{{- end }} diff --git a/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/kiali/templates/dashboards/micrometer-1.1-jvm.yaml b/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/kiali/templates/dashboards/micrometer-1.1-jvm.yaml new file mode 100755 index 00000000000..76e8d0a4a0c --- /dev/null +++ b/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/kiali/templates/dashboards/micrometer-1.1-jvm.yaml @@ -0,0 +1,68 @@ +{{- if (include "kiali-server.isDashboardEnabled" .) }} +--- +apiVersion: "monitoring.kiali.io/v1alpha1" +kind: MonitoringDashboard +metadata: + name: micrometer-1.1-jvm + namespace: {{ .Release.Namespace }} + labels: + {{- include "kiali-server.labels" . | nindent 4 }} +spec: + runtime: JVM + title: JVM Metrics + discoverOn: "jvm_threads_live_threads" + items: + - chart: + name: "Memory used" + unit: "bytes" + spans: 4 + metricName: "jvm_memory_used_bytes" + dataType: "raw" + aggregations: + - label: "area" + displayName: "Area" + - label: "id" + displayName: "Space" + - chart: + name: "Memory commited" + unit: "bytes" + spans: 4 + metricName: "jvm_memory_committed_bytes" + dataType: "raw" + aggregations: + - label: "area" + displayName: "Area" + - label: "id" + displayName: "Space" + - chart: + name: "Memory max" + unit: "bytes" + spans: 4 + metricName: "jvm_memory_max_bytes" + dataType: "raw" + aggregations: + - label: "area" + displayName: "Area" + - label: "id" + displayName: "Space" + + - chart: + name: "Total live threads" + spans: 4 + metricName: "jvm_threads_live_threads" + dataType: "raw" + - chart: + name: "Daemon threads" + spans: 4 + metricName: "jvm_threads_daemon_threads" + dataType: "raw" + - chart: + name: "Threads states" + spans: 4 + metricName: "jvm_threads_states_threads" + dataType: "raw" + aggregations: + - label: "state" + displayName: "State" +... +{{- end }} diff --git a/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/kiali/templates/dashboards/microprofile-1.1.yaml b/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/kiali/templates/dashboards/microprofile-1.1.yaml new file mode 100755 index 00000000000..1d495119640 --- /dev/null +++ b/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/kiali/templates/dashboards/microprofile-1.1.yaml @@ -0,0 +1,59 @@ +{{- if (include "kiali-server.isDashboardEnabled" .) }} +--- +apiVersion: "monitoring.kiali.io/v1alpha1" +kind: MonitoringDashboard +metadata: + name: microprofile-1.1 + namespace: {{ .Release.Namespace }} + labels: + {{- include "kiali-server.labels" . | nindent 4 }} +spec: + title: MicroProfile Metrics + runtime: MicroProfile + discoverOn: "base:thread_count" + items: + - chart: + name: "Current loaded classes" + spans: 6 + metricName: "base:classloader_current_loaded_class_count" + dataType: "raw" + - chart: + name: "Unloaded classes" + spans: 6 + metricName: "base:classloader_total_unloaded_class_count" + dataType: "raw" + - chart: + name: "Thread count" + spans: 4 + metricName: "base:thread_count" + dataType: "raw" + - chart: + name: "Thread max count" + spans: 4 + metricName: "base:thread_max_count" + dataType: "raw" + - chart: + name: "Thread daemon count" + spans: 4 + metricName: "base:thread_daemon_count" + dataType: "raw" + - chart: + name: "Committed heap" + unit: "bytes" + spans: 4 + metricName: "base:memory_committed_heap_bytes" + dataType: "raw" + - chart: + name: "Max heap" + unit: "bytes" + spans: 4 + metricName: "base:memory_max_heap_bytes" + dataType: "raw" + - chart: + name: "Used heap" + unit: "bytes" + spans: 4 + metricName: "base:memory_used_heap_bytes" + dataType: "raw" +... +{{- end }} diff --git a/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/kiali/templates/dashboards/microprofile-x.y.yaml b/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/kiali/templates/dashboards/microprofile-x.y.yaml new file mode 100755 index 00000000000..57ddc60ef64 --- /dev/null +++ b/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/kiali/templates/dashboards/microprofile-x.y.yaml @@ -0,0 +1,38 @@ +{{- if (include "kiali-server.isDashboardEnabled" .) }} +--- +apiVersion: "monitoring.kiali.io/v1alpha1" +kind: MonitoringDashboard +metadata: + name: microprofile-x.y + namespace: {{ .Release.Namespace }} + labels: + {{- include "kiali-server.labels" . | nindent 4 }} +spec: + title: MicroProfile Metrics + runtime: MicroProfile + discoverOn: "base:gc_complete_scavenger_count" + items: + - chart: + name: "Young GC time" + unit: "seconds" + spans: 3 + metricName: "base:gc_young_generation_scavenger_time_seconds" + dataType: "raw" + - chart: + name: "Young GC count" + spans: 3 + metricName: "base:gc_young_generation_scavenger_count" + dataType: "raw" + - chart: + name: "Total GC time" + unit: "seconds" + spans: 3 + metricName: "base:gc_complete_scavenger_time_seconds" + dataType: "raw" + - chart: + name: "Total GC count" + spans: 3 + metricName: "base:gc_complete_scavenger_count" + dataType: "raw" +... +{{- end }} diff --git a/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/kiali/templates/dashboards/nodejs.yaml b/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/kiali/templates/dashboards/nodejs.yaml new file mode 100755 index 00000000000..1ffe0aa10dc --- /dev/null +++ b/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/kiali/templates/dashboards/nodejs.yaml @@ -0,0 +1,59 @@ +{{- if (include "kiali-server.isDashboardEnabled" .) }} +--- +apiVersion: "monitoring.kiali.io/v1alpha1" +kind: MonitoringDashboard +metadata: + name: nodejs + namespace: {{ .Release.Namespace }} + labels: + {{- include "kiali-server.labels" . | nindent 4 }} +spec: + runtime: Node.js + title: Node.js Metrics + discoverOn: "nodejs_active_handles_total" + items: + - chart: + name: "Active handles" + spans: 4 + metricName: "nodejs_active_handles_total" + dataType: "raw" + - chart: + name: "Active requests" + spans: 4 + metricName: "nodejs_active_requests_total" + dataType: "raw" + - chart: + name: "Event loop lag" + unit: "seconds" + spans: 4 + metricName: "nodejs_eventloop_lag_seconds" + dataType: "raw" + - chart: + name: "Total heap size" + unit: "bytes" + spans: 12 + metricName: "nodejs_heap_space_size_total_bytes" + dataType: "raw" + aggregations: + - label: "space" + displayName: "Space" + - chart: + name: "Used heap size" + unit: "bytes" + spans: 6 + metricName: "nodejs_heap_space_size_used_bytes" + dataType: "raw" + aggregations: + - label: "space" + displayName: "Space" + - chart: + name: "Available heap size" + unit: "bytes" + spans: 6 + metricName: "nodejs_heap_space_size_available_bytes" + dataType: "raw" + aggregations: + - label: "space" + displayName: "Space" +... +{{- end }} diff --git a/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/kiali/templates/dashboards/quarkus.yaml b/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/kiali/templates/dashboards/quarkus.yaml new file mode 100755 index 00000000000..cef5f3dce5f --- /dev/null +++ b/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/kiali/templates/dashboards/quarkus.yaml @@ -0,0 +1,33 @@ +{{- if (include "kiali-server.isDashboardEnabled" .) }} +--- +apiVersion: "monitoring.kiali.io/v1alpha1" +kind: MonitoringDashboard +metadata: + name: quarkus + namespace: {{ .Release.Namespace }} + labels: + {{- include "kiali-server.labels" . | nindent 4 }} +spec: + title: Quarkus Metrics + runtime: Quarkus + items: + - chart: + name: "Thread count" + spans: 4 + metricName: "vendor:thread_count" + dataType: "raw" + - chart: + name: "Used heap" + unit: "bytes" + spans: 4 + metricName: "vendor:memory_heap_usage_bytes" + dataType: "raw" + - chart: + name: "Used non-heap" + unit: "bytes" + spans: 4 + metricName: "vendor:memory_non_heap_usage_bytes" + dataType: "raw" + - include: "microprofile-x.y" +... +{{- end }} diff --git a/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/kiali/templates/dashboards/springboot-jvm-pool.yaml b/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/kiali/templates/dashboards/springboot-jvm-pool.yaml new file mode 100755 index 00000000000..42d87d89016 --- /dev/null +++ b/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/kiali/templates/dashboards/springboot-jvm-pool.yaml @@ -0,0 +1,16 @@ +{{- if (include "kiali-server.isDashboardEnabled" .) }} +--- +apiVersion: "monitoring.kiali.io/v1alpha1" +kind: MonitoringDashboard +metadata: + name: springboot-jvm-pool + namespace: {{ .Release.Namespace }} + labels: + {{- include "kiali-server.labels" . | nindent 4 }} +spec: + runtime: Spring Boot + title: JVM Pool Metrics + items: + - include: "micrometer-1.0.6-jvm-pool" +... +{{- end }} diff --git a/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/kiali/templates/dashboards/springboot-jvm.yaml b/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/kiali/templates/dashboards/springboot-jvm.yaml new file mode 100755 index 00000000000..ced3acdd94c --- /dev/null +++ b/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/kiali/templates/dashboards/springboot-jvm.yaml @@ -0,0 +1,16 @@ +{{- if (include "kiali-server.isDashboardEnabled" .) }} +--- +apiVersion: "monitoring.kiali.io/v1alpha1" +kind: MonitoringDashboard +metadata: + name: springboot-jvm + namespace: {{ .Release.Namespace }} + labels: + {{- include "kiali-server.labels" . | nindent 4 }} +spec: + runtime: Spring Boot + title: JVM Metrics + items: + - include: "micrometer-1.0.6-jvm" +... +{{- end }} diff --git a/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/kiali/templates/dashboards/springboot-tomcat.yaml b/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/kiali/templates/dashboards/springboot-tomcat.yaml new file mode 100755 index 00000000000..c07016aa2a2 --- /dev/null +++ b/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/kiali/templates/dashboards/springboot-tomcat.yaml @@ -0,0 +1,16 @@ +{{- if (include "kiali-server.isDashboardEnabled" .) }} +--- +apiVersion: "monitoring.kiali.io/v1alpha1" +kind: MonitoringDashboard +metadata: + name: springboot-tomcat + namespace: {{ .Release.Namespace }} + labels: + {{- include "kiali-server.labels" . | nindent 4 }} +spec: + runtime: Spring Boot + title: Tomcat Metrics + items: + - include: "tomcat" +... +{{- end }} diff --git a/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/kiali/templates/dashboards/thorntail.yaml b/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/kiali/templates/dashboards/thorntail.yaml new file mode 100755 index 00000000000..6bd85e6f571 --- /dev/null +++ b/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/kiali/templates/dashboards/thorntail.yaml @@ -0,0 +1,22 @@ +{{- if (include "kiali-server.isDashboardEnabled" .) }} +--- +apiVersion: "monitoring.kiali.io/v1alpha1" +kind: MonitoringDashboard +metadata: + name: thorntail + namespace: {{ .Release.Namespace }} + labels: + {{- include "kiali-server.labels" . | nindent 4 }} +spec: + runtime: Thorntail + title: Thorntail Metrics + discoverOn: "vendor:loaded_modules" + items: + - include: "microprofile-1.1" + - chart: + name: "Loaded modules" + spans: 6 + metricName: "vendor:loaded_modules" + dataType: "raw" +... +{{- end }} diff --git a/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/kiali/templates/dashboards/tomcat.yaml b/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/kiali/templates/dashboards/tomcat.yaml new file mode 100755 index 00000000000..9a803342fe0 --- /dev/null +++ b/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/kiali/templates/dashboards/tomcat.yaml @@ -0,0 +1,67 @@ +{{- if (include "kiali-server.isDashboardEnabled" .) }} +--- +apiVersion: "monitoring.kiali.io/v1alpha1" +kind: MonitoringDashboard +metadata: + name: tomcat + namespace: {{ .Release.Namespace }} + labels: + {{- include "kiali-server.labels" . | nindent 4 }} +spec: + runtime: Tomcat + title: Tomcat Metrics + discoverOn: "tomcat_sessions_created_total" + items: + - chart: + name: "Sessions created" + spans: 4 + metricName: "tomcat_sessions_created_total" + dataType: "raw" + - chart: + name: "Active sessions" + spans: 4 + metricName: "tomcat_sessions_active_current" + dataType: "raw" + - chart: + name: "Sessions rejected" + spans: 4 + metricName: "tomcat_sessions_rejected_total" + dataType: "raw" + + - chart: + name: "Bytes sent" + unit: "bitrate" + spans: 6 + metricName: "tomcat_global_sent_bytes_total" + dataType: "rate" + aggregations: + - label: "name" + displayName: "Name" + - chart: + name: "Bytes received" + unit: "bitrate" + spans: 6 + metricName: "tomcat_global_received_bytes_total" + dataType: "rate" + aggregations: + - label: "name" + displayName: "Name" + + - chart: + name: "Global errors" + spans: 6 + metricName: "tomcat_global_error_total" + dataType: "raw" + aggregations: + - label: "name" + displayName: "Name" + - chart: + name: "Servlet errors" + spans: 6 + metricName: "tomcat_servlet_error_total" + dataType: "raw" + aggregations: + - label: "name" + displayName: "Name" +... +{{- end }} diff --git a/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/kiali/templates/dashboards/vertx-client.yaml b/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/kiali/templates/dashboards/vertx-client.yaml new file mode 100755 index 00000000000..2d591d6b0bb --- /dev/null +++ b/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/kiali/templates/dashboards/vertx-client.yaml @@ -0,0 +1,60 @@ +{{- if (include "kiali-server.isDashboardEnabled" .) }} +--- +apiVersion: "monitoring.kiali.io/v1alpha1" +kind: MonitoringDashboard +metadata: + name: vertx-client + namespace: {{ .Release.Namespace }} + labels: + {{- include "kiali-server.labels" . | nindent 4 }} +spec: + runtime: Vert.x + title: Vert.x Client Metrics + discoverOn: "vertx_http_client_connections" + items: + - chart: + name: "Client response time" + unit: "seconds" + spans: 6 + metricName: "vertx_http_client_responseTime_seconds" + dataType: "histogram" + aggregations: + - label: "path" + displayName: "Path" + - label: "method" + displayName: "Method" + - chart: + name: "Client request count rate" + unit: "ops" + spans: 6 + metricName: "vertx_http_client_requestCount_total" + dataType: "rate" + aggregations: + - label: "path" + displayName: "Path" + - label: "method" + displayName: "Method" + - chart: + name: "Client active connections" + spans: 6 + metricName: "vertx_http_client_connections" + dataType: "raw" + - chart: + name: "Client active websockets" + spans: 6 + metricName: "vertx_http_client_wsConnections" + dataType: "raw" + - chart: + name: "Client bytes sent" + unit: "bytes" + spans: 6 + metricName: "vertx_http_client_bytesSent" + dataType: "histogram" + - chart: + name: "Client bytes received" + unit: "bytes" + spans: 6 + metricName: "vertx_http_client_bytesReceived" + dataType: "histogram" +... +{{- end }} diff --git a/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/kiali/templates/dashboards/vertx-eventbus.yaml b/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/kiali/templates/dashboards/vertx-eventbus.yaml new file mode 100755 index 00000000000..65f9ee2ecaf --- /dev/null +++ b/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/kiali/templates/dashboards/vertx-eventbus.yaml @@ -0,0 +1,59 @@ +{{- if (include "kiali-server.isDashboardEnabled" .) }} +--- +apiVersion: "monitoring.kiali.io/v1alpha1" +kind: MonitoringDashboard +metadata: + name: vertx-eventbus + namespace: {{ .Release.Namespace }} + labels: + {{- include "kiali-server.labels" . | nindent 4 }} +spec: + runtime: Vert.x + title: Vert.x Eventbus Metrics + discoverOn: "vertx_eventbus_handlers" + items: + - chart: + name: "Event bus handlers" + spans: 6 + metricName: "vertx_eventbus_handlers" + dataType: "raw" + aggregations: + - label: "address" + displayName: "Eventbus address" + - chart: + name: "Event bus pending messages" + spans: 6 + metricName: "vertx_eventbus_pending" + dataType: "raw" + aggregations: + - label: "address" + displayName: "Eventbus address" + - chart: + name: "Event bus processing time" + unit: "seconds" + spans: 6 + metricName: "vertx_eventbus_processingTime_seconds" + dataType: "histogram" + aggregations: + - label: "address" + displayName: "Eventbus address" + - chart: + name: "Event bus bytes read" + unit: "bytes" + spans: 6 + metricName: "vertx_eventbus_bytesRead" + dataType: "histogram" + aggregations: + - label: "address" + displayName: "Eventbus address" + - chart: + name: "Event bus bytes written" + unit: "bytes" + spans: 6 + metricName: "vertx_eventbus_bytesWritten" + dataType: "histogram" + aggregations: + - label: "address" + displayName: "Eventbus address" +... +{{- end }} diff --git a/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/kiali/templates/dashboards/vertx-jvm.yaml b/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/kiali/templates/dashboards/vertx-jvm.yaml new file mode 100755 index 00000000000..2663186f3e6 --- /dev/null +++ b/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/kiali/templates/dashboards/vertx-jvm.yaml @@ -0,0 +1,16 @@ +{{- if (include "kiali-server.isDashboardEnabled" .) }} +--- +apiVersion: "monitoring.kiali.io/v1alpha1" +kind: MonitoringDashboard +metadata: + name: vertx-jvm + namespace: {{ .Release.Namespace }} + labels: + {{- include "kiali-server.labels" . | nindent 4 }} +spec: + runtime: Vert.x + title: JVM Metrics + items: + - include: "micrometer-1.1-jvm" +... +{{- end }} diff --git a/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/kiali/templates/dashboards/vertx-pool.yaml b/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/kiali/templates/dashboards/vertx-pool.yaml new file mode 100755 index 00000000000..f6af921b356 --- /dev/null +++ b/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/kiali/templates/dashboards/vertx-pool.yaml @@ -0,0 +1,68 @@ +{{- if (include "kiali-server.isDashboardEnabled" .) }} +--- +apiVersion: "monitoring.kiali.io/v1alpha1" +kind: MonitoringDashboard +metadata: + name: vertx-pool + namespace: {{ .Release.Namespace }} + labels: + {{- include "kiali-server.labels" . | nindent 4 }} +spec: + runtime: Vert.x + title: Vert.x Pools Metrics + discoverOn: "vertx_pool_ratio" + items: + - chart: + name: "Usage duration" + unit: "seconds" + spans: 6 + metricName: "vertx_pool_usage_seconds" + dataType: "histogram" + aggregations: + - label: "pool_name" + displayName: "Name" + - label: "pool_type" + displayName: "Type" + - chart: + name: "Usage ratio" + spans: 6 + metricName: "vertx_pool_ratio" + dataType: "raw" + aggregations: + - label: "pool_name" + displayName: "Name" + - label: "pool_type" + displayName: "Type" + - chart: + name: "Queue size" + spans: 6 + metricName: "vertx_pool_queue_size" + dataType: "raw" + aggregations: + - label: "pool_name" + displayName: "Name" + - label: "pool_type" + displayName: "Type" + - chart: + name: "Time in queue" + unit: "seconds" + spans: 6 + metricName: "vertx_pool_queue_delay_seconds" + dataType: "histogram" + aggregations: + - label: "pool_name" + displayName: "Name" + - label: "pool_type" + displayName: "Type" + - chart: + name: "Resources used" + spans: 6 + metricName: "vertx_pool_inUse" + dataType: "raw" + aggregations: + - label: "pool_name" + displayName: "Name" + - label: "pool_type" + displayName: "Type" +... +{{- end }} diff --git a/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/kiali/templates/dashboards/vertx-server.yaml b/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/kiali/templates/dashboards/vertx-server.yaml new file mode 100755 index 00000000000..de6b89df9fd --- /dev/null +++ b/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/kiali/templates/dashboards/vertx-server.yaml @@ -0,0 +1,62 @@ +{{- if (include "kiali-server.isDashboardEnabled" .) }} +--- +apiVersion: "monitoring.kiali.io/v1alpha1" +kind: MonitoringDashboard +metadata: + name: vertx-server + namespace: {{ .Release.Namespace }} + labels: + {{- include "kiali-server.labels" . | nindent 4 }} +spec: + runtime: Vert.x + title: Vert.x Server Metrics + discoverOn: "vertx_http_server_connections" + items: + - chart: + name: "Server response time" + unit: "seconds" + spans: 6 + metricName: "vertx_http_server_responseTime_seconds" + dataType: "histogram" + aggregations: + - label: "path" + displayName: "Path" + - label: "method" + displayName: "Method" + - chart: + name: "Server request count rate" + unit: "ops" + spans: 6 + metricName: "vertx_http_server_requestCount_total" + dataType: "rate" + aggregations: + - label: "code" + displayName: "Error code" + - label: "path" + displayName: "Path" + - label: "method" + displayName: "Method" + - chart: + name: "Server active connections" + spans: 6 + metricName: "vertx_http_server_connections" + dataType: "raw" + - chart: + name: "Server active websockets" + spans: 6 + metricName: "vertx_http_server_wsConnections" + dataType: "raw" + - chart: + name: "Server bytes sent" + unit: "bytes" + spans: 6 + metricName: "vertx_http_server_bytesSent" + dataType: "histogram" + - chart: + name: "Server bytes received" + unit: "bytes" + spans: 6 + metricName: "vertx_http_server_bytesReceived" + dataType: "histogram" +... +{{- end }} diff --git a/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/kiali/templates/deployment.yaml b/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/kiali/templates/deployment.yaml new file mode 100755 index 00000000000..100c5792288 --- /dev/null +++ b/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/kiali/templates/deployment.yaml @@ -0,0 +1,174 @@ +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "kiali-server.fullname" . }} + namespace: {{ .Release.Namespace }} + labels: + {{- include "kiali-server.labels" . | nindent 4 }} +spec: + replicas: {{ .Values.deployment.replicas }} + selector: + matchLabels: + {{- include "kiali-server.selectorLabels" . | nindent 6 }} + strategy: + rollingUpdate: + maxSurge: 1 + maxUnavailable: 1 + type: RollingUpdate + template: + metadata: + name: {{ include "kiali-server.fullname" . }} + labels: + {{- include "kiali-server.labels" . | nindent 8 }} + {{- if .Values.deployment.pod_labels }} + {{- toYaml .Values.deployment.pod_labels | nindent 8 }} + {{- end }} + annotations: + {{- if .Values.server.metrics_enabled }} + prometheus.io/scrape: "true" + prometheus.io/port: {{ .Values.server.metrics_port | quote }} + {{- else }} + prometheus.io/scrape: "false" + prometheus.io/port: "" + {{- end }} + kiali.io/runtimes: go,kiali + {{- if .Values.deployment.pod_annotations }} + {{- toYaml .Values.deployment.pod_annotations | nindent 8 }} + {{- end }} + spec: + serviceAccountName: {{ include "kiali-server.fullname" . }} + {{- if .Values.deployment.priority_class_name }} + priorityClassName: {{ .Values.deployment.priority_class_name | quote }} + {{- end }} + {{- if .Values.deployment.image_pull_secrets }} + imagePullSecrets: + {{- range .Values.deployment.image_pull_secrets }} + - name: {{ . }} + {{- end }} + {{- end }} + containers: + - image: "{{ template "system_default_registry" . }}{{ .Values.deployment.repository }}:{{ .Values.deployment.tag }}" + imagePullPolicy: {{ .Values.deployment.image_pull_policy | default "Always" }} + name: {{ include "kiali-server.fullname" . }} + command: + - "/opt/kiali/kiali" + - "-config" + - "/kiali-configuration/config.yaml" + ports: + - name: api-port + containerPort: {{ .Values.server.port | default 20001 }} + {{- if .Values.server.metrics_enabled }} + - name: http-metrics + containerPort: {{ .Values.server.metrics_port | default 9090 }} + {{- end }} + readinessProbe: + httpGet: + path: {{ include "kiali-server.server.web_root" . | trimSuffix "/" }}/healthz + port: api-port + {{- if (include "kiali-server.identity.cert_file" .) }} + scheme: HTTPS + {{- else }} + scheme: HTTP + {{- end }} + initialDelaySeconds: 5 + periodSeconds: 30 + livenessProbe: + httpGet: + path: {{ include "kiali-server.server.web_root" . | trimSuffix "/" }}/healthz + port: api-port + {{- if (include "kiali-server.identity.cert_file" .) }} + scheme: HTTPS + {{- else }} + scheme: HTTP + {{- end }} + initialDelaySeconds: 5 + periodSeconds: 30 + env: + - name: ACTIVE_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: LOG_LEVEL + value: "{{ include "kiali-server.logLevel" . }}" + - name: LOG_FORMAT + value: "{{ .Values.deployment.logger.log_format }}" + - name: LOG_TIME_FIELD_FORMAT + value: "{{ .Values.deployment.logger.time_field_format }}" + - name: LOG_SAMPLER_RATE + value: "{{ .Values.deployment.logger.sampler_rate }}" + volumeMounts: + {{- if .Values.web_root_override }} + - name: kiali-console + subPath: env.js + mountPath: /opt/kiali/console/env.js + {{- end }} + - name: {{ include "kiali-server.fullname" . }}-configuration + mountPath: "/kiali-configuration" + - name: {{ include "kiali-server.fullname" . }}-cert + mountPath: "/kiali-cert" + - name: {{ include "kiali-server.fullname" . }}-secret + mountPath: "/kiali-secret" + {{- if .Capabilities.APIVersions.Has "route.openshift.io/v1" }} + - name: {{ include "kiali-server.fullname" . }}-cabundle + mountPath: "/kiali-cabundle" + {{- end }} + {{- if .Values.deployment.resources }} + resources: + {{- toYaml .Values.deployment.resources | nindent 10 }} + {{- end }} + volumes: + {{- if .Values.web_root_override }} + - name: kiali-console + configMap: + name: kiali-console + items: + - key: env.js + path: env.js + {{- end }} + - name: {{ include "kiali-server.fullname" . }}-configuration + configMap: + name: {{ include "kiali-server.fullname" . }} + - name: {{ include "kiali-server.fullname" . }}-cert + secret: + {{- if .Capabilities.APIVersions.Has "route.openshift.io/v1" }} + secretName: {{ include "kiali-server.fullname" . }}-cert-secret + {{- else }} + secretName: istio.{{ include "kiali-server.fullname" . }}-service-account + {{- end }} + {{- if not (include "kiali-server.identity.cert_file" .) }} + optional: true + {{- end }} + - name: {{ include "kiali-server.fullname" . }}-secret + secret: + secretName: {{ .Values.deployment.secret_name }} + optional: true + {{- if .Capabilities.APIVersions.Has "route.openshift.io/v1" }} + - name: {{ include "kiali-server.fullname" . }}-cabundle + configMap: + name: {{ include "kiali-server.fullname" . }}-cabundle + {{- end }} + {{- if or (.Values.deployment.affinity.node) (or (.Values.deployment.pod) (.Values.deployment.pod_anti)) }} + affinity: + {{- if .Values.deployment.affinity.node }} + nodeAffinity: + {{- toYaml .Values.deployment.affinity.node | nindent 10 }} + {{- end }} + {{- if .Values.deployment.affinity.pod }} + podAffinity: + {{- toYaml .Values.deployment.affinity.pod | nindent 10 }} + {{- end }} + {{- if .Values.deployment.affinity.pod_anti }} + podAntiAffinity: + {{- toYaml .Values.deployment.affinity.pod_anti | nindent 10 }} + {{- end }} + {{- end }} + {{- if .Values.deployment.tolerations }} + tolerations: + {{- toYaml .Values.deployment.tolerations | nindent 8 }} + {{- end }} + {{- if .Values.deployment.node_selector }} + nodeSelector: + {{- toYaml .Values.deployment.node_selector | nindent 8 }} + {{- end }} +... diff --git a/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/kiali/templates/hpa.yaml b/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/kiali/templates/hpa.yaml new file mode 100755 index 00000000000..934c4c1e9d7 --- /dev/null +++ b/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/kiali/templates/hpa.yaml @@ -0,0 +1,17 @@ +{{- if .Values.deployment.hpa.spec }} +--- +apiVersion: {{ .Values.deployment.hpa.api_version }} +kind: HorizontalPodAutoscaler +metadata: + name: {{ include "kiali-server.fullname" . }} + namespace: {{ .Release.Namespace }} + labels: + {{- include "kiali-server.labels" . | nindent 4 }} +spec: + scaleTargetRef: + apiVersion: apps/v1 + kind: Deployment + name: {{ include "kiali-server.fullname" . }} + {{- toYaml .Values.deployment.hpa.spec | nindent 2 }} +... +{{- end }} diff --git a/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/kiali/templates/ingress.yaml b/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/kiali/templates/ingress.yaml new file mode 100755 index 00000000000..e4c98db1b82 --- /dev/null +++ b/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/kiali/templates/ingress.yaml @@ -0,0 +1,40 @@ +{{- if not (.Capabilities.APIVersions.Has "route.openshift.io/v1") }} +{{- if .Values.deployment.ingress_enabled }} +--- +apiVersion: networking.k8s.io/v1beta1 +kind: Ingress +metadata: + name: {{ include "kiali-server.fullname" . }} + namespace: {{ .Release.Namespace }} + labels: + {{- include "kiali-server.labels" . | nindent 4 }} + annotations: + {{- if hasKey .Values.deployment.override_ingress_yaml.metadata "annotations" }} + {{- toYaml .Values.deployment.override_ingress_yaml.metadata.annotations | nindent 4 }} + {{- else }} + # For ingress-nginx versions older than 0.20.0 use secure-backends. + # (see: https://github.com/kubernetes/ingress-nginx/issues/3416#issuecomment-438247948) + # For ingress-nginx versions 0.20.0 and later use backend-protocol. + {{- if (include "kiali-server.identity.cert_file" .) }} + nginx.ingress.kubernetes.io/secure-backends: "true" + nginx.ingress.kubernetes.io/backend-protocol: "HTTPS" + {{- else }} + nginx.ingress.kubernetes.io/secure-backends: "false" + nginx.ingress.kubernetes.io/backend-protocol: "HTTP" + {{- end }} + {{- end }} +spec: + {{- if hasKey .Values.deployment.override_ingress_yaml "spec" }} + {{- toYaml .Values.deployment.override_ingress_yaml.spec | nindent 2 }} + {{- else }} + rules: + - http: + paths: + - path: {{ include "kiali-server.server.web_root" . }} + backend: + serviceName: {{ include "kiali-server.fullname" . }} + servicePort: {{ .Values.server.port }} + {{- end }} +... +{{- end }} +{{- end }} diff --git a/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/kiali/templates/oauth.yaml b/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/kiali/templates/oauth.yaml new file mode 100755 index 00000000000..a178bb85efc --- /dev/null +++ b/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/kiali/templates/oauth.yaml @@ -0,0 +1,17 @@ +{{- if .Capabilities.APIVersions.Has "route.openshift.io/v1" }} +{{- if .Values.kiali_route_url }} +--- +apiVersion: oauth.openshift.io/v1 +kind: OAuthClient +metadata: + name: {{ include "kiali-server.fullname" . }}-{{ .Release.Namespace }} + namespace: {{ .Release.Namespace }} + labels: + {{- include "kiali-server.labels" . | nindent 4 }} +redirectURIs: +- {{ .Values.kiali_route_url }} +grantMethod: auto +allowAnyScope: true +... +{{- end }} +{{- end }} diff --git a/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/kiali/templates/psp.yaml b/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/kiali/templates/psp.yaml new file mode 100755 index 00000000000..f891892cc4a --- /dev/null +++ b/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/kiali/templates/psp.yaml @@ -0,0 +1,67 @@ +{{- if .Values.global.rbac.pspEnabled }} +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: {{ include "kiali-server.fullname" . }}-psp + namespace: {{ .Release.Namespace }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: {{ include "kiali-server.fullname" . }}-psp +subjects: + - kind: ServiceAccount + name: kiali +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: {{ include "kiali-server.fullname" . }}-psp + namespace: {{ .Release.Namespace }} +rules: +- apiGroups: + - policy + resourceNames: + - {{ include "kiali-server.fullname" . }}-psp + resources: + - podsecuritypolicies + verbs: + - use +--- +apiVersion: policy/v1beta1 +kind: PodSecurityPolicy +metadata: + name: {{ include "kiali-server.fullname" . }}-psp + namespace: {{ .Release.Namespace }} +spec: + allowPrivilegeEscalation: false + forbiddenSysctls: + - '*' + fsGroup: + ranges: + - max: 65535 + min: 1 + rule: MustRunAs + requiredDropCapabilities: + - ALL + runAsUser: + rule: MustRunAsNonRoot + runAsGroup: + rule: MustRunAs + ranges: + - min: 1 + max: 65535 + seLinux: + rule: RunAsAny + supplementalGroups: + ranges: + - max: 65535 + min: 1 + rule: MustRunAs + volumes: + - configMap + - emptyDir + - projected + - secret + - downwardAPI + - persistentVolumeClaim +{{- end }} \ No newline at end of file diff --git a/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/kiali/templates/role-controlplane.yaml b/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/kiali/templates/role-controlplane.yaml new file mode 100755 index 00000000000..a22c76756a7 --- /dev/null +++ b/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/kiali/templates/role-controlplane.yaml @@ -0,0 +1,15 @@ +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: {{ include "kiali-server.fullname" . }}-controlplane + namespace: {{ include "kiali-server.istio_namespace" . }} + labels: + {{- include "kiali-server.labels" . | nindent 4 }} +rules: +- apiGroups: [""] + resources: + - secrets + verbs: + - list +... diff --git a/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/kiali/templates/role-viewer.yaml b/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/kiali/templates/role-viewer.yaml new file mode 100755 index 00000000000..9fdd9fd1de8 --- /dev/null +++ b/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/kiali/templates/role-viewer.yaml @@ -0,0 +1,97 @@ +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: {{ include "kiali-server.fullname" . }}-viewer + labels: + {{- include "kiali-server.labels" . | nindent 4 }} +rules: +- apiGroups: [""] + resources: + - configmaps + - endpoints + - namespaces + - nodes + - pods + - pods/log + - pods/proxy + - replicationcontrollers + - services + verbs: + - get + - list + - watch +- apiGroups: [""] + resources: + - pods/portforward + verbs: + - create + - post +- apiGroups: ["extensions", "apps"] + resources: + - daemonsets + - deployments + - replicasets + - statefulsets + verbs: + - get + - list + - watch +- apiGroups: ["autoscaling"] + resources: + - horizontalpodautoscalers + verbs: + - get + - list + - watch +- apiGroups: ["batch"] + resources: + - cronjobs + - jobs + verbs: + - get + - list + - watch +- apiGroups: + - networking.istio.io + - security.istio.io + resources: ["*"] + verbs: + - get + - list + - watch +- apiGroups: ["apps.openshift.io"] + resources: + - deploymentconfigs + verbs: + - get + - list + - watch +- apiGroups: ["project.openshift.io"] + resources: + - projects + verbs: + - get +- apiGroups: ["route.openshift.io"] + resources: + - routes + verbs: + - get +- apiGroups: ["monitoring.kiali.io"] + resources: + - monitoringdashboards + verbs: + - get + - list +- apiGroups: ["iter8.tools"] + resources: + - experiments + verbs: + - get + - list +- apiGroups: ["authentication.k8s.io"] + resources: + - tokenreviews + verbs: + - create +... diff --git a/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/kiali/templates/role.yaml b/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/kiali/templates/role.yaml new file mode 100755 index 00000000000..8444bc753ae --- /dev/null +++ b/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/kiali/templates/role.yaml @@ -0,0 +1,108 @@ +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: {{ include "kiali-server.fullname" . }} + labels: + {{- include "kiali-server.labels" . | nindent 4 }} +rules: +- apiGroups: [""] + resources: + - configmaps + - endpoints + - namespaces + - nodes + - pods + - pods/log + - pods/proxy + - replicationcontrollers + - services + verbs: + - get + - list + - patch + - watch +- apiGroups: [""] + resources: + - pods/portforward + verbs: + - create + - post +- apiGroups: ["extensions", "apps"] + resources: + - daemonsets + - deployments + - replicasets + - statefulsets + verbs: + - get + - list + - patch + - watch +- apiGroups: ["autoscaling"] + resources: + - horizontalpodautoscalers + verbs: + - get + - list + - watch +- apiGroups: ["batch"] + resources: + - cronjobs + - jobs + verbs: + - get + - list + - patch + - watch +- apiGroups: + - networking.istio.io + - security.istio.io + resources: ["*"] + verbs: + - create + - delete + - get + - list + - patch + - watch +- apiGroups: ["apps.openshift.io"] + resources: + - deploymentconfigs + verbs: + - get + - list + - patch + - watch +- apiGroups: ["project.openshift.io"] + resources: + - projects + verbs: + - get +- apiGroups: ["route.openshift.io"] + resources: + - routes + verbs: + - get +- apiGroups: ["monitoring.kiali.io"] + resources: + - monitoringdashboards + verbs: + - get + - list +- apiGroups: ["iter8.tools"] + resources: + - experiments + verbs: + - create + - delete + - get + - list + - patch + - watch +- apiGroups: ["authentication.k8s.io"] + resources: + - tokenreviews + verbs: + - create +... diff --git a/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/kiali/templates/rolebinding-controlplane.yaml b/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/kiali/templates/rolebinding-controlplane.yaml new file mode 100755 index 00000000000..5a00158360c --- /dev/null +++ b/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/kiali/templates/rolebinding-controlplane.yaml @@ -0,0 +1,17 @@ +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: {{ include "kiali-server.fullname" . }}-controlplane + namespace: {{ include "kiali-server.istio_namespace" . }} + labels: + {{- include "kiali-server.labels" . | nindent 4 }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: {{ include "kiali-server.fullname" . }}-controlplane +subjects: +- kind: ServiceAccount + name: {{ include "kiali-server.fullname" . }} + namespace: {{ .Release.Namespace }} +... diff --git a/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/kiali/templates/rolebinding.yaml b/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/kiali/templates/rolebinding.yaml new file mode 100755 index 00000000000..1eaabd65f59 --- /dev/null +++ b/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/kiali/templates/rolebinding.yaml @@ -0,0 +1,20 @@ +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: {{ include "kiali-server.fullname" . }} + labels: + {{- include "kiali-server.labels" . | nindent 4 }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + {{- if .Values.deployment.view_only_mode }} + name: {{ include "kiali-server.fullname" . }}-viewer + {{- else }} + name: {{ include "kiali-server.fullname" . }} + {{- end }} +subjects: +- kind: ServiceAccount + name: {{ include "kiali-server.fullname" . }} + namespace: {{ .Release.Namespace }} +... diff --git a/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/kiali/templates/route.yaml b/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/kiali/templates/route.yaml new file mode 100755 index 00000000000..27940dc96cc --- /dev/null +++ b/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/kiali/templates/route.yaml @@ -0,0 +1,30 @@ +{{- if .Capabilities.APIVersions.Has "route.openshift.io/v1" }} +{{- if .Values.deployment.ingress_enabled }} +# As of OpenShift 4.5, need to use --disable-openapi-validation when installing via Helm +--- +apiVersion: route.openshift.io/v1 +kind: Route +metadata: + name: {{ include "kiali-server.fullname" . }} + namespace: {{ .Release.Namespace }} + labels: + {{- include "kiali-server.labels" . | nindent 4 }} + {{- if hasKey .Values.deployment.override_ingress_yaml.metadata "annotations" }}} + annotations: + {{- toYaml .Values.deployment.override_ingress_yaml.metadata.annotations | nindent 4 }} + {{- end }} +spec: + {{- if hasKey .Values.deployment.override_ingress_yaml "spec" }} + {{- toYaml .Values.deployment.override_ingress_yaml.spec | nindent 2 }} + {{- else }} + tls: + termination: reencrypt + insecureEdgeTerminationPolicy: Redirect + to: + kind: Service + targetPort: {{ .Values.server.port }} + name: {{ include "kiali-server.fullname" . }} + {{- end }} +... +{{- end }} +{{- end }} diff --git a/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/kiali/templates/service.yaml b/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/kiali/templates/service.yaml new file mode 100755 index 00000000000..9ccf4f388f7 --- /dev/null +++ b/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/kiali/templates/service.yaml @@ -0,0 +1,47 @@ +--- +apiVersion: v1 +kind: Service +metadata: + name: {{ include "kiali-server.fullname" . }} + namespace: {{ .Release.Namespace }} + labels: + {{- include "kiali-server.labels" . | nindent 4 }} + annotations: + {{- if .Capabilities.APIVersions.Has "route.openshift.io/v1" }} + service.beta.openshift.io/serving-cert-secret-name: {{ include "kiali-server.fullname" . }}-cert-secret + {{- end }} + kiali.io/api-spec: https://kiali.io/api + kiali.io/api-type: rest + {{- if and (not (empty .Values.server.web_fqdn)) (not (empty .Values.server.web_schema)) }} + {{- if empty .Values.server.web_port }} + kiali.io/external-url: {{ .Values.server.web_schema }}://{{ .Values.server.web_fqdn }}{{ default "" .Values.server.web_root }} + {{- else }} + kiali.io/external-url: {{ .Values.server.web_schema }}://{{ .Values.server.web_fqdn }}:{{ .Values.server.web_port }}{{(default "" .Values.server.web_root) }} + {{- end }} + {{- end }} + {{- if .Values.deployment.service_annotations }} + {{- toYaml .Values.deployment.service_annotations | nindent 4 }} + {{- end }} +spec: + {{- if .Values.deployment.service_type }} + type: {{ .Values.deployment.service_type }} + {{- end }} + ports: + {{- if (include "kiali-server.identity.cert_file" .) }} + - name: tcp + {{- else }} + - name: http + {{- end }} + protocol: TCP + port: {{ .Values.server.port }} + {{- if .Values.server.metrics_enabled }} + - name: http-metrics + protocol: TCP + port: {{ .Values.server.metrics_port }} + {{- end }} + selector: + {{- include "kiali-server.selectorLabels" . | nindent 4 }} + {{- if .Values.deployment.additional_service_yaml }} + {{- toYaml .Values.deployment.additional_service_yaml | nindent 2 }} + {{- end }} +... diff --git a/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/kiali/templates/serviceaccount.yaml b/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/kiali/templates/serviceaccount.yaml new file mode 100755 index 00000000000..9151b6f6a1b --- /dev/null +++ b/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/kiali/templates/serviceaccount.yaml @@ -0,0 +1,9 @@ +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "kiali-server.fullname" . }} + namespace: {{ .Release.Namespace }} + labels: + {{- include "kiali-server.labels" . | nindent 4 }} +... diff --git a/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/kiali/templates/validate-install-crd.yaml b/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/kiali/templates/validate-install-crd.yaml new file mode 100755 index 00000000000..b42eeb2669d --- /dev/null +++ b/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/kiali/templates/validate-install-crd.yaml @@ -0,0 +1,14 @@ +#{{- if gt (len (lookup "rbac.authorization.k8s.io/v1" "ClusterRole" "" "")) 0 -}} +# {{- $found := dict -}} +# {{- set $found "monitoring.kiali.io/v1alpha1/MonitoringDashboard" false -}} +# {{- range .Capabilities.APIVersions -}} +# {{- if hasKey $found (toString .) -}} +# {{- set $found (toString .) true -}} +# {{- end -}} +# {{- end -}} +# {{- range $_, $exists := $found -}} +# {{- if (eq $exists false) -}} +# {{- required "Required CRDs are missing. Please install the corresponding CRD chart before installing this chart." "" -}} +# {{- end -}} +# {{- end -}} +#{{- end -}} \ No newline at end of file diff --git a/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/kiali/templates/web-root-configmap.yaml b/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/kiali/templates/web-root-configmap.yaml new file mode 100755 index 00000000000..970d4e4f5d0 --- /dev/null +++ b/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/kiali/templates/web-root-configmap.yaml @@ -0,0 +1,12 @@ +{{- if .Values.web_root_override }} +apiVersion: v1 +kind: ConfigMap +metadata: + name: kiali-console + namespace: {{ .Release.Namespace }} + labels: + {{- include "kiali-server.labels" . | nindent 4 }} +data: + env.js: | + window.WEB_ROOT='/k8s/clusters/{{ .Values.global.cattle.clusterId }}/api/v1/namespaces/{{ .Release.Namespace }}/services/http:kiali:20001/proxy/kiali'; +{{- end }} diff --git a/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/kiali/values.yaml b/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/kiali/values.yaml new file mode 100755 index 00000000000..aada4e09a9a --- /dev/null +++ b/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/kiali/values.yaml @@ -0,0 +1,93 @@ +nameOverride: "kiali" +fullnameOverride: "kiali" + +# This is required for "openshift" auth strategy. +# You have to know ahead of time what your Route URL will be because +# right now the helm chart can't figure this out at runtime (it would +# need to wait for the Kiali Route to be deployed and for OpenShift +# to start it up). If someone knows how to update this helm chart to +# do this, a PR would be welcome. +kiali_route_url: "" + +# rancher specific override that allows proxy access to kiali url +web_root_override: true + +# +# Settings that mimic the Kiali CR which are placed in the ConfigMap. +# Note that only those values used by the Helm Chart will be here. +# + +istio_namespace: "" # default is where Kiali is installed + +auth: + openid: {} + openshift: {} + strategy: "" + +deployment: + # This only limits what Kiali will attempt to see, but Kiali Service Account has permissions to see everything. + # For more control over what the Kial Service Account can see, use the Kiali Operator + accessible_namespaces: + - "**" + additional_service_yaml: {} + affinity: + node: {} + pod: {} + pod_anti: {} + custom_dashboards: + excludes: [''] + includes: ['*'] + hpa: + api_version: "autoscaling/v2beta2" + spec: {} + repository: rancher/mirrored-kiali-kiali + image_pull_policy: "Always" + image_pull_secrets: [] + tag: v1.32.0 + ingress_enabled: true + logger: + log_format: "text" + log_level: "info" + time_field_format: "2006-01-02T15:04:05Z07:00" + sampler_rate: "1" + node_selector: {} + override_ingress_yaml: + metadata: {} + pod_annotations: {} + pod_labels: {} + priority_class_name: "" + replicas: 1 + resources: {} + secret_name: "kiali" + service_annotations: {} + service_type: "" + tolerations: [] + version_label: v1.32.0 + view_only_mode: false + +external_services: + custom_dashboards: + enabled: true + +identity: {} + #cert_file: + #private_key_file: + +login_token: + signing_key: "" + +server: + port: 20001 + metrics_enabled: true + metrics_port: 9090 + web_root: "" + +# Common settings used among istio subcharts. +global: + # Specify rancher clusterId of external tracing config + # https://github.com/istio/istio.io/issues/4146#issuecomment-493543032 + cattle: + systemDefaultRegistry: "" + clusterId: + rbac: + pspEnabled: false diff --git a/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/tracing/.helmignore b/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/tracing/.helmignore new file mode 100755 index 00000000000..0e8a0eb36f4 --- /dev/null +++ b/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/tracing/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/tracing/Chart.yaml b/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/tracing/Chart.yaml new file mode 100755 index 00000000000..6e368616d7b --- /dev/null +++ b/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/tracing/Chart.yaml @@ -0,0 +1,12 @@ +annotations: + catalog.cattle.io/hidden: "true" + catalog.cattle.io/os: linux + catalog.rancher.io/certified: rancher + catalog.rancher.io/namespace: istio-system + catalog.rancher.io/release-name: rancher-tracing +apiVersion: v1 +appVersion: 1.20.0 +description: A quick start Jaeger Tracing installation using the all-in-one demo. + This is not production qualified. Refer to https://www.jaegertracing.io/ for details. +name: tracing +version: 1.20.1 diff --git a/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/tracing/README.md b/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/tracing/README.md new file mode 100755 index 00000000000..25534c6288c --- /dev/null +++ b/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/tracing/README.md @@ -0,0 +1,5 @@ +# Jaeger + +A Rancher chart based on the Jaeger all-in-one quick installation option. This chart will allow you to trace and monitor distributed microservices. + +> **Note:** The basic all-in-one Jaeger installation which is not qualified for production. Use the [Jaeger Tracing](https://www.jaegertracing.io) documentation to determine which installation you will need for your production needs. diff --git a/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/tracing/templates/_affinity.tpl b/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/tracing/templates/_affinity.tpl new file mode 100755 index 00000000000..bf6a9aee5c5 --- /dev/null +++ b/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/tracing/templates/_affinity.tpl @@ -0,0 +1,92 @@ +{{/* affinity - https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ */}} +{{- define "nodeAffinity" }} + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + {{- include "nodeAffinityRequiredDuringScheduling" . }} + preferredDuringSchedulingIgnoredDuringExecution: + {{- include "nodeAffinityPreferredDuringScheduling" . }} +{{- end }} + +{{- define "nodeAffinityRequiredDuringScheduling" }} + nodeSelectorTerms: + - matchExpressions: + - key: beta.kubernetes.io/arch + operator: In + values: + {{- range $key, $val := .Values.global.arch }} + {{- if gt ($val | int) 0 }} + - {{ $key | quote }} + {{- end }} + {{- end }} + {{- $nodeSelector := default .Values.global.defaultNodeSelector .Values.nodeSelector -}} + {{- range $key, $val := $nodeSelector }} + - key: {{ $key }} + operator: In + values: + - {{ $val | quote }} + {{- end }} +{{- end }} + +{{- define "nodeAffinityPreferredDuringScheduling" }} + {{- range $key, $val := .Values.global.arch }} + {{- if gt ($val | int) 0 }} + - weight: {{ $val | int }} + preference: + matchExpressions: + - key: beta.kubernetes.io/arch + operator: In + values: + - {{ $key | quote }} + {{- end }} + {{- end }} +{{- end }} + +{{- define "podAntiAffinity" }} +{{- if or .Values.podAntiAffinityLabelSelector .Values.podAntiAffinityTermLabelSelector}} + podAntiAffinity: + {{- if .Values.podAntiAffinityLabelSelector }} + requiredDuringSchedulingIgnoredDuringExecution: + {{- include "podAntiAffinityRequiredDuringScheduling" . }} + {{- end }} + {{- if or .Values.podAntiAffinityTermLabelSelector}} + preferredDuringSchedulingIgnoredDuringExecution: + {{- include "podAntiAffinityPreferredDuringScheduling" . }} + {{- end }} +{{- end }} +{{- end }} + +{{- define "podAntiAffinityRequiredDuringScheduling" }} + {{- range $index, $item := .Values.podAntiAffinityLabelSelector }} + - labelSelector: + matchExpressions: + - key: {{ $item.key }} + operator: {{ $item.operator }} + {{- if $item.values }} + values: + {{- $vals := split "," $item.values }} + {{- range $i, $v := $vals }} + - {{ $v | quote }} + {{- end }} + {{- end }} + topologyKey: {{ $item.topologyKey }} + {{- end }} +{{- end }} + +{{- define "podAntiAffinityPreferredDuringScheduling" }} + {{- range $index, $item := .Values.podAntiAffinityTermLabelSelector }} + - podAffinityTerm: + labelSelector: + matchExpressions: + - key: {{ $item.key }} + operator: {{ $item.operator }} + {{- if $item.values }} + values: + {{- $vals := split "," $item.values }} + {{- range $i, $v := $vals }} + - {{ $v | quote }} + {{- end }} + {{- end }} + topologyKey: {{ $item.topologyKey }} + weight: 100 + {{- end }} +{{- end }} diff --git a/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/tracing/templates/_helpers.tpl b/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/tracing/templates/_helpers.tpl new file mode 100755 index 00000000000..56cfa733533 --- /dev/null +++ b/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/tracing/templates/_helpers.tpl @@ -0,0 +1,32 @@ +{{- define "system_default_registry" -}} +{{- if .Values.global.cattle.systemDefaultRegistry -}} +{{- printf "%s/" .Values.global.cattle.systemDefaultRegistry -}} +{{- else -}} +{{- "" -}} +{{- end -}} +{{- end -}} + +{{/* +Expand the name of the chart. +*/}} +{{- define "tracing.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "tracing.fullname" -}} +{{- if .Values.fullnameOverride -}} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- $name := default .Chart.Name .Values.nameOverride -}} +{{- if contains $name .Release.Name -}} +{{- .Release.Name | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} +{{- end -}} +{{- end -}} +{{- end -}} diff --git a/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/tracing/templates/deployment.yaml b/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/tracing/templates/deployment.yaml new file mode 100755 index 00000000000..25bb67fd3d4 --- /dev/null +++ b/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/tracing/templates/deployment.yaml @@ -0,0 +1,86 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "tracing.fullname" . }} + namespace: {{ .Release.Namespace }} + labels: + app: {{ .Values.provider }} + heritage: {{ .Release.Service }} + release: {{ .Release.Name }} +spec: + selector: + matchLabels: + app: {{ .Values.provider }} + template: + metadata: + labels: + app: {{ .Values.provider }} + heritage: {{ .Release.Service }} + release: {{ .Release.Name }} + annotations: + sidecar.istio.io/inject: "false" + prometheus.io/scrape: "true" + prometheus.io/port: "14269" +{{- if .Values.jaeger.podAnnotations }} +{{ toYaml .Values.jaeger.podAnnotations | indent 8 }} +{{- end }} + spec: + containers: + - name: jaeger + image: "{{ template "system_default_registry" . }}{{ .Values.jaeger.repository }}:{{ .Values.jaeger.tag }}" + imagePullPolicy: {{ .Values.global.imagePullPolicy }} + env: + {{- if eq .Values.jaeger.spanStorageType "badger" }} + - name: BADGER_EPHEMERAL + value: "false" + - name: SPAN_STORAGE_TYPE + value: "badger" + - name: BADGER_DIRECTORY_VALUE + value: "/badger/data" + - name: BADGER_DIRECTORY_KEY + value: "/badger/key" + {{- end }} + - name: COLLECTOR_ZIPKIN_HTTP_PORT + value: "9411" + - name: MEMORY_MAX_TRACES + value: "{{ .Values.jaeger.memory.max_traces }}" + - name: QUERY_BASE_PATH + value: {{ if .Values.contextPath }} {{ .Values.contextPath }} {{ else }} /{{ .Values.provider }} {{ end }} + livenessProbe: + httpGet: + path: / + port: 14269 + readinessProbe: + httpGet: + path: / + port: 14269 +{{- if eq .Values.jaeger.spanStorageType "badger" }} + volumeMounts: + - name: data + mountPath: /badger +{{- end }} + resources: +{{- if .Values.jaeger.resources }} +{{ toYaml .Values.jaeger.resources | indent 12 }} +{{- else }} +{{ toYaml .Values.global.defaultResources | indent 12 }} +{{- end }} + affinity: + {{- include "nodeAffinity" . | indent 6 }} + {{- include "podAntiAffinity" . | indent 6 }} + {{- if .Values.global.rbac.pspEnabled }} + securityContext: + runAsNonRoot: true + runAsUser: 1000 + serviceAccountName: {{ include "tracing.fullname" . }} + {{- end }} +{{- if eq .Values.jaeger.spanStorageType "badger" }} + volumes: + - name: data +{{- if .Values.jaeger.persistentVolumeClaim.enabled }} + persistentVolumeClaim: + claimName: istio-jaeger-pvc +{{- else }} + emptyDir: {} +{{- end }} +{{- end }} diff --git a/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/tracing/templates/psp.yaml b/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/tracing/templates/psp.yaml new file mode 100755 index 00000000000..44b230492b6 --- /dev/null +++ b/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/tracing/templates/psp.yaml @@ -0,0 +1,86 @@ +{{- if .Values.global.rbac.pspEnabled }} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "tracing.fullname" . }} + namespace: {{ .Release.Namespace }} + labels: + app: {{ .Values.provider }} + heritage: {{ .Release.Service }} + release: {{ .Release.Name }} +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: {{ include "tracing.fullname" . }} + namespace: {{ .Release.Namespace }} + labels: + app: {{ .Values.provider }} + heritage: {{ .Release.Service }} + release: {{ .Release.Name }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: {{ include "tracing.fullname" . }} +subjects: + - kind: ServiceAccount + name: {{ include "tracing.fullname" . }} +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: {{ include "tracing.fullname" . }} + namespace: {{ .Release.Namespace }} + labels: + app: {{ .Values.provider }} + heritage: {{ .Release.Service }} + release: {{ .Release.Name }} +rules: +- apiGroups: + - policy + resourceNames: + - {{ include "tracing.fullname" . }} + resources: + - podsecuritypolicies + verbs: + - use +--- +apiVersion: policy/v1beta1 +kind: PodSecurityPolicy +metadata: + name: {{ include "tracing.fullname" . }} + namespace: {{ .Release.Namespace }} + labels: + app: {{ .Values.provider }} + heritage: {{ .Release.Service }} + release: {{ .Release.Name }} +spec: + allowPrivilegeEscalation: false + forbiddenSysctls: + - '*' + fsGroup: + ranges: + - max: 65535 + min: 1 + rule: MustRunAs + requiredDropCapabilities: + - ALL + runAsUser: + rule: MustRunAsNonRoot + runAsGroup: + rule: MustRunAs + ranges: + - min: 1 + max: 65535 + seLinux: + rule: RunAsAny + supplementalGroups: + ranges: + - max: 65535 + min: 1 + rule: MustRunAs + volumes: + - emptyDir + - secret + - persistentVolumeClaim +{{- end }} \ No newline at end of file diff --git a/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/tracing/templates/pvc.yaml b/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/tracing/templates/pvc.yaml new file mode 100755 index 00000000000..9b4c55e4fb3 --- /dev/null +++ b/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/tracing/templates/pvc.yaml @@ -0,0 +1,16 @@ +{{- if .Values.jaeger.persistentVolumeClaim.enabled }} +kind: PersistentVolumeClaim +apiVersion: v1 +metadata: + name: istio-jaeger-pvc + namespace: {{ .Release.Namespace }} + labels: + app: {{ .Values.provider }} +spec: + storageClassName: {{ .Values.jaeger.storageClassName }} + accessModes: + - {{ .Values.jaeger.accessMode }} + resources: + requests: + storage: {{.Values.jaeger.persistentVolumeClaim.storage }} +{{- end }} diff --git a/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/tracing/templates/service.yaml b/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/tracing/templates/service.yaml new file mode 100755 index 00000000000..4210a9b5fc4 --- /dev/null +++ b/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/tracing/templates/service.yaml @@ -0,0 +1,63 @@ +apiVersion: v1 +kind: Service +metadata: + name: tracing + namespace: {{ .Release.Namespace }} + annotations: + {{- range $key, $val := .Values.service.annotations }} + {{ $key }}: {{ $val | quote }} + {{- end }} + labels: + app: {{ .Values.provider }} + heritage: {{ .Release.Service }} + release: {{ .Release.Name }} +spec: + type: {{ .Values.service.type }} + ports: + - name: {{ .Values.service.name }} + port: {{ .Values.service.externalPort }} + protocol: TCP + targetPort: 16686 + selector: + app: {{ .Values.provider }} +--- +# Jaeger implements the Zipkin API. To support swapping out the tracing backend, we use a Service named Zipkin. +apiVersion: v1 +kind: Service +metadata: + name: zipkin + namespace: {{ .Release.Namespace }} + labels: + name: zipkin + heritage: {{ .Release.Service }} + release: {{ .Release.Name }} +spec: + ports: + - name: {{ .Values.service.name }} + port: {{ .Values.zipkin.queryPort }} + targetPort: {{ .Values.zipkin.queryPort }} + selector: + app: {{ .Values.provider }} +--- +apiVersion: v1 +kind: Service +metadata: + name: jaeger-collector + namespace: {{ .Release.Namespace }} + labels: + app: {{ .Values.provider }} + heritage: {{ .Release.Service }} + release: {{ .Release.Name }} +spec: + type: ClusterIP + ports: + - name: jaeger-collector-http + port: 14268 + targetPort: 14268 + protocol: TCP + - name: jaeger-collector-grpc + port: 14250 + targetPort: 14250 + protocol: TCP + selector: + app: {{ .Values.provider }} diff --git a/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/tracing/values.yaml b/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/tracing/values.yaml new file mode 100755 index 00000000000..18ff81c3c8c --- /dev/null +++ b/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/charts/tracing/values.yaml @@ -0,0 +1,44 @@ +provider: jaeger +contextPath: "" +nodeSelector: {} +podAntiAffinityLabelSelector: [] +podAntiAffinityTermLabelSelector: [] +nameOverride: "" +fullnameOverride: "" + +global: + cattle: + systemDefaultRegistry: "" + defaultResources: {} + imagePullPolicy: IfNotPresent + imagePullSecrets: [] + arch: + amd64: 2 + s390x: 2 + ppc64le: 2 + defaultNodeSelector: {} + rbac: + pspEnabled: false + +jaeger: + repository: rancher/mirrored-jaegertracing-all-in-one + tag: 1.20.0 + # spanStorageType value can be "memory" and "badger" for all-in-one image + spanStorageType: badger + resources: + requests: + cpu: 10m + persistentVolumeClaim: + enabled: false + storage: 5Gi + storageClassName: "" + accessMode: ReadWriteMany + memory: + max_traces: 50000 +zipkin: + queryPort: 9411 +service: + annotations: {} + name: http-query + type: ClusterIP + externalPort: 16686 diff --git a/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/configs/istio-base.yaml b/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/configs/istio-base.yaml new file mode 100755 index 00000000000..c5fa6f5f0c1 --- /dev/null +++ b/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/configs/istio-base.yaml @@ -0,0 +1,82 @@ +apiVersion: install.istio.io/v1alpha1 +kind: IstioOperator +spec: + components: + base: + enabled: {{ .Values.base.enabled }} + cni: + enabled: {{ .Values.cni.enabled }} + egressGateways: + - enabled: {{ .Values.egressGateways.enabled }} + name: istio-egressgateway + ingressGateways: + - enabled: {{ .Values.ingressGateways.enabled }} + name: istio-ingressgateway + k8s: + service: + ports: + - name: status-port + port: 15021 + targetPort: 15021 + - name: http2 + port: 80 + targetPort: 8080 + nodePort: 31380 + - name: https + port: 443 + targetPort: 8443 + nodePort: 31390 + - name: tcp + port: 31400 + targetPort: 31400 + nodePort: 31400 + - name: tls + port: 15443 + targetPort: 15443 + istiodRemote: + enabled: {{ .Values.istiodRemote.enabled }} + pilot: + enabled: {{ .Values.pilot.enabled }} + hub: {{ .Values.systemDefaultRegistry | default "docker.io" }} + profile: default + tag: {{ .Values.tag }} + revision: {{ .Values.revision }} + meshConfig: + defaultConfig: + proxyMetadata: + {{- if .Values.dns.enabled }} + ISTIO_META_DNS_CAPTURE: "true" + {{- end }} + values: + gateways: + istio-egressgateway: + name: istio-egressgateway + type: {{ .Values.egressGateways.type }} + istio-ingressgateway: + name: istio-ingressgateway + type: {{ .Values.ingressGateways.type }} + global: + istioNamespace: {{ template "istio.namespace" . }} + proxy: + image: {{ template "system_default_registry" . }}{{ .Values.global.proxy.repository }}:{{ .Values.global.proxy.tag }} + proxy_init: + image: {{ template "system_default_registry" . }}{{ .Values.global.proxy_init.repository }}:{{ .Values.global.proxy_init.tag }} + {{- if .Values.global.defaultPodDisruptionBudget.enabled }} + defaultPodDisruptionBudget: + enabled: {{ .Values.global.defaultPodDisruptionBudget.enabled }} + {{- end }} + {{- if .Values.pilot.enabled }} + pilot: + image: {{ template "system_default_registry" . }}{{ .Values.pilot.repository }}:{{ .Values.pilot.tag }} + {{- end }} + telemetry: + enabled: {{ .Values.telemetry.enabled }} + v2: + enabled: {{ .Values.telemetry.v2.enabled }} + {{- if .Values.cni.enabled }} + cni: + image: {{ template "system_default_registry" . }}{{ .Values.cni.repository }}:{{ .Values.cni.tag }} + excludeNamespaces: + {{- toYaml .Values.cni.excludeNamespaces | nindent 8 }} + logLevel: {{ .Values.cni.logLevel }} + {{- end }} diff --git a/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/requirements.yaml b/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/requirements.yaml new file mode 100755 index 00000000000..b607457802d --- /dev/null +++ b/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/requirements.yaml @@ -0,0 +1,17 @@ +dependencies: +- name: kiali + version: "" + repository: file://./charts/kiali + condition: kiali.enabled + tags: [] + enabled: false + importvalues: [] + alias: "" +- name: tracing + version: "" + repository: file://./charts/tracing + condition: tracing.enabled + tags: [] + enabled: false + importvalues: [] + alias: "" diff --git a/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/samples/overlay-example.yaml b/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/samples/overlay-example.yaml new file mode 100755 index 00000000000..5cf3cf3b0b6 --- /dev/null +++ b/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/samples/overlay-example.yaml @@ -0,0 +1,37 @@ +apiVersion: install.istio.io/v1alpha1 +kind: IstioOperator +spec: + components: + ingressGateways: + - enabled: true + name: ilb-gateway + namespace: user-ingressgateway-ns + k8s: + resources: + requests: + cpu: 200m + service: + ports: + - name: tcp-citadel-grpc-tls + port: 8060 + targetPort: 8060 + - name: tcp-dns + port: 5353 + serviceAnnotations: + cloud.google.com/load-balancer-type: internal + - enabled: true + name: other-gateway + namespace: cattle-istio-system + k8s: + resources: + requests: + cpu: 200m + service: + ports: + - name: tcp-citadel-grpc-tls + port: 8060 + targetPort: 8060 + - name: tcp-dns + port: 5353 + serviceAnnotations: + cloud.google.com/load-balancer-type: internal diff --git a/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/templates/_helpers.tpl b/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/templates/_helpers.tpl new file mode 100755 index 00000000000..3f7af953a8d --- /dev/null +++ b/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/templates/_helpers.tpl @@ -0,0 +1,12 @@ +{{/* Ensure namespace is set the same everywhere */}} +{{- define "istio.namespace" -}} + {{- .Release.Namespace | default "istio-system" -}} +{{- end -}} + +{{- define "system_default_registry" -}} +{{- if .Values.global.cattle.systemDefaultRegistry -}} +{{- printf "%s/" .Values.global.cattle.systemDefaultRegistry -}} +{{- else -}} +{{- "" -}} +{{- end -}} +{{- end -}} diff --git a/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/templates/admin-role.yaml b/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/templates/admin-role.yaml new file mode 100755 index 00000000000..ad1313c4f1a --- /dev/null +++ b/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/templates/admin-role.yaml @@ -0,0 +1,43 @@ +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + labels: + rbac.authorization.k8s.io/aggregate-to-admin: "true" + name: istio-admin + namespace: {{ template "istio.namespace" . }} +rules: + - apiGroups: + - config.istio.io + resources: + - adapters + - attributemanifests + - handlers + - httpapispecbindings + - httpapispecs + - instances + - quotaspecbindings + - quotaspecs + - rules + - templates + verbs: ["get", "watch", "list"] + - apiGroups: + - networking.istio.io + resources: + - destinationrules + - envoyfilters + - gateways + - serviceentries + - sidecars + - virtualservices + - workloadentries + verbs: + - '*' + - apiGroups: + - security.istio.io + resources: + - authorizationpolicies + - peerauthentications + - requestauthentications + verbs: + - '*' diff --git a/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/templates/base-config-map.yaml b/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/templates/base-config-map.yaml new file mode 100755 index 00000000000..5323917bc3d --- /dev/null +++ b/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/templates/base-config-map.yaml @@ -0,0 +1,7 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: istio-installer-base + namespace: {{ template "istio.namespace" . }} +data: +{{ tpl (.Files.Glob "configs/*").AsConfig . | indent 2 }} diff --git a/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/templates/clusterrole.yaml b/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/templates/clusterrole.yaml new file mode 100755 index 00000000000..a93b3df95d0 --- /dev/null +++ b/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/templates/clusterrole.yaml @@ -0,0 +1,120 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: istio-installer +rules: +# istio groups +- apiGroups: + - authentication.istio.io + resources: + - '*' + verbs: + - '*' +- apiGroups: + - config.istio.io + resources: + - '*' + verbs: + - '*' +- apiGroups: + - install.istio.io + resources: + - '*' + verbs: + - '*' +- apiGroups: + - networking.istio.io + resources: + - '*' + verbs: + - '*' +- apiGroups: + - rbac.istio.io + resources: + - '*' + verbs: + - '*' +- apiGroups: + - security.istio.io + resources: + - '*' + verbs: + - '*' +# k8s groups +- apiGroups: + - admissionregistration.k8s.io + resources: + - mutatingwebhookconfigurations + - validatingwebhookconfigurations + verbs: + - '*' +- apiGroups: + - apiextensions.k8s.io + resources: + - customresourcedefinitions.apiextensions.k8s.io + - customresourcedefinitions + verbs: + - '*' +- apiGroups: + - apps + - extensions + resources: + - daemonsets + - deployments + - deployments/finalizers + - ingresses + - replicasets + - statefulsets + verbs: + - '*' +- apiGroups: + - autoscaling + resources: + - horizontalpodautoscalers + verbs: + - '*' +- apiGroups: + - monitoring.coreos.com + resources: + - servicemonitors + verbs: + - get + - create +- apiGroups: + - policy + resources: + - poddisruptionbudgets + verbs: + - '*' +- apiGroups: + - rbac.authorization.k8s.io + resources: + - clusterrolebindings + - clusterroles + - roles + - rolebindings + verbs: + - '*' +- apiGroups: + - "" + resources: + - configmaps + - endpoints + - events + - namespaces + - pods + - pods/exec + - persistentvolumeclaims + - secrets + - services + - serviceaccounts + verbs: + - '*' +- apiGroups: + - policy + resourceNames: + - istio-installer + resources: + - podsecuritypolicies + verbs: + - use diff --git a/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/templates/clusterrolebinding.yaml b/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/templates/clusterrolebinding.yaml new file mode 100755 index 00000000000..9d74a043451 --- /dev/null +++ b/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/templates/clusterrolebinding.yaml @@ -0,0 +1,12 @@ +kind: ClusterRoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: istio-installer +subjects: +- kind: ServiceAccount + name: istio-installer + namespace: {{ template "istio.namespace" . }} +roleRef: + kind: ClusterRole + name: istio-installer + apiGroup: rbac.authorization.k8s.io diff --git a/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/templates/edit-role.yaml b/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/templates/edit-role.yaml new file mode 100755 index 00000000000..d1059d58d7d --- /dev/null +++ b/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/templates/edit-role.yaml @@ -0,0 +1,43 @@ +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + labels: + rbac.authorization.k8s.io/aggregate-to-edit: "true" + namespace: {{ template "istio.namespace" . }} + name: istio-edit +rules: + - apiGroups: + - config.istio.io + resources: + - adapters + - attributemanifests + - handlers + - httpapispecbindings + - httpapispecs + - instances + - quotaspecbindings + - quotaspecs + - rules + - templates + verbs: ["get", "watch", "list"] + - apiGroups: + - networking.istio.io + resources: + - destinationrules + - envoyfilters + - gateways + - serviceentries + - sidecars + - virtualservices + - workloadentries + verbs: + - '*' + - apiGroups: + - security.istio.io + resources: + - authorizationpolicies + - peerauthentications + - requestauthentications + verbs: + - '*' diff --git a/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/templates/istio-cni-psp.yaml b/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/templates/istio-cni-psp.yaml new file mode 100755 index 00000000000..5b94c8503fb --- /dev/null +++ b/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/templates/istio-cni-psp.yaml @@ -0,0 +1,51 @@ +{{- if .Values.global.rbac.pspEnabled }} +apiVersion: policy/v1beta1 +kind: PodSecurityPolicy +metadata: + name: psp-istio-cni + namespace: {{ template "istio.namespace" . }} +spec: + allowPrivilegeEscalation: true + fsGroup: + rule: RunAsAny + hostNetwork: true + runAsUser: + rule: RunAsAny + seLinux: + rule: RunAsAny + supplementalGroups: + rule: RunAsAny + volumes: + - secret + - configMap + - emptyDir + - hostPath +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: psp-istio-cni + namespace: {{ template "istio.namespace" . }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: psp-istio-cni +subjects: + - kind: ServiceAccount + name: istio-cni +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: psp-istio-cni + namespace: {{ template "istio.namespace" . }} +rules: +- apiGroups: + - policy + resourceNames: + - psp-istio-cni + resources: + - podsecuritypolicies + verbs: + - use +{{- end }} \ No newline at end of file diff --git a/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/templates/istio-install-job.yaml b/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/templates/istio-install-job.yaml new file mode 100755 index 00000000000..9a13f5698f3 --- /dev/null +++ b/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/templates/istio-install-job.yaml @@ -0,0 +1,50 @@ +apiVersion: batch/v1 +kind: Job +metadata: + name: istioctl-installer + namespace: {{ template "istio.namespace" . }} + annotations: + "helm.sh/hook": post-install,post-upgrade + "helm.sh/hook-weight": "-5" + "helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded +spec: + backoffLimit: 1 + template: + spec: + containers: + - name: istioctl-installer + image: {{ template "system_default_registry" . }}{{ .Values.installer.repository }}:{{ .Values.installer.tag }} + env: + - name: RELEASE_NAME + value: {{ .Release.Name }} + - name: ISTIO_NAMESPACE + value: {{ template "istio.namespace" . }} + - name: FORCE_INSTALL + value: {{ .Values.forceInstall | default "false" | quote }} + command: ["/bin/sh","-c"] + args: ["/usr/local/app/scripts/run.sh"] + volumeMounts: + - name: config-volume + mountPath: /app/istio-base.yaml + subPath: istio-base.yaml + {{- if .Values.overlayFile }} + - name: overlay-volume + mountPath: /app/overlay-config.yaml + subPath: overlay-config.yaml + {{- end }} + volumes: + - name: config-volume + configMap: + name: istio-installer-base + {{- if .Values.overlayFile }} + - name: overlay-volume + configMap: + name: istio-installer-overlay + {{- end }} + serviceAccountName: istio-installer + {{- if .Values.global.rbac.pspEnabled }} + securityContext: + runAsUser: 101 + runAsGroup: 101 + {{- end }} + restartPolicy: Never diff --git a/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/templates/istio-install-psp.yaml b/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/templates/istio-install-psp.yaml new file mode 100755 index 00000000000..f0b5ee565fe --- /dev/null +++ b/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/templates/istio-install-psp.yaml @@ -0,0 +1,30 @@ +{{- if .Values.global.rbac.pspEnabled }} +apiVersion: policy/v1beta1 +kind: PodSecurityPolicy +metadata: + name: istio-installer + namespace: {{ template "istio.namespace" . }} +spec: + privileged: false + hostNetwork: false + hostIPC: false + hostPID: false + runAsUser: + rule: 'MustRunAsNonRoot' + seLinux: + rule: 'RunAsAny' + supplementalGroups: + rule: 'MustRunAs' + ranges: + - min: 1 + max: 65535 + fsGroup: + rule: 'MustRunAs' + ranges: + - min: 1 + max: 65535 + readOnlyRootFilesystem: false + volumes: + - 'configMap' + - 'secret' +{{- end }} \ No newline at end of file diff --git a/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/templates/istio-psp.yaml b/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/templates/istio-psp.yaml new file mode 100755 index 00000000000..b3758b74f1c --- /dev/null +++ b/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/templates/istio-psp.yaml @@ -0,0 +1,81 @@ +{{- if .Values.global.rbac.pspEnabled }} +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: istio-psp + namespace: {{ template "istio.namespace" . }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: istio-psp +subjects: + - kind: ServiceAccount + name: istio-egressgateway-service-account + - kind: ServiceAccount + name: istio-ingressgateway-service-account + - kind: ServiceAccount + name: istio-mixer-service-account + - kind: ServiceAccount + name: istio-operator-authproxy + - kind: ServiceAccount + name: istiod-service-account + - kind: ServiceAccount + name: istio-sidecar-injector-service-account + - kind: ServiceAccount + name: istiocoredns-service-account + - kind: ServiceAccount + name: default +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: istio-psp + namespace: {{ template "istio.namespace" . }} +rules: +- apiGroups: + - policy + resourceNames: + - istio-psp + resources: + - podsecuritypolicies + verbs: + - use +--- +apiVersion: policy/v1beta1 +kind: PodSecurityPolicy +metadata: + name: istio-psp + namespace: {{ template "istio.namespace" . }} +spec: + allowPrivilegeEscalation: false + forbiddenSysctls: + - '*' + fsGroup: + ranges: + - max: 65535 + min: 1 + rule: MustRunAs + requiredDropCapabilities: + - ALL + runAsUser: + rule: MustRunAsNonRoot + runAsGroup: + rule: MustRunAs + ranges: + - min: 1 + max: 65535 + seLinux: + rule: RunAsAny + supplementalGroups: + ranges: + - max: 65535 + min: 1 + rule: MustRunAs + volumes: + - configMap + - emptyDir + - projected + - secret + - downwardAPI + - persistentVolumeClaim +{{- end }} \ No newline at end of file diff --git a/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/templates/istio-uninstall-job.yaml b/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/templates/istio-uninstall-job.yaml new file mode 100755 index 00000000000..a7f15632579 --- /dev/null +++ b/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/templates/istio-uninstall-job.yaml @@ -0,0 +1,45 @@ +apiVersion: batch/v1 +kind: Job +metadata: + name: istioctl-uninstaller + namespace: {{ template "istio.namespace" . }} + annotations: + "helm.sh/hook": pre-delete + "helm.sh/hook-weight": "-5" + "helm.sh/hook-delete-policy": hook-succeeded +spec: + template: + spec: + containers: + - name: istioctl-uninstaller + image: {{ template "system_default_registry" . }}{{ .Values.installer.repository }}:{{ .Values.installer.tag }} + env: + - name: RELEASE_NAME + value: {{ .Release.Name }} + - name: ISTIO_NAMESPACE + value: {{ template "istio.namespace" . }} + command: ["/bin/sh","-c"] + args: ["/usr/local/app/scripts/uninstall_istio_system.sh"] + volumeMounts: + - name: config-volume + mountPath: /app/istio-base.yaml + subPath: istio-base.yaml + {{- if .Values.overlayFile }} + - name: overlay-volume + mountPath: /app/overlay-config.yaml + subPath: overlay-config.yaml + {{ end }} + volumes: + - name: config-volume + configMap: + name: istio-installer-base + {{- if .Values.overlayFile }} + - name: overlay-volume + configMap: + name: istio-installer-overlay + {{ end }} + serviceAccountName: istio-installer + securityContext: + runAsUser: 101 + runAsGroup: 101 + restartPolicy: OnFailure diff --git a/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/templates/overlay-config-map.yaml b/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/templates/overlay-config-map.yaml new file mode 100755 index 00000000000..287d26b2c32 --- /dev/null +++ b/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/templates/overlay-config-map.yaml @@ -0,0 +1,9 @@ +{{- if .Values.overlayFile }} +apiVersion: v1 +kind: ConfigMap +metadata: + name: istio-installer-overlay + namespace: {{ template "istio.namespace" . }} +data: + overlay-config.yaml: {{ toYaml .Values.overlayFile | indent 2 }} +{{- end }} diff --git a/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/templates/service-monitors.yaml b/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/templates/service-monitors.yaml new file mode 100755 index 00000000000..c3d60c4fce9 --- /dev/null +++ b/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/templates/service-monitors.yaml @@ -0,0 +1,51 @@ +{{- if .Values.kiali.enabled }} +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + name: envoy-stats-monitor + namespace: {{ template "istio.namespace" . }} + labels: + monitoring: istio-proxies +spec: + selector: + matchExpressions: + - {key: istio-prometheus-ignore, operator: DoesNotExist} + namespaceSelector: + any: true + jobLabel: envoy-stats + endpoints: + - path: /stats/prometheus + targetPort: 15090 + interval: 15s + relabelings: + - sourceLabels: [__meta_kubernetes_pod_container_port_name] + action: keep + regex: '.*-envoy-prom' + - action: labeldrop + regex: "__meta_kubernetes_pod_label_(.+)" + - sourceLabels: [__meta_kubernetes_namespace] + action: replace + targetLabel: namespace + - sourceLabels: [__meta_kubernetes_pod_name] + action: replace + targetLabel: pod_name +--- +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + name: istio-component-monitor + namespace: {{ template "istio.namespace" . }} + labels: + monitoring: istio-components +spec: + jobLabel: istio + targetLabels: [app] + selector: + matchExpressions: + - {key: istio, operator: In, values: [pilot]} + namespaceSelector: + any: true + endpoints: + - port: http-monitoring + interval: 15s +{{- end -}} diff --git a/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/templates/serviceaccount.yaml b/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/templates/serviceaccount.yaml new file mode 100755 index 00000000000..82b6cbb7e62 --- /dev/null +++ b/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/templates/serviceaccount.yaml @@ -0,0 +1,5 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + name: istio-installer + namespace: {{ template "istio.namespace" . }} diff --git a/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/templates/view-role.yaml b/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/templates/view-role.yaml new file mode 100755 index 00000000000..5947d3eba97 --- /dev/null +++ b/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/templates/view-role.yaml @@ -0,0 +1,41 @@ +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + labels: + rbac.authorization.k8s.io/aggregate-to-view: "true" + namespace: {{ template "istio.namespace" . }} + name: istio-view +rules: + - apiGroups: + - config.istio.io + resources: + - adapters + - attributemanifests + - handlers + - httpapispecbindings + - httpapispecs + - instances + - quotaspecbindings + - quotaspecs + - rules + - templates + verbs: ["get", "watch", "list"] + - apiGroups: + - networking.istio.io + resources: + - destinationrules + - envoyfilters + - gateways + - serviceentries + - sidecars + - virtualservices + - workloadentries + verbs: ["get", "watch", "list"] + - apiGroups: + - security.istio.io + resources: + - authorizationpolicies + - peerauthentications + - requestauthentications + verbs: ["get", "watch", "list"] diff --git a/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/values.yaml b/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/values.yaml new file mode 100755 index 00000000000..6c3f66797b9 --- /dev/null +++ b/charts/rancher-istio-1.9/rancher-istio/1.9.300-rc03/values.yaml @@ -0,0 +1,85 @@ +overlayFile: "" +tag: 1.9.3 +##Setting forceInstall: true will remove the check for istio version < 1.6.x and will not analyze your install cluster prior to install +forceInstall: false + +installer: + repository: rancher/istio-installer + tag: 1.9.3-rancher2 + +##Native support for dns added in 1.8 +dns: + enabled: false + +base: + enabled: true + +cni: + enabled: false + repository: rancher/mirrored-istio-install-cni + tag: 1.9.3 + logLevel: info + excludeNamespaces: + - istio-system + - kube-system + +egressGateways: + enabled: false + type: NodePort + +ingressGateways: + enabled: true + type: NodePort + +istiodRemote: + enabled: false + +pilot: + enabled: true + repository: rancher/mirrored-istio-pilot + tag: 1.9.3 + +telemetry: + enabled: true + v2: + enabled: true + +global: + cattle: + systemDefaultRegistry: "" + proxy: + repository: rancher/mirrored-istio-proxyv2 + tag: 1.9.3 + proxy_init: + repository: rancher/mirrored-istio-proxyv2 + tag: 1.9.3 + defaultPodDisruptionBudget: + enabled: true + rbac: + pspEnabled: false + +# Kiali subchart from rancher-kiali-server +kiali: + enabled: true + auth: + strategy: anonymous + deployment: + ingress_enabled: false + repository: rancher/mirrored-kiali-kiali + tag: v1.32.0 + external_services: + prometheus: + custom_metrics_url: "http://rancher-monitoring-prometheus.cattle-monitoring-system.svc:9090" + url: "http://rancher-monitoring-prometheus.cattle-monitoring-system.svc:9090" + tracing: + in_cluster_url: "http://tracing.istio-system.svc:16686/jaeger" + grafana: + in_cluster_url: "http://rancher-monitoring-grafana.cattle-monitoring-system.svc:80" + url: "http://rancher-monitoring-grafana.cattle-monitoring-system.svc:80" + +tracing: + enabled: false + contextPath: "/jaeger" + jaeger: + repository: rancher/mirrored-jaegertracing-all-in-one + tag: 1.20.0 diff --git a/charts/rancher-logging/rancher-logging-crd/3.9.400-rc06/Chart.yaml b/charts/rancher-logging/rancher-logging-crd/3.9.400-rc06/Chart.yaml new file mode 100755 index 00000000000..c9578091e6d --- /dev/null +++ b/charts/rancher-logging/rancher-logging-crd/3.9.400-rc06/Chart.yaml @@ -0,0 +1,10 @@ +annotations: + catalog.cattle.io/certified: rancher + catalog.cattle.io/hidden: "true" + catalog.cattle.io/namespace: cattle-logging-system + catalog.cattle.io/release-name: rancher-logging-crd +apiVersion: v1 +description: Installs the CRDs for rancher-logging. +name: rancher-logging-crd +type: application +version: 3.9.400-rc06 diff --git a/charts/rancher-logging/rancher-logging-crd/3.9.400-rc06/README.md b/charts/rancher-logging/rancher-logging-crd/3.9.400-rc06/README.md new file mode 100755 index 00000000000..d4beb54faf4 --- /dev/null +++ b/charts/rancher-logging/rancher-logging-crd/3.9.400-rc06/README.md @@ -0,0 +1,2 @@ +# rancher-logging-crd +A Rancher chart that installs the CRDs used by rancher-logging. diff --git a/charts/rancher-logging/rancher-logging-crd/3.9.400-rc06/templates/logging.banzaicloud.io_clusterflows.yaml b/charts/rancher-logging/rancher-logging-crd/3.9.400-rc06/templates/logging.banzaicloud.io_clusterflows.yaml new file mode 100755 index 00000000000..9fc6e22a518 --- /dev/null +++ b/charts/rancher-logging/rancher-logging-crd/3.9.400-rc06/templates/logging.banzaicloud.io_clusterflows.yaml @@ -0,0 +1,765 @@ + +--- +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.2.4 + creationTimestamp: null + name: clusterflows.logging.banzaicloud.io +spec: + additionalPrinterColumns: + - JSONPath: .status.active + description: Is the flow active? + name: Active + type: boolean + - JSONPath: .status.problemsCount + description: Number of problems + name: Problems + type: integer + group: logging.banzaicloud.io + names: + categories: + - logging-all + kind: ClusterFlow + listKind: ClusterFlowList + plural: clusterflows + singular: clusterflow + preserveUnknownFields: false + scope: Namespaced + subresources: + status: {} + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + filters: + items: + properties: + concat: + properties: + continuous_line_regexp: + type: string + flush_interval: + type: integer + keep_partial_key: + type: boolean + keep_partial_metadata: + type: string + key: + type: string + multiline_end_regexp: + type: string + multiline_start_regexp: + type: string + n_lines: + type: integer + partial_key: + type: string + partial_value: + type: string + separator: + type: string + stream_identity_key: + type: string + timeout_label: + type: string + use_first_timestamp: + type: boolean + use_partial_metadata: + type: string + type: object + dedot: + properties: + de_dot_nested: + type: boolean + de_dot_separator: + type: string + type: object + detectExceptions: + properties: + languages: + items: + type: string + type: array + max_bytes: + type: integer + max_lines: + type: integer + message: + type: string + multiline_flush_interval: + type: string + remove_tag_prefix: + type: string + stream: + type: string + type: object + enhanceK8s: + properties: + api_groups: + items: + type: string + type: array + bearer_token_file: + type: string + ca_file: + properties: + mountFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + value: + type: string + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + type: object + cache_refresh: + type: integer + cache_refresh_variation: + type: integer + cache_size: + type: integer + cache_ttl: + type: integer + client_cert: + properties: + mountFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + value: + type: string + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + type: object + client_key: + properties: + mountFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + value: + type: string + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + type: object + core_api_versions: + items: + type: string + type: array + data_type: + type: string + in_namespace_path: + items: + type: string + type: array + in_pod_path: + items: + type: string + type: array + kubernetes_url: + type: string + secret_dir: + type: string + ssl_partial_chain: + type: boolean + verify_ssl: + type: boolean + type: object + geoip: + properties: + backend_library: + type: string + geoip_2_database: + type: string + geoip_database: + type: string + geoip_lookup_keys: + type: string + records: + items: + additionalProperties: + type: string + type: object + type: array + skip_adding_null_record: + type: boolean + type: object + grep: + properties: + and: + items: + properties: + exclude: + items: + properties: + key: + type: string + pattern: + type: string + required: + - key + - pattern + type: object + type: array + regexp: + items: + properties: + key: + type: string + pattern: + type: string + required: + - key + - pattern + type: object + type: array + type: object + type: array + exclude: + items: + properties: + key: + type: string + pattern: + type: string + required: + - key + - pattern + type: object + type: array + or: + items: + properties: + exclude: + items: + properties: + key: + type: string + pattern: + type: string + required: + - key + - pattern + type: object + type: array + regexp: + items: + properties: + key: + type: string + pattern: + type: string + required: + - key + - pattern + type: object + type: array + type: object + type: array + regexp: + items: + properties: + key: + type: string + pattern: + type: string + required: + - key + - pattern + type: object + type: array + type: object + parser: + properties: + emit_invalid_record_to_error: + type: boolean + hash_value_field: + type: string + inject_key_prefix: + type: string + key_name: + type: string + parse: + properties: + delimiter: + type: string + delimiter_pattern: + type: string + estimate_current_event: + type: boolean + expression: + type: string + format: + type: string + format_firstline: + type: string + keep_time_key: + type: boolean + label_delimiter: + type: string + local_time: + type: boolean + multiline: + items: + type: string + type: array + null_empty_string: + type: boolean + null_value_pattern: + type: string + patterns: + items: + properties: + estimate_current_event: + type: boolean + expression: + type: string + format: + type: string + keep_time_key: + type: boolean + local_time: + type: boolean + null_empty_string: + type: boolean + null_value_pattern: + type: string + time_format: + type: string + time_key: + type: string + time_type: + type: string + timezone: + type: string + type: + type: string + types: + type: string + utc: + type: boolean + type: object + type: array + time_format: + type: string + time_key: + type: string + time_type: + type: string + timezone: + type: string + type: + type: string + types: + type: string + utc: + type: boolean + type: object + parsers: + items: + properties: + delimiter: + type: string + delimiter_pattern: + type: string + estimate_current_event: + type: boolean + expression: + type: string + format: + type: string + format_firstline: + type: string + keep_time_key: + type: boolean + label_delimiter: + type: string + local_time: + type: boolean + multiline: + items: + type: string + type: array + null_empty_string: + type: boolean + null_value_pattern: + type: string + patterns: + items: + properties: + estimate_current_event: + type: boolean + expression: + type: string + format: + type: string + keep_time_key: + type: boolean + local_time: + type: boolean + null_empty_string: + type: boolean + null_value_pattern: + type: string + time_format: + type: string + time_key: + type: string + time_type: + type: string + timezone: + type: string + type: + type: string + types: + type: string + utc: + type: boolean + type: object + type: array + time_format: + type: string + time_key: + type: string + time_type: + type: string + timezone: + type: string + type: + type: string + types: + type: string + utc: + type: boolean + type: object + type: array + remove_key_name_field: + type: boolean + replace_invalid_sequence: + type: boolean + reserve_data: + type: boolean + reserve_time: + type: boolean + type: object + prometheus: + properties: + labels: + additionalProperties: + type: string + type: object + metrics: + items: + properties: + buckets: + type: string + desc: + type: string + key: + type: string + labels: + additionalProperties: + type: string + type: object + name: + type: string + type: + type: string + required: + - desc + - name + - type + type: object + type: array + type: object + record_modifier: + properties: + char_encoding: + type: string + prepare_value: + type: string + records: + items: + additionalProperties: + type: string + type: object + type: array + remove_keys: + type: string + replaces: + items: + properties: + expression: + type: string + key: + type: string + replace: + type: string + required: + - expression + - key + - replace + type: object + type: array + whitelist_keys: + type: string + type: object + record_transformer: + properties: + auto_typecast: + type: boolean + enable_ruby: + type: boolean + keep_keys: + type: string + records: + items: + additionalProperties: + type: string + type: object + type: array + remove_keys: + type: string + renew_record: + type: boolean + renew_time_key: + type: string + type: object + stdout: + properties: + output_type: + type: string + type: object + sumologic: + properties: + collector_key_name: + type: string + collector_value: + type: string + exclude_container_regex: + type: string + exclude_facility_regex: + type: string + exclude_host_regex: + type: string + exclude_namespace_regex: + type: string + exclude_pod_regex: + type: string + exclude_priority_regex: + type: string + exclude_unit_regex: + type: string + log_format: + type: string + source_category: + type: string + source_category_key_name: + type: string + source_category_prefix: + type: string + source_category_replace_dash: + type: string + source_host: + type: string + source_host_key_name: + type: string + source_name: + type: string + source_name_key_name: + type: string + tracing_annotation_prefix: + type: string + tracing_container_name: + type: string + tracing_format: + type: boolean + tracing_host: + type: string + tracing_label_prefix: + type: string + tracing_namespace: + type: string + tracing_pod: + type: string + tracing_pod_id: + type: string + type: object + tag_normaliser: + properties: + format: + type: string + type: object + throttle: + properties: + group_bucket_limit: + type: integer + group_bucket_period_s: + type: integer + group_drop_logs: + type: boolean + group_key: + type: string + group_reset_rate_s: + type: integer + group_warning_delay_s: + type: integer + type: object + type: object + type: array + globalOutputRefs: + items: + type: string + type: array + loggingRef: + type: string + match: + items: + properties: + exclude: + properties: + container_names: + items: + type: string + type: array + hosts: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + namespaces: + items: + type: string + type: array + type: object + select: + properties: + container_names: + items: + type: string + type: array + hosts: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + namespaces: + items: + type: string + type: array + type: object + type: object + type: array + outputRefs: + items: + type: string + type: array + selectors: + additionalProperties: + type: string + type: object + type: object + status: + properties: + active: + type: boolean + problems: + items: + type: string + type: array + problemsCount: + type: integer + type: object + type: object + version: v1beta1 + versions: + - name: v1beta1 + served: true + storage: true +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/charts/rancher-logging/rancher-logging-crd/3.9.400-rc06/templates/logging.banzaicloud.io_clusteroutputs.yaml b/charts/rancher-logging/rancher-logging-crd/3.9.400-rc06/templates/logging.banzaicloud.io_clusteroutputs.yaml new file mode 100755 index 00000000000..029e28ec86a --- /dev/null +++ b/charts/rancher-logging/rancher-logging-crd/3.9.400-rc06/templates/logging.banzaicloud.io_clusteroutputs.yaml @@ -0,0 +1,4721 @@ + +--- +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.2.4 + creationTimestamp: null + name: clusteroutputs.logging.banzaicloud.io +spec: + additionalPrinterColumns: + - JSONPath: .status.active + description: Is the output active? + name: Active + type: boolean + - JSONPath: .status.problemsCount + description: Number of problems + name: Problems + type: integer + group: logging.banzaicloud.io + names: + categories: + - logging-all + kind: ClusterOutput + listKind: ClusterOutputList + plural: clusteroutputs + singular: clusteroutput + preserveUnknownFields: false + scope: Namespaced + subresources: + status: {} + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + awsElasticsearch: + properties: + buffer: + properties: + chunk_full_threshold: + type: string + chunk_limit_records: + type: integer + chunk_limit_size: + type: string + compress: + type: string + delayed_commit_timeout: + type: string + disable_chunk_backup: + type: boolean + flush_at_shutdown: + type: boolean + flush_interval: + type: string + flush_mode: + type: string + flush_thread_burst_interval: + type: string + flush_thread_count: + type: integer + flush_thread_interval: + type: string + overflow_action: + type: string + path: + type: string + queue_limit_length: + type: integer + queued_chunks_limit_size: + type: integer + retry_exponential_backoff_base: + type: string + retry_forever: + type: boolean + retry_max_interval: + type: string + retry_max_times: + type: integer + retry_randomize: + type: boolean + retry_secondary_threshold: + type: string + retry_timeout: + type: string + retry_type: + type: string + retry_wait: + type: string + tags: + type: string + timekey: + type: string + timekey_use_utc: + type: boolean + timekey_wait: + type: string + timekey_zone: + type: string + total_limit_size: + type: string + type: + type: string + type: object + endpoint: + properties: + access_key_id: + properties: + mountFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + value: + type: string + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + type: object + assume_role_arn: + properties: + mountFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + value: + type: string + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + type: object + assume_role_session_name: + properties: + mountFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + value: + type: string + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + type: object + assume_role_web_identity_token_file: + properties: + mountFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + value: + type: string + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + type: object + ecs_container_credentials_relative_uri: + properties: + mountFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + value: + type: string + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + type: object + region: + type: string + secret_access_key: + properties: + mountFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + value: + type: string + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + type: object + sts_credentials_region: + properties: + mountFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + value: + type: string + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + type: object + url: + type: string + type: object + flush_interval: + type: string + format: + properties: + add_newline: + type: boolean + message_key: + type: string + type: + enum: + - out_file + - json + - ltsv + - csv + - msgpack + - hash + - single_value + type: string + type: object + include_tag_key: + type: boolean + logstash_format: + type: boolean + tag_key: + type: string + type: object + azurestorage: + properties: + auto_create_container: + type: boolean + azure_container: + type: string + azure_imds_api_version: + type: string + azure_object_key_format: + type: string + azure_storage_access_key: + properties: + mountFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + value: + type: string + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + type: object + azure_storage_account: + properties: + mountFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + value: + type: string + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + type: object + azure_storage_sas_token: + properties: + mountFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + value: + type: string + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + type: object + buffer: + properties: + chunk_full_threshold: + type: string + chunk_limit_records: + type: integer + chunk_limit_size: + type: string + compress: + type: string + delayed_commit_timeout: + type: string + disable_chunk_backup: + type: boolean + flush_at_shutdown: + type: boolean + flush_interval: + type: string + flush_mode: + type: string + flush_thread_burst_interval: + type: string + flush_thread_count: + type: integer + flush_thread_interval: + type: string + overflow_action: + type: string + path: + type: string + queue_limit_length: + type: integer + queued_chunks_limit_size: + type: integer + retry_exponential_backoff_base: + type: string + retry_forever: + type: boolean + retry_max_interval: + type: string + retry_max_times: + type: integer + retry_randomize: + type: boolean + retry_secondary_threshold: + type: string + retry_timeout: + type: string + retry_type: + type: string + retry_wait: + type: string + tags: + type: string + timekey: + type: string + timekey_use_utc: + type: boolean + timekey_wait: + type: string + timekey_zone: + type: string + total_limit_size: + type: string + type: + type: string + type: object + format: + type: string + path: + type: string + required: + - azure_container + - azure_storage_access_key + - azure_storage_account + - azure_storage_sas_token + type: object + cloudwatch: + properties: + auto_create_stream: + type: boolean + aws_instance_profile_credentials_retries: + type: integer + aws_key_id: + properties: + mountFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + value: + type: string + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + type: object + aws_sec_key: + properties: + mountFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + value: + type: string + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + type: object + aws_sts_role_arn: + type: string + aws_sts_session_name: + type: string + aws_use_sts: + type: boolean + buffer: + properties: + chunk_full_threshold: + type: string + chunk_limit_records: + type: integer + chunk_limit_size: + type: string + compress: + type: string + delayed_commit_timeout: + type: string + disable_chunk_backup: + type: boolean + flush_at_shutdown: + type: boolean + flush_interval: + type: string + flush_mode: + type: string + flush_thread_burst_interval: + type: string + flush_thread_count: + type: integer + flush_thread_interval: + type: string + overflow_action: + type: string + path: + type: string + queue_limit_length: + type: integer + queued_chunks_limit_size: + type: integer + retry_exponential_backoff_base: + type: string + retry_forever: + type: boolean + retry_max_interval: + type: string + retry_max_times: + type: integer + retry_randomize: + type: boolean + retry_secondary_threshold: + type: string + retry_timeout: + type: string + retry_type: + type: string + retry_wait: + type: string + tags: + type: string + timekey: + type: string + timekey_use_utc: + type: boolean + timekey_wait: + type: string + timekey_zone: + type: string + total_limit_size: + type: string + type: + type: string + type: object + concurrency: + type: integer + endpoint: + type: string + format: + properties: + add_newline: + type: boolean + message_key: + type: string + type: + enum: + - out_file + - json + - ltsv + - csv + - msgpack + - hash + - single_value + type: string + type: object + http_proxy: + type: string + include_time_key: + type: boolean + json_handler: + type: string + localtime: + type: boolean + log_group_aws_tags: + type: string + log_group_aws_tags_key: + type: string + log_group_name: + type: string + log_group_name_key: + type: string + log_rejected_request: + type: string + log_stream_name: + type: string + log_stream_name_key: + type: string + max_events_per_batch: + type: integer + max_message_length: + type: integer + message_keys: + type: string + put_log_events_disable_retry_limit: + type: boolean + put_log_events_retry_limit: + type: integer + put_log_events_retry_wait: + type: string + region: + type: string + remove_log_group_aws_tags_key: + type: string + remove_log_group_name_key: + type: string + remove_log_stream_name_key: + type: string + remove_retention_in_days: + type: string + retention_in_days: + type: string + retention_in_days_key: + type: string + use_tag_as_group: + type: boolean + use_tag_as_stream: + type: boolean + required: + - region + type: object + datadog: + properties: + api_key: + properties: + mountFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + value: + type: string + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + type: object + buffer: + properties: + chunk_full_threshold: + type: string + chunk_limit_records: + type: integer + chunk_limit_size: + type: string + compress: + type: string + delayed_commit_timeout: + type: string + disable_chunk_backup: + type: boolean + flush_at_shutdown: + type: boolean + flush_interval: + type: string + flush_mode: + type: string + flush_thread_burst_interval: + type: string + flush_thread_count: + type: integer + flush_thread_interval: + type: string + overflow_action: + type: string + path: + type: string + queue_limit_length: + type: integer + queued_chunks_limit_size: + type: integer + retry_exponential_backoff_base: + type: string + retry_forever: + type: boolean + retry_max_interval: + type: string + retry_max_times: + type: integer + retry_randomize: + type: boolean + retry_secondary_threshold: + type: string + retry_timeout: + type: string + retry_type: + type: string + retry_wait: + type: string + tags: + type: string + timekey: + type: string + timekey_use_utc: + type: boolean + timekey_wait: + type: string + timekey_zone: + type: string + total_limit_size: + type: string + type: + type: string + type: object + compression_level: + type: string + dd_hostname: + type: string + dd_source: + type: string + dd_sourcecategory: + type: string + dd_tags: + type: string + host: + type: string + include_tag_key: + type: boolean + max_backoff: + type: string + max_retries: + type: string + no_ssl_validation: + type: boolean + port: + type: string + service: + type: string + ssl_port: + type: string + tag_key: + type: string + timestamp_key: + type: string + use_compression: + type: boolean + use_http: + type: boolean + use_json: + type: boolean + use_ssl: + type: boolean + required: + - api_key + type: object + elasticsearch: + properties: + application_name: + type: string + buffer: + properties: + chunk_full_threshold: + type: string + chunk_limit_records: + type: integer + chunk_limit_size: + type: string + compress: + type: string + delayed_commit_timeout: + type: string + disable_chunk_backup: + type: boolean + flush_at_shutdown: + type: boolean + flush_interval: + type: string + flush_mode: + type: string + flush_thread_burst_interval: + type: string + flush_thread_count: + type: integer + flush_thread_interval: + type: string + overflow_action: + type: string + path: + type: string + queue_limit_length: + type: integer + queued_chunks_limit_size: + type: integer + retry_exponential_backoff_base: + type: string + retry_forever: + type: boolean + retry_max_interval: + type: string + retry_max_times: + type: integer + retry_randomize: + type: boolean + retry_secondary_threshold: + type: string + retry_timeout: + type: string + retry_type: + type: string + retry_wait: + type: string + tags: + type: string + timekey: + type: string + timekey_use_utc: + type: boolean + timekey_wait: + type: string + timekey_zone: + type: string + total_limit_size: + type: string + type: + type: string + type: object + bulk_message_request_threshold: + type: string + ca_file: + properties: + mountFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + value: + type: string + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + type: object + client_cert: + properties: + mountFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + value: + type: string + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + type: object + client_key: + properties: + mountFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + value: + type: string + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + type: object + client_key_pass: + properties: + mountFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + value: + type: string + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + type: object + content_type: + type: string + custom_headers: + type: string + customize_template: + type: string + default_elasticsearch_version: + type: string + deflector_alias: + type: string + enable_ilm: + type: boolean + exception_backup: + type: boolean + fail_on_putting_template_retry_exceed: + type: boolean + flatten_hashes: + type: boolean + flatten_hashes_separator: + type: string + host: + type: string + hosts: + type: string + http_backend: + type: string + id_key: + type: string + ignore_exceptions: + type: string + ilm_policy: + type: string + ilm_policy_id: + type: string + ilm_policy_overwrite: + type: boolean + include_index_in_url: + type: boolean + include_tag_key: + type: boolean + include_timestamp: + type: boolean + index_date_pattern: + type: string + index_name: + type: string + index_prefix: + type: string + log_es_400_reason: + type: boolean + logstash_dateformat: + type: string + logstash_format: + type: boolean + logstash_prefix: + type: string + logstash_prefix_separator: + type: string + max_retry_get_es_version: + type: string + max_retry_putting_template: + type: string + password: + properties: + mountFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + value: + type: string + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + type: object + path: + type: string + pipeline: + type: string + port: + type: integer + prefer_oj_serializer: + type: boolean + reconnect_on_error: + type: boolean + reload_after: + type: string + reload_connections: + type: boolean + reload_on_failure: + type: boolean + remove_keys_on_update: + type: string + remove_keys_on_update_key: + type: string + request_timeout: + type: string + resurrect_after: + type: string + retry_tag: + type: string + rollover_index: + type: boolean + routing_key: + type: string + scheme: + type: string + sniffer_class_name: + type: string + ssl_max_version: + type: string + ssl_min_version: + type: string + ssl_verify: + type: boolean + ssl_version: + type: string + suppress_doc_wrap: + type: boolean + suppress_type_name: + type: boolean + tag_key: + type: string + target_index_key: + type: string + target_type_key: + type: string + template_file: + properties: + mountFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + value: + type: string + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + type: object + template_name: + type: string + template_overwrite: + type: boolean + templates: + type: string + time_key: + type: string + time_key_format: + type: string + time_parse_error_tag: + type: string + time_precision: + type: string + type_name: + type: string + unrecoverable_error_types: + type: string + user: + type: string + utc_index: + type: boolean + validate_client_version: + type: boolean + verify_es_version_at_startup: + type: boolean + with_transporter_log: + type: boolean + write_operation: + type: string + type: object + enabledNamespaces: + items: + type: string + type: array + file: + properties: + add_path_suffix: + type: boolean + append: + type: boolean + buffer: + properties: + chunk_full_threshold: + type: string + chunk_limit_records: + type: integer + chunk_limit_size: + type: string + compress: + type: string + delayed_commit_timeout: + type: string + disable_chunk_backup: + type: boolean + flush_at_shutdown: + type: boolean + flush_interval: + type: string + flush_mode: + type: string + flush_thread_burst_interval: + type: string + flush_thread_count: + type: integer + flush_thread_interval: + type: string + overflow_action: + type: string + path: + type: string + queue_limit_length: + type: integer + queued_chunks_limit_size: + type: integer + retry_exponential_backoff_base: + type: string + retry_forever: + type: boolean + retry_max_interval: + type: string + retry_max_times: + type: integer + retry_randomize: + type: boolean + retry_secondary_threshold: + type: string + retry_timeout: + type: string + retry_type: + type: string + retry_wait: + type: string + tags: + type: string + timekey: + type: string + timekey_use_utc: + type: boolean + timekey_wait: + type: string + timekey_zone: + type: string + total_limit_size: + type: string + type: + type: string + type: object + format: + properties: + add_newline: + type: boolean + message_key: + type: string + type: + enum: + - out_file + - json + - ltsv + - csv + - msgpack + - hash + - single_value + type: string + type: object + path: + type: string + path_suffix: + type: string + symlink_path: + type: boolean + required: + - path + type: object + forward: + properties: + ack_response_timeout: + type: integer + buffer: + properties: + chunk_full_threshold: + type: string + chunk_limit_records: + type: integer + chunk_limit_size: + type: string + compress: + type: string + delayed_commit_timeout: + type: string + disable_chunk_backup: + type: boolean + flush_at_shutdown: + type: boolean + flush_interval: + type: string + flush_mode: + type: string + flush_thread_burst_interval: + type: string + flush_thread_count: + type: integer + flush_thread_interval: + type: string + overflow_action: + type: string + path: + type: string + queue_limit_length: + type: integer + queued_chunks_limit_size: + type: integer + retry_exponential_backoff_base: + type: string + retry_forever: + type: boolean + retry_max_interval: + type: string + retry_max_times: + type: integer + retry_randomize: + type: boolean + retry_secondary_threshold: + type: string + retry_timeout: + type: string + retry_type: + type: string + retry_wait: + type: string + tags: + type: string + timekey: + type: string + timekey_use_utc: + type: boolean + timekey_wait: + type: string + timekey_zone: + type: string + total_limit_size: + type: string + type: + type: string + type: object + connect_timeout: + type: integer + dns_round_robin: + type: boolean + expire_dns_cache: + type: integer + hard_timeout: + type: integer + heartbeat_interval: + type: integer + heartbeat_type: + type: string + ignore_network_errors_at_startup: + type: boolean + keepalive: + type: boolean + keepalive_timeout: + type: integer + phi_failure_detector: + type: boolean + phi_threshold: + type: integer + recover_wait: + type: integer + require_ack_response: + type: boolean + security: + properties: + allow_anonymous_source: + type: boolean + self_hostname: + type: string + shared_key: + type: string + user_auth: + type: boolean + required: + - self_hostname + - shared_key + type: object + send_timeout: + type: integer + servers: + items: + properties: + host: + type: string + name: + type: string + password: + properties: + mountFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + value: + type: string + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + type: object + port: + type: integer + shared_key: + properties: + mountFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + value: + type: string + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + type: object + standby: + type: boolean + username: + properties: + mountFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + value: + type: string + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + type: object + weight: + type: integer + required: + - host + type: object + type: array + tls_allow_self_signed_cert: + type: boolean + tls_cert_logical_store_name: + type: string + tls_cert_path: + properties: + mountFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + value: + type: string + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + type: object + tls_cert_thumbprint: + type: string + tls_cert_use_enterprise_store: + type: boolean + tls_ciphers: + type: string + tls_client_cert_path: + properties: + mountFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + value: + type: string + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + type: object + tls_client_private_key_passphrase: + properties: + mountFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + value: + type: string + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + type: object + tls_client_private_key_path: + properties: + mountFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + value: + type: string + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + type: object + tls_insecure_mode: + type: boolean + tls_verify_hostname: + type: boolean + tls_version: + type: string + verify_connection_at_startup: + type: boolean + required: + - servers + type: object + gcs: + properties: + acl: + type: string + auto_create_bucket: + type: boolean + bucket: + type: string + buffer: + properties: + chunk_full_threshold: + type: string + chunk_limit_records: + type: integer + chunk_limit_size: + type: string + compress: + type: string + delayed_commit_timeout: + type: string + disable_chunk_backup: + type: boolean + flush_at_shutdown: + type: boolean + flush_interval: + type: string + flush_mode: + type: string + flush_thread_burst_interval: + type: string + flush_thread_count: + type: integer + flush_thread_interval: + type: string + overflow_action: + type: string + path: + type: string + queue_limit_length: + type: integer + queued_chunks_limit_size: + type: integer + retry_exponential_backoff_base: + type: string + retry_forever: + type: boolean + retry_max_interval: + type: string + retry_max_times: + type: integer + retry_randomize: + type: boolean + retry_secondary_threshold: + type: string + retry_timeout: + type: string + retry_type: + type: string + retry_wait: + type: string + tags: + type: string + timekey: + type: string + timekey_use_utc: + type: boolean + timekey_wait: + type: string + timekey_zone: + type: string + total_limit_size: + type: string + type: + type: string + type: object + client_retries: + type: integer + client_timeout: + type: integer + credentials_json: + properties: + mountFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + value: + type: string + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + type: object + encryption_key: + type: string + format: + properties: + add_newline: + type: boolean + message_key: + type: string + type: + enum: + - out_file + - json + - ltsv + - csv + - msgpack + - hash + - single_value + type: string + type: object + hex_random_length: + type: integer + keyfile: + type: string + object_key_format: + type: string + object_metadata: + items: + properties: + key: + type: string + value: + type: string + required: + - key + - value + type: object + type: array + overwrite: + type: boolean + path: + type: string + project: + type: string + storage_class: + type: string + store_as: + type: string + transcoding: + type: boolean + required: + - bucket + - project + type: object + gelf: + properties: + buffer: + properties: + chunk_full_threshold: + type: string + chunk_limit_records: + type: integer + chunk_limit_size: + type: string + compress: + type: string + delayed_commit_timeout: + type: string + disable_chunk_backup: + type: boolean + flush_at_shutdown: + type: boolean + flush_interval: + type: string + flush_mode: + type: string + flush_thread_burst_interval: + type: string + flush_thread_count: + type: integer + flush_thread_interval: + type: string + overflow_action: + type: string + path: + type: string + queue_limit_length: + type: integer + queued_chunks_limit_size: + type: integer + retry_exponential_backoff_base: + type: string + retry_forever: + type: boolean + retry_max_interval: + type: string + retry_max_times: + type: integer + retry_randomize: + type: boolean + retry_secondary_threshold: + type: string + retry_timeout: + type: string + retry_type: + type: string + retry_wait: + type: string + tags: + type: string + timekey: + type: string + timekey_use_utc: + type: boolean + timekey_wait: + type: string + timekey_zone: + type: string + total_limit_size: + type: string + type: + type: string + type: object + host: + type: string + port: + type: integer + protocol: + type: string + tls: + type: boolean + tls_options: + additionalProperties: + type: string + type: object + required: + - host + - port + type: object + http: + properties: + auth: + properties: + password: + properties: + mountFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + value: + type: string + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + type: object + username: + properties: + mountFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + value: + type: string + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + type: object + required: + - password + - username + type: object + buffer: + properties: + chunk_full_threshold: + type: string + chunk_limit_records: + type: integer + chunk_limit_size: + type: string + compress: + type: string + delayed_commit_timeout: + type: string + disable_chunk_backup: + type: boolean + flush_at_shutdown: + type: boolean + flush_interval: + type: string + flush_mode: + type: string + flush_thread_burst_interval: + type: string + flush_thread_count: + type: integer + flush_thread_interval: + type: string + overflow_action: + type: string + path: + type: string + queue_limit_length: + type: integer + queued_chunks_limit_size: + type: integer + retry_exponential_backoff_base: + type: string + retry_forever: + type: boolean + retry_max_interval: + type: string + retry_max_times: + type: integer + retry_randomize: + type: boolean + retry_secondary_threshold: + type: string + retry_timeout: + type: string + retry_type: + type: string + retry_wait: + type: string + tags: + type: string + timekey: + type: string + timekey_use_utc: + type: boolean + timekey_wait: + type: string + timekey_zone: + type: string + total_limit_size: + type: string + type: + type: string + type: object + content_type: + type: string + endpoint: + type: string + error_response_as_unrecoverable: + type: boolean + format: + properties: + add_newline: + type: boolean + message_key: + type: string + type: + enum: + - out_file + - json + - ltsv + - csv + - msgpack + - hash + - single_value + type: string + type: object + headers: + additionalProperties: + type: string + type: object + http_method: + type: string + json_array: + type: boolean + open_timeout: + type: integer + proxy: + type: string + read_timeout: + type: integer + retryable_response_codes: + items: + type: integer + type: array + ssl_timeout: + type: integer + tls_ca_cert_path: + properties: + mountFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + value: + type: string + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + type: object + tls_ciphers: + type: string + tls_client_cert_path: + properties: + mountFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + value: + type: string + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + type: object + tls_private_key_passphrase: + properties: + mountFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + value: + type: string + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + type: object + tls_private_key_path: + properties: + mountFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + value: + type: string + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + type: object + tls_verify_mode: + type: string + tls_version: + type: string + required: + - endpoint + type: object + kafka: + properties: + ack_timeout: + type: integer + brokers: + type: string + buffer: + properties: + chunk_full_threshold: + type: string + chunk_limit_records: + type: integer + chunk_limit_size: + type: string + compress: + type: string + delayed_commit_timeout: + type: string + disable_chunk_backup: + type: boolean + flush_at_shutdown: + type: boolean + flush_interval: + type: string + flush_mode: + type: string + flush_thread_burst_interval: + type: string + flush_thread_count: + type: integer + flush_thread_interval: + type: string + overflow_action: + type: string + path: + type: string + queue_limit_length: + type: integer + queued_chunks_limit_size: + type: integer + retry_exponential_backoff_base: + type: string + retry_forever: + type: boolean + retry_max_interval: + type: string + retry_max_times: + type: integer + retry_randomize: + type: boolean + retry_secondary_threshold: + type: string + retry_timeout: + type: string + retry_type: + type: string + retry_wait: + type: string + tags: + type: string + timekey: + type: string + timekey_use_utc: + type: boolean + timekey_wait: + type: string + timekey_zone: + type: string + total_limit_size: + type: string + type: + type: string + type: object + compression_codec: + type: string + default_message_key: + type: string + default_partition_key: + type: string + default_topic: + type: string + exclude_partion_key: + type: boolean + exclude_topic_key: + type: boolean + format: + properties: + add_newline: + type: boolean + message_key: + type: string + type: + enum: + - out_file + - json + - ltsv + - csv + - msgpack + - hash + - single_value + type: string + type: object + get_kafka_client_log: + type: boolean + headers: + additionalProperties: + type: string + type: object + headers_from_record: + additionalProperties: + type: string + type: object + idempotent: + type: boolean + max_send_retries: + type: integer + message_key_key: + type: string + partition_key: + type: string + partition_key_key: + type: string + password: + properties: + mountFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + value: + type: string + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + type: object + required_acks: + type: integer + sasl_over_ssl: + type: boolean + scram_mechanism: + type: string + ssl_ca_cert: + properties: + mountFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + value: + type: string + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + type: object + ssl_ca_certs_from_system: + type: boolean + ssl_client_cert: + properties: + mountFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + value: + type: string + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + type: object + ssl_client_cert_chain: + properties: + mountFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + value: + type: string + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + type: object + ssl_client_cert_key: + properties: + mountFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + value: + type: string + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + type: object + ssl_verify_hostname: + type: boolean + topic_key: + type: string + use_default_for_unknown_topic: + type: boolean + username: + properties: + mountFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + value: + type: string + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + type: object + required: + - brokers + - format + type: object + kinesisStream: + properties: + assume_role_credentials: + properties: + duration_seconds: + type: string + external_id: + type: string + policy: + type: string + role_arn: + type: string + role_session_name: + type: string + required: + - role_arn + - role_session_name + type: object + aws_iam_retries: + type: integer + aws_key_id: + properties: + mountFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + value: + type: string + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + type: object + aws_sec_key: + properties: + mountFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + value: + type: string + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + type: object + aws_ses_token: + properties: + mountFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + value: + type: string + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + type: object + batch_request_max_count: + type: integer + batch_request_max_size: + type: integer + buffer: + properties: + chunk_full_threshold: + type: string + chunk_limit_records: + type: integer + chunk_limit_size: + type: string + compress: + type: string + delayed_commit_timeout: + type: string + disable_chunk_backup: + type: boolean + flush_at_shutdown: + type: boolean + flush_interval: + type: string + flush_mode: + type: string + flush_thread_burst_interval: + type: string + flush_thread_count: + type: integer + flush_thread_interval: + type: string + overflow_action: + type: string + path: + type: string + queue_limit_length: + type: integer + queued_chunks_limit_size: + type: integer + retry_exponential_backoff_base: + type: string + retry_forever: + type: boolean + retry_max_interval: + type: string + retry_max_times: + type: integer + retry_randomize: + type: boolean + retry_secondary_threshold: + type: string + retry_timeout: + type: string + retry_type: + type: string + retry_wait: + type: string + tags: + type: string + timekey: + type: string + timekey_use_utc: + type: boolean + timekey_wait: + type: string + timekey_zone: + type: string + total_limit_size: + type: string + type: + type: string + type: object + format: + properties: + add_newline: + type: boolean + message_key: + type: string + type: + enum: + - out_file + - json + - ltsv + - csv + - msgpack + - hash + - single_value + type: string + type: object + partition_key: + type: string + process_credentials: + properties: + process: + type: string + required: + - process + type: object + region: + type: string + reset_backoff_if_success: + type: boolean + retries_on_batch_request: + type: integer + stream_name: + type: string + required: + - stream_name + type: object + logdna: + properties: + api_key: + type: string + app: + type: string + buffer: + properties: + chunk_full_threshold: + type: string + chunk_limit_records: + type: integer + chunk_limit_size: + type: string + compress: + type: string + delayed_commit_timeout: + type: string + disable_chunk_backup: + type: boolean + flush_at_shutdown: + type: boolean + flush_interval: + type: string + flush_mode: + type: string + flush_thread_burst_interval: + type: string + flush_thread_count: + type: integer + flush_thread_interval: + type: string + overflow_action: + type: string + path: + type: string + queue_limit_length: + type: integer + queued_chunks_limit_size: + type: integer + retry_exponential_backoff_base: + type: string + retry_forever: + type: boolean + retry_max_interval: + type: string + retry_max_times: + type: integer + retry_randomize: + type: boolean + retry_secondary_threshold: + type: string + retry_timeout: + type: string + retry_type: + type: string + retry_wait: + type: string + tags: + type: string + timekey: + type: string + timekey_use_utc: + type: boolean + timekey_wait: + type: string + timekey_zone: + type: string + total_limit_size: + type: string + type: + type: string + type: object + hostname: + type: string + ingester_domain: + type: string + ingester_endpoint: + type: string + request_timeout: + type: string + tags: + type: string + required: + - api_key + - hostname + type: object + loggingRef: + type: string + logz: + properties: + buffer: + properties: + chunk_full_threshold: + type: string + chunk_limit_records: + type: integer + chunk_limit_size: + type: string + compress: + type: string + delayed_commit_timeout: + type: string + disable_chunk_backup: + type: boolean + flush_at_shutdown: + type: boolean + flush_interval: + type: string + flush_mode: + type: string + flush_thread_burst_interval: + type: string + flush_thread_count: + type: integer + flush_thread_interval: + type: string + overflow_action: + type: string + path: + type: string + queue_limit_length: + type: integer + queued_chunks_limit_size: + type: integer + retry_exponential_backoff_base: + type: string + retry_forever: + type: boolean + retry_max_interval: + type: string + retry_max_times: + type: integer + retry_randomize: + type: boolean + retry_secondary_threshold: + type: string + retry_timeout: + type: string + retry_type: + type: string + retry_wait: + type: string + tags: + type: string + timekey: + type: string + timekey_use_utc: + type: boolean + timekey_wait: + type: string + timekey_zone: + type: string + total_limit_size: + type: string + type: + type: string + type: object + endpoint: + properties: + port: + type: integer + token: + properties: + mountFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + value: + type: string + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + type: object + url: + type: string + type: object + gzip: + type: boolean + http_idle_timeout: + type: integer + output_include_tags: + type: boolean + output_include_time: + type: boolean + retry_count: + type: integer + retry_sleep: + type: integer + required: + - endpoint + type: object + loki: + properties: + buffer: + properties: + chunk_full_threshold: + type: string + chunk_limit_records: + type: integer + chunk_limit_size: + type: string + compress: + type: string + delayed_commit_timeout: + type: string + disable_chunk_backup: + type: boolean + flush_at_shutdown: + type: boolean + flush_interval: + type: string + flush_mode: + type: string + flush_thread_burst_interval: + type: string + flush_thread_count: + type: integer + flush_thread_interval: + type: string + overflow_action: + type: string + path: + type: string + queue_limit_length: + type: integer + queued_chunks_limit_size: + type: integer + retry_exponential_backoff_base: + type: string + retry_forever: + type: boolean + retry_max_interval: + type: string + retry_max_times: + type: integer + retry_randomize: + type: boolean + retry_secondary_threshold: + type: string + retry_timeout: + type: string + retry_type: + type: string + retry_wait: + type: string + tags: + type: string + timekey: + type: string + timekey_use_utc: + type: boolean + timekey_wait: + type: string + timekey_zone: + type: string + total_limit_size: + type: string + type: + type: string + type: object + ca_cert: + properties: + mountFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + value: + type: string + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + type: object + cert: + properties: + mountFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + value: + type: string + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + type: object + configure_kubernetes_labels: + type: boolean + drop_single_key: + type: boolean + extra_labels: + additionalProperties: + type: string + type: object + extract_kubernetes_labels: + type: boolean + insecure_tls: + type: boolean + key: + properties: + mountFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + value: + type: string + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + type: object + labels: + additionalProperties: + type: string + type: object + line_format: + type: string + password: + properties: + mountFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + value: + type: string + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + type: object + remove_keys: + items: + type: string + type: array + tenant: + type: string + url: + type: string + username: + properties: + mountFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + value: + type: string + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + type: object + type: object + newrelic: + properties: + api_key: + properties: + mountFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + value: + type: string + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + type: object + base_uri: + type: string + license_key: + properties: + mountFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + value: + type: string + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + type: object + type: object + nullout: + type: object + oss: + properties: + aaccess_key_secret: + properties: + mountFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + value: + type: string + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + type: object + access_key_id: + properties: + mountFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + value: + type: string + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + type: object + auto_create_bucket: + type: boolean + bucket: + type: string + buffer: + properties: + chunk_full_threshold: + type: string + chunk_limit_records: + type: integer + chunk_limit_size: + type: string + compress: + type: string + delayed_commit_timeout: + type: string + disable_chunk_backup: + type: boolean + flush_at_shutdown: + type: boolean + flush_interval: + type: string + flush_mode: + type: string + flush_thread_burst_interval: + type: string + flush_thread_count: + type: integer + flush_thread_interval: + type: string + overflow_action: + type: string + path: + type: string + queue_limit_length: + type: integer + queued_chunks_limit_size: + type: integer + retry_exponential_backoff_base: + type: string + retry_forever: + type: boolean + retry_max_interval: + type: string + retry_max_times: + type: integer + retry_randomize: + type: boolean + retry_secondary_threshold: + type: string + retry_timeout: + type: string + retry_type: + type: string + retry_wait: + type: string + tags: + type: string + timekey: + type: string + timekey_use_utc: + type: boolean + timekey_wait: + type: string + timekey_zone: + type: string + total_limit_size: + type: string + type: + type: string + type: object + check_bucket: + type: boolean + check_object: + type: boolean + download_crc_enable: + type: boolean + endpoint: + type: string + format: + properties: + add_newline: + type: boolean + message_key: + type: string + type: + enum: + - out_file + - json + - ltsv + - csv + - msgpack + - hash + - single_value + type: string + type: object + hex_random_length: + type: integer + index_format: + type: string + key_format: + type: string + open_timeout: + type: integer + oss_sdk_log_dir: + type: string + overwrite: + type: boolean + path: + type: string + read_timeout: + type: integer + store_as: + type: string + upload_crc_enable: + type: boolean + warn_for_delay: + type: string + required: + - aaccess_key_secret + - access_key_id + - bucket + - endpoint + type: object + redis: + properties: + allow_duplicate_key: + type: boolean + buffer: + properties: + chunk_full_threshold: + type: string + chunk_limit_records: + type: integer + chunk_limit_size: + type: string + compress: + type: string + delayed_commit_timeout: + type: string + disable_chunk_backup: + type: boolean + flush_at_shutdown: + type: boolean + flush_interval: + type: string + flush_mode: + type: string + flush_thread_burst_interval: + type: string + flush_thread_count: + type: integer + flush_thread_interval: + type: string + overflow_action: + type: string + path: + type: string + queue_limit_length: + type: integer + queued_chunks_limit_size: + type: integer + retry_exponential_backoff_base: + type: string + retry_forever: + type: boolean + retry_max_interval: + type: string + retry_max_times: + type: integer + retry_randomize: + type: boolean + retry_secondary_threshold: + type: string + retry_timeout: + type: string + retry_type: + type: string + retry_wait: + type: string + tags: + type: string + timekey: + type: string + timekey_use_utc: + type: boolean + timekey_wait: + type: string + timekey_zone: + type: string + total_limit_size: + type: string + type: + type: string + type: object + db_number: + type: integer + format: + properties: + add_newline: + type: boolean + message_key: + type: string + type: + enum: + - out_file + - json + - ltsv + - csv + - msgpack + - hash + - single_value + type: string + type: object + host: + type: string + insert_key_prefix: + type: string + password: + properties: + mountFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + value: + type: string + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + type: object + port: + type: integer + strftime_format: + type: string + ttl: + type: integer + type: object + s3: + properties: + acl: + type: string + assume_role_credentials: + properties: + duration_seconds: + type: string + external_id: + type: string + policy: + type: string + role_arn: + type: string + role_session_name: + type: string + required: + - role_arn + - role_session_name + type: object + auto_create_bucket: + type: string + aws_iam_retries: + type: string + aws_key_id: + properties: + mountFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + value: + type: string + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + type: object + aws_sec_key: + properties: + mountFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + value: + type: string + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + type: object + buffer: + properties: + chunk_full_threshold: + type: string + chunk_limit_records: + type: integer + chunk_limit_size: + type: string + compress: + type: string + delayed_commit_timeout: + type: string + disable_chunk_backup: + type: boolean + flush_at_shutdown: + type: boolean + flush_interval: + type: string + flush_mode: + type: string + flush_thread_burst_interval: + type: string + flush_thread_count: + type: integer + flush_thread_interval: + type: string + overflow_action: + type: string + path: + type: string + queue_limit_length: + type: integer + queued_chunks_limit_size: + type: integer + retry_exponential_backoff_base: + type: string + retry_forever: + type: boolean + retry_max_interval: + type: string + retry_max_times: + type: integer + retry_randomize: + type: boolean + retry_secondary_threshold: + type: string + retry_timeout: + type: string + retry_type: + type: string + retry_wait: + type: string + tags: + type: string + timekey: + type: string + timekey_use_utc: + type: boolean + timekey_wait: + type: string + timekey_zone: + type: string + total_limit_size: + type: string + type: + type: string + type: object + check_apikey_on_start: + type: string + check_bucket: + type: string + check_object: + type: string + clustername: + type: string + compute_checksums: + type: string + enable_transfer_acceleration: + type: string + force_path_style: + type: string + format: + properties: + add_newline: + type: boolean + message_key: + type: string + type: + enum: + - out_file + - json + - ltsv + - csv + - msgpack + - hash + - single_value + type: string + type: object + grant_full_control: + type: string + grant_read: + type: string + grant_read_acp: + type: string + grant_write_acp: + type: string + hex_random_length: + type: string + index_format: + type: string + instance_profile_credentials: + properties: + http_open_timeout: + type: string + http_read_timeout: + type: string + ip_address: + type: string + port: + type: string + retries: + type: string + type: object + oneeye_format: + type: boolean + overwrite: + type: string + path: + type: string + proxy_uri: + type: string + s3_bucket: + type: string + s3_endpoint: + type: string + s3_metadata: + type: string + s3_object_key_format: + type: string + s3_region: + type: string + shared_credentials: + properties: + path: + type: string + profile_name: + type: string + type: object + signature_version: + type: string + sse_customer_algorithm: + type: string + sse_customer_key: + type: string + sse_customer_key_md5: + type: string + ssekms_key_id: + type: string + ssl_verify_peer: + type: string + storage_class: + type: string + store_as: + type: string + use_bundled_cert: + type: string + use_server_side_encryption: + type: string + warn_for_delay: + type: string + required: + - s3_bucket + type: object + splunkHec: + properties: + buffer: + properties: + chunk_full_threshold: + type: string + chunk_limit_records: + type: integer + chunk_limit_size: + type: string + compress: + type: string + delayed_commit_timeout: + type: string + disable_chunk_backup: + type: boolean + flush_at_shutdown: + type: boolean + flush_interval: + type: string + flush_mode: + type: string + flush_thread_burst_interval: + type: string + flush_thread_count: + type: integer + flush_thread_interval: + type: string + overflow_action: + type: string + path: + type: string + queue_limit_length: + type: integer + queued_chunks_limit_size: + type: integer + retry_exponential_backoff_base: + type: string + retry_forever: + type: boolean + retry_max_interval: + type: string + retry_max_times: + type: integer + retry_randomize: + type: boolean + retry_secondary_threshold: + type: string + retry_timeout: + type: string + retry_type: + type: string + retry_wait: + type: string + tags: + type: string + timekey: + type: string + timekey_use_utc: + type: boolean + timekey_wait: + type: string + timekey_zone: + type: string + total_limit_size: + type: string + type: + type: string + type: object + ca_file: + properties: + mountFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + value: + type: string + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + type: object + ca_path: + properties: + mountFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + value: + type: string + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + type: object + client_cert: + properties: + mountFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + value: + type: string + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + type: object + client_key: + properties: + mountFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + value: + type: string + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + type: object + coerce_to_utf8: + type: boolean + data_type: + type: string + fields: + additionalProperties: + type: string + type: object + format: + properties: + add_newline: + type: boolean + message_key: + type: string + type: + enum: + - out_file + - json + - ltsv + - csv + - msgpack + - hash + - single_value + type: string + type: object + hec_host: + type: string + hec_port: + type: integer + hec_token: + properties: + mountFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + value: + type: string + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + type: object + host: + type: string + host_key: + type: string + idle_timeout: + type: integer + index: + type: string + index_key: + type: string + insecure_ssl: + type: boolean + keep_keys: + type: boolean + metric_name_key: + type: string + metric_value_key: + type: string + metrics_from_event: + type: boolean + non_utf8_replacement_string: + type: string + open_timeout: + type: integer + protocol: + type: string + read_timeout: + type: integer + source: + type: string + source_key: + type: string + sourcetype: + type: string + sourcetype_key: + type: string + ssl_ciphers: + type: string + required: + - hec_host + - hec_token + type: object + sumologic: + properties: + add_timestamp: + type: boolean + buffer: + properties: + chunk_full_threshold: + type: string + chunk_limit_records: + type: integer + chunk_limit_size: + type: string + compress: + type: string + delayed_commit_timeout: + type: string + disable_chunk_backup: + type: boolean + flush_at_shutdown: + type: boolean + flush_interval: + type: string + flush_mode: + type: string + flush_thread_burst_interval: + type: string + flush_thread_count: + type: integer + flush_thread_interval: + type: string + overflow_action: + type: string + path: + type: string + queue_limit_length: + type: integer + queued_chunks_limit_size: + type: integer + retry_exponential_backoff_base: + type: string + retry_forever: + type: boolean + retry_max_interval: + type: string + retry_max_times: + type: integer + retry_randomize: + type: boolean + retry_secondary_threshold: + type: string + retry_timeout: + type: string + retry_type: + type: string + retry_wait: + type: string + tags: + type: string + timekey: + type: string + timekey_use_utc: + type: boolean + timekey_wait: + type: string + timekey_zone: + type: string + total_limit_size: + type: string + type: + type: string + type: object + compress: + type: boolean + compress_encoding: + type: string + custom_dimensions: + type: string + custom_fields: + items: + type: string + type: array + data_type: + type: string + delimiter: + type: string + disable_cookies: + type: boolean + endpoint: + properties: + mountFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + value: + type: string + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + type: object + log_format: + type: string + log_key: + type: string + metric_data_format: + type: string + open_timeout: + type: integer + proxy_uri: + type: string + source_category: + type: string + source_host: + type: string + source_name: + type: string + source_name_key: + type: string + sumo_client: + type: string + timestamp_key: + type: string + verify_ssl: + type: boolean + required: + - endpoint + - source_name + type: object + syslog: + properties: + buffer: + properties: + chunk_full_threshold: + type: string + chunk_limit_records: + type: integer + chunk_limit_size: + type: string + compress: + type: string + delayed_commit_timeout: + type: string + disable_chunk_backup: + type: boolean + flush_at_shutdown: + type: boolean + flush_interval: + type: string + flush_mode: + type: string + flush_thread_burst_interval: + type: string + flush_thread_count: + type: integer + flush_thread_interval: + type: string + overflow_action: + type: string + path: + type: string + queue_limit_length: + type: integer + queued_chunks_limit_size: + type: integer + retry_exponential_backoff_base: + type: string + retry_forever: + type: boolean + retry_max_interval: + type: string + retry_max_times: + type: integer + retry_randomize: + type: boolean + retry_secondary_threshold: + type: string + retry_timeout: + type: string + retry_type: + type: string + retry_wait: + type: string + tags: + type: string + timekey: + type: string + timekey_use_utc: + type: boolean + timekey_wait: + type: string + timekey_zone: + type: string + total_limit_size: + type: string + type: + type: string + type: object + format: + properties: + app_name_field: + type: string + hostname_field: + type: string + log_field: + type: string + message_id_field: + type: string + proc_id_field: + type: string + rfc6587_message_size: + type: boolean + structured_data_field: + type: string + type: + enum: + - out_file + - json + - ltsv + - csv + - msgpack + - hash + - single_value + type: string + type: object + host: + type: string + insecure: + type: boolean + port: + type: integer + transport: + type: string + trusted_ca_path: + properties: + mountFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + value: + type: string + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + type: object + required: + - host + type: object + type: object + status: + properties: + active: + type: boolean + problems: + items: + type: string + type: array + problemsCount: + type: integer + type: object + required: + - spec + type: object + version: v1beta1 + versions: + - name: v1beta1 + served: true + storage: true +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/charts/rancher-logging/rancher-logging-crd/3.9.400-rc06/templates/logging.banzaicloud.io_flows.yaml b/charts/rancher-logging/rancher-logging-crd/3.9.400-rc06/templates/logging.banzaicloud.io_flows.yaml new file mode 100755 index 00000000000..a01a1331d2b --- /dev/null +++ b/charts/rancher-logging/rancher-logging-crd/3.9.400-rc06/templates/logging.banzaicloud.io_flows.yaml @@ -0,0 +1,761 @@ + +--- +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.2.4 + creationTimestamp: null + name: flows.logging.banzaicloud.io +spec: + additionalPrinterColumns: + - JSONPath: .status.active + description: Is the flow active? + name: Active + type: boolean + - JSONPath: .status.problemsCount + description: Number of problems + name: Problems + type: integer + group: logging.banzaicloud.io + names: + categories: + - logging-all + kind: Flow + listKind: FlowList + plural: flows + singular: flow + preserveUnknownFields: false + scope: Namespaced + subresources: + status: {} + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + filters: + items: + properties: + concat: + properties: + continuous_line_regexp: + type: string + flush_interval: + type: integer + keep_partial_key: + type: boolean + keep_partial_metadata: + type: string + key: + type: string + multiline_end_regexp: + type: string + multiline_start_regexp: + type: string + n_lines: + type: integer + partial_key: + type: string + partial_value: + type: string + separator: + type: string + stream_identity_key: + type: string + timeout_label: + type: string + use_first_timestamp: + type: boolean + use_partial_metadata: + type: string + type: object + dedot: + properties: + de_dot_nested: + type: boolean + de_dot_separator: + type: string + type: object + detectExceptions: + properties: + languages: + items: + type: string + type: array + max_bytes: + type: integer + max_lines: + type: integer + message: + type: string + multiline_flush_interval: + type: string + remove_tag_prefix: + type: string + stream: + type: string + type: object + enhanceK8s: + properties: + api_groups: + items: + type: string + type: array + bearer_token_file: + type: string + ca_file: + properties: + mountFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + value: + type: string + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + type: object + cache_refresh: + type: integer + cache_refresh_variation: + type: integer + cache_size: + type: integer + cache_ttl: + type: integer + client_cert: + properties: + mountFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + value: + type: string + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + type: object + client_key: + properties: + mountFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + value: + type: string + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + type: object + core_api_versions: + items: + type: string + type: array + data_type: + type: string + in_namespace_path: + items: + type: string + type: array + in_pod_path: + items: + type: string + type: array + kubernetes_url: + type: string + secret_dir: + type: string + ssl_partial_chain: + type: boolean + verify_ssl: + type: boolean + type: object + geoip: + properties: + backend_library: + type: string + geoip_2_database: + type: string + geoip_database: + type: string + geoip_lookup_keys: + type: string + records: + items: + additionalProperties: + type: string + type: object + type: array + skip_adding_null_record: + type: boolean + type: object + grep: + properties: + and: + items: + properties: + exclude: + items: + properties: + key: + type: string + pattern: + type: string + required: + - key + - pattern + type: object + type: array + regexp: + items: + properties: + key: + type: string + pattern: + type: string + required: + - key + - pattern + type: object + type: array + type: object + type: array + exclude: + items: + properties: + key: + type: string + pattern: + type: string + required: + - key + - pattern + type: object + type: array + or: + items: + properties: + exclude: + items: + properties: + key: + type: string + pattern: + type: string + required: + - key + - pattern + type: object + type: array + regexp: + items: + properties: + key: + type: string + pattern: + type: string + required: + - key + - pattern + type: object + type: array + type: object + type: array + regexp: + items: + properties: + key: + type: string + pattern: + type: string + required: + - key + - pattern + type: object + type: array + type: object + parser: + properties: + emit_invalid_record_to_error: + type: boolean + hash_value_field: + type: string + inject_key_prefix: + type: string + key_name: + type: string + parse: + properties: + delimiter: + type: string + delimiter_pattern: + type: string + estimate_current_event: + type: boolean + expression: + type: string + format: + type: string + format_firstline: + type: string + keep_time_key: + type: boolean + label_delimiter: + type: string + local_time: + type: boolean + multiline: + items: + type: string + type: array + null_empty_string: + type: boolean + null_value_pattern: + type: string + patterns: + items: + properties: + estimate_current_event: + type: boolean + expression: + type: string + format: + type: string + keep_time_key: + type: boolean + local_time: + type: boolean + null_empty_string: + type: boolean + null_value_pattern: + type: string + time_format: + type: string + time_key: + type: string + time_type: + type: string + timezone: + type: string + type: + type: string + types: + type: string + utc: + type: boolean + type: object + type: array + time_format: + type: string + time_key: + type: string + time_type: + type: string + timezone: + type: string + type: + type: string + types: + type: string + utc: + type: boolean + type: object + parsers: + items: + properties: + delimiter: + type: string + delimiter_pattern: + type: string + estimate_current_event: + type: boolean + expression: + type: string + format: + type: string + format_firstline: + type: string + keep_time_key: + type: boolean + label_delimiter: + type: string + local_time: + type: boolean + multiline: + items: + type: string + type: array + null_empty_string: + type: boolean + null_value_pattern: + type: string + patterns: + items: + properties: + estimate_current_event: + type: boolean + expression: + type: string + format: + type: string + keep_time_key: + type: boolean + local_time: + type: boolean + null_empty_string: + type: boolean + null_value_pattern: + type: string + time_format: + type: string + time_key: + type: string + time_type: + type: string + timezone: + type: string + type: + type: string + types: + type: string + utc: + type: boolean + type: object + type: array + time_format: + type: string + time_key: + type: string + time_type: + type: string + timezone: + type: string + type: + type: string + types: + type: string + utc: + type: boolean + type: object + type: array + remove_key_name_field: + type: boolean + replace_invalid_sequence: + type: boolean + reserve_data: + type: boolean + reserve_time: + type: boolean + type: object + prometheus: + properties: + labels: + additionalProperties: + type: string + type: object + metrics: + items: + properties: + buckets: + type: string + desc: + type: string + key: + type: string + labels: + additionalProperties: + type: string + type: object + name: + type: string + type: + type: string + required: + - desc + - name + - type + type: object + type: array + type: object + record_modifier: + properties: + char_encoding: + type: string + prepare_value: + type: string + records: + items: + additionalProperties: + type: string + type: object + type: array + remove_keys: + type: string + replaces: + items: + properties: + expression: + type: string + key: + type: string + replace: + type: string + required: + - expression + - key + - replace + type: object + type: array + whitelist_keys: + type: string + type: object + record_transformer: + properties: + auto_typecast: + type: boolean + enable_ruby: + type: boolean + keep_keys: + type: string + records: + items: + additionalProperties: + type: string + type: object + type: array + remove_keys: + type: string + renew_record: + type: boolean + renew_time_key: + type: string + type: object + stdout: + properties: + output_type: + type: string + type: object + sumologic: + properties: + collector_key_name: + type: string + collector_value: + type: string + exclude_container_regex: + type: string + exclude_facility_regex: + type: string + exclude_host_regex: + type: string + exclude_namespace_regex: + type: string + exclude_pod_regex: + type: string + exclude_priority_regex: + type: string + exclude_unit_regex: + type: string + log_format: + type: string + source_category: + type: string + source_category_key_name: + type: string + source_category_prefix: + type: string + source_category_replace_dash: + type: string + source_host: + type: string + source_host_key_name: + type: string + source_name: + type: string + source_name_key_name: + type: string + tracing_annotation_prefix: + type: string + tracing_container_name: + type: string + tracing_format: + type: boolean + tracing_host: + type: string + tracing_label_prefix: + type: string + tracing_namespace: + type: string + tracing_pod: + type: string + tracing_pod_id: + type: string + type: object + tag_normaliser: + properties: + format: + type: string + type: object + throttle: + properties: + group_bucket_limit: + type: integer + group_bucket_period_s: + type: integer + group_drop_logs: + type: boolean + group_key: + type: string + group_reset_rate_s: + type: integer + group_warning_delay_s: + type: integer + type: object + type: object + type: array + globalOutputRefs: + items: + type: string + type: array + localOutputRefs: + items: + type: string + type: array + loggingRef: + type: string + match: + items: + properties: + exclude: + properties: + container_names: + items: + type: string + type: array + hosts: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + type: object + select: + properties: + container_names: + items: + type: string + type: array + hosts: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + type: object + type: object + type: array + outputRefs: + items: + type: string + type: array + selectors: + additionalProperties: + type: string + type: object + type: object + status: + properties: + active: + type: boolean + problems: + items: + type: string + type: array + problemsCount: + type: integer + type: object + type: object + version: v1beta1 + versions: + - name: v1beta1 + served: true + storage: true +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/charts/rancher-logging/rancher-logging-crd/3.9.400-rc06/templates/logging.banzaicloud.io_loggings.yaml b/charts/rancher-logging/rancher-logging-crd/3.9.400-rc06/templates/logging.banzaicloud.io_loggings.yaml new file mode 100755 index 00000000000..9d9c20fa117 --- /dev/null +++ b/charts/rancher-logging/rancher-logging-crd/3.9.400-rc06/templates/logging.banzaicloud.io_loggings.yaml @@ -0,0 +1,7095 @@ + +--- +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.2.4 + creationTimestamp: null + name: loggings.logging.banzaicloud.io +spec: + group: logging.banzaicloud.io + names: + categories: + - logging-all + kind: Logging + listKind: LoggingList + plural: loggings + singular: logging + preserveUnknownFields: false + scope: Cluster + subresources: + status: {} + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + allowClusterResourcesFromAllNamespaces: + type: boolean + controlNamespace: + type: string + defaultFlow: + properties: + filters: + items: + properties: + concat: + properties: + continuous_line_regexp: + type: string + flush_interval: + type: integer + keep_partial_key: + type: boolean + keep_partial_metadata: + type: string + key: + type: string + multiline_end_regexp: + type: string + multiline_start_regexp: + type: string + n_lines: + type: integer + partial_key: + type: string + partial_value: + type: string + separator: + type: string + stream_identity_key: + type: string + timeout_label: + type: string + use_first_timestamp: + type: boolean + use_partial_metadata: + type: string + type: object + dedot: + properties: + de_dot_nested: + type: boolean + de_dot_separator: + type: string + type: object + detectExceptions: + properties: + languages: + items: + type: string + type: array + max_bytes: + type: integer + max_lines: + type: integer + message: + type: string + multiline_flush_interval: + type: string + remove_tag_prefix: + type: string + stream: + type: string + type: object + enhanceK8s: + properties: + api_groups: + items: + type: string + type: array + bearer_token_file: + type: string + ca_file: + properties: + mountFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + value: + type: string + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + type: object + cache_refresh: + type: integer + cache_refresh_variation: + type: integer + cache_size: + type: integer + cache_ttl: + type: integer + client_cert: + properties: + mountFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + value: + type: string + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + type: object + client_key: + properties: + mountFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + value: + type: string + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + type: object + core_api_versions: + items: + type: string + type: array + data_type: + type: string + in_namespace_path: + items: + type: string + type: array + in_pod_path: + items: + type: string + type: array + kubernetes_url: + type: string + secret_dir: + type: string + ssl_partial_chain: + type: boolean + verify_ssl: + type: boolean + type: object + geoip: + properties: + backend_library: + type: string + geoip_2_database: + type: string + geoip_database: + type: string + geoip_lookup_keys: + type: string + records: + items: + additionalProperties: + type: string + type: object + type: array + skip_adding_null_record: + type: boolean + type: object + grep: + properties: + and: + items: + properties: + exclude: + items: + properties: + key: + type: string + pattern: + type: string + required: + - key + - pattern + type: object + type: array + regexp: + items: + properties: + key: + type: string + pattern: + type: string + required: + - key + - pattern + type: object + type: array + type: object + type: array + exclude: + items: + properties: + key: + type: string + pattern: + type: string + required: + - key + - pattern + type: object + type: array + or: + items: + properties: + exclude: + items: + properties: + key: + type: string + pattern: + type: string + required: + - key + - pattern + type: object + type: array + regexp: + items: + properties: + key: + type: string + pattern: + type: string + required: + - key + - pattern + type: object + type: array + type: object + type: array + regexp: + items: + properties: + key: + type: string + pattern: + type: string + required: + - key + - pattern + type: object + type: array + type: object + parser: + properties: + emit_invalid_record_to_error: + type: boolean + hash_value_field: + type: string + inject_key_prefix: + type: string + key_name: + type: string + parse: + properties: + delimiter: + type: string + delimiter_pattern: + type: string + estimate_current_event: + type: boolean + expression: + type: string + format: + type: string + format_firstline: + type: string + keep_time_key: + type: boolean + label_delimiter: + type: string + local_time: + type: boolean + multiline: + items: + type: string + type: array + null_empty_string: + type: boolean + null_value_pattern: + type: string + patterns: + items: + properties: + estimate_current_event: + type: boolean + expression: + type: string + format: + type: string + keep_time_key: + type: boolean + local_time: + type: boolean + null_empty_string: + type: boolean + null_value_pattern: + type: string + time_format: + type: string + time_key: + type: string + time_type: + type: string + timezone: + type: string + type: + type: string + types: + type: string + utc: + type: boolean + type: object + type: array + time_format: + type: string + time_key: + type: string + time_type: + type: string + timezone: + type: string + type: + type: string + types: + type: string + utc: + type: boolean + type: object + parsers: + items: + properties: + delimiter: + type: string + delimiter_pattern: + type: string + estimate_current_event: + type: boolean + expression: + type: string + format: + type: string + format_firstline: + type: string + keep_time_key: + type: boolean + label_delimiter: + type: string + local_time: + type: boolean + multiline: + items: + type: string + type: array + null_empty_string: + type: boolean + null_value_pattern: + type: string + patterns: + items: + properties: + estimate_current_event: + type: boolean + expression: + type: string + format: + type: string + keep_time_key: + type: boolean + local_time: + type: boolean + null_empty_string: + type: boolean + null_value_pattern: + type: string + time_format: + type: string + time_key: + type: string + time_type: + type: string + timezone: + type: string + type: + type: string + types: + type: string + utc: + type: boolean + type: object + type: array + time_format: + type: string + time_key: + type: string + time_type: + type: string + timezone: + type: string + type: + type: string + types: + type: string + utc: + type: boolean + type: object + type: array + remove_key_name_field: + type: boolean + replace_invalid_sequence: + type: boolean + reserve_data: + type: boolean + reserve_time: + type: boolean + type: object + prometheus: + properties: + labels: + additionalProperties: + type: string + type: object + metrics: + items: + properties: + buckets: + type: string + desc: + type: string + key: + type: string + labels: + additionalProperties: + type: string + type: object + name: + type: string + type: + type: string + required: + - desc + - name + - type + type: object + type: array + type: object + record_modifier: + properties: + char_encoding: + type: string + prepare_value: + type: string + records: + items: + additionalProperties: + type: string + type: object + type: array + remove_keys: + type: string + replaces: + items: + properties: + expression: + type: string + key: + type: string + replace: + type: string + required: + - expression + - key + - replace + type: object + type: array + whitelist_keys: + type: string + type: object + record_transformer: + properties: + auto_typecast: + type: boolean + enable_ruby: + type: boolean + keep_keys: + type: string + records: + items: + additionalProperties: + type: string + type: object + type: array + remove_keys: + type: string + renew_record: + type: boolean + renew_time_key: + type: string + type: object + stdout: + properties: + output_type: + type: string + type: object + sumologic: + properties: + collector_key_name: + type: string + collector_value: + type: string + exclude_container_regex: + type: string + exclude_facility_regex: + type: string + exclude_host_regex: + type: string + exclude_namespace_regex: + type: string + exclude_pod_regex: + type: string + exclude_priority_regex: + type: string + exclude_unit_regex: + type: string + log_format: + type: string + source_category: + type: string + source_category_key_name: + type: string + source_category_prefix: + type: string + source_category_replace_dash: + type: string + source_host: + type: string + source_host_key_name: + type: string + source_name: + type: string + source_name_key_name: + type: string + tracing_annotation_prefix: + type: string + tracing_container_name: + type: string + tracing_format: + type: boolean + tracing_host: + type: string + tracing_label_prefix: + type: string + tracing_namespace: + type: string + tracing_pod: + type: string + tracing_pod_id: + type: string + type: object + tag_normaliser: + properties: + format: + type: string + type: object + throttle: + properties: + group_bucket_limit: + type: integer + group_bucket_period_s: + type: integer + group_drop_logs: + type: boolean + group_key: + type: string + group_reset_rate_s: + type: integer + group_warning_delay_s: + type: integer + type: object + type: object + type: array + globalOutputRefs: + items: + type: string + type: array + outputRefs: + items: + type: string + type: array + type: object + enableRecreateWorkloadOnImmutableFieldChange: + type: boolean + flowConfigCheckDisabled: + type: boolean + flowConfigOverride: + type: string + fluentbit: + properties: + affinity: + properties: + nodeAffinity: + properties: + preferredDuringSchedulingIgnoredDuringExecution: + items: + properties: + preference: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchFields: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + type: object + weight: + format: int32 + type: integer + required: + - preference + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + properties: + nodeSelectorTerms: + items: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchFields: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + type: object + type: array + required: + - nodeSelectorTerms + type: object + type: object + podAffinity: + properties: + preferredDuringSchedulingIgnoredDuringExecution: + items: + properties: + podAffinityTerm: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + namespaces: + items: + type: string + type: array + topologyKey: + type: string + required: + - topologyKey + type: object + weight: + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + items: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + namespaces: + items: + type: string + type: array + topologyKey: + type: string + required: + - topologyKey + type: object + type: array + type: object + podAntiAffinity: + properties: + preferredDuringSchedulingIgnoredDuringExecution: + items: + properties: + podAffinityTerm: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + namespaces: + items: + type: string + type: array + topologyKey: + type: string + required: + - topologyKey + type: object + weight: + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + items: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + namespaces: + items: + type: string + type: array + topologyKey: + type: string + required: + - topologyKey + type: object + type: array + type: object + type: object + annotations: + additionalProperties: + type: string + type: object + bufferStorage: + properties: + storage.backlog.mem_limit: + type: string + storage.checksum: + type: string + storage.path: + type: string + storage.sync: + type: string + type: object + bufferStorageVolume: + properties: + emptyDir: + properties: + medium: + type: string + sizeLimit: + type: string + type: object + host_path: + properties: + path: + type: string + type: + type: string + required: + - path + type: object + hostPath: + properties: + path: + type: string + type: + type: string + required: + - path + type: object + pvc: + properties: + source: + properties: + claimName: + type: string + readOnly: + type: boolean + required: + - claimName + type: object + spec: + properties: + accessModes: + items: + type: string + type: array + dataSource: + properties: + apiGroup: + type: string + kind: + type: string + name: + type: string + required: + - kind + - name + type: object + resources: + properties: + limits: + additionalProperties: + type: string + type: object + requests: + additionalProperties: + type: string + type: object + type: object + selector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + storageClassName: + type: string + volumeMode: + type: string + volumeName: + type: string + type: object + type: object + type: object + coroStackSize: + format: int32 + type: integer + customConfigSecret: + type: string + disableKubernetesFilter: + type: boolean + enableUpstream: + type: boolean + extraVolumeMounts: + items: + properties: + destination: + pattern: ^/.+$ + type: string + readOnly: + type: boolean + source: + pattern: ^/.+$ + type: string + required: + - destination + - source + type: object + type: array + filterAws: + properties: + Match: + type: string + account_id: + type: boolean + ami_id: + type: boolean + az: + type: boolean + ec2_instance_id: + type: boolean + ec2_instance_type: + type: boolean + hostname: + type: boolean + imds_version: + type: string + private_ip: + type: boolean + vpc_id: + type: boolean + type: object + filterKubernetes: + properties: + Annotations: + type: string + Buffer_Size: + type: string + Dummy_Meta: + type: string + K8S-Logging.Exclude: + type: string + K8S-Logging.Parser: + type: string + Keep_Log: + type: string + Kube_CA_File: + type: string + Kube_CA_Path: + type: string + Kube_Tag_Prefix: + type: string + Kube_Token_File: + type: string + Kube_URL: + type: string + Kube_meta_preload_cache_dir: + type: string + Labels: + type: string + Match: + type: string + Merge_Log: + type: string + Merge_Log_Key: + type: string + Merge_Log_Trim: + type: string + Merge_Parser: + type: string + Regex_Parser: + type: string + Use_Journal: + type: string + tls.debug: + type: string + tls.verify: + type: string + type: object + flush: + format: int32 + type: integer + forwardOptions: + properties: + Require_ack_response: + type: boolean + Retry_Limit: + type: string + Send_options: + type: boolean + Tag: + type: string + Time_as_Integer: + type: boolean + type: object + grace: + format: int32 + type: integer + image: + properties: + imagePullSecrets: + items: + properties: + name: + type: string + type: object + type: array + pullPolicy: + type: string + repository: + type: string + tag: + type: string + type: object + inputTail: + properties: + Buffer_Chunk_Size: + type: string + Buffer_Max_Size: + type: string + DB: + type: string + DB_Sync: + type: string + Docker_Mode: + type: string + Docker_Mode_Flush: + type: string + Exclude_Path: + type: string + Ignore_Older: + type: string + Key: + type: string + Mem_Buf_Limit: + type: string + Multiline: + type: string + Multiline_Flush: + type: string + Parser: + type: string + Parser_Firstline: + type: string + Parser_N: + items: + type: string + type: array + Path: + type: string + Path_Key: + type: string + Refresh_Interval: + type: string + Rotate_Wait: + type: string + Skip_Long_Lines: + type: string + Tag: + type: string + Tag_Regex: + type: string + storage.type: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + livenessDefaultCheck: + type: boolean + livenessProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + failureThreshold: + format: int32 + type: integer + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + timeoutSeconds: + format: int32 + type: integer + type: object + logLevel: + type: string + metrics: + properties: + interval: + type: string + path: + type: string + port: + format: int32 + type: integer + prometheusAnnotations: + type: boolean + serviceMonitor: + type: boolean + serviceMonitorConfig: + properties: + additionalLabels: + additionalProperties: + type: string + type: object + honorLabels: + type: boolean + metricRelabelings: + items: + properties: + action: + type: string + modulus: + format: int64 + type: integer + regex: + type: string + replacement: + type: string + separator: + type: string + sourceLabels: + items: + type: string + type: array + targetLabel: + type: string + type: object + type: array + relabelings: + items: + properties: + action: + type: string + modulus: + format: int64 + type: integer + regex: + type: string + replacement: + type: string + separator: + type: string + sourceLabels: + items: + type: string + type: array + targetLabel: + type: string + type: object + type: array + type: object + timeout: + type: string + type: object + mountPath: + type: string + network: + properties: + connectTimeout: + format: int32 + type: integer + keepalive: + type: boolean + keepaliveIdleTimeout: + format: int32 + type: integer + keepaliveMaxRecycle: + format: int32 + type: integer + type: object + nodeSelector: + additionalProperties: + type: string + type: object + parser: + type: string + podPriorityClassName: + type: string + position_db: + properties: + emptyDir: + properties: + medium: + type: string + sizeLimit: + type: string + type: object + host_path: + properties: + path: + type: string + type: + type: string + required: + - path + type: object + hostPath: + properties: + path: + type: string + type: + type: string + required: + - path + type: object + pvc: + properties: + source: + properties: + claimName: + type: string + readOnly: + type: boolean + required: + - claimName + type: object + spec: + properties: + accessModes: + items: + type: string + type: array + dataSource: + properties: + apiGroup: + type: string + kind: + type: string + name: + type: string + required: + - kind + - name + type: object + resources: + properties: + limits: + additionalProperties: + type: string + type: object + requests: + additionalProperties: + type: string + type: object + type: object + selector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + storageClassName: + type: string + volumeMode: + type: string + volumeName: + type: string + type: object + type: object + type: object + positiondb: + properties: + emptyDir: + properties: + medium: + type: string + sizeLimit: + type: string + type: object + host_path: + properties: + path: + type: string + type: + type: string + required: + - path + type: object + hostPath: + properties: + path: + type: string + type: + type: string + required: + - path + type: object + pvc: + properties: + source: + properties: + claimName: + type: string + readOnly: + type: boolean + required: + - claimName + type: object + spec: + properties: + accessModes: + items: + type: string + type: array + dataSource: + properties: + apiGroup: + type: string + kind: + type: string + name: + type: string + required: + - kind + - name + type: object + resources: + properties: + limits: + additionalProperties: + type: string + type: object + requests: + additionalProperties: + type: string + type: object + type: object + selector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + storageClassName: + type: string + volumeMode: + type: string + volumeName: + type: string + type: object + type: object + type: object + readinessProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + failureThreshold: + format: int32 + type: integer + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + timeoutSeconds: + format: int32 + type: integer + type: object + resources: + properties: + limits: + additionalProperties: + type: string + type: object + requests: + additionalProperties: + type: string + type: object + type: object + security: + properties: + podSecurityContext: + properties: + fsGroup: + format: int64 + type: integer + fsGroupChangePolicy: + type: string + runAsGroup: + format: int64 + type: integer + runAsNonRoot: + type: boolean + runAsUser: + format: int64 + type: integer + seLinuxOptions: + properties: + level: + type: string + role: + type: string + type: + type: string + user: + type: string + type: object + seccompProfile: + properties: + localhostProfile: + type: string + type: + type: string + required: + - type + type: object + supplementalGroups: + items: + format: int64 + type: integer + type: array + sysctls: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + windowsOptions: + properties: + gmsaCredentialSpec: + type: string + gmsaCredentialSpecName: + type: string + runAsUserName: + type: string + type: object + type: object + podSecurityPolicyCreate: + type: boolean + roleBasedAccessControlCreate: + type: boolean + securityContext: + properties: + allowPrivilegeEscalation: + type: boolean + capabilities: + properties: + add: + items: + type: string + type: array + drop: + items: + type: string + type: array + type: object + privileged: + type: boolean + procMount: + type: string + readOnlyRootFilesystem: + type: boolean + runAsGroup: + format: int64 + type: integer + runAsNonRoot: + type: boolean + runAsUser: + format: int64 + type: integer + seLinuxOptions: + properties: + level: + type: string + role: + type: string + type: + type: string + user: + type: string + type: object + seccompProfile: + properties: + localhostProfile: + type: string + type: + type: string + required: + - type + type: object + windowsOptions: + properties: + gmsaCredentialSpec: + type: string + gmsaCredentialSpecName: + type: string + runAsUserName: + type: string + type: object + type: object + serviceAccount: + type: string + type: object + targetHost: + type: string + targetPort: + format: int32 + type: integer + tls: + properties: + enabled: + type: boolean + secretName: + type: string + sharedKey: + type: string + required: + - enabled + type: object + tolerations: + items: + properties: + effect: + type: string + key: + type: string + operator: + type: string + tolerationSeconds: + format: int64 + type: integer + value: + type: string + type: object + type: array + type: object + fluentd: + properties: + affinity: + properties: + nodeAffinity: + properties: + preferredDuringSchedulingIgnoredDuringExecution: + items: + properties: + preference: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchFields: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + type: object + weight: + format: int32 + type: integer + required: + - preference + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + properties: + nodeSelectorTerms: + items: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchFields: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + type: object + type: array + required: + - nodeSelectorTerms + type: object + type: object + podAffinity: + properties: + preferredDuringSchedulingIgnoredDuringExecution: + items: + properties: + podAffinityTerm: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + namespaces: + items: + type: string + type: array + topologyKey: + type: string + required: + - topologyKey + type: object + weight: + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + items: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + namespaces: + items: + type: string + type: array + topologyKey: + type: string + required: + - topologyKey + type: object + type: array + type: object + podAntiAffinity: + properties: + preferredDuringSchedulingIgnoredDuringExecution: + items: + properties: + podAffinityTerm: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + namespaces: + items: + type: string + type: array + topologyKey: + type: string + required: + - topologyKey + type: object + weight: + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + items: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + namespaces: + items: + type: string + type: array + topologyKey: + type: string + required: + - topologyKey + type: object + type: array + type: object + type: object + annotations: + additionalProperties: + type: string + type: object + bufferStorageVolume: + properties: + emptyDir: + properties: + medium: + type: string + sizeLimit: + type: string + type: object + host_path: + properties: + path: + type: string + type: + type: string + required: + - path + type: object + hostPath: + properties: + path: + type: string + type: + type: string + required: + - path + type: object + pvc: + properties: + source: + properties: + claimName: + type: string + readOnly: + type: boolean + required: + - claimName + type: object + spec: + properties: + accessModes: + items: + type: string + type: array + dataSource: + properties: + apiGroup: + type: string + kind: + type: string + name: + type: string + required: + - kind + - name + type: object + resources: + properties: + limits: + additionalProperties: + type: string + type: object + requests: + additionalProperties: + type: string + type: object + type: object + selector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + storageClassName: + type: string + volumeMode: + type: string + volumeName: + type: string + type: object + type: object + type: object + configCheckAnnotations: + additionalProperties: + type: string + type: object + configReloaderImage: + properties: + imagePullSecrets: + items: + properties: + name: + type: string + type: object + type: array + pullPolicy: + type: string + repository: + type: string + tag: + type: string + type: object + disablePvc: + type: boolean + fluentLogDestination: + type: string + fluentOutLogrotate: + properties: + age: + type: string + enabled: + type: boolean + path: + type: string + size: + type: string + required: + - enabled + type: object + fluentdPvcSpec: + properties: + emptyDir: + properties: + medium: + type: string + sizeLimit: + type: string + type: object + host_path: + properties: + path: + type: string + type: + type: string + required: + - path + type: object + hostPath: + properties: + path: + type: string + type: + type: string + required: + - path + type: object + pvc: + properties: + source: + properties: + claimName: + type: string + readOnly: + type: boolean + required: + - claimName + type: object + spec: + properties: + accessModes: + items: + type: string + type: array + dataSource: + properties: + apiGroup: + type: string + kind: + type: string + name: + type: string + required: + - kind + - name + type: object + resources: + properties: + limits: + additionalProperties: + type: string + type: object + requests: + additionalProperties: + type: string + type: object + type: object + selector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + storageClassName: + type: string + volumeMode: + type: string + volumeName: + type: string + type: object + type: object + type: object + forwardInputConfig: + properties: + add_tag_prefix: + type: string + bind: + type: string + chunk_size_limit: + type: string + chunk_size_warn_limit: + type: string + deny_keepalive: + type: boolean + linger_timeout: + type: integer + port: + type: string + resolve_hostname: + type: boolean + security: + properties: + allow_anonymous_source: + type: boolean + self_hostname: + type: string + shared_key: + type: string + user_auth: + type: boolean + required: + - self_hostname + - shared_key + type: object + send_keepalive_packet: + type: boolean + skip_invalid_event: + type: boolean + source_address_key: + type: string + sourceHostnameKey: + type: string + tag: + type: string + transport: + properties: + ca_cert_path: + type: string + ca_path: + type: string + ca_private_key_passphrase: + type: string + ca_private_key_path: + type: string + cert_path: + type: string + ciphers: + type: string + client_cert_auth: + type: boolean + insecure: + type: boolean + private_key_passphrase: + type: string + private_key_path: + type: string + protocol: + type: string + version: + type: string + type: object + type: object + ignoreRepeatedLogInterval: + type: string + ignoreSameLogInterval: + type: string + image: + properties: + imagePullSecrets: + items: + properties: + name: + type: string + type: object + type: array + pullPolicy: + type: string + repository: + type: string + tag: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + livenessDefaultCheck: + type: boolean + livenessProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + failureThreshold: + format: int32 + type: integer + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + timeoutSeconds: + format: int32 + type: integer + type: object + logLevel: + type: string + metrics: + properties: + interval: + type: string + path: + type: string + port: + format: int32 + type: integer + prometheusAnnotations: + type: boolean + serviceMonitor: + type: boolean + serviceMonitorConfig: + properties: + additionalLabels: + additionalProperties: + type: string + type: object + honorLabels: + type: boolean + metricRelabelings: + items: + properties: + action: + type: string + modulus: + format: int64 + type: integer + regex: + type: string + replacement: + type: string + separator: + type: string + sourceLabels: + items: + type: string + type: array + targetLabel: + type: string + type: object + type: array + relabelings: + items: + properties: + action: + type: string + modulus: + format: int64 + type: integer + regex: + type: string + replacement: + type: string + separator: + type: string + sourceLabels: + items: + type: string + type: array + targetLabel: + type: string + type: object + type: array + type: object + timeout: + type: string + type: object + nodeSelector: + additionalProperties: + type: string + type: object + podPriorityClassName: + type: string + port: + format: int32 + type: integer + readinessProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + failureThreshold: + format: int32 + type: integer + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + timeoutSeconds: + format: int32 + type: integer + type: object + resources: + properties: + limits: + additionalProperties: + type: string + type: object + requests: + additionalProperties: + type: string + type: object + type: object + rootDir: + type: string + scaling: + properties: + podManagementPolicy: + type: string + replicas: + type: integer + type: object + security: + properties: + podSecurityContext: + properties: + fsGroup: + format: int64 + type: integer + fsGroupChangePolicy: + type: string + runAsGroup: + format: int64 + type: integer + runAsNonRoot: + type: boolean + runAsUser: + format: int64 + type: integer + seLinuxOptions: + properties: + level: + type: string + role: + type: string + type: + type: string + user: + type: string + type: object + seccompProfile: + properties: + localhostProfile: + type: string + type: + type: string + required: + - type + type: object + supplementalGroups: + items: + format: int64 + type: integer + type: array + sysctls: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + windowsOptions: + properties: + gmsaCredentialSpec: + type: string + gmsaCredentialSpecName: + type: string + runAsUserName: + type: string + type: object + type: object + podSecurityPolicyCreate: + type: boolean + roleBasedAccessControlCreate: + type: boolean + securityContext: + properties: + allowPrivilegeEscalation: + type: boolean + capabilities: + properties: + add: + items: + type: string + type: array + drop: + items: + type: string + type: array + type: object + privileged: + type: boolean + procMount: + type: string + readOnlyRootFilesystem: + type: boolean + runAsGroup: + format: int64 + type: integer + runAsNonRoot: + type: boolean + runAsUser: + format: int64 + type: integer + seLinuxOptions: + properties: + level: + type: string + role: + type: string + type: + type: string + user: + type: string + type: object + seccompProfile: + properties: + localhostProfile: + type: string + type: + type: string + required: + - type + type: object + windowsOptions: + properties: + gmsaCredentialSpec: + type: string + gmsaCredentialSpecName: + type: string + runAsUserName: + type: string + type: object + type: object + serviceAccount: + type: string + type: object + tls: + properties: + enabled: + type: boolean + secretName: + type: string + sharedKey: + type: string + required: + - enabled + type: object + tolerations: + items: + properties: + effect: + type: string + key: + type: string + operator: + type: string + tolerationSeconds: + format: int64 + type: integer + value: + type: string + type: object + type: array + volumeModImage: + properties: + imagePullSecrets: + items: + properties: + name: + type: string + type: object + type: array + pullPolicy: + type: string + repository: + type: string + tag: + type: string + type: object + volumeMountChmod: + type: boolean + workers: + format: int32 + type: integer + type: object + globalFilters: + items: + properties: + concat: + properties: + continuous_line_regexp: + type: string + flush_interval: + type: integer + keep_partial_key: + type: boolean + keep_partial_metadata: + type: string + key: + type: string + multiline_end_regexp: + type: string + multiline_start_regexp: + type: string + n_lines: + type: integer + partial_key: + type: string + partial_value: + type: string + separator: + type: string + stream_identity_key: + type: string + timeout_label: + type: string + use_first_timestamp: + type: boolean + use_partial_metadata: + type: string + type: object + dedot: + properties: + de_dot_nested: + type: boolean + de_dot_separator: + type: string + type: object + detectExceptions: + properties: + languages: + items: + type: string + type: array + max_bytes: + type: integer + max_lines: + type: integer + message: + type: string + multiline_flush_interval: + type: string + remove_tag_prefix: + type: string + stream: + type: string + type: object + enhanceK8s: + properties: + api_groups: + items: + type: string + type: array + bearer_token_file: + type: string + ca_file: + properties: + mountFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + value: + type: string + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + type: object + cache_refresh: + type: integer + cache_refresh_variation: + type: integer + cache_size: + type: integer + cache_ttl: + type: integer + client_cert: + properties: + mountFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + value: + type: string + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + type: object + client_key: + properties: + mountFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + value: + type: string + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + type: object + core_api_versions: + items: + type: string + type: array + data_type: + type: string + in_namespace_path: + items: + type: string + type: array + in_pod_path: + items: + type: string + type: array + kubernetes_url: + type: string + secret_dir: + type: string + ssl_partial_chain: + type: boolean + verify_ssl: + type: boolean + type: object + geoip: + properties: + backend_library: + type: string + geoip_2_database: + type: string + geoip_database: + type: string + geoip_lookup_keys: + type: string + records: + items: + additionalProperties: + type: string + type: object + type: array + skip_adding_null_record: + type: boolean + type: object + grep: + properties: + and: + items: + properties: + exclude: + items: + properties: + key: + type: string + pattern: + type: string + required: + - key + - pattern + type: object + type: array + regexp: + items: + properties: + key: + type: string + pattern: + type: string + required: + - key + - pattern + type: object + type: array + type: object + type: array + exclude: + items: + properties: + key: + type: string + pattern: + type: string + required: + - key + - pattern + type: object + type: array + or: + items: + properties: + exclude: + items: + properties: + key: + type: string + pattern: + type: string + required: + - key + - pattern + type: object + type: array + regexp: + items: + properties: + key: + type: string + pattern: + type: string + required: + - key + - pattern + type: object + type: array + type: object + type: array + regexp: + items: + properties: + key: + type: string + pattern: + type: string + required: + - key + - pattern + type: object + type: array + type: object + parser: + properties: + emit_invalid_record_to_error: + type: boolean + hash_value_field: + type: string + inject_key_prefix: + type: string + key_name: + type: string + parse: + properties: + delimiter: + type: string + delimiter_pattern: + type: string + estimate_current_event: + type: boolean + expression: + type: string + format: + type: string + format_firstline: + type: string + keep_time_key: + type: boolean + label_delimiter: + type: string + local_time: + type: boolean + multiline: + items: + type: string + type: array + null_empty_string: + type: boolean + null_value_pattern: + type: string + patterns: + items: + properties: + estimate_current_event: + type: boolean + expression: + type: string + format: + type: string + keep_time_key: + type: boolean + local_time: + type: boolean + null_empty_string: + type: boolean + null_value_pattern: + type: string + time_format: + type: string + time_key: + type: string + time_type: + type: string + timezone: + type: string + type: + type: string + types: + type: string + utc: + type: boolean + type: object + type: array + time_format: + type: string + time_key: + type: string + time_type: + type: string + timezone: + type: string + type: + type: string + types: + type: string + utc: + type: boolean + type: object + parsers: + items: + properties: + delimiter: + type: string + delimiter_pattern: + type: string + estimate_current_event: + type: boolean + expression: + type: string + format: + type: string + format_firstline: + type: string + keep_time_key: + type: boolean + label_delimiter: + type: string + local_time: + type: boolean + multiline: + items: + type: string + type: array + null_empty_string: + type: boolean + null_value_pattern: + type: string + patterns: + items: + properties: + estimate_current_event: + type: boolean + expression: + type: string + format: + type: string + keep_time_key: + type: boolean + local_time: + type: boolean + null_empty_string: + type: boolean + null_value_pattern: + type: string + time_format: + type: string + time_key: + type: string + time_type: + type: string + timezone: + type: string + type: + type: string + types: + type: string + utc: + type: boolean + type: object + type: array + time_format: + type: string + time_key: + type: string + time_type: + type: string + timezone: + type: string + type: + type: string + types: + type: string + utc: + type: boolean + type: object + type: array + remove_key_name_field: + type: boolean + replace_invalid_sequence: + type: boolean + reserve_data: + type: boolean + reserve_time: + type: boolean + type: object + prometheus: + properties: + labels: + additionalProperties: + type: string + type: object + metrics: + items: + properties: + buckets: + type: string + desc: + type: string + key: + type: string + labels: + additionalProperties: + type: string + type: object + name: + type: string + type: + type: string + required: + - desc + - name + - type + type: object + type: array + type: object + record_modifier: + properties: + char_encoding: + type: string + prepare_value: + type: string + records: + items: + additionalProperties: + type: string + type: object + type: array + remove_keys: + type: string + replaces: + items: + properties: + expression: + type: string + key: + type: string + replace: + type: string + required: + - expression + - key + - replace + type: object + type: array + whitelist_keys: + type: string + type: object + record_transformer: + properties: + auto_typecast: + type: boolean + enable_ruby: + type: boolean + keep_keys: + type: string + records: + items: + additionalProperties: + type: string + type: object + type: array + remove_keys: + type: string + renew_record: + type: boolean + renew_time_key: + type: string + type: object + stdout: + properties: + output_type: + type: string + type: object + sumologic: + properties: + collector_key_name: + type: string + collector_value: + type: string + exclude_container_regex: + type: string + exclude_facility_regex: + type: string + exclude_host_regex: + type: string + exclude_namespace_regex: + type: string + exclude_pod_regex: + type: string + exclude_priority_regex: + type: string + exclude_unit_regex: + type: string + log_format: + type: string + source_category: + type: string + source_category_key_name: + type: string + source_category_prefix: + type: string + source_category_replace_dash: + type: string + source_host: + type: string + source_host_key_name: + type: string + source_name: + type: string + source_name_key_name: + type: string + tracing_annotation_prefix: + type: string + tracing_container_name: + type: string + tracing_format: + type: boolean + tracing_host: + type: string + tracing_label_prefix: + type: string + tracing_namespace: + type: string + tracing_pod: + type: string + tracing_pod_id: + type: string + type: object + tag_normaliser: + properties: + format: + type: string + type: object + throttle: + properties: + group_bucket_limit: + type: integer + group_bucket_period_s: + type: integer + group_drop_logs: + type: boolean + group_key: + type: string + group_reset_rate_s: + type: integer + group_warning_delay_s: + type: integer + type: object + type: object + type: array + loggingRef: + type: string + nodeAgents: + items: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + name: + type: string + nodeAgentFluentbit: + properties: + bufferStorage: + properties: + storage.backlog.mem_limit: + type: string + storage.checksum: + type: string + storage.path: + type: string + storage.sync: + type: string + type: object + bufferStorageVolume: + properties: + emptyDir: + properties: + medium: + type: string + sizeLimit: + type: string + type: object + host_path: + properties: + path: + type: string + type: + type: string + required: + - path + type: object + hostPath: + properties: + path: + type: string + type: + type: string + required: + - path + type: object + pvc: + properties: + source: + properties: + claimName: + type: string + readOnly: + type: boolean + required: + - claimName + type: object + spec: + properties: + accessModes: + items: + type: string + type: array + dataSource: + properties: + apiGroup: + type: string + kind: + type: string + name: + type: string + required: + - kind + - name + type: object + resources: + properties: + limits: + additionalProperties: + type: string + type: object + requests: + additionalProperties: + type: string + type: object + type: object + selector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + storageClassName: + type: string + volumeMode: + type: string + volumeName: + type: string + type: object + type: object + type: object + containersPath: + type: string + coroStackSize: + format: int32 + type: integer + customConfigSecret: + type: string + daemonSet: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + spec: + properties: + minReadySeconds: + format: int32 + type: integer + revisionHistoryLimit: + format: int32 + type: integer + selector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + template: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + spec: + properties: + activeDeadlineSeconds: + format: int64 + type: integer + affinity: + properties: + nodeAffinity: + properties: + preferredDuringSchedulingIgnoredDuringExecution: + items: + properties: + preference: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchFields: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + type: object + weight: + format: int32 + type: integer + required: + - preference + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + properties: + nodeSelectorTerms: + items: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchFields: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + type: object + type: array + required: + - nodeSelectorTerms + type: object + type: object + podAffinity: + properties: + preferredDuringSchedulingIgnoredDuringExecution: + items: + properties: + podAffinityTerm: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + namespaces: + items: + type: string + type: array + topologyKey: + type: string + required: + - topologyKey + type: object + weight: + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + items: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + namespaces: + items: + type: string + type: array + topologyKey: + type: string + required: + - topologyKey + type: object + type: array + type: object + podAntiAffinity: + properties: + preferredDuringSchedulingIgnoredDuringExecution: + items: + properties: + podAffinityTerm: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + namespaces: + items: + type: string + type: array + topologyKey: + type: string + required: + - topologyKey + type: object + weight: + format: int32 + type: integer + required: + - podAffinityTerm + - weight + type: object + type: array + requiredDuringSchedulingIgnoredDuringExecution: + items: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + namespaces: + items: + type: string + type: array + topologyKey: + type: string + required: + - topologyKey + type: object + type: array + type: object + type: object + automountServiceAccountToken: + type: boolean + containers: + items: + properties: + args: + items: + type: string + type: array + command: + items: + type: string + type: array + env: + items: + properties: + name: + type: string + value: + type: string + valueFrom: + properties: + configMapKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + required: + - fieldPath + type: object + resourceFieldRef: + properties: + containerName: + type: string + divisor: + type: string + resource: + type: string + required: + - resource + type: object + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + type: array + envFrom: + items: + properties: + configMapRef: + properties: + name: + type: string + optional: + type: boolean + type: object + prefix: + type: string + secretRef: + properties: + name: + type: string + optional: + type: boolean + type: object + type: object + type: array + image: + type: string + imagePullPolicy: + type: string + lifecycle: + properties: + postStart: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + preStop: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + type: object + livenessProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + failureThreshold: + format: int32 + type: integer + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + timeoutSeconds: + format: int32 + type: integer + type: object + name: + type: string + ports: + items: + properties: + containerPort: + format: int32 + type: integer + hostIP: + type: string + hostPort: + format: int32 + type: integer + name: + type: string + protocol: + type: string + required: + - containerPort + type: object + type: array + readinessProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + failureThreshold: + format: int32 + type: integer + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + timeoutSeconds: + format: int32 + type: integer + type: object + resources: + properties: + limits: + additionalProperties: + type: string + type: object + requests: + additionalProperties: + type: string + type: object + type: object + securityContext: + properties: + allowPrivilegeEscalation: + type: boolean + capabilities: + properties: + add: + items: + type: string + type: array + drop: + items: + type: string + type: array + type: object + privileged: + type: boolean + procMount: + type: string + readOnlyRootFilesystem: + type: boolean + runAsGroup: + format: int64 + type: integer + runAsNonRoot: + type: boolean + runAsUser: + format: int64 + type: integer + seLinuxOptions: + properties: + level: + type: string + role: + type: string + type: + type: string + user: + type: string + type: object + seccompProfile: + properties: + localhostProfile: + type: string + type: + type: string + required: + - type + type: object + windowsOptions: + properties: + gmsaCredentialSpec: + type: string + gmsaCredentialSpecName: + type: string + runAsUserName: + type: string + type: object + type: object + startupProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + failureThreshold: + format: int32 + type: integer + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + timeoutSeconds: + format: int32 + type: integer + type: object + stdin: + type: boolean + stdinOnce: + type: boolean + terminationMessagePath: + type: string + terminationMessagePolicy: + type: string + tty: + type: boolean + volumeDevices: + items: + properties: + devicePath: + type: string + name: + type: string + required: + - devicePath + - name + type: object + type: array + volumeMounts: + items: + properties: + mountPath: + type: string + mountPropagation: + type: string + name: + type: string + readOnly: + type: boolean + subPath: + type: string + subPathExpr: + type: string + required: + - mountPath + - name + type: object + type: array + workingDir: + type: string + required: + - name + type: object + type: array + dnsConfig: + properties: + nameservers: + items: + type: string + type: array + options: + items: + properties: + name: + type: string + value: + type: string + type: object + type: array + searches: + items: + type: string + type: array + type: object + dnsPolicy: + type: string + enableServiceLinks: + type: boolean + ephemeralContainers: + items: + properties: + args: + items: + type: string + type: array + command: + items: + type: string + type: array + env: + items: + properties: + name: + type: string + value: + type: string + valueFrom: + properties: + configMapKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + required: + - fieldPath + type: object + resourceFieldRef: + properties: + containerName: + type: string + divisor: + type: string + resource: + type: string + required: + - resource + type: object + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + type: array + envFrom: + items: + properties: + configMapRef: + properties: + name: + type: string + optional: + type: boolean + type: object + prefix: + type: string + secretRef: + properties: + name: + type: string + optional: + type: boolean + type: object + type: object + type: array + image: + type: string + imagePullPolicy: + type: string + lifecycle: + properties: + postStart: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + preStop: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + type: object + livenessProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + failureThreshold: + format: int32 + type: integer + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + timeoutSeconds: + format: int32 + type: integer + type: object + name: + type: string + ports: + items: + properties: + containerPort: + format: int32 + type: integer + hostIP: + type: string + hostPort: + format: int32 + type: integer + name: + type: string + protocol: + type: string + required: + - containerPort + type: object + type: array + readinessProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + failureThreshold: + format: int32 + type: integer + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + timeoutSeconds: + format: int32 + type: integer + type: object + resources: + properties: + limits: + additionalProperties: + type: string + type: object + requests: + additionalProperties: + type: string + type: object + type: object + securityContext: + properties: + allowPrivilegeEscalation: + type: boolean + capabilities: + properties: + add: + items: + type: string + type: array + drop: + items: + type: string + type: array + type: object + privileged: + type: boolean + procMount: + type: string + readOnlyRootFilesystem: + type: boolean + runAsGroup: + format: int64 + type: integer + runAsNonRoot: + type: boolean + runAsUser: + format: int64 + type: integer + seLinuxOptions: + properties: + level: + type: string + role: + type: string + type: + type: string + user: + type: string + type: object + seccompProfile: + properties: + localhostProfile: + type: string + type: + type: string + required: + - type + type: object + windowsOptions: + properties: + gmsaCredentialSpec: + type: string + gmsaCredentialSpecName: + type: string + runAsUserName: + type: string + type: object + type: object + startupProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + failureThreshold: + format: int32 + type: integer + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + timeoutSeconds: + format: int32 + type: integer + type: object + stdin: + type: boolean + stdinOnce: + type: boolean + targetContainerName: + type: string + terminationMessagePath: + type: string + terminationMessagePolicy: + type: string + tty: + type: boolean + volumeDevices: + items: + properties: + devicePath: + type: string + name: + type: string + required: + - devicePath + - name + type: object + type: array + volumeMounts: + items: + properties: + mountPath: + type: string + mountPropagation: + type: string + name: + type: string + readOnly: + type: boolean + subPath: + type: string + subPathExpr: + type: string + required: + - mountPath + - name + type: object + type: array + workingDir: + type: string + required: + - name + type: object + type: array + hostAliases: + items: + properties: + hostnames: + items: + type: string + type: array + ip: + type: string + type: object + type: array + hostIPC: + type: boolean + hostNetwork: + type: boolean + hostPID: + type: boolean + hostname: + type: string + imagePullSecrets: + items: + properties: + name: + type: string + type: object + type: array + initContainers: + items: + properties: + args: + items: + type: string + type: array + command: + items: + type: string + type: array + env: + items: + properties: + name: + type: string + value: + type: string + valueFrom: + properties: + configMapKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + required: + - fieldPath + type: object + resourceFieldRef: + properties: + containerName: + type: string + divisor: + type: string + resource: + type: string + required: + - resource + type: object + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + required: + - name + type: object + type: array + envFrom: + items: + properties: + configMapRef: + properties: + name: + type: string + optional: + type: boolean + type: object + prefix: + type: string + secretRef: + properties: + name: + type: string + optional: + type: boolean + type: object + type: object + type: array + image: + type: string + imagePullPolicy: + type: string + lifecycle: + properties: + postStart: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + preStop: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + type: object + type: object + livenessProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + failureThreshold: + format: int32 + type: integer + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + timeoutSeconds: + format: int32 + type: integer + type: object + name: + type: string + ports: + items: + properties: + containerPort: + format: int32 + type: integer + hostIP: + type: string + hostPort: + format: int32 + type: integer + name: + type: string + protocol: + type: string + required: + - containerPort + type: object + type: array + readinessProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + failureThreshold: + format: int32 + type: integer + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + timeoutSeconds: + format: int32 + type: integer + type: object + resources: + properties: + limits: + additionalProperties: + type: string + type: object + requests: + additionalProperties: + type: string + type: object + type: object + securityContext: + properties: + allowPrivilegeEscalation: + type: boolean + capabilities: + properties: + add: + items: + type: string + type: array + drop: + items: + type: string + type: array + type: object + privileged: + type: boolean + procMount: + type: string + readOnlyRootFilesystem: + type: boolean + runAsGroup: + format: int64 + type: integer + runAsNonRoot: + type: boolean + runAsUser: + format: int64 + type: integer + seLinuxOptions: + properties: + level: + type: string + role: + type: string + type: + type: string + user: + type: string + type: object + seccompProfile: + properties: + localhostProfile: + type: string + type: + type: string + required: + - type + type: object + windowsOptions: + properties: + gmsaCredentialSpec: + type: string + gmsaCredentialSpecName: + type: string + runAsUserName: + type: string + type: object + type: object + startupProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + type: object + failureThreshold: + format: int32 + type: integer + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + timeoutSeconds: + format: int32 + type: integer + type: object + stdin: + type: boolean + stdinOnce: + type: boolean + terminationMessagePath: + type: string + terminationMessagePolicy: + type: string + tty: + type: boolean + volumeDevices: + items: + properties: + devicePath: + type: string + name: + type: string + required: + - devicePath + - name + type: object + type: array + volumeMounts: + items: + properties: + mountPath: + type: string + mountPropagation: + type: string + name: + type: string + readOnly: + type: boolean + subPath: + type: string + subPathExpr: + type: string + required: + - mountPath + - name + type: object + type: array + workingDir: + type: string + required: + - name + type: object + type: array + nodeName: + type: string + nodeSelector: + additionalProperties: + type: string + type: object + overhead: + additionalProperties: + type: string + type: object + preemptionPolicy: + type: string + priority: + format: int32 + type: integer + priorityClassName: + type: string + readinessGates: + items: + properties: + conditionType: + type: string + required: + - conditionType + type: object + type: array + restartPolicy: + type: string + runtimeClassName: + type: string + schedulerName: + type: string + securityContext: + properties: + fsGroup: + format: int64 + type: integer + fsGroupChangePolicy: + type: string + runAsGroup: + format: int64 + type: integer + runAsNonRoot: + type: boolean + runAsUser: + format: int64 + type: integer + seLinuxOptions: + properties: + level: + type: string + role: + type: string + type: + type: string + user: + type: string + type: object + seccompProfile: + properties: + localhostProfile: + type: string + type: + type: string + required: + - type + type: object + supplementalGroups: + items: + format: int64 + type: integer + type: array + sysctls: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + windowsOptions: + properties: + gmsaCredentialSpec: + type: string + gmsaCredentialSpecName: + type: string + runAsUserName: + type: string + type: object + type: object + serviceAccountName: + type: string + setHostnameAsFQDN: + type: boolean + shareProcessNamespace: + type: boolean + subdomain: + type: string + terminationGracePeriodSeconds: + format: int64 + type: integer + tolerations: + items: + properties: + effect: + type: string + key: + type: string + operator: + type: string + tolerationSeconds: + format: int64 + type: integer + value: + type: string + type: object + type: array + topologySpreadConstraints: + items: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + maxSkew: + format: int32 + type: integer + topologyKey: + type: string + whenUnsatisfiable: + type: string + required: + - maxSkew + - topologyKey + - whenUnsatisfiable + type: object + type: array + volumes: + items: + properties: + awsElasticBlockStore: + properties: + fsType: + type: string + partition: + format: int32 + type: integer + readOnly: + type: boolean + volumeID: + type: string + required: + - volumeID + type: object + azureDisk: + properties: + cachingMode: + type: string + diskName: + type: string + diskURI: + type: string + fsType: + type: string + kind: + type: string + readOnly: + type: boolean + required: + - diskName + - diskURI + type: object + azureFile: + properties: + readOnly: + type: boolean + secretName: + type: string + shareName: + type: string + required: + - secretName + - shareName + type: object + cephfs: + properties: + monitors: + items: + type: string + type: array + path: + type: string + readOnly: + type: boolean + secretFile: + type: string + secretRef: + properties: + name: + type: string + type: object + user: + type: string + required: + - monitors + type: object + cinder: + properties: + fsType: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + volumeID: + type: string + required: + - volumeID + type: object + configMap: + properties: + defaultMode: + format: int32 + type: integer + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + name: + type: string + optional: + type: boolean + type: object + csi: + properties: + driver: + type: string + fsType: + type: string + nodePublishSecretRef: + properties: + name: + type: string + type: object + readOnly: + type: boolean + volumeAttributes: + additionalProperties: + type: string + type: object + required: + - driver + type: object + downwardAPI: + properties: + defaultMode: + format: int32 + type: integer + items: + items: + properties: + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + required: + - fieldPath + type: object + mode: + format: int32 + type: integer + path: + type: string + resourceFieldRef: + properties: + containerName: + type: string + divisor: + type: string + resource: + type: string + required: + - resource + type: object + required: + - path + type: object + type: array + type: object + emptyDir: + properties: + medium: + type: string + sizeLimit: + type: string + type: object + ephemeral: + properties: + readOnly: + type: boolean + volumeClaimTemplate: + properties: + metadata: + type: object + spec: + properties: + accessModes: + items: + type: string + type: array + dataSource: + properties: + apiGroup: + type: string + kind: + type: string + name: + type: string + required: + - kind + - name + type: object + resources: + properties: + limits: + additionalProperties: + type: string + type: object + requests: + additionalProperties: + type: string + type: object + type: object + selector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + storageClassName: + type: string + volumeMode: + type: string + volumeName: + type: string + type: object + required: + - spec + type: object + type: object + fc: + properties: + fsType: + type: string + lun: + format: int32 + type: integer + readOnly: + type: boolean + targetWWNs: + items: + type: string + type: array + wwids: + items: + type: string + type: array + type: object + flexVolume: + properties: + driver: + type: string + fsType: + type: string + options: + additionalProperties: + type: string + type: object + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + required: + - driver + type: object + flocker: + properties: + datasetName: + type: string + datasetUUID: + type: string + type: object + gcePersistentDisk: + properties: + fsType: + type: string + partition: + format: int32 + type: integer + pdName: + type: string + readOnly: + type: boolean + required: + - pdName + type: object + gitRepo: + properties: + directory: + type: string + repository: + type: string + revision: + type: string + required: + - repository + type: object + glusterfs: + properties: + endpoints: + type: string + path: + type: string + readOnly: + type: boolean + required: + - endpoints + - path + type: object + hostPath: + properties: + path: + type: string + type: + type: string + required: + - path + type: object + iscsi: + properties: + chapAuthDiscovery: + type: boolean + chapAuthSession: + type: boolean + fsType: + type: string + initiatorName: + type: string + iqn: + type: string + iscsiInterface: + type: string + lun: + format: int32 + type: integer + portals: + items: + type: string + type: array + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + targetPortal: + type: string + required: + - iqn + - lun + - targetPortal + type: object + name: + type: string + nfs: + properties: + path: + type: string + readOnly: + type: boolean + server: + type: string + required: + - path + - server + type: object + persistentVolumeClaim: + properties: + claimName: + type: string + readOnly: + type: boolean + required: + - claimName + type: object + photonPersistentDisk: + properties: + fsType: + type: string + pdID: + type: string + required: + - pdID + type: object + portworxVolume: + properties: + fsType: + type: string + readOnly: + type: boolean + volumeID: + type: string + required: + - volumeID + type: object + projected: + properties: + defaultMode: + format: int32 + type: integer + sources: + items: + properties: + configMap: + properties: + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + name: + type: string + optional: + type: boolean + type: object + downwardAPI: + properties: + items: + items: + properties: + fieldRef: + properties: + apiVersion: + type: string + fieldPath: + type: string + required: + - fieldPath + type: object + mode: + format: int32 + type: integer + path: + type: string + resourceFieldRef: + properties: + containerName: + type: string + divisor: + type: string + resource: + type: string + required: + - resource + type: object + required: + - path + type: object + type: array + type: object + secret: + properties: + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + name: + type: string + optional: + type: boolean + type: object + serviceAccountToken: + properties: + audience: + type: string + expirationSeconds: + format: int64 + type: integer + path: + type: string + required: + - path + type: object + type: object + type: array + required: + - sources + type: object + quobyte: + properties: + group: + type: string + readOnly: + type: boolean + registry: + type: string + tenant: + type: string + user: + type: string + volume: + type: string + required: + - registry + - volume + type: object + rbd: + properties: + fsType: + type: string + image: + type: string + keyring: + type: string + monitors: + items: + type: string + type: array + pool: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + user: + type: string + required: + - image + - monitors + type: object + scaleIO: + properties: + fsType: + type: string + gateway: + type: string + protectionDomain: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + sslEnabled: + type: boolean + storageMode: + type: string + storagePool: + type: string + system: + type: string + volumeName: + type: string + required: + - gateway + - secretRef + - system + type: object + secret: + properties: + defaultMode: + format: int32 + type: integer + items: + items: + properties: + key: + type: string + mode: + format: int32 + type: integer + path: + type: string + required: + - key + - path + type: object + type: array + optional: + type: boolean + secretName: + type: string + type: object + storageos: + properties: + fsType: + type: string + readOnly: + type: boolean + secretRef: + properties: + name: + type: string + type: object + volumeName: + type: string + volumeNamespace: + type: string + type: object + vsphereVolume: + properties: + fsType: + type: string + storagePolicyID: + type: string + storagePolicyName: + type: string + volumePath: + type: string + required: + - volumePath + type: object + required: + - name + type: object + type: array + type: object + type: object + updateStrategy: + properties: + rollingUpdate: + properties: + maxUnavailable: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + type: object + type: + type: string + type: object + type: object + type: object + disableKubernetesFilter: + type: boolean + enableUpstream: + type: boolean + enabled: + type: boolean + extraVolumeMounts: + items: + properties: + destination: + pattern: ^/.+$ + type: string + readOnly: + type: boolean + source: + pattern: ^/.+$ + type: string + required: + - destination + - source + type: object + type: array + filterAws: + properties: + Match: + type: string + account_id: + type: boolean + ami_id: + type: boolean + az: + type: boolean + ec2_instance_id: + type: boolean + ec2_instance_type: + type: boolean + hostname: + type: boolean + imds_version: + type: string + private_ip: + type: boolean + vpc_id: + type: boolean + type: object + filterKubernetes: + properties: + Annotations: + type: string + Buffer_Size: + type: string + Dummy_Meta: + type: string + K8S-Logging.Exclude: + type: string + K8S-Logging.Parser: + type: string + Keep_Log: + type: string + Kube_CA_File: + type: string + Kube_CA_Path: + type: string + Kube_Tag_Prefix: + type: string + Kube_Token_File: + type: string + Kube_URL: + type: string + Kube_meta_preload_cache_dir: + type: string + Labels: + type: string + Match: + type: string + Merge_Log: + type: string + Merge_Log_Key: + type: string + Merge_Log_Trim: + type: string + Merge_Parser: + type: string + Regex_Parser: + type: string + Use_Journal: + type: string + tls.debug: + type: string + tls.verify: + type: string + type: object + flush: + format: int32 + type: integer + forwardOptions: + properties: + Require_ack_response: + type: boolean + Retry_Limit: + type: string + Send_options: + type: boolean + Tag: + type: string + Time_as_Integer: + type: boolean + type: object + grace: + format: int32 + type: integer + inputTail: + properties: + Buffer_Chunk_Size: + type: string + Buffer_Max_Size: + type: string + DB: + type: string + DB_Sync: + type: string + Docker_Mode: + type: string + Docker_Mode_Flush: + type: string + Exclude_Path: + type: string + Ignore_Older: + type: string + Key: + type: string + Mem_Buf_Limit: + type: string + Multiline: + type: string + Multiline_Flush: + type: string + Parser: + type: string + Parser_Firstline: + type: string + Parser_N: + items: + type: string + type: array + Path: + type: string + Path_Key: + type: string + Refresh_Interval: + type: string + Rotate_Wait: + type: string + Skip_Long_Lines: + type: string + Tag: + type: string + Tag_Regex: + type: string + storage.type: + type: string + type: object + livenessDefaultCheck: + type: boolean + logLevel: + type: string + metrics: + properties: + interval: + type: string + path: + type: string + port: + format: int32 + type: integer + prometheusAnnotations: + type: boolean + serviceMonitor: + type: boolean + serviceMonitorConfig: + properties: + additionalLabels: + additionalProperties: + type: string + type: object + honorLabels: + type: boolean + metricRelabelings: + items: + properties: + action: + type: string + modulus: + format: int64 + type: integer + regex: + type: string + replacement: + type: string + separator: + type: string + sourceLabels: + items: + type: string + type: array + targetLabel: + type: string + type: object + type: array + relabelings: + items: + properties: + action: + type: string + modulus: + format: int64 + type: integer + regex: + type: string + replacement: + type: string + separator: + type: string + sourceLabels: + items: + type: string + type: array + targetLabel: + type: string + type: object + type: array + type: object + timeout: + type: string + type: object + metricsService: + properties: + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + spec: + properties: + clusterIP: + type: string + externalIPs: + items: + type: string + type: array + externalName: + type: string + externalTrafficPolicy: + type: string + healthCheckNodePort: + format: int32 + type: integer + ipFamily: + type: string + loadBalancerIP: + type: string + loadBalancerSourceRanges: + items: + type: string + type: array + ports: + items: + properties: + appProtocol: + type: string + name: + type: string + nodePort: + format: int32 + type: integer + port: + format: int32 + type: integer + protocol: + type: string + targetPort: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + type: array + publishNotReadyAddresses: + type: boolean + selector: + additionalProperties: + type: string + type: object + sessionAffinity: + type: string + sessionAffinityConfig: + properties: + clientIP: + properties: + timeoutSeconds: + format: int32 + type: integer + type: object + type: object + topologyKeys: + items: + type: string + type: array + type: + type: string + type: object + type: object + network: + properties: + connectTimeout: + format: int32 + type: integer + keepalive: + type: boolean + keepaliveIdleTimeout: + format: int32 + type: integer + keepaliveMaxRecycle: + format: int32 + type: integer + type: object + podPriorityClassName: + type: string + positiondb: + properties: + emptyDir: + properties: + medium: + type: string + sizeLimit: + type: string + type: object + host_path: + properties: + path: + type: string + type: + type: string + required: + - path + type: object + hostPath: + properties: + path: + type: string + type: + type: string + required: + - path + type: object + pvc: + properties: + source: + properties: + claimName: + type: string + readOnly: + type: boolean + required: + - claimName + type: object + spec: + properties: + accessModes: + items: + type: string + type: array + dataSource: + properties: + apiGroup: + type: string + kind: + type: string + name: + type: string + required: + - kind + - name + type: object + resources: + properties: + limits: + additionalProperties: + type: string + type: object + requests: + additionalProperties: + type: string + type: object + type: object + selector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + required: + - key + - operator + type: object + type: array + matchLabels: + additionalProperties: + type: string + type: object + type: object + storageClassName: + type: string + volumeMode: + type: string + volumeName: + type: string + type: object + type: object + type: object + security: + properties: + podSecurityContext: + properties: + fsGroup: + format: int64 + type: integer + fsGroupChangePolicy: + type: string + runAsGroup: + format: int64 + type: integer + runAsNonRoot: + type: boolean + runAsUser: + format: int64 + type: integer + seLinuxOptions: + properties: + level: + type: string + role: + type: string + type: + type: string + user: + type: string + type: object + seccompProfile: + properties: + localhostProfile: + type: string + type: + type: string + required: + - type + type: object + supplementalGroups: + items: + format: int64 + type: integer + type: array + sysctls: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + windowsOptions: + properties: + gmsaCredentialSpec: + type: string + gmsaCredentialSpecName: + type: string + runAsUserName: + type: string + type: object + type: object + podSecurityPolicyCreate: + type: boolean + roleBasedAccessControlCreate: + type: boolean + securityContext: + properties: + allowPrivilegeEscalation: + type: boolean + capabilities: + properties: + add: + items: + type: string + type: array + drop: + items: + type: string + type: array + type: object + privileged: + type: boolean + procMount: + type: string + readOnlyRootFilesystem: + type: boolean + runAsGroup: + format: int64 + type: integer + runAsNonRoot: + type: boolean + runAsUser: + format: int64 + type: integer + seLinuxOptions: + properties: + level: + type: string + role: + type: string + type: + type: string + user: + type: string + type: object + seccompProfile: + properties: + localhostProfile: + type: string + type: + type: string + required: + - type + type: object + windowsOptions: + properties: + gmsaCredentialSpec: + type: string + gmsaCredentialSpecName: + type: string + runAsUserName: + type: string + type: object + type: object + serviceAccount: + type: string + type: object + serviceAccount: + properties: + automountServiceAccountToken: + type: boolean + imagePullSecrets: + items: + properties: + name: + type: string + type: object + type: array + metadata: + properties: + annotations: + additionalProperties: + type: string + type: object + labels: + additionalProperties: + type: string + type: object + type: object + secrets: + items: + properties: + apiVersion: + type: string + fieldPath: + type: string + kind: + type: string + name: + type: string + namespace: + type: string + resourceVersion: + type: string + uid: + type: string + type: object + type: array + type: object + targetHost: + type: string + targetPort: + format: int32 + type: integer + tls: + properties: + enabled: + type: boolean + secretName: + type: string + sharedKey: + type: string + required: + - enabled + type: object + varLogsPath: + type: string + type: object + profile: + type: string + type: object + type: array + watchNamespaces: + items: + type: string + type: array + required: + - controlNamespace + type: object + status: + properties: + configCheckResults: + additionalProperties: + type: boolean + type: object + type: object + type: object + version: v1beta1 + versions: + - name: v1beta1 + served: true + storage: true +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/charts/rancher-logging/rancher-logging-crd/3.9.400-rc06/templates/logging.banzaicloud.io_outputs.yaml b/charts/rancher-logging/rancher-logging-crd/3.9.400-rc06/templates/logging.banzaicloud.io_outputs.yaml new file mode 100755 index 00000000000..85ee16497c3 --- /dev/null +++ b/charts/rancher-logging/rancher-logging-crd/3.9.400-rc06/templates/logging.banzaicloud.io_outputs.yaml @@ -0,0 +1,4715 @@ + +--- +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.2.4 + creationTimestamp: null + name: outputs.logging.banzaicloud.io +spec: + additionalPrinterColumns: + - JSONPath: .status.active + description: Is the output active? + name: Active + type: boolean + - JSONPath: .status.problemsCount + description: Number of problems + name: Problems + type: integer + group: logging.banzaicloud.io + names: + categories: + - logging-all + kind: Output + listKind: OutputList + plural: outputs + singular: output + preserveUnknownFields: false + scope: Namespaced + subresources: + status: {} + validation: + openAPIV3Schema: + properties: + apiVersion: + type: string + kind: + type: string + metadata: + type: object + spec: + properties: + awsElasticsearch: + properties: + buffer: + properties: + chunk_full_threshold: + type: string + chunk_limit_records: + type: integer + chunk_limit_size: + type: string + compress: + type: string + delayed_commit_timeout: + type: string + disable_chunk_backup: + type: boolean + flush_at_shutdown: + type: boolean + flush_interval: + type: string + flush_mode: + type: string + flush_thread_burst_interval: + type: string + flush_thread_count: + type: integer + flush_thread_interval: + type: string + overflow_action: + type: string + path: + type: string + queue_limit_length: + type: integer + queued_chunks_limit_size: + type: integer + retry_exponential_backoff_base: + type: string + retry_forever: + type: boolean + retry_max_interval: + type: string + retry_max_times: + type: integer + retry_randomize: + type: boolean + retry_secondary_threshold: + type: string + retry_timeout: + type: string + retry_type: + type: string + retry_wait: + type: string + tags: + type: string + timekey: + type: string + timekey_use_utc: + type: boolean + timekey_wait: + type: string + timekey_zone: + type: string + total_limit_size: + type: string + type: + type: string + type: object + endpoint: + properties: + access_key_id: + properties: + mountFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + value: + type: string + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + type: object + assume_role_arn: + properties: + mountFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + value: + type: string + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + type: object + assume_role_session_name: + properties: + mountFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + value: + type: string + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + type: object + assume_role_web_identity_token_file: + properties: + mountFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + value: + type: string + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + type: object + ecs_container_credentials_relative_uri: + properties: + mountFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + value: + type: string + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + type: object + region: + type: string + secret_access_key: + properties: + mountFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + value: + type: string + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + type: object + sts_credentials_region: + properties: + mountFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + value: + type: string + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + type: object + url: + type: string + type: object + flush_interval: + type: string + format: + properties: + add_newline: + type: boolean + message_key: + type: string + type: + enum: + - out_file + - json + - ltsv + - csv + - msgpack + - hash + - single_value + type: string + type: object + include_tag_key: + type: boolean + logstash_format: + type: boolean + tag_key: + type: string + type: object + azurestorage: + properties: + auto_create_container: + type: boolean + azure_container: + type: string + azure_imds_api_version: + type: string + azure_object_key_format: + type: string + azure_storage_access_key: + properties: + mountFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + value: + type: string + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + type: object + azure_storage_account: + properties: + mountFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + value: + type: string + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + type: object + azure_storage_sas_token: + properties: + mountFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + value: + type: string + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + type: object + buffer: + properties: + chunk_full_threshold: + type: string + chunk_limit_records: + type: integer + chunk_limit_size: + type: string + compress: + type: string + delayed_commit_timeout: + type: string + disable_chunk_backup: + type: boolean + flush_at_shutdown: + type: boolean + flush_interval: + type: string + flush_mode: + type: string + flush_thread_burst_interval: + type: string + flush_thread_count: + type: integer + flush_thread_interval: + type: string + overflow_action: + type: string + path: + type: string + queue_limit_length: + type: integer + queued_chunks_limit_size: + type: integer + retry_exponential_backoff_base: + type: string + retry_forever: + type: boolean + retry_max_interval: + type: string + retry_max_times: + type: integer + retry_randomize: + type: boolean + retry_secondary_threshold: + type: string + retry_timeout: + type: string + retry_type: + type: string + retry_wait: + type: string + tags: + type: string + timekey: + type: string + timekey_use_utc: + type: boolean + timekey_wait: + type: string + timekey_zone: + type: string + total_limit_size: + type: string + type: + type: string + type: object + format: + type: string + path: + type: string + required: + - azure_container + - azure_storage_access_key + - azure_storage_account + - azure_storage_sas_token + type: object + cloudwatch: + properties: + auto_create_stream: + type: boolean + aws_instance_profile_credentials_retries: + type: integer + aws_key_id: + properties: + mountFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + value: + type: string + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + type: object + aws_sec_key: + properties: + mountFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + value: + type: string + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + type: object + aws_sts_role_arn: + type: string + aws_sts_session_name: + type: string + aws_use_sts: + type: boolean + buffer: + properties: + chunk_full_threshold: + type: string + chunk_limit_records: + type: integer + chunk_limit_size: + type: string + compress: + type: string + delayed_commit_timeout: + type: string + disable_chunk_backup: + type: boolean + flush_at_shutdown: + type: boolean + flush_interval: + type: string + flush_mode: + type: string + flush_thread_burst_interval: + type: string + flush_thread_count: + type: integer + flush_thread_interval: + type: string + overflow_action: + type: string + path: + type: string + queue_limit_length: + type: integer + queued_chunks_limit_size: + type: integer + retry_exponential_backoff_base: + type: string + retry_forever: + type: boolean + retry_max_interval: + type: string + retry_max_times: + type: integer + retry_randomize: + type: boolean + retry_secondary_threshold: + type: string + retry_timeout: + type: string + retry_type: + type: string + retry_wait: + type: string + tags: + type: string + timekey: + type: string + timekey_use_utc: + type: boolean + timekey_wait: + type: string + timekey_zone: + type: string + total_limit_size: + type: string + type: + type: string + type: object + concurrency: + type: integer + endpoint: + type: string + format: + properties: + add_newline: + type: boolean + message_key: + type: string + type: + enum: + - out_file + - json + - ltsv + - csv + - msgpack + - hash + - single_value + type: string + type: object + http_proxy: + type: string + include_time_key: + type: boolean + json_handler: + type: string + localtime: + type: boolean + log_group_aws_tags: + type: string + log_group_aws_tags_key: + type: string + log_group_name: + type: string + log_group_name_key: + type: string + log_rejected_request: + type: string + log_stream_name: + type: string + log_stream_name_key: + type: string + max_events_per_batch: + type: integer + max_message_length: + type: integer + message_keys: + type: string + put_log_events_disable_retry_limit: + type: boolean + put_log_events_retry_limit: + type: integer + put_log_events_retry_wait: + type: string + region: + type: string + remove_log_group_aws_tags_key: + type: string + remove_log_group_name_key: + type: string + remove_log_stream_name_key: + type: string + remove_retention_in_days: + type: string + retention_in_days: + type: string + retention_in_days_key: + type: string + use_tag_as_group: + type: boolean + use_tag_as_stream: + type: boolean + required: + - region + type: object + datadog: + properties: + api_key: + properties: + mountFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + value: + type: string + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + type: object + buffer: + properties: + chunk_full_threshold: + type: string + chunk_limit_records: + type: integer + chunk_limit_size: + type: string + compress: + type: string + delayed_commit_timeout: + type: string + disable_chunk_backup: + type: boolean + flush_at_shutdown: + type: boolean + flush_interval: + type: string + flush_mode: + type: string + flush_thread_burst_interval: + type: string + flush_thread_count: + type: integer + flush_thread_interval: + type: string + overflow_action: + type: string + path: + type: string + queue_limit_length: + type: integer + queued_chunks_limit_size: + type: integer + retry_exponential_backoff_base: + type: string + retry_forever: + type: boolean + retry_max_interval: + type: string + retry_max_times: + type: integer + retry_randomize: + type: boolean + retry_secondary_threshold: + type: string + retry_timeout: + type: string + retry_type: + type: string + retry_wait: + type: string + tags: + type: string + timekey: + type: string + timekey_use_utc: + type: boolean + timekey_wait: + type: string + timekey_zone: + type: string + total_limit_size: + type: string + type: + type: string + type: object + compression_level: + type: string + dd_hostname: + type: string + dd_source: + type: string + dd_sourcecategory: + type: string + dd_tags: + type: string + host: + type: string + include_tag_key: + type: boolean + max_backoff: + type: string + max_retries: + type: string + no_ssl_validation: + type: boolean + port: + type: string + service: + type: string + ssl_port: + type: string + tag_key: + type: string + timestamp_key: + type: string + use_compression: + type: boolean + use_http: + type: boolean + use_json: + type: boolean + use_ssl: + type: boolean + required: + - api_key + type: object + elasticsearch: + properties: + application_name: + type: string + buffer: + properties: + chunk_full_threshold: + type: string + chunk_limit_records: + type: integer + chunk_limit_size: + type: string + compress: + type: string + delayed_commit_timeout: + type: string + disable_chunk_backup: + type: boolean + flush_at_shutdown: + type: boolean + flush_interval: + type: string + flush_mode: + type: string + flush_thread_burst_interval: + type: string + flush_thread_count: + type: integer + flush_thread_interval: + type: string + overflow_action: + type: string + path: + type: string + queue_limit_length: + type: integer + queued_chunks_limit_size: + type: integer + retry_exponential_backoff_base: + type: string + retry_forever: + type: boolean + retry_max_interval: + type: string + retry_max_times: + type: integer + retry_randomize: + type: boolean + retry_secondary_threshold: + type: string + retry_timeout: + type: string + retry_type: + type: string + retry_wait: + type: string + tags: + type: string + timekey: + type: string + timekey_use_utc: + type: boolean + timekey_wait: + type: string + timekey_zone: + type: string + total_limit_size: + type: string + type: + type: string + type: object + bulk_message_request_threshold: + type: string + ca_file: + properties: + mountFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + value: + type: string + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + type: object + client_cert: + properties: + mountFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + value: + type: string + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + type: object + client_key: + properties: + mountFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + value: + type: string + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + type: object + client_key_pass: + properties: + mountFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + value: + type: string + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + type: object + content_type: + type: string + custom_headers: + type: string + customize_template: + type: string + default_elasticsearch_version: + type: string + deflector_alias: + type: string + enable_ilm: + type: boolean + exception_backup: + type: boolean + fail_on_putting_template_retry_exceed: + type: boolean + flatten_hashes: + type: boolean + flatten_hashes_separator: + type: string + host: + type: string + hosts: + type: string + http_backend: + type: string + id_key: + type: string + ignore_exceptions: + type: string + ilm_policy: + type: string + ilm_policy_id: + type: string + ilm_policy_overwrite: + type: boolean + include_index_in_url: + type: boolean + include_tag_key: + type: boolean + include_timestamp: + type: boolean + index_date_pattern: + type: string + index_name: + type: string + index_prefix: + type: string + log_es_400_reason: + type: boolean + logstash_dateformat: + type: string + logstash_format: + type: boolean + logstash_prefix: + type: string + logstash_prefix_separator: + type: string + max_retry_get_es_version: + type: string + max_retry_putting_template: + type: string + password: + properties: + mountFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + value: + type: string + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + type: object + path: + type: string + pipeline: + type: string + port: + type: integer + prefer_oj_serializer: + type: boolean + reconnect_on_error: + type: boolean + reload_after: + type: string + reload_connections: + type: boolean + reload_on_failure: + type: boolean + remove_keys_on_update: + type: string + remove_keys_on_update_key: + type: string + request_timeout: + type: string + resurrect_after: + type: string + retry_tag: + type: string + rollover_index: + type: boolean + routing_key: + type: string + scheme: + type: string + sniffer_class_name: + type: string + ssl_max_version: + type: string + ssl_min_version: + type: string + ssl_verify: + type: boolean + ssl_version: + type: string + suppress_doc_wrap: + type: boolean + suppress_type_name: + type: boolean + tag_key: + type: string + target_index_key: + type: string + target_type_key: + type: string + template_file: + properties: + mountFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + value: + type: string + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + type: object + template_name: + type: string + template_overwrite: + type: boolean + templates: + type: string + time_key: + type: string + time_key_format: + type: string + time_parse_error_tag: + type: string + time_precision: + type: string + type_name: + type: string + unrecoverable_error_types: + type: string + user: + type: string + utc_index: + type: boolean + validate_client_version: + type: boolean + verify_es_version_at_startup: + type: boolean + with_transporter_log: + type: boolean + write_operation: + type: string + type: object + file: + properties: + add_path_suffix: + type: boolean + append: + type: boolean + buffer: + properties: + chunk_full_threshold: + type: string + chunk_limit_records: + type: integer + chunk_limit_size: + type: string + compress: + type: string + delayed_commit_timeout: + type: string + disable_chunk_backup: + type: boolean + flush_at_shutdown: + type: boolean + flush_interval: + type: string + flush_mode: + type: string + flush_thread_burst_interval: + type: string + flush_thread_count: + type: integer + flush_thread_interval: + type: string + overflow_action: + type: string + path: + type: string + queue_limit_length: + type: integer + queued_chunks_limit_size: + type: integer + retry_exponential_backoff_base: + type: string + retry_forever: + type: boolean + retry_max_interval: + type: string + retry_max_times: + type: integer + retry_randomize: + type: boolean + retry_secondary_threshold: + type: string + retry_timeout: + type: string + retry_type: + type: string + retry_wait: + type: string + tags: + type: string + timekey: + type: string + timekey_use_utc: + type: boolean + timekey_wait: + type: string + timekey_zone: + type: string + total_limit_size: + type: string + type: + type: string + type: object + format: + properties: + add_newline: + type: boolean + message_key: + type: string + type: + enum: + - out_file + - json + - ltsv + - csv + - msgpack + - hash + - single_value + type: string + type: object + path: + type: string + path_suffix: + type: string + symlink_path: + type: boolean + required: + - path + type: object + forward: + properties: + ack_response_timeout: + type: integer + buffer: + properties: + chunk_full_threshold: + type: string + chunk_limit_records: + type: integer + chunk_limit_size: + type: string + compress: + type: string + delayed_commit_timeout: + type: string + disable_chunk_backup: + type: boolean + flush_at_shutdown: + type: boolean + flush_interval: + type: string + flush_mode: + type: string + flush_thread_burst_interval: + type: string + flush_thread_count: + type: integer + flush_thread_interval: + type: string + overflow_action: + type: string + path: + type: string + queue_limit_length: + type: integer + queued_chunks_limit_size: + type: integer + retry_exponential_backoff_base: + type: string + retry_forever: + type: boolean + retry_max_interval: + type: string + retry_max_times: + type: integer + retry_randomize: + type: boolean + retry_secondary_threshold: + type: string + retry_timeout: + type: string + retry_type: + type: string + retry_wait: + type: string + tags: + type: string + timekey: + type: string + timekey_use_utc: + type: boolean + timekey_wait: + type: string + timekey_zone: + type: string + total_limit_size: + type: string + type: + type: string + type: object + connect_timeout: + type: integer + dns_round_robin: + type: boolean + expire_dns_cache: + type: integer + hard_timeout: + type: integer + heartbeat_interval: + type: integer + heartbeat_type: + type: string + ignore_network_errors_at_startup: + type: boolean + keepalive: + type: boolean + keepalive_timeout: + type: integer + phi_failure_detector: + type: boolean + phi_threshold: + type: integer + recover_wait: + type: integer + require_ack_response: + type: boolean + security: + properties: + allow_anonymous_source: + type: boolean + self_hostname: + type: string + shared_key: + type: string + user_auth: + type: boolean + required: + - self_hostname + - shared_key + type: object + send_timeout: + type: integer + servers: + items: + properties: + host: + type: string + name: + type: string + password: + properties: + mountFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + value: + type: string + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + type: object + port: + type: integer + shared_key: + properties: + mountFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + value: + type: string + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + type: object + standby: + type: boolean + username: + properties: + mountFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + value: + type: string + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + type: object + weight: + type: integer + required: + - host + type: object + type: array + tls_allow_self_signed_cert: + type: boolean + tls_cert_logical_store_name: + type: string + tls_cert_path: + properties: + mountFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + value: + type: string + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + type: object + tls_cert_thumbprint: + type: string + tls_cert_use_enterprise_store: + type: boolean + tls_ciphers: + type: string + tls_client_cert_path: + properties: + mountFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + value: + type: string + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + type: object + tls_client_private_key_passphrase: + properties: + mountFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + value: + type: string + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + type: object + tls_client_private_key_path: + properties: + mountFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + value: + type: string + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + type: object + tls_insecure_mode: + type: boolean + tls_verify_hostname: + type: boolean + tls_version: + type: string + verify_connection_at_startup: + type: boolean + required: + - servers + type: object + gcs: + properties: + acl: + type: string + auto_create_bucket: + type: boolean + bucket: + type: string + buffer: + properties: + chunk_full_threshold: + type: string + chunk_limit_records: + type: integer + chunk_limit_size: + type: string + compress: + type: string + delayed_commit_timeout: + type: string + disable_chunk_backup: + type: boolean + flush_at_shutdown: + type: boolean + flush_interval: + type: string + flush_mode: + type: string + flush_thread_burst_interval: + type: string + flush_thread_count: + type: integer + flush_thread_interval: + type: string + overflow_action: + type: string + path: + type: string + queue_limit_length: + type: integer + queued_chunks_limit_size: + type: integer + retry_exponential_backoff_base: + type: string + retry_forever: + type: boolean + retry_max_interval: + type: string + retry_max_times: + type: integer + retry_randomize: + type: boolean + retry_secondary_threshold: + type: string + retry_timeout: + type: string + retry_type: + type: string + retry_wait: + type: string + tags: + type: string + timekey: + type: string + timekey_use_utc: + type: boolean + timekey_wait: + type: string + timekey_zone: + type: string + total_limit_size: + type: string + type: + type: string + type: object + client_retries: + type: integer + client_timeout: + type: integer + credentials_json: + properties: + mountFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + value: + type: string + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + type: object + encryption_key: + type: string + format: + properties: + add_newline: + type: boolean + message_key: + type: string + type: + enum: + - out_file + - json + - ltsv + - csv + - msgpack + - hash + - single_value + type: string + type: object + hex_random_length: + type: integer + keyfile: + type: string + object_key_format: + type: string + object_metadata: + items: + properties: + key: + type: string + value: + type: string + required: + - key + - value + type: object + type: array + overwrite: + type: boolean + path: + type: string + project: + type: string + storage_class: + type: string + store_as: + type: string + transcoding: + type: boolean + required: + - bucket + - project + type: object + gelf: + properties: + buffer: + properties: + chunk_full_threshold: + type: string + chunk_limit_records: + type: integer + chunk_limit_size: + type: string + compress: + type: string + delayed_commit_timeout: + type: string + disable_chunk_backup: + type: boolean + flush_at_shutdown: + type: boolean + flush_interval: + type: string + flush_mode: + type: string + flush_thread_burst_interval: + type: string + flush_thread_count: + type: integer + flush_thread_interval: + type: string + overflow_action: + type: string + path: + type: string + queue_limit_length: + type: integer + queued_chunks_limit_size: + type: integer + retry_exponential_backoff_base: + type: string + retry_forever: + type: boolean + retry_max_interval: + type: string + retry_max_times: + type: integer + retry_randomize: + type: boolean + retry_secondary_threshold: + type: string + retry_timeout: + type: string + retry_type: + type: string + retry_wait: + type: string + tags: + type: string + timekey: + type: string + timekey_use_utc: + type: boolean + timekey_wait: + type: string + timekey_zone: + type: string + total_limit_size: + type: string + type: + type: string + type: object + host: + type: string + port: + type: integer + protocol: + type: string + tls: + type: boolean + tls_options: + additionalProperties: + type: string + type: object + required: + - host + - port + type: object + http: + properties: + auth: + properties: + password: + properties: + mountFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + value: + type: string + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + type: object + username: + properties: + mountFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + value: + type: string + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + type: object + required: + - password + - username + type: object + buffer: + properties: + chunk_full_threshold: + type: string + chunk_limit_records: + type: integer + chunk_limit_size: + type: string + compress: + type: string + delayed_commit_timeout: + type: string + disable_chunk_backup: + type: boolean + flush_at_shutdown: + type: boolean + flush_interval: + type: string + flush_mode: + type: string + flush_thread_burst_interval: + type: string + flush_thread_count: + type: integer + flush_thread_interval: + type: string + overflow_action: + type: string + path: + type: string + queue_limit_length: + type: integer + queued_chunks_limit_size: + type: integer + retry_exponential_backoff_base: + type: string + retry_forever: + type: boolean + retry_max_interval: + type: string + retry_max_times: + type: integer + retry_randomize: + type: boolean + retry_secondary_threshold: + type: string + retry_timeout: + type: string + retry_type: + type: string + retry_wait: + type: string + tags: + type: string + timekey: + type: string + timekey_use_utc: + type: boolean + timekey_wait: + type: string + timekey_zone: + type: string + total_limit_size: + type: string + type: + type: string + type: object + content_type: + type: string + endpoint: + type: string + error_response_as_unrecoverable: + type: boolean + format: + properties: + add_newline: + type: boolean + message_key: + type: string + type: + enum: + - out_file + - json + - ltsv + - csv + - msgpack + - hash + - single_value + type: string + type: object + headers: + additionalProperties: + type: string + type: object + http_method: + type: string + json_array: + type: boolean + open_timeout: + type: integer + proxy: + type: string + read_timeout: + type: integer + retryable_response_codes: + items: + type: integer + type: array + ssl_timeout: + type: integer + tls_ca_cert_path: + properties: + mountFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + value: + type: string + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + type: object + tls_ciphers: + type: string + tls_client_cert_path: + properties: + mountFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + value: + type: string + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + type: object + tls_private_key_passphrase: + properties: + mountFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + value: + type: string + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + type: object + tls_private_key_path: + properties: + mountFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + value: + type: string + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + type: object + tls_verify_mode: + type: string + tls_version: + type: string + required: + - endpoint + type: object + kafka: + properties: + ack_timeout: + type: integer + brokers: + type: string + buffer: + properties: + chunk_full_threshold: + type: string + chunk_limit_records: + type: integer + chunk_limit_size: + type: string + compress: + type: string + delayed_commit_timeout: + type: string + disable_chunk_backup: + type: boolean + flush_at_shutdown: + type: boolean + flush_interval: + type: string + flush_mode: + type: string + flush_thread_burst_interval: + type: string + flush_thread_count: + type: integer + flush_thread_interval: + type: string + overflow_action: + type: string + path: + type: string + queue_limit_length: + type: integer + queued_chunks_limit_size: + type: integer + retry_exponential_backoff_base: + type: string + retry_forever: + type: boolean + retry_max_interval: + type: string + retry_max_times: + type: integer + retry_randomize: + type: boolean + retry_secondary_threshold: + type: string + retry_timeout: + type: string + retry_type: + type: string + retry_wait: + type: string + tags: + type: string + timekey: + type: string + timekey_use_utc: + type: boolean + timekey_wait: + type: string + timekey_zone: + type: string + total_limit_size: + type: string + type: + type: string + type: object + compression_codec: + type: string + default_message_key: + type: string + default_partition_key: + type: string + default_topic: + type: string + exclude_partion_key: + type: boolean + exclude_topic_key: + type: boolean + format: + properties: + add_newline: + type: boolean + message_key: + type: string + type: + enum: + - out_file + - json + - ltsv + - csv + - msgpack + - hash + - single_value + type: string + type: object + get_kafka_client_log: + type: boolean + headers: + additionalProperties: + type: string + type: object + headers_from_record: + additionalProperties: + type: string + type: object + idempotent: + type: boolean + max_send_retries: + type: integer + message_key_key: + type: string + partition_key: + type: string + partition_key_key: + type: string + password: + properties: + mountFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + value: + type: string + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + type: object + required_acks: + type: integer + sasl_over_ssl: + type: boolean + scram_mechanism: + type: string + ssl_ca_cert: + properties: + mountFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + value: + type: string + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + type: object + ssl_ca_certs_from_system: + type: boolean + ssl_client_cert: + properties: + mountFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + value: + type: string + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + type: object + ssl_client_cert_chain: + properties: + mountFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + value: + type: string + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + type: object + ssl_client_cert_key: + properties: + mountFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + value: + type: string + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + type: object + ssl_verify_hostname: + type: boolean + topic_key: + type: string + use_default_for_unknown_topic: + type: boolean + username: + properties: + mountFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + value: + type: string + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + type: object + required: + - brokers + - format + type: object + kinesisStream: + properties: + assume_role_credentials: + properties: + duration_seconds: + type: string + external_id: + type: string + policy: + type: string + role_arn: + type: string + role_session_name: + type: string + required: + - role_arn + - role_session_name + type: object + aws_iam_retries: + type: integer + aws_key_id: + properties: + mountFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + value: + type: string + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + type: object + aws_sec_key: + properties: + mountFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + value: + type: string + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + type: object + aws_ses_token: + properties: + mountFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + value: + type: string + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + type: object + batch_request_max_count: + type: integer + batch_request_max_size: + type: integer + buffer: + properties: + chunk_full_threshold: + type: string + chunk_limit_records: + type: integer + chunk_limit_size: + type: string + compress: + type: string + delayed_commit_timeout: + type: string + disable_chunk_backup: + type: boolean + flush_at_shutdown: + type: boolean + flush_interval: + type: string + flush_mode: + type: string + flush_thread_burst_interval: + type: string + flush_thread_count: + type: integer + flush_thread_interval: + type: string + overflow_action: + type: string + path: + type: string + queue_limit_length: + type: integer + queued_chunks_limit_size: + type: integer + retry_exponential_backoff_base: + type: string + retry_forever: + type: boolean + retry_max_interval: + type: string + retry_max_times: + type: integer + retry_randomize: + type: boolean + retry_secondary_threshold: + type: string + retry_timeout: + type: string + retry_type: + type: string + retry_wait: + type: string + tags: + type: string + timekey: + type: string + timekey_use_utc: + type: boolean + timekey_wait: + type: string + timekey_zone: + type: string + total_limit_size: + type: string + type: + type: string + type: object + format: + properties: + add_newline: + type: boolean + message_key: + type: string + type: + enum: + - out_file + - json + - ltsv + - csv + - msgpack + - hash + - single_value + type: string + type: object + partition_key: + type: string + process_credentials: + properties: + process: + type: string + required: + - process + type: object + region: + type: string + reset_backoff_if_success: + type: boolean + retries_on_batch_request: + type: integer + stream_name: + type: string + required: + - stream_name + type: object + logdna: + properties: + api_key: + type: string + app: + type: string + buffer: + properties: + chunk_full_threshold: + type: string + chunk_limit_records: + type: integer + chunk_limit_size: + type: string + compress: + type: string + delayed_commit_timeout: + type: string + disable_chunk_backup: + type: boolean + flush_at_shutdown: + type: boolean + flush_interval: + type: string + flush_mode: + type: string + flush_thread_burst_interval: + type: string + flush_thread_count: + type: integer + flush_thread_interval: + type: string + overflow_action: + type: string + path: + type: string + queue_limit_length: + type: integer + queued_chunks_limit_size: + type: integer + retry_exponential_backoff_base: + type: string + retry_forever: + type: boolean + retry_max_interval: + type: string + retry_max_times: + type: integer + retry_randomize: + type: boolean + retry_secondary_threshold: + type: string + retry_timeout: + type: string + retry_type: + type: string + retry_wait: + type: string + tags: + type: string + timekey: + type: string + timekey_use_utc: + type: boolean + timekey_wait: + type: string + timekey_zone: + type: string + total_limit_size: + type: string + type: + type: string + type: object + hostname: + type: string + ingester_domain: + type: string + ingester_endpoint: + type: string + request_timeout: + type: string + tags: + type: string + required: + - api_key + - hostname + type: object + loggingRef: + type: string + logz: + properties: + buffer: + properties: + chunk_full_threshold: + type: string + chunk_limit_records: + type: integer + chunk_limit_size: + type: string + compress: + type: string + delayed_commit_timeout: + type: string + disable_chunk_backup: + type: boolean + flush_at_shutdown: + type: boolean + flush_interval: + type: string + flush_mode: + type: string + flush_thread_burst_interval: + type: string + flush_thread_count: + type: integer + flush_thread_interval: + type: string + overflow_action: + type: string + path: + type: string + queue_limit_length: + type: integer + queued_chunks_limit_size: + type: integer + retry_exponential_backoff_base: + type: string + retry_forever: + type: boolean + retry_max_interval: + type: string + retry_max_times: + type: integer + retry_randomize: + type: boolean + retry_secondary_threshold: + type: string + retry_timeout: + type: string + retry_type: + type: string + retry_wait: + type: string + tags: + type: string + timekey: + type: string + timekey_use_utc: + type: boolean + timekey_wait: + type: string + timekey_zone: + type: string + total_limit_size: + type: string + type: + type: string + type: object + endpoint: + properties: + port: + type: integer + token: + properties: + mountFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + value: + type: string + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + type: object + url: + type: string + type: object + gzip: + type: boolean + http_idle_timeout: + type: integer + output_include_tags: + type: boolean + output_include_time: + type: boolean + retry_count: + type: integer + retry_sleep: + type: integer + required: + - endpoint + type: object + loki: + properties: + buffer: + properties: + chunk_full_threshold: + type: string + chunk_limit_records: + type: integer + chunk_limit_size: + type: string + compress: + type: string + delayed_commit_timeout: + type: string + disable_chunk_backup: + type: boolean + flush_at_shutdown: + type: boolean + flush_interval: + type: string + flush_mode: + type: string + flush_thread_burst_interval: + type: string + flush_thread_count: + type: integer + flush_thread_interval: + type: string + overflow_action: + type: string + path: + type: string + queue_limit_length: + type: integer + queued_chunks_limit_size: + type: integer + retry_exponential_backoff_base: + type: string + retry_forever: + type: boolean + retry_max_interval: + type: string + retry_max_times: + type: integer + retry_randomize: + type: boolean + retry_secondary_threshold: + type: string + retry_timeout: + type: string + retry_type: + type: string + retry_wait: + type: string + tags: + type: string + timekey: + type: string + timekey_use_utc: + type: boolean + timekey_wait: + type: string + timekey_zone: + type: string + total_limit_size: + type: string + type: + type: string + type: object + ca_cert: + properties: + mountFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + value: + type: string + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + type: object + cert: + properties: + mountFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + value: + type: string + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + type: object + configure_kubernetes_labels: + type: boolean + drop_single_key: + type: boolean + extra_labels: + additionalProperties: + type: string + type: object + extract_kubernetes_labels: + type: boolean + insecure_tls: + type: boolean + key: + properties: + mountFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + value: + type: string + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + type: object + labels: + additionalProperties: + type: string + type: object + line_format: + type: string + password: + properties: + mountFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + value: + type: string + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + type: object + remove_keys: + items: + type: string + type: array + tenant: + type: string + url: + type: string + username: + properties: + mountFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + value: + type: string + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + type: object + type: object + newrelic: + properties: + api_key: + properties: + mountFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + value: + type: string + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + type: object + base_uri: + type: string + license_key: + properties: + mountFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + value: + type: string + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + type: object + type: object + nullout: + type: object + oss: + properties: + aaccess_key_secret: + properties: + mountFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + value: + type: string + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + type: object + access_key_id: + properties: + mountFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + value: + type: string + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + type: object + auto_create_bucket: + type: boolean + bucket: + type: string + buffer: + properties: + chunk_full_threshold: + type: string + chunk_limit_records: + type: integer + chunk_limit_size: + type: string + compress: + type: string + delayed_commit_timeout: + type: string + disable_chunk_backup: + type: boolean + flush_at_shutdown: + type: boolean + flush_interval: + type: string + flush_mode: + type: string + flush_thread_burst_interval: + type: string + flush_thread_count: + type: integer + flush_thread_interval: + type: string + overflow_action: + type: string + path: + type: string + queue_limit_length: + type: integer + queued_chunks_limit_size: + type: integer + retry_exponential_backoff_base: + type: string + retry_forever: + type: boolean + retry_max_interval: + type: string + retry_max_times: + type: integer + retry_randomize: + type: boolean + retry_secondary_threshold: + type: string + retry_timeout: + type: string + retry_type: + type: string + retry_wait: + type: string + tags: + type: string + timekey: + type: string + timekey_use_utc: + type: boolean + timekey_wait: + type: string + timekey_zone: + type: string + total_limit_size: + type: string + type: + type: string + type: object + check_bucket: + type: boolean + check_object: + type: boolean + download_crc_enable: + type: boolean + endpoint: + type: string + format: + properties: + add_newline: + type: boolean + message_key: + type: string + type: + enum: + - out_file + - json + - ltsv + - csv + - msgpack + - hash + - single_value + type: string + type: object + hex_random_length: + type: integer + index_format: + type: string + key_format: + type: string + open_timeout: + type: integer + oss_sdk_log_dir: + type: string + overwrite: + type: boolean + path: + type: string + read_timeout: + type: integer + store_as: + type: string + upload_crc_enable: + type: boolean + warn_for_delay: + type: string + required: + - aaccess_key_secret + - access_key_id + - bucket + - endpoint + type: object + redis: + properties: + allow_duplicate_key: + type: boolean + buffer: + properties: + chunk_full_threshold: + type: string + chunk_limit_records: + type: integer + chunk_limit_size: + type: string + compress: + type: string + delayed_commit_timeout: + type: string + disable_chunk_backup: + type: boolean + flush_at_shutdown: + type: boolean + flush_interval: + type: string + flush_mode: + type: string + flush_thread_burst_interval: + type: string + flush_thread_count: + type: integer + flush_thread_interval: + type: string + overflow_action: + type: string + path: + type: string + queue_limit_length: + type: integer + queued_chunks_limit_size: + type: integer + retry_exponential_backoff_base: + type: string + retry_forever: + type: boolean + retry_max_interval: + type: string + retry_max_times: + type: integer + retry_randomize: + type: boolean + retry_secondary_threshold: + type: string + retry_timeout: + type: string + retry_type: + type: string + retry_wait: + type: string + tags: + type: string + timekey: + type: string + timekey_use_utc: + type: boolean + timekey_wait: + type: string + timekey_zone: + type: string + total_limit_size: + type: string + type: + type: string + type: object + db_number: + type: integer + format: + properties: + add_newline: + type: boolean + message_key: + type: string + type: + enum: + - out_file + - json + - ltsv + - csv + - msgpack + - hash + - single_value + type: string + type: object + host: + type: string + insert_key_prefix: + type: string + password: + properties: + mountFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + value: + type: string + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + type: object + port: + type: integer + strftime_format: + type: string + ttl: + type: integer + type: object + s3: + properties: + acl: + type: string + assume_role_credentials: + properties: + duration_seconds: + type: string + external_id: + type: string + policy: + type: string + role_arn: + type: string + role_session_name: + type: string + required: + - role_arn + - role_session_name + type: object + auto_create_bucket: + type: string + aws_iam_retries: + type: string + aws_key_id: + properties: + mountFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + value: + type: string + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + type: object + aws_sec_key: + properties: + mountFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + value: + type: string + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + type: object + buffer: + properties: + chunk_full_threshold: + type: string + chunk_limit_records: + type: integer + chunk_limit_size: + type: string + compress: + type: string + delayed_commit_timeout: + type: string + disable_chunk_backup: + type: boolean + flush_at_shutdown: + type: boolean + flush_interval: + type: string + flush_mode: + type: string + flush_thread_burst_interval: + type: string + flush_thread_count: + type: integer + flush_thread_interval: + type: string + overflow_action: + type: string + path: + type: string + queue_limit_length: + type: integer + queued_chunks_limit_size: + type: integer + retry_exponential_backoff_base: + type: string + retry_forever: + type: boolean + retry_max_interval: + type: string + retry_max_times: + type: integer + retry_randomize: + type: boolean + retry_secondary_threshold: + type: string + retry_timeout: + type: string + retry_type: + type: string + retry_wait: + type: string + tags: + type: string + timekey: + type: string + timekey_use_utc: + type: boolean + timekey_wait: + type: string + timekey_zone: + type: string + total_limit_size: + type: string + type: + type: string + type: object + check_apikey_on_start: + type: string + check_bucket: + type: string + check_object: + type: string + clustername: + type: string + compute_checksums: + type: string + enable_transfer_acceleration: + type: string + force_path_style: + type: string + format: + properties: + add_newline: + type: boolean + message_key: + type: string + type: + enum: + - out_file + - json + - ltsv + - csv + - msgpack + - hash + - single_value + type: string + type: object + grant_full_control: + type: string + grant_read: + type: string + grant_read_acp: + type: string + grant_write_acp: + type: string + hex_random_length: + type: string + index_format: + type: string + instance_profile_credentials: + properties: + http_open_timeout: + type: string + http_read_timeout: + type: string + ip_address: + type: string + port: + type: string + retries: + type: string + type: object + oneeye_format: + type: boolean + overwrite: + type: string + path: + type: string + proxy_uri: + type: string + s3_bucket: + type: string + s3_endpoint: + type: string + s3_metadata: + type: string + s3_object_key_format: + type: string + s3_region: + type: string + shared_credentials: + properties: + path: + type: string + profile_name: + type: string + type: object + signature_version: + type: string + sse_customer_algorithm: + type: string + sse_customer_key: + type: string + sse_customer_key_md5: + type: string + ssekms_key_id: + type: string + ssl_verify_peer: + type: string + storage_class: + type: string + store_as: + type: string + use_bundled_cert: + type: string + use_server_side_encryption: + type: string + warn_for_delay: + type: string + required: + - s3_bucket + type: object + splunkHec: + properties: + buffer: + properties: + chunk_full_threshold: + type: string + chunk_limit_records: + type: integer + chunk_limit_size: + type: string + compress: + type: string + delayed_commit_timeout: + type: string + disable_chunk_backup: + type: boolean + flush_at_shutdown: + type: boolean + flush_interval: + type: string + flush_mode: + type: string + flush_thread_burst_interval: + type: string + flush_thread_count: + type: integer + flush_thread_interval: + type: string + overflow_action: + type: string + path: + type: string + queue_limit_length: + type: integer + queued_chunks_limit_size: + type: integer + retry_exponential_backoff_base: + type: string + retry_forever: + type: boolean + retry_max_interval: + type: string + retry_max_times: + type: integer + retry_randomize: + type: boolean + retry_secondary_threshold: + type: string + retry_timeout: + type: string + retry_type: + type: string + retry_wait: + type: string + tags: + type: string + timekey: + type: string + timekey_use_utc: + type: boolean + timekey_wait: + type: string + timekey_zone: + type: string + total_limit_size: + type: string + type: + type: string + type: object + ca_file: + properties: + mountFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + value: + type: string + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + type: object + ca_path: + properties: + mountFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + value: + type: string + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + type: object + client_cert: + properties: + mountFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + value: + type: string + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + type: object + client_key: + properties: + mountFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + value: + type: string + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + type: object + coerce_to_utf8: + type: boolean + data_type: + type: string + fields: + additionalProperties: + type: string + type: object + format: + properties: + add_newline: + type: boolean + message_key: + type: string + type: + enum: + - out_file + - json + - ltsv + - csv + - msgpack + - hash + - single_value + type: string + type: object + hec_host: + type: string + hec_port: + type: integer + hec_token: + properties: + mountFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + value: + type: string + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + type: object + host: + type: string + host_key: + type: string + idle_timeout: + type: integer + index: + type: string + index_key: + type: string + insecure_ssl: + type: boolean + keep_keys: + type: boolean + metric_name_key: + type: string + metric_value_key: + type: string + metrics_from_event: + type: boolean + non_utf8_replacement_string: + type: string + open_timeout: + type: integer + protocol: + type: string + read_timeout: + type: integer + source: + type: string + source_key: + type: string + sourcetype: + type: string + sourcetype_key: + type: string + ssl_ciphers: + type: string + required: + - hec_host + - hec_token + type: object + sumologic: + properties: + add_timestamp: + type: boolean + buffer: + properties: + chunk_full_threshold: + type: string + chunk_limit_records: + type: integer + chunk_limit_size: + type: string + compress: + type: string + delayed_commit_timeout: + type: string + disable_chunk_backup: + type: boolean + flush_at_shutdown: + type: boolean + flush_interval: + type: string + flush_mode: + type: string + flush_thread_burst_interval: + type: string + flush_thread_count: + type: integer + flush_thread_interval: + type: string + overflow_action: + type: string + path: + type: string + queue_limit_length: + type: integer + queued_chunks_limit_size: + type: integer + retry_exponential_backoff_base: + type: string + retry_forever: + type: boolean + retry_max_interval: + type: string + retry_max_times: + type: integer + retry_randomize: + type: boolean + retry_secondary_threshold: + type: string + retry_timeout: + type: string + retry_type: + type: string + retry_wait: + type: string + tags: + type: string + timekey: + type: string + timekey_use_utc: + type: boolean + timekey_wait: + type: string + timekey_zone: + type: string + total_limit_size: + type: string + type: + type: string + type: object + compress: + type: boolean + compress_encoding: + type: string + custom_dimensions: + type: string + custom_fields: + items: + type: string + type: array + data_type: + type: string + delimiter: + type: string + disable_cookies: + type: boolean + endpoint: + properties: + mountFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + value: + type: string + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + type: object + log_format: + type: string + log_key: + type: string + metric_data_format: + type: string + open_timeout: + type: integer + proxy_uri: + type: string + source_category: + type: string + source_host: + type: string + source_name: + type: string + source_name_key: + type: string + sumo_client: + type: string + timestamp_key: + type: string + verify_ssl: + type: boolean + required: + - endpoint + - source_name + type: object + syslog: + properties: + buffer: + properties: + chunk_full_threshold: + type: string + chunk_limit_records: + type: integer + chunk_limit_size: + type: string + compress: + type: string + delayed_commit_timeout: + type: string + disable_chunk_backup: + type: boolean + flush_at_shutdown: + type: boolean + flush_interval: + type: string + flush_mode: + type: string + flush_thread_burst_interval: + type: string + flush_thread_count: + type: integer + flush_thread_interval: + type: string + overflow_action: + type: string + path: + type: string + queue_limit_length: + type: integer + queued_chunks_limit_size: + type: integer + retry_exponential_backoff_base: + type: string + retry_forever: + type: boolean + retry_max_interval: + type: string + retry_max_times: + type: integer + retry_randomize: + type: boolean + retry_secondary_threshold: + type: string + retry_timeout: + type: string + retry_type: + type: string + retry_wait: + type: string + tags: + type: string + timekey: + type: string + timekey_use_utc: + type: boolean + timekey_wait: + type: string + timekey_zone: + type: string + total_limit_size: + type: string + type: + type: string + type: object + format: + properties: + app_name_field: + type: string + hostname_field: + type: string + log_field: + type: string + message_id_field: + type: string + proc_id_field: + type: string + rfc6587_message_size: + type: boolean + structured_data_field: + type: string + type: + enum: + - out_file + - json + - ltsv + - csv + - msgpack + - hash + - single_value + type: string + type: object + host: + type: string + insecure: + type: boolean + port: + type: integer + transport: + type: string + trusted_ca_path: + properties: + mountFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + value: + type: string + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: string + name: + type: string + optional: + type: boolean + required: + - key + type: object + type: object + type: object + required: + - host + type: object + type: object + status: + properties: + active: + type: boolean + problems: + items: + type: string + type: array + problemsCount: + type: integer + type: object + type: object + version: v1beta1 + versions: + - name: v1beta1 + served: true + storage: true +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/charts/rancher-logging/rancher-logging/3.9.400-rc06/.helmignore b/charts/rancher-logging/rancher-logging/3.9.400-rc06/.helmignore new file mode 100755 index 00000000000..50af0317254 --- /dev/null +++ b/charts/rancher-logging/rancher-logging/3.9.400-rc06/.helmignore @@ -0,0 +1,22 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/charts/rancher-logging/rancher-logging/3.9.400-rc06/Chart.yaml b/charts/rancher-logging/rancher-logging/3.9.400-rc06/Chart.yaml new file mode 100755 index 00000000000..ddbd7ecf97f --- /dev/null +++ b/charts/rancher-logging/rancher-logging/3.9.400-rc06/Chart.yaml @@ -0,0 +1,19 @@ +annotations: + catalog.cattle.io/auto-install: rancher-logging-crd=match + catalog.cattle.io/certified: rancher + catalog.cattle.io/display-name: Logging + catalog.cattle.io/namespace: cattle-logging-system + catalog.cattle.io/provides-gvr: logging.banzaicloud.io.clusterflow/v1beta1 + catalog.cattle.io/release-name: rancher-logging + catalog.cattle.io/ui-component: logging +apiVersion: v1 +appVersion: 3.9.4 +description: Collects and filter logs using highly configurable CRDs. Powered by Banzai + Cloud Logging Operator. +icon: https://charts.rancher.io/assets/logos/logging.svg +keywords: +- logging +- monitoring +- security +name: rancher-logging +version: 3.9.400-rc06 diff --git a/charts/rancher-logging/rancher-logging/3.9.400-rc06/README.md b/charts/rancher-logging/rancher-logging/3.9.400-rc06/README.md new file mode 100755 index 00000000000..e2080b7434c --- /dev/null +++ b/charts/rancher-logging/rancher-logging/3.9.400-rc06/README.md @@ -0,0 +1,131 @@ + +# Logging operator Chart + +[Logging operator](https://github.com/banzaicloud/logging-operator) Managed centralized logging component fluentd and fluent-bit instance on cluster. + +## tl;dr: + +```bash +$ helm repo add banzaicloud-stable https://kubernetes-charts.banzaicloud.com +$ helm repo update +$ helm install banzaicloud-stable/logging-operator +``` + +## Introduction + +This chart bootstraps a [Logging Operator](https://github.com/banzaicloud/logging-operator) deployment on a [Kubernetes](http://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager. + +## Prerequisites + +- Kubernetes 1.8+ with Beta APIs enabled + +## Installing the Chart + +To install the chart with the release name `my-release`: + +```bash +$ helm install --name my-release banzaicloud-stable/logging-operator +``` + +### CRDs +Use `createCustomResource=false` with Helm v3 to avoid trying to create CRDs from the `crds` folder and from templates at the same time. + +The command deploys **Logging operator** on the Kubernetes cluster with the default configuration. The [configuration](#configuration) section lists the parameters that can be configured during installation. + +## Uninstalling the Chart + +To uninstall/delete the `my-release` deployment: + +```bash +$ helm delete my-release +``` + +The command removes all Kubernetes components associated with the chart and deletes the release. + +## Configuration + +The following tables lists the configurable parameters of the logging-operator chart and their default values. + +| Parameter | Description | Default | +| --------------------------------------------------- | ------------------------------------------------------ | ------------------------------ | +| `image.repository` | Container image repository | `ghcr.io/banzaicloud/logging-operator` | +| `image.tag` | Container image tag | `3.9.4` | +| `image.pullPolicy` | Container pull policy | `IfNotPresent` | +| `nameOverride` | Override name of app | `` | +| `fullnameOverride` | Override full name of app | `` | +| `namespaceOverride` | Override namespace of app | `` | +| `watchNamespace` | Namespace to watch for LoggingOperator CRD | `` | +| `rbac.enabled` | Create rbac service account and roles | `true` | +| `rbac.psp.enabled` | Must be used with `rbac.enabled` true. If true, creates & uses RBAC resources required in the cluster with [Pod Security Policies](https://kubernetes.io/docs/concepts/policy/pod-security-policy/) enabled. | `false` | +| `priorityClassName` | Operator priorityClassName | `{}` | +| `affinity` | Node Affinity | `{}` | +| `resources` | CPU/Memory resource requests/limits | `{}` | +| `tolerations` | Node Tolerations | `[]` | +| `nodeSelector` | Define which Nodes the Pods are scheduled on. | `{}` | +| `podLabels` | Define custom labels for logging-operator pods | `{}` | +| `annotations` | Define annotations for logging-operator pods | `{}` | +| `podSecurityContext` | Pod SecurityContext for Logging operator. [More info](https://kubernetes.io/docs/concepts/policy/security-context/) | `{"runAsNonRoot": true, "runAsUser": 1000, "fsGroup": 2000}` | +| `securityContext` | Container SecurityContext for Logging operator. [More info](https://kubernetes.io/docs/concepts/policy/security-context/) | `{"allowPrivilegeEscalation": false, "readOnlyRootFilesystem": true}` | +| `createCustomResource` | Create CRDs. | `true` | +| `monitoring.serviceMonitor.enabled` | Create Prometheus Operator servicemonitor. | `false` | +| `global.seLinux.enabled` | Add seLinuxOptions to Logging resources, requires the [rke2-selinux RPM](https://github.com/rancher/rke2-selinux/releases) | `false` | + +Alternatively, a YAML file that specifies the values for the parameters can be provided while installing the chart. For example: + +```bash +$ helm install --name my-release -f values.yaml banzaicloud-stable/logging-operator +``` + +> **Tip**: You can use the default [values.yaml](values.yaml) + +## Installing Fluentd and Fluent-bit via logging + +The previous chart does **not** install `logging` resource to deploy Fluentd and Fluent-bit on cluster. To install them please use the [Logging Operator Logging](https://github.com/banzaicloud/logging-operator/tree/master/charts/logging-operator-logging) chart. + +## tl;dr: + +```bash +$ helm repo add banzaicloud-stable https://kubernetes-charts.banzaicloud.com +$ helm repo update +$ helm install banzaicloud-stable/logging-operator-logging +``` + +## Configuration + +The following tables lists the configurable parameters of the logging-operator-logging chart and their default values. +## tl;dr: + +```bash +$ helm repo add banzaicloud-stable https://kubernetes-charts.banzaicloud.com +$ helm repo update +$ helm install banzaicloud-stable/logging-operator-logging +``` + +## Configuration + +The following tables lists the configurable parameters of the logging-operator-logging chart and their default values. + +| Parameter | Description | Default | +| --------------------------------------------------- | ------------------------------------------------------ | ------------------------------ | +| `tls.enabled` | Enabled TLS communication between components | true | +| `tls.fluentdSecretName` | Specified secret name, which contain tls certs | This will overwrite automatic Helm certificate generation. | +| `tls.fluentbitSecretName` | Specified secret name, which contain tls certs | This will overwrite automatic Helm certificate generation. | +| `tls.sharedKey` | Shared key between nodes (fluentd-fluentbit) | [autogenerated] | +| `fluentbit.enabled` | Install fluent-bit | true | +| `fluentbit.namespace` | Specified fluentbit installation namespace | same as operator namespace | +| `fluentbit.image.tag` | Fluentbit container image tag | `1.6.10` | +| `fluentbit.image.repository` | Fluentbit container image repository | `fluent/fluent-bit` | +| `fluentbit.image.pullPolicy` | Fluentbit container pull policy | `IfNotPresent` | +| `fluentd.enabled` | Install fluentd | true | +| `fluentd.image.tag` | Fluentd container image tag | `v1.11.5-alpine-12` | +| `fluentd.image.repository` | Fluentd container image repository | `ghcr.io/banzaicloud/fluentd` | +| `fluentd.image.pullPolicy` | Fluentd container pull policy | `IfNotPresent` | +| `fluentd.volumeModImage.tag` | Fluentd volumeModImage container image tag | `latest` | +| `fluentd.volumeModImage.repository` | Fluentd volumeModImage container image repository | `busybox` | +| `fluentd.volumeModImage.pullPolicy` | Fluentd volumeModImage container pull policy | `IfNotPresent` | +| `fluentd.configReloaderImage.tag` | Fluentd configReloaderImage container image tag | `v0.2.2` | +| `fluentd.configReloaderImage.repository` | Fluentd configReloaderImage container image repository | `jimmidyson/configmap-reload` | +| `fluentd.configReloaderImage.pullPolicy` | Fluentd configReloaderImage container pull policy | `IfNotPresent` | +| `fluentd.fluentdPvcSpec.accessModes` | Fluentd persistence volume access modes | `[ReadWriteOnce]` | +| `fluentd.fluentdPvcSpec.resources.requests.storage` | Fluentd persistence volume size | `21Gi` | +| `fluentd.fluentdPvcSpec.storageClassName` | Fluentd persistence volume storageclass | `"""` | diff --git a/charts/rancher-logging/rancher-logging/3.9.400-rc06/app-readme.md b/charts/rancher-logging/rancher-logging/3.9.400-rc06/app-readme.md new file mode 100755 index 00000000000..2de4ab4c558 --- /dev/null +++ b/charts/rancher-logging/rancher-logging/3.9.400-rc06/app-readme.md @@ -0,0 +1,22 @@ +# Rancher Logging + +This chart is based off of the upstream [Banzai Logging Operator](https://banzaicloud.com/docs/one-eye/logging-operator/) chart. The chart deploys a logging operator and CRDs, which allows users to configure complex logging pipelines with a few simple custom resources. There are two levels of logging, which allow you to collect all logs in a cluster or from a single namespace. + +For more information on how to use the feature, refer to our [docs](https://rancher.com/docs/rancher/v2.x/en/logging/v2.5/). + +## Namespace-level logging + +To collect logs from a single namespace, users create flows and these flows are connected to outputs or cluster outputs. + +## Cluster-level logging + +To collect logs from an entire cluster, users create cluster flows and cluster outputs. + +## CRDs + +- [Cluster Flow](https://banzaicloud.com/docs/one-eye/logging-operator/crds/v1beta1/clusterflow_types/) - A cluster flow is a CRD (`ClusterFlow`) that defines what logs to collect from the entire cluster. The cluster flow must be deployed in the same namespace as the logging operator. +- [Cluster Output](https://banzaicloud.com/docs/one-eye/logging-operator/crds/v1beta1/clusteroutput_types/) - A cluster output is a CRD (`ClusterOutput`) that defines how to connect to logging providers so they can start collecting logs. The cluster output must be deployed in the same namespace as the logging operator. The convenience of using a cluster output is that either a cluster flow or flow can send logs to those providers without needing to define specific outputs in each namespace for each flow. +- [Flow](https://banzaicloud.com/docs/one-eye/logging-operator/crds/v1beta1/flow_types/) - A flow is a CRD (`Flow`) that defines what logs to collect from the namespace that it is deployed in. +- [Output](https://banzaicloud.com/docs/one-eye/logging-operator/crds/v1beta1/output_types/) - An output is a CRD (`Output`) that defines how to connect to logging providers so logs can be sent to the provider. + +For more information on how to configure the Helm chart, refer to the Helm README. diff --git a/charts/rancher-logging/rancher-logging/3.9.400-rc06/templates/NOTES.txt b/charts/rancher-logging/rancher-logging/3.9.400-rc06/templates/NOTES.txt new file mode 100755 index 00000000000..e69de29bb2d diff --git a/charts/rancher-logging/rancher-logging/3.9.400-rc06/templates/_helpers.tpl b/charts/rancher-logging/rancher-logging/3.9.400-rc06/templates/_helpers.tpl new file mode 100755 index 00000000000..b2b289443b7 --- /dev/null +++ b/charts/rancher-logging/rancher-logging/3.9.400-rc06/templates/_helpers.tpl @@ -0,0 +1,66 @@ +{{/* vim: set filetype=mustache: */}} +{{/* +Expand the name of the chart. +*/}} +{{- define "logging-operator.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "logging-operator.fullname" -}} +{{- if .Values.fullnameOverride -}} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- $name := default .Chart.Name .Values.nameOverride -}} +{{- if contains $name .Release.Name -}} +{{- .Release.Name | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} +{{- end -}} +{{- end -}} +{{- end -}} + +{{/* +Provides the namespace the chart will be installed in using the builtin .Release.Namespace, +or, if provided, a manually overwritten namespace value. +*/}} +{{- define "logging-operator.namespace" -}} +{{- if .Values.namespaceOverride -}} +{{ .Values.namespaceOverride -}} +{{- else -}} +{{ .Release.Namespace }} +{{- end -}} +{{- end -}} + + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "logging-operator.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Common labels +*/}} +{{- define "logging-operator.labels" -}} +app.kubernetes.io/name: {{ include "logging-operator.name" . }} +helm.sh/chart: {{ include "logging-operator.chart" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end -}} + +{{- define "system_default_registry" -}} +{{- if .Values.global.cattle.systemDefaultRegistry -}} +{{- printf "%s/" .Values.global.cattle.systemDefaultRegistry -}} +{{- else -}} +{{- "" -}} +{{- end -}} +{{- end -}} diff --git a/charts/rancher-logging/rancher-logging/3.9.400-rc06/templates/clusterrole.yaml b/charts/rancher-logging/rancher-logging/3.9.400-rc06/templates/clusterrole.yaml new file mode 100755 index 00000000000..709eedb91b3 --- /dev/null +++ b/charts/rancher-logging/rancher-logging/3.9.400-rc06/templates/clusterrole.yaml @@ -0,0 +1,167 @@ +{{- if .Values.rbac.enabled }} + +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + creationTimestamp: null + name: {{ template "logging-operator.fullname" . }} +rules: +- apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - endpoints + - namespaces + - nodes + verbs: + - get + - list + - watch +- apiGroups: + - "" + resources: + - persistentvolumeclaims + - pods + - serviceaccounts + - services + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + - events.k8s.io + resources: + - events + verbs: + - create + - get + - list + - watch +- apiGroups: + - apps + resources: + - daemonsets + - replicasets + - statefulsets + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - apps + - extensions + resources: + - deployments + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - extensions + - networking.k8s.io + resources: + - ingresses + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - extensions + - policy + resources: + - podsecuritypolicies + verbs: + - create + - delete + - get + - list + - patch + - update + - use + - watch +- apiGroups: + - logging.banzaicloud.io + resources: + - clusterflows + - clusteroutputs + - flows + - loggings + - outputs + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - logging.banzaicloud.io + resources: + - clusterflows/status + - clusteroutputs/status + - flows/status + - loggings/status + - outputs/status + verbs: + - get + - patch + - update +- apiGroups: + - monitoring.coreos.com + resources: + - servicemonitors + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - rbac.authorization.k8s.io + resources: + - clusterrolebindings + - clusterroles + - rolebindings + - roles + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +{{- end }} diff --git a/charts/rancher-logging/rancher-logging/3.9.400-rc06/templates/clusterrolebinding.yaml b/charts/rancher-logging/rancher-logging/3.9.400-rc06/templates/clusterrolebinding.yaml new file mode 100755 index 00000000000..89d17d094f7 --- /dev/null +++ b/charts/rancher-logging/rancher-logging/3.9.400-rc06/templates/clusterrolebinding.yaml @@ -0,0 +1,18 @@ +{{- if .Values.rbac.enabled }} +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: {{ template "logging-operator.fullname" . }} + labels: +{{ include "logging-operator.labels" . | indent 4 }} +subjects: + - kind: ServiceAccount + name: {{ template "logging-operator.fullname" . }} + namespace: {{ include "logging-operator.namespace" . }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: {{ template "logging-operator.fullname" . }} + + {{- end }} \ No newline at end of file diff --git a/charts/rancher-logging/rancher-logging/3.9.400-rc06/templates/crds.yaml b/charts/rancher-logging/rancher-logging/3.9.400-rc06/templates/crds.yaml new file mode 100755 index 00000000000..f573652d047 --- /dev/null +++ b/charts/rancher-logging/rancher-logging/3.9.400-rc06/templates/crds.yaml @@ -0,0 +1,6 @@ +{{- if .Values.createCustomResource -}} +{{- range $path, $bytes := .Files.Glob "crds/*.yaml" }} +{{ $.Files.Get $path }} +--- +{{- end }} +{{- end }} diff --git a/charts/rancher-logging/rancher-logging/3.9.400-rc06/templates/deployment.yaml b/charts/rancher-logging/rancher-logging/3.9.400-rc06/templates/deployment.yaml new file mode 100755 index 00000000000..26d14cca2f7 --- /dev/null +++ b/charts/rancher-logging/rancher-logging/3.9.400-rc06/templates/deployment.yaml @@ -0,0 +1,68 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "logging-operator.fullname" . }} + namespace: {{ include "logging-operator.namespace" . }} + labels: +{{ include "logging-operator.labels" . | indent 4 }} +spec: + replicas: {{ .Values.replicaCount }} + selector: + matchLabels: + app.kubernetes.io/name: {{ include "logging-operator.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + template: + metadata: + labels: + app.kubernetes.io/name: {{ include "logging-operator.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + {{- with .Values.podLabels }} + {{ toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.annotations }} + annotations: + {{- toYaml . | nindent 8 }} + {{- end }} + spec: + {{- if .Values.priorityClassName }} + priorityClassName: {{ .Values.priorityClassName }} + {{- end }} + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + containers: + - name: {{ .Chart.Name }} + image: "{{ template "system_default_registry" . }}{{ .Values.image.repository }}:{{ .Values.image.tag }}" + args: {{ range .Values.extraArgs }} + - {{ . -}} + {{ end }} + imagePullPolicy: {{ .Values.image.pullPolicy }} + resources: + {{- toYaml .Values.resources | nindent 12 }} + ports: + - name: http + containerPort: {{ .Values.http.port }} + + {{- if .Values.securityContext }} + securityContext: {{ toYaml .Values.securityContext | nindent 12 }} + {{- end }} + {{- if .Values.podSecurityContext }} + securityContext: {{ toYaml .Values.podSecurityContext | nindent 8 }} + {{- end }} + + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- if .Values.rbac.enabled }} + serviceAccountName: {{ include "logging-operator.fullname" . }} + {{- end }} diff --git a/charts/rancher-logging/rancher-logging/3.9.400-rc06/templates/loggings/aks/logging.yaml b/charts/rancher-logging/rancher-logging/3.9.400-rc06/templates/loggings/aks/logging.yaml new file mode 100755 index 00000000000..916f93b41dc --- /dev/null +++ b/charts/rancher-logging/rancher-logging/3.9.400-rc06/templates/loggings/aks/logging.yaml @@ -0,0 +1,58 @@ +{{- if .Values.additionalLoggingSources.aks.enabled }} +apiVersion: logging.banzaicloud.io/v1beta1 +kind: Logging +metadata: + name: {{ .Release.Name }}-aks + namespace: {{ .Release.Namespace }} + labels: +{{ include "logging-operator.labels" . | indent 4 }} +spec: + controlNamespace: {{ .Release.Namespace }} + fluentbit: + image: + repository: {{ template "system_default_registry" . }}{{ .Values.images.fluentbit.repository }} + tag: {{ .Values.images.fluentbit.tag }} + inputTail: + Tag: "aks" + Path: "/var/log/azure/kubelet-status.log" + {{- if .Values.global.psp.enabled }} + security: + podSecurityPolicyCreate: true + roleBasedAccessControlCreate: true + {{- end }} + {{- $total_tolerations := concat (.Values.tolerations) (.Values.fluentbit.tolerations) }} + {{- with $total_tolerations }} + tolerations: {{- toYaml . | nindent 6 }} + {{- end }} + {{- with .Values.nodeSelector }} + nodeSelector: {{- toYaml . | nindent 6 }} + {{- end }} + {{- with .Values.fluentbit.resources }} + resources: {{- toYaml . | nindent 6 }} + {{- end }} + fluentd: + image: + repository: {{ template "system_default_registry" . }}{{ .Values.images.fluentd.repository }} + tag: {{ .Values.images.fluentd.tag }} + configReloaderImage: + repository: {{ template "system_default_registry" . }}{{ .Values.images.config_reloader.repository }} + tag: {{ .Values.images.config_reloader.tag }} + disablePvc: {{ .Values.disablePvc }} + {{- if .Values.global.psp.enabled }} + security: + podSecurityPolicyCreate: true + roleBasedAccessControlCreate: true + {{- end }} + {{- with .Values.tolerations }} + tolerations: {{- toYaml . | nindent 6 }} + {{- end }} + {{- with .Values.nodeSelector }} + nodeSelector: {{- toYaml . | nindent 6 }} + {{- end }} + {{- with .Values.fluentd.resources }} + resources: {{- toYaml . | nindent 6 }} + {{- end }} + {{- with .Values.fluentd.livenessProbe }} + livenessProbe: {{- toYaml . | nindent 6 }} + {{- end }} +{{- end }} diff --git a/charts/rancher-logging/rancher-logging/3.9.400-rc06/templates/loggings/eks/logging.yaml b/charts/rancher-logging/rancher-logging/3.9.400-rc06/templates/loggings/eks/logging.yaml new file mode 100755 index 00000000000..da4af2d9e3c --- /dev/null +++ b/charts/rancher-logging/rancher-logging/3.9.400-rc06/templates/loggings/eks/logging.yaml @@ -0,0 +1,59 @@ +{{- if .Values.additionalLoggingSources.eks.enabled }} +apiVersion: logging.banzaicloud.io/v1beta1 +kind: Logging +metadata: + name: {{ .Release.Name }}-eks + namespace: {{ .Release.Namespace }} + labels: +{{ include "logging-operator.labels" . | indent 4 }} +spec: + controlNamespace: {{ .Release.Namespace }} + fluentbit: + image: + repository: {{ template "system_default_registry" . }}{{ .Values.images.fluentbit.repository }} + tag: {{ .Values.images.fluentbit.tag }} + inputTail: + Tag: "eks" + Path: "/var/log/messages" + Parser: "syslog" + {{- if .Values.global.psp.enabled }} + security: + podSecurityPolicyCreate: true + roleBasedAccessControlCreate: true + {{- end }} + {{- $total_tolerations := concat (.Values.tolerations) (.Values.fluentbit.tolerations) }} + {{- with $total_tolerations }} + tolerations: {{- toYaml . | nindent 6 }} + {{- end }} + {{- with .Values.nodeSelector }} + nodeSelector: {{- toYaml . | nindent 6 }} + {{- end }} + {{- with .Values.fluentbit.resources }} + resources: {{- toYaml . | nindent 6 }} + {{- end }} + fluentd: + image: + repository: {{ template "system_default_registry" . }}{{ .Values.images.fluentd.repository }} + tag: {{ .Values.images.fluentd.tag }} + configReloaderImage: + repository: {{ template "system_default_registry" . }}{{ .Values.images.config_reloader.repository }} + tag: {{ .Values.images.config_reloader.tag }} + disablePvc: {{ .Values.disablePvc }} + {{- if .Values.global.psp.enabled }} + security: + podSecurityPolicyCreate: true + roleBasedAccessControlCreate: true + {{- end }} + {{- with .Values.tolerations }} + tolerations: {{- toYaml . | nindent 6 }} + {{- end }} + {{- with .Values.nodeSelector }} + nodeSelector: {{- toYaml . | nindent 6 }} + {{- end }} + {{- with .Values.fluentd.resources }} + resources: {{- toYaml . | nindent 6 }} + {{- end }} + {{- with .Values.fluentd.livenessProbe }} + livenessProbe: {{- toYaml . | nindent 6 }} + {{- end }} +{{- end }} diff --git a/charts/rancher-logging/rancher-logging/3.9.400-rc06/templates/loggings/gke/logging.yaml b/charts/rancher-logging/rancher-logging/3.9.400-rc06/templates/loggings/gke/logging.yaml new file mode 100755 index 00000000000..3823127b2d8 --- /dev/null +++ b/charts/rancher-logging/rancher-logging/3.9.400-rc06/templates/loggings/gke/logging.yaml @@ -0,0 +1,58 @@ +{{- if .Values.additionalLoggingSources.gke.enabled }} +apiVersion: logging.banzaicloud.io/v1beta1 +kind: Logging +metadata: + name: {{ .Release.Name }}-gke + namespace: {{ .Release.Namespace }} + labels: +{{ include "logging-operator.labels" . | indent 4 }} +spec: + controlNamespace: {{ .Release.Namespace }} + fluentbit: + image: + repository: {{ template "system_default_registry" . }}{{ .Values.images.fluentbit.repository }} + tag: {{ .Values.images.fluentbit.tag }} + inputTail: + Tag: "gke" + Path: "/var/log/kube-proxy.log" + {{- if .Values.global.psp.enabled }} + security: + podSecurityPolicyCreate: true + roleBasedAccessControlCreate: true + {{- end }} + {{- $total_tolerations := concat (.Values.tolerations) (.Values.fluentbit.tolerations) }} + {{- with $total_tolerations }} + tolerations: {{- toYaml . | nindent 6 }} + {{- end }} + {{- with .Values.nodeSelector }} + nodeSelector: {{- toYaml . | nindent 6 }} + {{- end }} + {{- with .Values.fluentbit.resources }} + resources: {{- toYaml . | nindent 6 }} + {{- end }} + fluentd: + image: + repository: {{ template "system_default_registry" . }}{{ .Values.images.fluentd.repository }} + tag: {{ .Values.images.fluentd.tag }} + configReloaderImage: + repository: {{ template "system_default_registry" . }}{{ .Values.images.config_reloader.repository }} + tag: {{ .Values.images.config_reloader.tag }} + disablePvc: {{ .Values.disablePvc }} + {{- if .Values.global.psp.enabled }} + security: + podSecurityPolicyCreate: true + roleBasedAccessControlCreate: true + {{- end }} + {{- with .Values.tolerations }} + tolerations: {{- toYaml . | nindent 6 }} + {{- end }} + {{- with .Values.nodeSelector }} + nodeSelector: {{- toYaml . | nindent 6 }} + {{- end }} + {{- with .Values.fluentd.resources }} + resources: {{- toYaml . | nindent 6 }} + {{- end }} + {{- with .Values.fluentd.livenessProbe }} + livenessProbe: {{- toYaml . | nindent 6 }} + {{- end }} +{{- end }} diff --git a/charts/rancher-logging/rancher-logging/3.9.400-rc06/templates/loggings/k3s/logging-k3s-openrc.yaml b/charts/rancher-logging/rancher-logging/3.9.400-rc06/templates/loggings/k3s/logging-k3s-openrc.yaml new file mode 100755 index 00000000000..cf5e988f35b --- /dev/null +++ b/charts/rancher-logging/rancher-logging/3.9.400-rc06/templates/loggings/k3s/logging-k3s-openrc.yaml @@ -0,0 +1,68 @@ +{{- if and .Values.additionalLoggingSources.k3s.enabled (eq .Values.additionalLoggingSources.k3s.container_engine "openrc")}} +apiVersion: logging.banzaicloud.io/v1beta1 +kind: Logging +metadata: + name: {{ .Release.Name }}-k3s + namespace: {{ .Release.Namespace }} + labels: +{{ include "logging-operator.labels" . | indent 4 }} +spec: + controlNamespace: {{ .Release.Namespace }} + fluentbit: + image: + repository: {{ template "system_default_registry" . }}{{ .Values.images.fluentbit.repository }} + tag: {{ .Values.images.fluentbit.tag }} + inputTail: + Tag: "k3s" + Path: "/var/log/k3s.log" + extraVolumeMounts: + - source: "/var/log/" + destination: "/var/log" + readOnly: true + {{- if .Values.global.psp.enabled }} + security: + podSecurityPolicyCreate: true + roleBasedAccessControlCreate: true + {{- end }} + {{- $total_tolerations := concat (.Values.tolerations) (.Values.fluentbit.tolerations) }} + {{- with $total_tolerations }} + tolerations: + {{- toYaml . | nindent 6 }} + {{- end }} + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 6 }} + {{- end }} + {{- with .Values.fluentbit.resources }} + resources: + {{- toYaml . | nindent 6 }} + {{- end }} + fluentd: + image: + repository: {{ template "system_default_registry" . }}{{ .Values.images.fluentd.repository }} + tag: {{ .Values.images.fluentd.tag }} + configReloaderImage: + repository: {{ template "system_default_registry" . }}{{ .Values.images.config_reloader.repository }} + tag: {{ .Values.images.config_reloader.tag }} + disablePvc: {{ .Values.disablePvc }} + {{- if .Values.global.psp.enabled }} + security: + podSecurityPolicyCreate: true + roleBasedAccessControlCreate: true + {{- end }} + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 6 }} + {{- end }} + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 6 }} + {{- end }} + {{- with .Values.fluentd.resources }} + resources: + {{- toYaml . | nindent 6 }} + {{- end }} + {{- with .Values.fluentd.livenessProbe }} + livenessProbe: {{- toYaml . | nindent 6 }} + {{- end }} +{{- end }} diff --git a/charts/rancher-logging/rancher-logging/3.9.400-rc06/templates/loggings/k3s/logging-k3s-systemd.yaml b/charts/rancher-logging/rancher-logging/3.9.400-rc06/templates/loggings/k3s/logging-k3s-systemd.yaml new file mode 100755 index 00000000000..c4b3db0e736 --- /dev/null +++ b/charts/rancher-logging/rancher-logging/3.9.400-rc06/templates/loggings/k3s/logging-k3s-systemd.yaml @@ -0,0 +1,68 @@ +{{- if and .Values.additionalLoggingSources.k3s.enabled (eq .Values.additionalLoggingSources.k3s.container_engine "systemd")}} +apiVersion: logging.banzaicloud.io/v1beta1 +kind: Logging +metadata: + name: {{ .Release.Name }}-k3s + namespace: {{ .Release.Namespace }} + labels: +{{ include "logging-operator.labels" . | indent 4 }} +spec: + controlNamespace: {{ .Release.Namespace }} + fluentbit: + image: + repository: {{ template "system_default_registry" . }}{{ .Values.images.fluentbit.repository }} + tag: {{ .Values.images.fluentbit.tag }} + inputTail: + Tag: "k3s" + Path: "/var/log/syslog" + extraVolumeMounts: + - source: "/var/log/" + destination: "/var/log" + readOnly: true + {{- if .Values.global.psp.enabled }} + security: + podSecurityPolicyCreate: true + roleBasedAccessControlCreate: true + {{- end }} + {{- $total_tolerations := concat (.Values.tolerations) (.Values.fluentbit.tolerations) }} + {{- with $total_tolerations }} + tolerations: + {{- toYaml . | nindent 6 }} + {{- end }} + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 6 }} + {{- end }} + {{- with .Values.fluentbit.resources }} + resources: + {{- toYaml . | nindent 6 }} + {{- end }} + fluentd: + image: + repository: {{ template "system_default_registry" . }}{{ .Values.images.fluentd.repository }} + tag: {{ .Values.images.fluentd.tag }} + configReloaderImage: + repository: {{ template "system_default_registry" . }}{{ .Values.images.config_reloader.repository }} + tag: {{ .Values.images.config_reloader.tag }} + disablePvc: {{ .Values.disablePvc }} + {{- if .Values.global.psp.enabled }} + security: + podSecurityPolicyCreate: true + roleBasedAccessControlCreate: true + {{- end }} + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 6 }} + {{- end }} + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 6 }} + {{- end }} + {{- with .Values.fluentd.resources }} + resources: + {{- toYaml . | nindent 6 }} + {{- end }} + {{- with .Values.fluentd.livenessProbe }} + livenessProbe: {{- toYaml . | nindent 6 }} + {{- end }} +{{- end }} diff --git a/charts/rancher-logging/rancher-logging/3.9.400-rc06/templates/loggings/rke/configmap.yaml b/charts/rancher-logging/rancher-logging/3.9.400-rc06/templates/loggings/rke/configmap.yaml new file mode 100755 index 00000000000..ab91d93e2f7 --- /dev/null +++ b/charts/rancher-logging/rancher-logging/3.9.400-rc06/templates/loggings/rke/configmap.yaml @@ -0,0 +1,29 @@ +{{- if .Values.additionalLoggingSources.rke.enabled }} +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ .Release.Name }}-rke + labels: +{{ include "logging-operator.labels" . | indent 4 }} +data: + fluent-bit.conf: | + [SERVICE] + Log_Level {{ .Values.additionalLoggingSources.rke.fluentbit.log_level }} + Parsers_File parsers.conf + + [INPUT] + Tag rke + Name tail + Path_Key filename + Parser docker + DB /tail-db/tail-containers-state.db + Mem_Buf_Limit {{ .Values.additionalLoggingSources.rke.fluentbit.mem_buffer_limit }} + Path /var/lib/rancher/rke/log/*.log + + [OUTPUT] + Name forward + Match * + Host {{ .Release.Name }}-fluentd.{{ .Release.Namespace }}.svc + Port 24240 + Retry_Limit False +{{- end }} diff --git a/charts/rancher-logging/rancher-logging/3.9.400-rc06/templates/loggings/rke/daemonset.yaml b/charts/rancher-logging/rancher-logging/3.9.400-rc06/templates/loggings/rke/daemonset.yaml new file mode 100755 index 00000000000..840b3e72265 --- /dev/null +++ b/charts/rancher-logging/rancher-logging/3.9.400-rc06/templates/loggings/rke/daemonset.yaml @@ -0,0 +1,124 @@ +{{- if .Values.additionalLoggingSources.rke.enabled }} +{{- $containers := printf "%s/containers/" (default "/var/lib/docker" .Values.global.dockerRootDirectory) }} +apiVersion: apps/v1 +kind: DaemonSet +metadata: + name: "{{ .Release.Name }}-rke-aggregator" + namespace: "{{ .Release.Namespace }}" +spec: + selector: + matchLabels: + name: {{ .Release.Name }}-rke-aggregator + template: + metadata: + name: "{{ .Release.Name }}-rke-aggregator" + namespace: "{{ .Release.Namespace }}" + labels: + name: {{ .Release.Name }}-rke-aggregator + spec: + containers: + - name: fluentbit + image: "{{ template "system_default_registry" . }}{{ .Values.images.fluentbit.repository }}:{{ .Values.images.fluentbit.tag }}" + volumeMounts: + - mountPath: /var/lib/rancher/rke/log/ + name: indir + - mountPath: {{ $containers }} + name: containers + - mountPath: /tail-db + name: positiondb + - mountPath: /fluent-bit/etc/fluent-bit.conf + name: config + subPath: fluent-bit.conf + {{- if .Values.global.seLinux.enabled }} + securityContext: + seLinuxOptions: + type: rke_logreader_t + {{- end }} + volumes: + - name: indir + hostPath: + path: /var/lib/rancher/rke/log/ + type: DirectoryOrCreate + - name: containers + hostPath: + path: {{ $containers }} + type: DirectoryOrCreate + - name: positiondb + emptyDir: {} + - name: config + configMap: + name: "{{ .Release.Name }}-rke" + serviceAccountName: "{{ .Release.Name }}-rke-aggregator" + {{- $total_tolerations := concat (.Values.tolerations) (.Values.fluentbit.tolerations) }} + {{- with $total_tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: "{{ .Release.Name }}-rke-aggregator" + namespace: "{{ .Release.Namespace }}" +{{- if .Values.global.psp.enabled }} +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: "{{ .Release.Name }}-rke-aggregator" +rules: + - apiGroups: + - policy + resourceNames: + - "{{ .Release.Name }}-rke-aggregator" + resources: + - podsecuritypolicies + verbs: + - use +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: "{{ .Release.Name }}-rke-aggregator" +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: "{{ .Release.Name }}-rke-aggregator" +subjects: + - kind: ServiceAccount + name: "{{ .Release.Name }}-rke-aggregator" +--- +apiVersion: policy/v1beta1 +kind: PodSecurityPolicy +metadata: + name: "{{ .Release.Name }}-rke-aggregator" + namespace: "{{ .Release.Namespace }}" +spec: + allowPrivilegeEscalation: false + allowedHostPaths: + - pathPrefix: {{ $containers }} + readOnly: false + - pathPrefix: /var/lib/rancher/rke/log/ + readOnly: false + - pathPrefix: /var/lib/rancher/logging/ + readOnly: false + fsGroup: + rule: RunAsAny + readOnlyRootFilesystem: true + runAsUser: + rule: RunAsAny + seLinux: + rule: RunAsAny + supplementalGroups: + rule: RunAsAny + volumes: + - configMap + - emptyDir + - secret + - hostPath +{{- end }} +{{- end }} diff --git a/charts/rancher-logging/rancher-logging/3.9.400-rc06/templates/loggings/rke2/configmap.yaml b/charts/rancher-logging/rancher-logging/3.9.400-rc06/templates/loggings/rke2/configmap.yaml new file mode 100755 index 00000000000..f1ba032d55a --- /dev/null +++ b/charts/rancher-logging/rancher-logging/3.9.400-rc06/templates/loggings/rke2/configmap.yaml @@ -0,0 +1,22 @@ +{{- if .Values.additionalLoggingSources.rke2.enabled }} +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ .Release.Name }}-rke2 + labels: +{{ include "logging-operator.labels" . | indent 4 }} +data: + fluent-bit.conf: | + [INPUT] + Name systemd + Tag rke2 + Path {{ .Values.systemdLogPath | default "/var/log/journal" }} + Systemd_Filter _SYSTEMD_UNIT=rke2-server.service + + [OUTPUT] + Name forward + Match * + Host {{ .Release.Name }}-fluentd.{{ .Release.Namespace }}.svc + Port 24240 + Retry_Limit False +{{- end }} diff --git a/charts/rancher-logging/rancher-logging/3.9.400-rc06/templates/loggings/rke2/daemonset.yaml b/charts/rancher-logging/rancher-logging/3.9.400-rc06/templates/loggings/rke2/daemonset.yaml new file mode 100755 index 00000000000..f45b74b76d1 --- /dev/null +++ b/charts/rancher-logging/rancher-logging/3.9.400-rc06/templates/loggings/rke2/daemonset.yaml @@ -0,0 +1,110 @@ +{{- if .Values.additionalLoggingSources.rke2.enabled }} +apiVersion: apps/v1 +kind: DaemonSet +metadata: + name: "{{ .Release.Name }}-rke2-journald-aggregator" + namespace: "{{ .Release.Namespace }}" +spec: + selector: + matchLabels: + name: {{ .Release.Name }}-rke2-journald-aggregator + template: + metadata: + name: "{{ .Release.Name }}-rke2-journald-aggregator" + namespace: "{{ .Release.Namespace }}" + labels: + name: {{ .Release.Name }}-rke2-journald-aggregator + spec: + containers: + - name: fluentd + image: "{{ template "system_default_registry" . }}{{ .Values.images.fluentbit.repository }}:{{ .Values.images.fluentbit.tag }}" + {{- if .Values.global.seLinux.enabled }} + securityContext: + seLinuxOptions: + type: rke_logreader_t + {{- end }} + volumeMounts: + - mountPath: /fluent-bit/etc/ + name: config + - mountPath: {{ .Values.systemdLogPath | default "/var/log/journal" }} + name: journal + readOnly: true + - mountPath: /etc/machine-id + name: machine-id + readOnly: true + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: "{{ .Release.Name }}-rke2-journald-aggregator" + volumes: + - name: config + configMap: + name: "{{ .Release.Name }}-rke2" + - name: journal + hostPath: + path: {{ .Values.systemdLogPath | default "/var/log/journal" }} + - name: machine-id + hostPath: + path: /etc/machine-id +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: "{{ .Release.Name }}-rke2-journald-aggregator" + namespace: "{{ .Release.Namespace }}" +{{- if .Values.global.psp.enabled }} +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: "{{ .Release.Name }}-rke2-journald-aggregator" +rules: + - apiGroups: + - policy + resourceNames: + - "{{ .Release.Name }}-rke2-journald-aggregator" + resources: + - podsecuritypolicies + verbs: + - use +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: "{{ .Release.Name }}-rke2-journald-aggregator" +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: "{{ .Release.Name }}-rke2-journald-aggregator" +subjects: + - kind: ServiceAccount + name: "{{ .Release.Name }}-rke2-journald-aggregator" +--- +apiVersion: policy/v1beta1 +kind: PodSecurityPolicy +metadata: + name: "{{ .Release.Name }}-rke2-journald-aggregator" + namespace: "{{ .Release.Namespace }}" +spec: + allowPrivilegeEscalation: false + fsGroup: + rule: RunAsAny + readOnlyRootFilesystem: true + runAsUser: + rule: RunAsAny + seLinux: + rule: RunAsAny + supplementalGroups: + rule: RunAsAny + volumes: + - configMap + - emptyDir + - secret + - hostPath +{{- end }} +{{- end }} diff --git a/charts/rancher-logging/rancher-logging/3.9.400-rc06/templates/loggings/rke2/logging-rke2-containers.yaml b/charts/rancher-logging/rancher-logging/3.9.400-rc06/templates/loggings/rke2/logging-rke2-containers.yaml new file mode 100755 index 00000000000..7be4972e7bb --- /dev/null +++ b/charts/rancher-logging/rancher-logging/3.9.400-rc06/templates/loggings/rke2/logging-rke2-containers.yaml @@ -0,0 +1,73 @@ +{{- if .Values.additionalLoggingSources.rke2.enabled }} +apiVersion: logging.banzaicloud.io/v1beta1 +kind: Logging +metadata: + name: {{ .Release.Name }}-rke2-containers + namespace: {{ .Release.Namespace }} +spec: + controlNamespace: {{ .Release.Namespace }} + fluentbit: + image: + repository: {{ template "system_default_registry" . }}{{ .Values.images.fluentbit.repository }} + tag: {{ .Values.images.fluentbit.tag }} + inputTail: + Tag: "rke2" + Path: "/var/log/containers/*rke*.log" + extraVolumeMounts: + - source: "/var/log/containers/" + destination: "/var/log/containers/" + readOnly: true + {{- if or .Values.global.psp.enabled .Values.global.seLinux.enabled }} + security: + {{- end }} + {{- if or .Values.global.psp.enabled }} + podSecurityPolicyCreate: true + roleBasedAccessControlCreate: true + {{- end }} + {{- if .Values.global.seLinux.enabled }} + securityContext: + seLinuxOptions: + type: rke_logreader_t + {{- end }} + {{- $total_tolerations := concat (.Values.tolerations) (.Values.fluentbit.tolerations) }} + {{- with $total_tolerations }} + tolerations: + {{- toYaml . | nindent 6 }} + {{- end }} + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 6 }} + {{- end }} + {{- with .Values.fluentbit.resources }} + resources: + {{- toYaml . | nindent 6 }} + {{- end }} + fluentd: + image: + repository: {{ template "system_default_registry" . }}{{ .Values.images.fluentd.repository }} + tag: {{ .Values.images.fluentd.tag }} + configReloaderImage: + repository: {{ template "system_default_registry" . }}{{ .Values.images.config_reloader.repository }} + tag: {{ .Values.images.config_reloader.tag }} + disablePvc: {{ .Values.disablePvc }} + {{- if .Values.global.psp.enabled }} + security: + podSecurityPolicyCreate: true + roleBasedAccessControlCreate: true + {{- end }} + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 6 }} + {{- end }} + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 6 }} + {{- end }} + {{- with .Values.fluentd.resources }} + resources: + {{- toYaml . | nindent 6 }} + {{- end }} + {{- with .Values.fluentd.livenessProbe }} + livenessProbe: {{- toYaml . | nindent 6 }} + {{- end }} +{{- end }} diff --git a/charts/rancher-logging/rancher-logging/3.9.400-rc06/templates/loggings/root/logging.yaml b/charts/rancher-logging/rancher-logging/3.9.400-rc06/templates/loggings/root/logging.yaml new file mode 100755 index 00000000000..2c0506c0f9e --- /dev/null +++ b/charts/rancher-logging/rancher-logging/3.9.400-rc06/templates/loggings/root/logging.yaml @@ -0,0 +1,113 @@ +{{- $containers := printf "%s/containers/" (default "/var/lib/docker" .Values.global.dockerRootDirectory) }} +apiVersion: logging.banzaicloud.io/v1beta1 +kind: Logging +metadata: + name: {{ .Release.Name }} + namespace: {{ .Release.Namespace }} + labels: +{{ include "logging-operator.labels" . | indent 4 }} +spec: + controlNamespace: {{ .Release.Namespace }} + {{- if not (kindIs "invalid" .Values.global.cattle.windows.enabled) }} + {{- if .Values.global.cattle.windows.enabled }} + nodeAgents: + - name: win-agent + profile: windows + nodeAgentFluentbit: + daemonSet: + spec: + template: + spec: + containers: + - image: "{{ template "system_default_registry" . }}{{ .Values.images.nodeagent_fluentbit.repository }}:{{ .Values.images.nodeagent_fluentbit.tag }}" + name: fluent-bit + tls: + enabled: {{ .Values.nodeAgents.tls.enabled | default false }} + {{- if .Values.additionalLoggingSources.rke.enabled }} + - name: win-agent-rke + profile: windows + nodeAgentFluentbit: + filterKubernetes: + Kube_Tag_Prefix: "kuberentes.C.var.lib.rancher.rke.log." + inputTail: + Path: "C:\\var\\lib\\rancher\\rke\\log" + extraVolumeMounts: + - source: "/var/lib/rancher/rke/log" + destination: "/var/lib/rancher/rke/log" + readOnly: true + daemonSet: + spec: + template: + spec: + containers: + - image: "{{ template "system_default_registry" . }}{{ .Values.images.nodeagent_fluentbit.repository }}:{{ .Values.images.nodeagent_fluentbit.tag }}" + name: fluent-bit + tls: + enabled: {{ .Values.nodeAgents.tls.enabled | default false }} + {{- end }} + {{- end }} + {{- end }} + fluentbit: + image: + repository: {{ template "system_default_registry" . }}{{ .Values.images.fluentbit.repository }} + tag: {{ .Values.images.fluentbit.tag }} + {{- if or .Values.global.psp.enabled .Values.global.seLinux.enabled }} + security: + {{- end }} + {{- if .Values.global.psp.enabled }} + podSecurityPolicyCreate: true + roleBasedAccessControlCreate: true + {{- end }} + {{- if .Values.global.seLinux.enabled }} + securityContext: + seLinuxOptions: + type: rke_logreader_t + {{- end }} + {{- if .Values.global.dockerRootDirectory }} + mountPath: {{ $containers }} + extraVolumeMounts: + - source: {{ $containers }} + destination: {{ $containers }} + readOnly: true + {{- end }} + {{- $total_tolerations := concat (.Values.tolerations) (.Values.fluentbit.tolerations) }} + {{- with $total_tolerations }} + tolerations: + {{- toYaml . | nindent 6 }} + {{- end }} + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 6 }} + {{- end }} + {{- with .Values.fluentbit.resources }} + resources: + {{- toYaml . | nindent 6 }} + {{- end }} + fluentd: + image: + repository: {{ template "system_default_registry" . }}{{ .Values.images.fluentd.repository }} + tag: {{ .Values.images.fluentd.tag }} + configReloaderImage: + repository: {{ template "system_default_registry" . }}{{ .Values.images.config_reloader.repository }} + tag: {{ .Values.images.config_reloader.tag }} + disablePvc: {{ .Values.disablePvc }} + {{- if .Values.global.psp.enabled }} + security: + podSecurityPolicyCreate: true + roleBasedAccessControlCreate: true + {{- end }} + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 6 }} + {{- end }} + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 6 }} + {{- end }} + {{- with .Values.fluentd.resources }} + resources: + {{- toYaml . | nindent 6 }} + {{- end }} + {{- with .Values.fluentd.livenessProbe }} + livenessProbe: {{- toYaml . | nindent 6 }} + {{- end }} diff --git a/charts/rancher-logging/rancher-logging/3.9.400-rc06/templates/psp.yaml b/charts/rancher-logging/rancher-logging/3.9.400-rc06/templates/psp.yaml new file mode 100755 index 00000000000..420067f5979 --- /dev/null +++ b/charts/rancher-logging/rancher-logging/3.9.400-rc06/templates/psp.yaml @@ -0,0 +1,33 @@ +{{ if and .Values.rbac.enabled .Values.rbac.psp.enabled }} +apiVersion: policy/v1beta1 +kind: PodSecurityPolicy +metadata: + name: psp.logging-operator + namespace: {{ include "logging-operator.namespace" . }} + annotations: + seccomp.security.alpha.kubernetes.io/allowedProfileNames: 'docker/default,runtime/default' + seccomp.security.alpha.kubernetes.io/defaultProfileName: 'runtime/default' + labels: +{{ include "logging-operator.labels" . | indent 4 }} +spec: + readOnlyRootFilesystem: true + privileged: false + allowPrivilegeEscalation: false + runAsUser: + rule: MustRunAsNonRoot + fsGroup: + rule: MustRunAs + ranges: + - min: 1 + max: 65535 + supplementalGroups: + rule: MustRunAs + ranges: + - min: 1 + max: 65535 + seLinux: + rule: RunAsAny + volumes: + - secret + - configMap +{{ end }} diff --git a/charts/rancher-logging/rancher-logging/3.9.400-rc06/templates/service.yaml b/charts/rancher-logging/rancher-logging/3.9.400-rc06/templates/service.yaml new file mode 100755 index 00000000000..f419ae2c483 --- /dev/null +++ b/charts/rancher-logging/rancher-logging/3.9.400-rc06/templates/service.yaml @@ -0,0 +1,20 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ include "logging-operator.fullname" . }} + namespace: {{ include "logging-operator.namespace" . }} + labels: +{{ include "logging-operator.labels" . | indent 4 }} +spec: + type: ClusterIP + {{- with .Values.http.service.clusterIP }} + clusterIP: {{ . }} + {{- end }} + ports: + - port: {{ .Values.http.port }} + targetPort: http + protocol: TCP + name: http + selector: + app.kubernetes.io/name: {{ include "logging-operator.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} diff --git a/charts/rancher-logging/rancher-logging/3.9.400-rc06/templates/serviceMonitor.yaml b/charts/rancher-logging/rancher-logging/3.9.400-rc06/templates/serviceMonitor.yaml new file mode 100755 index 00000000000..1bb762cde56 --- /dev/null +++ b/charts/rancher-logging/rancher-logging/3.9.400-rc06/templates/serviceMonitor.yaml @@ -0,0 +1,30 @@ +{{ if .Values.monitoring.serviceMonitor.enabled }} +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + name: {{ include "logging-operator.fullname" . }} + namespace: {{ include "logging-operator.namespace" . }} + labels: +{{ include "logging-operator.labels" . | indent 4 }} +{{- with .Values.monitoring.serviceMonitor.additionalLabels }} + {{- toYaml . | nindent 4 }} +{{- end }} +spec: + selector: + matchLabels: +{{ include "logging-operator.labels" . | indent 6 }} + endpoints: + - port: http + path: /metrics + {{- with .Values.monitoring.serviceMonitor.metricsRelabelings }} + metricRelabelings: + {{- toYaml . | nindent 6 }} + {{- end }} + {{- with .Values.monitoring.serviceMonitor.relabelings }} + relabelings: + {{- toYaml . | nindent 4 }} + {{- end }} + namespaceSelector: + matchNames: + - {{ include "logging-operator.namespace" . }} +{{- end }} diff --git a/charts/rancher-logging/rancher-logging/3.9.400-rc06/templates/serviceaccount.yaml b/charts/rancher-logging/rancher-logging/3.9.400-rc06/templates/serviceaccount.yaml new file mode 100755 index 00000000000..cbb2a94b4fb --- /dev/null +++ b/charts/rancher-logging/rancher-logging/3.9.400-rc06/templates/serviceaccount.yaml @@ -0,0 +1,10 @@ +{{- if .Values.rbac.enabled }} +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ template "logging-operator.fullname" . }} + namespace: {{ include "logging-operator.namespace" . }} + labels: +{{ include "logging-operator.labels" . | indent 4 }} +{{- end }} diff --git a/charts/rancher-logging/rancher-logging/3.9.400-rc06/templates/userroles.yaml b/charts/rancher-logging/rancher-logging/3.9.400-rc06/templates/userroles.yaml new file mode 100755 index 00000000000..f4136b09a4e --- /dev/null +++ b/charts/rancher-logging/rancher-logging/3.9.400-rc06/templates/userroles.yaml @@ -0,0 +1,35 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: "logging-admin" + labels: + rbac.authorization.k8s.io/aggregate-to-admin: "true" +rules: + - apiGroups: + - "logging.banzaicloud.io" + resources: + - flows + - outputs + verbs: + - "*" +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: "logging-view" + labels: + rbac.authorization.k8s.io/aggregate-to-admin: "true" + rbac.authorization.k8s.io/aggregate-to-view: "true" + rbac.authorization.k8s.io/aggregate-to-edit: "true" +rules: + - apiGroups: + - "logging.banzaicloud.io" + resources: + - flows + - outputs + - clusterflows + - clusteroutputs + verbs: + - get + - list + - watch diff --git a/charts/rancher-logging/rancher-logging/3.9.400-rc06/templates/validate-install-crd.yaml b/charts/rancher-logging/rancher-logging/3.9.400-rc06/templates/validate-install-crd.yaml new file mode 100755 index 00000000000..66e8725e51d --- /dev/null +++ b/charts/rancher-logging/rancher-logging/3.9.400-rc06/templates/validate-install-crd.yaml @@ -0,0 +1,18 @@ +#{{- if gt (len (lookup "rbac.authorization.k8s.io/v1" "ClusterRole" "" "")) 0 -}} +# {{- $found := dict -}} +# {{- set $found "logging.banzaicloud.io/v1beta1/ClusterFlow" false -}} +# {{- set $found "logging.banzaicloud.io/v1beta1/ClusterOutput" false -}} +# {{- set $found "logging.banzaicloud.io/v1beta1/Flow" false -}} +# {{- set $found "logging.banzaicloud.io/v1beta1/Logging" false -}} +# {{- set $found "logging.banzaicloud.io/v1beta1/Output" false -}} +# {{- range .Capabilities.APIVersions -}} +# {{- if hasKey $found (toString .) -}} +# {{- set $found (toString .) true -}} +# {{- end -}} +# {{- end -}} +# {{- range $_, $exists := $found -}} +# {{- if (eq $exists false) -}} +# {{- required "Required CRDs are missing. Please install the corresponding CRD chart before installing this chart." "" -}} +# {{- end -}} +# {{- end -}} +#{{- end -}} \ No newline at end of file diff --git a/charts/rancher-logging/rancher-logging/3.9.400-rc06/templates/validate-install.yaml b/charts/rancher-logging/rancher-logging/3.9.400-rc06/templates/validate-install.yaml new file mode 100755 index 00000000000..bd624cc4b4c --- /dev/null +++ b/charts/rancher-logging/rancher-logging/3.9.400-rc06/templates/validate-install.yaml @@ -0,0 +1,5 @@ +#{{- if .Values.global.dockerRootDirectory }} +#{{- if or (hasSuffix "/containers" .Values.global.dockerRootDirectory) (hasSuffix "/" .Values.global.dockerRootDirectory) }} +#{{- required "global.dockerRootDirectory must not end with suffix: '/' or '/containers'" "" -}} +#{{- end }} +#{{- end }} diff --git a/charts/rancher-logging/rancher-logging/3.9.400-rc06/values.yaml b/charts/rancher-logging/rancher-logging/3.9.400-rc06/values.yaml new file mode 100755 index 00000000000..3a63e0b42b6 --- /dev/null +++ b/charts/rancher-logging/rancher-logging/3.9.400-rc06/values.yaml @@ -0,0 +1,176 @@ +# Default values for logging-operator. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + +replicaCount: 1 + +image: + repository: rancher/mirrored-banzaicloud-logging-operator + tag: 3.9.4 + pullPolicy: IfNotPresent + +extraArgs: [] +imagePullSecrets: [] +nameOverride: "" +fullnameOverride: "" +namespaceOverride: "" + +## Pod custom labels +## +podLabels: {} + +annotations: {} + +## Deploy CRDs used by Logging Operator. +## +createCustomResource: false + +resources: {} + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # limits: + # cpu: 100m + # memory: 128Mi + # requests: + # cpu: 100m + # memory: 128Mi + +nodeSelector: + kubernetes.io/os: linux + +tolerations: + - key: cattle.io/os + operator: "Equal" + value: "linux" + effect: NoSchedule + +affinity: {} + +http: + # http listen port number + port: 8080 + # Service definition for query http service + service: + type: ClusterIP + clusterIP: None + # Annotations to query http service + annotations: {} + # Labels to query http service + labels: {} + +# These "rbac" settings match the upstream defaults. For only using psp in the overlay files, which +# include the default Logging CRs created, see the "global.psp" setting. To enable psp for the entire +# chart, enable both "rbac.psp" and "global.psp" (this may require further changes to the chart). +rbac: + enabled: true + psp: + enabled: false + +## SecurityContext holds pod-level security attributes and common container settings. +## This defaults to non root user with uid 1000 and gid 2000. *v1.PodSecurityContext false +## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +## +podSecurityContext: {} +# runAsNonRoot: true +# runAsUser: 1000 +# fsGroup: 2000 +securityContext: {} +# allowPrivilegeEscalation: false +# readOnlyRootFilesystem: true + # capabilities: + # drop: ["ALL"] + +## Operator priorityClassName +## +priorityClassName: {} + +monitoring: + # Create a Prometheus Operator ServiceMonitor object + serviceMonitor: + enabled: false + additionalLabels: {} + metricRelabelings: [] + relabelings: [] + +disablePvc: true + +systemdLogPath: "/var/log/journal" + +additionalLoggingSources: + rke: + enabled: false + fluentbit: + log_level: "info" + mem_buffer_limit: "5MB" + rke2: + enabled: false + k3s: + enabled: false + container_engine: "systemd" + aks: + enabled: false + eks: + enabled: false + gke: + enabled: false + +images: + config_reloader: + repository: rancher/mirrored-jimmidyson-configmap-reload + tag: v0.4.0 + fluentbit: + repository: rancher/mirrored-fluent-fluent-bit + tag: 1.6.10 + fluentbit_debug: + repository: rancher/mirrored-fluent-fluent-bit + tag: 1.6.10-debug + fluentd: + repository: rancher/mirrored-banzaicloud-fluentd + tag: v1.11.5-alpine-12 + nodeagent_fluentbit: + os: "windows,linux" + repository: rancher/fluent-bit + tag: 1.6.10 + +# These settings apply to every Logging CR, including vendor Logging CRs enabled in "additionalLoggingSources". +# Changing these affects every Logging CR installed. +nodeAgents: + tls: + enabled: false +fluentd: + resources: {} + livenessProbe: + tcpSocket: + port: 24240 + initialDelaySeconds: 30 + periodSeconds: 15 +fluentbit: + resources: {} + tolerations: + - key: node-role.kubernetes.io/controlplane + value: "true" + effect: NoSchedule + - key: node-role.kubernetes.io/etcd + value: "true" + effect: NoExecute + +global: + cattle: + systemDefaultRegistry: "" + # Uncomment the below two lines to either enable or disable Windows logging. If this chart is + # installed via the Rancher UI, it will set this value to "true" if the cluster is a Windows + # cluster. In that scenario, if you would like to disable Windows logging on Windows clusters, + # set the value below to "false". + # windows: + # enabled: true + # Change the "dockerRootDirectory" if the default Docker directory has changed. + dockerRootDirectory: "" + # This psp setting differs from the upstream "rbac.psp" by only enabling psp settings for the + # overlay files, which include the Logging CRs created, whereas the upstream "rbac.psp" affects the + # logging operator. + psp: + enabled: true + seLinux: + enabled: false diff --git a/index.yaml b/index.yaml index e71d1ea7e63..19ef4ba3c00 100755 --- a/index.yaml +++ b/index.yaml @@ -1,6 +1,25 @@ apiVersion: v1 entries: fleet: + - annotations: + catalog.cattle.io/auto-install: fleet-crd=match + catalog.cattle.io/certified: rancher + catalog.cattle.io/experimental: "true" + catalog.cattle.io/hidden: "true" + catalog.cattle.io/namespace: fleet-system + catalog.cattle.io/os: linux + catalog.cattle.io/provides-gvr: clusters.fleet.cattle.io/v1alpha1 + catalog.cattle.io/release-name: fleet + apiVersion: v2 + appVersion: 0.3.5 + created: "2021-04-23T21:29:27.778708498Z" + description: Fleet Manager - GitOps at Scale + digest: a37d1918af77d26b0010b1073f92bfcac51961d9d8ec576ef769431e62bb5763 + icon: https://charts.rancher.io/assets/logos/fleet.svg + name: fleet + urls: + - assets/fleet/fleet-0.3.500-rc06.tgz + version: 0.3.500-rc06 - annotations: catalog.cattle.io/auto-install: fleet-crd=match catalog.cattle.io/certified: rancher @@ -515,6 +534,22 @@ entries: - released/assets/fleet/fleet-0.3.0-beta600.tgz version: 0.3.0-beta600 fleet-agent: + - annotations: + catalog.cattle.io/certified: rancher + catalog.cattle.io/hidden: "true" + catalog.cattle.io/namespace: fleet-system + catalog.cattle.io/os: linux + catalog.cattle.io/release-name: fleet-agent + apiVersion: v2 + appVersion: 0.3.5 + created: "2021-04-23T21:29:27.782710812Z" + description: Fleet Manager Agent - GitOps at Scale + digest: efd6b66a37ebef338f21029883aa347d66273da8a5f89397c90b3a12de00d468 + icon: https://charts.rancher.io/assets/logos/fleet.svg + name: fleet-agent + urls: + - assets/fleet-agent/fleet-agent-0.3.500-rc06.tgz + version: 0.3.500-rc06 - annotations: catalog.cattle.io/certified: rancher catalog.cattle.io/hidden: "true" @@ -948,6 +983,22 @@ entries: - released/assets/fleet-agent/fleet-agent-0.3.0-beta600.tgz version: 0.3.0-beta600 fleet-crd: + - annotations: + catalog.cattle.io/certified: rancher + catalog.cattle.io/hidden: "true" + catalog.cattle.io/namespace: fleet-system + catalog.cattle.io/os: linux + catalog.cattle.io/release-name: fleet-crd + apiVersion: v2 + appVersion: 0.3.5 + created: "2021-04-23T21:29:27.790025236Z" + description: Fleet Manager CustomResourceDefinitions + digest: 5e32a136687c4c5adcdb57498bdbb149010498d3dfb1edb9e73a30ff566ad7f2 + icon: https://charts.rancher.io/assets/logos/fleet.svg + name: fleet-crd + urls: + - assets/fleet-crd/fleet-crd-0.3.500-rc06.tgz + version: 0.3.500-rc06 - annotations: catalog.cattle.io/certified: rancher catalog.cattle.io/hidden: "true" @@ -2720,6 +2771,38 @@ entries: - assets/rancher-grafana/rancher-grafana-6.6.401-rc00.tgz version: 6.6.401-rc00 rancher-istio: + - annotations: + catalog.cattle.io/auto-install: rancher-kiali-server-crd=1.32.100-rc01 + catalog.cattle.io/certified: rancher + catalog.cattle.io/display-name: Istio + catalog.cattle.io/namespace: istio-system + catalog.cattle.io/os: linux + catalog.cattle.io/provides-gvr: networking.istio.io.virtualservice/v1beta1 + catalog.cattle.io/release-name: rancher-istio + catalog.cattle.io/requests-cpu: 710m + catalog.cattle.io/requests-memory: 2314Mi + catalog.cattle.io/ui-component: istio + apiVersion: v1 + appVersion: 1.9.3 + created: "2021-04-23T21:29:27.827825363Z" + dependencies: + - condition: kiali.enabled + name: kiali + repository: file://./charts/kiali + - condition: tracing.enabled + name: tracing + repository: file://./charts/tracing + description: A basic Istio setup that installs with the istioctl. Refer to https://istio.io/latest/ + for details. + digest: 439a948e27519c23410fcfd591f6f849d8431c9c5d0bdb4c72b8e541c3bedd61 + icon: https://charts.rancher.io/assets/logos/istio.svg + keywords: + - networking + - infrastructure + name: rancher-istio + urls: + - assets/rancher-istio-1.9/rancher-istio-1.9.300-rc03.tgz + version: 1.9.300-rc03 - annotations: catalog.cattle.io/auto-install: rancher-kiali-server-crd=1.32.100-rc01 catalog.cattle.io/certified: rancher @@ -2784,6 +2867,38 @@ entries: urls: - assets/rancher-istio-1.9/rancher-istio-1.9.200-rc02.tgz version: 1.9.200-rc02 + - annotations: + catalog.cattle.io/auto-install: rancher-kiali-server-crd=1.32.100-rc01 + catalog.cattle.io/certified: rancher + catalog.cattle.io/display-name: Istio + catalog.cattle.io/namespace: istio-system + catalog.cattle.io/os: linux + catalog.cattle.io/provides-gvr: networking.istio.io.virtualservice/v1beta1 + catalog.cattle.io/release-name: rancher-istio + catalog.cattle.io/requests-cpu: 710m + catalog.cattle.io/requests-memory: 2314Mi + catalog.cattle.io/ui-component: istio + apiVersion: v1 + appVersion: 1.8.5 + created: "2021-04-23T21:29:27.821694943Z" + dependencies: + - condition: kiali.enabled + name: kiali + repository: file://./charts/kiali + - condition: tracing.enabled + name: tracing + repository: file://./charts/tracing + description: A basic Istio setup that installs with the istioctl. Refer to https://istio.io/latest/ + for details. + digest: a27b7513ffc7b5796643d591b746ee38a43e7a11ec16049802669c3347bb26a5 + icon: https://charts.rancher.io/assets/logos/istio.svg + keywords: + - networking + - infrastructure + name: rancher-istio + urls: + - assets/rancher-istio-1.8/rancher-istio-1.8.500-rc03.tgz + version: 1.8.500-rc03 - annotations: catalog.cattle.io/auto-install: rancher-kiali-server-crd=1.32.100-rc01 catalog.cattle.io/certified: rancher @@ -3467,6 +3582,29 @@ entries: - assets/rancher-kube-state-metrics/rancher-kube-state-metrics-2.13.101-rc00.tgz version: 2.13.101-rc00 rancher-logging: + - annotations: + catalog.cattle.io/auto-install: rancher-logging-crd=match + catalog.cattle.io/certified: rancher + catalog.cattle.io/display-name: Logging + catalog.cattle.io/namespace: cattle-logging-system + catalog.cattle.io/provides-gvr: logging.banzaicloud.io.clusterflow/v1beta1 + catalog.cattle.io/release-name: rancher-logging + catalog.cattle.io/ui-component: logging + apiVersion: v1 + appVersion: 3.9.4 + created: "2021-04-23T21:29:27.846983427Z" + description: Collects and filter logs using highly configurable CRDs. Powered + by Banzai Cloud Logging Operator. + digest: 2157a535f052bd7fbf51f353bfec78a925aff669116e45ec2830346a7cdeca66 + icon: https://charts.rancher.io/assets/logos/logging.svg + keywords: + - logging + - monitoring + - security + name: rancher-logging + urls: + - assets/rancher-logging/rancher-logging-3.9.400-rc06.tgz + version: 3.9.400-rc06 - annotations: catalog.cattle.io/auto-install: rancher-logging-crd=match catalog.cattle.io/certified: rancher @@ -3873,6 +4011,20 @@ entries: - released/assets/rancher-logging/rancher-logging-3.6.000.tgz version: 3.6.000 rancher-logging-crd: + - annotations: + catalog.cattle.io/certified: rancher + catalog.cattle.io/hidden: "true" + catalog.cattle.io/namespace: cattle-logging-system + catalog.cattle.io/release-name: rancher-logging-crd + apiVersion: v1 + created: "2021-04-23T21:29:27.866751494Z" + description: Installs the CRDs for rancher-logging. + digest: f5f51244079273017aceffcc8d03d32ad0daacde74dd90dec39f6e91a44893a1 + name: rancher-logging-crd + type: application + urls: + - assets/rancher-logging/rancher-logging-crd-3.9.400-rc06.tgz + version: 3.9.400-rc06 - annotations: catalog.cattle.io/certified: rancher catalog.cattle.io/hidden: "true"