-
Notifications
You must be signed in to change notification settings - Fork 170
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
6028c0a
commit 7745423
Showing
17 changed files
with
791 additions
and
21 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,21 @@ | ||
# Patterns to ignore when building packages. | ||
# This supports shell glob matching, relative path matching, and | ||
# negation (prefixed with !). Only one pattern per line. | ||
.DS_Store | ||
# Common VCS dirs | ||
.git/ | ||
.gitignore | ||
.bzr/ | ||
.bzrignore | ||
.hg/ | ||
.hgignore | ||
.svn/ | ||
# Common backup files | ||
*.swp | ||
*.bak | ||
*.tmp | ||
*~ | ||
# Various IDEs | ||
.project | ||
.idea/ | ||
*.tmproj |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,15 @@ | ||
apiVersion: v1 | ||
appVersion: 1.2.1 | ||
description: A Helm chart for vSphere Cloud Provider Interface Manager (CPI) | ||
name: vsphere-cpi | ||
version: 0.2.3 | ||
keywords: | ||
- vsphere | ||
- vmware | ||
- cloud | ||
- provider | ||
home: https://github.com/kubernetes/cloud-provider-vsphere | ||
icon: https://raw.githubusercontent.com/kubernetes/cloud-provider-vsphere/master/docs/vmware_logo.png | ||
sources: | ||
- https://github.com/kubernetes/cloud-provider-vsphere | ||
deprecated: true |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,134 @@ | ||
# vSphere Cloud-Controler-Manager Helm Chart | ||
|
||
[vSphere Cloud Provider Interface](https://github.com/kubernetes/cloud-provider-vsphere) handles cloud specific functionality for VMware vSphere infrastructure running on Kubernetes. | ||
|
||
## Introduction | ||
|
||
This chart deploys all components required to run the external vSphere CPI as described on it's [GitHub page](https://github.com/kubernetes/cloud-provider-vsphere). | ||
|
||
## Prerequisites | ||
|
||
- Has been tested on Kubernetes 1.13.X+ | ||
- Assumes your Kubernetes cluster has been configured to use the external cloud provider. Please take a look at configuration guidelines located in the [Kubernetes documentation](https://kubernetes.io/docs/tasks/administer-cluster/running-cloud-controller/#running-cloud-controller-manager). | ||
|
||
## Installing the Chart using Helm 3.0+ | ||
|
||
[The Github project of Helm chart repositories](https://github.com/helm/charts) is now an archive and no longer under active development since Nov 13, 2020. For more information, see the [Helm Charts Deprecation and Archive Notice](https://github.com/helm/charts#%EF%B8%8F-deprecation-and-archive-notice), and [Update](https://helm.sh/blog/charts-repo-deprecation/). | ||
|
||
To add the Helm Stable Charts for cloud-provider-vsphere, you can run the following command: | ||
|
||
```bash | ||
$ helm repo add vsphere-cpi https://kubernetes.github.io/cloud-provider-vsphere | ||
$ helm repo update | ||
``` | ||
|
||
See [help repo](https://helm.sh/docs/helm/helm_repo/) for command documentation. | ||
|
||
Then to install the chart and by providing vCenter information/credentials, run the following command: | ||
|
||
```bash | ||
$ helm install vsphere-cpi vsphere-cpi/vsphere-cpi --namespace kube-system --set config.enabled=true --set config.vcenter=<vCenter IP> --set config.username=<vCenter Username> --set config.password=<vCenter Password> --set config.datacenter=<vCenter Datacenter> | ||
``` | ||
|
||
See [helm install](https://helm.sh/docs/helm/helm_install/) for command documentation. | ||
|
||
> **Tip**: List all releases using `helm list --all` | ||
If you want to provide your own `vsphere.conf` and Kubernetes secret `vsphere-cpi` (for example, to handle multple datacenters/vCenters or for using zones), you can learn more about the `vsphere.conf` and `vsphere-cpi` secret by reading the following [documentation](https://cloud-provider-vsphere.sigs.k8s.io/tutorials/kubernetes-on-vsphere-with-kubeadm.html) and then running the following command: | ||
|
||
```bash | ||
$ helm install vsphere-cpi vsphere-cpi/vsphere-cpi --namespace kube-system | ||
``` | ||
|
||
## Installing the Chart using Helm 2.X | ||
|
||
To install this chart with the release name `vsphere-cpi` and by providing a vCenter information/credentials, run the following command: | ||
|
||
```bash | ||
$ helm install vsphere-cpi/vsphere-cpi --name vsphere-cpi --namespace kube-system --set config.enabled=true --set config.vcenter=<vCenter IP> --set config.username=<vCenter Username> --set config.password=<vCenter Password> --set config.datacenter=<vCenter Datacenter> | ||
``` | ||
|
||
If you provide your own `vsphere.conf` and Kubernetes secret `vsphere-cpi`, then deploy the chart running the following command: | ||
|
||
```bash | ||
$ helm install vsphere-cpi/vsphere-cpi --name vsphere-cpi --namespace kube-system | ||
``` | ||
|
||
## Uninstalling the Chart | ||
|
||
Note: `helm delete` command has been renamed to `helm uninstall`. | ||
|
||
To uninstall/delete the `vsphere-cpi` deployment: | ||
|
||
```bash | ||
# Helm 2 | ||
$ helm delete vsphere-cpi --namespace kube-system | ||
|
||
# Helm 3 | ||
$ helm uninstall [RELEASE_NAME] | ||
``` | ||
|
||
The command removes all the Kubernetes components associated with the chart and deletes the release. | ||
|
||
See [helm uninstall](https://helm.sh/docs/helm/helm_uninstall/) for command documentation. | ||
|
||
> **Tip**: To permanently remove the release using Helm v2.X, run `helm delete --purge vsphere-cpi --namespace kube-system` | ||
## Configuration | ||
|
||
The following table lists the configurable parameters of the vSphere CPI chart and their default values. | ||
|
||
| Parameter | Description | Default | | ||
|------------------------------------------|-------------------------------------|----------------------------------------| | ||
| `podSecurityPolicy.enabled` | Enable pod sec policy (k8s > 1.17) | true | | ||
| `podSecurityPolicy.annotations` | Annotations for pd sec policy | nil | | ||
| `securityContext.enabled` | Enable sec context for container | false | | ||
| `securityContext.runAsUser` | RunAsUser. Default is `nobody` in | 1001 | | ||
| | distroless image | | | ||
| `securityContext.fsGroup` | FsGroup. Default is `nobody` in | 1001 | | ||
| | distroless image | | | ||
| `config.enabled` | Create a simple single VC config | false | | ||
| `config.vcenter` | FQDN or IP of vCenter | vcenter.local | | ||
| `config.username` | vCenter username | user | | ||
| `config.password` | vCenter password | pass | | ||
| `config.datacenter` | Datacenters within the vCenter | dc | | ||
| `rbac.create` | Create roles and role bindings | true | | ||
| `serviceAccount.create` | Create the service account | true | | ||
| `serviceAccount.name` | Name of the created service account | cloud-controller-manager | | ||
| `daemonset.annotations` | Annotations for CPI pod | nil | | ||
| `daemonset.image` | Image for vSphere CPI | gcr.io/cloud-provider-vsphere/ | | ||
| | | vsphere-cloud-controller-manager | | ||
| `daemonset.tag` | Tag for vSphere CPI | latest | | ||
| `daemonset.pullPolicy` | CPI image pullPolicy | IfNotPresent | | ||
| `daemonset.dnsPolicy` | CPI dnsPolicy | ClusterFirst | | ||
| `daemonset.cmdline.logging` | Logging level | 2 | | ||
| `daemonset.cmdline.cloudConfig.dir` | vSphere conf directory | /etc/cloud | | ||
| `daemonset.cmdline.cloudConfig.file` | vSphere conf filename | vsphere.conf | | ||
| `daemonset.replicaCount` | Node resources | `[]` | | ||
| `daemonset.resources` | Node resources | `[]` | | ||
| `daemonset.podAnnotations` | Annotations for CPI pod | nil | | ||
| `daemonset.podLabels` | Labels for CPI pod | nil | | ||
| `daemonset.nodeSelector` | User-defined node selectors | nil | | ||
| `daemonset.tolerations` | User-defined tolerations | nil | | ||
| `service.enabled` | Enabled the CPI API endpoint | false | | ||
| `service.annotations` | Annotations for API service | nil | | ||
| `service.type` | Service type | ClusterIP | | ||
| `service.loadBalancerSourceRanges` | list of IP CIDRs allowed access | `[]` | | ||
| `service.endpointPort` | External accessible port | 43001 | | ||
| `service.targetPort` | Internal API port | 43001 | | ||
| `ingress.enabled` | Allow external traffic access | false | | ||
| `ingress.annotations` | Annotations for Ingress | nil | | ||
|
||
Specify each parameter using the `--set key=value[,key=value]` argument to `helm install` using Helm v3.X. For example, | ||
|
||
```bash | ||
$ helm install vsphere-cpi \ | ||
stable/vsphere-cpi \ | ||
--set daemonset.pullPolicy=Always | ||
``` | ||
|
||
Alternatively, a YAML file that specifies the values for the parameters can be provided while installing the chart. | ||
|
||
### Image tags | ||
|
||
vSphere CPI offers a multitude of [tags](https://github.com/kubernetes/cloud-provider-vsphere/releases) for the various components used in this chart. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,27 @@ | ||
The vSphere Cloud Controller Manager API over gRPC exists at the following location: | ||
|
||
{{- if not .Values.service.enabled }} | ||
|
||
vSphere CPI API is disabled | ||
|
||
{{- else if contains "NodePort" .Values.service.type }} | ||
|
||
export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ template "cpi.fullname" . }}-query) | ||
export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") | ||
echo h$NODE_IP:$NODE_PORT | ||
|
||
{{- else if contains "LoadBalancer" .Values.service.type }} | ||
|
||
NOTE: It may take a few minutes for the LoadBalancer IP to be available. | ||
Watch the status with: 'kubectl get svc --namespace {{ .Release.Namespace }} -w {{ template "sphere-cpi.fullname" . }}-query' | ||
|
||
export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ template "sphere-cpi.fullname" . }}-query -o jsonpath='{.status.loadBalancer.ingress[0].ip}') | ||
echo $SERVICE_IP:50051 | ||
|
||
{{- else if contains "ClusterIP" .Values.service.type }} | ||
|
||
export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "release={{ .Release.Name }},component=cloud-controller-manager" -o jsonpath="{.items[0].metadata.name}") | ||
echo http://127.0.0.1:8080/ | ||
kubectl port-forward --namespace {{ .Release.Namespace }} $POD_NAME 43001:43001 | ||
|
||
{{- end }} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,55 @@ | ||
{{/* vim: set filetype=mustache: */}} | ||
|
||
{{/* | ||
Expand the name of the chart. | ||
*/}} | ||
{{- define "cpi.name" -}} | ||
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} | ||
{{- end -}} | ||
|
||
{{/* | ||
Create a default fully qualified app name. | ||
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec) | ||
If release name contains chart name it will be used as a full name. | ||
*/}} | ||
{{- define "cpi.fullname" -}} | ||
{{- if .Values.fullnameOverride -}} | ||
{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} | ||
{{- else -}} | ||
{{- $name := default .Chart.Name .Values.nameOverride -}} | ||
{{- if contains $name .Release.Name -}} | ||
{{- .Release.Name | trunc 63 | trimSuffix "-" -}} | ||
{{- else -}} | ||
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} | ||
{{- end -}} | ||
{{- end -}} | ||
{{- end -}} | ||
|
||
{{/* | ||
Create a fully qualified daemonset name. | ||
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). | ||
*/}} | ||
{{- define "cpi.daemonset.name" -}} | ||
{{- $nameGlobalOverride := printf "%s-daemonset" (include "cpi.fullname" .) -}} | ||
{{- if .Values.daemonset.fullnameOverride -}} | ||
{{- printf "%s" .Values.daemonset.fullnameOverride | trunc 63 | trimSuffix "-" -}} | ||
{{- else -}} | ||
{{- printf "%s" $nameGlobalOverride | trunc 63 | trimSuffix "-" -}} | ||
{{- end -}} | ||
{{- end -}} | ||
|
||
{{- define "api.binding" -}} | ||
{{- printf ":%.0f" .Values.service.endpointPort | trunc 63 | trimSuffix "-" -}} | ||
{{- end -}} | ||
|
||
{{/* | ||
Configure list of IP CIDRs allowed access to load balancer (if supported) | ||
*/}} | ||
{{- define "loadBalancerSourceRanges" -}} | ||
{{- if .service.loadBalancerSourceRanges }} | ||
loadBalancerSourceRanges: | ||
{{- range $cidr := .service.loadBalancerSourceRanges }} | ||
- {{ $cidr }} | ||
{{- end }} | ||
{{- end }} | ||
{{- end -}} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,14 @@ | ||
apiVersion: v1 | ||
kind: ConfigMap | ||
metadata: | ||
name: {{ template "cpi.fullname" . }} | ||
labels: | ||
app: {{ template "cpi.name" . }} | ||
vsphere-cpi-infra: common-configmap | ||
chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} | ||
component: cloud-controller-manager | ||
heritage: {{ .Release.Service }} | ||
release: {{ .Release.Name }} | ||
namespace: {{ .Release.Namespace }} | ||
data: | ||
api.binding: "{{ template "api.binding" . }}" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,31 @@ | ||
{{- if .Values.config.enabled | default .Values.global.config.enabled -}} | ||
apiVersion: v1 | ||
kind: ConfigMap | ||
metadata: | ||
name: cloud-config | ||
labels: | ||
app: {{ template "cpi.name" . }} | ||
vsphere-cpi-infra: cloud-config | ||
chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} | ||
component: cloud-controller | ||
heritage: {{ .Release.Service }} | ||
release: {{ .Release.Name }} | ||
namespace: {{ .Release.Namespace }} | ||
data: | ||
vsphere.conf: | | ||
# Global properties in this section will be used for all specified vCenters unless overriden in VirtualCenter section. | ||
global: | ||
port: 443 | ||
# set insecure-flag to true if the vCenter uses a self-signed cert | ||
insecureFlag: true | ||
# settings for using k8s secret | ||
secretName: vsphere-cpi | ||
secretNamespace: {{ .Release.Namespace }} | ||
# VirtualCenter section | ||
vcenter: | ||
{{ .Release.Name }}: | ||
server: {{ .Values.config.vcenter | default .Values.global.config.vcenter }} | ||
datacenters: | ||
- {{ .Values.config.datacenter | default .Values.global.config.datacenter }} | ||
{{- end -}} |
Oops, something went wrong.