helm initial (#961)
diff --git a/deploy/helm/dubbo-admin/.helmignore b/deploy/helm/dubbo-admin/.helmignore
index 0e8a0eb..8cade13 100644
--- a/deploy/helm/dubbo-admin/.helmignore
+++ b/deploy/helm/dubbo-admin/.helmignore
@@ -14,10 +14,10 @@
*.swp
*.bak
*.tmp
-*.orig
*~
# Various IDEs
+.vscode
.project
.idea/
*.tmproj
-.vscode/
+OWNERS
diff --git a/deploy/helm/dubbo-admin/Chart.yaml b/deploy/helm/dubbo-admin/Chart.yaml
index 3d14511..7a7f5f4 100644
--- a/deploy/helm/dubbo-admin/Chart.yaml
+++ b/deploy/helm/dubbo-admin/Chart.yaml
@@ -1,24 +1,13 @@
apiVersion: v2
+appVersion: 3.1.5
name: dubbo-admin
-description: A Helm chart for Kubernetes
-
-# A chart can be either an 'application' or a 'library' chart.
-#
-# Application charts are a collection of templates that can be packaged into versioned archives
-# to be deployed.
-#
-# Library charts provide useful utilities or functions for the chart developer. They're included as
-# a dependency of application charts to inject those utilities and functions into the rendering
-# pipeline. Library charts do not define any templates and therefore cannot be deployed.
+description: Distributed application monitoring and management platform.
+home: https://cn.dubbo.apache.org
+kubeVersion: '>=1.20.0-0'
+maintainers:
+ - email: mfordjody@gmail.com
+ name: mfordjody
+sources:
+ - https://github.com/apache/dubbo
type: application
-
-# This is the chart version. This version number should be incremented each time you make changes
-# to the chart and its templates, including the app version.
-# Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 0.1.0
-
-# This is the version number of the application being deployed. This version number should be
-# incremented each time you make changes to the application. Versions are not expected to
-# follow Semantic Versioning. They should reflect the version the application is using.
-# It is recommended to use it with quotes.
-appVersion: "1.16.0"
+version: 0.5.0
\ No newline at end of file
diff --git a/deploy/helm/dubbo-admin/README.md b/deploy/helm/dubbo-admin/README.md
new file mode 100644
index 0000000..250de97
--- /dev/null
+++ b/deploy/helm/dubbo-admin/README.md
@@ -0,0 +1,11 @@
+```
+git clone https://github.com/apache/dubbo-admin.git
+```
+
+```
+cd dubbo-admin/deploy/helm
+```
+
+```
+helm install dubbo-admin -f values.yaml .
+```
\ No newline at end of file
diff --git a/deploy/helm/dubbo-admin/templates/NOTES.txt b/deploy/helm/dubbo-admin/templates/NOTES.txt
index 693bd37..ca484a3 100644
--- a/deploy/helm/dubbo-admin/templates/NOTES.txt
+++ b/deploy/helm/dubbo-admin/templates/NOTES.txt
@@ -17,6 +17,6 @@
{{- else if contains "ClusterIP" .Values.service.type }}
export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "dubbo-admin.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}")
- echo "Visit http://127.0.0.1:38080 to use your application"
- kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 38080:$CONTAINER_PORT
+ echo "Visit http://127.0.0.1:8080 to use your application"
+ kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT
{{- end }}
diff --git a/deploy/helm/dubbo-admin/templates/_helpers.tpl b/deploy/helm/dubbo-admin/templates/_helpers.tpl
index 004d964..b0a5331 100644
--- a/deploy/helm/dubbo-admin/templates/_helpers.tpl
+++ b/deploy/helm/dubbo-admin/templates/_helpers.tpl
@@ -1,9 +1,10 @@
+{{/* vim: set filetype=mustache: */}}
{{/*
Expand the name of the chart.
*/}}
{{- define "dubbo-admin.name" -}}
-{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
-{{- end }}
+{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
{{/*
Create a default fully qualified app name.
@@ -30,9 +31,22 @@
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
{{- end }}
+
+{{/*
+Allow the release namespace to be overridden for multi-namespace deployments in combined charts
+*/}}
+{{- define "dubbo-admin.namespace" -}}
+{{- if .Values.namespaceOverride }}
+{{- .Values.namespaceOverride }}
+{{- else }}
+{{- .Release.Namespace }}
+{{- end }}
+{{- end }}
{{/*
Common labels
*/}}
+
+
{{- define "dubbo-admin.labels" -}}
helm.sh/chart: {{ include "dubbo-admin.chart" . }}
{{ include "dubbo-admin.selectorLabels" . }}
@@ -43,6 +57,18 @@
{{- end }}
{{/*
+Return the appropriate apiVersion for rbac.
+*/}}
+{{- define "dubbo-admin.rbac.apiVersion" -}}
+{{- if $.Capabilities.APIVersions.Has "rbac.authorization.k8s.io/v1" }}
+{{- print "rbac.authorization.k8s.io/v1" }}
+{{- else }}
+{{- print "rbac.authorization.k8s.io/v1beta1" }}
+{{- end }}
+{{- end }}
+
+
+{{/*
Selector labels
*/}}
{{- define "dubbo-admin.selectorLabels" -}}
@@ -60,3 +86,25 @@
{{- default "default" .Values.serviceAccount.name }}
{{- end }}
{{- end }}
+
+{{- define "dubbo-admin.serviceAccountNameTest" -}}
+{{- if .Values.serviceAccount.create }}
+{{- default (print (include "dubbo-admin.fullname" .) "-test") .Values.serviceAccount.nameTest }}
+{{- else }}
+{{- default "default" .Values.serviceAccount.nameTest }}
+{{- end }}
+{{- end }}
+
+{{/*
+Formats imagePullSecrets. Input is (dict "root" . "imagePullSecrets" .{specific imagePullSecrets})
+*/}}
+{{- define "dubbo-admin.imagePullSecrets" -}}
+{{- $root := .root }}
+{{- range (concat .root.Values.global.imagePullSecrets .imagePullSecrets) }}
+{{- if eq (typeOf .) "map[string]interface {}" }}
+- {{ toYaml (dict "name" (tpl .name $root)) | trim }}
+{{- else }}
+- name: {{ tpl . $root }}
+{{- end }}
+{{- end }}
+{{- end }}
\ No newline at end of file
diff --git a/deploy/helm/dubbo-admin/templates/clusterrole.yaml b/deploy/helm/dubbo-admin/templates/clusterrole.yaml
new file mode 100644
index 0000000..5cc6aa3
--- /dev/null
+++ b/deploy/helm/dubbo-admin/templates/clusterrole.yaml
@@ -0,0 +1,42 @@
+{{- if and .Values.rbac.create (not .Values.rbac.namespaced) (not .Values.rbac.useExistingRole) }}
+apiVersion: {{ include "dubbo-admin.rbac.apiVersion" . }}
+kind: ClusterRole
+metadata:
+ labels:
+ {{- include "dubbo-admin.labels" . | nindent 4 }}
+ {{- with .Values.annotations }}
+ annotations:
+ {{- toYaml . | nindent 4 }}
+ {{- end }}
+ name: {{ include "dubbo-admin.fullname" . }}-clusterrole
+rules:
+ - apiGroups: # "" indicates the core API group
+ - ""
+ resources:
+ - configmaps
+ - secrets
+ - pods
+ verbs:
+ - get
+ - watch
+ - list
+ - apiGroups:
+ - "extensions"
+ resources:
+ - ingresses
+ verbs:
+ - get
+ - apiGroups:
+ - "apps"
+ resources:
+ - configmaps
+ - deployments
+ - services
+ verbs:
+ - get
+ - list
+ - watch
+ {{- end }}
+ {{- with .Values.rbac.extraClusterRoleRules }}
+ {{- toYaml . | nindent 2 }}
+ {{- end }}
diff --git a/deploy/helm/dubbo-admin/templates/clusterrolebinding.yaml b/deploy/helm/dubbo-admin/templates/clusterrolebinding.yaml
new file mode 100644
index 0000000..09f9966
--- /dev/null
+++ b/deploy/helm/dubbo-admin/templates/clusterrolebinding.yaml
@@ -0,0 +1,24 @@
+{{- if and .Values.rbac.create (not .Values.rbac.namespaced) }}
+apiVersion: {{ include "dubbo-admin.rbac.apiVersion" . }}
+kind: ClusterRoleBinding
+metadata:
+ name: {{ include "dubbo-admin.fullname" . }}-clusterrolebinding
+ labels:
+ {{- include "dubbo-admin.labels" . | nindent 4 }}
+ {{- with .Values.annotations }}
+ annotations:
+ {{- toYaml . | nindent 4 }}
+ {{- end }}
+subjects:
+ - kind: ServiceAccount
+ name: {{ include "dubbo-admin.serviceAccountName" . }}
+ namespace: {{ include "dubbo-admin.namespace" . }}
+roleRef:
+ kind: ClusterRole
+ {{- if .Values.rbac.useExistingRole }}
+ name: {{ .Values.rbac.useExistingRole }}
+ {{- else }}
+ name: {{ include "dubbo-admin.fullname" . }}-clusterrole
+ {{- end }}
+ apiGroup: rbac.authorization.k8s.io
+{{- end }}
diff --git a/deploy/helm/dubbo-admin/templates/configmap.yaml b/deploy/helm/dubbo-admin/templates/configmap.yaml
deleted file mode 100644
index c853957..0000000
--- a/deploy/helm/dubbo-admin/templates/configmap.yaml
+++ /dev/null
@@ -1,6 +0,0 @@
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: {{ .Chart.Name }}
-data:
- application.properties: {{ .Values.properties | toYaml | indent 1 }}
diff --git a/deploy/helm/dubbo-admin/templates/deployment.yaml b/deploy/helm/dubbo-admin/templates/deployment.yaml
index 960f78c..d4fcbd1 100644
--- a/deploy/helm/dubbo-admin/templates/deployment.yaml
+++ b/deploy/helm/dubbo-admin/templates/deployment.yaml
@@ -1,39 +1,82 @@
apiVersion: apps/v1
kind: Deployment
metadata:
+ name: {{ include "dubbo-admin.fullname" . }}
+ namespace: {{ include "dubbo-admin.namespace" . }}
labels:
- app: {{ .Chart.Name }}
- name: {{ .Chart.Name }}
+ {{- include "dubbo-admin.labels" . | nindent 4 }}
+ {{- with .Values.labels }}
+ {{- toYaml . | nindent 4 }}
+ {{- end }}
+ {{- with .Values.annotations }}
+ annotations:
+ {{- toYaml . | nindent 4 }}
+ {{- end }}
spec:
- replicas: {{ .Values.replicaCount }}
+ {{- if and (not .Values.autoscaling.enabled) (.Values.replicas) }}
+ replicas: {{ .Values.replicas }}
+ {{- end }}
+ revisionHistoryLimit: {{ .Values.revisionHistoryLimit }}
+ minReadySeconds: {{ .Values.minReadySeconds }}
selector:
matchLabels:
- app: {{ .Chart.Name }}
+ {{- include "dubbo-admin.selectorLabels" . | nindent 6 }}
+ {{- with .Values.deploymentStrategy }}
+ strategy:
+ {{- toYaml . | trim | nindent 4 }}
+ {{- end }}
template:
metadata:
labels:
- app: {{ .Chart.Name }}
+ {{- include "dubbo-admin.selectorLabels" . | nindent 8 }}
spec:
+ {{- if .Values.imagePullSecrets }}
+ imagePullSecrets: {{ toYaml .Values.imagePullSecrets | nindent 8 }}
+ {{- end }}
+ {{- if .Values.nodeSelector }}
+ nodeSelector: {{- toYaml .Values.nodeSelector | nindent 8 }}
+ {{- end }}
+ {{- if .Values.affinity }}
+ affinity: {{- toYaml .Values.affinity | nindent 8 }}
+ {{- end }}
+ {{- if .Values.tolerations }}
+ tolerations: {{- toYaml .Values.tolerations | nindent 8 }}
+ {{- end }}
+ serviceAccountName: {{ include "dubbo-admin.serviceAccountName" . }}
containers:
- name: {{ .Chart.Name }}
- image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
+ securityContext:
+ {{- toYaml .Values.securityContext | nindent 12 }}
+ image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.Version }}"
imagePullPolicy: {{ .Values.image.pullPolicy }}
ports:
- - containerPort: 38080
- protocol: TCP
- name: http
+ - name: {{ .Values.service.name }}
+ containerPort: {{ .Values.service.containerPort }}
volumeMounts:
- - mountPath: /config
- name: application-properties
+ - mountPath: {{ .Values.volumeMounts.mountPath }}
+ name: {{ .Values.volumeMounts.name }}
+ readOnly: {{ .Values.volumeMounts.readOnly }}
livenessProbe:
httpGet:
- path: /
- port: http
+ path: {{ .Values.livenessProbe.httpGet.path }}
+ port: {{ .Values.livenessProbe.httpGet.port }}
+ initialDelaySeconds: {{ .Values.livenessProbe.initialDelaySeconds }}
+ timeoutSeconds: {{ .Values.livenessProbe.timeoutSeconds }}
+ periodSeconds: {{ .Values.livenessProbe.periodSeconds }}
+ successThreshold: {{ .Values.livenessProbe.successThreshold }}
+ failureThreshold: {{ .Values.livenessProbe.failureThreshold }}
readinessProbe:
httpGet:
- path: /
- port: http
+ path: {{ .Values.livenessProbe.httpGet.path }}
+ port: {{ .Values.livenessProbe.httpGet.port }}
+ initialDelaySeconds: {{ .Values.livenessProbe.initialDelaySeconds }}
+ timeoutSeconds: {{ .Values.readinessProbe.timeoutSeconds }}
+ periodSeconds: {{ .Values.readinessProbe.periodSeconds }}
+ successThreshold: {{ .Values.readinessProbe.successThreshold }}
+ failureThreshold: {{ .Values.readinessProbe.failureThreshold }}
+ resources:
+ {{- toYaml .Values.resources | nindent 12 }}
volumes:
- - name: application-properties
- configMap:
- name: dubbo-admin
+ - name: {{ .Values.volumes.name }}
+ secret:
+ secretName: {{ .Chart.Name }}
\ No newline at end of file
diff --git a/deploy/helm/dubbo-admin/templates/hpa.yaml b/deploy/helm/dubbo-admin/templates/hpa.yaml
new file mode 100644
index 0000000..6424890
--- /dev/null
+++ b/deploy/helm/dubbo-admin/templates/hpa.yaml
@@ -0,0 +1,28 @@
+{{- if .Values.autoscaling.enabled }}
+apiVersion: autoscaling/v2beta1
+kind: HorizontalPodAutoscaler
+metadata:
+ name: {{ include "dubbo-admin.fullname" . }}
+ labels:
+ {{- include "dubbo-admin.labels" . | nindent 4 }}
+spec:
+ scaleTargetRef:
+ apiVersion: apps/v1
+ kind: Deployment
+ name: {{ include "dubbo-admin.fullname" . }}
+ minReplicas: {{ .Values.autoscaling.minReplicas }}
+ maxReplicas: {{ .Values.autoscaling.maxReplicas }}
+ metrics:
+ {{- if .Values.autoscaling.targetCPUUtilizationPercentage }}
+ - type: Resource
+ resource:
+ name: cpu
+ targetAverageUtilization: {{ .Values.autoscaling.targetCPUUtilizationPercentage }}
+ {{- end }}
+ {{- if .Values.autoscaling.targetMemoryUtilizationPercentage }}
+ - type: Resource
+ resource:
+ name: memory
+ targetAverageUtilization: {{ .Values.autoscaling.targetMemoryUtilizationPercentage }}
+ {{- end }}
+{{- end }}
diff --git a/deploy/helm/dubbo-admin/templates/role.yaml b/deploy/helm/dubbo-admin/templates/role.yaml
new file mode 100644
index 0000000..d1c1b48
--- /dev/null
+++ b/deploy/helm/dubbo-admin/templates/role.yaml
@@ -0,0 +1,36 @@
+{{- if and .Values.rbac.create (not .Values.rbac.useExistingRole) -}}
+apiVersion: {{ include "dubbo-admin.rbac.apiVersion" . }}
+kind: Role
+metadata:
+ name: {{ include "dubbo-admin.fullname" . }}
+ namespace: {{ include "dubbo-admin.namespace" . }}
+ labels:
+ {{- include "dubbo-admin.labels" . | nindent 4 }}
+ {{- with .Values.annotations }}
+ annotations:
+ {{- toYaml . | nindent 4 }}
+ {{- end }}
+{{- if .Values.rbac.pspEnabled }}
+rules:
+ {{- if .Values.rbac.pspEnabled }}
+ - apiGroups:
+ - extensions
+ resources:
+ - podsecuritypolicies
+ verbs:
+ - use
+ resourceNames:
+ - {{ include "dubbo-admin.fullname" . }}
+ {{- end }}
+ {{- if .Values.rbac.namespaced }}
+ - apiGroups: [""] # "" indicates the core API group
+ resources: ["configmaps", "secrets"]
+ verbs: ["get", "watch", "list"]
+ {{- end }}
+ {{- with .Values.rbac.extraRoleRules }}
+ {{- toYaml . | nindent 2 }}
+ {{- end}}
+{{- else }}
+rules: []
+{{- end }}
+{{- end }}
diff --git a/deploy/helm/dubbo-admin/templates/rolebinding.yaml b/deploy/helm/dubbo-admin/templates/rolebinding.yaml
new file mode 100644
index 0000000..6154260
--- /dev/null
+++ b/deploy/helm/dubbo-admin/templates/rolebinding.yaml
@@ -0,0 +1,25 @@
+{{- if .Values.rbac.create }}
+apiVersion: {{ include "dubbo-admin.rbac.apiVersion" . }}
+kind: RoleBinding
+metadata:
+ name: {{ include "dubbo-admin.fullname" . }}
+ namespace: {{ include "dubbo-admin.namespace" . }}
+ labels:
+ {{- include "dubbo-admin.labels" . | nindent 4 }}
+ {{- with .Values.annotations }}
+ annotations:
+ {{- toYaml . | nindent 4 }}
+ {{- end }}
+roleRef:
+ apiGroup: rbac.authorization.k8s.io
+ kind: Role
+ {{- if .Values.rbac.useExistingRole }}
+ name: {{ .Values.rbac.useExistingRole }}
+ {{- else }}
+ name: {{ include "dubbo-admin.fullname" . }}
+ {{- end }}
+subjects:
+ - kind: ServiceAccount
+ name: {{ include "dubbo-admin.serviceAccountName" . }}
+ namespace: {{ include "dubbo-admin.namespace" . }}
+{{- end }}
diff --git a/deploy/helm/dubbo-admin/templates/secret-env.yaml b/deploy/helm/dubbo-admin/templates/secret-env.yaml
new file mode 100644
index 0000000..7b1e1bb
--- /dev/null
+++ b/deploy/helm/dubbo-admin/templates/secret-env.yaml
@@ -0,0 +1,14 @@
+{{- if .Values.envRenderSecret }}
+apiVersion: v1
+kind: Secret
+metadata:
+ name: {{ include "dubbo-admin.fullname" . }}-env
+ namespace: {{ include "dubbo-admin.namespace" . }}
+ labels:
+ {{- include "dubbo-admin.labels" . | nindent 4 }}
+type: Opaque
+data:
+{{- range $key, $val := .Values.envRenderSecret }}
+ {{ $key }}: {{ $val | b64enc | quote }}
+{{- end }}
+{{- end }}
\ No newline at end of file
diff --git a/deploy/helm/dubbo-admin/templates/secret.yaml b/deploy/helm/dubbo-admin/templates/secret.yaml
new file mode 100644
index 0000000..f296bee
--- /dev/null
+++ b/deploy/helm/dubbo-admin/templates/secret.yaml
@@ -0,0 +1,10 @@
+apiVersion: v1
+kind: Secret
+metadata:
+ name: {{ .Chart.Name }}
+ namespace: {{ include "dubbo-admin.namespace" . }}
+ labels:
+ {{- include "dubbo-admin.labels" . | nindent 4 }}
+ type: Opaque
+data:
+ application.properties: {{ tpl (toYaml .Values.properties) . | b64enc }}
diff --git a/deploy/helm/dubbo-admin/templates/service.yaml b/deploy/helm/dubbo-admin/templates/service.yaml
deleted file mode 100644
index cee869a..0000000
--- a/deploy/helm/dubbo-admin/templates/service.yaml
+++ /dev/null
@@ -1,13 +0,0 @@
-apiVersion: v1
-kind: Service
-metadata:
- name: {{ include "dubbo-admin.fullname" . }}
-spec:
- type: {{ .Values.service.type }}
- ports:
- - port: {{ .Values.service.port }}
- targetPort: http
- protocol: TCP
- name: http
- selector:
- app: {{ .Chart.Name }}
diff --git a/deploy/helm/dubbo-admin/templates/serviceaccount.yaml b/deploy/helm/dubbo-admin/templates/serviceaccount.yaml
index 9986487..b493f32 100644
--- a/deploy/helm/dubbo-admin/templates/serviceaccount.yaml
+++ b/deploy/helm/dubbo-admin/templates/serviceaccount.yaml
@@ -1,12 +1,17 @@
-{{- if .Values.serviceAccount.create -}}
+{{- if .Values.serviceAccount.create }}
+{{- $admin := . -}}
apiVersion: v1
kind: ServiceAccount
metadata:
- name: {{ include "dubbo-admin.serviceAccountName" . }}
labels:
{{- include "dubbo-admin.labels" . | nindent 4 }}
+ {{- with .Values.serviceAccount.labels }}
+ {{- toYaml . | nindent 4 }}
+ {{- end }}
{{- with .Values.serviceAccount.annotations }}
annotations:
- {{- toYaml . | nindent 4 }}
+ {{- tpl (toYaml . | nindent 4) $admin }}
{{- end }}
-{{- end }}
+ name: {{ include "dubbo-admin.serviceAccountName" . }}
+ namespace: {{ include "dubbo-admin.namespace" . }}
+ {{- end }}
diff --git a/deploy/helm/dubbo-admin/templates/svc-headless.yaml b/deploy/helm/dubbo-admin/templates/svc-headless.yaml
new file mode 100644
index 0000000..224b05e
--- /dev/null
+++ b/deploy/helm/dubbo-admin/templates/svc-headless.yaml
@@ -0,0 +1,42 @@
+{{- if .Values.service.enabled }}
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ include "dubbo-admin.fullname" . }}-headless
+ namespace: {{ include "dubbo-admin.namespace" . }}
+ labels:
+ {{- include "dubbo-admin.labels" . | nindent 4 }}
+spec:
+ {{- if (or (eq .Values.service.type "ClusterIP") (empty .Values.service.type)) }}
+ type: ClusterIP
+ clusterIP: None
+ {{- else if eq .Values.service.type "LoadBalancer" }}
+ type: {{ .Values.service.type }}
+ {{- with .Values.service.loadBalancerIP }}
+ loadBalancerIP: {{ . }}
+ {{- end }}
+ {{- with .Values.service.loadBalancerSourceRanges }}
+ loadBalancerSourceRanges:
+ {{- toYaml . | nindent 4 }}
+ {{- end }}
+ {{- else }}
+ type: {{ .Values.service.type }}
+ {{- end }}
+ {{- with .Values.service.externalIPs }}
+ externalIPs:
+ {{- toYaml . | nindent 4 }}
+ {{- end }}
+ ports:
+ - name: {{ .Values.service.portName }}
+ port: {{ .Values.service.port }}
+ protocol: {{ .Values.service.protocol }}
+ targetPort: {{ .Values.service.targetPort }}
+ {{- with .Values.service.appProtocol }}
+ appProtocol: {{ . }}
+ {{- end }}
+ {{- if (and (eq .Values.service.type "NodePort") (not (empty .Values.service.nodePort))) }}
+ nodePort: {{ .Values.service.nodePort }}
+ {{- end }}
+ selector:
+ {{- include "dubbo-admin.selectorLabels" . | nindent 4 }}
+ {{- end }}
\ No newline at end of file
diff --git a/deploy/helm/dubbo-admin/templates/svc.yaml b/deploy/helm/dubbo-admin/templates/svc.yaml
new file mode 100644
index 0000000..4697b68
--- /dev/null
+++ b/deploy/helm/dubbo-admin/templates/svc.yaml
@@ -0,0 +1,46 @@
+{{- if .Values.service.enabled }}
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ include "dubbo-admin.fullname" . }}
+ namespace: {{ include "dubbo-admin.namespace" . }}
+ labels:
+ {{- include "dubbo-admin.labels" . | nindent 4 }}
+spec:
+ {{- if (or (eq .Values.service.type "ClusterIP") (empty .Values.service.type)) }}
+ type: ClusterIP
+ {{- with .Values.service.clusterIP }}
+ clusterIP: {{ . }}
+ {{- end }}
+ {{- else if eq .Values.service.type "LoadBalancer" }}
+ type: {{ .Values.service.type }}
+ {{- with .Values.service.loadBalancerIP }}
+ loadBalancerIP: {{ . }}
+ {{- end }}
+ {{- with .Values.service.loadBalancerSourceRanges }}
+ loadBalancerSourceRanges:
+ {{- toYaml . | nindent 4 }}
+ {{- end }}
+ {{- else }}
+ type: {{ .Values.service.type }}
+ {{- end }}
+ {{- with .Values.service.externalIPs }}
+ externalIPs:
+ {{- toYaml . | nindent 4 }}
+ {{- end }}
+ ports:
+ - name: {{ .Values.service.portName }}
+ port: {{ .Values.service.port }}
+ protocol: {{ .Values.service.protocol }}
+ targetPort: {{ .Values.service.targetPort }}
+ {{- with .Values.service.appProtocol }}
+ appProtocol: {{ . }}
+ {{- end }}
+ {{- if (and (eq .Values.service.type "NodePort") (not (empty .Values.service.nodePort))) }}
+ nodePort: {{ .Values.service.nodePort }}
+ {{- end }}
+ selector:
+ {{- include "dubbo-admin.selectorLabels" . | nindent 4 }}
+ {{- end }}
+
+
diff --git a/deploy/helm/dubbo-admin/templates/tests/test-connection.yaml b/deploy/helm/dubbo-admin/templates/tests/test-connection.yaml
deleted file mode 100644
index ce40f40..0000000
--- a/deploy/helm/dubbo-admin/templates/tests/test-connection.yaml
+++ /dev/null
@@ -1,15 +0,0 @@
-apiVersion: v1
-kind: Pod
-metadata:
- name: "{{ include "dubbo-admin.fullname" . }}-test-connection"
- labels:
- {{- include "dubbo-admin.labels" . | nindent 4 }}
- annotations:
- "helm.sh/hook": test
-spec:
- containers:
- - name: wget
- image: busybox
- command: ['wget']
- args: ['{{ include "dubbo-admin.fullname" . }}:{{ .Values.service.port }}']
- restartPolicy: Never
diff --git a/deploy/helm/dubbo-admin/templates/tests/test-serviceaccount.yaml b/deploy/helm/dubbo-admin/templates/tests/test-serviceaccount.yaml
new file mode 100644
index 0000000..681d30b
--- /dev/null
+++ b/deploy/helm/dubbo-admin/templates/tests/test-serviceaccount.yaml
@@ -0,0 +1,12 @@
+{{- if and .Values.testFramework.enabled .Values.serviceAccount.create }}
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+ labels:
+ {{- include "dubbo-admin.labels" . | nindent 4 }}
+ name: {{ include "dubbo-admin.serviceAccountNameTest" . }}
+ namespace: {{ include "dubbo-admin.namespace" . }}
+ annotations:
+ "helm.sh/hook": test-success
+ "helm.sh/hook-delete-policy": "before-hook-creation,hook-succeeded"
+{{- end }}
diff --git a/deploy/helm/dubbo-admin/templates/tests/test.yaml b/deploy/helm/dubbo-admin/templates/tests/test.yaml
new file mode 100644
index 0000000..dd44ee8
--- /dev/null
+++ b/deploy/helm/dubbo-admin/templates/tests/test.yaml
@@ -0,0 +1,49 @@
+{{- if .Values.testFramework.enabled }}
+{{- $root := . }}
+apiVersion: v1
+kind: Pod
+metadata:
+ name: {{ include "dubbo-admin.fullname" . }}-test
+ labels:
+ {{- include "dubbo-admin.labels" . | nindent 4 }}
+ annotations:
+ "helm.sh/hook": test-success
+ "helm.sh/hook-delete-policy": "before-hook-creation,hook-succeeded"
+ namespace: {{ include "dubbo-admin.namespace" . }}
+spec:
+ serviceAccountName: {{ include "dubbo-admin.serviceAccountName" . }}
+ {{- with .Values.testFramework.securityContext }}
+ securityContext:
+ {{- toYaml . | nindent 4 }}
+ {{- end }}
+ {{- if or .Values.image.pullSecrets .Values.global.imagePullSecrets }}
+ imagePullSecrets:
+ {{- include "dubbo-admin.imagePullSecrets" (dict "root" $root "imagePullSecrets" .Values.image.pullSecrets) | nindent 4 }}
+ {{- end }}
+ {{- with .Values.nodeSelector }}
+ nodeSelector:
+ {{- toYaml . | nindent 4 }}
+ {{- end }}
+ {{- with .Values.affinity }}
+ affinity:
+ {{- tpl (toYaml .) $root | nindent 4 }}
+ {{- end }}
+ {{- with .Values.tolerations }}
+ tolerations:
+ {{- toYaml . | nindent 4 }}
+ {{- end }}
+ containers:
+ - name: {{ .Release.Name }}-test
+ image: "{{ .Values.testFramework.image}}"
+ imagePullPolicy: "{{ .Values.testFramework.imagePullPolicy}}"
+ command: ["wget"]
+ volumeMounts:
+ - mountPath: /tests
+ name: tests
+ readOnly: true
+ volumes:
+ - name: tests
+ configMap:
+ name: {{ include "dubbo-admin.fullname" . }}-test
+ restartPolicy: Never
+{{- end }}
diff --git a/deploy/helm/dubbo-admin/values.yaml b/deploy/helm/dubbo-admin/values.yaml
index 0a43bf9..cfd80ff 100644
--- a/deploy/helm/dubbo-admin/values.yaml
+++ b/deploy/helm/dubbo-admin/values.yaml
@@ -1,69 +1,526 @@
-# Default values for dubbo-admin.
-# This is a YAML-formatted file.
-# Declare variables to be passed into your templates.
+global:
+ # To help compatibility with other charts which use global.imagePullSecrets.
+ # Allow either an array of {name: pullSecret} maps (k8s-style), or an array of strings (more common helm-style).
+ # Can be tempalted.
+ # global:
+ # imagePullSecrets:
+ # - name: pullSecret1
+ # - name: pullSecret2
+ # or
+ # global:
+ # imagePullSecrets:
+ # - pullSecret1
+ # - pullSecret2
+ imagePullSecrets: []
-replicaCount: 2
+
+fullnameOverride: {}
+
+
+nameOverride: {}
+
+
+namespaceOverride: {}
+
+
+labels: {}
+
+
+annotations: {}
+
+volumes:
+ name: application-properties
+
+
+volumeMounts:
+ mountPath: /config
+ name: application-properties
+ readOnly: true
+
+
+rbac:
+ create: true
+ # Use an existing ClusterRole/Role (depending on rbac.namespaced false/true)
+ pspEnabled: true
+ pspUseAppArmor: true
+ namespaced: false
+ extraRoleRules: []
+ useExistingRole: []
+ # - apiGroups: []
+ # resources: []
+ # verbs: []
+ extraClusterRoleRules: []
+ # - apiGroups: []
+ # resources: []
+ # verbs: []
+
+## serviceAccount
+serviceAccount:
+ create: true
+ name:
+ ## ServiceAccount labels.
+ labels: {}
+ annotations: {}
+
+
+## Number of copies
+replicas: 1
+
+# -- Optional array of imagePullSecrets containing private registry credentials
+## Ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
+imagePullSecrets: []
+# - name: secretName
+
+
+## Create a headless service for the deployment
+headlessService: false
+
+
+## Create HorizontalPodAutoscaler object for deployment type
+autoscaling:
+ enabled: false
+ minReplicas: 1
+ maxReplicas: 5
+ targetCPU: "60"
+ targetMemory: ""
+ behavior: {}
+
+## Number of old ReplicaSets to retain
+##
+revisionHistoryLimit: 10
+
+
+## See `kubectl explain poddisruptionbudget.spec` for more
+## ref: https://kubernetes.io/docs/tasks/run-application/configure-pdb/
+podDisruptionBudget: {}
+# minAvailable: 1
+# maxUnavailable: 1
+
+
+## See `kubectl explain deployment.spec.strategy` for more
+## ref: https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#strategy
+deploymentStrategy:
+ type: RollingUpdate
+
+
+readinessProbe:
+ httpGet:
+ path: /
+ port: 8080
+ initialDelaySeconds: 60
+ timeoutSeconds: 30
+ periodSeconds: 10
+ successThreshold: 1
+ failureThreshold: 3
+
+
+livenessProbe:
+ httpGet:
+ path: /
+ port: 8080
+ initialDelaySeconds: 60
+ timeoutSeconds: 30
+ periodSeconds: 10
+ successThreshold: 1
+ failureThreshold: 3
+
image:
repository: apache/dubbo-admin
+ tag: "0.5.0"
pullPolicy: IfNotPresent
- # Overrides the image tag whose default is the chart appVersion.
- tag: "0.5.0-SNAPSHOT"
-imagePullSecrets: []
-nameOverride: ""
-fullnameOverride: ""
-
-serviceAccount:
- # Specifies whether a service account should be created
- create: true
- # Annotations to add to the service account
- annotations: {}
- # The name of the service account to use.
- # If not set and create is true, a name is generated using the fullname template
- name: ""
+ ## Optionally specify an array of imagePullSecrets.
+ ## Secrets must be manually created in the namespace.
+ ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
+ ## Can be templated.
+ ##
+ pullSecrets: []
+ # - RegisterKeySecretName
-podAnnotations: {}
+securityContext:
+ # runAsUser: 570
+ # runAsGroup: 570
+ # fsGroup: 570
-podSecurityContext: {}
- # fsGroup: 2000
+testFramework:
+ enabled: true
+ image: busybox
+ tag: ""
+ imagePullPolicy: IfNotPresent
+ securityContext: {}
-securityContext: {}
- # capabilities:
- # drop:
- # - ALL
- # readOnlyRootFilesystem: true
- # runAsNonRoot: true
- # runAsUser: 1000
+containerSecurityContext: {}
+
+
+## Sensible environment variables that will be rendered as new secret object
+## This can be useful for auth tokens, etc
+envRenderSecret: {}
+
+# -- `minReadySeconds` to avoid killing pods before we are ready
+##
+minReadySeconds: 0
+# -- Node tolerations for server scheduling to nodes with taints
+## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/
+##
+
+
+createConfigmap: true
+
+
+ConfigmapMounts: []
+ # - name: configMap-file
+ # mountPath: /config
+ # configMap: configMap-file
+ # readOnly: true
+
+
+SecretMounts:
+# - name: secret-file
+# secret:
+# secretName: secret-file
+
+
+##
+extraSecretMounts: []
+ # - name: secret-files
+ # mountPath: /etc/secrets
+ # secretName: secret-files
+ # readOnly: true
+ # subPath: ""
+
+
+##
+EmptyDirMounts: []
+# - name: ""
+# mountPath: /
+
+
+##
+# Apply extra labels to common labels.
+extraLabels: {}
+
+
+## Assign a PriorityClassName to pods if set
+# priorityClassName:
+
+
+## Pod Annotations
+# podAnnotations: {}
+
+
+## Pod Labels
+# podLabels: {}
+
+
+## Expose the dubbo-admin service to be accessed from outside the cluster (LoadBalancer service).
+## or access it from within the cluster (ClusterIP service). Set the service type and the port to serve it.
+## ref: http://kubernetes.io/docs/user-guide/services/
+##
service:
+ name: http
+ ##
+ ##
+ ##
+ enabled: true
+ ##
+ ##
+ ##
type: ClusterIP
+ ##
+ ##
+ ##
+ clusterIP: []
+ ##
+ ##
+ ##
+ loadBalancerIP: []
+ ##
+ ##
+ ##
+ loadBalancerSourceRanges: []
+ ##
+ ##
+ ##
+ externalIPs: []
+ ##
+ ##
+ ##
+ nodePort: []
+ ##
+ ##
+ ##
+ path: /
+ ##
+ ##
+ ##
port: 38080
+ ##
+ ##
+ ##
+ targetPort: http
+ ##
+ ##
+ ##
+ containerPort: 8080
+ ##
+ ##
+ ##
+ protocol: TCP
+ ##
+ ##
+ ##
+ ## Service annotations. Can be templated.
+ annotations: {}
+ labels: {}
+ portName: service
+ appProtocol: ""
+
ingress:
enabled: false
- className: ""
+ # For Kubernetes >= 1.18 you should specify the ingress-controller via the field ingressClassName
+ # See https://kubernetes.io/blog/2020/04/02/improvements-to-the-ingress-api-in-kubernetes-1.18/#specifying-the-class-of-an-ingress
+ # ingressClassName: nginx
+ # Values can be templated
annotations: {}
# kubernetes.io/ingress.class: nginx
# kubernetes.io/tls-acme: "true"
+ labels: {}
+ path: /
+
+
+ # pathType is only for k8s >= 1.1=
+ pathType: Prefix
+
+
hosts:
- - host: dubbo.local
- paths:
- - path: /
- pathType: ImplementationSpecific
+ - chart-example.local
+ ## Extra paths to prepend to every host configuration. This is useful when working with annotation based services.
+ extraPaths: []
+ # - path: /*
+ # backend:
+ # serviceName: ssl-redirect
+ # servicePort: use-annotation
+ ## Or for k8s > 1.19
+ # - path: /*
+ # pathType: Prefix
+ # backend:
+ # service:
+ # name: ssl-redirect
+ # port:
+ # name: use-annotation
+
+
tls: []
# - secretName: chart-example-tls
# hosts:
# - chart-example.local
-autoscaling:
+resources: {}
+# limits:
+# cpu: 100m
+# memory: 128Mi
+# requests:
+# cpu: 100m
+# memory: 128Mi
+
+## Node labels for pod assignment
+## ref: https://kubernetes.io/docs/user-guide/node-selection/
+#
+nodeSelector: {}
+
+## Tolerations for pod assignment
+## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
+##
+tolerations: []
+
+## Affinity for pod assignment (evaluated as template)
+## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity
+##
+affinity: {}
+
+## Topology Spread Constraints
+## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/
+##
+topologySpreadConstraints: []
+
+## Additional init containers (evaluated as template)
+## ref: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/
+##
+InitContainers: []
+
+
+## Enable persistence using Persistent Volume Claims
+## ref: http://kubernetes.io/docs/user-guide/persistent-volumes/
+##
+persistence:
enabled: false
- minReplicas: 1
- maxReplicas: 100
- targetCPUUtilizationPercentage: 80
- # targetMemoryUtilizationPercentage: 80
+ type: pvc
+ # storageClassName: default
+ accessModes:
+ - ReadWriteOnce
+ size: 10Gi
+ # annotations: {}
+ finalizers:
+ - kubernetes.io/pvc-protection
+ # selectorLabels: {}
+ ## Sub-directory of the PV to mount. Can be templated.
+ # subPath: ""
+ ## Name of an existing PVC. Can be templated.
+ # existingClaim:
+ ## Extra labels to apply to a PVC.
+ extraPvcLabels: {}
-properties: |
- dubbo.application.name=dubbo-admin
+ ## If persistence is not enabled, this allows to mount the
+ ## local storage in-memory to improve performance
+ ##
+ inMemory:
+ enabled: false
+ ## The maximum usage on memory medium EmptyDir would be
+ ## the minimum value between the SizeLimit specified
+ ## here and the sum of memory limits of all containers in a pod
+ ##
+ # sizeLimit: 300Mi
+initChownData:
+ ## If false, data ownership will not be reset at startup
+ ## This allows the dubbo-admin-server to be run with an arbitrary user
+ ##
+ ##
+ ##
+ enabled: true
+ ##
+ ##
+ ## initChownData container image
+ ##
+ ##
+ image:
+ repository: busybox
+ tag: "1.31.1"
+ sha: ""
+ pullPolicy: IfNotPresent
+ ##
+ ##
+ ##
+ ##
+ ## initChownData resource requests and limits
+ ## Ref: http://kubernetes.io/docs/user-guide/compute-resources/
+ ##
+ resources: {}
+ # limits:
+ # cpu: 100m
+ # memory: 128Mi
+ # requests:
+ # cpu: 100m
+ # memory: 128Mi
+ securityContext:
+ runAsNonRoot: false
+ runAsUser: 0
+
+
+## Container Lifecycle Hooks. Execute a specific bash command or make an HTTP request
+lifecycleHooks: {}
+ # postStart:
+ # exec:
+# command: []
+
+
+networkPolicy:
+ ## @param networkPolicy.enabled Enable creation of NetworkPolicy resources. Only Ingress traffic is filtered for now.
+ ##
+ enabled: false
+ ## @param networkPolicy.allowExternal Don't require client label for connections
+ ## The Policy model to apply. When set to false, only pods with the correct
+ ## client label will have network access to dubbo-admin port defined.
+ ## When true, dubbo-admin will accept connections from any source
+ ## (with the correct destination port).
+ ##
+ ingress: true
+ ## @param networkPolicy.ingress When true enables the creation
+ ## an ingress network policy
+ ##
+ allowExternal: true
+ ## @param networkPolicy.explicitNamespacesSelector A Kubernetes LabelSelector to explicitly select namespaces from which traffic could be allowed
+ ## If explicitNamespacesSelector is missing or set to {}, only client Pods that are in the networkPolicy's namespace
+ ## and that match other criteria, the ones that have the good label, can reach the dubbo-admin.
+ ## But sometimes, we want the dubbo-admin to be accessible to clients from other namespaces, in this case, we can use this
+ ## LabelSelector to select these namespaces, note that the networkPolicy's namespace should also be explicitly added.
+ ##
+ ## Example:
+ ## explicitNamespacesSelector:
+ ## matchLabels:
+ ## role: frontend
+ ## matchExpressions:
+ ## - {key: role, operator: In, values: [frontend]}
+ ##
+ explicitNamespacesSelector: {}
+ ##
+ ##
+ ##
+ ##
+ ##
+ ##
+ egress:
+ ## @param networkPolicy.egress.enabled When enabled, an egress network policy will be
+ ## created allowing dubbo-admin to connect to external data sources from kubernetes cluster.
+ enabled: false
+ ##
+ ## @param networkPolicy.egress.ports Add individual ports to be allowed by the egress
+ ports: []
+ ## Add ports to the egress by specifying - port: <port number>
+ ## E.X.
+ ## ports:
+ ## - port: 80
+ ## - port: 443
+
+properties:
+ admin.registry.address: zookeeper://zookeeper:2181
+ admin.config-center: zookeeper://zookeeper:2181
+ admin.metadata-report.address: zookeeper://zookeeper:2181
+ admin.root.user.name: root
+ admin.root.user.password: root
+ admin.check.sessionTimeoutMilli: 3600000
+ server.compression.enabled: true
+ server.compression.mime-types: text/css,text/javascript,application/javascript
+ server.compression.min-response-size: 10240
+ admin.check.tokenTimeoutMilli: 3600000
+ admin.check.signSecret: 86295dd0c4ef69a1036b0b0c15158d77
+ dubbo.application.name: dubbo-admin
+ dubbo.registry.address: ${admin.registry.address}
+ spring.datasource.url: jdbc:h2:mem:~/dubbo-admin;MODE=MYSQL;
+ spring.datasource.username: sa
+ spring.datasource.password:
+ mybatis-plus.global-config.db-config.id-type: none
+ dubbo.application.logger: slf4j
+
+ # nacos config, add parameters to url like username=nacos&password=nacos
+ # admin.registry.address: nacos://127.0.0.1:8848?group=DEFAULT_GROUP&namespace=public
+ # admin.config-center: nacos://127.0.0.1:8848?group=dubbo
+ # admin.metadata-report.address: nacos://127.0.0.1:8848?group=dubbo
+
+
+ # group (Deprecated it is recommended to use URL to add parameters,will be removed in the future)
+ # admin.registry.group: dubbo
+ # admin.config-center.group: dubbo
+ # admin.metadata-report.group: dubbo
+
+ # namespace used by nacos.(Deprecated it is recommended to use URL to add parameters,will be removed in the future)
+ # admin.registry.namespace: public
+ # admin.config-center.namespace: public
+ # admin.metadata-report.namespace: public
+
+ # apollo config
+ # admin.config-center: apollo://localhost:8070?token=e16e5cd903fd0c97a116c873b448544b9d086de9&app.id=test&env=dev&cluster=default&namespace=dubbo
+ # admin.apollo.token: e16e5cd903fd0c97a116c873b448544b9d086de9
+ # admin.apollo.appId: test
+ # admin.apollo.env: dev
+ # admin.apollo.cluster: default
+
+ # mysql
+ # spring.datasource.driver-class-name: com.mysql.jdbc.Driver
+ # spring.datasource.url: jdbc:mysql://localhost:3306/dubbo-admin?characterEncoding=utf8&connectTimeout=1000&socketTimeout=10000&autoReconnect=true
+ # spring.datasource.username: root
+ # spring.datasource.password: mysql
\ No newline at end of file
