feat: add helm chart for kubeadmiral

kubewharf · Jun 5, 2024 · 2bd2e5a · 2bd2e5a
1 parent 79c6330
commit 2bd2e5a
Show file tree

Hide file tree

Showing 30 changed files with 4,325 additions and 12 deletions.
diff --git a/charts/kubeadmiral/.helmignore b/charts/kubeadmiral/.helmignore
@@ -0,0 +1,23 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*.orig
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/
diff --git a/charts/kubeadmiral/Chart.yaml b/charts/kubeadmiral/Chart.yaml
@@ -0,0 +1,24 @@
+apiVersion: v2
+name: kubeadmiral
+description: A Helm chart for kubeadmiral
+
+# A chart can be either an 'application' or a 'library' chart.
+#
+# Application charts are a collection of templates that can be packaged into versioned archives
+# to be deployed.
+#
+# Library charts provide useful utilities or functions for the chart developer. They're included as
+# a dependency of application charts to inject those utilities and functions into the rendering
+# pipeline. Library charts do not define any templates and therefore cannot be deployed.
+type: application
+
+# This is the chart version. This version number should be incremented each time you make changes
+# to the chart and its templates, including the app version.
+# Versions are expected to follow Semantic Versioning (https://semver.org/)
+version: 1.0.0
+
+# This is the version number of the application being deployed. This version number should be
+# incremented each time you make changes to the application. Versions are not expected to
+# follow Semantic Versioning. They should reflect the version the application is using.
+# It is recommended to use it with quotes.
+appVersion: "1.0.0"
diff --git a/charts/kubeadmiral/README.md b/charts/kubeadmiral/README.md
@@ -0,0 +1,106 @@
+## Installation KubeAdmiral by Helm Chart
+
+### Prerequisites
+
+Make sure the following tools are installed in the environment before installing KubeAdmiral:
+
+- Kubernetes cluster version v1.20.15+
+- [Helm](https://helm.sh/) version v3+
+- [Kubectl](https://github.com/kubernetes/kubectl) version v0.20.15+
+
+### Installation steps
+
+If you already have a Kubernetes cluster, you can install the KubeAdmiral control plane on your cluster using the helm chart. To install KubeAdmiral, follow these steps:
+
+1.Get the Chart package for KubeAdmiral and install it:
+
+Get the Chart package locally and install it.
+
+```Bash
+$ git clone https://github.com/kubewharf/kubeadmiral
+
+$ cd kubeadmiral
+
+$ helm install kubeadmiral -n kubeadmiral-system --create-namespace --dependency-update ./charts/kubeadmiral
+```
+
+2.Wait and check if the package has been installed successfully
+
+Use your Kubernetes cluster kubeconfig to see if the following components of KubeAdmiral have been successfully running:
+
+```Bash
+$ kubectl get pods -n kubeadmiral-system
+
+NAME                                                  READY   STATUS    RESTARTS      AGE
+etcd-0                                                1/1     Running   0             13h
+kubeadmiral-apiserver-5767cd4f56-gvnqq                1/1     Running   0             13h
+kubeadmiral-controller-manager-5f598574c9-zjmf9       1/1     Running   0             13h
+kubeadmiral-hpa-aggregator-59ccd7b484-phbr6           2/2     Running   0             13h
+kubeadmiral-kube-controller-manager-6bd7dcf67-2zpqw   1/1     Running   2 (13h ago)   13h
+```
+
+3.Export the kubeconfig of KubeAdmiral
+
+After executing the following command, the kubeconfig for connecting to KubeAdmiral will be exported to the kubeadmiral-kubeconfig file.
+
+> Note that the address in the kubeconfig is set to the internal service address of KubeAdmiral-apiserver:
+
+```Bash
+$ kubectl get secret -n kubeadmiral-system kubeadmiral-kubeconfig-secret -o jsonpath={.data.kubeconfig} | base64 -d > kubeadmiral-kubeconfig
+```
+
+If you specified an external address when installing KubeAdmiral, we will automatically generate a kubeconfig using the external address. You can export it to the external-kubeadmiral-kubeconfig file by running the following command:
+
+```Bash
+$ kubectl get secret -n kubeadmiral-system kubeadmiral-kubeconfig-secret -o jsonpath={.data.external-kubeconfig} | base64 -d > external-kubeadmiral-kubeconfig
+```
+
+### Uninstallation steps
+
+Uninstall the KubeAdmiral Helm chart in the kubeadmiral-system namespace:
+
+```Bash
+$ helm uninstall -n kubeadmiral-system kubeadmiral 
+```
+
+This command will delete all Kubernetes resources associated with the Chart:
+
+> Note: The following permissions and namespace resources are relied on when installing and uninstalling helmchart, so they cannot be deleted automatically and require you to clean them up manually.
+
+```Bash
+$ kubectl delete clusterrole kubeadmiral-pre-install-job
+
+$ kubectl delete clusterrolebinding kubeadmiral-pre-install-job
+
+$ kubectl delete ns kubeadmiral-system
+```
+
+### Configuration parameters
+
+| Name                                          | Description                                                  | Default Value                                                |
+| --------------------------------------------- | ------------------------------------------------------------ | ------------------------------------------------------------ |
+| clusterDomain                                 | Default cluster domain of Kubernetes cluster                 | "cluster.local"                                              |
+| etcd.image.name                               | Image name used by KubeAdmiral etcd                          | "registry.k8s.io/etcd:3.4.13-0"                              |
+| etcd.image.pullPolicy                         | Pull mode of etcd image                                      | "IfNotPresent"                                               |
+| etcd.certHosts                                | Hosts accessible with etcd certificate                       | ["kubernetes.default.svc", ".etcd.{{ .Release.Namespace }}.svc.{{ .Values.clusterDomain }}", "*.{{ .Release.Namespace }}.svc.{{ .Values.clusterDomain }}", "*.{{ .Release.Namespace }}.svc", "localhost", "127.0.0.1"] |
+| apiServer.image.name                          | Image name of kubeadmiral-apiserver                          | "registry.k8s.io/kube-apiserver:v1.20.15"                    |
+| apiServer.image.pullPolicy                    | Pull mode of kubeadmiral-apiserver image                     | "IfNotPresent"                                               |
+| apiServer.certHosts                           | Hosts supported by kubeadmiral-apiserver certificate         | ["kubernetes.default.svc", ".etcd.{{ .Release.Namespace }}.svc.{{ .Values.clusterDomain }}", "*.{{ .Release.Namespace }}.svc.{{ .Values.clusterDomain }}", "*.{{ .Release.Namespace }}.svc", "localhost", "127.0.0.1"] |
+| apiServer.hostNetwork                         | Deploy kubeadmiral-apiserver with hostNetwork. If there are multiple kubeadmirals in one cluster, you'd better set it to "false" | "false"                                                      |
+| apiServer.serviceType                         | Service type of kubeadmiral-apiserver                        | "ClusterIP"                                                  |
+| apiServer.externalIP                          | Exposed IP of kubeadmiral-apiserver. If you want to expose the apiserver to the outside, you can set this field, which will write the external IP into the certificate and generate a kubeconfig with the external IP. | ""                                                           |
+| apiServer.nodePort                            | Node port used for the 'apiserver'. This will take effect when 'apiServer.serviceType' is set to 'NodePort'. If no port is specified, a node port will be automatically assigned. | 0                                                            |
+| apiServer.certHosts                           | Hosts supported by the kubeadmiral-apiserver certificate     | ["kubernetes.default.svc", ".etcd.{{ .Release.Namespace }}.svc.{{ .Values.clusterDomain }}", "*.{{ .Release.Namespace }}.svc.{{ .Values.clusterDomain }}", "*.{{ .Release.Namespace }}.svc", "localhost", "127.0.0.1", "{{ .Values.apiServer.externalIP }}"] |
+| kubeControllerManager.image.name              | Image name of kube-controller-manager                        | "registry.k8s.io/kube-controller-manager:v1.20.15"           |
+| kubeControllerManager.image.pullPolicy        | Pull mode of kube-controller-manager image                   | "IfNotPresent"                                               |
+| kubeControllerManager.controllers             | Controllers that kube-controller-manager component needs to start | "namespace,garbagecollector"                                 |
+| kubeadmiralControllerManager.image.name       | Image name of kubeadmiral-controller-manager                 | "docker.io/kubewharf/kubeadmiral-controller-manager:v1.0.0"  |
+| kubeadmiralControllerManager.image.pullPolicy | Pull mode of kubeadmiral-controller-manager image            | "IfNotPresent"                                               |
+| kubeadmiralControllerManager.extraCommandArgs | Additional startup parameters of kubeadmiral-controller-manager | {}                                                           |
+| kubeadmiralHpaAggregator.image.name           | Image name of kubeadmiral-hpa-aggregator                     | "docker.io/kubewharf/kubeadmiral-hpa-aggregator:v1.0.0"      |
+| kubeadmiralHpaAggregator.image.pullPolicy     | Pull mode of kubeadmiral-hpa-aggregator image                | "IfNotPresent"                                               |
+| kubeadmiralHpaAggregator.extraCommandArgs     | Additional startup parameters of kubeadmiral-hpa-aggregator  | {}                                                           |
+| installTools.cfssl.image.name                 | cfssl image name for KubeAdmiral installer                   | "docker.io/cfssl/cfssl:latest"                               |
+| installTools.cfssl.image.pullPolicy           | cfssl image pull policy                                      | "IfNotPresent"                                               |
+| installTools.kubectl.image.name               | kubectl image name for KubeAdmiral installer                 | "docker.io/bitnami/kubectl:1.22.10"                          |
+| installTools.kubectl.image.pullPolicy         | kubectl image pull policy                                    | "IfNotPresent"                                               |
diff --git a/..._control_plane/crds/core_kubeadmiral_io/core.kubeadmiral.io_clustercollectedstatuses.yaml b/..._control_plane/crds/core_kubeadmiral_io/core.kubeadmiral.io_clustercollectedstatuses.yaml
@@ -0,0 +1,62 @@
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  annotations:
+    controller-gen.kubebuilder.io/version: v0.11.1
+    kubeadmiral.io/no-federated-resource: "true"
+  creationTimestamp: null
+  name: clustercollectedstatuses.core.kubeadmiral.io
+spec:
+  group: core.kubeadmiral.io
+  names:
+    kind: ClusterCollectedStatus
+    listKind: ClusterCollectedStatusList
+    plural: clustercollectedstatuses
+    shortNames:
+      - ccs
+    singular: clustercollectedstatus
+  scope: Cluster
+  versions:
+    - name: v1alpha1
+      schema:
+        openAPIV3Schema:
+          description: ClusterCollectedStatus stores the collected fields of Kubernetes objects from member clusters, that are propagated by a ClusterFederatedObject.
+          properties:
+            apiVersion:
+              description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+              type: string
+            clusters:
+              description: Clusters is the list of member clusters and collected fields for its propagated Kubernetes object.
+              items:
+                description: CollectedFieldsWithCluster stores the collected fields of a Kubernetes object in a member cluster.
+                properties:
+                  cluster:
+                    description: Cluster is the name of the member cluster.
+                    type: string
+                  collectedFields:
+                    description: CollectedFields is the the set of fields collected for the Kubernetes object.
+                    x-kubernetes-preserve-unknown-fields: true
+                  error:
+                    description: Error records any errors encountered while collecting fields from the cluster.
+                    type: string
+                required:
+                  - cluster
+                  - collectedFields
+                type: object
+              type: array
+            kind:
+              description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+              type: string
+            lastUpdateTime:
+              description: LastUpdateTime is the last time that a collection was performed.
+              format: date-time
+              type: string
+            metadata:
+              type: object
+          required:
+            - clusters
+            - lastUpdateTime
+          type: object
+      served: true
+      storage: true