bump k8s-dashboard to v0.8.0

charts/kubernetes-dashboard/latest/Chart.yaml

 name: kubernetes-dashboard
-version: 0.6.8
-appVersion: 1.8.3
+version: 0.8.0
+appVersion: 1.10.0
 description: General-purpose web UI for Kubernetes clusters
 keywords:
 - kubernetes

charts/kubernetes-dashboard/latest/questions.yml

-namespace: kube-system
 rancher_version: v2.0.7
 categories:
 - dashboard
@@ -17,7 +16,7 @@ questions:
     type: string
     label: Image Repository
   - variable: image.tag
-    default: "v1.8.3"
+    default: "v1.10.0"
     description: "Docker image tag"
     type: string
     label: Image Tag

charts/kubernetes-dashboard/latest/templates/NOTES.txt

@@ -26,5 +26,7 @@ Get the Kubernetes Dashboard URL by running:
 {{- else if contains "ClusterIP"  .Values.service.type }}
 
 Get the Kubernetes Dashboard URL by running:
-  kubectl cluster-info | grep dashboard
+  export POD_NAME=$(kubectl get pods -n {{ .Release.Namespace }} -l "app={{ template "kubernetes-dashboard.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
+  echo https://127.0.0.1:8443/
+  kubectl -n {{ .Release.Namespace }} port-forward $POD_NAME 8443:8443
 {{- end }}

charts/kubernetes-dashboard/latest/templates/deployment.yaml

@@ -12,7 +12,7 @@ metadata:
 {{ toYaml .Values.labels | indent 4 }}
 {{- end }}
 spec:
-  replicas: 1
+  replicas: {{ .Values.replicaCount }}
   strategy:
     rollingUpdate:
       maxSurge: 0
@@ -50,8 +50,8 @@ spec:
             scheme: HTTPS
             path: /
             port: 8443
-          initialDelaySeconds: 30
-          timeoutSeconds: 30
+          initialDelaySeconds: {{ .Values.livenessProbe.initialDelaySeconds }}
+          timeoutSeconds: {{ .Values.livenessProbe.timeoutSeconds }}
         resources:
 {{ toYaml .Values.resources | indent 10 }}
     {{- if .Values.nodeSelector }}
@@ -68,3 +68,7 @@ spec:
       tolerations:
 {{ toYaml .Values.tolerations | indent 8 }}
     {{- end }}
+    {{- if .Values.affinity }}
+        affinity:
+{{ toYaml .Values.affinity | indent 8 }}
+    {{- end }}

charts/kubernetes-dashboard/latest/templates/ingress.yaml

@@ -13,7 +13,6 @@ metadata:
     heritage: {{ .Release.Service }}
 {{- if .Values.ingress.annotations }}
   annotations:
-    nginx.org/redirect-to-https: true
 {{ toYaml .Values.ingress.annotations | indent 4 }}
 {{- end }}
 spec:

charts/kubernetes-dashboard/latest/templates/role.yaml

@@ -8,7 +8,7 @@ metadata:
     heritage: {{ .Release.Service }}
     release: {{ .Release.Name }}
   name: {{ template "kubernetes-dashboard.fullname" . }}
-  namespace: kube-system
+  namespace: {{ .Release.Namespace }}
 rules:
   # Allow Dashboard to create 'kubernetes-dashboard-key-holder' secret.
 - apiGroups:

charts/kubernetes-dashboard/latest/templates/rolebinding.yaml

 {{- if .Values.rbac.create }}
+
 {{- if .Values.rbac.clusterAdminRole }}
 # Cluster role binding for clusterAdminRole == true
 apiVersion: rbac.authorization.k8s.io/v1beta1
@@ -17,7 +18,7 @@ roleRef:
 subjects:
   - kind: ServiceAccount
     name: {{ template "kubernetes-dashboard.serviceAccountName" . }}
-    namespace: kube-system
+    namespace: {{ .Release.Namespace }}
 {{- else -}}
 # Role binding for clusterAdminRole == false
 apiVersion: rbac.authorization.k8s.io/v1beta1
@@ -29,7 +30,7 @@ metadata:
     heritage: {{ .Release.Service }}
     release: {{ .Release.Name }}
   name: {{ template "kubernetes-dashboard.fullname" . }}
-  namespace: kube-system
+  namespace: {{ .Release.Namespace }}
 roleRef:
   apiGroup: rbac.authorization.k8s.io
   kind: Role
@@ -37,6 +38,6 @@ roleRef:
 subjects:
   - kind: ServiceAccount
     name: {{ template "kubernetes-dashboard.serviceAccountName" . }}
-    namespace: kube-system
+    namespace: {{ .Release.Namespace }}
 {{- end -}}
 {{- end -}}

charts/kubernetes-dashboard/latest/templates/secret.yaml

@@ -7,5 +7,5 @@ metadata:
     heritage: {{ .Release.Service }}
     release: {{ .Release.Name }}
   name: {{ template "kubernetes-dashboard.fullname" . }}
-  namespace: kube-system
+  namespace: {{ .Release.Namespace }}
 type: Opaque

charts/kubernetes-dashboard/latest/templates/serviceaccount.yaml

@@ -8,5 +8,5 @@ metadata:
     heritage: {{ .Release.Service }}
     release: {{ .Release.Name }}
   name: {{ template "kubernetes-dashboard.serviceAccountName" . }}
-  namespace: kube-system
+  namespace: {{ .Release.Namespace }}
 {{- end -}}

charts/kubernetes-dashboard/latest/templates/svc.yaml

@@ -18,8 +18,7 @@ metadata:
 spec:
   type: {{ .Values.service.type }}
   ports:
-  - name: https
-    port: {{ .Values.service.externalPort }}
+  - port: {{ .Values.service.externalPort }}
     targetPort: https
 {{- if .Values.service.nodePort }}
     nodePort: {{ .Values.service.nodePort }}

charts/kubernetes-dashboard/latest/values.yaml

@@ -5,10 +5,12 @@
 
 image:
   repository: k8s.gcr.io/kubernetes-dashboard-amd64
-  tag: v1.8.3
+  tag: v1.10.0
   pullPolicy: IfNotPresent
 
-## Here labels can be added to the kubernets dashboard deployment
+replicaCount: 1
+
+## Here labels can be added to the kubernetes dashboard deployment
 ##
 labels: {}
 # kubernetes.io/cluster-service: "true"
@@ -32,6 +34,11 @@ tolerations: []
 #    value: "value"
 #    effect: "NoSchedule|PreferNoSchedule|NoExecute"
 
+## Affinity
+## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity
+affinity: {}
+
+
 service:
   type: ClusterIP
   externalPort: 443
@@ -54,10 +61,10 @@ service:
 resources:
   limits:
     cpu: 100m
-    memory: 50Mi
+    memory: 100Mi
   requests:
     cpu: 100m
-    memory: 50Mi
+    memory: 100Mi
 
 ingress:
   ## If true, Kubernetes Dashboard Ingress will be created.
@@ -73,7 +80,7 @@ ingress:
 
   ## Kubernetes Dashboard Ingress path
   ##
-  path: ""
+  path: /
 
   ## Kubernetes Dashboard Ingress hostnames
   ## Must be provided if Ingress is enabled
@@ -103,3 +110,9 @@ serviceAccount:
   # The name of the service account to use.
   # If not set and create is true, a name is generated using the fullname template
   name:
+
+livenessProbe:
+  # Number of seconds to wait before sending first probe
+  initialDelaySeconds: 30
+  # Number of seconds to wait for probe response
+  timeoutSeconds: 30

charts/kubernetes-dashboard/v0.6.8/.helmignore

+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj

charts/kubernetes-dashboard/v0.6.8/Chart.yaml

+name: kubernetes-dashboard
+version: 0.6.8
+appVersion: 1.8.3
+description: General-purpose web UI for Kubernetes clusters
+keywords:
+- kubernetes
+- dashboard
+home: https://github.com/kubernetes/dashboard
+sources:
+- https://github.com/kubernetes/dashboard
+maintainers:
+- name: kfox1111
+  email: Kevin.Fox@pnnl.gov
+icon: https://raw.githubusercontent.com/kubernetes/kubernetes/master/logo/logo.svg

charts/kubernetes-dashboard/v0.6.8/README.md

+## Configuration
+
+The following table lists the configurable parameters of the kubernetes-dashboard chart and their default values.
+
+| Parameter                 | Description                                                                                                                 | Default                                                                  |
+|---------------------------|-----------------------------------------------------------------------------------------------------------------------------|--------------------------------------------------------------------------|
+| `image.repository`        | Repository for container image                                                                                              | `k8s.gcr.io/kubernetes-dashboard-amd64`                                  |
+| `image.tag`               | Image tag                                                                                                                   | `v1.8.3`                                                                 |
+| `image.pullPolicy`        | Image pull policy                                                                                                           | `IfNotPresent`                                                           |
+| `extraArgs`               | Additional container arguments                                                                                              | `[]`                                                                     |
+| `nodeSelector`            | node labels for pod assignment                                                                                              | `{}`                                                                     |
+| `tolerations`             | List of node taints to tolerate (requires Kubernetes >= 1.6)                                                                | `[]`                                                                     |
+| `service.externalPort`    | Dashboard external port                                                                                                     | 443                                                                      |
+| `service.internalPort`    | Dashboard internal port                                                                                                     | 443                                                                      |
+| `ingress.annotations`     | Specify ingress class                                                                                                       | `kubernetes.io/ingress.class: nginx` |
+| `ingress.enabled`         | Enable ingress controller resource                                                                                          | `false`                                                                  |
+| `ingress.path`            | Path to match against incoming requests. Must begin with a '/'                                                              | `/`                                                                  |
+| `ingress.hosts`           | Dashboard Hostnames                                                                                                         | `nil`                                                                    |
+| `ingress.tls`             | Ingress TLS configuration                                                                                                   | `[]`                                                                     |
+| `resources`               | Pod resource requests & limits                                                                                              | `limits: {cpu: 100m, memory: 50Mi}, requests: {cpu: 100m, memory: 50Mi}` |
+| `rbac.create`             | Create & use RBAC resources                                                                                                 | `true`                                                                   |
+| `rbac.clusterAdminRole`   | "cluster-admin" ClusterRole will be used for dashboard ServiceAccount ([NOT RECOMMENDED](#access-control))                  | `false`                                                                  |
+| `serviceAccount.create`   | Whether a new service account name that the agent will use should be created.                                               | `true`                                                                   |
+| `serviceAccount.name`     | Service account to be used. If not set and serviceAccount.create is `true` a name is generated using the fullname template. |                                                                          |

charts/kubernetes-dashboard/v0.6.8/app-readme.md

+# kubernetes-dashboard
+
+[Kubernetes Dashboard](https://github.com/kubernetes/dashboard) is a general purpose, web-based UI for Kubernetes clusters. It allows users to manage applications running in the cluster and troubleshoot them, as well as manage the cluster itself.
+
+## Access control
+
+IMPORTANT: 
+
+You must be a cluster admin to be able to deploy Kubernetes Dashboard. 
+
+WARNING: 
+
+Once the Dashboard is deployed with cluster admin role, anyone with access to this project can access the Dashboard and therefore gain access to the entire Kubernetes cluster!!!
+
+It is critical for the Kubernetes cluster to correctly setup access control of Kubernetes Dashboard. See this [guide](https://github.com/kubernetes/dashboard/wiki/Access-control) for best practises.
+
+It is highly recommended to use RBAC with minimal privileges needed for Dashboard to run.
+
+`Notes: Dashboard is required to be installed in the System Project`

charts/kubernetes-dashboard/v0.6.8/questions.yml

+namespace: kube-system
+rancher_version: v2.0.7
+categories:
+- dashboard
+questions:
+- variable: defaultImage
+  default: true
+  description: "Use default Docker image"
+  label: Use Default Image
+  type: boolean
+  show_subquestion_if: false
+  group: "Container Images"
+  subquestions:
+  - variable: image.repository
+    default: "k8s.gcr.io/kubernetes-dashboard-amd64"
+    description: "Docker image repository"
+    type: string
+    label: Image Repository
+  - variable: image.tag
+    default: "v1.8.3"
+    description: "Docker image tag"
+    type: string
+    label: Image Tag
+- variable: rbac.clusterAdminRole
+  required: true
+  default: false
+  description: "IMPORTANT: Granting admin privileges to Dashboard's Service Account might be a security risk, makeing sure that you know what you are doing before proceeding."
+  type: boolean
+  label: "IMPORTANT: Enable Dashboard Cluster Admin Role"

charts/kubernetes-dashboard/v0.6.8/templates/NOTES.txt

+*********************************************************************************
+*** PLEASE BE PATIENT: kubernetes-dashboard may take a few minutes to install ***
+*********************************************************************************
+
+{{- if .Values.ingress.enabled }}
+From outside the cluster, the server URL(s) are:
+{{- range .Values.ingress.hosts }}
+     https://{{ . }}
+{{- end }}
+
+{{- else if contains "NodePort" .Values.service.type }}
+
+Get the Kubernetes Dashboard URL by running:
+  export NODE_PORT=$(kubectl get -o jsonpath="{.spec.ports[0].nodePort}" services {{ template "kubernetes-dashboard.fullname" . }})
+  export NODE_IP=$(kubectl get nodes -o jsonpath="{.items[0].status.addresses[0].address}")
+  echo https://$NODE_IP:$NODE_PORT/
+
+{{- else if contains "LoadBalancer" .Values.service.type }}
+
+  NOTE: It may take a few minutes for the LoadBalancer IP to be available.
+        Watch the status with: 'kubectl get svc -w {{ template "kubernetes-dashboard.fullname" . }}'
+
+Get the Kubernetes Dashboard URL by running:
+  export SERVICE_IP=$(kubectl get svc {{ template "kubernetes-dashboard.fullname" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
+  echo https://$SERVICE_IP/
+{{- else if contains "ClusterIP"  .Values.service.type }}
+
+Get the Kubernetes Dashboard URL by running:
+  kubectl cluster-info | grep dashboard
+{{- end }}

charts/kubernetes-dashboard/v0.6.8/templates/_helpers.tpl

+{{/* vim: set filetype=mustache: */}}
+{{/*
+Expand the name of the chart.
+*/}}
+{{- define "kubernetes-dashboard.name" -}}
+{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+{{/*
+Create a default fully qualified app name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+If release name contains chart name it will be used as a full name.
+*/}}
+{{- define "kubernetes-dashboard.fullname" -}}
+{{- if .Values.fullnameOverride -}}
+{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
+{{- else -}}
+{{- $name := default .Chart.Name .Values.nameOverride -}}
+{{- if contains $name .Release.Name -}}
+{{- .Release.Name | trunc 63 | trimSuffix "-" -}}
+{{- else -}}
+{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Create chart name and version as used by the chart label.
+*/}}
+{{- define "kubernetes-dashboard.chart" -}}
+{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+{{/*
+Create the name of the service account to use
+*/}}
+{{- define "kubernetes-dashboard.serviceAccountName" -}}
+{{- if .Values.serviceAccount.create -}}
+    {{ default (include "kubernetes-dashboard.fullname" .) .Values.serviceAccount.name }}
+{{- else -}}
+    {{ default "default" .Values.serviceAccount.name }}
+{{- end -}}
+{{- end -}}

charts/kubernetes-dashboard/v0.6.8/templates/deployment.yaml

+apiVersion: extensions/v1beta1
+kind: Deployment
+metadata:
+  name: {{ template "kubernetes-dashboard.fullname" . }}
+  labels:
+    app: {{ template "kubernetes-dashboard.name" . }}
+    chart: {{ template "kubernetes-dashboard.chart" . }}
+    release: {{ .Release.Name }}
+    heritage: {{ .Release.Service }}
+    kubernetes.io/cluster-service: "true"
+{{- if .Values.labels }}
+{{ toYaml .Values.labels | indent 4 }}
+{{- end }}
+spec:
+  replicas: 1
+  strategy:
+    rollingUpdate:
+      maxSurge: 0
+      maxUnavailable: 1
+    type: RollingUpdate
+  template:
+    metadata:
+      labels:
+        app: {{ template "kubernetes-dashboard.name" . }}
+        release: {{ .Release.Name }}
+        kubernetes.io/cluster-service: "true"
+    spec:
+      serviceAccountName: {{ template "kubernetes-dashboard.serviceAccountName" . }}
+      containers:
+      - name: {{ .Chart.Name }}
+        image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
+        imagePullPolicy: {{ .Values.image.pullPolicy }}
+        args:
+          - --auto-generate-certificates
+{{- if .Values.extraArgs }}
+{{ toYaml .Values.extraArgs | indent 10 }}
+{{- end }}
+        ports:
+        - name: https
+          containerPort: 8443
+          protocol: TCP
+        volumeMounts:
+        - name: kubernetes-dashboard-certs
+          mountPath: /certs
+          # Create on-disk volume to store exec logs
+        - mountPath: /tmp
+          name: tmp-volume
+        livenessProbe:
+          httpGet:
+            scheme: HTTPS
+            path: /
+            port: 8443
+          initialDelaySeconds: 30
+          timeoutSeconds: 30
+        resources:
+{{ toYaml .Values.resources | indent 10 }}
+    {{- if .Values.nodeSelector }}
+      nodeSelector:
+{{ toYaml .Values.nodeSelector | indent 8 }}
+    {{- end }}
+      volumes:
+      - name: kubernetes-dashboard-certs
+        secret:
+          secretName: {{ template "kubernetes-dashboard.fullname" . }}
+      - name: tmp-volume
+        emptyDir: {}
+    {{- if .Values.tolerations }}
+      tolerations:
+{{ toYaml .Values.tolerations | indent 8 }}
+    {{- end }}

charts/kubernetes-dashboard/v0.6.8/templates/ingress.yaml

+{{- if .Values.ingress.enabled -}}
+{{- $serviceName := include "kubernetes-dashboard.fullname" . -}}
+{{- $servicePort := .Values.service.externalPort -}}
+{{- $path := .Values.ingress.path -}}
+apiVersion: extensions/v1beta1
+kind: Ingress
+metadata:
+  name: {{ template "kubernetes-dashboard.fullname" . }}
+  labels:
+    app: {{ template "kubernetes-dashboard.name" . }}
+    chart: {{ template "kubernetes-dashboard.chart" . }}
+    release: {{ .Release.Name }}
+    heritage: {{ .Release.Service }}
+{{- if .Values.ingress.annotations }}
+  annotations:
+    nginx.org/redirect-to-https: true
+{{ toYaml .Values.ingress.annotations | indent 4 }}
+{{- end }}
+spec:
+  rules:
+  {{- if .Values.ingress.hosts }}
+  {{- range $host := .Values.ingress.hosts }}
+    - host: {{ $host }}
+      http:
+        paths:
+          - path: {{ $path }}
+            backend:
+              serviceName: {{ $serviceName }}
+              servicePort: {{ $servicePort }}
+  {{- end -}}
+  {{- else }}
+    - http:
+        paths:
+          - path: {{ $path }}
+            backend:
+              serviceName: {{ $serviceName }}
+              servicePort: {{ $servicePort }}
+  {{- end -}}
+  {{- if .Values.ingress.tls }}
+  tls:
+{{ toYaml .Values.ingress.tls | indent 4 }}
+  {{- end -}}
+{{- end -}}

charts/kubernetes-dashboard/v0.6.8/templates/role.yaml

+{{- if and .Values.rbac.create (not .Values.rbac.clusterAdminRole) }}
+apiVersion: rbac.authorization.k8s.io/v1beta1
+kind: Role
+metadata:
+  labels:
+    app: {{ template "kubernetes-dashboard.name" . }}
+    chart: {{ template "kubernetes-dashboard.chart" . }}
+    heritage: {{ .Release.Service }}
+    release: {{ .Release.Name }}
+  name: {{ template "kubernetes-dashboard.fullname" . }}
+  namespace: kube-system
+rules:
+  # Allow Dashboard to create 'kubernetes-dashboard-key-holder' secret.
+- apiGroups:
+    - ""
+  resources:
+    - secrets
+  verbs:
+    - create
+
+  # Allow Dashboard to create 'kubernetes-dashboard-settings' config map.
+- apiGroups:
+    - ""
+  resources:
+    - configmaps
+  verbs:
+    - create
+
+  # Allow Dashboard to get, update and delete Dashboard exclusive secrets.
+- apiGroups:
+    - ""
+  resources:
+    - secrets
+  resourceNames:
+    - kubernetes-dashboard-key-holder
+    - {{ template "kubernetes-dashboard.fullname" . }}
+  verbs:
+    - get
+    - update
+    - delete
+
+  # Allow Dashboard to get and update 'kubernetes-dashboard-settings' config map.
+- apiGroups:
+    - ""
+  resources:
+    - configmaps
+  resourceNames:
+    - kubernetes-dashboard-settings
+  verbs:
+    - get
+    - update
+
+  # Allow Dashboard to get metrics from heapster.
+- apiGroups:
+    - ""
+  resources:
+    - services
+  resourceNames:
+    - heapster
+  verbs:
+    - proxy
+- apiGroups:
+    - ""
+  resources:
+    - services/proxy
+  resourceNames:
+    - heapster
+    - "http:heapster:"
+    - "https:heapster:"
+  verbs:
+    - get
+{{- end -}}

charts/kubernetes-dashboard/v0.6.8/templates/rolebinding.yaml

+{{- if .Values.rbac.create }}
+{{- if .Values.rbac.clusterAdminRole }}
+# Cluster role binding for clusterAdminRole == true
+apiVersion: rbac.authorization.k8s.io/v1beta1
+kind: ClusterRoleBinding
+metadata:
+  labels:
+    app: {{ template "kubernetes-dashboard.name" . }}
+    chart: {{ template "kubernetes-dashboard.chart" . }}
+    heritage: {{ .Release.Service }}
+    release: {{ .Release.Name }}
+  name: {{ template "kubernetes-dashboard.fullname" . }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: cluster-admin
+subjects:
+  - kind: ServiceAccount
+    name: {{ template "kubernetes-dashboard.serviceAccountName" . }}
+    namespace: kube-system
+{{- else -}}
+# Role binding for clusterAdminRole == false
+apiVersion: rbac.authorization.k8s.io/v1beta1
+kind: RoleBinding
+metadata:
+  labels:
+    app: {{ template "kubernetes-dashboard.name" . }}
+    chart: {{ template "kubernetes-dashboard.chart" . }}
+    heritage: {{ .Release.Service }}
+    release: {{ .Release.Name }}
+  name: {{ template "kubernetes-dashboard.fullname" . }}
+  namespace: kube-system
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: Role
+  name: {{ template "kubernetes-dashboard.fullname" . }}
+subjects:
+  - kind: ServiceAccount
+    name: {{ template "kubernetes-dashboard.serviceAccountName" . }}
+    namespace: kube-system
+{{- end -}}
+{{- end -}}

charts/kubernetes-dashboard/v0.6.8/templates/secret.yaml

+apiVersion: v1
+kind: Secret
+metadata:
+  labels:
+    app: {{ template "kubernetes-dashboard.name" . }}
+    chart: {{ template "kubernetes-dashboard.chart" . }}
+    heritage: {{ .Release.Service }}
+    release: {{ .Release.Name }}
+  name: {{ template "kubernetes-dashboard.fullname" . }}
+  namespace: kube-system
+type: Opaque

charts/kubernetes-dashboard/v0.6.8/templates/serviceaccount.yaml

+{{- if .Values.serviceAccount.create -}}
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  labels:
+    app: {{ template "kubernetes-dashboard.name" . }}
+    chart: {{ template "kubernetes-dashboard.chart" . }}
+    heritage: {{ .Release.Service }}
+    release: {{ .Release.Name }}
+  name: {{ template "kubernetes-dashboard.serviceAccountName" . }}
+  namespace: kube-system
+{{- end -}}

charts/kubernetes-dashboard/v0.6.8/templates/svc.yaml

+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ template "kubernetes-dashboard.fullname" . }}
+  labels:
+    app: {{ template "kubernetes-dashboard.name" . }}
+    chart: {{ template "kubernetes-dashboard.chart" . }}
+    release: {{ .Release.Name }}
+    heritage: {{ .Release.Service }}
+    kubernetes.io/cluster-service: "true"
+{{- if .Values.service.labels }}
+{{ toYaml .Values.service.labels | indent 4 }}
+{{- end }}
+{{- if .Values.service.annotations }}
+  annotations:
+{{ toYaml .Values.service.annotations | indent 4 }}
+{{- end }}
+spec:
+  type: {{ .Values.service.type }}
+  ports:
+  - name: https
+    port: {{ .Values.service.externalPort }}
+    targetPort: https
+{{- if .Values.service.nodePort }}
+    nodePort: {{ .Values.service.nodePort }}
+{{- end }}
+  selector:
+    app: {{ template "kubernetes-dashboard.name" . }}
+    release: {{ .Release.Name }}

charts/kubernetes-dashboard/v0.6.8/values.yaml

+# Default values for kubernetes-dashboard
+# This is a YAML-formatted file.
+# Declare name/value pairs to be passed into your templates.
+# name: value
+
+image:
+  repository: k8s.gcr.io/kubernetes-dashboard-amd64
+  tag: v1.8.3
+  pullPolicy: IfNotPresent
+
+## Here labels can be added to the kubernets dashboard deployment
+##
+labels: {}
+# kubernetes.io/cluster-service: "true"
+# kubernetes.io/name: "Kubernetes Dashboard"
+
+## Additional container arguments
+##
+# extraArgs:
+#   - --enable-insecure-login
+#   - --system-banner="Welcome to Kubernetes"
+
+## Node labels for pod assignment
+## Ref: https://kubernetes.io/docs/user-guide/node-selection/
+##
+nodeSelector: {}
+
+## List of node taints to tolerate (requires Kubernetes >= 1.6)
+tolerations: []
+#  - key: "key"
+#    operator: "Equal|Exists"
+#    value: "value"
+#    effect: "NoSchedule|PreferNoSchedule|NoExecute"
+
+service:
+  type: ClusterIP
+  externalPort: 443
+
+  ## This allows an override of the heapster service name
+  ## Default: {{ .Chart.Name }}
+  ##
+  # nameOverride:
+
+  ## Kubernetes Dashboard Service annotations
+  ##
+  annotations: {}
+  # foo.io/bar: "true"
+
+  ## Here labels can be added to the Kubernetes Dashboard service
+  ##
+  labels: {}
+  # kubernetes.io/name: "Kubernetes Dashboard"
+
+resources:
+  limits:
+    cpu: 100m
+    memory: 50Mi
+  requests:
+    cpu: 100m
+    memory: 50Mi
+
+ingress:
+  ## If true, Kubernetes Dashboard Ingress will be created.
+  ##
+  enabled: false
+
+  ## Kubernetes Dashboard Ingress annotations
+  ##
+  # annotations:
+  #   kubernetes.io/ingress.class: nginx
+  #   nginx.ingress.kubernetes.io/secure-backends: "true"
+  #   kubernetes.io/tls-acme: 'true'
+
+  ## Kubernetes Dashboard Ingress path
+  ##
+  path: ""
+
+  ## Kubernetes Dashboard Ingress hostnames
+  ## Must be provided if Ingress is enabled
+  ##
+  # hosts:
+  #   - kubernetes-dashboard.domain.com
+
+  ## Kubernetes Dashboard Ingress TLS configuration
+  ## Secrets must be manually created in the namespace
+  ##
+  # tls:
+  #   - secretName: kubernetes-dashboard-tls
+  #     hosts:
+  #       - kubernetes-dashboard.domain.com
+
+rbac:
+  # Specifies whether RBAC resources should be created
+  create: true
+
+  # Specifies whether cluster-admin ClusterRole will be used for dashboard
+  # ServiceAccount (NOT RECOMMENDED).
+  clusterAdminRole: false
+
+serviceAccount:
+  # Specifies whether a service account should be created
+  create: true
+  # The name of the service account to use.
+  # If not set and create is true, a name is generated using the fullname template
+  name: