Merge pull request #371 from apoorva-05/master

charts/citrix-k8s-cpx-ingress-controller/v1.6.1/Chart.yaml

+apiVersion: v1
+appVersion: "1.6.1"
+description: A Helm chart for Citrix ADC CPX with Citrix ingress Controller running as sidecar.
+name: citrix-k8s-cpx-ingress-controller
+version: 1.6.1
+icon: file://../citrix_icon.png
+home: https://www.citrix.com
+sources:
+- https://github.com/citrix/citrix-k8s-ingress-controller
+maintainers:
+- name: priyankash-citrix
+  email: priyanka.sharma@citrix.com
+- name: subashd
+  email: subash.dangol@citrix.com

charts/citrix-k8s-cpx-ingress-controller/v1.6.1/README.md

+# Citrix ADC CPX with Citrix Ingress Controller running as sidecar.
+
+In a [Kubernetes](https://kubernetes.io/) or [OpenShift](https://www.openshift.com) cluster, you can deploy [Citrix ADC CPX](https://docs.citrix.com/en-us/citrix-adc-cpx) with Citrix ingress controller as a [sidecar](https://kubernetes.io/docs/concepts/workloads/pods/pod-overview/). The Citrix ADC CPX instance is used for load balancing the North-South traffic to the microservices in your cluster. And, the sidecar Citrix ingress controller configures the Citrix ADC CPX.
+
+## TL;DR;
+
+### For Kubernetes
+```
+   helm repo add citrix https://citrix.github.io/citrix-helm-charts/
+
+   helm install citrix/citrix-k8s-cpx-ingress-controller --set license.accept=yes
+```
+
+### For OpenShift
+
+```
+   helm repo add citrix https://citrix.github.io/citrix-helm-charts/
+
+   helm install citrix/citrix-k8s-cpx-ingress-controller --set license.accept=yes,openshift=true
+```
+> **Important:**
+>
+> The "license.accept" is a mandatory argument and should be set to "yes" to accept the terms of the Citrix license.
+
+
+## Introduction
+This Helm chart deploys a Citrix ADC CPX with Citrix ingress controller as a sidecar in the [Kubernetes](https://kubernetes.io/) or in the [Openshift](https://www.openshift.com) cluster using the [Helm](https://helm.sh/) package manager.
+
+### Prerequisites
+
+-  The [Kubernetes](https://kubernetes.io/) version is 1.6 or later if using Kubernetes environment.
+-  The [Openshift](https://www.openshift.com) version 3.11.x or later if using OpenShift platform.
+-  The [Helm](https://helm.sh/) version is 2.8.x or later. You can follow instruction given [here](https://github.com/citrix/citrix-helm-charts/blob/master/Helm_Installation_Kubernetes.md) to install Helm in Kubernetes environment and [here](https://github.com/citrix/citrix-helm-charts/blob/master/Helm_Installation_OpenShift.md) for OpenShift platform.
+-  You have installed [Prometheus Operator](https://github.com/coreos/prometheus-operator), if you want to view the metrics of the Citrix ADC CPX collected by the [metrics exporter](https://github.com/citrix/citrix-k8s-ingress-controller/tree/master/metrics-visualizer#visualization-of-metrics).
+
+## Installing the Chart
+Add the Citrix Ingress Controller helm chart repository using command:
+
+```
+   helm repo add citrix https://citrix.github.io/citrix-helm-charts/
+```
+
+### For Kubernetes:
+#### 1. Citrix ADC CPX with Citrix Ingress Controller running as side car.
+To install the chart with the release name ``` my-release```:
+
+```
+   helm install citrix/citrix-k8s-cpx-ingress-controller --name my-release --set license.accept=yes,ingressClass[0]=<ingressClassName>
+```
+> **Note:**
+>
+> By default the chart installs the recommended [RBAC](https://kubernetes.io/docs/admin/authorization/rbac/) roles and role bindings.
+
+The command deploys Citrix ADC CPX with Citrix ingress controller as a sidecar on the Kubernetes cluster with the default configuration. The [configuration](#configuration) section lists the mandatory and optional parameters that you can configure during installation.
+
+#### 2. Citrix ADC CPX with Citrix Ingress Controller and Exporter running as side car.
+[Metrics exporter](https://github.com/citrix/citrix-k8s-ingress-controller/tree/master/metrics-visualizer#visualization-of-metrics) can be deployed as sidecar to the Citrix ADC CPX and collects metrics from the Citrix ADC CPX instance. You can then [visualize these metrics](https://developer-docs.citrix.com/projects/citrix-k8s-ingress-controller/en/latest/metrics/promotheus-grafana/) using Prometheus Operator and Grafana.
+> **Note:**
+>
+> Ensure that you have installed [Prometheus Operator](https://github.com/coreos/prometheus-operator).
+
+Use the following command for this:
+```
+   helm install citrix/citrix-k8s-cpx-ingress-controller --name my-release --set license.accept=yes,ingressClass[0]=<ingressClassName>,exporter.required=true
+```
+
+### For OpenShift:
+If Citrix ADC CPX with Citrix ingress controller running as side car needs to be deployed in the OpenShift platform please install Helm and Tiller using instruction given [here](https://github.com/citrix/citrix-helm-charts/blob/master/Helm_Installation_OpenShift.md). It will make sure Helm and Tiller have the proper permission that is needed to install Citrix ingress controller on OpenShift.
+
+Add the service account named "cpx-ingress-k8s-role" to the privileged Security Context Constraints of OpenShift:
+
+```
+   oc adm policy add-scc-to-user privileged system:serviceaccount:<namespace>:cpx-ingress-k8s-role
+```
+
+#### 1. Citrix ADC CPX with Citrix Ingress Controller running as side car.
+To install the chart with the release name, `my-release`, use the following command:
+```
+   helm install citrix/citrix-k8s-cpx-ingress-controller --name my-release --set license.accept=yes,openshift=true
+```
+
+#### 2. Citrix ADC CPX with Citrix Ingress Controller and Exporter running as side car.
+[Metrics exporter](https://github.com/citrix/citrix-k8s-ingress-controller/tree/master/metrics-visualizer#visualization-of-metrics) can be deployed as sidecar to the Citrix ADC CPX and collects metrics from the Citrix ADC CPX instance. You can then [visualize these metrics](https://developer-docs.citrix.com/projects/citrix-k8s-ingress-controller/en/latest/metrics/promotheus-grafana/) using Prometheus Operator and Grafana.
+> **Note:**
+>
+> Ensure that you have installed [Prometheus Operator](https://github.com/coreos/prometheus-operator).
+
+Use the following command for this:
+```
+   helm install citrix/citrix-k8s-ingress-controller --name my-release --set license.accept=yes,openshift=true,exporter.required=true
+```
+
+### Installed components
+
+The following components are installed:
+
+-  [Citrix ADC CPX](https://docs.citrix.com/en-us/citrix-adc-cpx/netscaler-cpx.html)
+-  [Citrix ingress controller](https://github.com/citrix/citrix-k8s-ingress-controller) (if enabled)
+-  [Exporter](https://github.com/citrix/citrix-adc-metrics-exporter) (if enabled)
+
+## Configuration
+The following table lists the configurable parameters of the Citrix ADC CPX with Citrix ingress controller as side car chart and their default values.
+
+| Parameters | Mandatory or Optional | Default value | Description |
+| ---------- | --------------------- | ------------- | ----------- |
+| license.accept | Mandatory | no | Set `yes` to accept the Citrix ingress controller end user license agreement. |
+| cpx.image | Mandatory | `quay.io/citrix/citrix-k8s-cpx-ingress:13.0-47.102` | The Citrix ADC CPX image. |
+| cpx.pullPolicy | Mandatory | Always | The Citrix ADC CPX image pull policy. |
+| lsIP | Optional | N/A | Provide the Citrix Application Delivery Management (ADM) IP address to license Citrix ADC CPX. For more information, see [Licensing](https://developer-docs.citrix.com/projects/citrix-k8s-ingress-controller/en/latest/licensing/)|
+| lsPort | Optional | 27000 | Citrix ADM port if non-default port is used. |
+| platform | Optional | N/A | Platform license. The platform is **CP1000**. |
+| cic.image | Mandatory | `quay.io/citrix/citrix-k8s-ingress-controller:1.6.1` | The Citrix ingress controller image. |
+| cic.pullPolicy | Mandatory | Always | The Citrix ingress controller image pull policy. |
+| cic.required | Mandatory | true | CIC to be run as sidecar with Citrix ADC CPX |
+| defaultSSLCert | Optional | N/A | Default SSL certificate that needs to be used as a non-SNI certificate in Citrix ADC. |
+| nsNamespace | Optional | k8s | The prefix for the resources on the Citrix ADC CPX. |
+| exporter.required | Optional | false | Use the argument if you want to run the [Exporter for Citrix ADC Stats](https://github.com/citrix/citrix-adc-metrics-exporter) along with Citrix ingress controller to pull metrics for the Citrix ADC CPX|
+| exporter.image | Optional | `quay.io/citrix/citrix-adc-metrics-exporter:1.4.0` | The Exporter for Citrix ADC Stats image. |
+| exporter.pullPolicy | Optional | Always | The Exporter for Citrix ADC Stats image pull policy. |
+| exporter.ports.containerPort | Optional | 8888 | The Exporter for Citrix ADC Stats container port. |
+| ingressClass | Optional | N/A | If multiple ingress load balancers are used to load balance different ingress resources. You can use this parameter to specify Citrix ingress controller to configure Citrix ADC associated with specific ingress class.|
+| openshift | Optional | false | Set this argument if OpenShift environment is being used. |
+
+> **Note:**
+>
+> If Citrix ADM related information is not provided during installation, Citrix ADC CPX will come up with the default license.
+
+Alternatively, you can define a YAML file with the values for the parameters and pass the values while installing the chart.
+
+For example:
+```
+    helm install citrix/citrix-k8s-cpx-ingress-controller --name my-release --set license.accept=yes,ingressClass[0]=<ingressClassName> -f values.yaml
+```
+
+> **Tip:**
+>
+> The [values.yaml](https://github.com/citrix/citrix-helm-charts/blob/master/citrix-k8s-cpx-ingress-controller/values.yaml) contains the default values of the parameters.
+
+## Uninstalling the Chart
+To uninstall/delete the ```my-release``` deployment:
+```
+   helm delete --purge my-release
+```
+
+## Related documentation
+
+-  [Citrix ADC CPX Documentation](https://docs.citrix.com/en-us/citrix-adc-cpx/12-1/cpx-architecture-and-traffic-flow.html)
+-  [Citrix ingress controller Documentation](https://developer-docs.citrix.com/projects/citrix-k8s-ingress-controller/en/latest/)

charts/citrix-k8s-cpx-ingress-controller/v1.6.1/app-readme.md

+# Citrix ADC CPX with Citrix Ingress Controller running as sidecar.
+
+In a [Kubernetes](https://kubernetes.io/) or [OpenShift](https://www.openshift.com) cluster, you can deploy [Citrix ADC CPX](https://docs.citrix.com/en-us/citrix-adc-cpx) with Citrix ingress controller as a [sidecar](https://kubernetes.io/docs/concepts/workloads/pods/pod-overview/). The Citrix ADC CPX instance is used for load balancing the North-South traffic to the microservices in your cluster. And, the sidecar Citrix ingress controller configures the Citrix ADC CPX.
+
+This Chart bootstraps deployment of Citrix ADC CPX with Citrix Ingress Controller as sidecar.

charts/citrix-k8s-cpx-ingress-controller/v1.6.1/questions.yml

+labels:
+  io.rancher.certified: partner
+questions:
+- variable: license.accept
+  required: true
+  type: enum
+  description: "Set to yes to accept the terms and conditions of the Citrix license."
+  label: Accept License
+  group: "Deployment Settings"
+  options:
+  - "yes"
+  - "no"
+- variable: openshift
+  default: false
+  type: boolean
+  description: "openshift is set to true if charts are being deployed in OpenShift environment"
+  label: Openshift flag
+  group: "Deployment Settings"
+- variable: lsIP
+  required: false
+  type: string
+  description: "lsIP contains the Citrix Application Delivery Management (ADM) IP address to license Citrix ADC CPX."
+  label: ADM IP
+  group: "License Settings"
+- variable: lsPort
+  required: false
+  type: string
+  description: "Specify the Citrix ADM port in lsPort only if you have changed it"
+  label: ADM Port
+  group: "License Settings"
+- variable: nsNamespace
+  required: false
+  type: string
+  description: "Prefix for the resources on Citrix ADC"
+  label: Resource Prefix
+  group: "Deployment Settings"
+- variable: platform
+  required: false
+  type: string
+  description: "Specify the platform license here"
+  label: Platform License
+  group: "License Settings"
+- variable: ingressClass[0]
+  required: false
+  type: string
+  description: "ingressClass is the name of the Ingress Class"
+  label: Ingress Class
+  group: "Deployment Settings"
+- variable: defaultSSLCert
+  required: false
+  type: string
+  description: "Secret containing the default ceritifcate for SSL vservers"
+  label: Default SSLCert
+  group: "ADC Settings"
+- variable: cic.pullpolicy
+  default: "Always"
+  type: enum
+  label: CIC Image Pullpolicy
+  group: "CIC/CPX Image Settings"
+  options:
+  - "Always"
+  - "IfNotPresent"
+  - "Never"
+- variable: cpx.pullpolicy
+  default: "Always"
+  type: enum
+  label: CPX Image Pullpolicy
+  group: "CIC/CPX Image Settings"
+  options:
+  - "Always"
+  - "IfNotPresent"
+  - "Never"
+- variable: cic.image
+  default: "quay.io/citrix/citrix-k8s-ingress-controller:1.6.1"
+  type: string
+  label: CIC Image 
+  group: "CIC/CPX Image Settings"
+- variable: cpx.image
+  type: string
+  default: "quay.io/citrix/citrix-k8s-cpx-ingress:13.0-47.102"
+  label: CPX Image
+  group: "CIC/CPX Image Settings"
+- variable: exporter.image
+  required: false
+  type: string
+  description: "Exporter Image to be used"
+  label: Exporter Image
+  group: "Exporter Settings"
+- variable: exporter.pullPolicy
+  required: false
+  default: Always
+  type: string
+  description: "Exporter Image pull policy"
+  label: Exporter Image PullPolicy
+  group: "Exporter Settings"
+- variable: exporter.ports.containerPort
+  required: false
+  default: 8888 
+  type: int
+  label: Exporter ContainerPort
+  group: "Exporter Settings"

charts/citrix-k8s-cpx-ingress-controller/v1.6.1/templates/NOTES.txt

+Thank you for installing {{ .Chart.Name }}.
+
+Your release is named {{ .Release.Name }}.
+
+
+To learn more about the release, try:
+
+  $ helm status {{ .Release.Name }}
+  $ helm get {{ .Release.Name }}
+
+
+To delete :
+ helm delete --purge {{ .Release.Name }}
+

charts/citrix-k8s-cpx-ingress-controller/v1.6.1/templates/citrix-k8s-cpx-ingress.yaml

+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: cpx-ingress
+spec:
+  selector:
+    matchLabels:
+      app: cpx-ingress
+  replicas: 1
+  template:
+    metadata:
+      name: cpx-ingress
+      labels:
+        app: cpx-ingress
+      annotations:
+    spec:
+      serviceAccountName: cpx-ingress-k8s-role
+      containers:
+        - name: cpx-ingress
+          image: "{{ .Values.cpx.image }}"
+          imagePullPolicy: {{ .Values.cpx.pullPolicy }}
+          securityContext:
+             privileged: true
+          env:
+          - name: "EULA"
+            value: "{{ .Values.license.accept }}"
+          - name: "KUBERNETES_TASK_ID"
+            value: ""
+{{- if .Values.lsIP }}
+          - name: "LS_IP"
+            value: {{ .Values.lsIP }}
+{{- end }}
+{{- if .Values.lsPort }}
+          - name: "LS_PORT"
+            value: {{ .Values.lsPort }}
+{{- end }}
+{{- if .Values.platform }}
+          - name: "PLATFORM"
+            value: {{ .Values.platform }}
+{{- end }}
+{{- if .Values.cic.required }}
+        # Add cic as a sidecar
+        - name: cic
+          image: "{{ .Values.cic.image }}"
+          imagePullPolicy: {{ .Values.cic.pullPolicy }}
+          env:
+          - name: "EULA"
+            value: "{{ .Values.license.accept }}"
+          - name: "NS_IP"
+            value: "127.0.0.1"
+          - name: "NS_PROTOCOL"
+            value: "HTTP"
+          - name: "NS_PORT"
+            value: "80"
+          - name: "NS_APPS_NAME_PREFIX"
+            value: {{ .Values.nsNamespace | default "k8s"}}
+          - name: "NS_DEPLOYMENT_MODE"
+            value: "SIDECAR"
+          - name: "NS_ENABLE_MONITORING"
+            value: "YES"
+          - name: POD_NAME
+            valueFrom:
+              fieldRef:
+                apiVersion: v1
+                fieldPath: metadata.name
+          - name: POD_NAMESPACE
+            valueFrom:
+              fieldRef:
+                apiVersion: v1
+                fieldPath: metadata.namespace
+{{- if .Values.kubernetesURL }}
+          - name: "kubernetes_url"
+            value: "{{ .Values.kubernetesURL }}"
+{{- end }}
+          args:
+{{- if .Values.ingressClass }}
+            - --ingress-class
+{{- range .Values.ingressClass}}
+              {{.}}
+{{- end }}
+{{- end }}
+            - --default-ssl-certificate
+              {{ .Values.defaultSSLCert | default "{{ .Release.Namespace }}/default-cert" }}
+{{- end }}
+{{- if .Values.exporter.required }}
+        - name: exporter
+          image: "{{ .Values.exporter.image }}"
+          args:
+            - "--target-nsip=127.0.0.1"
+            - "--port={{ .Values.exporter.ports.containerPort }}"
+          imagePullPolicy: {{ .Values.exporter.pullPolicy }}
+{{- end }}
+---
+
+apiVersion: v1
+kind: Service
+metadata:
+  name: cpx-service
+  labels:
+    app: cpx-service
+    service-type: citrix-adc-monitor
+spec:
+  type: NodePort
+  ports:
+  - port: 80
+    protocol: TCP
+    name: http
+  - port: 443
+    protocol: TCP
+    name: https
+{{- if .Values.exporter.required }}
+  - port: {{ .Values.exporter.ports.containerPort }}
+    targetPort: {{ .Values.exporter.ports.containerPort }}
+    name: exporter-port
+{{- end }}
+  selector:
+    app: cpx-ingress
+
+---
+
+{{- if .Values.exporter.required }}
+
+apiVersion: monitoring.coreos.com/v1
+kind: ServiceMonitor
+metadata:
+ name: citrix-adc-servicemonitor
+ labels:
+   servicemonitor: citrix-adc
+spec:
+ endpoints:
+ - interval: 30s
+   port: exporter-port
+ selector:
+   matchLabels:
+     service-type: citrix-adc-monitor
+ namespaceSelector:
+   matchNames:
+   - monitoring
+   - default
+   - {{ .Release.Namespace }}
+
+{{- end }}

charts/citrix-k8s-cpx-ingress-controller/v1.6.1/templates/rbac.yaml

+kind: ClusterRole
+apiVersion: rbac.authorization.k8s.io/v1beta1
+metadata:
+  name: cpx-ingress-k8s-role
+rules:
+  - apiGroups: [""]
+{{- if .Values.openshift }}
+    resources: ["endpoints", "ingresses", "pods", "secrets", "routes", "routes/status", "tokenreviews", "subjectaccessreviews", "nodes", "namespaces"]
+{{- else }}
+    resources: ["endpoints", "ingresses", "pods", "secrets", "routes", "routes/status", "nodes", "namespaces"]
+{{- end}}
+    verbs: ["get", "list", "watch"]
+  # services/status is needed to update the loadbalancer IP in service status for integrating
+  # service of type LoadBalancer with external-dns
+  - apiGroups: [""]
+    resources: ["services/status"]
+    verbs: ["patch"]
+  - apiGroups: [""]
+    resources: ["services"]
+    verbs: ["get", "list", "watch", "patch"]
+  - apiGroups: ["extensions"]
+    resources: ["ingresses", "ingresses/status"]
+    verbs: ["get", "list", "watch"]
+  - apiGroups: ["apiextensions.k8s.io"]
+    resources: ["customresourcedefinitions"]
+    verbs: ["get", "list", "watch"]
+  - apiGroups: ["apps"]
+    resources: ["deployments"]
+    verbs: ["get", "list", "watch"]
+  - apiGroups: ["citrix.com"]
+    resources: ["rewritepolicies", "canarycrds", "authpolicies", "ratelimits"]
+    verbs: ["get", "list", "watch"]
+  - apiGroups: ["citrix.com"]
+    resources: ["rewritepolicies/status", "canarycrds/status", "authpolicies/status", "ratelimits/status"]
+    verbs: ["get", "list", "patch"]
+  - apiGroups: ["citrix.com"]
+    resources: ["vips"]
+    verbs: ["get", "list", "watch", "create", "delete"]
+  - apiGroups: ["route.openshift.io"]
+    resources: ["routes"]
+    verbs: ["get", "list", "watch"]
+
+---
+
+kind: ClusterRoleBinding
+apiVersion: rbac.authorization.k8s.io/v1beta1
+metadata:
+  name: cpx-ingress-k8s-role
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: cpx-ingress-k8s-role
+subjects:
+- kind: ServiceAccount
+  name: cpx-ingress-k8s-role
+  namespace: {{ .Release.Namespace }}
+apiVersion: rbac.authorization.k8s.io/v1
+
+---
+
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: cpx-ingress-k8s-role
+  namespace: {{ .Release.Namespace }}
+
+---

charts/citrix-k8s-cpx-ingress-controller/v1.6.1/values.yaml

+# Default values for citrix-k8s-cpx-ingress-controller.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+
+# cpximage contains information needed to fetch CPX image
+cpx:
+  image: quay.io/citrix/citrix-k8s-cpx-ingress:13.0-47.102
+  pullPolicy: Always
+# cicimage contains information needed to fetch CIC image
+cic:
+  image: quay.io/citrix/citrix-k8s-ingress-controller:1.6.1
+  pullPolicy: Always
+  required: true
+# openshift is set to true if charts are being deployed in OpenShift environment.
+openshift: false
+# lsIP contains the Citrix Application Delivery Management (ADM) IP address to license Citrix ADC CPX.
+lsIP:
+# Specify the Citrix ADM port in lsPort only if you have changed it.
+lsPort:
+# nsNamespace is the prefix for the resources on the Citrix ADC
+nsNamespace:
+# Specify the platform license here.
+platform:
+# license is used accept the terms of the Citrix license
+license:
+  accept: 'no'
+# ingressClass is the  name of the Ingress Class
+ingressClass:
+defaultSSLCert:
+# exporter conatins information of prometheus-exporter
+exporter:
+  required: false
+  image: quay.io/citrix/citrix-adc-metrics-exporter:1.4.0
+  pullPolicy: Always
+  ports:
+    containerPort: 8888

charts/citrix-k8s-ingress-controller/v1.6.1/Chart.yaml

+apiVersion: v1
+appVersion: "1.6.1"
+description: A Helm chart for Citrix Ingress Controller configuring MPX/VPX
+name: citrix-k8s-ingress-controller
+version: 1.6.1
+icon: file://../citrix_icon.png
+home: https://www.citrix.com
+sources:
+- https://github.com/citrix/citrix-k8s-ingress-controller
+maintainers:
+- name: priyankash-citrix
+  email: priyanka.sharma@citrix.com
+- name: subashd
+  email: subash.dangol@citrix.com

charts/citrix-k8s-ingress-controller/v1.6.1/app-readme.md

+# Citrix Ingress Controller
+
+[Citrix Ingress Controler](https://github.com/citrix/citrix-k8s-ingress-controller) is an ingress controller for Citrix ADC MPX (hardware), Citrix ADC VPX (virtualized), and Citrix ADC CPX (containerized) for bare metal and cloud deployments. It is built around Kubernetes Ingress and automatically configures Citrix ADC based on the Ingress resource configuration.
+
+This Chart bootstraps standalone Citrix Ingress Controller which can be used to configure Citrix MPX or VPX.

charts/citrix-k8s-ingress-controller/v1.6.1/questions.yml

+labels:
+  io.rancher.certified: partner
+questions:
+- variable: license.accept
+  required: true
+  type: enum
+  description: "Set to yes to accept the terms and conditions of the Citrix license."
+  label: Accept License
+  group: "Deployment Settings"
+  options:
+  - "yes"
+  - "no"
+- variable: openshift
+  default: false
+  type: boolean
+  description: "openshift is set to true if charts are being deployed in OpenShift environment"
+  label: Openshift flag
+  group: "Deployment Settings"
+- variable: loginFileName
+  default: ""
+  type: string
+  description: "loginFileName is secret file for NetScaler login"
+  label: Login File Name
+  group: "Deployment Settings"
+- variable: nsIP
+  required: true
+  type: string
+  description: "nsIP is NetScaler NSIP/SNIP, SNIP in case of HA (mgmt has to be enabled)"
+  label: Citrix ADC IP
+  group: "ADC Settings"
+- variable: nsVIP
+  required: false
+  type: string
+  label: Virtual IP for the clients to connect to
+  group: "ADC Settings"
+- variable: nsPort
+  required: false
+  default: 443
+  type: int
+  description: "nsPort is port for NetScaler NITRO"
+  label: Netscaler Port
+  group: "ADC Settings"
+- variable: nsProtocol
+  required: false
+  default: "HTTPS"
+  type: string
+  description: "nsProtocol is protocol for NetScaler NITRO"
+  label: Netscaler NITRO protocol
+  group: "ADC Settings"
+- variable: logLevel
+  required: false
+  default: "DEBUG"
+  type: enum
+  label: CIC Loglevel
+  group: "Deployment Settings"
+  options:
+  - "DEBUG"
+  - "INFO"
+  - "WARNING"
+  - "ERROR"
+  - "TRACE"
+- variable: nsNamespace
+  required: false
+  type: string
+  description: "prefix for the resources on the Citrix ADC"
+  label: ADC Entity Prefix
+  group: "ADC Settings"
+- variable: kubernetesURL
+  required: false
+  type: string
+  description: "kubernetesURL is for registering events to kubeapi server"
+  label: Kubernetes API-server URL
+  group: "Deployment Settings"
+- variable: ingressClass[0]
+  required: false
+  type: string
+  description: "ingressClass is the name of the Ingress Class"
+  label: Ingress Class
+  group: "Deployment Settings"
+- variable: defaultSSLCert
+  required: false
+  type: string
+  description: "Secret containing the default ceritifcate for SSL vservers"
+  label: Default SSLCert
+  group: "ADC Settings"
+- variable: nodeWatch
+  required: false
+  default: false
+  type: boolean
+  description: "nodeWatch is used for automatic route configuration on NetScaler towards the pod network"
+  label: NodeWatch
+  group: "ADC Settings"
+- variable: cic.image
+  type: string
+  default: "quay.io/citrix/citrix-k8s-ingress-controller:1.6.1"
+  label: CIC Image
+  group: "CIC Image Settings"
+- variable: cic.pullpolicy
+  default: "Always"
+  type: enum
+  label: CIC Image Pullpolicy
+  group: "CIC Image Settings"
+  options:
+  - "Always"
+  - "IfNotPresent"
+  - "Never"
+- variable: exporter.image
+  required: false
+  type: string
+  description: "Exporter Image"
+  label: Exporter Image
+  group: "Exporter Settings"
+- variable: exporter.pullPolicy
+  required: false
+  default: Always
+  type: string
+  description: "Exporter Image pull policy"
+  label: Exporter Image PullPolicy
+  group: "Exporter Settings"
+- variable: exporter.ports.containerPort
+  required: false
+  default: 8888 
+  type: int
+  label: Exporter ContainerPort
+  group: "Exporter Settings"

charts/citrix-k8s-ingress-controller/v1.6.1/templates/NOTES.txt

+Thank you for installing {{ .Chart.Name }}.
+
+Your release is named {{ .Release.Name }}.
+
+
+To learn more about the release, try:
+
+  $ helm status {{ .Release.Name }}
+  $ helm get {{ .Release.Name }}
+
+
+To delete :
+ helm delete --purge {{ .Release.Name }}
+                                         
+ 

charts/citrix-k8s-ingress-controller/v1.6.1/templates/citrix-k8s-ingress.yaml

+{{- if .Values.openshift }}
+apiVersion: apps.openshift.io/v1
+kind: DeploymentConfig
+{{- else }}
+apiVersion: apps/v1
+kind: Deployment
+{{- end}}
+metadata:
+  name: cic-k8s-ingress-controller
+spec:
+  selector:
+{{- if .Values.openshift }}
+     router: cic-k8s-ingress-controller
+{{- else }}
+    matchLabels:
+      app: cic-k8s-ingress-controller
+{{- end}}
+  replicas: 1
+{{- if .Values.openshift }}
+  strategy:
+    resources: {}
+    rollingParams:
+      intervalSeconds: 1
+      maxSurge: 0
+      maxUnavailable: 25%
+      timeoutSeconds: 600
+      updatePeriodSeconds: 1
+    type: Rolling
+{{- end}}
+  template:
+    metadata:
+      name: cic-k8s-ingress-controller
+      labels:
+{{- if .Values.openshift }}
+        router: cic-k8s-ingress-controller
+{{- else }}
+        app: cic-k8s-ingress-controller
+{{- end}}
+    spec:
+      serviceAccountName: cic-k8s-role
+      containers:
+      - name: cic-k8s-ingress-controller
+        image: "{{ .Values.cic.image }}"
+        imagePullPolicy: {{ .Values.cic.pullPolicy }}
+        args:
+          - --default-ssl-certificate
+            {{ .Values.defaultSSLCert | default "{{ .Release.Namespace }}/default-cert" }}
+{{- if .Values.ingressClass }}
+          - --ingress-class
+{{- range .Values.ingressClass}}
+            {{.}}
+{{- end }}
+{{- end }}
+          - --feature-node-watch
+            {{.Values.nodeWatch}}
+        env:
+        - name: "NS_IP"
+          value: "{{ .Values.nsIP }}"
+{{- if .Values.nsVIP }}
+        - name: "NS_VIP"
+          value: "{{ .Values.nsVIP }}"
+{{- end}}
+        - name: "NS_USER"
+          valueFrom:
+            secretKeyRef:
+              name: {{ .Values.loginFileName | default "nslogin"}}
+              key: username
+        - name: "NS_PASSWORD"
+          valueFrom:
+            secretKeyRef:
+              name: {{ .Values.loginFileName | default "nslogin"}}
+              key: password
+        - name: "EULA"
+          value: "{{ .Values.license.accept }}"
+        - name: "LOGLEVEL"
+          value: "{{ .Values.logLevel}}"
+        - name: "NS_PROTOCOL"
+          value: "{{ .Values.nsProtocol }}"
+        - name: "NS_PORT"
+          value: "{{ .Values.nsPort}}"
+        - name: "NS_APPS_NAME_PREFIX"
+          value: {{ .Values.nsNamespace | default "k8s"}}
+{{- if .Values.kubernetesURL }}
+        - name: "kubernetes_url"
+          value: "{{ .Values.kubernetesURL }}"
+{{- end}}
+{{- if .Values.exporter.required }}
+      - name: exporter
+        image: "{{ .Values.exporter.image }}"
+        args:
+          - "--secure=YES"
+          - "--username=$(NS_USERNAME)"
+          - "--password=$(NS_PASSWORD)"
+          - "--target-nsip={{ .Values.nsIP }}"
+          - "--port={{ .Values.exporter.ports.containerPort }}"
+        env:
+          - name: NS_USERNAME
+            valueFrom:
+              secretKeyRef:
+                name: {{ .Values.loginFileName | default "nslogin"}}
+                key: username
+          - name: NS_PASSWORD
+            valueFrom:
+              secretKeyRef:
+                name: {{ .Values.loginFileName | default "nslogin"}}
+                key: password
+        imagePullPolicy: {{ .Values.exporter.pullPolicy }}
+{{- end }}
+---
+
+{{- if .Values.exporter.required }}
+
+
+apiVersion: v1
+kind: Service
+metadata:
+   name: exporter
+   labels:
+     app: exporter
+     service-type: citrix-adc-monitor
+spec:
+   type: ClusterIP
+   ports:
+   - port: {{ .Values.exporter.ports.containerPort }}
+     targetPort: {{ .Values.exporter.ports.containerPort }}
+     name: exporter-port
+   selector:
+     app: cic-k8s-ingress-controller
+
+---
+
+apiVersion: monitoring.coreos.com/v1
+kind: ServiceMonitor
+metadata:
+ name: citrix-adc-servicemonitor
+ labels:
+   servicemonitor: citrix-adc
+spec:
+ endpoints:
+ - interval: 30s
+   port: exporter-port
+ selector:
+   matchLabels:
+     service-type: citrix-adc-monitor
+ namespaceSelector:
+   matchNames:
+   - monitoring
+   - default
+   - {{ .Release.Namespace }}
+
+{{- end }}

charts/citrix-k8s-ingress-controller/v1.6.1/templates/login_credentials.yaml

+
+{{- if not .Values.loginFileName}}
+
+apiVersion: v1
+kind: Secret
+metadata:
+    name: nslogin
+type: Opaque
+data:
+    username: bnNyb290
+    password: bnNyb290
+
+{{- end}}

charts/citrix-k8s-ingress-controller/v1.6.1/templates/rbac.yaml

+kind: ClusterRole
+apiVersion: rbac.authorization.k8s.io/v1beta1
+metadata:
+  name: cic-k8s-role
+rules:
+  - apiGroups: [""]
+{{- if .Values.openshift }}
+    resources: ["endpoints", "ingresses", "pods", "secrets", "routes", "routes/status", "tokenreviews", "subjectaccessreviews", "nodes", "namespaces"]
+{{- else }}
+    resources: ["endpoints", "ingresses", "pods", "secrets", "routes", "routes/status", "nodes", "namespaces"]
+{{- end}}
+    verbs: ["get", "list", "watch"]
+  # services/status is needed to update the loadbalancer IP in service status for integrating
+  # service of type LoadBalancer with external-dns
+  - apiGroups: [""]
+    resources: ["services/status"]
+    verbs: ["patch"]
+  - apiGroups: [""]
+    resources: ["services"]
+    verbs: ["get", "list", "watch", "patch"]
+  - apiGroups: ["extensions"]
+    resources: ["ingresses", "ingresses/status"]
+    verbs: ["get", "list", "watch"]
+  - apiGroups: ["apiextensions.k8s.io"]
+    resources: ["customresourcedefinitions"]
+    verbs: ["get", "list", "watch"]
+  - apiGroups: ["apps"]
+    resources: ["deployments"]
+    verbs: ["get", "list", "watch"]
+  - apiGroups: ["citrix.com"]
+    resources: ["rewritepolicies", "canarycrds", "authpolicies", "ratelimits"]
+    verbs: ["get", "list", "watch"]
+  - apiGroups: ["citrix.com"]
+    resources: ["vips"]
+    verbs: ["get", "list", "watch", "create", "delete"]
+  - apiGroups: ["route.openshift.io"]
+    resources: ["routes"]
+    verbs: ["get", "list", "watch"]
+
+---
+
+kind: ClusterRoleBinding
+apiVersion: rbac.authorization.k8s.io/v1beta1
+metadata:
+  name: cic-k8s-role
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: cic-k8s-role
+subjects:
+- kind: ServiceAccount
+  name: cic-k8s-role
+  namespace: {{ .Release.Namespace }}
+apiVersion: rbac.authorization.k8s.io/v1
+
+---
+
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: cic-k8s-role
+  namespace: {{ .Release.Namespace }}
+
+---

charts/citrix-k8s-ingress-controller/v1.6.1/values.yaml

+# Default values for citrix-k8-ingress-controller.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+
+# image contains information needed to fetch CIC image
+cic:
+  image: quay.io/citrix/citrix-k8s-ingress-controller:1.6.1
+  pullPolicy: Always
+# openshift is set to true if charts are being deployed in OpenShift environment.
+openshift: false
+# loginFileName is secret file for NetScaler login
+loginFileName:
+# nsIP is NetScaler NSIP/SNIP, SNIP in case of HA (mgmt has to be enabled)
+nsIP: x.x.x.x
+nsVIP:
+# license accept should be 'yes' to run Citrix Ingress Controller
+license:
+  accept: 'no'
+# nsPort is port for NetScaler NITRO
+nsPort: 443
+# nsProtocol is protocol for NetScaler NITRO
+nsProtocol: HTTPS
+# logLevel is to set level of CIC Logs
+logLevel: DEBUG
+# nsNamespace is the prefix for the resources on the Citrix ADC
+nsNamespace:
+# kubernetesURL is for registering events to kubeapi server
+kubernetesURL:
+# ingressClass is the name of the Ingress Class
+ingressClass:
+defaultSSLCert:
+# nodeWatch is used for automatic route configuration on NetScaler towards the pod network
+nodeWatch: false
+# exporter conatins information of prometheus-exporter
+exporter:
+  required: false
+  image: quay.io/citrix/citrix-adc-metrics-exporter:1.4.0
+  pullPolicy: Always
+  ports:
+    containerPort: 8888