Skip to content

C
charts
Unverified Commit e93f0f5c by Denise Committed by GitHub
Options

Merge pull request #217 from guangbochen/dashboard2.3

Bump kubernetes dashboard to 1.8.0
parents 244d1087 b35018ef
Showing with 1106 additions and 0 deletions
charts/kubernetes-dashboard/logo.svg 0 → 100644
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<!-- Created with Inkscape (http://www.inkscape.org/) -->
<svg
xmlns:dc="http://purl.org/dc/elements/1.1/"
xmlns:cc="http://creativecommons.org/ns#"
xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"
xmlns:svg="http://www.w3.org/2000/svg"
xmlns="http://www.w3.org/2000/svg"
xmlns:sodipodi="http://sodipodi.sourceforge.net/DTD/sodipodi-0.dtd"
xmlns:inkscape="http://www.inkscape.org/namespaces/inkscape"
width="722.8457"
height="701.96637"
id="svg2"
version="1.1"
inkscape:version="0.48.4 r9939"
sodipodi:docname="logo.svg"
inkscape:export-filename="/home/thockin/src/kubernetes/new.png"
inkscape:export-xdpi="460.95001"
inkscape:export-ydpi="460.95001">
<defs
id="defs4" />
<sodipodi:namedview
id="base"
pagecolor="#ffffff"
bordercolor="#666666"
borderopacity="1.0"
inkscape:pageopacity="0.0"
inkscape:pageshadow="2"
inkscape:zoom="16.190509"
inkscape:cx="277.56851"
inkscape:cy="157.54494"
inkscape:document-units="px"
inkscape:current-layer="g3052"
showgrid="false"
inkscape:window-width="1519"
inkscape:window-height="822"
inkscape:window-x="51"
inkscape:window-y="25"
inkscape:window-maximized="0"
inkscape:snap-global="false"
fit-margin-top="10"
fit-margin-left="10"
fit-margin-right="10"
fit-margin-bottom="10" />
<metadata
id="metadata7">
<rdf:RDF>
<cc:Work
rdf:about="">
<dc:format>image/svg+xml</dc:format>
<dc:type
rdf:resource="http://purl.org/dc/dcmitype/StillImage" />
<dc:title />
</cc:Work>
</rdf:RDF>
</metadata>
<g
inkscape:label="Layer 1"
inkscape:groupmode="layer"
id="layer1"
transform="translate(-6.3260942,-174.7524)">
<g
id="g3052">
<path
style="fill:#326ce5;fill-opacity:1;stroke:#ffffff;stroke-width:0;stroke-miterlimit:4;stroke-opacity:1;stroke-dasharray:none"
d="m 365.3125,184.8125 a 46.724621,46.342246 0 0 0 -17.90625,4.53125 l -244.34375,116.75 a 46.724621,46.342246 0 0 0 -25.28125,31.4375 L 17.5,599.78125 A 46.724621,46.342246 0 0 0 23.84375,635.3125 46.724621,46.342246 0 0 0 26.5,639 l 169.125,210.28125 a 46.724621,46.342246 0 0 0 36.53125,17.4375 L 503.375,866.65625 A 46.724621,46.342246 0 0 0 539.90625,849.25 L 708.96875,638.9375 A 46.724621,46.342246 0 0 0 718,599.71875 l -60.375,-262.25 a 46.724621,46.342246 0 0 0 -25.28125,-31.4375 l -244.375,-116.6875 A 46.724621,46.342246 0 0 0 365.3125,184.8125 z"
id="path3055"
inkscape:connector-curvature="0"
inkscape:export-filename="new.png"
inkscape:export-xdpi="250.55"
inkscape:export-ydpi="250.55" />
<path
inkscape:connector-curvature="0"
id="path3059"
d="m 367.73366,274.05962 c -8.07696,8.2e-4 -14.62596,7.27591 -14.625,16.25 1e-5,0.13773 0.0282,0.26934 0.0312,0.40625 -0.0119,1.21936 -0.0708,2.68836 -0.0312,3.75 0.19262,5.176 1.3209,9.13749 2,13.90625 1.23028,10.20666 2.26117,18.66736 1.625,26.53125 -0.61869,2.9654 -2.80288,5.67741 -4.75,7.5625 l -0.34375,6.1875 c -8.77682,0.72717 -17.61235,2.05874 -26.4375,4.0625 -37.97461,8.62218 -70.67008,28.18307 -95.5625,54.59375 -1.61522,-1.10193 -4.44103,-3.12914 -5.2813,-3.75 -2.61117,0.35262 -5.25021,1.15829 -8.6875,-0.84375 -6.54491,-4.40563 -12.50587,-10.48693 -19.71875,-17.8125 -3.30498,-3.50419 -5.69832,-6.84101 -9.625,-10.21875 -0.89172,-0.76707 -2.25258,-1.80455 -3.25,-2.59375 -3.06988,-2.44757 -6.6907,-3.72402 -10.1875,-3.84375 -4.49589,-0.15394 -8.82394,1.60385 -11.65625,5.15625 -5.03521,6.31538 -3.42312,15.96805 3.59375,21.5625 0.0712,0.0567 0.14702,0.10078 0.21875,0.15625 0.96422,0.78162 2.14496,1.78313 3.03125,2.4375 4.16687,3.07655 7.9732,4.65145 12.125,7.09375 8.747,5.40181 15.99837,9.88086 21.75,15.28125 2.24602,2.39417 2.63858,6.61292 2.9375,8.4375 l 4.6875,4.1875 c -25.09342,37.76368 -36.70686,84.40946 -29.8437,131.9375 l -6.125,1.78125 c -1.6143,2.08461 -3.89541,5.36474 -6.2813,6.34375 -7.52513,2.37021 -15.99424,3.24059 -26.21875,4.3125 -4.80031,0.39915 -8.94218,0.16095 -14.03125,1.125 -1.12008,0.21218 -2.68072,0.61877 -3.90625,0.90625 -0.0426,0.009 -0.0824,0.0216 -0.125,0.0312 -0.0668,0.0155 -0.15456,0.0479 -0.21875,0.0625 -8.62014,2.08279 -14.15774,10.006 -12.375,17.8125 1.78316,7.80833 10.20314,12.55677 18.875,10.6875 0.0626,-0.0143 0.1535,-0.0167 0.21875,-0.0312 0.0979,-0.0224 0.18409,-0.0699 0.28125,-0.0937 1.20885,-0.26536 2.72377,-0.5606 3.78125,-0.84375 5.00334,-1.33963 8.62694,-3.30796 13.125,-5.03125 9.67694,-3.47077 17.69173,-6.37022 25.5,-7.5 3.26118,-0.25542 6.69711,2.01216 8.40625,2.96875 l 6.375,-1.09375 c 14.67018,45.48282 45.41416,82.24502 84.34375,105.3125 l -2.65625,6.375 c 0.95742,2.47542 2.01341,5.8247 1.30022,8.26932 -2.83868,7.3612 -7.70097,15.13097 -13.23772,23.79318 -2.68085,4.00192 -5.42453,7.10761 -7.84375,11.6875 -0.5789,1.09589 -1.31618,2.77932 -1.875,3.9375 -3.75884,8.04236 -1.00164,17.3052 6.21875,20.78125 7.26575,3.49788 16.28447,-0.19134 20.1875,-8.25 0.006,-0.0114 0.0257,-0.0198 0.0312,-0.0312 0.004,-0.009 -0.004,-0.0225 0,-0.0312 0.55593,-1.14255 1.34353,-2.64437 1.8125,-3.71875 2.07213,-4.74702 2.76161,-8.81506 4.21875,-13.40625 3.86962,-9.72014 5.99567,-19.91903 11.32258,-26.27411 1.45868,-1.74023 3.83681,-2.4095 6.30242,-3.06964 l 3.3125,-6 c 33.93824,13.0268 71.92666,16.52246 109.875,7.90625 8.65697,-1.96557 17.01444,-4.50945 25.09375,-7.5625 0.93098,1.65133 2.66113,4.8257 3.125,5.625 2.50559,0.81518 5.24044,1.23614 7.46875,4.53125 3.98539,6.80898 6.7109,14.86416 10.03125,24.59375 1.45738,4.59111 2.17762,8.65933 4.25,13.40625 0.47234,1.08195 1.256,2.60486 1.8125,3.75 3.89482,8.08484 12.94212,11.78667 20.21875,8.28125 7.2195,-3.4779 9.97974,-12.7399 6.21875,-20.78125 -0.55889,-1.15814 -1.3273,-2.84164 -1.90625,-3.9375 -2.41946,-4.57976 -5.1627,-7.65448 -7.84375,-11.65625 -5.53721,-8.66192 -10.12968,-15.8577 -12.96875,-23.21875 -1.18711,-3.79657 0.20028,-6.15774 1.125,-8.625 -0.55378,-0.63477 -1.73881,-4.22009 -2.4375,-5.90625 40.4574,-23.88816 70.29856,-62.02129 84.3125,-106.0625 1.8924,0.29742 5.18154,0.87936 6.25,1.09375 2.19954,-1.4507 4.22194,-3.34352 8.1875,-3.03125 7.80832,1.12937 15.82288,4.02973 25.5,7.5 4.49815,1.72306 8.1216,3.72313 13.125,5.0625 1.05749,0.28309 2.57238,0.5472 3.78125,0.8125 0.0972,0.0238 0.1833,0.0714 0.28125,0.0937 0.0653,0.0146 0.15615,0.0169 0.21875,0.0312 8.67236,1.86695 17.09384,-2.87871 18.875,-10.6875 1.78074,-7.80696 -3.7543,-15.73201 -12.375,-17.8125 -1.25393,-0.28513 -3.03225,-0.76938 -4.25,-1 -5.08912,-0.96378 -9.23092,-0.7261 -14.03125,-1.125 -10.22456,-1.07138 -18.6935,-1.94269 -26.21875,-4.3125 -3.06826,-1.19028 -5.25103,-4.84124 -6.31255,-6.34375 l -5.90625,-1.71875 c 3.06226,-22.15442 2.23655,-45.21134 -3.0625,-68.28125 -5.34839,-23.28471 -14.80037,-44.58084 -27.40625,-63.34375 1.51505,-1.37729 4.37619,-3.91091 5.1875,-4.65625 0.23716,-2.62417 0.0334,-5.37553 2.75,-8.28125 5.75134,-5.40069 13.00329,-9.87898 21.75,-15.28125 4.15167,-2.44252 7.98954,-4.01698 12.15625,-7.09375 0.94225,-0.69576 2.2289,-1.79759 3.21875,-2.59375 7.01538,-5.59633 8.63058,-15.24842 3.59375,-21.5625 -5.03683,-6.31408 -14.79712,-6.90883 -21.8125,-1.3125 -0.99856,0.79085 -2.35353,1.82252 -3.25,2.59375 -3.9265,3.37796 -6.35145,6.71439 -9.65625,10.21875 -7.21249,7.32595 -13.17407,13.43777 -19.71875,17.84375 -2.83601,1.65106 -6.98996,1.07978 -8.87505,0.96875 l -5.5625,3.96875 c -31.7188,-33.26057 -74.90466,-54.52546 -121.40605,-58.6563 -0.13006,-1.94872 -0.30045,-5.47117 -0.34375,-6.53125 -1.90371,-1.82165 -4.20342,-3.37686 -4.78125,-7.3125 -0.63617,-7.86389 0.42597,-16.32459 1.65625,-26.53125 0.6791,-4.76876 1.80738,-8.73025 2,-13.90625 0.0438,-1.17663 -0.0265,-2.88401 -0.0312,-4.15625 -9.6e-4,-8.97409 -6.54804,-16.25082 -14.625,-16.25 z m -18.3125,113.4375 -4.34375,76.71875 -0.3125,0.15625 c -0.29134,6.86335 -5.93996,12.34375 -12.875,12.34375 -2.84081,0 -5.46294,-0.91229 -7.59375,-2.46875 l -0.125,0.0625 -62.90625,-44.59375 c 19.33365,-19.01115 44.06291,-33.06039 72.5625,-39.53125 5.20599,-1.18203 10.40966,-2.0591 15.59375,-2.6875 z m 36.65625,0 c 33.27347,4.09232 64.04501,19.15882 87.625,42.25 l -62.5,44.3125 -0.21875,-0.0937 c -5.54745,4.05169 -13.36343,3.04639 -17.6875,-2.375 -1.77132,-2.22096 -2.70072,-4.83239 -2.8125,-7.46875 l -0.0625,-0.0312 z m -147.625,70.875 57.4375,51.375 -0.0625,0.3125 c 5.18437,4.50697 5.94888,12.32794 1.625,17.75 -1.7712,2.22105 -4.14208,3.71074 -6.6875,4.40625 l -0.0625,0.25 -73.625,21.25 c -3.74728,-34.26517 4.32855,-67.57364 21.375,-95.34375 z m 258.15625,0.0312 c 8.5341,13.83256 14.99655,29.28214 18.84375,46.03125 3.80106,16.54828 4.75499,33.06697 3.1875,49.03125 l -74,-21.3125 -0.0625,-0.3125 c -6.6265,-1.81104 -10.69893,-8.55162 -9.15625,-15.3125 0.63203,-2.76962 2.10222,-5.11264 4.09375,-6.84375 l -0.0312,-0.15625 57.125,-51.125 z m -140.65625,55.3125 23.53125,0 14.625,18.28125 -5.25,22.8125 -21.125,10.15625 -21.1875,-10.1875 -5.25,-22.8125 z m 75.4375,62.5625 c 0.99997,-0.0505 1.99558,0.0396 2.96875,0.21875 l 0.125,-0.15625 76.15625,12.875 c -11.1455,31.3131 -32.47281,58.44018 -60.96875,76.59375 l -29.5625,-71.40625 0.0937,-0.125 c -2.71561,-6.30999 0.002,-13.70956 6.25,-16.71875 1.59965,-0.77041 3.27089,-1.19701 4.9375,-1.28125 z m -127.90625,0.3125 c 5.81174,0.0815 11.02462,4.11525 12.375,10.03125 0.63219,2.76958 0.3245,5.51375 -0.71875,7.9375 l 0.21875,0.28125 -29.25,70.6875 c -27.34716,-17.5486 -49.12927,-43.82403 -60.78125,-76.06245 l 75.5,-12.8125 0.125,0.15625 c 0.84451,-0.15541 1.701,-0.2304 2.53125,-0.21875 z m 63.78125,30.9688 c 2.02445,-0.0744 4.07865,0.34098 6.03125,1.28125 2.55951,1.23253 4.53673,3.17319 5.78125,5.5 l 0.28125,0 37.21875,67.25 c -4.83029,1.61923 -9.79609,3.00308 -14.875,4.15625 -28.46453,6.4629 -56.83862,4.50467 -82.53125,-4.25 l 37.125,-67.125 0.0625,0 c 2.22767,-4.16441 6.45247,-6.64887 10.90625,-6.8125 z"
style="font-size:medium;font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;text-indent:0;text-align:start;text-decoration:none;line-height:normal;letter-spacing:normal;word-spacing:normal;text-transform:none;direction:ltr;block-progression:tb;writing-mode:lr-tb;text-anchor:start;baseline-shift:baseline;color:#000000;fill:#ffffff;fill-opacity:1;stroke:#ffffff;stroke-width:0.25;stroke-miterlimit:4;stroke-opacity:1;stroke-dasharray:none;marker:none;visibility:visible;display:inline;overflow:visible;enable-background:accumulate;font-family:Sans;-inkscape-font-specification:Sans"
sodipodi:nodetypes="ccccccccsccccscssccsccccccccscccsccccccccccccccscccscsccsccccscscsccccccccscccscsccccsccccscscscccccccccccccccscccsccccccccccccscccccscccccccccccccccccccccccscccscccccccccscccscccc"
inkscape:export-filename="./path3059.png"
inkscape:export-xdpi="250.55"
inkscape:export-ydpi="250.55" />
</g>
</g>
</svg>
\ No newline at end of file
charts/kubernetes-dashboard/v1.8.0/.helmignore 0 → 100644
# Patterns to ignore when building packages.
# This supports shell glob matching, relative path matching, and
# negation (prefixed with !). Only one pattern per line.
.DS_Store
# Common VCS dirs
.git/
.gitignore
.bzr/
.bzrignore
.hg/
.hgignore
.svn/
# Common backup files
*.swp
*.bak
*.tmp
*~
# Various IDEs
.project
.idea/
*.tmproj
OWNERS
charts/kubernetes-dashboard/v1.8.0/Chart.yaml 0 → 100644
apiVersion: v1
name: kubernetes-dashboard
version: 1.8.0
appVersion: 1.10.1
description: General-purpose web UI for Kubernetes clusters
keywords:
- kubernetes
- dashboard
home: https://github.com/kubernetes/dashboard
sources:
- https://github.com/kubernetes/dashboard
maintainers:
- name: kfox1111
email: Kevin.Fox@pnnl.gov
- name: desaintmartin
email: cdesaintmartin@wiremind.fr
icon: file://../logo.svg
charts/kubernetes-dashboard/v1.8.0/OWNERS 0 → 100644
approvers:
- kfox1111
- desaintmartin
reviewers:
- kfox1111
- desaintmartin
charts/kubernetes-dashboard/v1.8.0/README.md 0 → 100644
# kubernetes-dashboard
[Kubernetes Dashboard](https://github.com/kubernetes/dashboard) is a general purpose, web-based UI for Kubernetes clusters. It allows users to manage applications running in the cluster and troubleshoot them, as well as manage the cluster itself.
## Access control
It is critical for the Kubernetes cluster to correctly setup access control of Kubernetes Dashboard. See this [guide](https://github.com/kubernetes/dashboard/wiki/Access-control) for best practises.
It is highly recommended to use RBAC with minimal privileges needed for Dashboard to run.
## Configuration
The following table lists the configurable parameters of the kubernetes-dashboard chart and their default values.
| Parameter | Description | Default |
|-------------------------------------|-----------------------------------------------------------------------------------------------------------------------------|----------------------------------------------------------------------------|
| `image.repository` | Repository for container image | `k8s.gcr.io/kubernetes-dashboard-amd64` |
| `image.tag` | Image tag | `v1.10.1` |
| `image.pullPolicy` | Image pull policy | `IfNotPresent` |
| `image.pullSecrets` | Image pull secrets | `[]` |
| `annotations` | Annotations for deployment | `{}` |
| `replicaCount` | Number of replicas | `1` |
| `extraArgs` | Additional container arguments | `[]` |
| `extraEnv` | Additional container environment variables | `[]` |
| `podAnnotations` | Annotations to be added to pods | {} |
| `nodeSelector` | node labels for pod assignment | `{}` |
| `tolerations` | List of node taints to tolerate (requires Kubernetes >= 1.6) | `[]` |
| `affinity` | Affinity for pod assignment | `[]` |
| `enableSkipLogin` | Enable possibility to skip login | `false` |
| `enableInsecureLogin` | Serve application over HTTP without TLS | `false` |
| `service.externalPort` | Dashboard external port | 443 |
| `service.internalPort` | Dashboard internal port | 443 |
| `service.loadBalancerSourceRanges` | list of IP CIDRs allowed access to load balancer (if supported) | nil |
| `ingress.labels` | Add custom labels | `[]` |
| `ingress.annotations` | Specify ingress class | `kubernetes.io/ingress.class: nginx` |
| `ingress.enabled` | Enable ingress controller resource | `false` |
| `ingress.paths` | Paths to match against incoming requests. Both `/` and `/*` are required to work on gce ingress. | `[/]` |
| `ingress.hosts` | Dashboard Hostnames | `nil` |
| `ingress.tls` | Ingress TLS configuration | `[]` |
| `resources` | Pod resource requests & limits | `limits: {cpu: 100m, memory: 100Mi}, requests: {cpu: 100m, memory: 100Mi}` |
| `rbac.create` | Create & use RBAC resources | `true` |
| `rbac.clusterAdminRole` | "cluster-admin" ClusterRole will be used for dashboard ServiceAccount ([NOT RECOMMENDED](#access-control)) | `false` |
| `rbac.clusterReadOnlyRole` | If clusterAdminRole disabled, an additional role will be created with read only permissions to all resources listed inside. | `false` |
| `serviceAccount.create` | Whether a new service account name that the agent will use should be created. | `true` |
| `serviceAccount.name` | Service account to be used. If not set and serviceAccount.create is `true` a name is generated using the fullname template. | |
| `livenessProbe.initialDelaySeconds` | Number of seconds to wait before sending first probe | 30 |
| `livenessProbe.timeoutSeconds` | Number of seconds to wait for probe response | 30 |
| `podDisruptionBudget.enabled` | Create a PodDisruptionBudget | `false` |
| `podDisruptionBudget.minAvailable` | Minimum available instances; ignored if there is no PodDisruptionBudget | |
| `podDisruptionBudget.maxUnavailable`| Maximum unavailable instances; ignored if there is no PodDisruptionBudget | |
| `securityContext` | Security context | `{}` |
| `networkPolicy` | Whether to create a network policy that allows access to the service | `false` |
Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. For example,
```console
helm install stable/kubernetes-dashboard --name my-release \
--set=service.externalPort=8080,resources.limits.cpu=200m
```
Alternatively, a YAML file that specifies the values for the above parameters can be provided while installing the chart. For example,
```console
helm install stable/kubernetes-dashboard --name my-release -f values.yaml
```
> **Tip**: You can use the default [values.yaml](values.yaml)
## Using the dashboard with 'kubectl proxy'
When running 'kubectl proxy', the address `localhost:8001/ui` automatically expands to:
- `http://localhost:8001/api/v1/namespaces/kube-system/services/https:kubernetes-dashboard:https/proxy/` or
- `http://localhost:8001/api/v1/namespaces/kube-system/services/http:kubernetes-dashboard:http/proxy/` if `enableInsecureLogin=true`
For this to reach the dashboard, the name of the service must be 'kubernetes-dashboard', not any other value as set by Helm. You can manually specify this using the value 'fullnameOverride':
```
fullnameOverride: 'kubernetes-dashboard'
```
### Upgrade from 0.x.x to 1.x.x
Upgrade from 0.x.x version to 1.x.x version is seamless if you use default `ingress.path` value. If you have non-default `ingress.path` values with version 0.x.x, you need to add your custom path in `ingress.paths` list value as shown as examples in `values.yaml`.
Notes:
- The proxy url changed please refer to the [usage section](#using-the-dashboard-with-kubectl-proxy)
charts/kubernetes-dashboard/v1.8.0/app-readme.md 0 → 100644
# kubernetes-dashboard
[Kubernetes Dashboard](https://github.com/kubernetes/dashboard) is a general purpose, web-based UI for Kubernetes clusters. It allows users to manage applications running in the cluster and troubleshoot them, as well as manage the cluster itself.
## Access control
IMPORTANT:
You must be a cluster admin to be able to deploy Kubernetes Dashboard.
WARNING:
Once the Dashboard is deployed with cluster admin role, anyone with access to this project can access the Dashboard and therefore gain access to the entire Kubernetes cluster!!!
It is critical for the Kubernetes cluster to correctly setup access control of Kubernetes Dashboard. See this [guide](https://github.com/kubernetes/dashboard/wiki/Access-control) for best practises.
It is highly recommended to use RBAC with minimal privileges needed for Dashboard to run.
`Notes: Dashboard is required to be installed in the System Project`
charts/kubernetes-dashboard/v1.8.0/questions.yml 0 → 100644
labels:
io.cattle.role: cluster # options are cluster/project
categories:
- dashboard
rancher_min_version: v2.0.7
namespace: kube-system
questions:
- variable: defaultImage
default: true
description: "Use default Docker image"
label: Use Default Image
type: boolean
show_subquestion_if: false
group: "Container Images"
subquestions:
- variable: image.repository
default: "ranchercharts/kubernetes-dashboard-amd64"
description: "Docker image repository"
type: string
label: Image Repository
- variable: image.tag
default: "v1.10.1"
description: "Docker image tag"
type: string
label: Image Tag
- variable: enableSkipLogin
requred: true
default: true
description: "Enable possibility to skip login"
type: boolean
label: "Enable Possibility To Skip Login"
- variable: rbac.clusterAdminRole
required: true
default: false
description: "IMPORTANT: Granting admin privileges to Dashboard's Service Account might be a security risk, makeing sure that you know what you are doing before proceeding."
type: boolean
label: "Enable Dashboard Cluster Admin Role (NOT RECOMMENDED)"
show_subquestion_if: true
subquestions:
- variable: rbac.clusterReadOnlyRole
required: true
default: true
description: "Same as for clusterAdminRole, it is NOT RECOMMENDED to use this version in production. Instead you should review the role and remove all potentially sensitive parts such as access to persistentvolumes, pods/log etc"
type: boolean
label: "Set ReadOnly Mode of Cluster Admin Role"
charts/kubernetes-dashboard/v1.8.0/templates/NOTES.txt 0 → 100644
*********************************************************************************
*** PLEASE BE PATIENT: kubernetes-dashboard may take a few minutes to install ***
*********************************************************************************
{{- if .Values.ingress.enabled }}
From outside the cluster, the server URL(s) are:
{{- range .Values.ingress.hosts }}
{{- if $.Values.enableInsecureLogin }}
http://{{ . }}
{{- else }}
https://{{ . }}
{{- end }}
{{- end }}
{{- else if contains "NodePort" .Values.service.type }}
Get the Kubernetes Dashboard URL by running:
export NODE_PORT=$(kubectl get -n {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ template "kubernetes-dashboard.fullname" . }})
export NODE_IP=$(kubectl get nodes -o jsonpath="{.items[0].status.addresses[0].address}")
{{- if .Values.enableInsecureLogin }}
echo http://$NODE_IP:$NODE_PORT/
{{- else }}
echo https://$NODE_IP:$NODE_PORT/
{{- end }}
{{- else if contains "LoadBalancer" .Values.service.type }}
NOTE: It may take a few minutes for the LoadBalancer IP to be available.
Watch the status with: 'kubectl get svc -n {{ .Release.Namespace }} -w {{ template "kubernetes-dashboard.fullname" . }}'
Get the Kubernetes Dashboard URL by running:
export SERVICE_IP=$(kubectl get svc -n {{ .Release.Namespace }} {{ template "kubernetes-dashboard.fullname" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
{{- if .Values.enableInsecureLogin }}
echo http://$SERVICE_IP/
{{- else }}
echo https://$SERVICE_IP/
{{- end }}
{{- else if contains "ClusterIP" .Values.service.type }}
Get the Kubernetes Dashboard URL by running:
export POD_NAME=$(kubectl get pods -n {{ .Release.Namespace }} -l "app={{ template "kubernetes-dashboard.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
{{- if .Values.enableInsecureLogin }}
echo http://127.0.0.1:9090/
kubectl -n {{ .Release.Namespace }} port-forward $POD_NAME 9090:9090
{{- else }}
echo https://127.0.0.1:8443/
kubectl -n {{ .Release.Namespace }} port-forward $POD_NAME 8443:8443
{{- end }}
{{- end }}
charts/kubernetes-dashboard/v1.8.0/templates/_helpers.tpl 0 → 100644
{{/* vim: set filetype=mustache: */}}
{{/*
Expand the name of the chart.
*/}}
{{- define "kubernetes-dashboard.name" -}}
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{/*
Create a default fully qualified app name.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
If release name contains chart name it will be used as a full name.
*/}}
{{- define "kubernetes-dashboard.fullname" -}}
{{- if .Values.fullnameOverride -}}
{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
{{- else -}}
{{- $name := default .Chart.Name .Values.nameOverride -}}
{{- if contains $name .Release.Name -}}
{{- .Release.Name | trunc 63 | trimSuffix "-" -}}
{{- else -}}
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{- end -}}
{{- end -}}
{{/*
Create chart name and version as used by the chart label.
*/}}
{{- define "kubernetes-dashboard.chart" -}}
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{/*
Create the name of the service account to use
*/}}
{{- define "kubernetes-dashboard.serviceAccountName" -}}
{{- if .Values.serviceAccount.create -}}
{{ default (include "kubernetes-dashboard.fullname" .) .Values.serviceAccount.name }}
{{- else -}}
{{ default "default" .Values.serviceAccount.name }}
{{- end -}}
{{- end -}}
charts/kubernetes-dashboard/v1.8.0/templates/clusterrole-readonly.yaml 0 → 100644
{{- if and .Values.rbac.create .Values.rbac.clusterReadOnlyRole (not .Values.rbac.clusterAdminRole) }}
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRole
metadata:
labels:
app: {{ template "kubernetes-dashboard.name" . }}
chart: {{ template "kubernetes-dashboard.chart" . }}
heritage: {{ .Release.Service }}
release: {{ .Release.Name }}
name: "{{ template "kubernetes-dashboard.fullname" . }}-readonly"
namespace: {{ .Release.Namespace }}
rules:
# Allow Dashboard to get, update and delete Dashboard exclusive secrets.
- apiGroups:
- ""
resources:
- secrets
resourceNames:
- kubernetes-dashboard-key-holder
- {{ template "kubernetes-dashboard.fullname" . }}
verbs:
- get
- update
- delete
# Allow Dashboard to get and update 'kubernetes-dashboard-settings' config map.
- apiGroups:
- ""
resources:
- configmaps
resourceNames:
- kubernetes-dashboard-settings
verbs:
- get
- update
- apiGroups:
- ""
resources:
- configmaps
- endpoints
- persistentvolumeclaims
- pods
- replicationcontrollers
- replicationcontrollers/scale
- serviceaccounts
- services
- nodes
- persistentvolumeclaims
- persistentvolumes
verbs:
- get
- list
- watch
- apiGroups:
- ""
resources:
- bindings
- events
- limitranges
- namespaces/status
- pods/log
- pods/status
- replicationcontrollers/status
- resourcequotas
- resourcequotas/status
verbs:
- get
- list
- watch
- apiGroups:
- ""
resources:
- namespaces
verbs:
- get
- list
- watch
- apiGroups:
- apps
resources:
- daemonsets
- deployments
- deployments/scale
- replicasets
- replicasets/scale
- statefulsets
verbs:
- get
- list
- watch
- apiGroups:
- autoscaling
resources:
- horizontalpodautoscalers
verbs:
- get
- list
- watch
- apiGroups:
- batch
resources:
- cronjobs
- jobs
verbs:
- get
- list
- watch
- apiGroups:
- extensions
resources:
- daemonsets
- deployments
- deployments/scale
- ingresses
- networkpolicies
- replicasets
- replicasets/scale
- replicationcontrollers/scale
verbs:
- get
- list
- watch
- apiGroups:
- policy
resources:
- poddisruptionbudgets
verbs:
- get
- list
- watch
- apiGroups:
- networking.k8s.io
resources:
- networkpolicies
verbs:
- get
- list
- watch
- apiGroups:
- storage.k8s.io
resources:
- storageclasses
- volumeattachments
verbs:
- get
- list
- watch
- apiGroups:
- rbac.authorization.k8s.io
resources:
- clusterrolebindings
- clusterroles
- roles
- rolebindings
verbs:
- get
- list
- watch
{{- end -}}
charts/kubernetes-dashboard/v1.8.0/templates/deployment.yaml 0 → 100644
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ template "kubernetes-dashboard.fullname" . }}
{{- if .Values.annotations }}
annotations:
{{ toYaml .Values.annotations | indent 4 }}
{{- end }}
labels:
app: {{ template "kubernetes-dashboard.name" . }}
chart: {{ template "kubernetes-dashboard.chart" . }}
release: {{ .Release.Name }}
heritage: {{ .Release.Service }}
kubernetes.io/cluster-service: "true"
{{- if .Values.labels }}
{{ toYaml .Values.labels | indent 4 }}
{{- end }}
spec:
replicas: {{ .Values.replicaCount }}
strategy:
rollingUpdate:
maxSurge: 0
maxUnavailable: 1
type: RollingUpdate
selector:
matchLabels:
app: {{ template "kubernetes-dashboard.name" . }}
release: {{ .Release.Name }}
kubernetes.io/cluster-service: "true"
template:
metadata:
{{- if .Values.podAnnotations }}
annotations:
{{ toYaml .Values.podAnnotations | indent 8 }}
{{- end }}
labels:
app: {{ template "kubernetes-dashboard.name" . }}
release: {{ .Release.Name }}
kubernetes.io/cluster-service: "true"
spec:
{{- if .Values.securityContext }}
securityContext:
{{ toYaml .Values.securityContext | indent 8 }}
{{- end }}
serviceAccountName: {{ template "kubernetes-dashboard.serviceAccountName" . }}
containers:
- name: {{ .Chart.Name }}
image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
imagePullPolicy: {{ .Values.image.pullPolicy }}
args:
{{- if .Values.enableSkipLogin }}
- --enable-skip-login
{{- end }}
{{- if .Values.enableInsecureLogin }}
- --enable-insecure-login
{{- else }}
- --auto-generate-certificates
{{- end }}
{{- if .Values.extraArgs }}
{{ toYaml .Values.extraArgs | indent 10 }}
{{- end }}
{{- if .Values.extraEnv }}
env:
{{ toYaml .Values.extraEnv | indent 10 }}
{{- end }}
ports:
{{- if .Values.enableInsecureLogin }}
- name: http
containerPort: 9090
protocol: TCP
{{- else }}
- name: https
containerPort: 8443
protocol: TCP
{{- end }}
volumeMounts:
- name: kubernetes-dashboard-certs
mountPath: /certs
# Create on-disk volume to store exec logs
- mountPath: /tmp
name: tmp-volume
livenessProbe:
httpGet:
{{- if .Values.enableInsecureLogin }}
scheme: HTTP
path: /
port: 9090
{{- else }}
scheme: HTTPS
path: /
port: 8443
{{- end }}
initialDelaySeconds: {{ .Values.livenessProbe.initialDelaySeconds }}
timeoutSeconds: {{ .Values.livenessProbe.timeoutSeconds }}
resources:
{{ toYaml .Values.resources | indent 10 }}
{{- if .Values.image.pullSecrets }}
imagePullSecrets:
{{- range .Values.image.pullSecrets }}
- name: {{ . }}
{{- end }}
{{- end }}
{{- if .Values.nodeSelector }}
nodeSelector:
{{ toYaml .Values.nodeSelector | indent 8 }}
{{- end }}
volumes:
- name: kubernetes-dashboard-certs
secret:
secretName: {{ template "kubernetes-dashboard.fullname" . }}
- name: tmp-volume
emptyDir: {}
{{- if .Values.tolerations }}
tolerations:
{{ toYaml .Values.tolerations | indent 8 }}
{{- end }}
{{- if .Values.affinity }}
affinity:
{{ toYaml .Values.affinity | indent 8 }}
{{- end }}
charts/kubernetes-dashboard/v1.8.0/templates/ingress.yaml 0 → 100644
{{- if .Values.ingress.enabled -}}
{{- $serviceName := include "kubernetes-dashboard.fullname" . -}}
{{- $servicePort := .Values.service.externalPort -}}
{{- $paths := .Values.ingress.paths -}}
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: {{ template "kubernetes-dashboard.fullname" . }}
labels:
app: {{ template "kubernetes-dashboard.name" . }}
chart: {{ template "kubernetes-dashboard.chart" . }}
release: {{ .Release.Name }}
heritage: {{ .Release.Service }}
{{- range $key, $value := .Values.ingress.labels }}
{{ $key }}: {{ $value | quote }}
{{- end }}
{{- if .Values.ingress.annotations }}
annotations:
{{ toYaml .Values.ingress.annotations | indent 4 }}
{{- end }}
spec:
rules:
{{- if .Values.ingress.hosts }}
{{- range $host := .Values.ingress.hosts }}
- host: {{ $host }}
http:
paths:
{{- range $p := $paths }}
- path: {{ $p }}
backend:
serviceName: {{ $serviceName }}
servicePort: {{ $servicePort }}
{{- end -}}
{{- end -}}
{{- else }}
- http:
paths:
{{- range $p := $paths }}
- path: {{ $p }}
backend:
serviceName: {{ $serviceName }}
servicePort: {{ $servicePort }}
{{- end -}}
{{- end -}}
{{- if .Values.ingress.tls }}
tls:
{{ toYaml .Values.ingress.tls | indent 4 }}
{{- end -}}
{{- end -}}
charts/kubernetes-dashboard/v1.8.0/templates/networkpolicy.yaml 0 → 100644
{{- if .Values.networkPolicy -}}
apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
name: {{ template "kubernetes-dashboard.fullname" . }}
labels:
app: {{ template "kubernetes-dashboard.name" . }}
chart: {{ template "kubernetes-dashboard.chart" . }}
release: {{ .Release.Name }}
heritage: {{ .Release.Service }}
spec:
podSelector:
matchLabels:
app: {{ template "kubernetes-dashboard.name" . }}
release: {{ .Release.Name }}
ingress:
- ports:
- port: 9090
protocol: TCP
{{- end -}}
charts/kubernetes-dashboard/v1.8.0/templates/pdb.yaml 0 → 100644
{{- if .Values.podDisruptionBudget.enabled -}}
apiVersion: policy/v1beta1
kind: PodDisruptionBudget
metadata:
labels:
app: {{ template "kubernetes-dashboard.name" . }}
chart: {{ template "kubernetes-dashboard.chart" . }}
heritage: {{ .Release.Service }}
release: {{ .Release.Name }}
name: {{ template "kubernetes-dashboard.fullname" . }}
namespace: {{ .Release.Namespace }}
spec:
{{- if .Values.podDisruptionBudget.minAvailable }}
minAvailable: {{ .Values.podDisruptionBudget.minAvailable }}
{{- end }}
{{- if .Values.podDisruptionBudget.maxUnavailable }}
maxUnavailable: {{ .Values.podDisruptionBudget.maxUnavailable }}
{{- end }}
selector:
matchLabels:
app: {{ template "kubernetes-dashboard.name" . }}
{{- end -}}
\ No newline at end of file
charts/kubernetes-dashboard/v1.8.0/templates/role.yaml 0 → 100644
{{- if and .Values.rbac.create (not .Values.rbac.clusterAdminRole) }}
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: Role
metadata:
labels:
app: {{ template "kubernetes-dashboard.name" . }}
chart: {{ template "kubernetes-dashboard.chart" . }}
heritage: {{ .Release.Service }}
release: {{ .Release.Name }}
name: {{ template "kubernetes-dashboard.fullname" . }}
namespace: {{ .Release.Namespace }}
rules:
# Allow Dashboard to create 'kubernetes-dashboard-key-holder' secret.
- apiGroups:
- ""
resources:
- secrets
verbs:
- create
# Allow Dashboard to create 'kubernetes-dashboard-settings' config map.
- apiGroups:
- ""
resources:
- configmaps
verbs:
- create
# Allow Dashboard to get, update and delete Dashboard exclusive secrets.
- apiGroups:
- ""
resources:
- secrets
resourceNames:
- kubernetes-dashboard-key-holder
- {{ template "kubernetes-dashboard.fullname" . }}
verbs:
- get
- update
- delete
# Allow Dashboard to get and update 'kubernetes-dashboard-settings' config map.
- apiGroups:
- ""
resources:
- configmaps
resourceNames:
- kubernetes-dashboard-settings
verbs:
- get
- update
# Allow Dashboard to get metrics from heapster.
- apiGroups:
- ""
resources:
- services
resourceNames:
- heapster
verbs:
- proxy
- apiGroups:
- ""
resources:
- services/proxy
resourceNames:
- heapster
- "http:heapster:"
- "https:heapster:"
verbs:
- get
{{- end -}}
charts/kubernetes-dashboard/v1.8.0/templates/rolebinding.yaml 0 → 100644
{{- if .Values.rbac.create }}
{{- if or .Values.rbac.clusterAdminRole .Values.rbac.clusterReadOnlyRole }}
# Cluster role binding for clusterAdminRole == true or clusterReadOnlyRole=true
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRoleBinding
metadata:
labels:
app: {{ template "kubernetes-dashboard.name" . }}
chart: {{ template "kubernetes-dashboard.chart" . }}
heritage: {{ .Release.Service }}
release: {{ .Release.Name }}
name: {{ template "kubernetes-dashboard.fullname" . }}
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: {{ if .Values.rbac.clusterAdminRole -}}
cluster-admin
{{- else if .Values.rbac.clusterReadOnlyRole -}}
{{ template "kubernetes-dashboard.fullname" . }}-readonly
{{- end }}
subjects:
- kind: ServiceAccount
name: {{ template "kubernetes-dashboard.serviceAccountName" . }}
namespace: {{ .Release.Namespace }}
{{- else -}}
# Role binding for clusterAdminRole == false and clusterReadOnlyRole=false
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: RoleBinding
metadata:
labels:
app: {{ template "kubernetes-dashboard.name" . }}
chart: {{ template "kubernetes-dashboard.chart" . }}
heritage: {{ .Release.Service }}
release: {{ .Release.Name }}
name: {{ template "kubernetes-dashboard.fullname" . }}
namespace: {{ .Release.Namespace }}
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: {{ template "kubernetes-dashboard.fullname" . }}
subjects:
- kind: ServiceAccount
name: {{ template "kubernetes-dashboard.serviceAccountName" . }}
namespace: {{ .Release.Namespace }}
{{- end -}}
{{- end -}}
charts/kubernetes-dashboard/v1.8.0/templates/secret.yaml 0 → 100644
apiVersion: v1
kind: Secret
metadata:
labels:
app: {{ template "kubernetes-dashboard.name" . }}
chart: {{ template "kubernetes-dashboard.chart" . }}
heritage: {{ .Release.Service }}
release: {{ .Release.Name }}
name: {{ template "kubernetes-dashboard.fullname" . }}
namespace: {{ .Release.Namespace }}
type: Opaque
charts/kubernetes-dashboard/v1.8.0/templates/serviceaccount.yaml 0 → 100644
{{- if .Values.serviceAccount.create -}}
apiVersion: v1
kind: ServiceAccount
metadata:
labels:
app: {{ template "kubernetes-dashboard.name" . }}
chart: {{ template "kubernetes-dashboard.chart" . }}
heritage: {{ .Release.Service }}
release: {{ .Release.Name }}
name: {{ template "kubernetes-dashboard.serviceAccountName" . }}
namespace: {{ .Release.Namespace }}
{{- end -}}
charts/kubernetes-dashboard/v1.8.0/templates/svc.yaml 0 → 100644
apiVersion: v1
kind: Service
metadata:
name: {{ template "kubernetes-dashboard.fullname" . }}
labels:
app: {{ template "kubernetes-dashboard.name" . }}
chart: {{ template "kubernetes-dashboard.chart" . }}
release: {{ .Release.Name }}
heritage: {{ .Release.Service }}
kubernetes.io/cluster-service: "true"
{{- if .Values.service.labels }}
{{ toYaml .Values.service.labels | indent 4 }}
{{- end }}
{{- if .Values.service.annotations }}
annotations:
{{ toYaml .Values.service.annotations | indent 4 }}
{{- end }}
spec:
type: {{ .Values.service.type }}
ports:
- port: {{ .Values.service.externalPort }}
{{- if .Values.enableInsecureLogin }}
targetPort: 9090
name: "http"
{{- else }}
targetPort: 8443
name: "https"
{{- end }}
{{- if hasKey .Values.service "nodePort" }}
nodePort: {{ .Values.service.nodePort }}
{{- end }}
{{- if .Values.service.loadBalancerSourceRanges }}
loadBalancerSourceRanges:
{{ toYaml .Values.service.loadBalancerSourceRanges | indent 4 }}
{{- end }}
selector:
app: {{ template "kubernetes-dashboard.name" . }}
release: {{ .Release.Name }}
charts/kubernetes-dashboard/v1.8.0/values.yaml 0 → 100644
# Default values for kubernetes-dashboard
# This is a YAML-formatted file.
# Declare name/value pairs to be passed into your templates.
# name: value
image:
# repository: k8s.gcr.io/kubernetes-dashboard-amd64
repository: ranchercharts/kubernetes-dashboard-amd64
tag: v1.10.1
pullPolicy: IfNotPresent
pullSecrets: []
replicaCount: 1
## Here annotations can be added to the kubernetes dashboard deployment
annotations: {}
## Here labels can be added to the kubernetes dashboard deployment
##
labels: {}
# kubernetes.io/name: "Kubernetes Dashboard"
## Enable possibility to skip login
enableSkipLogin: false
## Serve application over HTTP without TLS
enableInsecureLogin: false
## Additional container arguments
##
# extraArgs:
# - --enable-skip-login
# - --enable-insecure-login
# - --system-banner="Welcome to Kubernetes"
## Additional container environment variables
##
extraEnv: []
# - name: SOME_VAR
# value: 'some value'
# Annotations to be added to kubernetes dashboard pods
podAnnotations: {}
## Node labels for pod assignment
## Ref: https://kubernetes.io/docs/user-guide/node-selection/
##
nodeSelector: {}
## List of node taints to tolerate (requires Kubernetes >= 1.6)
tolerations: []
# - key: "key"
# operator: "Equal|Exists"
# value: "value"
# effect: "NoSchedule|PreferNoSchedule|NoExecute"
## Affinity
## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity
affinity: {}
service:
type: ClusterIP
externalPort: 443
## This allows an override of the heapster service name
## Default: {{ .Chart.Name }}
##
# nameOverride:
# LoadBalancerSourcesRange is a list of allowed CIDR values, which are combined with ServicePort to
# set allowed inbound rules on the security group assigned to the master load balancer
# loadBalancerSourceRanges: []
## Kubernetes Dashboard Service annotations
##
## For GCE ingress, the following annotation is required:
## service.alpha.kubernetes.io/app-protocols: '{"https":"HTTPS"}' if enableInsecureLogin=false
## or
## service.alpha.kubernetes.io/app-protocols: '{"http":"HTTP"}' if enableInsecureLogin=true
annotations: {}
## Here labels can be added to the Kubernetes Dashboard service
##
labels: {}
# kubernetes.io/name: "Kubernetes Dashboard"
resources:
limits:
cpu: 100m
memory: 100Mi
requests:
cpu: 100m
memory: 100Mi
ingress:
## If true, Kubernetes Dashboard Ingress will be created.
##
enabled: false
## Kubernetes Dashboard Ingress annotations
##
## Add custom labels
# labels:
# key: value
# annotations:
# kubernetes.io/ingress.class: nginx
# kubernetes.io/tls-acme: 'true'
## If you plan to use TLS backend with enableInsecureLogin set to false
## (default), you need to uncomment the below.
## If you use ingress-nginx < 0.21.0
# nginx.ingress.kubernetes.io/secure-backends: "true"
## if you use ingress-nginx >= 0.21.0
# nginx.ingress.kubernetes.io/backend-protocol: "HTTPS"
## Kubernetes Dashboard Ingress paths
##
paths:
- /
# - /*
## Kubernetes Dashboard Ingress hostnames
## Must be provided if Ingress is enabled
##
# hosts:
# - kubernetes-dashboard.domain.com
## Kubernetes Dashboard Ingress TLS configuration
## Secrets must be manually created in the namespace
##
# tls:
# - secretName: kubernetes-dashboard-tls
# hosts:
# - kubernetes-dashboard.domain.com
rbac:
# Specifies whether RBAC resources should be created
create: true
# Specifies whether cluster-admin ClusterRole will be used for dashboard
# ServiceAccount (NOT RECOMMENDED).
clusterAdminRole: false
# Start in ReadOnly mode.
# Only dashboard-related Secrets and ConfigMaps will still be available for writing.
#
# Turn OFF clusterAdminRole to use clusterReadOnlyRole.
#
# The basic idea of the clusterReadOnlyRole comparing to the clusterAdminRole
# is not to hide all the secrets and sensitive data but more
# to avoid accidental changes in the cluster outside the standard CI/CD.
#
# Same as for clusterAdminRole, it is NOT RECOMMENDED to use this version in production.
# Instead you should review the role and remove all potentially sensitive parts such as
# access to persistentvolumes, pods/log etc.
clusterReadOnlyRole: false
serviceAccount:
# Specifies whether a service account should be created
create: true
# The name of the service account to use.
# If not set and create is true, a name is generated using the fullname template
name:
livenessProbe:
# Number of seconds to wait before sending first probe
initialDelaySeconds: 30
# Number of seconds to wait for probe response
timeoutSeconds: 30
podDisruptionBudget:
# https://kubernetes.io/docs/tasks/run-application/configure-pdb/
enabled: false
minAvailable:
maxUnavailable:
securityContext: {}
networkPolicy: false
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment