Skip to content

S
system-charts
Commit 4bd1f8a5 by Guangbo Chen Committed by Craig Jellick
Options

Update istio config and add rancher proxy

* add istio and certmanager CRDs * add rancher system default registry config * add rancher proxy to the Grafana, Prometheus, Kiali and Tracing * remove not used demo values.yaml files and serviceGraph(deprecated)
parent ce770377
Showing with 2309 additions and 1213 deletions
charts/rancher-istio/1.1.5-rancher1/.helmignore
......@@ -19,3 +19,4 @@
.project
.idea/
*.tmproj
tests/
charts/rancher-istio/1.1.5-rancher1/Chart.yaml
apiVersion: v1
name: istio
version: 1.1.0
appVersion: 1.1.0
name: rancher-istio
version: 1.1.5-rancher1
appVersion: 1.1.5
tillerVersion: ">=2.7.2-0"
description: Helm chart for all istio components
home: https://istio.io/
keywords:
- istio
- security
......@@ -15,3 +16,5 @@ sources:
- http://github.com/istio/istio
engine: gotpl
icon: https://istio.io/favicons/android-192x192.png
maintainers:
- name: istio
charts/rancher-istio/1.1.5-rancher1/app-readme.md 0 → 100644
# Istio
[Istio](https://istio.io/) is an open platform for providing a uniform way to integrate microservices, manage traffic flow across microservices, enforce policies and aggregate telemetry data.
## Introduction
This chart bootstraps all istio [components](https://istio.io/docs/concepts/what-is-istio/overview.html) deployment on a [Kubernetes](http://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager.
## Chart Details
This chart can install multiple istio components as subcharts:
- gateways
- sidecarInjectorWebhook
- galley
- mixer
- pilot
- security(citadel)
- tracing(jaeger)
- kiali
- grafana
- prometheus
To enable or disable each component, change the corresponding `enabled` flag.
Notes: You will need to apply `kubectl label namespace $your-namesapce istio-injection=enabled` to enabled automatic sidecar injection of your desired kubernetes namespaces.
charts/rancher-istio/1.1.5-rancher1/charts/certmanager/templates/deployment.yaml
......@@ -19,7 +19,7 @@ spec:
app: certmanager
chart: {{ template "certmanager.chart" . }}
heritage: {{ .Release.Service }}
release: {{ .Release.Name }}
release: {{ .Release.Name }}
{{- if .Values.podLabels }}
{{ toYaml .Values.podLabels | indent 8 }}
{{- end }}
......@@ -35,7 +35,11 @@ spec:
{{- end }}
containers:
- name: certmanager
image: "{{ .Values.hub }}/cert-manager-controller:{{ .Values.tag }}"
{{- if .Values.global.systemDefaultRegistry }}
image: "{{ template "system_default_registry" . }}{{ .Values.image.repository }}:{{ .Values.image.tag }}"
{{- else }}
image: {{ .Values.image.hub }}/{{ .Values.image.repository }}:{{ .Values.image.tag }}
{{- end }}
imagePullPolicy: {{ .Values.global.imagePullPolicy }}
args:
- --cluster-resource-namespace=$(POD_NAMESPACE)
......@@ -50,7 +54,6 @@ spec:
fieldPath: metadata.namespace
resources:
{{ toYaml .Values.resources | indent 10 }}
{{- if .Values.podDnsPolicy }}
dnsPolicy: {{ .Values.podDnsPolicy }}
{{- end }}
......@@ -60,4 +63,4 @@ spec:
{{- end }}
affinity:
{{- include "nodeaffinity" . | indent 6 }}
{{- include "podAntiAffinity" . | indent 6 }}
{{- include "podAntiAffinity" . | indent 6 }}
\ No newline at end of file
charts/rancher-istio/1.1.5-rancher1/charts/certmanager/values.yaml
......@@ -4,8 +4,10 @@
# gateway must be updated by adding 'secretVolumes'. After the gateway
# restart, DestinationRules can be created using the ACME-signed certificates.
enabled: false
hub: quay.io/jetstack
tag: v0.6.2
image:
hub: quay.io
repository: jetstack/cert-manager-controller
tag: v0.6.2
resources: {}
nodeSelector: {}
......
charts/rancher-istio/1.1.5-rancher1/charts/galley/templates/deployment.yaml
......@@ -32,7 +32,7 @@ spec:
{{- end }}
containers:
- name: galley
image: "{{ .Values.global.hub }}/{{ .Values.image }}:{{ .Values.global.tag }}"
image: "{{ template "system_default_registry" . }}{{ .Values.repository }}:{{ .Values.tag }}"
imagePullPolicy: {{ .Values.global.imagePullPolicy }}
ports:
- containerPort: 443
......