From 311739850e7bd8f8ca7e52ae7c6e21cd41d4fcbc Mon Sep 17 00:00:00 2001 From: ryandawsonuk Date: Thu, 13 Jun 2019 17:35:15 +0100 Subject: [PATCH 1/2] generate service account --- .../templates/_helpers.tpl | 43 +++ .../templates/clusterrole.yaml | 167 ++++++++++ .../templates/clusterrolebinding.yaml | 14 + .../templates/controller.yaml | 285 ------------------ .../templates/secret.yaml | 5 + .../templates/service.yaml | 14 + .../templates/serviceaccount.yaml | 11 + .../templates/statefulset.yaml | 87 ++++++ helm-charts/seldon-core-operator/values.yaml | 8 +- 9 files changed, 347 insertions(+), 287 deletions(-) create mode 100644 helm-charts/seldon-core-operator/templates/_helpers.tpl create mode 100644 helm-charts/seldon-core-operator/templates/clusterrole.yaml create mode 100644 helm-charts/seldon-core-operator/templates/clusterrolebinding.yaml delete mode 100644 helm-charts/seldon-core-operator/templates/controller.yaml create mode 100644 helm-charts/seldon-core-operator/templates/secret.yaml create mode 100644 helm-charts/seldon-core-operator/templates/service.yaml create mode 100644 helm-charts/seldon-core-operator/templates/serviceaccount.yaml create mode 100644 helm-charts/seldon-core-operator/templates/statefulset.yaml diff --git a/helm-charts/seldon-core-operator/templates/_helpers.tpl b/helm-charts/seldon-core-operator/templates/_helpers.tpl new file mode 100644 index 0000000000..fc76424294 --- /dev/null +++ b/helm-charts/seldon-core-operator/templates/_helpers.tpl @@ -0,0 +1,43 @@ +{{/* vim: set filetype=mustache: */}} +{{/* +Expand the name of the chart. +*/}} +{{- define "seldon.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "seldon.fullname" -}} +{{- if .Values.fullnameOverride -}} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- $name := default .Chart.Name .Values.nameOverride -}} +{{- if contains $name .Release.Name -}} +{{- .Release.Name | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} +{{- end -}} +{{- end -}} +{{- end -}} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "seldon.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Create the name of the service account to use +*/}} +{{- define "seldon.serviceAccountName" -}} +{{- if .Values.serviceAccount.create -}} + {{ default (include "seldon.fullname" .) .Values.serviceAccount.name }} +{{- else -}} + {{ default "default" .Values.serviceAccount.name }} +{{- end -}} +{{- end -}} \ No newline at end of file diff --git a/helm-charts/seldon-core-operator/templates/clusterrole.yaml b/helm-charts/seldon-core-operator/templates/clusterrole.yaml new file mode 100644 index 0000000000..dd8b375777 --- /dev/null +++ b/helm-charts/seldon-core-operator/templates/clusterrole.yaml @@ -0,0 +1,167 @@ +{{- if .Values.rbac.create }} +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + creationTimestamp: null + name: seldon-operator-manager-role +rules: + - apiGroups: + - apps + resources: + - deployments + verbs: + - get + - list + - watch + - create + - update + - patch + - delete + - apiGroups: + - apps + resources: + - deployments/status + verbs: + - get + - update + - patch + - apiGroups: + - v1 + resources: + - services + verbs: + - get + - list + - watch + - create + - update + - patch + - delete + - apiGroups: + - v1 + resources: + - services/status + verbs: + - get + - update + - patch + {{- if .Values.istio.enabled }} + - apiGroups: + - networking.istio.io + resources: + - virtualservices + verbs: + - get + - list + - watch + - create + - update + - patch + - delete + - apiGroups: + - networking.istio.io + resources: + - virtualservices/status + verbs: + - get + - update + - patch + - apiGroups: + - networking.istio.io + resources: + - destinationrules + verbs: + - get + - list + - watch + - create + - update + - patch + - delete + - apiGroups: + - networking.istio.io + resources: + - destinationrules/status + verbs: + - get + - update + - patch + {{- end }} + - apiGroups: + - autoscaling + resources: + - horizontalpodautoscalers + verbs: + - get + - list + - watch + - create + - update + - patch + - delete + - apiGroups: + - autoscaling + resources: + - horizontalpodautoscalers/status + verbs: + - get + - update + - patch + - apiGroups: + - machinelearning.seldon.io + resources: + - seldondeployments + verbs: + - get + - list + - watch + - create + - update + - patch + - delete + - apiGroups: + - machinelearning.seldon.io + resources: + - seldondeployments/status + verbs: + - get + - update + - patch + - apiGroups: + - admissionregistration.k8s.io + resources: + - mutatingwebhookconfigurations + - validatingwebhookconfigurations + verbs: + - get + - list + - watch + - create + - update + - patch + - delete + - apiGroups: + - "" + resources: + - secrets + verbs: + - get + - list + - watch + - create + - update + - patch + - delete + - apiGroups: + - "" + resources: + - services + verbs: + - get + - list + - watch + - create + - update + - patch + - delete +{{- end }} \ No newline at end of file diff --git a/helm-charts/seldon-core-operator/templates/clusterrolebinding.yaml b/helm-charts/seldon-core-operator/templates/clusterrolebinding.yaml new file mode 100644 index 0000000000..4b2e1a766b --- /dev/null +++ b/helm-charts/seldon-core-operator/templates/clusterrolebinding.yaml @@ -0,0 +1,14 @@ +{{- if .Values.rbac.create }} +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: seldon-operator-manager-rolebinding +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: seldon-operator-manager-role +subjects: + - kind: ServiceAccount + name: {{ include "seldon.serviceAccountName" . }} + namespace: {{ .Release.Namespace }} +{{- end }} \ No newline at end of file diff --git a/helm-charts/seldon-core-operator/templates/controller.yaml b/helm-charts/seldon-core-operator/templates/controller.yaml deleted file mode 100644 index 6a0b82be43..0000000000 --- a/helm-charts/seldon-core-operator/templates/controller.yaml +++ /dev/null @@ -1,285 +0,0 @@ -{{- if .Values.rbac.roleBinding }} -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - creationTimestamp: null - name: seldon-operator-manager-role -rules: -- apiGroups: - - apps - resources: - - deployments - verbs: - - get - - list - - watch - - create - - update - - patch - - delete -- apiGroups: - - apps - resources: - - deployments/status - verbs: - - get - - update - - patch -- apiGroups: - - v1 - resources: - - services - verbs: - - get - - list - - watch - - create - - update - - patch - - delete -- apiGroups: - - v1 - resources: - - services/status - verbs: - - get - - update - - patch -{{- if .Values.istio.enabled }} -- apiGroups: - - networking.istio.io - resources: - - virtualservices - verbs: - - get - - list - - watch - - create - - update - - patch - - delete -- apiGroups: - - networking.istio.io - resources: - - virtualservices/status - verbs: - - get - - update - - patch -- apiGroups: - - networking.istio.io - resources: - - destinationrules - verbs: - - get - - list - - watch - - create - - update - - patch - - delete -- apiGroups: - - networking.istio.io - resources: - - destinationrules/status - verbs: - - get - - update - - patch -{{- end }} -- apiGroups: - - autoscaling - resources: - - horizontalpodautoscalers - verbs: - - get - - list - - watch - - create - - update - - patch - - delete -- apiGroups: - - autoscaling - resources: - - horizontalpodautoscalers/status - verbs: - - get - - update - - patch -- apiGroups: - - machinelearning.seldon.io - resources: - - seldondeployments - verbs: - - get - - list - - watch - - create - - update - - patch - - delete -- apiGroups: - - machinelearning.seldon.io - resources: - - seldondeployments/status - verbs: - - get - - update - - patch -- apiGroups: - - admissionregistration.k8s.io - resources: - - mutatingwebhookconfigurations - - validatingwebhookconfigurations - verbs: - - get - - list - - watch - - create - - update - - patch - - delete -- apiGroups: - - "" - resources: - - secrets - verbs: - - get - - list - - watch - - create - - update - - patch - - delete -- apiGroups: - - "" - resources: - - services - verbs: - - get - - list - - watch - - create - - update - - patch - - delete ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: seldon-operator-manager-rolebinding -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: seldon-operator-manager-role -subjects: -- kind: ServiceAccount - name: {{ .Values.rbac.serviceAccount }} - namespace: {{ .Release.Namespace }} -{{- end }} ---- -apiVersion: v1 -kind: Secret -metadata: - name: seldon-operator-webhook-server-secret - namespace: {{ .Release.Namespace }} ---- -apiVersion: v1 -kind: Service -metadata: - labels: - control-plane: controller-manager - controller-tools.k8s.io: "1.0" - name: seldon-operator-controller-manager-service - namespace: {{ .Release.Namespace }} -spec: - ports: - - port: 443 - selector: - control-plane: controller-manager - controller-tools.k8s.io: "1.0" ---- -apiVersion: apps/v1 -kind: StatefulSet -metadata: - labels: - control-plane: controller-manager - controller-tools.k8s.io: "1.0" - name: seldon-operator-controller-manager - namespace: {{ .Release.Namespace }} -spec: - selector: - matchLabels: - control-plane: controller-manager - controller-tools.k8s.io: "1.0" - serviceName: seldon-operator-controller-manager-service - template: - metadata: - annotations: - prometheus.io/scrape: "true" - labels: - control-plane: controller-manager - controller-tools.k8s.io: "1.0" - spec: - serviceAccountName: {{ .Values.rbac.serviceAccount }} - containers: - - command: - - /manager - env: - - name: POD_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: SECRET_NAME - value: seldon-operator-webhook-server-secret - - name: AMBASSADOR_ENABLED - value: '{{ .Values.ambassador.enabled }}' - - name: AMBASSADOR_SINGLE_NAMESPACE - value: '{{ .Values.ambassador.singleNamespace }}' - - name: ENGINE_CONTAINER_IMAGE_AND_VERSION - value: {{ .Values.engine.image.registry }}/{{ .Values.engine.image.repository }}:{{ .Values.engine.image.tag }} - - name: ENGINE_CONTAINER_IMAGE_PULL_POLICY - value: {{ .Values.engine.image.pullPolicy }} - - name: ENGINE_CONTAINER_SERVICE_ACCOUNT_NAME - value: {{ .Values.engine.serviceAccount.name }} - {{- if .Values.engine.securityContext.enabled }} - - name: ENGINE_CONTAINER_USER - value: '{{ .Values.engine.user }}' - {{- end }} - - name: PREDICTIVE_UNIT_SERVICE_PORT - value: '{{ .Values.predictiveUnit.port }}' - - name: ENGINE_SERVER_GRPC_PORT - value: '{{ .Values.engine.grpc.port }}' - - name: ENGINE_SERVER_PORT - value: '{{ .Values.engine.port }}' - - name: ENGINE_PROMETHEUS_PATH - value: {{ .Values.engine.prometheus.path }} - - name: ISTIO_ENABLED - value: '{{ .Values.istio.enabled }}' - - name: ISTIO_GATEWAY - value: '{{ .Values.istio.gateway }}' - image: {{ .Values.image.registry }}/{{ .Values.image.repository }}:{{ .Values.image.tag }} - imagePullPolicy: {{ .Values.image.pullPolicy }} - name: manager - ports: - - containerPort: 8080 - name: metrics - protocol: TCP - - containerPort: 9876 - name: webhook-server - protocol: TCP - resources: - requests: - cpu: 100m - memory: 20Mi - volumeMounts: - - mountPath: /tmp/cert - name: cert - readOnly: true - terminationGracePeriodSeconds: 10 - volumes: - - name: cert - secret: - defaultMode: 420 - secretName: seldon-operator-webhook-server-secret diff --git a/helm-charts/seldon-core-operator/templates/secret.yaml b/helm-charts/seldon-core-operator/templates/secret.yaml new file mode 100644 index 0000000000..5516f43b30 --- /dev/null +++ b/helm-charts/seldon-core-operator/templates/secret.yaml @@ -0,0 +1,5 @@ +apiVersion: v1 +kind: Secret +metadata: + name: seldon-operator-webhook-server-secret + namespace: {{ .Release.Namespace }} \ No newline at end of file diff --git a/helm-charts/seldon-core-operator/templates/service.yaml b/helm-charts/seldon-core-operator/templates/service.yaml new file mode 100644 index 0000000000..83498bfa06 --- /dev/null +++ b/helm-charts/seldon-core-operator/templates/service.yaml @@ -0,0 +1,14 @@ +apiVersion: v1 +kind: Service +metadata: + labels: + control-plane: controller-manager + controller-tools.k8s.io: "1.0" + name: seldon-operator-controller-manager-service + namespace: {{ .Release.Namespace }} +spec: + ports: + - port: 443 + selector: + control-plane: controller-manager + controller-tools.k8s.io: "1.0" \ No newline at end of file diff --git a/helm-charts/seldon-core-operator/templates/serviceaccount.yaml b/helm-charts/seldon-core-operator/templates/serviceaccount.yaml new file mode 100644 index 0000000000..88d13d0674 --- /dev/null +++ b/helm-charts/seldon-core-operator/templates/serviceaccount.yaml @@ -0,0 +1,11 @@ +{{- if .Values.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "seldon.serviceAccountName" . }} + labels: + app.kubernetes.io/name: {{ include "seldon.name" . }} + helm.sh/chart: {{ include "seldon.chart" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end -}} \ No newline at end of file diff --git a/helm-charts/seldon-core-operator/templates/statefulset.yaml b/helm-charts/seldon-core-operator/templates/statefulset.yaml new file mode 100644 index 0000000000..78274bc22b --- /dev/null +++ b/helm-charts/seldon-core-operator/templates/statefulset.yaml @@ -0,0 +1,87 @@ +apiVersion: apps/v1 +kind: StatefulSet +metadata: + labels: + control-plane: controller-manager + controller-tools.k8s.io: "1.0" + name: seldon-operator-controller-manager + namespace: {{ .Release.Namespace }} +spec: + selector: + matchLabels: + control-plane: controller-manager + controller-tools.k8s.io: "1.0" + serviceName: seldon-operator-controller-manager-service + template: + metadata: + annotations: + prometheus.io/scrape: "true" + labels: + control-plane: controller-manager + controller-tools.k8s.io: "1.0" + spec: + serviceAccountName: {{ include "seldon.serviceAccountName" . }} + containers: + - command: + - /manager + env: + - name: POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: SECRET_NAME + value: seldon-operator-webhook-server-secret + - name: AMBASSADOR_ENABLED + value: '{{ .Values.ambassador.enabled }}' + - name: AMBASSADOR_SINGLE_NAMESPACE + value: '{{ .Values.ambassador.singleNamespace }}' + - name: ENGINE_CONTAINER_IMAGE_AND_VERSION + value: {{ .Values.engine.image.registry }}/{{ .Values.engine.image.repository }}:{{ .Values.engine.image.tag }} + - name: ENGINE_CONTAINER_IMAGE_PULL_POLICY + value: {{ .Values.engine.image.pullPolicy }} + - name: ENGINE_CONTAINER_SERVICE_ACCOUNT_NAME + {{- if .Values.engine.serviceAccount.name }} + value: {{ .Values.engine.serviceAccount.name }} + {{- else }} + value: {{ include "seldon.serviceAccountName" . }} + {{- end }} + {{- if .Values.engine.securityContext.enabled }} + - name: ENGINE_CONTAINER_USER + value: '{{ .Values.engine.user }}' + {{- end }} + - name: PREDICTIVE_UNIT_SERVICE_PORT + value: '{{ .Values.predictiveUnit.port }}' + - name: ENGINE_SERVER_GRPC_PORT + value: '{{ .Values.engine.grpc.port }}' + - name: ENGINE_SERVER_PORT + value: '{{ .Values.engine.port }}' + - name: ENGINE_PROMETHEUS_PATH + value: {{ .Values.engine.prometheus.path }} + - name: ISTIO_ENABLED + value: '{{ .Values.istio.enabled }}' + - name: ISTIO_GATEWAY + value: '{{ .Values.istio.gateway }}' + image: {{ .Values.image.registry }}/{{ .Values.image.repository }}:{{ .Values.image.tag }} + imagePullPolicy: {{ .Values.image.pullPolicy }} + name: manager + ports: + - containerPort: 8080 + name: metrics + protocol: TCP + - containerPort: 9876 + name: webhook-server + protocol: TCP + resources: + requests: + cpu: 100m + memory: 20Mi + volumeMounts: + - mountPath: /tmp/cert + name: cert + readOnly: true + terminationGracePeriodSeconds: 10 + volumes: + - name: cert + secret: + defaultMode: 420 + secretName: seldon-operator-webhook-server-secret \ No newline at end of file diff --git a/helm-charts/seldon-core-operator/values.yaml b/helm-charts/seldon-core-operator/values.yaml index ed26cc715d..f48ed0bb16 100644 --- a/helm-charts/seldon-core-operator/values.yaml +++ b/helm-charts/seldon-core-operator/values.yaml @@ -14,6 +14,7 @@ engine: path: prometheus securityContext: enabled: true + #by default use default service account serviceAccount: name: default user: 8888 @@ -28,8 +29,11 @@ istio: predictiveUnit: port: 9000 rbac: - roleBinding: true - serviceAccount: default + create: true +serviceAccount: + #by default create service account + create: true + name: usageMetrics: database: http://seldon-core-stats.seldon.io enabled: false From 4f85eadbfffad52843a36272a26593b39cc75b41 Mon Sep 17 00:00:00 2001 From: ryandawsonuk Date: Thu, 13 Jun 2019 17:58:35 +0100 Subject: [PATCH 2/2] add labels --- .../templates/clusterrole.yaml | 5 +++++ .../templates/clusterrolebinding.yaml | 5 +++++ .../seldon-core-operator/templates/service.yaml | 4 ++++ .../templates/spartakus-config-map.yaml | 5 +++++ .../templates/spartakus-rbac.yaml | 15 +++++++++++++++ .../templates/statefulset.yaml | 8 ++++++++ 6 files changed, 42 insertions(+) diff --git a/helm-charts/seldon-core-operator/templates/clusterrole.yaml b/helm-charts/seldon-core-operator/templates/clusterrole.yaml index dd8b375777..63a69f227c 100644 --- a/helm-charts/seldon-core-operator/templates/clusterrole.yaml +++ b/helm-charts/seldon-core-operator/templates/clusterrole.yaml @@ -4,6 +4,11 @@ kind: ClusterRole metadata: creationTimestamp: null name: seldon-operator-manager-role + labels: + app.kubernetes.io/name: {{ include "seldon.name" . }} + helm.sh/chart: {{ include "seldon.chart" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: {{ .Release.Service }} rules: - apiGroups: - apps diff --git a/helm-charts/seldon-core-operator/templates/clusterrolebinding.yaml b/helm-charts/seldon-core-operator/templates/clusterrolebinding.yaml index 4b2e1a766b..f54ab34127 100644 --- a/helm-charts/seldon-core-operator/templates/clusterrolebinding.yaml +++ b/helm-charts/seldon-core-operator/templates/clusterrolebinding.yaml @@ -3,6 +3,11 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: name: seldon-operator-manager-rolebinding + labels: + app.kubernetes.io/name: {{ include "seldon.name" . }} + helm.sh/chart: {{ include "seldon.chart" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: {{ .Release.Service }} roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole diff --git a/helm-charts/seldon-core-operator/templates/service.yaml b/helm-charts/seldon-core-operator/templates/service.yaml index 83498bfa06..f4d3b2d11f 100644 --- a/helm-charts/seldon-core-operator/templates/service.yaml +++ b/helm-charts/seldon-core-operator/templates/service.yaml @@ -4,6 +4,10 @@ metadata: labels: control-plane: controller-manager controller-tools.k8s.io: "1.0" + app.kubernetes.io/name: {{ include "seldon.name" . }} + helm.sh/chart: {{ include "seldon.chart" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: {{ .Release.Service }} name: seldon-operator-controller-manager-service namespace: {{ .Release.Namespace }} spec: diff --git a/helm-charts/seldon-core-operator/templates/spartakus-config-map.yaml b/helm-charts/seldon-core-operator/templates/spartakus-config-map.yaml index 7eb09db7c6..b678219fe0 100644 --- a/helm-charts/seldon-core-operator/templates/spartakus-config-map.yaml +++ b/helm-charts/seldon-core-operator/templates/spartakus-config-map.yaml @@ -4,6 +4,11 @@ kind: ConfigMap metadata: name: seldon-spartakus-config namespace: kube-system + labels: + app.kubernetes.io/name: {{ include "seldon.name" . }} + helm.sh/chart: {{ include "seldon.chart" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: {{ .Release.Service }} data: spartakus.volunteer.clusterid: {{ default uuidv4 .Values.usageMetrics.clusterid }} spartakus.volunteer.database: {{ .Values.usageMetrics.database }} diff --git a/helm-charts/seldon-core-operator/templates/spartakus-rbac.yaml b/helm-charts/seldon-core-operator/templates/spartakus-rbac.yaml index 048fb44fdf..fdfca54bfc 100644 --- a/helm-charts/seldon-core-operator/templates/spartakus-rbac.yaml +++ b/helm-charts/seldon-core-operator/templates/spartakus-rbac.yaml @@ -4,11 +4,21 @@ kind: ServiceAccount metadata: name: seldon-spartakus-volunteer namespace: kube-system + labels: + app.kubernetes.io/name: {{ include "seldon.name" . }} + helm.sh/chart: {{ include "seldon.chart" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: {{ .Release.Service }} --- apiVersion: rbac.authorization.k8s.io/v1beta1 kind: ClusterRole metadata: name: seldon-spartakus-volunteer + labels: + app.kubernetes.io/name: {{ include "seldon.name" . }} + helm.sh/chart: {{ include "seldon.chart" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: {{ .Release.Service }} rules: - apiGroups: - '' @@ -21,6 +31,11 @@ apiVersion: rbac.authorization.k8s.io/v1beta1 kind: ClusterRoleBinding metadata: name: seldon-spartakus-volunteer + labels: + app.kubernetes.io/name: {{ include "seldon.name" . }} + helm.sh/chart: {{ include "seldon.chart" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: {{ .Release.Service }} roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole diff --git a/helm-charts/seldon-core-operator/templates/statefulset.yaml b/helm-charts/seldon-core-operator/templates/statefulset.yaml index 78274bc22b..42a729005b 100644 --- a/helm-charts/seldon-core-operator/templates/statefulset.yaml +++ b/helm-charts/seldon-core-operator/templates/statefulset.yaml @@ -4,6 +4,10 @@ metadata: labels: control-plane: controller-manager controller-tools.k8s.io: "1.0" + app.kubernetes.io/name: {{ include "seldon.name" . }} + helm.sh/chart: {{ include "seldon.chart" . }} + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: {{ .Release.Service }} name: seldon-operator-controller-manager namespace: {{ .Release.Namespace }} spec: @@ -11,6 +15,8 @@ spec: matchLabels: control-plane: controller-manager controller-tools.k8s.io: "1.0" + app.kubernetes.io/name: {{ include "seldon.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} serviceName: seldon-operator-controller-manager-service template: metadata: @@ -19,6 +25,8 @@ spec: labels: control-plane: controller-manager controller-tools.k8s.io: "1.0" + app.kubernetes.io/name: {{ include "seldon.name" . }} + app.kubernetes.io/instance: {{ .Release.Name }} spec: serviceAccountName: {{ include "seldon.serviceAccountName" . }} containers: