diff --git a/router-v2.9.0/Chart.yaml b/router-v2.9.0/Chart.yaml new file mode 100644 index 0000000..d511a07 --- /dev/null +++ b/router-v2.9.0/Chart.yaml @@ -0,0 +1,15 @@ +name: router-v2.9.0 +home: https://github.com/deis/router +version: v2.9.0 +description: Deis Router +maintainers: +- Deis Team +details: |- + The Deis Router is a simple program that manages Nginx and Nginx configuration for managing + ingress to web applications in a Kubernetes cluster without requiring each to have their own + external (to the cluster) load balancer. Router(s) will require a single external load balancer, + handle all ingress, and direct all incoming traffic to appropriate services within the cluster. + + Router works by regularly querying the Kubernetes API for services labeled with + `router.deis.io/routable: "true"`. Such services are compared to known services resident in + memory. If there are differences, new Nginx configuration is generated and Nginx is reloaded. diff --git a/router-v2.9.0/README.md b/router-v2.9.0/README.md new file mode 100644 index 0000000..8e1deab --- /dev/null +++ b/router-v2.9.0/README.md @@ -0,0 +1,3 @@ +# Deis Router v2.9.0 + +Please report any issues to https://github.com/deis/router diff --git a/router-v2.9.0/manifests/deis-namespace.yaml b/router-v2.9.0/manifests/deis-namespace.yaml new file mode 100644 index 0000000..c641e3c --- /dev/null +++ b/router-v2.9.0/manifests/deis-namespace.yaml @@ -0,0 +1,8 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: deis + labels: + heritage: deis + annotations: + helm-keep: "true" diff --git a/router-v2.9.0/manifests/deis-router-dhparam-secret.yaml b/router-v2.9.0/manifests/deis-router-dhparam-secret.yaml new file mode 100644 index 0000000..24c67aa --- /dev/null +++ b/router-v2.9.0/manifests/deis-router-dhparam-secret.yaml @@ -0,0 +1,10 @@ +apiVersion: v1 +kind: Secret +metadata: + name: deis-router-dhparam + namespace: deis + labels: + heritage: deis +type: Opaque +data: + dhparam: LS0tLS1CRUdJTiBESCBQQVJBTUVURVJTLS0tLS0KTUlJQkNBS0NBUUVBNGJPMlpCOTRYVVh3YjlSL0QxM0xFZ2d6V1U2Y0hZSXJzakdseVhUSkZHZmdsaFl5TUtnUQpKRXFsTjd5RWs0UUNVV25iTEtDU2F4anZCTVNqbWlTR3VvajNWRDlYRTVDaGx2SzlGQVp6alFGMFZ2VzdkNDJmCnNkNmlmcUYwSUV0R2lxWDRpTzhtWmhYZVJrc3BYekZXYkhyTklaanBCdmc5VDhmczY0ZCtDU2l2SXBqWWRVQ1UKQWRhNTViRDdLeWJkTWdJMFZza21jL3RpclN5SkIwZDVmUnYraG1vMW9pOG92Rm9vUFp2cS9HWGxPOHlRRzRZTgppWXdWYmU5c29wQ3lYNzEzaUtlM0pBQ29JWnUxZXgrRjVhbU53U3E3Rk9xb2JqK3Z2cURRM0Q2WEJaanczT3NuClFRWmVhTWYyMDVwOERWbFpWLzRqQUtQeEpUQkxyejh6c3dJQkFnPT0KLS0tLS1FTkQgREggUEFSQU1FVEVSUy0tLS0tCg== diff --git a/router-v2.9.0/manifests/deis-router-service-account.yaml b/router-v2.9.0/manifests/deis-router-service-account.yaml new file mode 100644 index 0000000..4dae2a0 --- /dev/null +++ b/router-v2.9.0/manifests/deis-router-service-account.yaml @@ -0,0 +1,7 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + name: deis-router + namespace: deis + labels: + heritage: deis diff --git a/router-v2.9.0/manifests/deis-router-service.yaml b/router-v2.9.0/manifests/deis-router-service.yaml new file mode 100644 index 0000000..798af87 --- /dev/null +++ b/router-v2.9.0/manifests/deis-router-service.yaml @@ -0,0 +1,26 @@ +apiVersion: v1 +kind: Service +metadata: + name: deis-router + namespace: deis + labels: + heritage: deis + annotations: + helm-keep: "true" +spec: + type: LoadBalancer + selector: + app: deis-router + ports: + - name: http + port: 80 + targetPort: 8080 + - name: https + port: 443 + targetPort: 6443 + - name: builder + port: 2222 + targetPort: 2222 + - name: healthz + port: 9090 + targetPort: 9090 diff --git a/router-v2.9.0/tpl/deis-router-deployment.yaml b/router-v2.9.0/tpl/deis-router-deployment.yaml new file mode 100644 index 0000000..a05fa6a --- /dev/null +++ b/router-v2.9.0/tpl/deis-router-deployment.yaml @@ -0,0 +1,59 @@ +#helm:generate helm tpl -d $HELM_GENERATE_DIR/tpl/generate_params.toml -o $HELM_GENERATE_DIR/manifests/deis-router-deployment.yaml $HELM_GENERATE_DIR/tpl/deis-router-deployment.yaml +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: deis-router + namespace: deis + labels: + heritage: deis + annotations: + helm-keep: "true" +{{- if ne .router.platformDomain "" }} + router.deis.io/nginx.platformDomain: {{ .router.platformDomain }} +{{- end }} +spec: + replicas: 1 + strategy: + rollingUpdate: + maxSurge: 1 + maxUnavailable: 0 + type: RollingUpdate + selector: + matchLabels: + app: deis-router + template: + metadata: + labels: + app: deis-router + spec: + serviceAccount: deis-router + containers: + - name: deis-router + image: quay.io/{{.router.org}}/router:{{env "ROUTER_GIT_TAG" | default .router.dockerTag}} + imagePullPolicy: {{.router.pullPolicy}} + env: + - name: POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + ports: + - containerPort: 8080 + hostPort: 80 + - containerPort: 6443 + hostPort: 443 + - containerPort: 2222 + hostPort: 2222 + - containerPort: 9090 + hostPort: 9090 + livenessProbe: + httpGet: + path: /healthz + port: 9090 + initialDelaySeconds: 10 + timeoutSeconds: 1 + readinessProbe: + httpGet: + path: /healthz + port: 9090 + initialDelaySeconds: 1 + timeoutSeconds: 1 diff --git a/router-v2.9.0/tpl/deis-router-rc.yaml b/router-v2.9.0/tpl/deis-router-rc.yaml new file mode 100644 index 0000000..ce9adf3 --- /dev/null +++ b/router-v2.9.0/tpl/deis-router-rc.yaml @@ -0,0 +1,52 @@ +#helm:generate helm tpl -d $HELM_GENERATE_DIR/tpl/generate_params.toml -o $HELM_GENERATE_DIR/manifests/deis-router-rc.yaml $HELM_GENERATE_DIR/tpl/deis-router-rc.yaml +apiVersion: v1 +kind: ReplicationController +metadata: + name: deis-router + namespace: deis + labels: + heritage: deis +{{- if ne .router.platformDomain "" }} + annotations: + router.deis.io/nginx.platformDomain: {{ .router.platformDomain }} +{{- end }} +spec: + replicas: 0 + selector: + app: deis-router-deprecated + template: + metadata: + labels: + app: deis-router-deprecated + spec: + serviceAccount: deis-router + containers: + - name: deis-router + image: quay.io/{{.router.org}}/router:{{env "ROUTER_GIT_TAG" | default .router.dockerTag}} + imagePullPolicy: {{.router.pullPolicy}} + env: + - name: POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + ports: + - containerPort: 8080 + hostPort: 80 + - containerPort: 6443 + hostPort: 443 + - containerPort: 2222 + hostPort: 2222 + - containerPort: 9090 + hostPort: 9090 + livenessProbe: + httpGet: + path: /healthz + port: 9090 + initialDelaySeconds: 1 + timeoutSeconds: 1 + readinessProbe: + httpGet: + path: /healthz + port: 9090 + initialDelaySeconds: 1 + timeoutSeconds: 1 diff --git a/router-v2.9.0/tpl/generate_params.toml b/router-v2.9.0/tpl/generate_params.toml new file mode 100644 index 0000000..85d815f --- /dev/null +++ b/router-v2.9.0/tpl/generate_params.toml @@ -0,0 +1,5 @@ +[router] +org = "deis" +dockerTag = "v2.7.0" +pullPolicy = "IfNotPresent" +platformDomain = "" diff --git a/workflow-v2.9.0-e2e/Chart.yaml b/workflow-v2.9.0-e2e/Chart.yaml new file mode 100644 index 0000000..e41f098 --- /dev/null +++ b/workflow-v2.9.0-e2e/Chart.yaml @@ -0,0 +1,13 @@ +name: workflow-v2.9.0-e2e +home: https://github.com/deis/workflow-e2e +version: v2.9.0 +description: |- + End-to-end tests for Deis Workflow, executed in parallel +maintainers: +- Deis Team +details: |- + End-to-end tests for the Deis Workflow open source PaaS, executed in parallel. + + Deis (pronounced DAY-iss) Workflow is an open source PaaS that makes it easy to deploy + and manage applications on your own servers. Workflow builds on Kubernetes to provide a + lightweight, Heroku-inspired workflow. diff --git a/workflow-v2.9.0-e2e/README.md b/workflow-v2.9.0-e2e/README.md new file mode 100644 index 0000000..bea3261 --- /dev/null +++ b/workflow-v2.9.0-e2e/README.md @@ -0,0 +1,12 @@ +# Workflow v2.9.0 e2e Tests (parallel) + +End-to-end tests for the Deis Workflow open source PaaS, executed in parallel. + +NOTE: This assumes a fresh `helmc install` of Deis v2. The test suite creates +an initial user with admin privileges (who is deleted when tests complete). +See https://github.com/deis/workflow-e2e for more detail. + +```console +$ helmc uninstall -n deis -y workflow-v2.9.0-e2e ; helmc install workflow-v2.9.0-e2e +$ kubectl --namespace=deis logs -f workflow-v2.9.0-e2e tests +``` diff --git a/workflow-v2.9.0-e2e/manifests/.gitkeep b/workflow-v2.9.0-e2e/manifests/.gitkeep new file mode 100644 index 0000000..e69de29 diff --git a/workflow-v2.9.0-e2e/manifests/spotify-gc-daemon.yaml b/workflow-v2.9.0-e2e/manifests/spotify-gc-daemon.yaml new file mode 100644 index 0000000..57bc562 --- /dev/null +++ b/workflow-v2.9.0-e2e/manifests/spotify-gc-daemon.yaml @@ -0,0 +1,30 @@ +apiVersion: extensions/v1beta1 +kind: DaemonSet +metadata: + name: deis-spotify-gc + namespace: deis + labels: + heritage: deis +spec: + selector: + matchLabels: + app: deis-spotify-gc + heritage: deis + template: + metadata: + name: deis-spotify-gc + labels: + heritage: deis + app: deis-spotify-gc + spec: + containers: + - name: deis-spotify-gc + image: spotify/docker-gc:latest + imagePullPolicy: Always + volumeMounts: + - mountPath: /var/run/docker.sock + name: docker-socket + volumes: + - name: docker-socket + hostPath: + path: /var/run/docker.sock diff --git a/workflow-v2.9.0-e2e/tpl/generate_params.toml b/workflow-v2.9.0-e2e/tpl/generate_params.toml new file mode 100644 index 0000000..edf7802 --- /dev/null +++ b/workflow-v2.9.0-e2e/tpl/generate_params.toml @@ -0,0 +1,5 @@ +[e2e] +org = "deis" +dockerTag = "v2.7.1" +pullPolicy = "IfNotPresent" +podName = "workflow-v2.9.0-e2e" diff --git a/workflow-v2.9.0-e2e/tpl/workflow-e2e-pod.yaml b/workflow-v2.9.0-e2e/tpl/workflow-e2e-pod.yaml new file mode 100644 index 0000000..d844244 --- /dev/null +++ b/workflow-v2.9.0-e2e/tpl/workflow-e2e-pod.yaml @@ -0,0 +1,41 @@ +#helm:generate helm template -o $HELM_GENERATE_DIR/manifests/workflow-e2e-pod.yaml -d $HELM_GENERATE_DIR/tpl/generate_params.toml $HELM_GENERATE_DIR/tpl/workflow-e2e-pod.yaml +apiVersion: v1 +kind: Pod +metadata: + name: {{.e2e.podName}} + namespace: deis + labels: + heritage: deis +spec: + restartPolicy: Never + containers: + - name: tests + image: quay.io/{{.e2e.org}}/workflow-e2e:{{env "WORKFLOW_E2E_GIT_TAG" | default .e2e.dockerTag}} + imagePullPolicy: {{.e2e.pullPolicy}} + env: + - name: GINKGO_NODES + value: "{{env "GINKGO_NODES" | default 15}}" + - name: JUNIT + value: "true" + - name: CLI_VERSION + value: "{{env "CLI_VERSION" | default "latest"}}" + # set TEST env variable to run appropriate tests in e2e suite + - name: TEST + value: "{{env "TEST" | default "e2e"}}" +{{ if env "DEBUG_MODE" }} + - name: DEBUG_MODE + value: "true" +{{ end }} + volumeMounts: + - name: artifact-volume + mountPath: /root + - name: artifacts + image: busybox + imagePullPolicy: Always + command: ["tail", "-f", "/dev/null"] + volumeMounts: + - name: artifact-volume + mountPath: /root + volumes: + - name: artifact-volume + emptyDir: {} diff --git a/workflow-v2.9.0/Chart.yaml b/workflow-v2.9.0/Chart.yaml new file mode 100644 index 0000000..6a2c2ee --- /dev/null +++ b/workflow-v2.9.0/Chart.yaml @@ -0,0 +1,9 @@ +name: workflow-v2.9.0 +home: https://github.com/deis/workflow +version: v2.9.0 +description: Deis Workflow +maintainers: +- Deis Team +details: |- + Workflow is an open source PaaS that makes it easy to deploy and manage applications on your own + servers. Workflow builds on Kubernetes to provide a lightweight, Heroku-inspired workflow. diff --git a/workflow-v2.9.0/README.md b/workflow-v2.9.0/README.md new file mode 100644 index 0000000..652a3f1 --- /dev/null +++ b/workflow-v2.9.0/README.md @@ -0,0 +1,16 @@ +# Workflow v2.9.0 + +Please report any issues you find in testing Workflow to the appropriate GitHub repository: +- builder: https://github.com/deis/builder +- chart: https://github.com/deis/charts +- controller: https://github.com/deis/controller +- database: https://github.com/deis/postgres +- fluentd: https://github.com/deis/fluentd +- helm classic: https://github.com/helm/helm-classic +- logger: https://github.com/deis/logger +- minio: https://github.com/deis/minio +- monitor: https://github.com/deis/monitor +- nsq: https://github.com/deis/nsq +- registry: https://github.com/deis/registry +- router: https://github.com/deis/router +- workflow manager: https://github.com/deis/workflow-manager diff --git a/workflow-v2.9.0/manifests/deis-builder-service-account.yaml b/workflow-v2.9.0/manifests/deis-builder-service-account.yaml new file mode 100644 index 0000000..5f963be --- /dev/null +++ b/workflow-v2.9.0/manifests/deis-builder-service-account.yaml @@ -0,0 +1,7 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + name: deis-builder + namespace: deis + labels: + heritage: deis diff --git a/workflow-v2.9.0/manifests/deis-builder-service.yaml b/workflow-v2.9.0/manifests/deis-builder-service.yaml new file mode 100644 index 0000000..5e5fe4b --- /dev/null +++ b/workflow-v2.9.0/manifests/deis-builder-service.yaml @@ -0,0 +1,16 @@ +apiVersion: v1 +kind: Service +metadata: + name: deis-builder + namespace: deis + labels: + heritage: deis + annotations: + helm-keep: "true" +spec: + ports: + - name: ssh + port: 2222 + targetPort: 2223 + selector: + app: deis-builder diff --git a/workflow-v2.9.0/manifests/deis-controller-service-account.yaml b/workflow-v2.9.0/manifests/deis-controller-service-account.yaml new file mode 100644 index 0000000..9458ec7 --- /dev/null +++ b/workflow-v2.9.0/manifests/deis-controller-service-account.yaml @@ -0,0 +1,7 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + name: deis-controller + namespace: deis + labels: + heritage: deis diff --git a/workflow-v2.9.0/manifests/deis-controller-service.yaml b/workflow-v2.9.0/manifests/deis-controller-service.yaml new file mode 100644 index 0000000..0bdf000 --- /dev/null +++ b/workflow-v2.9.0/manifests/deis-controller-service.yaml @@ -0,0 +1,20 @@ +apiVersion: v1 +kind: Service +metadata: + name: deis-controller + namespace: deis + labels: + heritage: deis + router.deis.io/routable: "true" + annotations: + router.deis.io/domains: deis + router.deis.io/connectTimeout: "10" + router.deis.io/tcpTimeout: "1200" + helm-keep: "true" +spec: + ports: + - name: http + port: 80 + targetPort: 8000 + selector: + app: deis-controller diff --git a/workflow-v2.9.0/manifests/deis-logger-fluentd-service-account.yaml b/workflow-v2.9.0/manifests/deis-logger-fluentd-service-account.yaml new file mode 100644 index 0000000..bc7ec8f --- /dev/null +++ b/workflow-v2.9.0/manifests/deis-logger-fluentd-service-account.yaml @@ -0,0 +1,7 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + name: deis-logger-fluentd + namespace: deis + labels: + heritage: deis diff --git a/workflow-v2.9.0/manifests/deis-logger-service-account.yaml b/workflow-v2.9.0/manifests/deis-logger-service-account.yaml new file mode 100644 index 0000000..7aa891c --- /dev/null +++ b/workflow-v2.9.0/manifests/deis-logger-service-account.yaml @@ -0,0 +1,7 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + name: deis-logger + namespace: deis + labels: + heritage: deis diff --git a/workflow-v2.9.0/manifests/deis-logger-svc.yaml b/workflow-v2.9.0/manifests/deis-logger-svc.yaml new file mode 100644 index 0000000..1911745 --- /dev/null +++ b/workflow-v2.9.0/manifests/deis-logger-svc.yaml @@ -0,0 +1,17 @@ +apiVersion: v1 +kind: Service +metadata: + name: deis-logger + namespace: deis + labels: + heritage: deis + app: deis-logger + annotations: + helm-keep: "true" +spec: + ports: + - port: 80 + name: http + targetPort: http + selector: + app: deis-logger diff --git a/workflow-v2.9.0/manifests/deis-monitor-telegraf-service-account.yaml b/workflow-v2.9.0/manifests/deis-monitor-telegraf-service-account.yaml new file mode 100644 index 0000000..23dfd8b --- /dev/null +++ b/workflow-v2.9.0/manifests/deis-monitor-telegraf-service-account.yaml @@ -0,0 +1,7 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + name: deis-monitor-telegraf + namespace: deis + labels: + heritage: deis diff --git a/workflow-v2.9.0/manifests/deis-namespace.yaml b/workflow-v2.9.0/manifests/deis-namespace.yaml new file mode 100644 index 0000000..c641e3c --- /dev/null +++ b/workflow-v2.9.0/manifests/deis-namespace.yaml @@ -0,0 +1,8 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: deis + labels: + heritage: deis + annotations: + helm-keep: "true" diff --git a/workflow-v2.9.0/manifests/deis-nsqd-service-account.yaml b/workflow-v2.9.0/manifests/deis-nsqd-service-account.yaml new file mode 100644 index 0000000..daebb33 --- /dev/null +++ b/workflow-v2.9.0/manifests/deis-nsqd-service-account.yaml @@ -0,0 +1,7 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + name: deis-nsqd + namespace: deis + labels: + heritage: deis diff --git a/workflow-v2.9.0/manifests/deis-nsqd-svc.yaml b/workflow-v2.9.0/manifests/deis-nsqd-svc.yaml new file mode 100644 index 0000000..5f12a39 --- /dev/null +++ b/workflow-v2.9.0/manifests/deis-nsqd-svc.yaml @@ -0,0 +1,20 @@ +apiVersion: v1 +kind: Service +metadata: + name: deis-nsqd + namespace: deis + labels: + heritage: deis + app: deis-nsqd + annotations: + helm-keep: "true" +spec: + ports: + - port: 4151 + name: http + targetPort: http + - port: 4150 + name: transport + targetPort: transport + selector: + app: deis-nsqd diff --git a/workflow-v2.9.0/manifests/deis-router-dhparam-secret.yaml b/workflow-v2.9.0/manifests/deis-router-dhparam-secret.yaml new file mode 100644 index 0000000..24c67aa --- /dev/null +++ b/workflow-v2.9.0/manifests/deis-router-dhparam-secret.yaml @@ -0,0 +1,10 @@ +apiVersion: v1 +kind: Secret +metadata: + name: deis-router-dhparam + namespace: deis + labels: + heritage: deis +type: Opaque +data: + dhparam: LS0tLS1CRUdJTiBESCBQQVJBTUVURVJTLS0tLS0KTUlJQkNBS0NBUUVBNGJPMlpCOTRYVVh3YjlSL0QxM0xFZ2d6V1U2Y0hZSXJzakdseVhUSkZHZmdsaFl5TUtnUQpKRXFsTjd5RWs0UUNVV25iTEtDU2F4anZCTVNqbWlTR3VvajNWRDlYRTVDaGx2SzlGQVp6alFGMFZ2VzdkNDJmCnNkNmlmcUYwSUV0R2lxWDRpTzhtWmhYZVJrc3BYekZXYkhyTklaanBCdmc5VDhmczY0ZCtDU2l2SXBqWWRVQ1UKQWRhNTViRDdLeWJkTWdJMFZza21jL3RpclN5SkIwZDVmUnYraG1vMW9pOG92Rm9vUFp2cS9HWGxPOHlRRzRZTgppWXdWYmU5c29wQ3lYNzEzaUtlM0pBQ29JWnUxZXgrRjVhbU53U3E3Rk9xb2JqK3Z2cURRM0Q2WEJaanczT3NuClFRWmVhTWYyMDVwOERWbFpWLzRqQUtQeEpUQkxyejh6c3dJQkFnPT0KLS0tLS1FTkQgREggUEFSQU1FVEVSUy0tLS0tCg== diff --git a/workflow-v2.9.0/manifests/deis-router-service-account.yaml b/workflow-v2.9.0/manifests/deis-router-service-account.yaml new file mode 100644 index 0000000..4dae2a0 --- /dev/null +++ b/workflow-v2.9.0/manifests/deis-router-service-account.yaml @@ -0,0 +1,7 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + name: deis-router + namespace: deis + labels: + heritage: deis diff --git a/workflow-v2.9.0/manifests/deis-router-service.yaml b/workflow-v2.9.0/manifests/deis-router-service.yaml new file mode 100644 index 0000000..798af87 --- /dev/null +++ b/workflow-v2.9.0/manifests/deis-router-service.yaml @@ -0,0 +1,26 @@ +apiVersion: v1 +kind: Service +metadata: + name: deis-router + namespace: deis + labels: + heritage: deis + annotations: + helm-keep: "true" +spec: + type: LoadBalancer + selector: + app: deis-router + ports: + - name: http + port: 80 + targetPort: 8080 + - name: https + port: 443 + targetPort: 6443 + - name: builder + port: 2222 + targetPort: 2222 + - name: healthz + port: 9090 + targetPort: 9090 diff --git a/workflow-v2.9.0/manifests/deis-workflow-manager-service-account.yaml b/workflow-v2.9.0/manifests/deis-workflow-manager-service-account.yaml new file mode 100644 index 0000000..f821dcb --- /dev/null +++ b/workflow-v2.9.0/manifests/deis-workflow-manager-service-account.yaml @@ -0,0 +1,7 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + name: deis-workflow-manager + namespace: deis + labels: + heritage: deis diff --git a/workflow-v2.9.0/manifests/deis-workflow-manager-service.yaml b/workflow-v2.9.0/manifests/deis-workflow-manager-service.yaml new file mode 100644 index 0000000..4e5e2ba --- /dev/null +++ b/workflow-v2.9.0/manifests/deis-workflow-manager-service.yaml @@ -0,0 +1,18 @@ +apiVersion: v1 +kind: Service +metadata: + name: deis-workflow-manager + namespace: deis + labels: + heritage: deis + router.deis.io/routable: "true" + annotations: + router.deis.io/domains: deis-workflow-manager + helm-keep: "true" +spec: + selector: + app: deis-workflow-manager + ports: + - name: http + port: 80 + targetPort: 8080 diff --git a/workflow-v2.9.0/tpl/deis-builder-deployment.yaml b/workflow-v2.9.0/tpl/deis-builder-deployment.yaml new file mode 100644 index 0000000..3ae3502 --- /dev/null +++ b/workflow-v2.9.0/tpl/deis-builder-deployment.yaml @@ -0,0 +1,119 @@ +#helm:generate helm template -o $HELM_GENERATE_DIR/manifests/deis-builder-deployment.yaml -d $HELM_GENERATE_DIR/tpl/generate_params.toml $HELM_GENERATE_DIR/tpl/deis-builder-deployment.yaml +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: deis-builder + namespace: deis + labels: + heritage: deis + annotations: + helm-keep: "true" + component.deis.io/version: {{ env "BUILDER_GIT_TAG" | default .builder.dockerTag}} +spec: + replicas: 1 + strategy: + rollingUpdate: + maxSurge: 1 + maxUnavailable: 0 + type: RollingUpdate + selector: + matchLabels: + app: deis-builder + template: + metadata: + labels: + app: deis-builder + spec: + serviceAccount: deis-builder + containers: + - name: deis-builder + image: quay.io/{{.builder.org}}/builder:{{ env "BUILDER_GIT_TAG" | default .builder.dockerTag}} + imagePullPolicy: {{.builder.pullPolicy}} + ports: + - containerPort: 2223 + name: ssh + - containerPort: 8092 + name: healthsrv +{{- if or (.builder.limits_cpu) (.builder.limits_memory)}} + resources: + limits: +{{- if (.builder.limits_cpu) }} + cpu: {{.builder.limits_cpu}} +{{- end}} +{{- if (.builder.limits_memory) }} + memory: {{.builder.limits_memory}} +{{- end}} +{{- end}} + env: + # NOTE(bacongobbler): use deis/registry-proxy to work around Docker --insecure-registry requirements + - name: "DEIS_REGISTRY_SERVICE_HOST" + value: "localhost" + - name: "DEIS_REGISTRY_SERVICE_PORT" + value: "{{.registry_proxy.hostPort}}" + - name: "HEALTH_SERVER_PORT" + value: "8092" + - name: "EXTERNAL_PORT" + value: "2223" + - name: BUILDER_STORAGE + value: "{{ or (env "STORAGE_TYPE") (.storage)}}" + - name: "DEIS_REGISTRY_LOCATION" + value: "{{ or (env "REGISTRY_LOCATION") (.registry_location) }}" + - name: "DEIS_REGISTRY_SECRET_PREFIX" + value: "{{ .registry_token_refresher.secretPrefix }}" + # Set GIT_LOCK_TIMEOUT to number of minutes you want to wait to git push again to the same repository + - name: "GIT_LOCK_TIMEOUT" + value: "10" + - name: "SLUGBUILDER_IMAGE_NAME" + value: "quay.io/{{.slugbuilder.org}}/slugbuilder:{{ env "SLUGBUILDER_GIT_TAG" | default .slugbuilder.dockerTag }}" + - name: SLUG_BUILDER_IMAGE_PULL_POLICY + value: {{ .slugbuilder.pullPolicy }} + - name: "DOCKERBUILDER_IMAGE_NAME" + value: "quay.io/{{.dockerbuilder.org}}/dockerbuilder:{{ env "DOCKERBUILDER_GIT_TAG" | default .dockerbuilder.dockerTag}}" + - name: DOCKER_BUILDER_IMAGE_PULL_POLICY + value: {{ .dockerbuilder.pullPolicy }} + # This var needs to be passed so that the minio client (https://github.com/minio/mc) will work in Alpine linux + - name: "DOCKERIMAGE" + value: "1" + - name: "DEIS_DEBUG" + value: "{{ env "DEIS_DEBUG" | default "false" }}" + - name: "POD_NAMESPACE" + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: DEIS_BUILDER_KEY + valueFrom: + secretKeyRef: + name: builder-key-auth + key: builder-key + livenessProbe: + httpGet: + path: /healthz + port: 8092 + initialDelaySeconds: 30 + timeoutSeconds: 1 + readinessProbe: + httpGet: + path: /readiness + port: 8092 + initialDelaySeconds: 30 + timeoutSeconds: 1 + volumeMounts: + - name: builder-key-auth + mountPath: /var/run/secrets/api/auth + readOnly: true + - name: builder-ssh-private-keys + mountPath: /var/run/secrets/deis/builder/ssh + readOnly: true + - name: objectstore-creds + mountPath: /var/run/secrets/deis/objectstore/creds + readOnly: true + volumes: + - name: builder-key-auth + secret: + secretName: builder-key-auth + - name: builder-ssh-private-keys + secret: + secretName: builder-ssh-private-keys + - name: objectstore-creds + secret: + secretName: objectstorage-keyfile diff --git a/workflow-v2.9.0/tpl/deis-builder-rc.yaml b/workflow-v2.9.0/tpl/deis-builder-rc.yaml new file mode 100644 index 0000000..1a9b64e --- /dev/null +++ b/workflow-v2.9.0/tpl/deis-builder-rc.yaml @@ -0,0 +1,89 @@ +#helm:generate helm template -o $HELM_GENERATE_DIR/manifests/deis-builder-rc.yaml -d $HELM_GENERATE_DIR/tpl/generate_params.toml $HELM_GENERATE_DIR/tpl/deis-builder-rc.yaml +apiVersion: v1 +kind: ReplicationController +metadata: + name: deis-builder + namespace: deis + labels: + heritage: deis + annotations: + component.deis.io/version: {{ env "BUILDER_GIT_TAG" | default .builder.dockerTag}} +spec: + replicas: 0 + selector: + app: deis-builder-deprecated + template: + metadata: + labels: + app: deis-builder-deprecated + spec: + serviceAccount: deis-builder + containers: + - name: deis-builder + image: quay.io/{{.builder.org}}/builder:{{ env "BUILDER_GIT_TAG" | default .builder.dockerTag}} + imagePullPolicy: {{.builder.pullPolicy}} + ports: + - containerPort: 2223 + name: ssh + - containerPort: 8092 + name: healthsrv + env: + - name: "HEALTH_SERVER_PORT" + value: "8092" + - name: "EXTERNAL_PORT" + value: "2223" + - name: BUILDER_STORAGE + value: "{{ or (env "STORAGE_TYPE") (.storage)}}" + # Set GIT_LOCK_TIMEOUT to number of minutes you want to wait to git push again to the same repository + - name: "GIT_LOCK_TIMEOUT" + value: "10" + - name: "SLUGBUILDER_IMAGE_NAME" + value: "quay.io/{{.slugbuilder.org}}/slugbuilder:{{ env "SLUGBUILDER_GIT_TAG" | default .slugbuilder.dockerTag }}" + - name: "DOCKERBUILDER_IMAGE_NAME" + value: "quay.io/{{.dockerbuilder.org}}/dockerbuilder:{{ env "DOCKERBUILDER_GIT_TAG" | default .dockerbuilder.dockerTag}}" + # This var needs to be passed so that the minio client (https://github.com/minio/mc) will work in Alpine linux + - name: "DOCKERIMAGE" + value: "1" + - name: "DEIS_DEBUG" + value: "{{ env "DEIS_DEBUG" | default "false" }}" + - name: "POD_NAMESPACE" + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: DEIS_BUILDER_KEY + valueFrom: + secretKeyRef: + name: builder-key-auth + key: builder-key + livenessProbe: + httpGet: + path: /healthz + port: 8092 + initialDelaySeconds: 30 + timeoutSeconds: 1 + readinessProbe: + httpGet: + path: /readiness + port: 8092 + initialDelaySeconds: 30 + timeoutSeconds: 1 + volumeMounts: + - name: builder-key-auth + mountPath: /var/run/secrets/api/auth + readOnly: true + - name: builder-ssh-private-keys + mountPath: /var/run/secrets/deis/builder/ssh + readOnly: true + - name: objectstore-creds + mountPath: /var/run/secrets/deis/objectstore/creds + readOnly: true + volumes: + - name: builder-key-auth + secret: + secretName: builder-key-auth + - name: builder-ssh-private-keys + secret: + secretName: builder-ssh-private-keys + - name: objectstore-creds + secret: + secretName: objectstorage-keyfile diff --git a/workflow-v2.9.0/tpl/deis-builder-secret-ssh-private-keys.yaml b/workflow-v2.9.0/tpl/deis-builder-secret-ssh-private-keys.yaml new file mode 100644 index 0000000..b146c36 --- /dev/null +++ b/workflow-v2.9.0/tpl/deis-builder-secret-ssh-private-keys.yaml @@ -0,0 +1,13 @@ +#helm:generate helm template -o $HELM_GENERATE_DIR/manifests/deis-builder-secret-ssh-private-keys.yaml $HELM_GENERATE_DIR/tpl/deis-builder-secret-ssh-private-keys.yaml +apiVersion: v1 +kind: Secret +metadata: + name: builder-ssh-private-keys + namespace: deis + labels: + heritage: deis +type: Opaque +data: + ssh-host-rsa-key: "{{genPrivateKey "rsa" | b64enc}}" + ssh-host-dsa-key: "{{genPrivateKey "dsa" | b64enc}}" + ssh-host-ecdsa-key: "{{genPrivateKey "ecdsa" | b64enc}}" diff --git a/workflow-v2.9.0/tpl/deis-controller-deployment.yaml b/workflow-v2.9.0/tpl/deis-controller-deployment.yaml new file mode 100644 index 0000000..33c6ba0 --- /dev/null +++ b/workflow-v2.9.0/tpl/deis-controller-deployment.yaml @@ -0,0 +1,131 @@ +#helm:generate helm template -o $HELM_GENERATE_DIR/manifests/deis-controller-deployment.yaml -d $HELM_GENERATE_DIR/tpl/generate_params.toml $HELM_GENERATE_DIR/tpl/deis-controller-deployment.yaml +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: deis-controller + namespace: deis + labels: + heritage: deis + annotations: + helm-keep: "true" + component.deis.io/version: {{env "CONTROLLER_GIT_TAG" | default .controller.dockerTag}} +spec: + replicas: 1 + strategy: + rollingUpdate: + maxSurge: 1 + maxUnavailable: 0 + type: RollingUpdate + selector: + matchLabels: + app: deis-controller + template: + metadata: + labels: + app: deis-controller + spec: + serviceAccount: deis-controller + containers: + - name: deis-controller + image: quay.io/{{.controller.org}}/controller:{{env "CONTROLLER_GIT_TAG" | default .controller.dockerTag}} + imagePullPolicy: {{.controller.pullPolicy}} + livenessProbe: + httpGet: + path: /healthz + port: 8000 + initialDelaySeconds: 30 + timeoutSeconds: 10 + readinessProbe: + httpGet: + path: /readiness + port: 8000 + initialDelaySeconds: 30 + timeoutSeconds: 10 + periodSeconds: 5 + ports: + - containerPort: 8000 + name: http +{{- if or (.controller.limits_cpu) (.controller.limits_memory)}} + resources: + limits: +{{- if (.controller.limits_cpu) }} + cpu: {{.controller.limits_cpu}} +{{- end}} +{{- if (.controller.limits_memory) }} + memory: {{.controller.limits_memory}} +{{- end}} +{{- end}} + env: + # NOTE(jchauncey): see tpl/generate_params.toml for possible values + - name: REGISTRATION_MODE + value: {{ .controller.registrationMode }} + # NOTE(bacongobbler): use deis/registry-proxy to work around Docker --insecure-registry requirements + - name: "DEIS_REGISTRY_SERVICE_HOST" + value: "localhost" + - name: "DEIS_REGISTRY_SERVICE_PORT" + value: "{{.registry_proxy.hostPort}}" + - name: "APP_STORAGE" + value: "{{ or (env "STORAGE_TYPE") (.storage)}}" + - name: "DEIS_REGISTRY_LOCATION" + value: "{{ or (env "REGISTRY_LOCATION") (.registry_location) }}" + - name: "DEIS_REGISTRY_SECRET_PREFIX" + value: "{{ .registry_token_refresher.secretPrefix }}" + - name: "SLUGRUNNER_IMAGE_NAME" + value: "quay.io/{{.slugrunner.org}}/slugrunner:{{env "SLUGRUNNER_GIT_TAG" | default .slugrunner.dockerTag}}" + - name: "IMAGE_PULL_POLICY" + value: "{{.controller.app_pull_policy}}" + - name: DEIS_SECRET_KEY + valueFrom: + secretKeyRef: + name: django-secret-key + key: secret-key + - name: DEIS_BUILDER_KEY + valueFrom: + secretKeyRef: + name: builder-key-auth + key: builder-key +{{- if env "DATABASE_LOCATION" | default .database_location | eq "off-cluster" }} + - name: DEIS_DATABASE_NAME + value: "{{ env "DATABASE_NAME" | default .database.name }}" + - name: DEIS_DATABASE_SERVICE_HOST + value: "{{ env "DATABASE_HOST" | default .database.host }}" + - name: DEIS_DATABASE_SERVICE_PORT + value: "{{ env "DATABASE_PORT" | default .database.port }}" +{{- end }} + - name: DEIS_DATABASE_USER + valueFrom: + secretKeyRef: + name: database-creds + key: user + - name: DEIS_DATABASE_PASSWORD + valueFrom: + secretKeyRef: + name: database-creds + key: password + - name: RESERVED_NAMES + value: "deis, deis-builder, deis-workflow-manager, grafana" + volumeMounts: + - mountPath: /var/run/docker.sock + name: docker-socket + - name: builder-key-auth + mountPath: /var/run/secrets/api/builder/auth + readOnly: true + - name: django-secret-key + mountPath: /var/run/secrets/api/django + readOnly: true + - name: database-creds + mountPath: /var/run/secrets/deis/database/creds + readOnly: true + volumes: + - name: docker-socket + hostPath: + path: /var/run/docker.sock + - name: django-secret-key + secret: + secretName: django-secret-key + - name: builder-key-auth + secret: + secretName: builder-key-auth + - name: database-creds + secret: + secretName: database-creds diff --git a/workflow-v2.9.0/tpl/deis-controller-rc.yaml b/workflow-v2.9.0/tpl/deis-controller-rc.yaml new file mode 100644 index 0000000..3dd9e92 --- /dev/null +++ b/workflow-v2.9.0/tpl/deis-controller-rc.yaml @@ -0,0 +1,105 @@ +#helm:generate helm template -o $HELM_GENERATE_DIR/manifests/deis-controller-rc.yaml -d $HELM_GENERATE_DIR/tpl/generate_params.toml $HELM_GENERATE_DIR/tpl/deis-controller-rc.yaml +apiVersion: v1 +kind: ReplicationController +metadata: + name: deis-controller + namespace: deis + labels: + heritage: deis + annotations: + component.deis.io/version: {{env "CONTROLLER_GIT_TAG" | default .controller.dockerTag}} +spec: + replicas: 0 + selector: + app: deis-controller-deprecated + template: + metadata: + labels: + app: deis-controller-deprecated + spec: + serviceAccount: deis-controller + containers: + - name: deis-controller + image: quay.io/{{.controller.org}}/controller:{{env "CONTROLLER_GIT_TAG" | default .controller.dockerTag}} + imagePullPolicy: {{.controller.pullPolicy}} + livenessProbe: + httpGet: + path: /healthz + port: 8000 + initialDelaySeconds: 30 + timeoutSeconds: 10 + readinessProbe: + httpGet: + path: /readiness + port: 8000 + initialDelaySeconds: 30 + timeoutSeconds: 10 + periodSeconds: 5 + ports: + - containerPort: 8000 + name: http + env: + # NOTE(jchauncey): see tpl/generate_params.toml for possible values + - name: REGISTRATION_MODE + value: {{ .controller.registrationMode }} + - name: KUBERNETES_POD_TERMINATION_GRACE_PERIOD_SECONDS + value: "5" + - name: "APP_STORAGE" + value: "{{ or (env "STORAGE_TYPE") (.storage)}}" + - name: "SLUGRUNNER_IMAGE_NAME" + value: "quay.io/{{.slugrunner.org}}/slugrunner:{{env "SLUGRUNNER_GIT_TAG" | default .slugrunner.dockerTag}}" + - name: DEIS_SECRET_KEY + valueFrom: + secretKeyRef: + name: django-secret-key + key: secret-key + - name: DEIS_BUILDER_KEY + valueFrom: + secretKeyRef: + name: builder-key-auth + key: builder-key +{{- if env "DATABASE_LOCATION" | default .database_location | eq "off-cluster" }} + - name: DEIS_DATABASE_NAME + value: "{{ env "DATABASE_NAME" | default .database.name }}" + - name: DEIS_DATABASE_SERVICE_HOST + value: "{{ env "DATABASE_HOST" | default .database.host }}" + - name: DEIS_DATABASE_SERVICE_PORT + value: "{{ env "DATABASE_PORT" | default .database.port }}" +{{- end }} + - name: DEIS_DATABASE_USER + valueFrom: + secretKeyRef: + name: database-creds + key: user + - name: DEIS_DATABASE_PASSWORD + valueFrom: + secretKeyRef: + name: database-creds + key: password + - name: RESERVED_NAMES + value: "deis, deis-builder, deis-workflow-manager, grafana" + volumeMounts: + - mountPath: /var/run/docker.sock + name: docker-socket + - name: builder-key-auth + mountPath: /var/run/secrets/api/builder/auth + readOnly: true + - name: django-secret-key + mountPath: /var/run/secrets/api/django + readOnly: true + - name: database-creds + mountPath: /var/run/secrets/deis/database/creds + readOnly: true + volumes: + - name: docker-socket + hostPath: + path: /var/run/docker.sock + - name: django-secret-key + secret: + secretName: django-secret-key + - name: builder-key-auth + secret: + secretName: builder-key-auth + - name: database-creds + secret: + secretName: database-creds diff --git a/workflow-v2.9.0/tpl/deis-controller-secret-builder-key-auth.yaml b/workflow-v2.9.0/tpl/deis-controller-secret-builder-key-auth.yaml new file mode 100644 index 0000000..21f9807 --- /dev/null +++ b/workflow-v2.9.0/tpl/deis-controller-secret-builder-key-auth.yaml @@ -0,0 +1,11 @@ +#helm:generate helm tpl --out $HELM_GENERATE_DIR/manifests/deis-controller-secret-builder-key-auth.yaml $HELM_GENERATE_DIR/tpl/deis-controller-secret-builder-key-auth.yaml +apiVersion: v1 +kind: Secret +metadata: + name: builder-key-auth + namespace: deis + labels: + heritage: deis +type: Opaque +data: + builder-key: {{ randAlphaNum 64 | b64enc }} diff --git a/workflow-v2.9.0/tpl/deis-controller-secret-django-secret-key.yaml b/workflow-v2.9.0/tpl/deis-controller-secret-django-secret-key.yaml new file mode 100644 index 0000000..066ef4d --- /dev/null +++ b/workflow-v2.9.0/tpl/deis-controller-secret-django-secret-key.yaml @@ -0,0 +1,11 @@ +#helm:generate helm tpl --out $HELM_GENERATE_DIR/manifests/deis-controller-secret-django-secret-key.yaml $HELM_GENERATE_DIR/tpl/deis-controller-secret-django-secret-key.yaml +apiVersion: v1 +kind: Secret +metadata: + name: django-secret-key + namespace: deis + labels: + heritage: deis +type: Opaque +data: + secret-key: {{ randAscii 64 | b64enc }} diff --git a/workflow-v2.9.0/tpl/deis-database-deployment.yaml b/workflow-v2.9.0/tpl/deis-database-deployment.yaml new file mode 100644 index 0000000..723a3ae --- /dev/null +++ b/workflow-v2.9.0/tpl/deis-database-deployment.yaml @@ -0,0 +1,69 @@ +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: deis-database + namespace: deis + labels: + heritage: deis + annotations: + helm-keep: "true" + component.deis.io/version: {{env "POSTGRES_GIT_TAG" | default .database.dockerTag}} +spec: + replicas: 1 + strategy: + type: Recreate + selector: + matchLabels: + app: deis-database + template: + metadata: + labels: + app: deis-database + spec: + serviceAccount: deis-database + containers: + - name: deis-database + image: quay.io/{{.database.org}}/postgres:{{env "POSTGRES_GIT_TAG" | default .database.dockerTag}} + imagePullPolicy: {{.database.pullPolicy}} + ports: + - containerPort: 5432 + lifecycle: + preStop: + exec: + command: + - gosu + - postgres + - do_backup + env: + - name: DATABASE_STORAGE + value: "{{ or (env "STORAGE_TYPE") (.storage)}}" + - name: PGCTLTIMEOUT + value: "1200" +{{- if or (.database.limits_cpu) (.database.limits_memory)}} + resources: + limits: +{{- if (.database.limits_cpu) }} + cpu: {{.database.limits_cpu}} +{{- end}} +{{- if (.database.limits_memory) }} + memory: {{.database.limits_memory}} +{{- end}} +{{- end}} + readinessProbe: + exec: + command: + - is_running + initialDelaySeconds: 30 + timeoutSeconds: 1 + volumeMounts: + - name: database-creds + mountPath: /var/run/secrets/deis/database/creds + - name: objectstore-creds + mountPath: /var/run/secrets/deis/objectstore/creds + volumes: + - name: database-creds + secret: + secretName: database-creds + - name: objectstore-creds + secret: + secretName: objectstorage-keyfile diff --git a/workflow-v2.9.0/tpl/deis-database-rc.yaml b/workflow-v2.9.0/tpl/deis-database-rc.yaml new file mode 100644 index 0000000..1ebeb89 --- /dev/null +++ b/workflow-v2.9.0/tpl/deis-database-rc.yaml @@ -0,0 +1,56 @@ +apiVersion: v1 +kind: ReplicationController +metadata: + name: deis-database + namespace: deis + labels: + heritage: deis + annotations: + component.deis.io/version: {{env "DATABASE_GIT_TAG" | default .database.dockerTag}} +spec: + replicas: 0 + selector: + app: deis-database + template: + metadata: + labels: + app: deis-database + spec: + serviceAccount: deis-database + containers: + - name: deis-database + image: quay.io/{{.database.org}}/postgres:{{env "DATABASE_GIT_TAG" | default .database.dockerTag}} + imagePullPolicy: {{.database.pullPolicy}} + ports: + - containerPort: 5432 + env: + - name: DATABASE_STORAGE + value: "{{ or (env "STORAGE_TYPE") (.storage)}}" +{{- if or (.database.limits_cpu) (.database.limits_memory)}} + resources: + limits: +{{- if (.database.limits_cpu) }} + cpu: {{.database.limits_cpu}} +{{- end}} +{{- if (.database.limits_memory) }} + memory: {{.database.limits_memory}} +{{- end}} +{{- end}} + readinessProbe: + exec: + command: + - is_running + initialDelaySeconds: 30 + timeoutSeconds: 1 + volumeMounts: + - name: database-creds + mountPath: /var/run/secrets/deis/database/creds + - name: objectstore-creds + mountPath: /var/run/secrets/deis/objectstore/creds + volumes: + - name: database-creds + secret: + secretName: database-creds + - name: objectstore-creds + secret: + secretName: objectstorage-keyfile diff --git a/workflow-v2.9.0/tpl/deis-database-secret-creds.yaml b/workflow-v2.9.0/tpl/deis-database-secret-creds.yaml new file mode 100644 index 0000000..e32ab6f --- /dev/null +++ b/workflow-v2.9.0/tpl/deis-database-secret-creds.yaml @@ -0,0 +1,11 @@ +apiVersion: v1 +kind: Secret +metadata: + name: database-creds + namespace: deis + labels: + app: deis-database + heritage: deis +data: + user: {{ if env "DATABASE_LOCATION" | default .database_location | eq "off-cluster" }}{{ env "DATABASE_USERNAME" | default .database.username | b64enc }}{{ else }}{{ randAlphaNum 32 | b64enc }}{{ end }} + password: {{ if env "DATABASE_LOCATION" | default .database_location | eq "off-cluster" }}{{ env "DATABASE_PASSWORD" | default .database.password | b64enc }}{{ else }}{{ randAlphaNum 32 | b64enc }}{{ end }} diff --git a/workflow-v2.9.0/tpl/deis-database-service-account.yaml b/workflow-v2.9.0/tpl/deis-database-service-account.yaml new file mode 100644 index 0000000..becbc9a --- /dev/null +++ b/workflow-v2.9.0/tpl/deis-database-service-account.yaml @@ -0,0 +1,7 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + name: deis-database + namespace: deis + labels: + heritage: deis diff --git a/workflow-v2.9.0/tpl/deis-database-service.yaml b/workflow-v2.9.0/tpl/deis-database-service.yaml new file mode 100644 index 0000000..e0abe51 --- /dev/null +++ b/workflow-v2.9.0/tpl/deis-database-service.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Service +metadata: + name: deis-database + namespace: deis + labels: + heritage: deis + annotations: + helm-keep: "true" +spec: + ports: + - name: postgres + port: 5432 + selector: + app: deis-database diff --git a/workflow-v2.9.0/tpl/deis-logger-deployment.yaml b/workflow-v2.9.0/tpl/deis-logger-deployment.yaml new file mode 100644 index 0000000..16c893e --- /dev/null +++ b/workflow-v2.9.0/tpl/deis-logger-deployment.yaml @@ -0,0 +1,71 @@ +#helm:generate helm tpl -d $HELM_GENERATE_DIR/tpl/generate_params.toml -o $HELM_GENERATE_DIR/manifests/deis-logger-deployment.yaml $HELM_GENERATE_DIR/tpl/deis-logger-deployment.yaml +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: deis-logger + namespace: deis + labels: + heritage: deis + annotations: + helm-keep: "true" + component.deis.io/version: {{env "LOGGER_GIT_TAG" | default .logger.dockerTag}} +spec: + replicas: 1 + strategy: + rollingUpdate: + maxSurge: 1 + maxUnavailable: 0 + type: RollingUpdate + selector: + matchLabels: + app: deis-logger + template: + metadata: + labels: + app: deis-logger + spec: + containers: + - name: deis-logger + image: quay.io/{{.logger.org}}/logger:{{env "LOGGER_GIT_TAG" | default .logger.dockerTag}} + imagePullPolicy: {{.logger.pullPolicy}} + env: + - name: STORAGE_ADAPTER + value: redis +{{- if env "LOGGER_REDIS_LOCATION" | default .logger_redis_location | eq "off-cluster" }} + - name: DEIS_LOGGER_REDIS_DB + value: "{{ env "LOGGER_REDIS_DB" | default .loggerRedis.db }}" + - name: DEIS_LOGGER_REDIS_SERVICE_HOST + value: "{{ env "LOGGER_REDIS_HOST" | default .loggerRedis.host }}" + - name: DEIS_LOGGER_REDIS_SERVICE_PORT + value: "{{ env "LOGGER_REDIS_PORT" | default .loggerRedis.port }}" +{{- end }} + - name: DEIS_LOGGER_REDIS_PASSWORD + valueFrom: + secretKeyRef: + name: logger-redis-creds + key: password + ports: + - containerPort: 8088 + name: http +{{- if or (.logger.limits_cpu) (.logger.limits_memory)}} + resources: + limits: +{{- if (.logger.limits_cpu) }} + cpu: {{.logger.limits_cpu}} +{{- end}} +{{- if (.logger.limits_memory) }} + memory: {{.logger.limits_memory}} +{{- end}} +{{- end}} + livenessProbe: + httpGet: + path: /healthz + port: 8088 + initialDelaySeconds: 1 + timeoutSeconds: 1 + readinessProbe: + httpGet: + path: /healthz + port: 8088 + initialDelaySeconds: 1 + timeoutSeconds: 1 diff --git a/workflow-v2.9.0/tpl/deis-logger-fluentd-daemon.yaml b/workflow-v2.9.0/tpl/deis-logger-fluentd-daemon.yaml new file mode 100644 index 0000000..1e5ada5 --- /dev/null +++ b/workflow-v2.9.0/tpl/deis-logger-fluentd-daemon.yaml @@ -0,0 +1,50 @@ +#helm:generate helm tpl -d $HELM_GENERATE_DIR/tpl/generate_params.toml -o $HELM_GENERATE_DIR/manifests/deis-logger-fluentd-daemon.yaml $HELM_GENERATE_FILE +apiVersion: extensions/v1beta1 +kind: DaemonSet +metadata: + name: deis-logger-fluentd + namespace: deis + labels: + heritage: deis + annotations: + component.deis.io/version: {{env "FLUENTD_GIT_TAG" | default .fluentd.dockerTag}} +spec: + selector: + matchLabels: + app: deis-logger-fluentd + heritage: deis + template: + metadata: + name: deis-logger-fluentd + labels: + heritage: deis + app: deis-logger-fluentd + spec: + serviceAccount: deis-logger-fluentd + containers: + - name: deis-logger-fluentd + image: quay.io/{{ .fluentd.org }}/fluentd:{{env "FLUENTD_GIT_TAG" | default .fluentd.dockerTag}} + imagePullPolicy: {{.fluentd.pullPolicy}} +{{- if or (.fluentd.limits_cpu) (.fluentd.limits_memory)}} + resources: + limits: +{{- if (.fluentd.limits_cpu) }} + cpu: {{.fluentd.limits_cpu}} +{{- end}} +{{- if (.fluentd.limits_memory) }} + memory: {{.fluentd.limits_memory}} +{{- end}} +{{- end}} + volumeMounts: + - name: varlog + mountPath: /var/log + - name: varlibdockercontainers + mountPath: /var/lib/docker/containers + readOnly: true + volumes: + - name: varlog + hostPath: + path: /var/log + - name: varlibdockercontainers + hostPath: + path: /var/lib/docker/containers diff --git a/workflow-v2.9.0/tpl/deis-logger-rc.yaml b/workflow-v2.9.0/tpl/deis-logger-rc.yaml new file mode 100644 index 0000000..5d04bd6 --- /dev/null +++ b/workflow-v2.9.0/tpl/deis-logger-rc.yaml @@ -0,0 +1,63 @@ +apiVersion: v1 +kind: ReplicationController +metadata: + name: deis-logger + namespace: deis + labels: + heritage: deis + annotations: + component.deis.io/version: {{env "LOGGER_GIT_TAG" | default .logger.dockerTag}} +spec: + replicas: 0 + selector: + app: deis-logger + template: + metadata: + labels: + app: deis-logger + spec: + containers: + - name: deis-logger + image: quay.io/{{.logger.org}}/logger:{{env "LOGGER_GIT_TAG" | default .logger.dockerTag}} + imagePullPolicy: {{.logger.pullPolicy}} + env: + - name: STORAGE_ADAPTER + value: redis +{{- if env "LOGGER_REDIS_LOCATION" | default .logger_redis_location | eq "off-cluster" }} + - name: DEIS_LOGGER_REDIS_DB + value: "{{ env "LOGGER_REDIS_DB" | default .loggerRedis.db }}" + - name: DEIS_LOGGER_REDIS_SERVICE_HOST + value: "{{ env "LOGGER_REDIS_HOST" | default .loggerRedis.host }}" + - name: DEIS_LOGGER_REDIS_SERVICE_PORT + value: "{{ env "LOGGER_REDIS_PORT" | default .loggerRedis.port }}" +{{- end }} + - name: DEIS_LOGGER_REDIS_PASSWORD + valueFrom: + secretKeyRef: + name: logger-redis-creds + key: password + ports: + - containerPort: 8088 + name: http +{{- if or (.logger.limits_cpu) (.logger.limits_memory)}} + resources: + limits: +{{- if (.logger.limits_cpu) }} + cpu: {{.logger.limits_cpu}} +{{- end}} +{{- if (.logger.limits_memory) }} + memory: {{.logger.limits_memory}} +{{- end}} +{{- end}} + livenessProbe: + httpGet: + path: /healthz + port: 8088 + initialDelaySeconds: 1 + timeoutSeconds: 1 + readinessProbe: + httpGet: + path: /healthz + port: 8088 + initialDelaySeconds: 1 + timeoutSeconds: 1 diff --git a/workflow-v2.9.0/tpl/deis-logger-redis-deployment.yaml b/workflow-v2.9.0/tpl/deis-logger-redis-deployment.yaml new file mode 100644 index 0000000..1307c2c --- /dev/null +++ b/workflow-v2.9.0/tpl/deis-logger-redis-deployment.yaml @@ -0,0 +1,46 @@ +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: deis-logger-redis + namespace: deis + labels: + heritage: deis + annotations: + helm-keep: "true" + component.deis.io/version: {{env "LOGGER_REDIS_GIT_TAG" | default .loggerRedis.dockerTag}} +spec: + replicas: 1 + strategy: + type: Recreate + selector: + matchLabels: + app: deis-logger-redis + template: + metadata: + labels: + app: deis-logger-redis + spec: + serviceAccount: deis-logger + containers: + - name: deis-logger-redis + image: quay.io/{{.loggerRedis.org}}/redis:{{env "LOGGER_REDIS_GIT_TAG" | default .loggerRedis.dockerTag}} + imagePullPolicy: {{.loggerRedis.pullPolicy}} +{{- if or (.loggerRedis.limits_cpu ) (.loggerRedis.limits_memory)}} + resources: + limits: +{{- if (.loggerRedis.limits_cpu) }} + cpu: {{.loggerRedis.limits_cpu}} +{{- end}} +{{- if (.loggerRedis.limits_memory) }} + memory: {{.loggerRedis.limits_memory}} +{{- end}} +{{- end}} + ports: + - containerPort: 6379 + volumeMounts: + - name: logger-redis-creds + mountPath: /var/run/secrets/deis/redis/creds + volumes: + - name: logger-redis-creds + secret: + secretName: logger-redis-creds diff --git a/workflow-v2.9.0/tpl/deis-logger-redis-rc.yaml b/workflow-v2.9.0/tpl/deis-logger-redis-rc.yaml new file mode 100644 index 0000000..c194310 --- /dev/null +++ b/workflow-v2.9.0/tpl/deis-logger-redis-rc.yaml @@ -0,0 +1,42 @@ +apiVersion: v1 +kind: ReplicationController +metadata: + name: deis-logger-redis + namespace: deis + labels: + heritage: deis + annotations: + component.deis.io/version: {{env "LOGGER_REDIS_GIT_TAG" | default .loggerRedis.dockerTag}} +spec: + replicas: 0 + selector: + app: deis-logger-redis + template: + metadata: + labels: + app: deis-logger-redis + spec: + serviceAccount: deis-logger + containers: + - name: deis-logger-redis + image: quay.io/{{.loggerRedis.org}}/redis:{{env "LOGGER_REDIS_GIT_TAG" | default .loggerRedis.dockerTag}} + imagePullPolicy: {{.loggerRedis.pullPolicy}} +{{- if or (.loggerRedis.limits_cpu ) (.loggerRedis.limits_memory)}} + resources: + limits: +{{- if (.loggerRedis.limits_cpu) }} + cpu: {{.loggerRedis.limits_cpu}} +{{- end}} +{{- if (.loggerRedis.limits_memory) }} + memory: {{.loggerRedis.limits_memory}} +{{- end}} +{{- end}} + ports: + - containerPort: 6379 + volumeMounts: + - name: logger-redis-creds + mountPath: /var/run/secrets/deis/redis/creds + volumes: + - name: logger-redis-creds + secret: + secretName: logger-redis-creds diff --git a/workflow-v2.9.0/tpl/deis-logger-redis-secret-creds.yaml b/workflow-v2.9.0/tpl/deis-logger-redis-secret-creds.yaml new file mode 100644 index 0000000..631809c --- /dev/null +++ b/workflow-v2.9.0/tpl/deis-logger-redis-secret-creds.yaml @@ -0,0 +1,12 @@ +apiVersion: v1 +kind: Secret +metadata: + name: logger-redis-creds + namespace: deis + labels: + app: deis-logger-redis + heritage: deis + annotations: + helm-keep: "true" +data: + password: {{ if env "LOGGER_REDIS_LOCATION" | default .logger_redis_location | eq "off-cluster" }}{{ env "LOGGER_REDIS_PASSWORD" | default .loggerRedis.password | b64enc }}{{ else }}{{ randAlphaNum 32 | b64enc }}{{ end }} diff --git a/workflow-v2.9.0/tpl/deis-logger-redis-service.yaml b/workflow-v2.9.0/tpl/deis-logger-redis-service.yaml new file mode 100644 index 0000000..a992e94 --- /dev/null +++ b/workflow-v2.9.0/tpl/deis-logger-redis-service.yaml @@ -0,0 +1,14 @@ +apiVersion: v1 +kind: Service +metadata: + name: deis-logger-redis + namespace: deis + labels: + heritage: helm + annotations: + helm-keep: "true" +spec: + selector: + app: deis-logger-redis + ports: + - port: 6379 diff --git a/workflow-v2.9.0/tpl/deis-minio-deployment.yaml b/workflow-v2.9.0/tpl/deis-minio-deployment.yaml new file mode 100644 index 0000000..3a33d46 --- /dev/null +++ b/workflow-v2.9.0/tpl/deis-minio-deployment.yaml @@ -0,0 +1,67 @@ +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: deis-minio + namespace: deis + labels: + heritage: deis + annotations: + helm-keep: "true" + component.deis.io/version: {{env "MINIO_GIT_TAG" | default .minio.dockerTag}} +spec: + replicas: 1 + strategy: + type: Recreate + selector: + matchLabels: + app: deis-minio + template: + metadata: + labels: + app: deis-minio + spec: + serviceAccount: deis-minio + containers: + - name: deis-minio + image: quay.io/{{.minio.org}}/minio:{{env "MINIO_GIT_TAG" | default .minio.dockerTag}} + imagePullPolicy: {{.minio.pullPolicy}} + env: + - name: HEALTH_SERVER_PORT + value: "8082" + ports: + - containerPort: 9000 + - containerPort: 8082 + livenessProbe: + httpGet: + path: /healthz + port: 8082 + initialDelaySeconds: 30 + timeoutSeconds: 1 + readinessProbe: + httpGet: + path: /healthz + port: 8082 + initialDelaySeconds: 30 + timeoutSeconds: 1 +{{- if or (.minio.limits_cpu) (.minio.limits_memory)}} + resources: + limits: +{{- if (.minio.limits_cpu) }} + cpu: {{.minio.limits_cpu}} +{{- end}} +{{- if (.minio.limits_memory) }} + memory: {{.minio.limits_memory}} +{{- end}} +{{- end}} + command: + - boot + args: + - "server /home/minio/" + volumeMounts: + - name: minio-user + mountPath: /var/run/secrets/deis/minio/user + readOnly: true + volumes: + - name: minio-user + secret: + secretName: objectstorage-keyfile diff --git a/workflow-v2.9.0/tpl/deis-minio-rc.yaml b/workflow-v2.9.0/tpl/deis-minio-rc.yaml new file mode 100644 index 0000000..7f63140 --- /dev/null +++ b/workflow-v2.9.0/tpl/deis-minio-rc.yaml @@ -0,0 +1,63 @@ +apiVersion: v1 +kind: ReplicationController +metadata: + name: deis-minio + namespace: deis + labels: + heritage: deis + annotations: + component.deis.io/version: {{env "MINIO_GIT_TAG" | default .minio.dockerTag}} +spec: + replicas: 0 + selector: + app: deis-minio + template: + metadata: + labels: + app: deis-minio + spec: + serviceAccount: deis-minio + containers: + - name: deis-minio + image: quay.io/{{.minio.org}}/minio:{{env "MINIO_GIT_TAG" | default .minio.dockerTag}} + imagePullPolicy: {{.minio.pullPolicy}} + env: + - name: HEALTH_SERVER_PORT + value: "8082" + ports: + - containerPort: 9000 + - containerPort: 8082 + livenessProbe: + httpGet: + path: /healthz + port: 8082 + initialDelaySeconds: 30 + timeoutSeconds: 1 + readinessProbe: + httpGet: + path: /healthz + port: 8082 + initialDelaySeconds: 30 + timeoutSeconds: 1 +{{- if or (.minio.limits_cpu) (.minio.limits_memory)}} + resources: + limits: +{{- if (.minio.limits_cpu) }} + cpu: {{.minio.limits_cpu}} +{{- end}} +{{- if (.minio.limits_memory) }} + memory: {{.minio.limits_memory}} +{{- end}} +{{- end}} + command: + - boot + args: + - "server /home/minio/" + volumeMounts: + - name: minio-user + mountPath: /var/run/secrets/deis/minio/user + readOnly: true + volumes: + - name: minio-user + secret: + secretName: objectstorage-keyfile diff --git a/workflow-v2.9.0/tpl/deis-minio-service-account.yaml b/workflow-v2.9.0/tpl/deis-minio-service-account.yaml new file mode 100644 index 0000000..be96b99 --- /dev/null +++ b/workflow-v2.9.0/tpl/deis-minio-service-account.yaml @@ -0,0 +1,7 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + name: deis-minio + namespace: deis + labels: + heritage: deis diff --git a/workflow-v2.9.0/tpl/deis-minio-service.yaml b/workflow-v2.9.0/tpl/deis-minio-service.yaml new file mode 100644 index 0000000..9beb605 --- /dev/null +++ b/workflow-v2.9.0/tpl/deis-minio-service.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Service +metadata: + name: deis-minio + namespace: deis + labels: + heritage: deis + annotations: + helm-keep: "true" +spec: + ports: + - name: s3 + port: 9000 + selector: + app: deis-minio diff --git a/workflow-v2.9.0/tpl/deis-monitor-grafana-deployment.yaml b/workflow-v2.9.0/tpl/deis-monitor-grafana-deployment.yaml new file mode 100644 index 0000000..7002e90 --- /dev/null +++ b/workflow-v2.9.0/tpl/deis-monitor-grafana-deployment.yaml @@ -0,0 +1,62 @@ +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: deis-monitor-grafana + namespace: deis + labels: + heritage: deis + annotations: + helm-keep: "true" + component.deis.io/version: {{env "GRAFANA_GIT_TAG" | default .grafana.dockerTag}} +spec: + replicas: 1 + strategy: + rollingUpdate: + maxSurge: 1 + maxUnavailable: 0 + type: RollingUpdate + selector: + matchLabels: + app: deis-monitor-grafana + template: + metadata: + labels: + app: deis-monitor-grafana + spec: + containers: + - name: deis-monitor-grafana + image: quay.io/{{.grafana.org}}/grafana:{{env "GRAFANA_GIT_TAG" | default .grafana.dockerTag}} + imagePullPolicy: {{.grafana.pullPolicy}} +{{- if or (.grafana.limits_cpu) (.grafana.limits_memory)}} + resources: + limits: +{{- if (.grafana.limits_cpu) }} + cpu: {{.grafana.limits_cpu}} +{{- end}} +{{- if (.grafana.limits_memory) }} + memory: {{.grafana.limits_memory}} +{{- end}} +{{- end}} + env: + {{- if env "INFLUXDB_LOCATION" | default .influxdb_location | eq "off-cluster" }} + - name: "INFLUXDB_SERVICE_URL" + value: "{{ env "INFLUXDB_SERVICE_URL" | default .influxdb.url }}" + - name: "INFLUXDB_DATABASE" + value: "{{ env "INFLUXDB_DATABASE" | default .influxdb.database }}" + - name: "INFLUXDB_USER" + value: "{{ env "INFLUXDB_USER" | default .influxdb.user }}" + - name: "INFLUXDB_PASSWORD" + value: "{{ env "INFLUXDB_PASSWORD" | default .influxdb.password }}" + {{- else }} + - name: "INFLUXDB_URLS" + value: http://$(DEIS_MONITOR_INFLUXAPI_SERVICE_HOST):$(DEIS_MONITOR_INFLUXAPI_SERVICE_PORT_TRANSPORT) + {{- end }} + - name: "BIND_PORT" + value: "3500" + - name: "DEFAULT_USER" + value: {{env "GRAFANA_USER" | default .grafana.user}} + - name: "DEFAULT_USER_PASSWORD" + value: {{env "GRAFANA_PASSWD" | default .grafana.password}} + ports: + - containerPort: 3500 + name: ui diff --git a/workflow-v2.9.0/tpl/deis-monitor-grafana-rc.yaml b/workflow-v2.9.0/tpl/deis-monitor-grafana-rc.yaml new file mode 100644 index 0000000..b115ea0 --- /dev/null +++ b/workflow-v2.9.0/tpl/deis-monitor-grafana-rc.yaml @@ -0,0 +1,55 @@ +apiVersion: v1 +kind: ReplicationController +metadata: + name: deis-monitor-grafana + namespace: deis + labels: + heritage: deis + annotations: + component.deis.io/version: {{env "GRAFANA_GIT_TAG" | default .grafana.dockerTag}} +spec: + replicas: 0 + selector: + app: deis-monitor-grafana + template: + metadata: + labels: + app: deis-monitor-grafana + spec: + containers: + - name: deis-monitor-grafana + image: quay.io/{{.grafana.org}}/grafana:{{env "GRAFANA_GIT_TAG" | default .grafana.dockerTag}} + imagePullPolicy: {{.grafana.pullPolicy}} +{{- if or (.grafana.limits_cpu) (.grafana.limits_memory)}} + resources: + limits: +{{- if (.grafana.limits_cpu) }} + cpu: {{.grafana.limits_cpu}} +{{- end}} +{{- if (.grafana.limits_memory) }} + memory: {{.grafana.limits_memory}} +{{- end}} +{{- end}} + env: + {{- if env "INFLUXDB_LOCATION" | default .influxdb_location | eq "off-cluster" }} + - name: "INFLUXDB_SERVICE_URL" + value: "{{ env "INFLUXDB_SERVICE_URL" | default .influxdb.url }}" + - name: "INFLUXDB_DATABASE" + value: "{{ env "INFLUXDB_DATABASE" | default .influxdb.database }}" + - name: "INFLUXDB_USER" + value: "{{ env "INFLUXDB_USER" | default .influxdb.user }}" + - name: "INFLUXDB_PASSWORD" + value: "{{ env "INFLUXDB_PASSWORD" | default .influxdb.password }}" + {{- else }} + - name: "INFLUXDB_URLS" + value: http://$(DEIS_MONITOR_INFLUXAPI_SERVICE_HOST):$(DEIS_MONITOR_INFLUXAPI_SERVICE_PORT_TRANSPORT) + {{- end }} + - name: "BIND_PORT" + value: "3500" + - name: "DEFAULT_USER" + value: {{env "GRAFANA_USER" | default .grafana.user}} + - name: "DEFAULT_USER_PASSWORD" + value: {{env "GRAFANA_PASSWD" | default .grafana.password}} + ports: + - containerPort: 3500 + name: ui diff --git a/workflow-v2.9.0/tpl/deis-monitor-grafana-svc.yaml b/workflow-v2.9.0/tpl/deis-monitor-grafana-svc.yaml new file mode 100644 index 0000000..e6bbedc --- /dev/null +++ b/workflow-v2.9.0/tpl/deis-monitor-grafana-svc.yaml @@ -0,0 +1,21 @@ +apiVersion: v1 +kind: Service +metadata: + name: deis-monitor-grafana + namespace: deis + labels: + heritage: deis + app: deis-monitor-grafana + router.deis.io/routable: "true" + annotations: + router.deis.io/domains: grafana + router.deis.io/connectTimeout: "10" + router.deis.io/tcpTimeout: "1200" + helm-keep: "true" +spec: + ports: + - port: 80 + name: ui + targetPort: ui + selector: + app: deis-monitor-grafana diff --git a/workflow-v2.9.0/tpl/deis-monitor-influxdb-api-svc.yaml b/workflow-v2.9.0/tpl/deis-monitor-influxdb-api-svc.yaml new file mode 100644 index 0000000..2e8e922 --- /dev/null +++ b/workflow-v2.9.0/tpl/deis-monitor-influxdb-api-svc.yaml @@ -0,0 +1,21 @@ +apiVersion: v1 +kind: Service +metadata: + name: deis-monitor-influxapi + namespace: deis + labels: + heritage: deis + app: deis-monitor-influxapi + router.deis.io/routable: "true" + annotations: + router.deis.io/domains: influxapi + router.deis.io/connectTimeout: "10" + router.deis.io/tcpTimeout: "1200" + helm-keep: "true" +spec: + ports: + - port: 80 + name: transport + targetPort: transport + selector: + app: deis-monitor-influxdb diff --git a/workflow-v2.9.0/tpl/deis-monitor-influxdb-deployment.yaml b/workflow-v2.9.0/tpl/deis-monitor-influxdb-deployment.yaml new file mode 100644 index 0000000..54c863f --- /dev/null +++ b/workflow-v2.9.0/tpl/deis-monitor-influxdb-deployment.yaml @@ -0,0 +1,57 @@ +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: deis-monitor-influxdb + namespace: deis + labels: + heritage: deis + annotations: + helm-keep: "true" + component.deis.io/version: {{env "INFLUXDB_GIT_TAG" | default .influxdb.dockerTag}} +spec: + replicas: 1 + strategy: + type: Recreate + selector: + matchLabels: + app: deis-monitor-influxdb + template: + metadata: + labels: + app: deis-monitor-influxdb + spec: + containers: + - name: deis-monitor-influxdb + image: quay.io/{{.influxdb.org}}/influxdb:{{env "INFLUXDB_GIT_TAG" | default .influxdb.dockerTag}} + imagePullPolicy: {{.influxdb.pullPolicy}} +{{- if or (.influxdb.limits_cpu) (.influxdb.limits_memory)}} + resources: + limits: +{{- if (.influxdb.limits_cpu) }} + cpu: {{.influxdb.limits_cpu}} +{{- end}} +{{- if (.influxdb.limits_memory) }} + memory: {{.influxdb.limits_memory}} +{{- end}} +{{- end}} + ports: + - containerPort: 8083 + name: admin + - containerPort: 8086 + name: transport + protocol: TCP + - containerPort: 8084 + name: ssltransport + protocol: TCP + livenessProbe: + httpGet: + path: /ping + port: 8086 + initialDelaySeconds: 1 + timeoutSeconds: 1 + readinessProbe: + httpGet: + path: /ping + port: 8086 + initialDelaySeconds: 1 + timeoutSeconds: 1 diff --git a/workflow-v2.9.0/tpl/deis-monitor-influxdb-rc.yaml b/workflow-v2.9.0/tpl/deis-monitor-influxdb-rc.yaml new file mode 100644 index 0000000..4788d72 --- /dev/null +++ b/workflow-v2.9.0/tpl/deis-monitor-influxdb-rc.yaml @@ -0,0 +1,53 @@ +apiVersion: v1 +kind: ReplicationController +metadata: + name: deis-monitor-influxdb + namespace: deis + labels: + heritage: deis + annotations: + component.deis.io/version: {{env "INFLUXDB_GIT_TAG" | default .influxdb.dockerTag}} +spec: + replicas: 0 + selector: + app: deis-monitor-influxdb + template: + metadata: + labels: + app: deis-monitor-influxdb + spec: + containers: + - name: deis-monitor-influxdb + image: quay.io/{{.influxdb.org}}/influxdb:{{env "INFLUXDB_GIT_TAG" | default .influxdb.dockerTag}} + imagePullPolicy: {{.influxdb.pullPolicy}} +{{- if or (.influxdb.limits_cpu) (.influxdb.limits_memory)}} + resources: + limits: +{{- if (.influxdb.limits_cpu) }} + cpu: {{.influxdb.limits_cpu}} +{{- end}} +{{- if (.influxdb.limits_memory) }} + memory: {{.influxdb.limits_memory}} +{{- end}} +{{- end}} + ports: + - containerPort: 8083 + name: admin + - containerPort: 8086 + name: transport + protocol: TCP + - containerPort: 8084 + name: ssltransport + protocol: TCP + livenessProbe: + httpGet: + path: /ping + port: 8086 + initialDelaySeconds: 1 + timeoutSeconds: 1 + readinessProbe: + httpGet: + path: /ping + port: 8086 + initialDelaySeconds: 1 + timeoutSeconds: 1 diff --git a/workflow-v2.9.0/tpl/deis-monitor-influxdb-ui-svc.yaml b/workflow-v2.9.0/tpl/deis-monitor-influxdb-ui-svc.yaml new file mode 100644 index 0000000..2968e75 --- /dev/null +++ b/workflow-v2.9.0/tpl/deis-monitor-influxdb-ui-svc.yaml @@ -0,0 +1,21 @@ +apiVersion: v1 +kind: Service +metadata: + name: deis-monitor-influxui + namespace: deis + labels: + heritage: deis + app: deis-monitor-influxui + router.deis.io/routable: "true" + annotations: + router.deis.io/domains: influx + router.deis.io/connectTimeout: "10" + router.deis.io/tcpTimeout: "1200" + helm-keep: "true" +spec: + ports: + - port: 80 + name: admin + targetPort: admin + selector: + app: deis-monitor-influxdb diff --git a/workflow-v2.9.0/tpl/deis-monitor-telegraf-daemon.yaml b/workflow-v2.9.0/tpl/deis-monitor-telegraf-daemon.yaml new file mode 100644 index 0000000..b2a8e38 --- /dev/null +++ b/workflow-v2.9.0/tpl/deis-monitor-telegraf-daemon.yaml @@ -0,0 +1,108 @@ +#helm:generate helm tpl -d $HELM_GENERATE_DIR/tpl/generate_params.toml -o $HELM_GENERATE_DIR/manifests/deis-monitor-telegraf-daemon.yaml $HELM_GENERATE_FILE +apiVersion: extensions/v1beta1 +kind: DaemonSet +metadata: + name: deis-monitor-telegraf + namespace: deis + labels: + heritage: deis + annotations: + component.deis.io/version: {{env "TELEGRAF_GIT_TAG" | default .telegraf.dockerTag}} +spec: + template: + metadata: + labels: + app: deis-monitor-telegraf + spec: + serviceAccount: deis-monitor-telegraf + containers: + - name: deis-monitor-telegraf + image: quay.io/{{.telegraf.org}}/telegraf:{{env "TELEGRAF_GIT_TAG" | default .telegraf.dockerTag}} + imagePullPolicy: {{.telegraf.pullPolicy}} +{{- if or (.telegraf.limits_cpu) (.telegraf.limits_memory)}} + resources: + limits: +{{- if (.telegraf.limits_cpu) }} + cpu: {{.telegraf.limits_cpu}} +{{- end}} +{{- if (.telegraf.limits_memory) }} + memory: {{.telegraf.limits_memory}} +{{- end}} +{{- end}} + env: + - name: POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + {{- if env "INFLUXDB_LOCATION" | default .influxdb_location | eq "off-cluster" }} + - name: "INFLUXDB_URLS" + value: "\"{{ env "INFLUXDB_URLS" | default .influxdb.url }}\"" + - name: "INFLUXDB_DATABASE" + value: "{{ env "INFLUXDB_DATABASE" | default .influxdb.database }}" + - name: "INFLUXDB_USERNAME" + value: "{{ env "INFLUXDB_USERNAME" | default .influxdb.user }}" + - name: "INFLUXDB_PASSWORD" + value: "{{ env "INFLUXDB_PASSWORD" | default .influxdb.password }}" + {{- else }} + - name: "INFLUXDB_URLS" + value: "\"http://$(DEIS_MONITOR_INFLUXAPI_SERVICE_HOST):$(DEIS_MONITOR_INFLUXAPI_SERVICE_PORT_TRANSPORT)\"" + - name: "INFLUXDB_INPUT_URLS" + value: "\"http://$(DEIS_MONITOR_INFLUXAPI_SERVICE_HOST):$(DEIS_MONITOR_INFLUXAPI_SERVICE_PORT_TRANSPORT)/debug/vars\"" + - name: "ENABLE_INFLUXDB_INPUT" + value: "true" + {{- end }} + - name: "HOST_PROC" + value: "/rootfs/proc" + - name: "HOST_SYS" + value: "/rootfs/sys" + - name: "AGENT_QUIET" + value: "true" + - name: "AGENT_BUFFER_LIMIT" + value: "100000" + - name: "ENABLE_KUBERNETES" + value: "true" + - name: "NSQ_CONSUMER_SERVER" + value: "$(DEIS_NSQD_SERVICE_HOST):$(DEIS_NSQD_SERVICE_PORT_TRANSPORT)" + - name: "NSQ_CONSUMER_TOPIC" + value: "metrics" + - name: "NSQ_ENDPOINTS" + value: "\"http://$(DEIS_NSQD_SERVICE_HOST):$(DEIS_NSQD_SERVICE_PORT_HTTP)\"" + {{- if env "LOGGER_REDIS_LOCATION" | default .logger_redis_location | ne "off-cluster" }} + - name: DEIS_LOGGER_REDIS_PASSWORD + valueFrom: + secretKeyRef: + name: logger-redis-creds + key: password + - name: "REDIS_SERVERS" + value: "\"tcp://:$(DEIS_LOGGER_REDIS_PASSWORD)@$(DEIS_LOGGER_REDIS_SERVICE_HOST):$(DEIS_LOGGER_REDIS_SERVICE_PORT)\"" + {{- end }} + volumeMounts: + - mountPath: /var/run/docker.sock + name: docker-socket + - name: sysro + mountPath: /rootfs/sys + readOnly: true + - name: procro + mountPath: /rootfs/proc + readOnly: true + - name: varrunutmpro + mountPath: /var/run/utmp + readOnly: true + - name: logger-redis-creds + mountPath: /var/run/secrets/deis/redis/creds + volumes: + - name: docker-socket + hostPath: + path: /var/run/docker.sock + - name: sysro + hostPath: + path: /sys + - name: procro + hostPath: + path: /proc + - name: varrunutmpro + hostPath: + path: /var/run/utmp + - name: logger-redis-creds + secret: + secretName: logger-redis-creds diff --git a/workflow-v2.9.0/tpl/deis-nsqd-deployment.yaml b/workflow-v2.9.0/tpl/deis-nsqd-deployment.yaml new file mode 100644 index 0000000..a81fbb0 --- /dev/null +++ b/workflow-v2.9.0/tpl/deis-nsqd-deployment.yaml @@ -0,0 +1,64 @@ +#helm:generate helm tpl -d $HELM_GENERATE_DIR/tpl/generate_params.toml -o $HELM_GENERATE_DIR/manifests/deis-nsqd-deployment.yaml $HELM_GENERATE_FILE +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: deis-nsqd + namespace: deis + labels: + heritage: deis + annotations: + helm-keep: "true" + component.deis.io/version: {{env "NSQ_GIT_TAG" | default .nsqd.dockerTag}} +spec: + replicas: 1 + strategy: + type: Recreate + selector: + matchLabels: + app: deis-nsqd + template: + metadata: + labels: + app: deis-nsqd + spec: + serviceAccount: deis-nsqd + containers: + - name: deis-nsqd + image: quay.io/{{.nsqd.org}}/nsq:{{env "NSQ_GIT_TAG" | default .nsqd.dockerTag}} + imagePullPolicy: {{.nsqd.pullPolicy}} +{{- if or (.nsqd.limits_cpu) (.nsqd.limits_memory)}} + resources: + limits: +{{- if (.nsqd.limits_cpu) }} + cpu: {{.nsqd.limits_cpu}} +{{- end}} +{{- if (.nsqd.limits_memory) }} + memory: {{.nsqd.limits_memory}} +{{- end}} +{{- end}} + command: + - /opt/nsq/bin/start-nsqd + ports: + - containerPort: 4151 + name: http + protocol: TCP + - containerPort: 4150 + name: transport + protocol: TCP + livenessProbe: + httpGet: + path: /ping + port: 4151 + initialDelaySeconds: 5 + timeoutSeconds: 1 + readinessProbe: + httpGet: + path: /ping + port: 4151 + initialDelaySeconds: 5 + timeoutSeconds: 1 + env: + - name: POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace diff --git a/workflow-v2.9.0/tpl/deis-nsqd-rc.yaml b/workflow-v2.9.0/tpl/deis-nsqd-rc.yaml new file mode 100644 index 0000000..0d6f7a1 --- /dev/null +++ b/workflow-v2.9.0/tpl/deis-nsqd-rc.yaml @@ -0,0 +1,59 @@ +apiVersion: v1 +kind: ReplicationController +metadata: + name: deis-nsqd + namespace: deis + labels: + heritage: deis + annotations: + component.deis.io/version: {{env "NSQ_GIT_TAG" | default .nsqd.dockerTag}} +spec: + replicas: 0 + selector: + app: deis-nsqd + template: + metadata: + labels: + app: deis-nsqd + spec: + serviceAccount: deis-nsqd + containers: + - name: deis-nsqd + image: quay.io/{{.nsqd.org}}/nsq:{{env "NSQ_GIT_TAG" | default .nsqd.dockerTag}} + imagePullPolicy: {{.nsqd.pullPolicy}} +{{- if or (.nsqd.limits_cpu) (.nsqd.limits_memory)}} + resources: + limits: +{{- if (.nsqd.limits_cpu) }} + cpu: {{.nsqd.limits_cpu}} +{{- end}} +{{- if (.nsqd.limits_memory) }} + memory: {{.nsqd.limits_memory}} +{{- end}} +{{- end}} + command: + - /opt/nsq/bin/start-nsqd + ports: + - containerPort: 4151 + name: http + protocol: TCP + - containerPort: 4150 + name: transport + protocol: TCP + livenessProbe: + httpGet: + path: /ping + port: 4151 + initialDelaySeconds: 5 + timeoutSeconds: 1 + readinessProbe: + httpGet: + path: /ping + port: 4151 + initialDelaySeconds: 5 + timeoutSeconds: 1 + env: + - name: POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace diff --git a/workflow-v2.9.0/tpl/deis-objectstorage-secret.yaml b/workflow-v2.9.0/tpl/deis-objectstorage-secret.yaml new file mode 100644 index 0000000..bee58f6 --- /dev/null +++ b/workflow-v2.9.0/tpl/deis-objectstorage-secret.yaml @@ -0,0 +1,37 @@ +#helm:generate helm template -o $HELM_GENERATE_DIR/manifests/deis-objectstorage-secret.yaml -d $HELM_GENERATE_DIR/tpl/generate_params.toml $HELM_GENERATE_DIR/tpl/deis-objectstorage-secret.yaml +apiVersion: v1 +kind: Secret +metadata: + name: objectstorage-keyfile + namespace: deis + labels: + heritage: deis + annotations: + deis.io/objectstorage: "{{ or (env "STORAGE_TYPE") (.storage)}}" +type: Opaque +data: {{ if or (eq (env "STORAGE_TYPE") "gcs") (eq .storage "gcs")}} + key.json: {{ or (env "GCS_KEY_JSON") (.gcs.key_json) | b64enc}} + registry-bucket: {{ or (env "GCS_REGISTRY_BUCKET") (.gcs.registry_bucket) | b64enc}} + database-bucket: {{ or (env "GCS_DATABASE_BUCKET") (.gcs.database_bucket) | b64enc }} + builder-bucket: {{ or (env "GCS_BUILDER_BUCKET") (.gcs.builder_bucket) | b64enc }}{{ else if or (eq (env "STORAGE_TYPE") "azure") (eq .storage "azure")}} + accountname: {{ or (env "AZURE_ACCOUNT_NAME") (.azure.accountname) | b64enc }} + accountkey: {{ or (env "AZURE_ACCOUNT_KEY") (.azure.accountkey) | b64enc }} + registry-container: {{ or (env "AZURE_REGISTRY_CONTAINER") (.azure.registry_container) | b64enc }} + database-container: {{ or (env "AZURE_DATABASE_CONTAINER") (.azure.database_container) | b64enc }} + builder-container: {{ or (env "AZURE_BUILDER_CONTAINER") (.azure.builder_container) | b64enc }}{{ else if or (eq (env "STORAGE_TYPE") "s3") (eq .storage "s3")}} + accesskey: {{ or (env "AWS_ACCESS_KEY") (.s3.accesskey) | b64enc }} + secretkey: {{ or (env "AWS_SECRET_KEY") (.s3.secretkey) | b64enc }} + region: {{ or (env "S3_REGION") (.s3.region) | b64enc }} + registry-bucket: {{ or (env "AWS_REGISTRY_BUCKET") (.s3.registry_bucket) | b64enc }} + database-bucket: {{ or (env "AWS_DATABASE_BUCKET") (.s3.database_bucket) | b64enc }} + builder-bucket: {{ or (env "AWS_BUILDER_BUCKET") (.s3.builder_bucket) | b64enc }}{{ else if or (eq (env "STORAGE_TYPE") "swift") (eq .storage "swift")}} + username: {{ or (env "SWIFT_USERNAME") (.swift.username) | b64enc }} + password: {{ or (env "SWIFT_PASSWORD") (.swift.password) | b64enc }} + authurl: {{ or (env "SWIFT_AUTHURL") (.swift.authurl) | b64enc }} + tenant: {{ or (env "SWIFT_TENANT") (.swift.tenant) | b64enc }} + authversion: {{ or (env "SWIFT_AUTHVERSION") (.swift.authversion) | b64enc }} + registry-container: {{ or (env "SWIFT_REGISTRY_CONTAINER") (.swift.registry_container) | b64enc }} + database-container: {{ or (env "SWIFT_DATABASE_CONTAINER") (.swift.database_container) | b64enc }} + builder-container: {{ or (env "SWIFT_BUILDER_CONTAINER") (.swift.builder_container) | b64enc }}{{else if or (eq (env "STORAGE_TYPE") "minio") (eq .storage "minio")}} + accesskey: OFRaUlkySlJXTVBUNlVNWFI2STU= + secretkey: Z2JzdHJPdm90TU1jZzJzTWZHVWhBNWE2RXQvRUk1QUx0SUhzb2JZaw=={{ end }} diff --git a/workflow-v2.9.0/tpl/deis-registry-deployment.yaml b/workflow-v2.9.0/tpl/deis-registry-deployment.yaml new file mode 100644 index 0000000..1471a7d --- /dev/null +++ b/workflow-v2.9.0/tpl/deis-registry-deployment.yaml @@ -0,0 +1,72 @@ +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: deis-registry + namespace: deis + labels: + heritage: deis + annotations: + helm-keep: "true" + component.deis.io/version: {{env "REGISTRY_GIT_TAG" | default .registry.dockerTag}} +spec: + replicas: 1 + strategy: + rollingUpdate: + maxSurge: 1 + maxUnavailable: 0 + type: RollingUpdate + selector: + matchLabels: + app: deis-registry + template: + metadata: + labels: + app: deis-registry + spec: + serviceAccount: deis-registry + containers: + - name: deis-registry + image: quay.io/{{.registry.org}}/registry:{{env "REGISTRY_GIT_TAG" | default .registry.dockerTag}} + imagePullPolicy: {{.registry.pullPolicy}} +{{- if or (.registry.limits_cpu) (.registry.limits_memory)}} + resources: + limits: +{{- if (.registry.limits_cpu) }} + cpu: {{.registry.limits_cpu}} +{{- end}} +{{- if (.registry.limits_memory) }} + memory: {{.registry.limits_memory}} +{{- end}} +{{- end}} + livenessProbe: + httpGet: + path: /v2/ + port: 5000 + initialDelaySeconds: 1 + timeoutSeconds: 1 + readinessProbe: + httpGet: + path: /v2/ + port: 5000 + initialDelaySeconds: 1 + timeoutSeconds: 1 + env: + - name: REGISTRY_STORAGE_DELETE_ENABLED + value: "true" + - name: REGISTRY_LOG_LEVEL + value: info + - name: REGISTRY_STORAGE + value: "{{ or (env "STORAGE_TYPE") (.storage)}}" + ports: + - containerPort: 5000 + volumeMounts: + - name: registry-storage + mountPath: /var/lib/registry + - name: registry-creds + mountPath: /var/run/secrets/deis/registry/creds + volumes: + - name: registry-storage + emptyDir: {} + - name: registry-creds + secret: + secretName: objectstorage-keyfile diff --git a/workflow-v2.9.0/tpl/deis-registry-proxy-daemon.yaml b/workflow-v2.9.0/tpl/deis-registry-proxy-daemon.yaml new file mode 100644 index 0000000..643c272 --- /dev/null +++ b/workflow-v2.9.0/tpl/deis-registry-proxy-daemon.yaml @@ -0,0 +1,43 @@ +apiVersion: extensions/v1beta1 +kind: DaemonSet +metadata: + name: deis-registry-proxy + namespace: deis + labels: + heritage: deis + annotations: + component.deis.io/version: {{env "REGISTRY_PROXY_GIT_TAG" | default .registry_proxy.dockerTag}} +spec: + selector: + matchLabels: + app: deis-registry-proxy + heritage: deis + template: + metadata: + name: deis-registry-proxy + labels: + heritage: deis + app: deis-registry-proxy + spec: + containers: + - name: deis-registry-proxy + image: quay.io/{{.registry_proxy.org}}/registry-proxy:{{env "REGISTRY_PROXY_GIT_TAG" | default .registry_proxy.dockerTag}} + imagePullPolicy: {{.registry_proxy.pullPolicy}} +{{- if or (.registry_proxy.limits_cpu) (.registry_proxy.limits_memory)}} + resources: + limits: +{{- if (.registry_proxy.limits_cpu) }} + cpu: {{.registry_proxy.limits_cpu }} +{{- end}} +{{- if (.registry_proxy.limits_memory) }} + memory: {{.registry_proxy.limits_memory }} +{{- end}} +{{- end}} + env: + - name: REGISTRY_HOST + value: $(DEIS_REGISTRY_SERVICE_HOST) + - name: REGISTRY_PORT + value: $(DEIS_REGISTRY_SERVICE_PORT) + ports: + - containerPort: 80 + hostPort: {{.registry_proxy.hostPort}} diff --git a/workflow-v2.9.0/tpl/deis-registry-rc.yaml b/workflow-v2.9.0/tpl/deis-registry-rc.yaml new file mode 100644 index 0000000..4d89e6c --- /dev/null +++ b/workflow-v2.9.0/tpl/deis-registry-rc.yaml @@ -0,0 +1,55 @@ +apiVersion: v1 +kind: ReplicationController +metadata: + name: deis-registry + namespace: deis + labels: + heritage: deis + annotations: + component.deis.io/version: {{env "REGISTRY_GIT_TAG" | default .registry.dockerTag}} +spec: + replicas: 0 + selector: + app: deis-registry-deprecated + template: + metadata: + labels: + app: deis-registry-deprecated + spec: + serviceAccount: deis-registry + containers: + - name: deis-registry + image: quay.io/{{.registry.org}}/registry:{{env "REGISTRY_GIT_TAG" | default .registry.dockerTag}} + imagePullPolicy: {{.registry.pullPolicy}} + livenessProbe: + httpGet: + path: /v2/ + port: 5000 + initialDelaySeconds: 1 + timeoutSeconds: 1 + readinessProbe: + httpGet: + path: /v2/ + port: 5000 + initialDelaySeconds: 1 + timeoutSeconds: 1 + env: + - name: REGISTRY_STORAGE_DELETE_ENABLED + value: "true" + - name: REGISTRY_LOG_LEVEL + value: info + - name: REGISTRY_STORAGE + value: "{{ or (env "STORAGE_TYPE") (.storage)}}" + ports: + - containerPort: 5000 + volumeMounts: + - name: registry-storage + mountPath: /var/lib/registry + - name: registry-creds + mountPath: /var/run/secrets/deis/registry/creds + volumes: + - name: registry-storage + emptyDir: {} + - name: registry-creds + secret: + secretName: objectstorage-keyfile diff --git a/workflow-v2.9.0/tpl/deis-registry-secret.yaml b/workflow-v2.9.0/tpl/deis-registry-secret.yaml new file mode 100644 index 0000000..032f616 --- /dev/null +++ b/workflow-v2.9.0/tpl/deis-registry-secret.yaml @@ -0,0 +1,22 @@ +apiVersion: v1 +kind: Secret +metadata: + name: registry-secret + namespace: deis + labels: + heritage: deis + annotations: + deis.io/registry-location: "{{ or (env "REGISTRY_LOCATION") (.registry_location) }}" +type: Opaque +data: {{ if or (eq (env "REGISTRY_LOCATION") "gcr") (eq .registry_location "gcr") }} + key.json: {{ or (env "GCR_KEY_JSON") (.gcr.key_json) | b64enc }} + hostname: {{ or (env "GCR_HOSTNAME") (.gcr.hostname) | b64enc }}{{ else if or (eq (env "REGISTRY_LOCATION") "ecr") (eq .registry_location "ecr") }} + accesskey: {{ or (env "ECR_ACCESS_KEY") (.ecr.accesskey) | b64enc }} + secretkey: {{ or (env "ECR_SECRET_KEY") (.ecr.secretkey) | b64enc }} + region: {{ or (env "ECR_REGION") (.ecr.region) | b64enc }} + registryid: {{ or (env "ECR_REGISTRY_ID") (.ecr.registryid) | b64enc }} + hostname: {{ or (env "ECR_HOSTNAME") (.ecr.hostname) | b64enc }}{{else if or (eq (env "REGISTRY_LOCATION") "off-cluster") (eq .registry_location "off-cluster") }} + hostname: {{ or (env "REGISTRY_HOSTNAME") (.off_cluster_registry.hostname) | b64enc }} + organization: {{ or (env "REGISTRY_ORGANIZATION") (.off_cluster_registry.organization) | b64enc }} + username: {{ or (env "REGISTRY_USERNAME") (.off_cluster_registry.username) | b64enc }} + password: {{ or (env "REGISTRY_PASSWORD") (.off_cluster_registry.password) | b64enc }}{{ end }} diff --git a/workflow-v2.9.0/tpl/deis-registry-service-account.yaml b/workflow-v2.9.0/tpl/deis-registry-service-account.yaml new file mode 100644 index 0000000..00542cb --- /dev/null +++ b/workflow-v2.9.0/tpl/deis-registry-service-account.yaml @@ -0,0 +1,7 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + name: deis-registry + namespace: deis + labels: + heritage: deis diff --git a/workflow-v2.9.0/tpl/deis-registry-service.yaml b/workflow-v2.9.0/tpl/deis-registry-service.yaml new file mode 100644 index 0000000..1b4a125 --- /dev/null +++ b/workflow-v2.9.0/tpl/deis-registry-service.yaml @@ -0,0 +1,16 @@ +apiVersion: v1 +kind: Service +metadata: + name: deis-registry + namespace: deis + labels: + heritage: deis + annotations: + helm-keep: "true" +spec: + ports: + - name: http + port: 80 + targetPort: 5000 + selector: + app: deis-registry diff --git a/workflow-v2.9.0/tpl/deis-registry-token-refresher.yaml b/workflow-v2.9.0/tpl/deis-registry-token-refresher.yaml new file mode 100644 index 0000000..b734f66 --- /dev/null +++ b/workflow-v2.9.0/tpl/deis-registry-token-refresher.yaml @@ -0,0 +1,45 @@ +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: deis-registry-token-refresher + namespace: deis + labels: + heritage: deis + annotations: + component.deis.io/version: {{env "REGISTRY_TOKEN_REFRESH_GIT_TAG" | default .registry_token_refresher.dockerTag}} +spec: + replicas: 1 + strategy: + rollingUpdate: + maxSurge: 1 + maxUnavailable: 0 + type: RollingUpdate + selector: + matchLabels: + app: deis-registry-token-refresher + template: + metadata: + labels: + app: deis-registry-token-refresher + spec: + containers: + - name: deis-registry-token-refresher + image: quay.io/{{.registry_token_refresher.org}}/registry-token-refresher:{{env "REGISTRY_TOKEN_REFRESH_GIT_TAG" | default .registry_token_refresher.dockerTag}} + imagePullPolicy: {{.registry_token_refresher.pullPolicy}} + env: + - name: "DEIS_REGISTRY_LOCATION" + value: "{{ or (env "REGISTRY_LOCATION") (.registry_location) }}" + - name: "DEIS_REGISTRY_SECRET_PREFIX" + value: "{{ .registry_token_refresher.secretPrefix }}" + - name: DEIS_NAMESPACE_REFRESH_TIME + value: "5" + - name: "DEIS_TOKEN_REFRESH_TIME" + value: "{{ or (env "DEIS_TOKEN_REFRESH_TIME") (.registry_token_refresher.tokenRefreshTime)}}" + volumeMounts: + - name: registry-secret + mountPath: /var/run/secrets/deis/registry/creds + readOnly: true + volumes: + - name: registry-secret + secret: + secretName: registry-secret diff --git a/workflow-v2.9.0/tpl/deis-router-deployment.yaml b/workflow-v2.9.0/tpl/deis-router-deployment.yaml new file mode 100644 index 0000000..c807962 --- /dev/null +++ b/workflow-v2.9.0/tpl/deis-router-deployment.yaml @@ -0,0 +1,70 @@ +#helm:generate helm tpl -d $HELM_GENERATE_DIR/tpl/generate_params.toml -o $HELM_GENERATE_DIR/manifests/deis-router-deployment.yaml $HELM_GENERATE_DIR/tpl/deis-router-deployment.yaml +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: deis-router + namespace: deis + labels: + heritage: deis + annotations: + helm-keep: "true" + {{- if ne .router.platformDomain "" }} + router.deis.io/nginx.platformDomain: {{ .router.platformDomain }} + {{- end }} + component.deis.io/version: {{env "ROUTER_GIT_TAG" | default .router.dockerTag}} +spec: + replicas: 1 + strategy: + rollingUpdate: + maxSurge: 1 + maxUnavailable: 0 + type: RollingUpdate + selector: + matchLabels: + app: deis-router + template: + metadata: + labels: + app: deis-router + spec: + serviceAccount: deis-router + containers: + - name: deis-router + image: quay.io/{{.router.org}}/router:{{env "ROUTER_GIT_TAG" | default .router.dockerTag}} + imagePullPolicy: {{.router.pullPolicy}} +{{- if or (.router.limits_cpu) (.router.limits_memory)}} + resources: + limits: +{{- if (.router.limits_cpu) }} + cpu: {{.router.limits_cpu}} +{{- end}} +{{- if (.router.limits_memory) }} + memory: {{.router.limits_memory}} +{{- end}} +{{- end}} + env: + - name: POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + ports: + - containerPort: 8080 + hostPort: 80 + - containerPort: 6443 + hostPort: 443 + - containerPort: 2222 + hostPort: 2222 + - containerPort: 9090 + hostPort: 9090 + livenessProbe: + httpGet: + path: /healthz + port: 9090 + initialDelaySeconds: 10 + timeoutSeconds: 1 + readinessProbe: + httpGet: + path: /healthz + port: 9090 + initialDelaySeconds: 1 + timeoutSeconds: 1 diff --git a/workflow-v2.9.0/tpl/deis-router-rc.yaml b/workflow-v2.9.0/tpl/deis-router-rc.yaml new file mode 100644 index 0000000..c6990a0 --- /dev/null +++ b/workflow-v2.9.0/tpl/deis-router-rc.yaml @@ -0,0 +1,53 @@ +#helm:generate helm tpl -d $HELM_GENERATE_DIR/tpl/generate_params.toml -o $HELM_GENERATE_DIR/manifests/deis-router-rc.yaml $HELM_GENERATE_DIR/tpl/deis-router-rc.yaml +apiVersion: v1 +kind: ReplicationController +metadata: + name: deis-router + namespace: deis + labels: + heritage: deis + annotations: + {{- if ne .router.platformDomain "" }} + router.deis.io/nginx.platformDomain: {{ .router.platformDomain }} + {{- end }} + component.deis.io/version: {{env "ROUTER_GIT_TAG" | default .router.dockerTag}} +spec: + replicas: 0 + selector: + app: deis-router-deprecated + template: + metadata: + labels: + app: deis-router-deprecated + spec: + serviceAccount: deis-router + containers: + - name: deis-router + image: quay.io/{{.router.org}}/router:{{env "ROUTER_GIT_TAG" | default .router.dockerTag}} + imagePullPolicy: {{.router.pullPolicy}} + env: + - name: POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + ports: + - containerPort: 8080 + hostPort: 80 + - containerPort: 6443 + hostPort: 443 + - containerPort: 2222 + hostPort: 2222 + - containerPort: 9090 + hostPort: 9090 + livenessProbe: + httpGet: + path: /healthz + port: 9090 + initialDelaySeconds: 1 + timeoutSeconds: 1 + readinessProbe: + httpGet: + path: /healthz + port: 9090 + initialDelaySeconds: 1 + timeoutSeconds: 1 diff --git a/workflow-v2.9.0/tpl/deis-workflow-manager-deployment.yaml b/workflow-v2.9.0/tpl/deis-workflow-manager-deployment.yaml new file mode 100644 index 0000000..091c981 --- /dev/null +++ b/workflow-v2.9.0/tpl/deis-workflow-manager-deployment.yaml @@ -0,0 +1,64 @@ +#helm:generate helm tpl -d $HELM_GENERATE_DIR/tpl/generate_params.toml -o $HELM_GENERATE_DIR/manifests/deis-workflow-manager-deployment.yaml $HELM_GENERATE_DIR/tpl/deis-workflow-manager-deployment.yaml +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: deis-workflow-manager + namespace: deis + labels: + heritage: deis + annotations: + helm-keep: "true" + component.deis.io/version: {{env "WORKFLOW_MANAGER_GIT_TAG" | default .workflowManager.dockerTag}} +spec: + replicas: 1 + strategy: + rollingUpdate: + maxSurge: 1 + maxUnavailable: 0 + type: RollingUpdate + selector: + matchLabels: + app: deis-workflow-manager + template: + metadata: + labels: + app: deis-workflow-manager + spec: + serviceAccount: deis-workflow-manager + containers: + - name: deis-workflow-manager + image: quay.io/{{.workflowManager.org}}/workflow-manager:{{env "WORKFLOW_MANAGER_GIT_TAG" | default .workflowManager.dockerTag}} + imagePullPolicy: {{.workflowManager.pullPolicy}} +{{- if or (.workflowManager.limits_cpu) (.workflowManager.limits_memory)}} + resources: + limits: +{{- if (.workflowManager.limits_cpu) }} + cpu: {{.workflowManager.limits_cpu}} +{{- end}} +{{- if (.workflowManager.limits_memory) }} + memory: {{.workflowManager.limits_memory}} +{{- end}} +{{- end}} + env: + - name: POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: PORT + value: "8080" + - name: VERSIONS_API_URL + value: {{.workflowManager.versionsApiURL}} + - name: DOCTOR_API_URL + value: {{.workflowManager.doctorApiURL}} + - name: POLL_INTERVAL_SEC + value: "43200" + - name: CHECK_VERSIONS + value: "true" + - name: API_VERSION + value: "v2" + - name: DEIS_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + ports: + - containerPort: 8080 diff --git a/workflow-v2.9.0/tpl/deis-workflow-manager-rc.yaml b/workflow-v2.9.0/tpl/deis-workflow-manager-rc.yaml new file mode 100644 index 0000000..6be6b85 --- /dev/null +++ b/workflow-v2.9.0/tpl/deis-workflow-manager-rc.yaml @@ -0,0 +1,47 @@ +#helm:generate helm tpl -d $HELM_GENERATE_DIR/tpl/generate_params.toml -o $HELM_GENERATE_DIR/manifests/deis-workflow-manager-rc.yaml $HELM_GENERATE_DIR/tpl/deis-workflow-manager-rc.yaml +apiVersion: v1 +kind: ReplicationController +metadata: + name: deis-workflow-manager + namespace: deis + labels: + heritage: deis + annotations: + component.deis.io/version: {{env "WORKFLOW_MANAGER_GIT_TAG" | default .workflowManager.dockerTag}} +spec: + replicas: 0 + selector: + app: deis-workflow-manager-deprecated + template: + metadata: + labels: + app: deis-workflow-manager-deprecated + spec: + serviceAccount: deis-workflow-manager + containers: + - name: deis-workflow-manager + image: quay.io/{{.workflowManager.org}}/workflow-manager:{{env "WORKFLOW_MANAGER_GIT_TAG" | default .workflowManager.dockerTag}} + imagePullPolicy: {{.workflowManager.pullPolicy}} + env: + - name: POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: PORT + value: "8080" + - name: VERSIONS_API_URL + value: {{.workflowManager.versionsApiURL}} + - name: DOCTOR_API_URL + value: {{.workflowManager.doctorApiURL}} + - name: POLL_INTERVAL_SEC + value: "43200" + - name: CHECK_VERSIONS + value: "true" + - name: API_VERSION + value: "v2" + - name: DEIS_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + ports: + - containerPort: 8080 diff --git a/workflow-v2.9.0/tpl/generate_params.toml b/workflow-v2.9.0/tpl/generate_params.toml new file mode 100644 index 0000000..bd329ad --- /dev/null +++ b/workflow-v2.9.0/tpl/generate_params.toml @@ -0,0 +1,284 @@ +#helm:generate $HELM_GENERATE_DIR/tpl/storage.sh +# +# This is the main configuration file for Deis object storage. The values in +# this file are passed into the appropriate services so that they can configure +# themselves for persisting data in object storage. +# +# In general, all object storage credentials must be able to read and write to +# the container or bucket they are configured to use. +# +# When you change values in this file, make sure to re-run `helmc generate` +# on this chart. + +# Set the storage backend +# +# Valid values are: +# - s3: Store persistent data in AWS S3 (configure in S3 section) +# - azure: Store persistent data in Azure's object storage +# - gcs: Store persistent data in Google Cloud Storage +# - minio: Store persistent data on in-cluster Minio server +# - swift: Store persistent data in OpenStack Swift storage cluster +storage = "minio" + +# Set the location of Workflow's PostgreSQL database +# +# Valid values are: +# - on-cluster: Run PostgreSQL within the Kubernetes cluster (credentials are generated +# automatically; backups are sent to object storage +# configured above) +# - off-cluster: Run PostgreSQL outside the Kubernetes cluster (configure in database section) +database_location = "on-cluster" + +# Set the location of Workflow's logger-specific Redis instance +# +# Valid values are: +# - on-cluster: Run Redis within the Kubernetes cluster +# - off-cluster: Run Redis outside the Kubernetes cluster (configure in loggerRedis section) +logger_redis_location = "on-cluster" + +# Set the location of Workflow's Registry +# +# Valid values are: +# - on-cluster: Run registry within the Kubernetes cluster +# - off-cluster: Use registry outside the Kubernetes cluster (example: dockerhub,quay.io,self-hosted) +# - ecr: Use Amazon's ECR +# - gcr: Use Google's GCR +registry_location = "on-cluster" + +# Set the location of Workflow's influxdb cluster +# +# Valid values are: +# - on-cluster: Run Influxdb within the Kubernetes cluster +# - off-cluster: Influxdb is running outside of the cluster and credentials and connection information will be provided. +influxdb_location = "on-cluster" + +# Set the location of Workflow's grafana instance +# +# Valid values are: +# - on-cluster: Run Grafan within the Kubernetes cluster +# - off-cluster: Grafana is running outside of the cluster +grafana_location = "on-cluster" + +[off_cluster_registry] +hostname = "" +organization = "" +username = "" +password = "" + +[ecr] +# Your AWS access key. Leave it empty if you want to use IAM credentials. +accesskey = "" +# Your AWS secret key. Leave it empty if you want to use IAM credentials. +secretkey = "" +# Any S3 region +region = "us-west-2" +registryid = "" +hostname = "" + +[gcr] +key_json = '''Paste JSON data here.''' +hostname = "" + +[minio] +org = "deis" +pullPolicy = "IfNotPresent" +dockerTag = "v2.3.4" + +[s3] +# Your AWS access key. Leave it empty if you want to use IAM credentials. +accesskey = "" +# Your AWS secret key. Leave it empty if you want to use IAM credentials. +secretkey = "" +# Any S3 region +region = "us-west-1" +# Your buckets. +registry_bucket = "your-registry-bucket-name" +database_bucket = "your-database-bucket-name" +builder_bucket = "your-builder-bucket-name" + +[azure] +accountname = "YOUR ACCOUNT NAME" +accountkey = "YOUR ACCOUNT KEY" +registry_container = "your-registry-container-name" +database_container = "your-database-container-name" +builder_container = "your-builder-container-name" + +[gcs] +# key_json is expanded into a JSON file on the remote server. It must be +# well-formatted JSON data. +key_json = '''Paste JSON data here.''' +registry_bucket = "your-registry-bucket-name" +database_bucket = "your-database-bucket-name" +builder_bucket = "your-builder-bucket-name" + +[swift] +username = "Your OpenStack Swift Username" +password = "Your OpenStack Swift Password" +authurl = "Swift auth URL for obtaining an auth token" +# Your OpenStack tenant name if you are using auth version 2 or 3. +tenant = "" +authversion = "Your OpenStack swift auth version" +registry_container = "your-registry-container-name" +database_container = "your-database-container-name" +builder_container = "your-builder-container-name" + +[builder] +org = "deis" +pullPolicy = "IfNotPresent" +dockerTag = "v2.6.0" +# limits_cpu = "100m" +# limits_memory = "50Mi" + +[slugbuilder] +org = "deis" +pullPolicy = "IfNotPresent" +dockerTag = "v2.4.6" + +[dockerbuilder] +org = "deis" +pullPolicy = "IfNotPresent" +dockerTag = "v2.5.1" + +[controller] +org = "deis" +pullPolicy = "IfNotPresent" +dockerTag = "v2.9.0" +# NOTE(jchauncey): Possible values are: +# enabled - allows for open registration +# disabled - turns off open registration +# admin_only - allows for registration by an admin only. +registrationMode = "enabled" +# limits_cpu = "100m" +# limits_memory = "50Mi" + +# Set the default (global) way of how Application (your own) images are +# pulled from within the Controller. +# This can be configured per Application as well in the Controller. +# +# This affects pull apps and git push (slugrunner images) apps +# +# Values values are: +# - Always +# - IfNotPresent +app_pull_policy = "IfNotPresent" + +[slugrunner] +org = "deis" +dockerTag = "v2.2.4" + +[database] +org = "deis" +pullPolicy = "IfNotPresent" +dockerTag = "v2.4.4" +# Configure the following ONLY if using an off-cluster PostgreSQL database +name = "database name" +username = "database username" +password = "database password" +host = "database host" +port = "database port" +# limits_cpu = "100m" +# limits_memory = "50Mi" + +[registry] +org = "deis" +pullPolicy = "IfNotPresent" +dockerTag = "v2.3.1" +# limits_cpu = "100m" +# limits_memory = "50Mi" + +[registry_token_refresher] +org = "deis" +pullPolicy = "IfNotPresent" +dockerTag = "v1.0.4" +# Prefix for the imagepull secret created when using private registry +secretPrefix = "private-registry" +# Time in minutes after which the token should be refreshed. +# Leave it empty to use the default provider time. +tokenRefreshTime = "" +# limits_cpu = "100m" +# limits_memory = "50Mi" + +[registry_proxy] +org = "deis" +pullPolicy = "IfNotPresent" +dockerTag = "v1.1.1" +hostPort = 5555 +limits_cpu = "100m" +limits_memory = "50Mi" + +[workflowManager] +org = "deis" +pullPolicy = "IfNotPresent" +dockerTag = "v2.4.4" +versionsApiURL = "https://versions.deis.com" +doctorApiURL = "https://doctor.deis.com" +# limits_cpu = "100m" +# limits_memory = "50Mi" + +[logger] +org = "deis" +pullPolicy = "IfNotPresent" +dockerTag = "v2.4.0" +# limits_cpu = "100m" +# limits_memory = "50Mi" + +[loggerRedis] +org = "deis" +pullPolicy = "IfNotPresent" +dockerTag = "v2.2.4" +# Configure the following ONLY if using an off-cluster Redis instance for logger +db = "0" +host = "redis host" +port = "redis port" +password = "redis password" # "" == no password +# limits_cpu = "100m" +# limits_memory = "50Mi" + +[router] +org = "deis" +pullPolicy = "IfNotPresent" +dockerTag = "v2.7.0" +platformDomain = "" +# limits_cpu = "100m" +# limits_memory = "50Mi" + +[fluentd] +org = "deis" +pullPolicy = "IfNotPresent" +dockerTag = "v2.5.0" +# limits_cpu = "100m" +# limits_memory = "50Mi" + +[grafana] +org = "deis" +pullPolicy = "IfNotPresent" +dockerTag = "v2.7.0" +# limits_cpu = "100m" +# limits_memory = "50Mi" +user = "admin" +password = "admin" + +[influxdb] +org = "deis" +pullPolicy = "IfNotPresent" +dockerTag = "v2.7.0" +url = "my.influx.url" +database = "kubernetes" +user = "user" +password = "password" +# limits_cpu = "100m" +# limits_memory = "50Mi" + +[telegraf] +org = "deis" +pullPolicy = "IfNotPresent" +dockerTag = "v2.7.0" +# limits_cpu = "100m" +# limits_memory = "50Mi" + +[nsqd] +org = "deis" +pullPolicy = "IfNotPresent" +dockerTag = "v2.2.5" +# limits_cpu = "100m" +# limits_memory = "50Mi" diff --git a/workflow-v2.9.0/tpl/storage.sh b/workflow-v2.9.0/tpl/storage.sh new file mode 100755 index 0000000..010ceb4 --- /dev/null +++ b/workflow-v2.9.0/tpl/storage.sh @@ -0,0 +1,56 @@ +#!/bin/bash +store=`grep "storage\s*=\s*" $HELM_GENERATE_DIR/tpl/generate_params.toml | cut -d "=" -f2 | tr -dc '[:alnum:]\n\r'` +if [ "$STORAGE_TYPE" = "minio" ] || ( [ -z "$STORAGE_TYPE" ] && [ "$store" = "minio" ] ); then + helmc tpl -d $HELM_GENERATE_DIR/tpl/generate_params.toml -o $HELM_GENERATE_DIR/manifests/deis-minio-deployment.yaml $HELM_GENERATE_DIR/tpl/deis-minio-deployment.yaml + cp $HELM_GENERATE_DIR/tpl/deis-minio-service* $HELM_GENERATE_DIR/manifests/ +else + rm -rf $HELM_GENERATE_DIR/manifests/deis-minio-* +fi + +database_location=`grep "database_location\s*=\s*" $HELM_GENERATE_DIR/tpl/generate_params.toml | cut -d "=" -f2 | tr -dc '[:alnum:]-\n\r'` +if [ "$DATABASE_LOCATION" = "on-cluster" ] || ( [ -z "$DATABASE_LOCATION" ] && [ "$database_location" = "on-cluster" ] ); then + helmc tpl -d $HELM_GENERATE_DIR/tpl/generate_params.toml -o $HELM_GENERATE_DIR/manifests/deis-database-deployment.yaml $HELM_GENERATE_DIR/tpl/deis-database-deployment.yaml + cp $HELM_GENERATE_DIR/tpl/deis-database-service* $HELM_GENERATE_DIR/manifests/ +else + rm -rf $HELM_GENERATE_DIR/manifests/deis-database-* +fi +helmc tpl -d $HELM_GENERATE_DIR/tpl/generate_params.toml -o $HELM_GENERATE_DIR/manifests/deis-database-secret-creds.yaml $HELM_GENERATE_DIR/tpl/deis-database-secret-creds.yaml + +logger_redis_location=`grep "logger_redis_location\s*=\s*" $HELM_GENERATE_DIR/tpl/generate_params.toml | cut -d "=" -f2 | tr -dc '[:alnum:]-\n\r'` +if [ "$LOGGER_REDIS_LOCATION" = "on-cluster" ] || ( [ -z "$LOGGER_REDIS_LOCATION" ] && [ "$logger_redis_location" = "on-cluster" ] ); then + helmc tpl -d $HELM_GENERATE_DIR/tpl/generate_params.toml -o $HELM_GENERATE_DIR/manifests/deis-logger-redis-deployment.yaml $HELM_GENERATE_DIR/tpl/deis-logger-redis-deployment.yaml + cp $HELM_GENERATE_DIR/tpl/deis-logger-redis-service* $HELM_GENERATE_DIR/manifests/ +else + rm -rf $HELM_GENERATE_DIR/manifests/deis-logger-redis-* +fi +helmc tpl -d $HELM_GENERATE_DIR/tpl/generate_params.toml -o $HELM_GENERATE_DIR/manifests/deis-logger-redis-secret-creds.yaml $HELM_GENERATE_DIR/tpl/deis-logger-redis-secret-creds.yaml + +registry_location=`grep "registry_location\s*=\s*" $HELM_GENERATE_DIR/tpl/generate_params.toml | cut -d "=" -f2 | tr -dc '[:alnum:]-\n\r'` +rm -rf $HELM_GENERATE_DIR/manifests/deis-registry-* +if [ "$REGISTRY_LOCATION" = "on-cluster" ] || ( [ -z "$REGISTRY_LOCATION" ] && [ "$registry_location" = "on-cluster" ] ); then + helmc tpl -d $HELM_GENERATE_DIR/tpl/generate_params.toml -o $HELM_GENERATE_DIR/manifests/deis-registry-rc.yaml $HELM_GENERATE_DIR/tpl/deis-registry-rc.yaml + helmc tpl -d $HELM_GENERATE_DIR/tpl/generate_params.toml -o $HELM_GENERATE_DIR/manifests/deis-registry-deployment.yaml $HELM_GENERATE_DIR/tpl/deis-registry-deployment.yaml + helmc tpl -d $HELM_GENERATE_DIR/tpl/generate_params.toml -o $HELM_GENERATE_DIR/manifests/deis-registry-proxy.yaml $HELM_GENERATE_DIR/tpl/deis-registry-proxy-daemon.yaml + cp $HELM_GENERATE_DIR/tpl/deis-registry-service* $HELM_GENERATE_DIR/manifests/ +else + helmc tpl -d $HELM_GENERATE_DIR/tpl/generate_params.toml -o $HELM_GENERATE_DIR/manifests/deis-registry-secret.yaml $HELM_GENERATE_DIR/tpl/deis-registry-secret.yaml + if ([ "$REGISTRY_LOCATION" != "" ] && [ "$REGISTRY_LOCATION" != "off-cluster" ] ) || ( [ -z "$REGISTRY_LOCATION" ] && [ "$registry_location" != "off-cluster" ] ); then + helmc tpl -d $HELM_GENERATE_DIR/tpl/generate_params.toml -o $HELM_GENERATE_DIR/manifests/deis-registry-token-refresher.yaml $HELM_GENERATE_DIR/tpl/deis-registry-token-refresher.yaml + fi +fi + +influxdb_location=`grep "influxdb_location\s*=\s*" $HELM_GENERATE_DIR/tpl/generate_params.toml | cut -d "=" -f2 | tr -dc '[:alnum:]-\n\r'` +if [ "$INFLUXDB_LOCATION" = "on-cluster" ] || ( [ -z "$INFLUXDB_LOCATION" ] && [ "$influxdb_location" = "on-cluster" ] ); then + helmc tpl -d $HELM_GENERATE_DIR/tpl/generate_params.toml -o $HELM_GENERATE_DIR/manifests/deis-monitor-influxdb-deployment.yaml $HELM_GENERATE_DIR/tpl/deis-monitor-influxdb-deployment.yaml + cp $HELM_GENERATE_DIR/tpl/deis-monitor-influxdb-*-svc.yaml $HELM_GENERATE_DIR/manifests/ +else + rm -rf $HELM_GENERATE_DIR/manifests/deis-monitor-influxdb-* +fi + +grafana_location=`grep "grafana_location\s*=\s*" $HELM_GENERATE_DIR/tpl/generate_params.toml | cut -d "=" -f2 | tr -dc '[:alnum:]-\n\r'` +if [ "$GRAFANA_LOCATION" = "on-cluster" ] || ( [ -z "$GRAFANA_LOCATION" ] && [ "$grafana_location" = "on-cluster" ] ); then + helmc tpl -d $HELM_GENERATE_DIR/tpl/generate_params.toml -o $HELM_GENERATE_DIR/manifests/deis-monitor-grafana-deployment.yaml $HELM_GENERATE_DIR/tpl/deis-monitor-grafana-deployment.yaml + cp $HELM_GENERATE_DIR/tpl/deis-monitor-grafana-svc* $HELM_GENERATE_DIR/manifests/ +else + rm -rf $HELM_GENERATE_DIR/manifests/deis-monitor-grafana-* +fi