From e7e70a1ef8252f6cf0c26666ccc2df1a096080ba Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C3=A9bastien=20Prud=27homme?= Date: Mon, 22 Apr 2019 22:53:45 +0200 Subject: [PATCH] Add service resource for the controller manager (#2431) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * Add service resource for the controller manager Signed-off-by: Sébastien Prud'homme * Use ClusterIP for controller manager Service type Signed-off-by: Sébastien Prud'homme --- charts/catalog/README.md | 3 +++ .../templates/controller-manager-service.yaml | 26 +++++++++++++++++++ charts/catalog/values.yaml | 11 ++++++++ 3 files changed, 40 insertions(+) create mode 100644 charts/catalog/templates/controller-manager-service.yaml diff --git a/charts/catalog/README.md b/charts/catalog/README.md index 40b0c30a7d6..7dc4233babe 100644 --- a/charts/catalog/README.md +++ b/charts/catalog/README.md @@ -88,6 +88,9 @@ chart and their default values. | `controllerManager.serviceAccount` | Service account | `service-catalog-controller-manager` | | `controllerManager.apiserverSkipVerify` | Controls whether the API server's TLS verification should be skipped | `true` | | `controllerManager.enablePrometheusScrape` | Whether the controller will expose metrics on /metrics | `false` | +| `controllerManager.service.type` | Type of service; valid values are `LoadBalancer` , `NodePort` and `ClusterIP` | `ClusterIP` | +| `controllerManager.service.nodePort.securePort` | If service type is `NodePort`, specifies a port in allowable range (e.g. 30000 - 32767 on minikube); The TLS-enabled endpoint will be exposed here | `30444` | +| `controllerManager.service.clusterIP` | If service type is ClusterIP, specify clusterIP as `None` for `headless services` OR specify your own specific IP OR leave blank to let Kubernetes assign a cluster IP | | | `controllerManager.resources` | Resources allocation (Requests and Limits) | `{requests: {cpu: 100m, memory: 20Mi}, limits: {cpu: 100m, memory: 30Mi}}` | | `useAggregator` | whether or not to set up the controller-manager to go through the main Kubernetes API server's API aggregator | `true` | | `rbacEnable` | If true, create & use RBAC resources | `true` | diff --git a/charts/catalog/templates/controller-manager-service.yaml b/charts/catalog/templates/controller-manager-service.yaml new file mode 100644 index 00000000000..02e9f4b682d --- /dev/null +++ b/charts/catalog/templates/controller-manager-service.yaml @@ -0,0 +1,26 @@ +kind: Service +apiVersion: v1 +metadata: + name: {{ template "fullname" . }}-controller-manager + labels: + app: {{ template "fullname" . }}-controller-manager + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" +spec: + type: {{ .Values.controllerManager.service.type }} + {{- if eq .Values.controllerManager.service.type "ClusterIP" }} + {{- if .Values.controllerManager.service.clusterIP }} + clusterIP: {{ .Values.controllerManager.service.clusterIP }} + {{- end }} + {{- end }} + selector: + app: {{ template "fullname" . }}-controller-manager + ports: + - name: secure + protocol: TCP + port: 443 + targetPort: 8444 + {{- if eq .Values.controllerManager.service.type "NodePort" }} + nodePort: {{ .Values.controllerManager.service.nodePort.securePort }} + {{- end }} diff --git a/charts/catalog/values.yaml b/charts/catalog/values.yaml index 182674af8c2..fa2a155b5d6 100644 --- a/charts/catalog/values.yaml +++ b/charts/catalog/values.yaml @@ -163,6 +163,17 @@ controllerManager: apiserverSkipVerify: true # Whether the controller will expose metrics on /metrics enablePrometheusScrape: false + # Attributes of the controller's service resource + service: + # Type of service; valid values are "LoadBalancer", "NodePort" and "ClusterIP" + # NodePort is useful if deploying on bare metal or hacking locally on + # minikube + type: ClusterIP + # Further configuration for services of type NodePort + nodePort: + # Available port in allowable range (e.g. 30000 - 32767 on minikube) + # The TLS-enabled endpoint will be exposed here + securePort: 30444 # Controller Manager resource requests and limits # Ref: http://kubernetes.io/docs/user-guide/compute-resources/ resources: