diff --git a/charts/rancher-cluster-templates/CONTRIBUTING.md b/charts/rancher-cluster-templates/CONTRIBUTING.md index cd1c154..f4da9d1 100644 --- a/charts/rancher-cluster-templates/CONTRIBUTING.md +++ b/charts/rancher-cluster-templates/CONTRIBUTING.md @@ -33,5 +33,5 @@ helm uninstall rke2-azure-cluster01 -n fleet-default ## How to troubleshoot -* Follow the steps from the start by looking at the machine-provision job (in fleet-default namespace) +* Follow the steps from the start by looking at the machine-provision job (in `fleet-default` namespace) * In case of issue with remaining Kubernetes resources even after helm uninstall, force delete the machine diff --git a/charts/rancher-cluster-templates/Chart.yaml b/charts/rancher-cluster-templates/Chart.yaml index 345ddd4..9627ad8 100644 --- a/charts/rancher-cluster-templates/Chart.yaml +++ b/charts/rancher-cluster-templates/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: rancher-cluster-templates description: Helm chart for managing Rancher cluster templates type: application -version: "0.1.0" +version: "0.1.1" appVersion: "0.1.0" annotations: catalog.cattle.io/type: cluster-template diff --git a/charts/rancher-cluster-templates/README.md b/charts/rancher-cluster-templates/README.md index 31f80cc..d47ec8f 100644 --- a/charts/rancher-cluster-templates/README.md +++ b/charts/rancher-cluster-templates/README.md @@ -1,4 +1,4 @@ -# Helm chart for Kratos +# Helm chart for Rancher cluster templates This Helm chart will create a Kubernetes cluster from Rancher through [Cluster Templates](https://ranchermanager.docs.rancher.com/how-to-guides/new-user-guides/manage-clusters/manage-cluster-templates). @@ -25,20 +25,22 @@ helm uninstall my-cluster -n fleet-default ### Infrastructure providers -Provider | Examples | Templates | Node Driver ---------------------------------------|----------------------------------------------------------|---------------------------------------------------------|---------------- -**Amazon Web Services (AWS)** | [values_aws](examples/values_aws.yaml) | [amazonec2config](templates/amazonec2config.yaml) | `Amazon EC2` -**Azure** | [values_azure](examples/values_azure.yaml) | [azureconfig](templates/azureconfig.yaml) | `Azure` -**CloudScale** | [values_cloudscale](examples/values_cloudscale.yaml) | [cloudscaleconfig](templates/cloudscaleconfig.yaml) | `Cloudscale` -**Digitial Ocean** | [values_digitalocean](examples/values_digitalocean.yaml) | [digitaloceanconfig](templates/digitaloceanconfig.yaml) | `DigitalOcean` -**Exoscale** | [values_digitalocean](examples/values_digitalocean.yaml) | [digitaloceanconfig](templates/digitaloceanconfig.yaml) | `Exoscale` -**Equinix Metal (previously Packet)** | [values_equinix](examples/values_equinix.yaml) | [packetconfig](templates/packetconfig.yaml) | `Equinix Metal` -**Harvester** | [values_harvester](examples/values_harvester.yaml) | [harvesterconfig](templates/harvesterconfig.yaml) | `Harvester` -**Linode** | [values_linode](examples/values_linode.yaml) | [linodeconfig](templates/linodeconfig.yaml) | `Linode` -**Nutanix** | [values_nutanix](examples/values_nutanix.yaml) | [nutanixconfig](templates/nutanixconfig.yaml) | `Nutanix` -**OpenStack** | [values_openstack](examples/values_openstack.yaml) | [openstackconfig](templates/openstackconfig.yaml) | `OpenStack` -**Outscale** | [values_aws](examples/values_outscale.yaml) | [outscaleconfig](templates/outscaleconfig.yaml) | `Outscale` -**VMware vSphere** | [values_vsphere](examples/values_vsphere.yaml) | [vsphereconfig](templates/vsphereconfig.yaml) | `vSphere` +💡 Node driver must be enabled in Rancher prior to Helm chart installation + +Provider | Example | Template | Node Driver +---------------------------------|----------------------------------------------------------|---------------------------------------------------------|---------------- +**Amazon Web Services (AWS)** | [values_aws](examples/values_aws.yaml) | [amazonec2config](templates/amazonec2config.yaml) | `Amazon EC2` +**Azure** | [values_azure](examples/values_azure.yaml) | [azureconfig](templates/azureconfig.yaml) | `Azure` +**CloudScale** | [values_cloudscale](examples/values_cloudscale.yaml) | [cloudscaleconfig](templates/cloudscaleconfig.yaml) | `Cloudscale` +**Digitial Ocean** | [values_digitalocean](examples/values_digitalocean.yaml) | [digitaloceanconfig](templates/digitaloceanconfig.yaml) | `DigitalOcean` +**Exoscale** | [values_digitalocean](examples/values_digitalocean.yaml) | [digitaloceanconfig](templates/digitaloceanconfig.yaml) | `Exoscale` +**Equinix Metal (prev. Packet)** | [values_equinix](examples/values_equinix.yaml) | [packetconfig](templates/packetconfig.yaml) | `Equinix Metal` +**Harvester** | [values_harvester](examples/values_harvester.yaml) | [harvesterconfig](templates/harvesterconfig.yaml) | `Harvester` +**Linode** | [values_linode](examples/values_linode.yaml) | [linodeconfig](templates/linodeconfig.yaml) | `Linode` +**Nutanix** | [values_nutanix](examples/values_nutanix.yaml) | [nutanixconfig](templates/nutanixconfig.yaml) | `Nutanix` +**OpenStack** | [values_openstack](examples/values_openstack.yaml) | [openstackconfig](templates/openstackconfig.yaml) | `OpenStack` +**Outscale** | [values_aws](examples/values_outscale.yaml) | [outscaleconfig](templates/outscaleconfig.yaml) | `Outscale` +**VMware vSphere** | [values_vsphere](examples/values_vsphere.yaml) | [vsphereconfig](templates/vsphereconfig.yaml) | `vSphere` ## Contributing @@ -46,11 +48,12 @@ Follow the [guide](CONTRIBUTING.md). ### Going further -* [Azure](docs/azure.md) -* GitOps approach +* Infrastructure providers + * [Azure](docs/azure.md) +* Chart installation * [ArgoCD](https://github.com/devpro/helm-charts#from-argocd) * [Fleet](https://github.com/devpro/helm-charts#from-fleet) -* [Rancher Apps](https://github.com/devpro/helm-charts#from-rancher) + * [Rancher Apps](https://github.com/devpro/helm-charts#from-rancher) ## Inspirations diff --git a/charts/rancher-cluster-templates/examples/values_aws.yaml b/charts/rancher-cluster-templates/examples/values_aws.yaml index f3b45e6..afa0753 100644 --- a/charts/rancher-cluster-templates/examples/values_aws.yaml +++ b/charts/rancher-cluster-templates/examples/values_aws.yaml @@ -1,37 +1,40 @@ +cluster: + name: CLUSTER_NAME + cloudprovider: aws -cloudCredentialSecretName: aws +cloudCredentialSecretName: CLOUD_CREDENTIAL_SECRET nodepools: -- etcd: true - controlplane: true - worker: true - labels: {} - taints: {} - quantity: 1 - paused: false - name: nodepool-1 - deviceName: "/dev/sda1" - encryptEbsVolume: false - endpoint: "" - iamInstanceProfile: "" - insecureTransport: false - instanceType: t3a.medium - region: us-west-2 - createSecurityGroup: true - keypairName: "" - securityGroupReadonly: false - sshKeyContents: "" - subnetId: "" - monitoring: false - privateAddressOnly: false - requestSpotInstance: false - retries: 5 - rootSize: 16 - spotPrice: 0.5 - sshUser: ubuntu - volumeType: gp2 - useEbsOptimizedInstance: false - usePrivateAddress: false - userdata: "" - zone: a + - etcd: true + controlplane: true + worker: true + labels: {} + taints: {} + quantity: 1 + paused: false + name: nodepool-1 + deviceName: "/dev/sda1" + encryptEbsVolume: false + endpoint: "" + iamInstanceProfile: "" + insecureTransport: false + instanceType: t3a.medium + region: us-west-2 + createSecurityGroup: true + keypairName: "" + securityGroupReadonly: false + sshKeyContents: "" + subnetId: "" + monitoring: false + privateAddressOnly: false + requestSpotInstance: false + retries: 5 + rootSize: 16 + spotPrice: 0.5 + sshUser: ubuntu + storageType: gp2 + useEbsOptimizedInstance: false + usePrivateAddress: false + userdata: "" + zone: a diff --git a/charts/rancher-cluster-templates/examples/values_azure.yaml b/charts/rancher-cluster-templates/examples/values_azure.yaml index 6acf2be..0c81c23 100644 --- a/charts/rancher-cluster-templates/examples/values_azure.yaml +++ b/charts/rancher-cluster-templates/examples/values_azure.yaml @@ -2,43 +2,33 @@ cluster: name: CLUSTER_NAME cloudprovider: azure -cloudCredentialSecretName: CLOUD_CREDENTIAL_SECRET # Cloud Credential for Azure (example: cattle-global-data:) -# agentEnvs: [] -# clusterMembers: -# - principalName: "local://u-z8zl5" -# roleTemplateName: "cluster-member" +cloudCredentialSecretName: CLOUD_CREDENTIAL_SECRET # Azure Cloud Credential (example: cattle-global-data:) nodepools: -- etcd: true - controlplane: true - worker: true - labels: {} - annotations: {} - quantity: 1 - paused: false - name: nodepool-1 - # displayName: "" - # rollingUpdate: - # maxUnavailable: "5" - # maxSurge: "1" - # machineDeploymentLabels: {} - # machineDeploymentAnnotations: {} - availabilitySet: "avs-AZURE_PREFIX" - environment: AzurePublicCloud - image: "Canonical:0001-com-ubuntu-server-focal:20_04-lts-gen2:20.04.202307240" - managedDisks: true - nsg: "nsg-AZURE_PREFIX" - region: westus - openPort: - - 6443/tcp # Kubernetes API - - 2379/tcp # etcd client port - - 2380/tcp # etcd peer port - - 10250/tcp # kubelet - resourceGroup: "rg-AZURE_PREFIX" - size: Standard_DS2_v2 - sshUser: azureuser - storageType: Standard_LRS - subnet: rke2 - subnetPrefix: "192.168.0.0/16" - vnet: "vnet-AZURE_PREFIX" + - etcd: true + controlplane: true + worker: true + annotations: {} + labels: {} + quantity: 1 + paused: false + name: nodepool-1 + region: westus + machineImage: "Canonical:0001-com-ubuntu-server-focal:20_04-lts-gen2:20.04.202307240" + instanceType: Standard_DS2_v2 + storageType: Standard_LRS + sshUser: azureuser + openPorts: + - 6443/tcp # Kubernetes API + - 2379/tcp # etcd client port + - 2380/tcp # etcd peer port + - 10250/tcp # kubelet + availabilitySet: "avs-AZURE_PREFIX" + azureEnvironment: AzurePublicCloud + managedDisks: true + networkSecurityGroup: "nsg-AZURE_PREFIX" + resourceGroup: "rg-AZURE_PREFIX" + subnet: rke2 + subnetPrefix: "192.168.0.0/16" + virtualNetwork: "vnet-AZURE_PREFIX" diff --git a/charts/rancher-cluster-templates/examples/values_cloudscale.yaml b/charts/rancher-cluster-templates/examples/values_cloudscale.yaml index 3d544d9..3be47d9 100644 --- a/charts/rancher-cluster-templates/examples/values_cloudscale.yaml +++ b/charts/rancher-cluster-templates/examples/values_cloudscale.yaml @@ -1,13 +1,16 @@ +cluster: + name: CLUSTER_NAME + cloudprovider: cloudscale -cloudCredentialSecretName: cloudscale +cloudCredentialSecretName: CLOUD_CREDENTIAL_SECRET nodepools: -- etcd: true - controlplane: true - worker: true - labels: {} - taints: {} - quantity: 1 - paused: false - name: nodepool-1 + - etcd: true + controlplane: true + worker: true + labels: {} + taints: {} + quantity: 1 + paused: false + name: nodepool-1 diff --git a/charts/rancher-cluster-templates/examples/values_digitalocean.yaml b/charts/rancher-cluster-templates/examples/values_digitalocean.yaml index 706d351..cbbdd6c 100644 --- a/charts/rancher-cluster-templates/examples/values_digitalocean.yaml +++ b/charts/rancher-cluster-templates/examples/values_digitalocean.yaml @@ -1,20 +1,23 @@ +cluster: + name: CLUSTER_NAME + cloudprovider: digitalocean -cloudCredentialSecretName: digitalocean +cloudCredentialSecretName: CLOUD_CREDENTIAL_SECRET nodepools: -- etcd: true - controlplane: true - worker: true - labels: {} - taints: {} - quantity: 1 - name: nodepool-1 - image: ubuntu-20-04-x64 - ipv6: false - monitoring: false - privateNetworking: false - region: sfo3 - size: s-4vcpu-8gb - sshPort: 22 - sshUser: root + - etcd: true + controlplane: true + worker: true + labels: {} + taints: {} + quantity: 1 + name: nodepool-1 + image: ubuntu-20-04-x64 + ipv6: false + monitoring: false + privateNetworking: false + region: sfo3 + size: s-4vcpu-8gb + sshPort: 22 + sshUser: root diff --git a/charts/rancher-cluster-templates/examples/values_equinix.yaml b/charts/rancher-cluster-templates/examples/values_equinix.yaml index 4cf6ebd..392f59e 100644 --- a/charts/rancher-cluster-templates/examples/values_equinix.yaml +++ b/charts/rancher-cluster-templates/examples/values_equinix.yaml @@ -1,12 +1,15 @@ +cluster: + name: CLUSTER_NAME + cloudprovider: equinix -cloudCredentialSecretName: equinix +cloudCredentialSecretName: CLOUD_CREDENTIAL_SECRET nodepools: -- etcd: true - controlplane: true - worker: true - labels: {} - taints: {} - quantity: 1 - name: nodepool-1 + - etcd: true + controlplane: true + worker: true + labels: {} + taints: {} + quantity: 1 + name: nodepool-1 diff --git a/charts/rancher-cluster-templates/examples/values_exoscale.yaml b/charts/rancher-cluster-templates/examples/values_exoscale.yaml index 3253c91..19be32b 100644 --- a/charts/rancher-cluster-templates/examples/values_exoscale.yaml +++ b/charts/rancher-cluster-templates/examples/values_exoscale.yaml @@ -1,12 +1,15 @@ +cluster: + name: CLUSTER_NAME + cloudprovider: exoscale -cloudCredentialSecretName: exoscale +cloudCredentialSecretName: CLOUD_CREDENTIAL_SECRET nodepools: -- etcd: true - controlplane: true - worker: true - labels: {} - taints: {} - quantity: 1 - name: nodepool-1 + - etcd: true + controlplane: true + worker: true + labels: {} + taints: {} + quantity: 1 + name: nodepool-1 diff --git a/charts/rancher-cluster-templates/examples/values_harvester.yaml b/charts/rancher-cluster-templates/examples/values_harvester.yaml index e0301fb..8b74fdc 100644 --- a/charts/rancher-cluster-templates/examples/values_harvester.yaml +++ b/charts/rancher-cluster-templates/examples/values_harvester.yaml @@ -1,20 +1,23 @@ +cluster: + name: CLUSTER_NAME + cloudprovider: harvester -cloudCredentialSecretName: harvester +cloudCredentialSecretName: CLOUD_CREDENTIAL_SECRET nodepools: -- etcd: true - controlplane: true - worker: true - labels: {} - taints: {} - quantity: 1 - name: harvester-nodepool-1 - diskSize: 40 - diskBus: virtio - cpuCount: 4 - memorySize: 8 - networkName: default/network-name-1 - imageName: default/image-rand - vmNamespace: default - sshUser: ubuntu + - etcd: true + controlplane: true + worker: true + labels: {} + taints: {} + quantity: 1 + name: harvester-nodepool-1 + diskSize: 40 + diskBus: virtio + cpuCount: 4 + memorySize: 8 + networkName: default/network-name-1 + imageName: default/image-rand + vmNamespace: default + sshUser: ubuntu diff --git a/charts/rancher-cluster-templates/examples/values_linode.yaml b/charts/rancher-cluster-templates/examples/values_linode.yaml index 7a4b0aa..30cfa88 100644 --- a/charts/rancher-cluster-templates/examples/values_linode.yaml +++ b/charts/rancher-cluster-templates/examples/values_linode.yaml @@ -1,12 +1,15 @@ +cluster: + name: CLUSTER_NAME + cloudprovider: linode -cloudCredentialSecretName: linode +cloudCredentialSecretName: CLOUD_CREDENTIAL_SECRET nodepools: -- etcd: true - controlplane: true - worker: true - labels: {} - taints: {} - quantity: 1 - name: nodepool-1 + - etcd: true + controlplane: true + worker: true + labels: {} + taints: {} + quantity: 1 + name: nodepool-1 diff --git a/charts/rancher-cluster-templates/examples/values_nutanix.yaml b/charts/rancher-cluster-templates/examples/values_nutanix.yaml index 16e24ac..5665d07 100644 --- a/charts/rancher-cluster-templates/examples/values_nutanix.yaml +++ b/charts/rancher-cluster-templates/examples/values_nutanix.yaml @@ -1,12 +1,15 @@ +cluster: + name: CLUSTER_NAME + cloudprovider: nutanix -cloudCredentialSecretName: nutanix +cloudCredentialSecretName: CLOUD_CREDENTIAL_SECRET nodepools: -- etcd: true - controlplane: true - worker: true - labels: {} - taints: {} - quantity: 1 - name: nodepool-1 + - etcd: true + controlplane: true + worker: true + labels: {} + taints: {} + quantity: 1 + name: nodepool-1 diff --git a/charts/rancher-cluster-templates/examples/values_openstack.yaml b/charts/rancher-cluster-templates/examples/values_openstack.yaml index f2b2e7d..d5f7ac3 100644 --- a/charts/rancher-cluster-templates/examples/values_openstack.yaml +++ b/charts/rancher-cluster-templates/examples/values_openstack.yaml @@ -1,12 +1,15 @@ +cluster: + name: CLUSTER_NAME + cloudprovider: openstack -cloudCredentialSecretName: openstack +cloudCredentialSecretName: CLOUD_CREDENTIAL_SECRET nodepools: -- etcd: true - controlplane: true - worker: true - labels: {} - taints: {} - quantity: 1 - name: nodepool-1 + - etcd: true + controlplane: true + worker: true + labels: {} + taints: {} + quantity: 1 + name: nodepool-1 diff --git a/charts/rancher-cluster-templates/examples/values_outscale.yaml b/charts/rancher-cluster-templates/examples/values_outscale.yaml index 29f4658..880f211 100644 --- a/charts/rancher-cluster-templates/examples/values_outscale.yaml +++ b/charts/rancher-cluster-templates/examples/values_outscale.yaml @@ -1,12 +1,15 @@ +cluster: + name: CLUSTER_NAME + cloudprovider: outscale -cloudCredentialSecretName: outscale +cloudCredentialSecretName: CLOUD_CREDENTIAL_SECRET nodepools: -- etcd: true - controlplane: true - worker: true - labels: {} - taints: {} - quantity: 1 - name: nodepool-1 + - etcd: true + controlplane: true + worker: true + labels: {} + taints: {} + quantity: 1 + name: nodepool-1 diff --git a/charts/rancher-cluster-templates/examples/values_vsphere.yaml b/charts/rancher-cluster-templates/examples/values_vsphere.yaml index 9515601..c76fe93 100644 --- a/charts/rancher-cluster-templates/examples/values_vsphere.yaml +++ b/charts/rancher-cluster-templates/examples/values_vsphere.yaml @@ -1,19 +1,22 @@ +cluster: + name: CLUSTER_NAME + cloudprovider: vsphere -cloudCredentialSecretName: vsphere +cloudCredentialSecretName: CLOUD_CREDENTIAL_SECRET nodepools: -- etcd: true - controlplane: true - worker: true - labels: {} - taints: {} - quantity: 1 - paused: false - name: nodepool-1 - cpuCount: "2" - creationType: "vm" - diskSize: "20480" - sshPort: "22" - sshUserGroup: staff - vcenterPort: 443 + - etcd: true + controlplane: true + worker: true + labels: {} + taints: {} + quantity: 1 + paused: false + name: nodepool-1 + cpuCount: "2" + creationType: "vm" + diskSize: "20480" + sshPort: "22" + sshUserGroup: staff + vcenterPort: 443 diff --git a/charts/rancher-cluster-templates/templates/amazonec2config.yaml b/charts/rancher-cluster-templates/templates/amazonec2config.yaml index 5424e4b..3c6d5d7 100644 --- a/charts/rancher-cluster-templates/templates/amazonec2config.yaml +++ b/charts/rancher-cluster-templates/templates/amazonec2config.yaml @@ -13,8 +13,8 @@ metadata: {{- end }} # annotations: # accessKey: string -{{- if $nodepool.ami }} -ami: {{ $nodepool.ami }} +{{- if $nodepool.machineImage }} +ami: {{ $nodepool.machineImage }} {{- end }} {{- if $nodepool.blockDurationMinutes }} blockDurationMinutes: {{ $nodepool.blockDurationMinutes }} @@ -46,7 +46,7 @@ keypairName: {{ $nodepool.keypairName }} {{- if $nodepool.monitoring }} monitoring: {{ $nodepool.monitoring }} {{- end }} -{{- if $nodepool.openPort}} +{{- if $nodepool.openPorts}} openPort: {{- range $i, $port := $nodepool.openPort }} - {{ $port }} @@ -104,8 +104,8 @@ usePrivateAddress: {{ $nodepool.usePrivateAddress }} {{- if $nodepool.userdata }} userdata: {{ $nodepool.userdata }} {{- end }} -{{- if $nodepool.volumeType }} -volumeType: {{ $nodepool.volumeType }} +{{- if $nodepool.storageType }} +volumeType: {{ $nodepool.storageType }} {{- end }} {{- if $nodepool.vpcId }} vpcId: {{ $nodepool.vpcId }} diff --git a/charts/rancher-cluster-templates/templates/azureconfig.yaml b/charts/rancher-cluster-templates/templates/azureconfig.yaml index 31b3251..fa84307 100644 --- a/charts/rancher-cluster-templates/templates/azureconfig.yaml +++ b/charts/rancher-cluster-templates/templates/azureconfig.yaml @@ -18,7 +18,7 @@ metadata: availabilitySet: {{ default (printf "avs-%s" $.Values.cluster.name) $nodepool.availabilitySet }} # clientId: string # clientSecret: string -{{- if $nodepool.clientId }} +{{- if $nodepool.customData }} customData: {{ $nodepool.customData }} {{- end }} diskSize: "{{ default "30" $nodepool.diskSize }}" @@ -26,16 +26,16 @@ diskSize: "{{ default "30" $nodepool.diskSize }}" dns: {{ $nodepool.dns }} {{- end }} dockerPort: "{{ default "2376" $nodepool.dockerPort }}" -environment: {{ default "AzurePublicCloud" $nodepool.environment }} +environment: {{ default "AzurePublicCloud" $nodepool.azureEnvironment }} faultDomainCount: "{{ default "3" $nodepool.faultDomainCount }}" -image: {{ $nodepool.image }} +image: {{ $nodepool.machineImage }} location: {{ $nodepool.region }} managedDisks: {{ default "true" $nodepool.managedDisks }} noPublicIp: {{ default "false" $nodepool.noPublicIp }} -nsg: {{ $nodepool.nsg }} -{{- if $nodepool.openPort}} +nsg: {{ $nodepool.networkSecurityGroup }} +{{- if $nodepool.openPorts}} openPort: - {{- range $i, $port := $nodepool.openPort }} + {{- range $i, $port := $nodepool.openPorts }} - {{ $port }} {{- end }} {{- end }} @@ -44,7 +44,7 @@ openPort: privateIpAddress: {{ $nodepool.privateIpAddress }} {{- end }} resourceGroup: {{ $nodepool.resourceGroup }} -size: {{ $nodepool.size }} +size: {{ $nodepool.instanceType }} sshUser: {{ default "azureuser" $nodepool.sshUser }} staticPublicIp: {{ default "false" $nodepool.staticPublicIp }} storageType: {{ $nodepool.storageType }} @@ -54,6 +54,6 @@ subnetPrefix: {{ default "192.168.0.0/16" $nodepool.subnetPrefix }} # tenantId: string updateDomainCount: "{{ default "5" $nodepool.updateDomainCount }}" usePrivateIp: {{ default "false" $nodepool.usePrivateIp }} -vnet: {{ $nodepool.vnet }} +vnet: {{ $nodepool.virtualNetwork }} {{- end }} {{- end }} diff --git a/charts/rancher-cluster-templates/templates/cluster.yaml b/charts/rancher-cluster-templates/templates/cluster.yaml index 5a5bb97..5cb1837 100644 --- a/charts/rancher-cluster-templates/templates/cluster.yaml +++ b/charts/rancher-cluster-templates/templates/cluster.yaml @@ -3,43 +3,96 @@ apiVersion: provisioning.cattle.io/v1 kind: Cluster metadata: - {{- if .Values.cluster.labels }} - labels: -{{ toYaml .Values.cluster.labels | indent 4 }} - {{- end }} + name: {{ .Values.cluster.name }} + namespace: fleet-default {{- if .Values.cluster.annotations }} annotations: -{{ toYaml .Values.cluster.annotations | indent 4 }} + {{- toYaml .Values.cluster.annotations | indent 4 }} + {{- end }} + {{- if .Values.cluster.labels }} + labels: + {{- toYaml .Values.cluster.labels | indent 4 }} {{- end }} - name: {{ .Values.cluster.name }} - namespace: fleet-default spec: + {{- if .Values.agentEnvs }} + agentEnvVars: + {{- toYaml .Values.agentEnvs | indent 4 }} + {{- end }} {{- if .Values.cloudCredentialSecretName }} cloudCredentialSecretName: {{ .Values.cloudCredentialSecretName }} {{- end }} - {{- if .Values.kubernetesVersion }} - kubernetesVersion: {{ .Values.kubernetesVersion }} - {{- end }} + # clusterAPIConfig: + # clusterName: string + # defaultClusterRoleForProjectMembers: string + # defaultPodSecurityPolicyTemplateName: string {{- if .Values.enableNetworkPolicy }} enableNetworkPolicy: {{ .Values.enableNetworkPolicy }} {{- end }} - {{- if .Values.rke.localClusterAuthEndpoint.enabled }} + {{- if .Values.kubernetesVersion }} + kubernetesVersion: {{ .Values.kubernetesVersion }} + {{- end }} localClusterAuthEndpoint: enabled: {{ .Values.rke.localClusterAuthEndpoint.enabled }} + {{- if .Values.rke.localClusterAuthEndpoint.enabled }} fqdn: {{ .Values.rke.localClusterAuthEndpoint.fqdn }} caCerts: {{ .Values.rke.localClusterAuthEndpoint.caCerts }} - {{- end }} + {{- end }} + # redeploySystemAgentGeneration: integer rkeConfig: + # additionalManifest: string + # chartValues: object + # etcd: object + # etcdSnapshotCreate: + # generation: integer + # etcdSnapshotRestore: + # generation: integer + # name: string + # restoreRKEConfig: string + # infrastructureRef: + # apiVersion: string + # fieldPath: string + # kind: string + # name: string + # namespace: string + # resourceVersion: string + # uid: string + machineGlobalConfig: + # audit-policy-file: "" # Path to the file that defines the audit policy configuration + # cluster-cidr: "" # IPv4/IPv6 network CIDRs to use for pod IPs (default: 10.42.0.0/16) + # cluster-dns: "" # IPv4 Cluster IP for coredns service. Should be in your service-cidr range (default: 10.43.0.10) + # cluster-domain: "" # Cluster Domain (default: "cluster.local") + cni: calico # CNI Plugin to deploy, one of none, canal, cilium (default: "canal") + # disable: false # Do not deploy packaged components and delete any deployed components (valid items: rke2-coredns, rke2-ingress-nginx, rke2-kube-proxy, rke2-metrics-server) + # etcd-disable-snapshots: false # Disable automatic etcd snapshots + # etcd-expose-metrics: false # Expose etcd metrics to client interface. (Default false) + # etcd-snapshot-dir: "" # Directory to save db snapshots. (Default location: ${data-dir}/db/snapshots) + # etcd-snapshot-name: "" # Set the base name of etcd snapshots. Default: etcd-snapshot- (default: "etcd-snapshot") + # etcd-snapshot-retention: 5 # Number of snapshots to retain (default: 5) + # etcd-snapshot-schedule-cron: "0 */12 * * *" # Snapshot interval time in cron spec. eg. every 5 hours '* */5 * * *' (default: "0 */12 * * *") + # kube-apiserver-arg: "" # Customized flag for kube-apiserver process + # kube-scheduler-arg: "" # Customized flag for kube-scheduler process + # kube-controller-manager-arg: "" # Customized flag for kube-controller-manager process + # profile: "cis-1.6" # Validate system configuration against the selected benchmark (valid items: cis-1.5, cis-1.6) + # secrets-encryption: false # Enable Secret encryption at rest + # service-cidr: "10.43.0.0/16" # IPv4/IPv6 network CIDRs to use for service IPs (default: 10.43.0.0/16) + # service-node-port-range: "30000-32767" # Port range to reserve for services with NodePort visibility (default: "30000-32767") + # tls-san: [] # Add additional hostnames or IPv4/IPv6 addresses as Subject Alternative Names on the server TLS cert {{- if ne .Values.cloudprovider "custom" }} machinePools: {{- if .Values.nodepools }} {{- range $index, $nodepool := .Values.nodepools }} - controlPlaneRole: {{ $nodepool.controlplane }} + # cloudCredentialSecretName: string + {{- if $nodepool.displayName }} + displayName: {{ $nodepool.displayName }} + {{- end }} + # drainBeforeDelete: boolean + # drainBeforeDeleteTimeout: boolean etcdRole: {{ $nodepool.etcd }} - workerRole: {{ $nodepool.worker }} - quantity: {{ $nodepool.quantity }} - name: {{ $nodepool.name }} + # labels: object machineConfigRef: + # apiVersion: string + # fieldPath: string {{- if eq $.Values.cloudprovider "aws" }} kind: Amazonec2Config {{- else if eq $.Values.cloudprovider "azure" }} @@ -66,54 +119,35 @@ spec: kind: VmwarevsphereConfig {{- end}} name: {{ $nodepool.name }} + # namespace: string + # resourceVersion: string + # uid: string + {{- if $nodepool.machineDeploymentAnnotations }} + machineDeploymentAnnotations: + {{- toYaml $nodepool.machineDeploymentAnnotations | indent 10 }} + {{- end }} + {{- if $nodepool.machineDeploymentLabels }} + machineDeploymentLabels: + {{- toYaml $nodepool.machineDeploymentLabels | indent 10 }} + {{- end }} + # machineOS: string + # maxUnhealthy: string + # nodeStartupTimeout: string + name: {{ $nodepool.name }} paused: {{ $nodepool.paused }} - displayName: {{ $nodepool.displayName }} - # drainBeforeDelete: - # drainBeforeDeleteTimeout: - # machineOS: - # maxUnhealthy: - # labels: - # nodeStartupTimeout: - # taints: - # unhealthyRange: - # unhealthyNodeTimeout: + quantity: {{ $nodepool.quantity }} {{- if $nodepool.rollingUpdate }} rollingUpdate: maxUnavailable: {{ $nodepool.rollingUpdate.maxUnavailable }} maxSurge: {{ $nodepool.rollingUpdate.maxSurge }} {{- end }} - {{- if $nodepool.machineDeploymentLabels }} - machineDeploymentLabels: -{{ toYaml $nodepool.machineDeploymentLabels | indent 10 }} - {{- end }} - {{- if $nodepool.machineDeploymentAnnotations }} - machineDeploymentAnnotations: -{{ toYaml $nodepool.machineDeploymentAnnotations | indent 10 }} - {{- end }} + # taints: object + # unhealthyNodeTimeout: string + # unhealthyRange: string + workerRole: {{ $nodepool.worker }} {{- end }} {{- end }} {{- end }} - machineGlobalConfig: - # audit-policy-file: "" # Path to the file that defines the audit policy configuration - # cluster-cidr: "" # IPv4/IPv6 network CIDRs to use for pod IPs (default: 10.42.0.0/16) - # cluster-dns: "" # IPv4 Cluster IP for coredns service. Should be in your service-cidr range (default: 10.43.0.10) - # cluster-domain: "" # Cluster Domain (default: "cluster.local") - cni: calico # CNI Plugin to deploy, one of none, canal, cilium (default: "canal") - # disable: false # Do not deploy packaged components and delete any deployed components (valid items: rke2-coredns, rke2-ingress-nginx, rke2-kube-proxy, rke2-metrics-server) - # etcd-disable-snapshots: false # Disable automatic etcd snapshots - # etcd-expose-metrics: false # Expose etcd metrics to client interface. (Default false) - # etcd-snapshot-dir: "" # Directory to save db snapshots. (Default location: ${data-dir}/db/snapshots) - # etcd-snapshot-name: "" # Set the base name of etcd snapshots. Default: etcd-snapshot- (default: "etcd-snapshot") - # etcd-snapshot-retention: 5 # Number of snapshots to retain (default: 5) - # etcd-snapshot-schedule-cron: "0 */12 * * *" # Snapshot interval time in cron spec. eg. every 5 hours '* */5 * * *' (default: "0 */12 * * *") - # kube-apiserver-arg: "" # Customized flag for kube-apiserver process - # kube-scheduler-arg: "" # Customized flag for kube-scheduler process - # kube-controller-manager-arg: "" # Customized flag for kube-controller-manager process - # profile: "cis-1.6" # Validate system configuration against the selected benchmark (valid items: cis-1.5, cis-1.6) - # secrets-encryption: false # Enable Secret encryption at rest - # service-cidr: "10.43.0.0/16" # IPv4/IPv6 network CIDRs to use for service IPs (default: 10.43.0.0/16) - # service-node-port-range: "30000-32767" # Port range to reserve for services with NodePort visibility (default: "30000-32767") - # tls-san: [] # Add additional hostnames or IPv4/IPv6 addresses as Subject Alternative Names on the server TLS cert # machineSelectorConfig: # config: # node-name: "" @@ -129,52 +163,54 @@ spec: # cloud-provider-config: "" # Cloud provider configuration file path # machineLabelSelector: # matchExpressions: - # matchExpressions: - # provisionGeneration: + # - key: string + # operator: string + # values: + # - string + # provisionGeneration: integer # registries: # configs: - # authConfigSecretName: - # caBundle: - # insecureSkipVerify: - # tlsSecretName: + # authConfigSecretName: string + # caBundle: string + # insecureSkipVerify: boolean + # tlsSecretName: string # mirrors: # endpoint: - # rewrite: + # - string + # rewrite: object # rotateCertificates: - # generation: + # generation: integer # services: + # - string # rotateEncryptionKeys: - # generation: + # generation: integer upgradeStrategy: controlPlaneConcurrency: "10%" controlPlaneDrainOptions: enabled: false - # deleteEmptyDirData: false - # disableEviction: false - # gracePeriod: 0 - # ignoreErrors: false - # skipWaitForDeleteTimeoutSeconds: 0 - # timeout: 0 + # deleteEmptyDirData: boolean + # disableEviction: boolean + # gracePeriod: integer + # ignoreDaemonSets: boolean + # ignoreErrors: boolean + # postDrainHooks: + # - annotation: string + # preDrainHooks: + # - annotation: string + # skipWaitForDeleteTimeoutSeconds: integer + # timeout: integer workerConcurrency: "10%" workerDrainOptions: enabled: false - # deleteEmptyDirData: false - # disableEviction: false - # gracePeriod: 0 - # ignoreErrors: false - # skipWaitForDeleteTimeoutSeconds: 0 - # timeout: 0 - # additionalManifest: - # chartValues: - # etcd: - # etcdSnapshotCreate: - # etcdSnapshotRestore: - # infrastructureRef: - {{- if .Values.agentEnvs }} - agentEnvVars: -{{ toYaml .Values.agentEnvs | indent 4 }} - {{- end }} - # clusterAPIConfig: - # defaultClusterRoleForProjectMembers: - # defaultPodSecurityPolicyTemplateName: - # redeploySystemAgentGeneration: + # deleteEmptyDirData: boolean + # disableEviction: boolean + # force: boolean + # gracePeriod: integer + # ignoreDaemonSets: boolean + # ignoreErrors: boolean + # postDrainHooks: + # - annotation: string + # preDrainHooks: + # - annotation: string + # skipWaitForDeleteTimeoutSeconds: integer + # timeout: integer diff --git a/charts/rancher-cluster-templates/values.yaml b/charts/rancher-cluster-templates/values.yaml index 94a65b0..a3ff4ea 100644 --- a/charts/rancher-cluster-templates/values.yaml +++ b/charts/rancher-cluster-templates/values.yaml @@ -3,9 +3,13 @@ cluster: labels: {} annotations: {} -# cloud provider name (values can be aws, azure, cloudscale, digitalocean, equinix, exoscale, harvester, linode, nutanix, openstack, outscale, vsphere) +# cloud provider name (values can be aws, azure, cloudscale, digitalocean, equinix, exoscale, harvester, linode, nutanix, openstack, outscale, vsphere or custom) cloudprovider: "" +agentEnvs: [] + # - name: string + # value: string + # cloud credential secret name (do not need to be provided if using custom driver) cloudCredentialSecretName: "" @@ -32,46 +36,65 @@ monitoring: # foo: bar nodepools: [] -# - etcd: true -# controlplane: true -# worker: true -# labels: {} -# taints: {} -# quantity: 1 -# paused: false -# displayName: "" -# rollingUpdate: -# maxSurge: "1" -# machineDeploymentLabels: {} -# machineDeploymentAnnotations: {} -# name: "" -# ami: "" # AWS machine image -# blockDurationMinutes: 0 # AWS spot instance duration in minutes (60, 120, 180, 240, 300, or 360) -# deviceName: "/dev/sda1" # AWS root device name -# encryptEbsVolume: false # AWS Encrypt the EBS volume using the AWS Managed CMK -# endpoint: "" # Optional endpoint URL (hostname only or fully qualified) -# iamInstanceProfile: "" # AWS IAM Instance Profile -# insecureTransport: false # Disable SSL when sending requests -# instanceType: t3a.medium # AWS instance type -# region: us-west-2 # AWS datacenter region -# createSecurityGroup: true # Whether to create `rancher-node` security group. If false, can provide with existing security group -# securityGroups: [] -# keypairName: "" # AWS keypair to use -# securityGroupReadonly: false # skip adding default rules to security groups -# sshKeyContents: "" # AWS file content -# subnetId: "" # AWS VPC subnet id -# monitoring: false # AWS flag to enable CloudWatch monitoring -# openPort: ["8080", "8443"] # AWS port numbers accessible from the Internet -# privateAddressOnly: false # AWS flag to only use a private IP address -# requestSpotInstance: false # AWS flag to request spot instance -# tags: "foo,bar" # AWS tags (e.g. key1,value1,key2,value2) -# retries: 5 # AWS retry count for recoverable failures (use -1 to disable) -# rootSize: 16 # AWS root disk size (in GB) -# spotPrice: 0.5 # AWS spot instance bid price (in dollar) -# sshUser: ubuntu # AWS SSH username -# volumeType: gp2 # AWS Amazon EBS volume type -# vpcId: "" # AWS VPC id -# useEbsOptimizedInstance: false # AWS create an EBS optimized instance -# usePrivateAddress: false # AWS force the usage of private IP address -# userdata: "" # AWS file contents for userdata -# zone: a # AWS zone for instance (i.e. a,b,c,d,e) + # - etcd: true + # controlplane: true + # worker: true + # annotations: {} + # labels: {} + # quantity: 1 + # paused: false + # name: "" + # displayName: "" + # rollingUpdate: + # maxSurge: "1" + # maxUnavailable: "5" + # machineDeploymentAnnotations: {} + # machineDeploymentLabels: {} + # region: "" # AWS, Azure + # machineImage: "" # AWS, Azure + # instanceType: "" # AWS, Azure + # storageType: "" # AWS, Azure + # sshUser: "" # AWS, Azure + # openPorts: # AWS, Azure + # - 42/tcp + # blockDurationMinutes: 0 # AWS spot instance duration in minutes (60, 120, 180, 240, 300, or 360) + # deviceName: "/dev/sda1" # AWS root device name + # encryptEbsVolume: false # AWS Encrypt the EBS volume using the AWS Managed CMK + # endpoint: "" # Optional endpoint URL (hostname only or fully qualified) + # iamInstanceProfile: "" # AWS IAM Instance Profile + # insecureTransport: false # Disable SSL when sending requests + # createSecurityGroup: true # Whether to create `rancher-node` security group. If false, can provide with existing security group + # securityGroups: [] + # keypairName: "" # AWS keypair to use + # securityGroupReadonly: false # skip adding default rules to security groups + # sshKeyContents: "" # AWS file content + # subnetId: "" # AWS VPC subnet id + # monitoring: false # AWS flag to enable CloudWatch monitoring + # privateAddressOnly: false # AWS flag to only use a private IP address + # requestSpotInstance: false # AWS flag to request spot instance + # tags: "foo,bar" # AWS tags (e.g. key1,value1,key2,value2) + # retries: 5 # AWS retry count for recoverable failures (use -1 to disable) + # rootSize: 16 # AWS root disk size (in GB) + # spotPrice: 0.5 # AWS spot instance bid price (in dollar) + # vpcId: "" # AWS VPC id + # useEbsOptimizedInstance: false # AWS create an EBS optimized instance + # usePrivateAddress: false # AWS force the usage of private IP address + # userdata: "" # AWS file contents for userdata + # zone: a # AWS zone for instance (i.e. a,b,c,d,e) + # availabilitySet: "avs-AZURE_PREFIX" # Azure only + # azureEnvironment: AzurePublicCloud # Azure only + # customData: "" # Azure only + # diskSize: "30" # Azure only + # dockerPort: "2376" # Azure only + # faultDomainCount: "3" # Azure only + # managedDisks: true # Azure only + # networkSecurityGroup: "nsg-AZURE_PREFIX" # Azure only + # noPublicIp: false # Azure only + # privateIpAddress: "" # Azure only + # resourceGroup: "rg-AZURE_PREFIX" # Azure only + # staticPublicIp: "" # Azure only + # subnet: rke2 # Azure only + # subnetPrefix: "192.168.0.0/16" # Azure only + # updateDomainCount: "5" # Azure only + # usePrivateIp: false # Azure only + # virtualNetwork: "vnet-AZURE_PREFIX" # Azure only