[argo-events] Add gateway-controller from #92
This commit is contained in:
Ilya Sotkov
parent
2d713a758b
commit
5ed872661b
17 changed files with 141 additions and 55 deletions
|
|
@ -1,9 +1,11 @@
|
|||
apiVersion: v1
|
||||
description: A Helm chart to install Argo-Events in k8s Cluster
|
||||
name: argo-events
|
||||
version: 0.2.0
|
||||
appVersion: 0.5.0
|
||||
version: 0.3.0
|
||||
keywords:
|
||||
- argo-events
|
||||
- gateway-controller
|
||||
- sensor-controller
|
||||
sources:
|
||||
- https://github.com/argoproj/argo-events
|
||||
|
|
|
|||
|
|
@ -1,12 +1,19 @@
|
|||
# Argo-Events Helm Chart
|
||||
|
||||
This helm chart installs the [argo-events](https://github.com/argoproj/argo-events) application. This application comes packaged with:
|
||||
- Sensor Custom Resource Definition
|
||||
- Sensor Controller Deployment
|
||||
- Sensor Controller ConfigMap
|
||||
- Sensor Controller Service Account
|
||||
- Sensor Controller Cluster Roles
|
||||
- Sensor Controller Cluster Role Bindings
|
||||
- Sensor Controller Cluster Role Binding
|
||||
|
||||
- Gateway Custom Resource Definition
|
||||
- Gateway Controller Deployment
|
||||
- Gateway Controller ConfigMap
|
||||
- Gateway Controller Service Account
|
||||
- Gateway Controller Cluster Roles
|
||||
- Gateway Controller Cluster Role Binding
|
||||
|
||||
Note: the associated `argo-events` cluster role and cluster role bindings can be found in the [roles](https://blade-git.blackrock.com/cloud-native/roles) repository. The purpose that these aren't included in this Helm chart is that we do not have the required permissions to create these resources in the Kubernetes clusters. Reach out to `+Group Kubernetes Support` for help in setting up these roles.
|
||||
|
||||
|
|
|
|||
20
charts/argo-events/templates/_gateway-crd.tpl
Normal file
20
charts/argo-events/templates/_gateway-crd.tpl
Normal file
|
|
@ -0,0 +1,20 @@
|
|||
{{- define "gateway-crd-json" }}
|
||||
{
|
||||
"apiVersion": "apiextensions.k8s.io/{{ .Values.crd.version }}",
|
||||
"kind": "CustomResourceDefinition",
|
||||
"metadata": {
|
||||
"name": "gateways.argoproj.io"
|
||||
},
|
||||
"spec": {
|
||||
"group": "argoproj.io",
|
||||
"names": {
|
||||
"kind": "Gateway",
|
||||
"listKind": "GatewayList",
|
||||
"plural": "gateways",
|
||||
"singular": "gateway"
|
||||
},
|
||||
"scope": "Namespaced",
|
||||
"version": "v1alpha1"
|
||||
}
|
||||
}
|
||||
{{- end}}
|
||||
19
charts/argo-events/templates/apply-gateway-crd-job.yaml
Normal file
19
charts/argo-events/templates/apply-gateway-crd-job.yaml
Normal file
|
|
@ -0,0 +1,19 @@
|
|||
apiVersion: batch/v1
|
||||
kind: Job
|
||||
metadata:
|
||||
name: {{ .Release.Name }}-apply-gateway-crd
|
||||
annotations:
|
||||
helm.sh/hook: pre-install
|
||||
helm.sh/hook-delete-policy: hook-succeeded
|
||||
spec:
|
||||
backoffLimit: 5
|
||||
activeDeadlineSeconds: 100
|
||||
template:
|
||||
spec:
|
||||
serviceAccountName: {{ .Values.crd.jobServiceAccount }}
|
||||
containers:
|
||||
- name: kubectl-apply
|
||||
image: lachlanevenson/k8s-kubectl
|
||||
command: ["/bin/sh"]
|
||||
args: ["-c", 'echo ''{{- include "gateway-crd-json" .}}'' | kubectl apply -f -']
|
||||
restartPolicy: Never
|
||||
|
|
@ -0,0 +1,8 @@
|
|||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: ClusterRole
|
||||
metadata:
|
||||
name: {{ .Release.name }}-{{ .Values.gatewayController.name}}-cluster-role
|
||||
rules:
|
||||
- apiGroups: ["*"]
|
||||
resources: ["*"]
|
||||
verbs: ["*"]
|
||||
|
|
@ -1,12 +1,12 @@
|
|||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: ClusterRoleBinding
|
||||
metadata:
|
||||
name: {{ .Release.name }}-signals-binding
|
||||
name: {{ .Release.name }}-{{ .Values.gatewayController.name}}-binding
|
||||
roleRef:
|
||||
apiGroup: rbac.authorization.k8s.io
|
||||
kind: ClusterRole
|
||||
name: {{ .Release.name }}-signals-cluster-role
|
||||
name: {{ .Release.name }}-{{ .Values.gatewayController.name}}-cluster-role
|
||||
subjects:
|
||||
- kind: ServiceAccount
|
||||
name: {{ .Values.signals.serviceAccount }}
|
||||
name: {{ .Values.gatewayController.serviceAccount }}
|
||||
namespace: {{ .Release.Namespace }}
|
||||
|
|
@ -0,0 +1,16 @@
|
|||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
name: {{ .Release.Name }}-{{ .Values.gatewayController.name }}-configmap
|
||||
labels:
|
||||
chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
|
||||
release: {{ .Release.Name }}
|
||||
heritage: {{ .Release.Service }}
|
||||
data:
|
||||
config: |
|
||||
namespace: {{ .Release.Namespace }}
|
||||
{{- if .Values.useReleaseAsInstanceID }}
|
||||
instanceID: {{ .Release.Name }}
|
||||
{{- else }}
|
||||
instanceID: {{ .Values.instanceID }}
|
||||
{{- end }}
|
||||
|
|
@ -0,0 +1,33 @@
|
|||
apiVersion: apps/v1beta1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: {{ .Release.Name }}-{{ .Values.gatewayController.name }}
|
||||
labels:
|
||||
app: {{ .Release.Name }}-{{ .Values.gatewayController.name }}
|
||||
chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
|
||||
release: {{ .Release.Name }}
|
||||
heritage: {{ .Release.Service }}
|
||||
spec:
|
||||
replicas: {{ .Values.gatewayController.replicaCount }}
|
||||
selector:
|
||||
matchLabels:
|
||||
app: {{ .Release.Name }}-{{ .Values.gatewayController.name }}
|
||||
release: {{ .Release.Name }}
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app: {{ .Release.Name }}-{{ .Values.gatewayController.name }}
|
||||
release: {{ .Release.Name }}
|
||||
spec:
|
||||
serviceAccountName: {{ .Values.gatewayController.serviceAccount }}
|
||||
containers:
|
||||
- name: {{ .Values.gatewayController.name }}
|
||||
image: "{{ .Values.registry }}/{{ .Values.gatewayController.image }}:{{ .Values.gatewayController.tag }}"
|
||||
imagePullPolicy: {{ .Values.imagePullPolicy }}
|
||||
env:
|
||||
- name: GATEWAY_NAMESPACE
|
||||
valueFrom:
|
||||
fieldRef:
|
||||
fieldPath: metadata.namespace
|
||||
- name: GATEWAY_CONTROLLER_CONFIG_MAP
|
||||
value: {{ .Release.Name }}-{{ .Values.gatewayController.name }}-configmap
|
||||
4
charts/argo-events/templates/gateway-controller-sa.yaml
Normal file
4
charts/argo-events/templates/gateway-controller-sa.yaml
Normal file
|
|
@ -0,0 +1,4 @@
|
|||
apiVersion: v1
|
||||
kind: ServiceAccount
|
||||
metadata:
|
||||
name: {{ .Values.gatewayController.serviceAccount }}
|
||||
|
|
@ -1,15 +1,8 @@
|
|||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: ClusterRole
|
||||
metadata:
|
||||
name: {{ .Release.name }}-{{ .Values.controller.name}}-cluster-role
|
||||
name: {{ .Release.name }}-{{ .Values.sensorController.name}}-cluster-role
|
||||
rules:
|
||||
- apiGroups: ["argoproj.io"]
|
||||
resources: ["sensors"]
|
||||
verbs: ["get", "list", "watch", "update", "patch"]
|
||||
# The following rules define what the triggers can do
|
||||
- apiGroups: ["argoproj.io"]
|
||||
resources: ["workflows"]
|
||||
verbs: ["create", "delete"]
|
||||
- apiGroups: [""]
|
||||
resources: ["configmaps", "secrets", "pods"]
|
||||
verbs: ["get", "watch", "list", "patch"]
|
||||
- apiGroups: ["*"]
|
||||
resources: ["*"]
|
||||
verbs: ["*"]
|
||||
|
|
|
|||
|
|
@ -1,12 +1,12 @@
|
|||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: ClusterRoleBinding
|
||||
metadata:
|
||||
name: {{ .Release.name }}-{{ .Values.controller.name}}-binding
|
||||
name: {{ .Release.name }}-{{ .Values.sensorController.name}}-binding
|
||||
roleRef:
|
||||
apiGroup: rbac.authorization.k8s.io
|
||||
kind: ClusterRole
|
||||
name: {{ .Release.name }}-{{ .Values.controller.name}}-cluster-role
|
||||
name: {{ .Release.name }}-{{ .Values.sensorController.name}}-cluster-role
|
||||
subjects:
|
||||
- kind: ServiceAccount
|
||||
name: {{ .Values.controller.serviceAccount }}
|
||||
name: {{ .Values.sensorController.serviceAccount }}
|
||||
namespace: {{ .Release.Namespace }}
|
||||
|
|
@ -1,7 +1,7 @@
|
|||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
name: {{ .Release.Name }}-{{ .Values.controller.name }}-configmap
|
||||
name: {{ .Release.Name }}-{{ .Values.sensorController.name }}-configmap
|
||||
labels:
|
||||
chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
|
||||
release: {{ .Release.Name }}
|
||||
|
|
|
|||
|
|
@ -1,28 +1,28 @@
|
|||
apiVersion: apps/v1beta1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: {{ .Release.Name }}-{{ .Values.controller.name }}
|
||||
name: {{ .Release.Name }}-{{ .Values.sensorController.name }}
|
||||
labels:
|
||||
app: {{ .Release.Name }}-{{ .Values.controller.name }}
|
||||
app: {{ .Release.Name }}-{{ .Values.sensorController.name }}
|
||||
chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
|
||||
release: {{ .Release.Name }}
|
||||
heritage: {{ .Release.Service }}
|
||||
spec:
|
||||
replicas: {{ .Values.controller.replicaCount }}
|
||||
replicas: {{ .Values.sensorController.replicaCount }}
|
||||
selector:
|
||||
matchLabels:
|
||||
app: {{ .Release.Name }}-{{ .Values.controller.name }}
|
||||
app: {{ .Release.Name }}-{{ .Values.sensorController.name }}
|
||||
release: {{ .Release.Name }}
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app: {{ .Release.Name }}-{{ .Values.controller.name }}
|
||||
app: {{ .Release.Name }}-{{ .Values.sensorController.name }}
|
||||
release: {{ .Release.Name }}
|
||||
spec:
|
||||
serviceAccountName: {{ .Values.controller.serviceAccount }}
|
||||
serviceAccountName: {{ .Values.sensorController.serviceAccount }}
|
||||
containers:
|
||||
- name: {{ .Values.controller.name }}
|
||||
image: "{{ .Values.registry }}/{{ .Values.controller.image }}:{{ .Values.controller.tag }}"
|
||||
- name: {{ .Values.sensorController.name }}
|
||||
image: "{{ .Values.registry }}/{{ .Values.sensorController.image }}:{{ .Values.sensorController.tag }}"
|
||||
imagePullPolicy: {{ .Values.imagePullPolicy }}
|
||||
env:
|
||||
- name: SENSOR_NAMESPACE
|
||||
|
|
@ -30,4 +30,4 @@ spec:
|
|||
fieldRef:
|
||||
fieldPath: metadata.namespace
|
||||
- name: SENSOR_CONFIG_MAP
|
||||
value: {{ .Release.Name }}-{{ .Values.controller.name }}-configmap
|
||||
value: {{ .Release.Name }}-{{ .Values.sensorController.name }}-configmap
|
||||
|
|
|
|||
|
|
@ -1,4 +1,4 @@
|
|||
apiVersion: v1
|
||||
kind: ServiceAccount
|
||||
metadata:
|
||||
name: {{ .Values.controller.serviceAccount }}
|
||||
name: {{ .Values.sensorController.serviceAccount }}
|
||||
|
|
|
|||
|
|
@ -1,11 +0,0 @@
|
|||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: ClusterRole
|
||||
metadata:
|
||||
name: {{ .Release.name }}-signals-cluster-role
|
||||
rules:
|
||||
- apiGroups: [""]
|
||||
resources: ["pods"]
|
||||
verbs: ["watch", "list", "patch"]
|
||||
- apiGroups: {{ .Values.signals.listenRoles.apiGroups }}
|
||||
resources: {{ .Values.signals.listenRoles.resources }}
|
||||
verbs: ["get", "list", "watch"]
|
||||
|
|
@ -1,4 +0,0 @@
|
|||
apiVersion: v1
|
||||
kind: ServiceAccount
|
||||
metadata:
|
||||
name: {{ .Values.signals.serviceAccount }}
|
||||
|
|
@ -1,4 +1,4 @@
|
|||
registry: argoproj
|
||||
registry: metalgearsolid
|
||||
imagePullPolicy: Always
|
||||
|
||||
# Version of the Sensor CRD
|
||||
|
|
@ -11,17 +11,16 @@ useReleaseAsInstanceID: true
|
|||
instanceID: 1
|
||||
|
||||
# controller
|
||||
controller:
|
||||
sensorController:
|
||||
name: sensor-controller
|
||||
image: sensor-controller
|
||||
tag: latest
|
||||
replicaCount: 1
|
||||
serviceAccount: argo-events
|
||||
serviceAccount: sensor-controller
|
||||
|
||||
# signal microservices
|
||||
signals:
|
||||
serviceAccount: argo-signals
|
||||
# this controls what the resource signal pod can listen to
|
||||
listenRoles:
|
||||
apiGroups: ["argoproj.io", ""]
|
||||
resources: ["sensors", "workflows", "pods"]
|
||||
gatewayController:
|
||||
name: gateway-controller
|
||||
image: gateway-controller
|
||||
tag: latest
|
||||
replicaCount: 1
|
||||
serviceAccount: gateway-controller
|
||||
|
|
|
|||
Loading…
Reference in a new issue