├── installer
├── helm
│ ├── cellery-istio-agents
│ │ ├── values.yaml
│ │ ├── charts
│ │ │ └── telemetry-agents
│ │ │ │ ├── values.yaml
│ │ │ │ ├── Chart.yaml
│ │ │ │ └── .helmignore
│ │ ├── Chart.yaml
│ │ └── .helmignore
│ ├── cellery-runtime
│ │ ├── charts
│ │ │ ├── controller
│ │ │ │ ├── values.yaml
│ │ │ │ ├── templates
│ │ │ │ │ ├── 02-service-account.yaml
│ │ │ │ │ ├── 03-cluster-role-binding.yaml
│ │ │ │ │ ├── 08-crd-autoscale-policy.yaml
│ │ │ │ │ ├── 09-crd-token-service.yaml
│ │ │ │ │ ├── 12-controller.yaml
│ │ │ │ │ ├── 00-namespace.yaml
│ │ │ │ │ ├── 06-crd-gateway.yaml
│ │ │ │ │ ├── 05-crd-composite.yaml
│ │ │ │ │ ├── 04-crd-cell.yaml
│ │ │ │ │ └── 07-crd-component.yaml
│ │ │ │ ├── .helmignore
│ │ │ │ └── Chart.yaml
│ │ │ ├── portal
│ │ │ │ ├── values.yaml
│ │ │ │ ├── Chart.yaml
│ │ │ │ ├── .helmignore
│ │ │ │ └── templates
│ │ │ │ │ └── observability-portal-config.yaml
│ │ │ ├── observability-agent
│ │ │ │ ├── values.yaml
│ │ │ │ ├── Chart.yaml
│ │ │ │ └── .helmignore
│ │ │ ├── apim
│ │ │ │ ├── templates
│ │ │ │ │ ├── NOTES.txt
│ │ │ │ │ ├── svcaccount.yaml
│ │ │ │ │ ├── apim-conf-datasources.yaml
│ │ │ │ │ ├── apim-conf.yaml
│ │ │ │ │ ├── apim-conf-tomcat.yaml
│ │ │ │ │ ├── apim-conf-identity.yaml
│ │ │ │ │ └── apim-conf-security.yaml
│ │ │ │ ├── .helmignore
│ │ │ │ ├── Chart.yaml
│ │ │ │ └── confs
│ │ │ │ │ └── apim
│ │ │ │ │ └── synapse-handlers.xml
│ │ │ ├── sp
│ │ │ │ ├── values.yaml
│ │ │ │ ├── Chart.yaml
│ │ │ │ ├── .helmignore
│ │ │ │ └── templates
│ │ │ │ │ ├── sp-worker-conf.yaml
│ │ │ │ │ └── sp-worker-siddhi.yaml
│ │ │ ├── grafana
│ │ │ │ ├── confs
│ │ │ │ │ ├── config
│ │ │ │ │ │ └── grafana.ini
│ │ │ │ │ ├── datasources
│ │ │ │ │ │ └── prometheus.yaml
│ │ │ │ │ └── dashboards
│ │ │ │ │ │ └── dashboardproviders.yaml
│ │ │ │ ├── .helmignore
│ │ │ │ ├── values.yaml
│ │ │ │ ├── Chart.yaml
│ │ │ │ └── templates
│ │ │ │ │ └── grafana-conf.yaml
│ │ │ ├── idp
│ │ │ │ ├── templates
│ │ │ │ │ ├── NOTES.txt
│ │ │ │ │ ├── svcaccount.yaml
│ │ │ │ │ ├── identity-server-conf-datasources.yaml
│ │ │ │ │ ├── identity-server-service.yaml
│ │ │ │ │ ├── identity-server-conf.yaml
│ │ │ │ │ ├── identity-server-conf-axis2.yaml
│ │ │ │ │ └── identity-server-conf-tomcat.yaml
│ │ │ │ ├── auth.json
│ │ │ │ ├── Chart.yaml
│ │ │ │ ├── confs
│ │ │ │ │ └── hazelcast.properties
│ │ │ │ ├── values.yaml
│ │ │ │ └── .helmignore
│ │ │ ├── mysql
│ │ │ │ ├── templates
│ │ │ │ │ ├── configurationFiles-configmap.yaml
│ │ │ │ │ ├── initializationFiles-configmap.yaml
│ │ │ │ │ ├── pvc.yaml
│ │ │ │ │ ├── svc.yaml
│ │ │ │ │ └── _helpers.tpl
│ │ │ │ └── Chart.yaml
│ │ │ └── prometheus
│ │ │ │ ├── .helmignore
│ │ │ │ ├── values.yaml
│ │ │ │ ├── Chart.yaml
│ │ │ │ └── templates
│ │ │ │ └── prometheus.yaml
│ │ ├── .helmignore
│ │ └── Chart.yaml
│ ├── ingress-controller
│ │ ├── charts
│ │ │ └── nginx-ingress
│ │ │ │ ├── ci
│ │ │ │ └── psp-values.yaml
│ │ │ │ ├── OWNERS
│ │ │ │ ├── templates
│ │ │ │ ├── serviceaccount.yaml
│ │ │ │ ├── tcp-configmap.yaml
│ │ │ │ ├── udp-configmap.yaml
│ │ │ │ ├── headers-configmap.yaml
│ │ │ │ ├── rolebinding.yaml
│ │ │ │ ├── controller-poddisruptionbudget.yaml
│ │ │ │ ├── clusterrolebinding.yaml
│ │ │ │ ├── controller-configmap.yaml
│ │ │ │ └── default-backend-poddisruptionbudget.yaml
│ │ │ │ ├── .helmignore
│ │ │ │ └── Chart.yaml
│ │ ├── Chart.yaml
│ │ ├── .helmignore
│ │ ├── requirements.yaml
│ │ └── values.yaml
│ ├── istio
│ │ ├── templates
│ │ │ ├── _podDisruptionBudget.tpl
│ │ │ ├── serviceaccount.yaml
│ │ │ ├── clusterrole.yaml
│ │ │ ├── clusterrolebinding.yaml
│ │ │ ├── sidecar-injector-configmap.yaml
│ │ │ ├── install-custom-resources.sh.tpl
│ │ │ └── NOTES.txt
│ │ ├── charts
│ │ │ ├── grafana
│ │ │ │ ├── Chart.yaml
│ │ │ │ └── templates
│ │ │ │ │ ├── grafana-ports-mtls.yaml
│ │ │ │ │ ├── pvc.yaml
│ │ │ │ │ ├── configmap-custom-resources.yaml
│ │ │ │ │ ├── configmap-dashboards.yaml
│ │ │ │ │ ├── configmap.yaml
│ │ │ │ │ ├── service.yaml
│ │ │ │ │ └── _helpers.tpl
│ │ │ ├── tracing
│ │ │ │ ├── Chart.yaml
│ │ │ │ └── templates
│ │ │ │ │ └── _helpers.tpl
│ │ │ ├── certmanager
│ │ │ │ ├── Chart.yaml
│ │ │ │ └── templates
│ │ │ │ │ ├── NOTES.txt
│ │ │ │ │ ├── serviceaccount.yaml
│ │ │ │ │ ├── poddisruptionbudget.yaml
│ │ │ │ │ ├── _helpers.tpl
│ │ │ │ │ └── issuer.yaml
│ │ │ ├── prometheus
│ │ │ │ ├── Chart.yaml
│ │ │ │ └── templates
│ │ │ │ │ ├── serviceaccount.yaml
│ │ │ │ │ ├── clusterrolebindings.yaml
│ │ │ │ │ ├── clusterrole.yaml
│ │ │ │ │ └── _helpers.tpl
│ │ │ ├── istiocoredns
│ │ │ │ ├── Chart.yaml
│ │ │ │ └── templates
│ │ │ │ │ ├── clusterrole.yaml
│ │ │ │ │ ├── service.yaml
│ │ │ │ │ ├── serviceaccount.yaml
│ │ │ │ │ ├── clusterrolebinding.yaml
│ │ │ │ │ ├── configmap.yaml
│ │ │ │ │ └── _helpers.tpl
│ │ │ ├── kiali
│ │ │ │ ├── Chart.yaml
│ │ │ │ └── templates
│ │ │ │ │ ├── service.yaml
│ │ │ │ │ ├── demosecret.yaml
│ │ │ │ │ ├── serviceaccount.yaml
│ │ │ │ │ ├── clusterrolebinding.yaml
│ │ │ │ │ ├── configmap.yaml
│ │ │ │ │ └── _helpers.tpl
│ │ │ ├── galley
│ │ │ │ ├── Chart.yaml
│ │ │ │ ├── templates
│ │ │ │ │ ├── configmap.yaml
│ │ │ │ │ ├── serviceaccount.yaml
│ │ │ │ │ ├── service.yaml
│ │ │ │ │ ├── clusterrolebinding.yaml
│ │ │ │ │ ├── poddisruptionbudget.yaml
│ │ │ │ │ └── _helpers.tpl
│ │ │ │ └── values.yaml
│ │ │ ├── mixer
│ │ │ │ ├── Chart.yaml
│ │ │ │ └── templates
│ │ │ │ │ ├── serviceaccount.yaml
│ │ │ │ │ ├── clusterrolebinding.yaml
│ │ │ │ │ ├── clusterrole.yaml
│ │ │ │ │ ├── autoscale.yaml
│ │ │ │ │ ├── poddisruptionbudget.yaml
│ │ │ │ │ ├── service.yaml
│ │ │ │ │ └── _helpers.tpl
│ │ │ ├── pilot
│ │ │ │ ├── Chart.yaml
│ │ │ │ └── templates
│ │ │ │ │ ├── serviceaccount.yaml
│ │ │ │ │ ├── clusterrolebinding.yaml
│ │ │ │ │ ├── service.yaml
│ │ │ │ │ ├── poddisruptionbudget.yaml
│ │ │ │ │ ├── autoscale.yaml
│ │ │ │ │ ├── _helpers.tpl
│ │ │ │ │ └── clusterrole.yaml
│ │ │ ├── security
│ │ │ │ ├── Chart.yaml
│ │ │ │ └── templates
│ │ │ │ │ ├── serviceaccount.yaml
│ │ │ │ │ ├── enable-mesh-permissive.yaml
│ │ │ │ │ ├── clusterrolebinding.yaml
│ │ │ │ │ ├── configmap.yaml
│ │ │ │ │ ├── service.yaml
│ │ │ │ │ ├── clusterrole.yaml
│ │ │ │ │ └── _helpers.tpl
│ │ │ ├── nodeagent
│ │ │ │ ├── Chart.yaml
│ │ │ │ └── templates
│ │ │ │ │ ├── clusterrole.yaml
│ │ │ │ │ ├── serviceaccount.yaml
│ │ │ │ │ ├── clusterrolebinding.yaml
│ │ │ │ │ └── _helpers.tpl
│ │ │ ├── gateways
│ │ │ │ ├── Chart.yaml
│ │ │ │ └── templates
│ │ │ │ │ ├── role.yaml
│ │ │ │ │ ├── rolebindings.yaml
│ │ │ │ │ ├── serviceaccount.yaml
│ │ │ │ │ ├── autoscale.yaml
│ │ │ │ │ ├── poddisruptionbudget.yaml
│ │ │ │ │ └── _helpers.tpl
│ │ │ └── sidecarInjectorWebhook
│ │ │ │ ├── Chart.yaml
│ │ │ │ └── templates
│ │ │ │ ├── service.yaml
│ │ │ │ ├── serviceaccount.yaml
│ │ │ │ ├── clusterrole.yaml
│ │ │ │ ├── poddisruptionbudget.yaml
│ │ │ │ ├── clusterrolebinding.yaml
│ │ │ │ └── _helpers.tpl
│ │ ├── example-values
│ │ │ ├── README.md
│ │ │ ├── values-istio-googleca.yaml
│ │ │ └── values-istio-multicluster-gateways.yaml
│ │ ├── Chart.yaml
│ │ ├── values-istio-sds-auth.yaml
│ │ ├── values-istio-remote.yaml
│ │ ├── values-istio-minimal.yaml
│ │ └── requirements.yaml
│ ├── istio-init
│ │ ├── templates
│ │ │ ├── serviceaccount.yaml
│ │ │ ├── configmap-crd-10.yaml
│ │ │ ├── configmap-crd-11.yaml
│ │ │ ├── configmap-crd-12.yaml
│ │ │ ├── configmap-crd-certmanager-10.yaml
│ │ │ ├── configmap-crd-certmanager-11.yaml
│ │ │ ├── clusterrole.yaml
│ │ │ ├── clusterrolebinding.yaml
│ │ │ ├── job-crd-10.yaml
│ │ │ ├── job-crd-11.yaml
│ │ │ ├── job-crd-12.yaml
│ │ │ ├── job-crd-certmanager-10.yaml
│ │ │ └── job-crd-certmanager-11.yaml
│ │ ├── Chart.yaml
│ │ ├── files
│ │ │ ├── crd-12.yaml
│ │ │ └── crd-11.yaml
│ │ └── values.yaml
│ ├── knative
│ │ ├── .helmignore
│ │ ├── values.yaml
│ │ └── Chart.yaml
│ ├── knative-crd
│ │ ├── .helmignore
│ │ └── Chart.yaml
│ └── metrics-server
│ │ ├── .helmignore
│ │ ├── values.yaml
│ │ ├── Chart.yaml
│ │ └── templates
│ │ ├── auth-delegator.yaml
│ │ ├── metrics-apiservice.yaml
│ │ ├── metrics-server-service.yaml
│ │ ├── auth-reader.yaml
│ │ └── aggregated-metrics-reader.yaml
├── k8s-artefacts
│ ├── observability
│ │ └── grafana
│ │ │ ├── config
│ │ │ └── grafana.ini
│ │ │ ├── datasources
│ │ │ └── prometheus.yaml
│ │ │ └── dashboards
│ │ │ └── dashboardproviders.yaml
│ ├── controller
│ │ ├── 02-service-account.yaml
│ │ ├── 03-cluster-role-binding.yaml
│ │ ├── 08-crd-autoscale-policy.yaml
│ │ ├── 09-crd-token-service.yaml
│ │ ├── 12-controller.yaml
│ │ ├── 00-namespace.yaml
│ │ ├── 06-crd-gateway.yaml
│ │ ├── 05-crd-composite.yaml
│ │ ├── 04-crd-cell.yaml
│ │ └── 07-crd-component.yaml
│ ├── global-idp
│ │ └── conf
│ │ │ └── hazelcast.properties
│ ├── system
│ │ ├── istio-gateway.yaml
│ │ ├── cloud-generic.yaml
│ │ ├── service-nodeport.yaml
│ │ └── ns-init.yaml
│ ├── metrics-server
│ │ ├── auth-delegator.yaml
│ │ ├── metrics-apiservice.yaml
│ │ ├── metrics-server-service.yaml
│ │ ├── auth-reader.yaml
│ │ ├── aggregated-metrics-reader.yaml
│ │ └── resource-reader.yaml
│ ├── global-apim
│ │ ├── conf
│ │ │ └── synapse-handlers.xml
│ │ ├── persistent-volume-claim-local.yaml
│ │ ├── artifacts-persistent-volume-claim.yaml
│ │ └── artifacts-persistent-volume.yaml
│ ├── mysql
│ │ ├── mysql-service.yaml
│ │ ├── mysql-persistent-volume-claim.yaml
│ │ └── mysql-persistent-volumes.yaml
│ └── nfs
│ │ └── nfs-persistent-volume-claim.yaml
├── packer
│ ├── cellery-full-runtime-imgs
│ │ ├── .DS_Store
│ │ ├── resources
│ │ │ ├── 50-cellery.yaml
│ │ │ ├── rbac-config.yaml
│ │ │ └── ingress-controller-values.yaml
│ │ ├── cleanup.sh
│ │ └── build.sh
│ ├── gapim-runtime-images
│ │ ├── resources
│ │ │ └── 50-cellery.yaml
│ │ ├── cleanup.sh
│ │ └── build.sh
│ ├── cellery-min-runtime-imgs
│ │ ├── resources
│ │ │ ├── 50-cellery.yaml
│ │ │ ├── rbac-config.yaml
│ │ │ └── ingress-controller-values.yaml
│ │ ├── cleanup.sh
│ │ └── build.sh
│ └── minimum-runtime-images
│ │ ├── resources
│ │ └── 50-cellery.yaml
│ │ ├── cleanup.sh
│ │ └── build.sh
└── scripts
│ └── cellery-runtime-deployer
│ └── cellery.env.kubeadm
├── docker
├── lightweight-idp
│ └── resources
│ │ └── identity
│ │ └── authenticationendpoint
│ │ └── images
│ │ └── favicon.png
├── microgateway
│ └── init-container-base
│ │ └── README.md
└── api-publisher
│ └── Dockerfile
├── .gitignore
├── issue_template.md
└── components
├── api
└── io.cellery.cell.api.publisher
│ ├── spotbugs-exclude.xml
│ └── src
│ └── main
│ └── java
│ └── io
│ └── cellery
│ └── cell
│ └── api
│ └── publisher
│ └── exceptions
│ └── APIException.java
└── gateway
└── io.cellery.cell.gateway.initializer
└── spotbugs-exclude.xml
/installer/helm/cellery-istio-agents/values.yaml:
--------------------------------------------------------------------------------
1 |
2 |
--------------------------------------------------------------------------------
/installer/helm/cellery-runtime/charts/controller/values.yaml:
--------------------------------------------------------------------------------
1 |
--------------------------------------------------------------------------------
/installer/helm/cellery-runtime/charts/portal/values.yaml:
--------------------------------------------------------------------------------
1 |
2 |
--------------------------------------------------------------------------------
/installer/helm/cellery-istio-agents/charts/telemetry-agents/values.yaml:
--------------------------------------------------------------------------------
1 |
2 |
--------------------------------------------------------------------------------
/installer/helm/cellery-runtime/charts/observability-agent/values.yaml:
--------------------------------------------------------------------------------
1 |
2 |
--------------------------------------------------------------------------------
/installer/helm/cellery-runtime/charts/apim/templates/NOTES.txt:
--------------------------------------------------------------------------------
1 | Cellery global APIM
2 |
--------------------------------------------------------------------------------
/installer/helm/ingress-controller/charts/nginx-ingress/ci/psp-values.yaml:
--------------------------------------------------------------------------------
1 | podSecurityPolicy:
2 | enabled: true
3 |
--------------------------------------------------------------------------------
/installer/helm/cellery-runtime/charts/sp/values.yaml:
--------------------------------------------------------------------------------
1 | datasources:
2 | enabled: true
3 |
4 | deployment:
5 | enabled: true
6 |
--------------------------------------------------------------------------------
/installer/helm/istio/templates/_podDisruptionBudget.tpl:
--------------------------------------------------------------------------------
1 | {{- define "podDisruptionBudget.spec" }}
2 | minAvailable: 1
3 | {{- end }}
4 |
--------------------------------------------------------------------------------
/installer/k8s-artefacts/observability/grafana/config/grafana.ini:
--------------------------------------------------------------------------------
1 | instance_name=http://cellery-k8s-metrics
2 |
3 | [users]
4 | default_theme=light
5 |
--------------------------------------------------------------------------------
/installer/helm/cellery-runtime/charts/grafana/confs/config/grafana.ini:
--------------------------------------------------------------------------------
1 | instance_name=http://cellery-k8s-metrics
2 |
3 | [users]
4 | default_theme=light
5 |
--------------------------------------------------------------------------------
/installer/helm/cellery-runtime/charts/sp/Chart.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | appVersion: "1.0"
3 | description: Stream Processor
4 | name: sp
5 | version: 0.1.0
6 |
--------------------------------------------------------------------------------
/installer/packer/cellery-full-runtime-imgs/.DS_Store:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/wso2/cellery-distribution/HEAD/installer/packer/cellery-full-runtime-imgs/.DS_Store
--------------------------------------------------------------------------------
/installer/k8s-artefacts/controller/02-service-account.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: ServiceAccount
3 | metadata:
4 | name: controller
5 | namespace: cellery-system
6 |
--------------------------------------------------------------------------------
/installer/helm/cellery-runtime/charts/portal/Chart.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | appVersion: "1.0"
3 | description: A Helm chart for Kubernetes
4 | name: portal
5 | version: 0.1.0
6 |
--------------------------------------------------------------------------------
/installer/helm/ingress-controller/Chart.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | appVersion: "1.0"
3 | description: A Helm chart for Kubernetes
4 | name: ingress-controller
5 | version: 0.1.0
6 |
--------------------------------------------------------------------------------
/installer/helm/istio/templates/serviceaccount.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: ServiceAccount
3 | metadata:
4 | name: istio-multi
5 | namespace: {{ .Release.Namespace }}
6 |
--------------------------------------------------------------------------------
/installer/helm/cellery-istio-agents/Chart.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | appVersion: "1.0"
3 | description: A Helm chart for Kubernetes
4 | name: cellery-istio-agents
5 | version: 0.1.0
6 |
--------------------------------------------------------------------------------
/installer/helm/cellery-runtime/charts/controller/templates/02-service-account.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: ServiceAccount
3 | metadata:
4 | name: controller
5 | namespace: cellery-system
6 |
--------------------------------------------------------------------------------
/installer/helm/istio/charts/grafana/Chart.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | description: A Helm chart for Kubernetes
3 | name: grafana
4 | version: 1.2.2
5 | appVersion: 1.2.2
6 | tillerVersion: ">=2.7.2"
7 |
--------------------------------------------------------------------------------
/installer/helm/istio/charts/tracing/Chart.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | description: A Helm chart for Kubernetes
3 | name: tracing
4 | version: 1.2.2
5 | appVersion: 1.5.1
6 | tillerVersion: ">=2.7.2"
7 |
--------------------------------------------------------------------------------
/installer/helm/cellery-istio-agents/charts/telemetry-agents/Chart.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | appVersion: "1.0"
3 | description: A Helm chart for Kubernetes
4 | name: telemetry-agents
5 | version: 0.1.0
6 |
--------------------------------------------------------------------------------
/installer/helm/cellery-runtime/charts/observability-agent/Chart.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | appVersion: "1.0"
3 | description: A Helm chart for Kubernetes
4 | name: observability-agent
5 | version: 0.1.0
6 |
--------------------------------------------------------------------------------
/installer/helm/ingress-controller/charts/nginx-ingress/OWNERS:
--------------------------------------------------------------------------------
1 | approvers:
2 | - jackzampolin
3 | - mgoodness
4 | - ChiefAlexander
5 | reviewers:
6 | - jackzampolin
7 | - mgoodness
8 | - ChiefAlexander
9 |
--------------------------------------------------------------------------------
/installer/helm/istio/charts/certmanager/Chart.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | description: A Helm chart for Kubernetes
3 | name: certmanager
4 | version: 1.2.2
5 | appVersion: 0.6.2
6 | tillerVersion: ">=2.7.2"
7 |
--------------------------------------------------------------------------------
/installer/helm/istio/charts/prometheus/Chart.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | description: A Helm chart for Kubernetes
3 | name: prometheus
4 | version: 1.2.2
5 | appVersion: 2.8.0
6 | tillerVersion: ">=2.7.2"
7 |
--------------------------------------------------------------------------------
/docker/lightweight-idp/resources/identity/authenticationendpoint/images/favicon.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/wso2/cellery-distribution/HEAD/docker/lightweight-idp/resources/identity/authenticationendpoint/images/favicon.png
--------------------------------------------------------------------------------
/installer/k8s-artefacts/global-idp/conf/hazelcast.properties:
--------------------------------------------------------------------------------
1 | #Disabling the hazelcast shutdown hook
2 | hazelcast.shutdownhook.enabled=false
3 | #Setting the hazelcast logging type to log4j
4 | hazelcast.logging.type=log4j
5 |
--------------------------------------------------------------------------------
/installer/packer/gapim-runtime-images/resources/50-cellery.yaml:
--------------------------------------------------------------------------------
1 | network:
2 | version: 2
3 | renderer: networkd
4 | ethernets:
5 | enp0s8:
6 | dhcp4: no
7 | dhcp6: no
8 | addresses: [192.168.56.10/24, ]
9 |
--------------------------------------------------------------------------------
/installer/packer/cellery-full-runtime-imgs/resources/50-cellery.yaml:
--------------------------------------------------------------------------------
1 | network:
2 | version: 2
3 | renderer: networkd
4 | ethernets:
5 | enp0s8:
6 | dhcp4: no
7 | dhcp6: no
8 | addresses: [192.168.56.10/24, ]
9 |
--------------------------------------------------------------------------------
/installer/packer/cellery-min-runtime-imgs/resources/50-cellery.yaml:
--------------------------------------------------------------------------------
1 | network:
2 | version: 2
3 | renderer: networkd
4 | ethernets:
5 | enp0s8:
6 | dhcp4: no
7 | dhcp6: no
8 | addresses: [192.168.56.10/24, ]
9 |
--------------------------------------------------------------------------------
/installer/packer/minimum-runtime-images/resources/50-cellery.yaml:
--------------------------------------------------------------------------------
1 | network:
2 | version: 2
3 | renderer: networkd
4 | ethernets:
5 | enp0s8:
6 | dhcp4: no
7 | dhcp6: no
8 | addresses: [192.168.56.10/24, ]
9 |
--------------------------------------------------------------------------------
/installer/k8s-artefacts/observability/grafana/datasources/prometheus.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: 1
2 | datasources:
3 | - name: Prometheus
4 | type: prometheus
5 | access: proxy
6 | url: http://k8s-metrics-prometheus.cellery-system:9090
7 |
--------------------------------------------------------------------------------
/installer/helm/cellery-runtime/charts/grafana/confs/datasources/prometheus.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: 1
2 | datasources:
3 | - name: Prometheus
4 | type: prometheus
5 | access: proxy
6 | url: http://k8s-metrics-prometheus.cellery-system:9090
7 |
--------------------------------------------------------------------------------
/installer/helm/istio/charts/istiocoredns/Chart.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | description: Istio CoreDNS provides DNS resolution for services in multicluster setups.
3 | name: istiocoredns
4 | version: 1.2.2
5 | appVersion: 0.1
6 | tillerVersion: ">=2.7.2"
7 |
--------------------------------------------------------------------------------
/installer/helm/istio-init/templates/serviceaccount.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: ServiceAccount
3 | metadata:
4 | name: istio-init-service-account
5 | namespace: {{ .Release.Namespace }}
6 | labels:
7 | app: istio-init
8 | istio: init
9 |
10 |
--------------------------------------------------------------------------------
/installer/helm/istio-init/templates/configmap-crd-10.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: ConfigMap
3 | metadata:
4 | namespace: {{ .Release.Namespace }}
5 | name: istio-crd-10
6 | data:
7 | crd-10.yaml: |-
8 | {{.Files.Get "files/crd-10.yaml" | printf "%s" | indent 4}}
9 |
--------------------------------------------------------------------------------
/installer/helm/istio-init/templates/configmap-crd-11.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: ConfigMap
3 | metadata:
4 | namespace: {{ .Release.Namespace }}
5 | name: istio-crd-11
6 | data:
7 | crd-11.yaml: |-
8 | {{.Files.Get "files/crd-11.yaml" | printf "%s" | indent 4}}
9 |
--------------------------------------------------------------------------------
/installer/helm/istio-init/templates/configmap-crd-12.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: ConfigMap
3 | metadata:
4 | namespace: {{ .Release.Namespace }}
5 | name: istio-crd-12
6 | data:
7 | crd-12.yaml: |-
8 | {{.Files.Get "files/crd-12.yaml" | printf "%s" | indent 4}}
9 |
--------------------------------------------------------------------------------
/installer/helm/istio/charts/kiali/Chart.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | description: Kiali is an open source project for service mesh observability, refer to https://www.kiali.io for details.
3 | name: kiali
4 | version: 1.2.2
5 | appVersion: 0.20
6 | tillerVersion: ">=2.7.2"
7 |
--------------------------------------------------------------------------------
/installer/helm/cellery-runtime/charts/idp/templates/NOTES.txt:
--------------------------------------------------------------------------------
1 | Thank you for installing WSO2 Identity Server.
2 |
3 | Your release is named {{ .Release.Name }}.
4 |
5 | Please refer the official documentation at https://docs.wso2.com/display/IS560/WSO2+Identity+Server+Documentation
6 |
--------------------------------------------------------------------------------
/installer/helm/istio/example-values/README.md:
--------------------------------------------------------------------------------
1 | # Example Values
2 |
3 | These files provide various example values for different Istio setups.
4 |
5 | To use them, [read the docs](https://istio.io/docs/setup/kubernetes/helm-install/) and add the flag `--values example-file.yaml`.
6 |
--------------------------------------------------------------------------------
/installer/helm/cellery-runtime/charts/idp/auth.json:
--------------------------------------------------------------------------------
1 | {
2 | "auths": {
3 | "docker.wso2.com": {
4 | "username": "docker.wso2.com.username",
5 | "password": "docker.wso2.com.password",
6 | "email": "docker.wso2.com.email",
7 | "auth": "docker.wso2.com.auth"
8 | }
9 | }
10 | }
11 |
--------------------------------------------------------------------------------
/installer/helm/istio/charts/certmanager/templates/NOTES.txt:
--------------------------------------------------------------------------------
1 | certmanager has been deployed successfully!
2 |
3 | More information on the different types of issuers and how to configure them
4 | can be found in our documentation:
5 |
6 | https://cert-manager.readthedocs.io/en/latest/reference/issuers.html
--------------------------------------------------------------------------------
/docker/microgateway/init-container-base/README.md:
--------------------------------------------------------------------------------
1 | Source files used to build the docker image.
2 |
3 | jdk-8u171-linux-x64.tar.gz
4 | wso2am-cell-gw-2.6.0.zip
5 |
6 | MD5 (jdk-8u171-linux-x64.tar.gz) = 43dafc862dd98bcff889e1239625e7a3
7 | MD5 (wso2am-cell-gw-2.6.0.zip) = b938891e6953d9abf3ad356cf74740bc
8 |
--------------------------------------------------------------------------------
/installer/k8s-artefacts/observability/grafana/dashboards/dashboardproviders.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: 1
2 | providers:
3 | - name: default
4 | orgId: 1
5 | folder: ''
6 | type: file
7 | disableDeletion: true
8 | editable: false
9 | options:
10 | path: /etc/grafana/provisioning/dashboards/default
11 |
--------------------------------------------------------------------------------
/installer/helm/cellery-runtime/charts/grafana/confs/dashboards/dashboardproviders.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: 1
2 | providers:
3 | - name: default
4 | orgId: 1
5 | folder: ''
6 | type: file
7 | disableDeletion: true
8 | editable: false
9 | options:
10 | path: /etc/grafana/provisioning/dashboards/default
11 |
--------------------------------------------------------------------------------
/installer/helm/istio-init/Chart.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | name: istio-init
3 | version: 1.2.2
4 | appVersion: 1.2.2
5 | tillerVersion: ">=2.7.2-0"
6 | description: Helm chart to initialize Istio CRDs
7 | keywords:
8 | - istio
9 | - crd
10 | sources:
11 | - http://github.com/istio/istio
12 | engine: gotpl
13 | icon: https://istio.io/favicons/android-192x192.png
14 |
--------------------------------------------------------------------------------
/installer/helm/istio/charts/galley/Chart.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | name: galley
3 | version: 1.2.2
4 | appVersion: 1.2.2
5 | tillerVersion: ">=2.7.2"
6 | description: Helm chart for galley deployment
7 | keywords:
8 | - istio
9 | - galley
10 | sources:
11 | - http://github.com/istio/istio
12 | engine: gotpl
13 | icon: https://istio.io/favicons/android-192x192.png
14 |
--------------------------------------------------------------------------------
/installer/helm/istio/charts/mixer/Chart.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | name: mixer
3 | version: 1.2.2
4 | appVersion: 1.2.2
5 | tillerVersion: ">=2.7.2"
6 | description: Helm chart for mixer deployment
7 | keywords:
8 | - istio
9 | - mixer
10 | sources:
11 | - http://github.com/istio/istio
12 | engine: gotpl
13 | icon: https://istio.io/favicons/android-192x192.png
14 |
--------------------------------------------------------------------------------
/installer/helm/istio/charts/pilot/Chart.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | name: pilot
3 | version: 1.2.2
4 | appVersion: 1.2.2
5 | tillerVersion: ">=2.7.2"
6 | description: Helm chart for pilot deployment
7 | keywords:
8 | - istio
9 | - pilot
10 | sources:
11 | - http://github.com/istio/istio
12 | engine: gotpl
13 | icon: https://istio.io/favicons/android-192x192.png
14 |
--------------------------------------------------------------------------------
/installer/helm/istio-init/templates/configmap-crd-certmanager-10.yaml:
--------------------------------------------------------------------------------
1 | {{- if .Values.certmanager.enabled }}
2 | apiVersion: v1
3 | kind: ConfigMap
4 | metadata:
5 | namespace: {{ .Release.Namespace }}
6 | name: istio-crd-certmanager-10
7 | data:
8 | crd-certmanager-10.yaml: |-
9 | {{.Files.Get "files/crd-certmanager-10.yaml" | printf "%s" | indent 4}}
10 | {{- end }}
11 |
--------------------------------------------------------------------------------
/installer/helm/istio-init/templates/configmap-crd-certmanager-11.yaml:
--------------------------------------------------------------------------------
1 | {{- if .Values.certmanager.enabled }}
2 | apiVersion: v1
3 | kind: ConfigMap
4 | metadata:
5 | namespace: {{ .Release.Namespace }}
6 | name: istio-crd-certmanager-11
7 | data:
8 | crd-certmanager-11.yaml: |-
9 | {{.Files.Get "files/crd-certmanager-11.yaml" | printf "%s" | indent 4}}
10 | {{- end }}
11 |
--------------------------------------------------------------------------------
/installer/helm/istio/charts/security/Chart.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | name: security
3 | version: 1.2.2
4 | appVersion: 1.2.2
5 | tillerVersion: ">=2.7.2"
6 | description: Helm chart for istio authentication
7 | keywords:
8 | - istio
9 | - security
10 | sources:
11 | - http://github.com/istio/istio
12 | engine: gotpl
13 | icon: https://istio.io/favicons/android-192x192.png
14 |
--------------------------------------------------------------------------------
/installer/helm/istio/charts/nodeagent/Chart.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | name: nodeagent
3 | version: 1.2.2
4 | appVersion: 1.2.2
5 | tillerVersion: ">=2.7.2"
6 | description: Helm chart for nodeagent deployment
7 | keywords:
8 | - istio
9 | - nodeagent
10 | sources:
11 | - http://github.com/istio/istio
12 | engine: gotpl
13 | icon: https://istio.io/favicons/android-192x192.png
14 |
--------------------------------------------------------------------------------
/installer/k8s-artefacts/system/istio-gateway.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: networking.istio.io/v1alpha3
2 | kind: Gateway
3 | metadata:
4 | name: ingress-gateway
5 | spec:
6 | selector:
7 | istio: ingressgateway # use Istio default gateway implementation
8 | servers:
9 | - port:
10 | number: 80
11 | name: http2
12 | protocol: HTTP2
13 | hosts:
14 | - "*"
15 |
--------------------------------------------------------------------------------
/installer/helm/istio-init/templates/clusterrole.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: rbac.authorization.k8s.io/v1
2 | kind: ClusterRole
3 | metadata:
4 | name: istio-init-{{ .Release.Namespace }}
5 | labels:
6 | app: istio-init
7 | istio: init
8 | rules:
9 | - apiGroups: ["apiextensions.k8s.io"]
10 | resources: ["customresourcedefinitions"]
11 | verbs: ["create", "get", "list", "watch", "patch"]
12 |
--------------------------------------------------------------------------------
/installer/k8s-artefacts/controller/03-cluster-role-binding.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: rbac.authorization.k8s.io/v1beta1
2 | kind: ClusterRoleBinding
3 | metadata:
4 | name: cellery-system-controller-role-binding
5 | roleRef:
6 | apiGroup: rbac.authorization.k8s.io
7 | kind: ClusterRole
8 | name: controller
9 | subjects:
10 | - kind: ServiceAccount
11 | name: controller
12 | namespace: cellery-system
13 |
--------------------------------------------------------------------------------
/installer/helm/cellery-runtime/charts/mysql/templates/configurationFiles-configmap.yaml:
--------------------------------------------------------------------------------
1 | {{- if .Values.configurationFiles }}
2 | apiVersion: v1
3 | kind: ConfigMap
4 | metadata:
5 | name: {{ template "mysql.fullname" . }}-configuration
6 | namespace: cellery-system
7 | data:
8 | {{- range $key, $val := .Values.configurationFiles }}
9 | {{ $key }}: |-
10 | {{ $val | indent 4}}
11 | {{- end }}
12 | {{- end -}}
--------------------------------------------------------------------------------
/installer/k8s-artefacts/metrics-server/auth-delegator.yaml:
--------------------------------------------------------------------------------
1 | ---
2 | apiVersion: rbac.authorization.k8s.io/v1beta1
3 | kind: ClusterRoleBinding
4 | metadata:
5 | name: metrics-server:system:auth-delegator
6 | roleRef:
7 | apiGroup: rbac.authorization.k8s.io
8 | kind: ClusterRole
9 | name: system:auth-delegator
10 | subjects:
11 | - kind: ServiceAccount
12 | name: metrics-server
13 | namespace: kube-system
14 |
--------------------------------------------------------------------------------
/installer/k8s-artefacts/metrics-server/metrics-apiservice.yaml:
--------------------------------------------------------------------------------
1 | ---
2 | apiVersion: apiregistration.k8s.io/v1beta1
3 | kind: APIService
4 | metadata:
5 | name: v1beta1.metrics.k8s.io
6 | spec:
7 | service:
8 | name: metrics-server
9 | namespace: kube-system
10 | group: metrics.k8s.io
11 | version: v1beta1
12 | insecureSkipTLSVerify: true
13 | groupPriorityMinimum: 100
14 | versionPriority: 100
15 |
--------------------------------------------------------------------------------
/installer/k8s-artefacts/metrics-server/metrics-server-service.yaml:
--------------------------------------------------------------------------------
1 | ---
2 | apiVersion: v1
3 | kind: Service
4 | metadata:
5 | name: metrics-server
6 | namespace: kube-system
7 | labels:
8 | kubernetes.io/name: "Metrics-server"
9 | kubernetes.io/cluster-service: "true"
10 | spec:
11 | selector:
12 | k8s-app: metrics-server
13 | ports:
14 | - port: 443
15 | protocol: TCP
16 | targetPort: 443
17 |
--------------------------------------------------------------------------------
/installer/helm/cellery-runtime/charts/controller/templates/03-cluster-role-binding.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: rbac.authorization.k8s.io/v1beta1
2 | kind: ClusterRoleBinding
3 | metadata:
4 | name: cellery-system-controller-role-binding
5 | roleRef:
6 | apiGroup: rbac.authorization.k8s.io
7 | kind: ClusterRole
8 | name: controller
9 | subjects:
10 | - kind: ServiceAccount
11 | name: controller
12 | namespace: cellery-system
13 |
--------------------------------------------------------------------------------
/installer/helm/istio/charts/gateways/Chart.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | name: gateways
3 | version: 1.2.2
4 | appVersion: 1.2.2
5 | tillerVersion: ">=2.7.2"
6 | description: Helm chart for deploying Istio gateways
7 | keywords:
8 | - istio
9 | - ingressgateway
10 | - egressgateway
11 | - gateways
12 | sources:
13 | - http://github.com/istio/istio
14 | engine: gotpl
15 | icon: https://istio.io/favicons/android-192x192.png
16 |
--------------------------------------------------------------------------------
/installer/helm/istio/templates/clusterrole.yaml:
--------------------------------------------------------------------------------
1 | kind: ClusterRole
2 | apiVersion: rbac.authorization.k8s.io/v1
3 | metadata:
4 | name: istio-reader
5 | rules:
6 | - apiGroups: ['']
7 | resources: ['nodes', 'pods', 'services', 'endpoints', "replicationcontrollers"]
8 | verbs: ['get', 'watch', 'list']
9 | - apiGroups: ["extensions", "apps"]
10 | resources: ["replicasets"]
11 | verbs: ["get", "list", "watch"]
12 |
--------------------------------------------------------------------------------
/installer/helm/istio/Chart.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | name: istio
3 | version: 1.2.2
4 | appVersion: 1.2.2
5 | tillerVersion: ">=2.7.2-0"
6 | description: Helm chart for all istio components
7 | keywords:
8 | - istio
9 | - security
10 | - sidecarInjectorWebhook
11 | - mixer
12 | - pilot
13 | - galley
14 | sources:
15 | - http://github.com/istio/istio
16 | engine: gotpl
17 | icon: https://istio.io/favicons/android-192x192.png
18 |
--------------------------------------------------------------------------------
/installer/helm/istio/charts/sidecarInjectorWebhook/Chart.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | name: sidecarInjectorWebhook
3 | version: 1.2.2
4 | appVersion: 1.2.2
5 | tillerVersion: ">=2.7.2"
6 | description: Helm chart for sidecar injector webhook deployment
7 | keywords:
8 | - istio
9 | - sidecarInjectorWebhook
10 | sources:
11 | - http://github.com/istio/istio
12 | engine: gotpl
13 | icon: https://istio.io/favicons/android-192x192.png
14 |
--------------------------------------------------------------------------------
/installer/k8s-artefacts/controller/08-crd-autoscale-policy.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: apiextensions.k8s.io/v1beta1
2 | kind: CustomResourceDefinition
3 | metadata:
4 | name: autoscalepolicies.mesh.cellery.io
5 | spec:
6 | group: mesh.cellery.io
7 | version: v1alpha1
8 | scope: Namespaced
9 | names:
10 | kind: AutoscalePolicy
11 | plural: autoscalepolicies
12 | singular: autoscalepolicy
13 | shortNames:
14 | - ap
15 |
--------------------------------------------------------------------------------
/installer/k8s-artefacts/metrics-server/auth-reader.yaml:
--------------------------------------------------------------------------------
1 | ---
2 | apiVersion: rbac.authorization.k8s.io/v1beta1
3 | kind: RoleBinding
4 | metadata:
5 | name: metrics-server-auth-reader
6 | namespace: kube-system
7 | roleRef:
8 | apiGroup: rbac.authorization.k8s.io
9 | kind: Role
10 | name: extension-apiserver-authentication-reader
11 | subjects:
12 | - kind: ServiceAccount
13 | name: metrics-server
14 | namespace: kube-system
15 |
--------------------------------------------------------------------------------
/installer/helm/istio/templates/clusterrolebinding.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: rbac.authorization.k8s.io/v1
2 | kind: ClusterRoleBinding
3 | metadata:
4 | name: istio-multi
5 | labels:
6 | chart: {{ .Chart.Name }}-{{ .Chart.Version }}
7 | roleRef:
8 | apiGroup: rbac.authorization.k8s.io
9 | kind: ClusterRole
10 | name: istio-reader
11 | subjects:
12 | - kind: ServiceAccount
13 | name: istio-multi
14 | namespace: {{ .Release.Namespace }}
15 |
--------------------------------------------------------------------------------
/installer/helm/cellery-runtime/charts/controller/templates/08-crd-autoscale-policy.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: apiextensions.k8s.io/v1beta1
2 | kind: CustomResourceDefinition
3 | metadata:
4 | name: autoscalepolicies.mesh.cellery.io
5 | spec:
6 | group: mesh.cellery.io
7 | version: v1alpha1
8 | scope: Namespaced
9 | names:
10 | kind: AutoscalePolicy
11 | plural: autoscalepolicies
12 | singular: autoscalepolicy
13 | shortNames:
14 | - ap
15 |
--------------------------------------------------------------------------------
/installer/helm/ingress-controller/charts/nginx-ingress/templates/serviceaccount.yaml:
--------------------------------------------------------------------------------
1 | {{- if or .Values.serviceAccount.create -}}
2 | apiVersion: v1
3 | kind: ServiceAccount
4 | metadata:
5 | labels:
6 | app: {{ template "nginx-ingress.name" . }}
7 | chart: {{ .Chart.Name }}-{{ .Chart.Version }}
8 | heritage: {{ .Release.Service }}
9 | release: {{ .Release.Name }}
10 | name: {{ template "nginx-ingress.serviceAccountName" . }}
11 | {{- end -}}
12 |
--------------------------------------------------------------------------------
/installer/helm/istio/charts/nodeagent/templates/clusterrole.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: rbac.authorization.k8s.io/v1
2 | kind: ClusterRole
3 | metadata:
4 | name: istio-nodeagent-{{ .Release.Namespace }}
5 | labels:
6 | app: {{ template "nodeagent.name" . }}
7 | chart: {{ template "nodeagent.chart" . }}
8 | heritage: {{ .Release.Service }}
9 | release: {{ .Release.Name }}
10 | rules:
11 | - apiGroups: [""]
12 | resources: ["configmaps"]
13 | verbs: ["get"]
--------------------------------------------------------------------------------
/installer/helm/knative/.helmignore:
--------------------------------------------------------------------------------
1 | # Patterns to ignore when building packages.
2 | # This supports shell glob matching, relative path matching, and
3 | # negation (prefixed with !). Only one pattern per line.
4 | .DS_Store
5 | # Common VCS dirs
6 | .git/
7 | .gitignore
8 | .bzr/
9 | .bzrignore
10 | .hg/
11 | .hgignore
12 | .svn/
13 | # Common backup files
14 | *.swp
15 | *.bak
16 | *.tmp
17 | *~
18 | # Various IDEs
19 | .project
20 | .idea/
21 | *.tmproj
22 | .vscode/
23 |
--------------------------------------------------------------------------------
/installer/helm/istio/charts/kiali/templates/service.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: Service
3 | metadata:
4 | name: kiali
5 | namespace: {{ .Release.Namespace }}
6 | labels:
7 | app: {{ template "kiali.name" . }}
8 | chart: {{ template "kiali.chart" . }}
9 | heritage: {{ .Release.Service }}
10 | release: {{ .Release.Name }}
11 | spec:
12 | ports:
13 | - name: http-kiali
14 | protocol: TCP
15 | port: 20001
16 | selector:
17 | app: kiali
18 |
--------------------------------------------------------------------------------
/installer/helm/knative-crd/.helmignore:
--------------------------------------------------------------------------------
1 | # Patterns to ignore when building packages.
2 | # This supports shell glob matching, relative path matching, and
3 | # negation (prefixed with !). Only one pattern per line.
4 | .DS_Store
5 | # Common VCS dirs
6 | .git/
7 | .gitignore
8 | .bzr/
9 | .bzrignore
10 | .hg/
11 | .hgignore
12 | .svn/
13 | # Common backup files
14 | *.swp
15 | *.bak
16 | *.tmp
17 | *~
18 | # Various IDEs
19 | .project
20 | .idea/
21 | *.tmproj
22 | .vscode/
23 |
--------------------------------------------------------------------------------
/installer/helm/cellery-runtime/.helmignore:
--------------------------------------------------------------------------------
1 | # Patterns to ignore when building packages.
2 | # This supports shell glob matching, relative path matching, and
3 | # negation (prefixed with !). Only one pattern per line.
4 | .DS_Store
5 | # Common VCS dirs
6 | .git/
7 | .gitignore
8 | .bzr/
9 | .bzrignore
10 | .hg/
11 | .hgignore
12 | .svn/
13 | # Common backup files
14 | *.swp
15 | *.bak
16 | *.tmp
17 | *~
18 | # Various IDEs
19 | .project
20 | .idea/
21 | *.tmproj
22 | .vscode/
23 |
--------------------------------------------------------------------------------
/installer/helm/ingress-controller/.helmignore:
--------------------------------------------------------------------------------
1 | # Patterns to ignore when building packages.
2 | # This supports shell glob matching, relative path matching, and
3 | # negation (prefixed with !). Only one pattern per line.
4 | .DS_Store
5 | # Common VCS dirs
6 | .git/
7 | .gitignore
8 | .bzr/
9 | .bzrignore
10 | .hg/
11 | .hgignore
12 | .svn/
13 | # Common backup files
14 | *.swp
15 | *.bak
16 | *.tmp
17 | *~
18 | # Various IDEs
19 | .project
20 | .idea/
21 | *.tmproj
22 | .vscode/
23 |
--------------------------------------------------------------------------------
/installer/helm/istio/charts/istiocoredns/templates/clusterrole.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: rbac.authorization.k8s.io/v1
2 | kind: ClusterRole
3 | metadata:
4 | name: istiocoredns
5 | labels:
6 | app: {{ template "istiocoredns.name" . }}
7 | chart: {{ template "istiocoredns.chart" . }}
8 | heritage: {{ .Release.Service }}
9 | release: {{ .Release.Name }}
10 | rules:
11 | - apiGroups: ["networking.istio.io"]
12 | resources: ["*"]
13 | verbs: ["get", "watch", "list"]
14 |
--------------------------------------------------------------------------------
/installer/helm/metrics-server/.helmignore:
--------------------------------------------------------------------------------
1 | # Patterns to ignore when building packages.
2 | # This supports shell glob matching, relative path matching, and
3 | # negation (prefixed with !). Only one pattern per line.
4 | .DS_Store
5 | # Common VCS dirs
6 | .git/
7 | .gitignore
8 | .bzr/
9 | .bzrignore
10 | .hg/
11 | .hgignore
12 | .svn/
13 | # Common backup files
14 | *.swp
15 | *.bak
16 | *.tmp
17 | *~
18 | # Various IDEs
19 | .project
20 | .idea/
21 | *.tmproj
22 | .vscode/
23 |
--------------------------------------------------------------------------------
/installer/helm/cellery-istio-agents/.helmignore:
--------------------------------------------------------------------------------
1 | # Patterns to ignore when building packages.
2 | # This supports shell glob matching, relative path matching, and
3 | # negation (prefixed with !). Only one pattern per line.
4 | .DS_Store
5 | # Common VCS dirs
6 | .git/
7 | .gitignore
8 | .bzr/
9 | .bzrignore
10 | .hg/
11 | .hgignore
12 | .svn/
13 | # Common backup files
14 | *.swp
15 | *.bak
16 | *.tmp
17 | *~
18 | # Various IDEs
19 | .project
20 | .idea/
21 | *.tmproj
22 | .vscode/
23 |
--------------------------------------------------------------------------------
/installer/k8s-artefacts/controller/09-crd-token-service.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: apiextensions.k8s.io/v1beta1
2 | kind: CustomResourceDefinition
3 | metadata:
4 | name: tokenservices.mesh.cellery.io
5 | spec:
6 | group: mesh.cellery.io
7 | version: v1alpha2
8 | scope: Namespaced
9 | names:
10 | kind: TokenService
11 | plural: tokenservices
12 | singular: tokenservice
13 | shortNames:
14 | - ctokenservice
15 | - cts
16 | subresources:
17 | status: {}
18 |
--------------------------------------------------------------------------------
/installer/packer/cellery-full-runtime-imgs/resources/rbac-config.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: ServiceAccount
3 | metadata:
4 | name: tiller
5 | namespace: kube-system
6 | ---
7 | apiVersion: rbac.authorization.k8s.io/v1
8 | kind: ClusterRoleBinding
9 | metadata:
10 | name: tiller
11 | roleRef:
12 | apiGroup: rbac.authorization.k8s.io
13 | kind: ClusterRole
14 | name: cluster-admin
15 | subjects:
16 | - kind: ServiceAccount
17 | name: tiller
18 | namespace: kube-system
--------------------------------------------------------------------------------
/installer/packer/cellery-min-runtime-imgs/resources/rbac-config.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: ServiceAccount
3 | metadata:
4 | name: tiller
5 | namespace: kube-system
6 | ---
7 | apiVersion: rbac.authorization.k8s.io/v1
8 | kind: ClusterRoleBinding
9 | metadata:
10 | name: tiller
11 | roleRef:
12 | apiGroup: rbac.authorization.k8s.io
13 | kind: ClusterRole
14 | name: cluster-admin
15 | subjects:
16 | - kind: ServiceAccount
17 | name: tiller
18 | namespace: kube-system
--------------------------------------------------------------------------------
/installer/helm/cellery-runtime/charts/apim/.helmignore:
--------------------------------------------------------------------------------
1 | # Patterns to ignore when building packages.
2 | # This supports shell glob matching, relative path matching, and
3 | # negation (prefixed with !). Only one pattern per line.
4 | .DS_Store
5 | # Common VCS dirs
6 | .git/
7 | .gitignore
8 | .bzr/
9 | .bzrignore
10 | .hg/
11 | .hgignore
12 | .svn/
13 | # Common backup files
14 | *.swp
15 | *.bak
16 | *.tmp
17 | *~
18 | # Various IDEs
19 | .project
20 | .idea/
21 | *.tmproj
22 | .vscode/
23 |
--------------------------------------------------------------------------------
/installer/helm/cellery-runtime/charts/sp/.helmignore:
--------------------------------------------------------------------------------
1 | # Patterns to ignore when building packages.
2 | # This supports shell glob matching, relative path matching, and
3 | # negation (prefixed with !). Only one pattern per line.
4 | .DS_Store
5 | # Common VCS dirs
6 | .git/
7 | .gitignore
8 | .bzr/
9 | .bzrignore
10 | .hg/
11 | .hgignore
12 | .svn/
13 | # Common backup files
14 | *.swp
15 | *.bak
16 | *.tmp
17 | *~
18 | # Various IDEs
19 | .project
20 | .idea/
21 | *.tmproj
22 | .vscode/
23 |
--------------------------------------------------------------------------------
/installer/helm/ingress-controller/charts/nginx-ingress/.helmignore:
--------------------------------------------------------------------------------
1 | # Patterns to ignore when building packages.
2 | # This supports shell glob matching, relative path matching, and
3 | # negation (prefixed with !). Only one pattern per line.
4 | .DS_Store
5 | # Common VCS dirs
6 | .git/
7 | .gitignore
8 | .bzr/
9 | .bzrignore
10 | .hg/
11 | .hgignore
12 | .svn/
13 | # Common backup files
14 | *.swp
15 | *.bak
16 | *.tmp
17 | *~
18 | # Various IDEs
19 | .project
20 | .idea/
21 | *.tmproj
22 |
--------------------------------------------------------------------------------
/installer/helm/cellery-runtime/charts/controller/.helmignore:
--------------------------------------------------------------------------------
1 | # Patterns to ignore when building packages.
2 | # This supports shell glob matching, relative path matching, and
3 | # negation (prefixed with !). Only one pattern per line.
4 | .DS_Store
5 | # Common VCS dirs
6 | .git/
7 | .gitignore
8 | .bzr/
9 | .bzrignore
10 | .hg/
11 | .hgignore
12 | .svn/
13 | # Common backup files
14 | *.swp
15 | *.bak
16 | *.tmp
17 | *~
18 | # Various IDEs
19 | .project
20 | .idea/
21 | *.tmproj
22 | .vscode/
23 |
--------------------------------------------------------------------------------
/installer/helm/cellery-runtime/charts/grafana/.helmignore:
--------------------------------------------------------------------------------
1 | # Patterns to ignore when building packages.
2 | # This supports shell glob matching, relative path matching, and
3 | # negation (prefixed with !). Only one pattern per line.
4 | .DS_Store
5 | # Common VCS dirs
6 | .git/
7 | .gitignore
8 | .bzr/
9 | .bzrignore
10 | .hg/
11 | .hgignore
12 | .svn/
13 | # Common backup files
14 | *.swp
15 | *.bak
16 | *.tmp
17 | *~
18 | # Various IDEs
19 | .project
20 | .idea/
21 | *.tmproj
22 | .vscode/
23 |
--------------------------------------------------------------------------------
/installer/helm/cellery-runtime/charts/portal/.helmignore:
--------------------------------------------------------------------------------
1 | # Patterns to ignore when building packages.
2 | # This supports shell glob matching, relative path matching, and
3 | # negation (prefixed with !). Only one pattern per line.
4 | .DS_Store
5 | # Common VCS dirs
6 | .git/
7 | .gitignore
8 | .bzr/
9 | .bzrignore
10 | .hg/
11 | .hgignore
12 | .svn/
13 | # Common backup files
14 | *.swp
15 | *.bak
16 | *.tmp
17 | *~
18 | # Various IDEs
19 | .project
20 | .idea/
21 | *.tmproj
22 | .vscode/
23 |
--------------------------------------------------------------------------------
/installer/helm/cellery-runtime/charts/prometheus/.helmignore:
--------------------------------------------------------------------------------
1 | # Patterns to ignore when building packages.
2 | # This supports shell glob matching, relative path matching, and
3 | # negation (prefixed with !). Only one pattern per line.
4 | .DS_Store
5 | # Common VCS dirs
6 | .git/
7 | .gitignore
8 | .bzr/
9 | .bzrignore
10 | .hg/
11 | .hgignore
12 | .svn/
13 | # Common backup files
14 | *.swp
15 | *.bak
16 | *.tmp
17 | *~
18 | # Various IDEs
19 | .project
20 | .idea/
21 | *.tmproj
22 | .vscode/
23 |
--------------------------------------------------------------------------------
/installer/k8s-artefacts/metrics-server/aggregated-metrics-reader.yaml:
--------------------------------------------------------------------------------
1 | kind: ClusterRole
2 | apiVersion: rbac.authorization.k8s.io/v1
3 | metadata:
4 | name: system:aggregated-metrics-reader
5 | labels:
6 | rbac.authorization.k8s.io/aggregate-to-view: "true"
7 | rbac.authorization.k8s.io/aggregate-to-edit: "true"
8 | rbac.authorization.k8s.io/aggregate-to-admin: "true"
9 | rules:
10 | - apiGroups: ["metrics.k8s.io"]
11 | resources: ["pods"]
12 | verbs: ["get", "list", "watch"]
13 |
--------------------------------------------------------------------------------
/installer/helm/cellery-runtime/charts/controller/templates/09-crd-token-service.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: apiextensions.k8s.io/v1beta1
2 | kind: CustomResourceDefinition
3 | metadata:
4 | name: tokenservices.mesh.cellery.io
5 | spec:
6 | group: mesh.cellery.io
7 | version: v1alpha2
8 | scope: Namespaced
9 | names:
10 | kind: TokenService
11 | plural: tokenservices
12 | singular: tokenservice
13 | shortNames:
14 | - ctokenservice
15 | - cts
16 | subresources:
17 | status: {}
18 |
--------------------------------------------------------------------------------
/installer/helm/cellery-runtime/charts/observability-agent/.helmignore:
--------------------------------------------------------------------------------
1 | # Patterns to ignore when building packages.
2 | # This supports shell glob matching, relative path matching, and
3 | # negation (prefixed with !). Only one pattern per line.
4 | .DS_Store
5 | # Common VCS dirs
6 | .git/
7 | .gitignore
8 | .bzr/
9 | .bzrignore
10 | .hg/
11 | .hgignore
12 | .svn/
13 | # Common backup files
14 | *.swp
15 | *.bak
16 | *.tmp
17 | *~
18 | # Various IDEs
19 | .project
20 | .idea/
21 | *.tmproj
22 | .vscode/
23 |
--------------------------------------------------------------------------------
/installer/helm/cellery-istio-agents/charts/telemetry-agents/.helmignore:
--------------------------------------------------------------------------------
1 | # Patterns to ignore when building packages.
2 | # This supports shell glob matching, relative path matching, and
3 | # negation (prefixed with !). Only one pattern per line.
4 | .DS_Store
5 | # Common VCS dirs
6 | .git/
7 | .gitignore
8 | .bzr/
9 | .bzrignore
10 | .hg/
11 | .hgignore
12 | .svn/
13 | # Common backup files
14 | *.swp
15 | *.bak
16 | *.tmp
17 | *~
18 | # Various IDEs
19 | .project
20 | .idea/
21 | *.tmproj
22 | .vscode/
23 |
--------------------------------------------------------------------------------
/installer/helm/cellery-runtime/charts/mysql/templates/initializationFiles-configmap.yaml:
--------------------------------------------------------------------------------
1 | {{- if .Values.initializationFilesFromFs -}}
2 | apiVersion: v1
3 | kind: ConfigMap
4 | metadata:
5 | name: {{ template "mysql.fullname" . }}-initialization
6 | namespace: cellery-system
7 | data:
8 | 0-init.sql: {{ tpl (.Files.Get "confs/0-init.sql") . | quote }}
9 | 1-init.sql: {{ tpl (.Files.Get "confs/1-init.sql") . | quote }}
10 | 2-init.sql: {{ tpl (.Files.Get "confs/2-init.sql") . | quote }}
11 | {{- end -}}
12 |
--------------------------------------------------------------------------------
/installer/helm/istio-init/templates/clusterrolebinding.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: rbac.authorization.k8s.io/v1
2 | kind: ClusterRoleBinding
3 | metadata:
4 | name: istio-init-admin-role-binding-{{ .Release.Namespace }}
5 | labels:
6 | app: istio-init
7 | istio: init
8 | roleRef:
9 | apiGroup: rbac.authorization.k8s.io
10 | kind: ClusterRole
11 | name: istio-init-{{ .Release.Namespace }}
12 | subjects:
13 | - kind: ServiceAccount
14 | name: istio-init-service-account
15 | namespace: {{ .Release.Namespace }}
16 |
--------------------------------------------------------------------------------
/installer/helm/istio/charts/galley/templates/configmap.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: ConfigMap
3 | metadata:
4 | name: istio-galley-configuration
5 | namespace: {{ .Release.Namespace }}
6 | labels:
7 | app: {{ template "galley.name" . }}
8 | chart: {{ template "galley.chart" . }}
9 | heritage: {{ .Release.Service }}
10 | release: {{ .Release.Name }}
11 | istio: galley
12 | data:
13 | validatingwebhookconfiguration.yaml: |-
14 | {{- include "validatingwebhookconfiguration.yaml.tpl" . | indent 4}}
--------------------------------------------------------------------------------
/installer/helm/istio/charts/sidecarInjectorWebhook/templates/service.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: Service
3 | metadata:
4 | name: istio-sidecar-injector
5 | namespace: {{ .Release.Namespace }}
6 | labels:
7 | app: {{ template "sidecar-injector.name" . }}
8 | chart: {{ template "sidecar-injector.chart" . }}
9 | heritage: {{ .Release.Service }}
10 | release: {{ .Release.Name }}
11 | istio: sidecar-injector
12 | spec:
13 | ports:
14 | - port: 443
15 | selector:
16 | istio: sidecar-injector
17 |
--------------------------------------------------------------------------------
/installer/helm/istio/charts/certmanager/templates/serviceaccount.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: ServiceAccount
3 | {{- if .Values.global.imagePullSecrets }}
4 | imagePullSecrets:
5 | {{- range .Values.global.imagePullSecrets }}
6 | - name: {{ . }}
7 | {{- end }}
8 | {{- end }}
9 | metadata:
10 | name: certmanager
11 | namespace: {{ .Release.Namespace }}
12 | labels:
13 | app: certmanager
14 | chart: {{ template "certmanager.chart" . }}
15 | heritage: {{ .Release.Service }}
16 | release: {{ .Release.Name }}
17 |
--------------------------------------------------------------------------------
/installer/helm/istio/charts/gateways/templates/role.yaml:
--------------------------------------------------------------------------------
1 | {{- range $key, $spec := .Values }}
2 | {{- if ne $key "enabled" }}
3 | {{- if $spec.enabled }}
4 | {{- if ($spec.sds) and (eq $spec.sds.enabled true) }}
5 | apiVersion: rbac.authorization.k8s.io/v1
6 | kind: Role
7 | metadata:
8 | name: {{ $key }}-sds
9 | namespace: {{ $.Release.Namespace }}
10 | rules:
11 | - apiGroups: [""]
12 | resources: ["secrets"]
13 | verbs: ["get", "watch", "list"]
14 | ---
15 | {{- end }}
16 | {{- end }}
17 | {{- end }}
18 | {{- end }}
19 |
--------------------------------------------------------------------------------
/installer/helm/istio/charts/kiali/templates/demosecret.yaml:
--------------------------------------------------------------------------------
1 | {{- if .Values.createDemoSecret }}
2 | apiVersion: v1
3 | kind: Secret
4 | metadata:
5 | name: {{ .Values.dashboard.secretName }}
6 | namespace: {{ .Release.Namespace }}
7 | labels:
8 | app: {{ template "kiali.name" . }}
9 | chart: {{ template "kiali.chart" . }}
10 | heritage: {{ .Release.Service }}
11 | release: {{ .Release.Name }}
12 | type: Opaque
13 | data:
14 | username: YWRtaW4= # admin
15 | passphrase: YWRtaW4= # admin
16 | {{- end }}
17 |
--------------------------------------------------------------------------------
/installer/helm/istio/charts/prometheus/templates/serviceaccount.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: ServiceAccount
3 | {{- if .Values.global.imagePullSecrets }}
4 | imagePullSecrets:
5 | {{- range .Values.global.imagePullSecrets }}
6 | - name: {{ . }}
7 | {{- end }}
8 | {{- end }}
9 | metadata:
10 | name: prometheus
11 | namespace: {{ .Release.Namespace }}
12 | labels:
13 | app: prometheus
14 | chart: {{ template "prometheus.chart" . }}
15 | heritage: {{ .Release.Service }}
16 | release: {{ .Release.Name }}
17 |
--------------------------------------------------------------------------------
/installer/helm/ingress-controller/charts/nginx-ingress/templates/tcp-configmap.yaml:
--------------------------------------------------------------------------------
1 | {{- if .Values.tcp }}
2 | apiVersion: v1
3 | kind: ConfigMap
4 | metadata:
5 | labels:
6 | app: {{ template "nginx-ingress.name" . }}
7 | chart: {{ .Chart.Name }}-{{ .Chart.Version }}
8 | component: "{{ .Values.controller.name }}"
9 | heritage: {{ .Release.Service }}
10 | release: {{ .Release.Name }}
11 | name: {{ template "nginx-ingress.fullname" . }}-tcp
12 | data:
13 | {{ tpl (toYaml .Values.tcp) . | indent 2 }}
14 | {{- end }}
15 |
--------------------------------------------------------------------------------
/installer/helm/ingress-controller/charts/nginx-ingress/templates/udp-configmap.yaml:
--------------------------------------------------------------------------------
1 | {{- if .Values.udp }}
2 | apiVersion: v1
3 | kind: ConfigMap
4 | metadata:
5 | labels:
6 | app: {{ template "nginx-ingress.name" . }}
7 | chart: {{ .Chart.Name }}-{{ .Chart.Version }}
8 | component: "{{ .Values.controller.name }}"
9 | heritage: {{ .Release.Service }}
10 | release: {{ .Release.Name }}
11 | name: {{ template "nginx-ingress.fullname" . }}-udp
12 | data:
13 | {{ tpl (toYaml .Values.udp) . | indent 2 }}
14 | {{- end }}
15 |
--------------------------------------------------------------------------------
/installer/helm/istio/charts/kiali/templates/serviceaccount.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: ServiceAccount
3 | {{- if .Values.global.imagePullSecrets }}
4 | imagePullSecrets:
5 | {{- range .Values.global.imagePullSecrets }}
6 | - name: {{ . }}
7 | {{- end }}
8 | {{- end }}
9 | metadata:
10 | name: kiali-service-account
11 | namespace: {{ .Release.Namespace }}
12 | labels:
13 | app: {{ template "kiali.name" . }}
14 | chart: {{ template "kiali.chart" . }}
15 | heritage: {{ .Release.Service }}
16 | release: {{ .Release.Name }}
17 |
--------------------------------------------------------------------------------
/installer/helm/istio/charts/pilot/templates/serviceaccount.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: ServiceAccount
3 | {{- if .Values.global.imagePullSecrets }}
4 | imagePullSecrets:
5 | {{- range .Values.global.imagePullSecrets }}
6 | - name: {{ . }}
7 | {{- end }}
8 | {{- end }}
9 | metadata:
10 | name: istio-pilot-service-account
11 | namespace: {{ .Release.Namespace }}
12 | labels:
13 | app: {{ template "pilot.name" . }}
14 | chart: {{ template "pilot.chart" . }}
15 | heritage: {{ .Release.Service }}
16 | release: {{ .Release.Name }}
17 |
--------------------------------------------------------------------------------
/.gitignore:
--------------------------------------------------------------------------------
1 | # Compiled class file
2 | *.class
3 |
4 | # Log file
5 | *.log
6 |
7 | # BlueJ files
8 | *.ctxt
9 |
10 | # Mobile Tools for Java (J2ME)
11 | .mtj.tmp/
12 |
13 | # Package Files #
14 | *.jar
15 | *.war
16 | *.nar
17 | *.ear
18 | *.zip
19 | *.tar.gz
20 | *.rar
21 |
22 | # virtual machine crash logs, see http://www.java.com/en/download/help/error_hotspot.xml
23 | hs_err_pid*
24 |
25 | # Idea files
26 | .idea/
27 | *.iml
28 |
29 | # Maven
30 | **/target/*
31 |
32 | # NPM
33 | **/node_modules/*
34 | **/dist/*
35 | **/build/*
36 | **/coverage/*
37 |
--------------------------------------------------------------------------------
/installer/helm/istio/charts/galley/templates/serviceaccount.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: ServiceAccount
3 | {{- if .Values.global.imagePullSecrets }}
4 | imagePullSecrets:
5 | {{- range .Values.global.imagePullSecrets }}
6 | - name: {{ . }}
7 | {{- end }}
8 | {{- end }}
9 | metadata:
10 | name: istio-galley-service-account
11 | namespace: {{ .Release.Namespace }}
12 | labels:
13 | app: {{ template "galley.name" . }}
14 | chart: {{ template "galley.chart" . }}
15 | heritage: {{ .Release.Service }}
16 | release: {{ .Release.Name }}
17 |
--------------------------------------------------------------------------------
/installer/helm/istio/values-istio-sds-auth.yaml:
--------------------------------------------------------------------------------
1 | global:
2 | controlPlaneSecurityEnabled: false
3 |
4 | mtls:
5 | # Default setting for service-to-service mtls. Can be set explicitly using
6 | # destination rules or service annotations.
7 | enabled: true
8 |
9 | sds:
10 | enabled: true
11 | udsPath: "unix:/var/run/sds/uds_path"
12 | useNormalJwt: true
13 |
14 | nodeagent:
15 | enabled: true
16 | image: node-agent-k8s
17 | env:
18 | CA_PROVIDER: "Citadel"
19 | CA_ADDR: "istio-citadel:8060"
20 | VALID_TOKEN: true
--------------------------------------------------------------------------------
/installer/helm/istio/charts/istiocoredns/templates/service.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: Service
3 | metadata:
4 | name: istiocoredns
5 | namespace: {{ .Release.Namespace }}
6 | labels:
7 | app: {{ template "istiocoredns.name" . }}
8 | chart: {{ template "istiocoredns.chart" . }}
9 | heritage: {{ .Release.Service }}
10 | release: {{ .Release.Name }}
11 | spec:
12 | selector:
13 | app: istiocoredns
14 | ports:
15 | - name: dns
16 | port: 53
17 | protocol: UDP
18 | - name: dns-tcp
19 | port: 53
20 | protocol: TCP
21 |
--------------------------------------------------------------------------------
/installer/helm/istio/charts/nodeagent/templates/serviceaccount.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: ServiceAccount
3 | {{- if .Values.global.imagePullSecrets }}
4 | imagePullSecrets:
5 | {{- range .Values.global.imagePullSecrets }}
6 | - name: {{ . }}
7 | {{- end }}
8 | {{- end }}
9 | metadata:
10 | name: istio-nodeagent-service-account
11 | namespace: {{ .Release.Namespace }}
12 | labels:
13 | app: {{ template "nodeagent.name" . }}
14 | chart: {{ template "nodeagent.chart" . }}
15 | heritage: {{ .Release.Service }}
16 | release: {{ .Release.Name }}
--------------------------------------------------------------------------------
/installer/helm/istio/charts/security/templates/serviceaccount.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: ServiceAccount
3 | {{- if .Values.global.imagePullSecrets }}
4 | imagePullSecrets:
5 | {{- range .Values.global.imagePullSecrets }}
6 | - name: {{ . }}
7 | {{- end }}
8 | {{- end }}
9 | metadata:
10 | name: istio-citadel-service-account
11 | namespace: {{ .Release.Namespace }}
12 | labels:
13 | app: {{ template "security.name" . }}
14 | chart: {{ template "security.chart" . }}
15 | heritage: {{ .Release.Service }}
16 | release: {{ .Release.Name }}
17 |
--------------------------------------------------------------------------------
/installer/k8s-artefacts/controller/12-controller.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: apps/v1
2 | kind: Deployment
3 | metadata:
4 | name: controller
5 | namespace: cellery-system
6 | spec:
7 | replicas: 1
8 | selector:
9 | matchLabels:
10 | app: controller
11 | template:
12 | metadata:
13 | annotations:
14 | sidecar.istio.io/inject: "false"
15 | labels:
16 | app: controller
17 | spec:
18 | containers:
19 | - name: controller
20 | image: wso2cellery/mesh-controller
21 | serviceAccountName: controller
22 |
--------------------------------------------------------------------------------
/installer/helm/ingress-controller/charts/nginx-ingress/templates/headers-configmap.yaml:
--------------------------------------------------------------------------------
1 | {{- if .Values.controller.headers }}
2 | apiVersion: v1
3 | kind: ConfigMap
4 | metadata:
5 | labels:
6 | app: {{ template "nginx-ingress.name" . }}
7 | chart: {{ .Chart.Name }}-{{ .Chart.Version }}
8 | component: "{{ .Values.controller.name }}"
9 | heritage: {{ .Release.Service }}
10 | release: {{ .Release.Name }}
11 | name: {{ template "nginx-ingress.fullname" . }}-custom-headers
12 | data:
13 | {{ toYaml .Values.controller.headers | indent 2 }}
14 | {{- end }}
15 |
--------------------------------------------------------------------------------
/installer/helm/istio/charts/istiocoredns/templates/serviceaccount.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: ServiceAccount
3 | {{- if .Values.global.imagePullSecrets }}
4 | imagePullSecrets:
5 | {{- range .Values.global.imagePullSecrets }}
6 | - name: {{ . }}
7 | {{- end }}
8 | {{- end }}
9 | metadata:
10 | name: istiocoredns-service-account
11 | namespace: {{ .Release.Namespace }}
12 | labels:
13 | app: {{ template "istiocoredns.name" . }}
14 | chart: {{ template "istiocoredns.chart" . }}
15 | heritage: {{ .Release.Service }}
16 | release: {{ .Release.Name }}
17 |
--------------------------------------------------------------------------------
/installer/helm/istio-init/files/crd-12.yaml:
--------------------------------------------------------------------------------
1 | kind: CustomResourceDefinition
2 | apiVersion: apiextensions.k8s.io/v1beta1
3 | metadata:
4 | name: authorizationpolicies.rbac.istio.io
5 | labels:
6 | app: istio-pilot
7 | istio: rbac
8 | heritage: Tiller
9 | release: istio
10 | spec:
11 | group: rbac.istio.io
12 | names:
13 | kind: AuthorizationPolicy
14 | plural: authorizationpolicies
15 | singular: authorizationpolicy
16 | categories:
17 | - istio-io
18 | - rbac-istio-io
19 | scope: Namespaced
20 | version: v1alpha1
21 | ---
22 |
--------------------------------------------------------------------------------
/installer/helm/cellery-runtime/charts/controller/templates/12-controller.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: apps/v1
2 | kind: Deployment
3 | metadata:
4 | name: controller
5 | namespace: cellery-system
6 | spec:
7 | replicas: 1
8 | selector:
9 | matchLabels:
10 | app: controller
11 | template:
12 | metadata:
13 | annotations:
14 | sidecar.istio.io/inject: "false"
15 | labels:
16 | app: controller
17 | spec:
18 | containers:
19 | - name: controller
20 | image: wso2cellery/mesh-controller
21 | serviceAccountName: controller
22 |
--------------------------------------------------------------------------------
/installer/helm/istio/charts/grafana/templates/grafana-ports-mtls.yaml:
--------------------------------------------------------------------------------
1 | {{ define "grafana-default.yaml.tpl" }}
2 | apiVersion: authentication.istio.io/v1alpha1
3 | kind: Policy
4 | metadata:
5 | name: grafana-ports-mtls-disabled
6 | namespace: {{ .Release.Namespace }}
7 | labels:
8 | app: {{ template "grafana.name" . }}
9 | chart: {{ template "grafana.chart" . }}
10 | heritage: {{ .Release.Service }}
11 | release: {{ .Release.Name }}
12 | spec:
13 | targets:
14 | - name: grafana
15 | ports:
16 | - number: {{ .Values.service.externalPort }}
17 | {{- end }}
18 |
--------------------------------------------------------------------------------
/installer/helm/istio/charts/grafana/templates/pvc.yaml:
--------------------------------------------------------------------------------
1 | {{- if .Values.persist }}
2 | kind: PersistentVolumeClaim
3 | apiVersion: v1
4 | metadata:
5 | name: istio-grafana-pvc
6 | namespace: {{ .Release.Namespace }}
7 | labels:
8 | app: {{ template "grafana.name" . }}
9 | chart: {{ template "grafana.chart" . }}
10 | heritage: {{ .Release.Service }}
11 | release: {{ .Release.Name }}
12 | spec:
13 | storageClassName: {{ .Values.storageClassName }}
14 | accessModes:
15 | - {{ .Values.accessMode }}
16 | resources:
17 | requests:
18 | storage: 5Gi
19 | {{- end }}
20 |
--------------------------------------------------------------------------------
/installer/helm/istio-init/files/crd-11.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: apiextensions.k8s.io/v1beta1
2 | kind: CustomResourceDefinition
3 | metadata:
4 | name: sidecars.networking.istio.io
5 | labels:
6 | app: istio-pilot
7 | chart: istio
8 | heritage: Tiller
9 | release: istio
10 | annotations:
11 | "helm.sh/resource-policy": keep
12 | spec:
13 | group: networking.istio.io
14 | names:
15 | kind: Sidecar
16 | plural: sidecars
17 | singular: sidecar
18 | categories:
19 | - istio-io
20 | - networking-istio-io
21 | scope: Namespaced
22 | version: v1alpha3
23 | ---
24 |
--------------------------------------------------------------------------------
/installer/helm/istio/charts/security/templates/enable-mesh-permissive.yaml:
--------------------------------------------------------------------------------
1 | {{- define "security-permissive.yaml.tpl" }}
2 | # Authentication policy to enable permissive mode for all services (that have sidecar) in the mesh.
3 | apiVersion: "authentication.istio.io/v1alpha1"
4 | kind: "MeshPolicy"
5 | metadata:
6 | name: "default"
7 | labels:
8 | app: {{ template "security.name" . }}
9 | chart: {{ template "security.chart" . }}
10 | heritage: {{ .Release.Service }}
11 | release: {{ .Release.Name }}
12 | spec:
13 | peers:
14 | - mtls:
15 | mode: PERMISSIVE
16 | {{- end }}
17 |
--------------------------------------------------------------------------------
/installer/helm/istio/charts/prometheus/templates/clusterrolebindings.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: rbac.authorization.k8s.io/v1
2 | kind: ClusterRoleBinding
3 | metadata:
4 | name: prometheus-{{ .Release.Namespace }}
5 | labels:
6 | app: prometheus
7 | chart: {{ template "prometheus.chart" . }}
8 | heritage: {{ .Release.Service }}
9 | release: {{ .Release.Name }}
10 | roleRef:
11 | apiGroup: rbac.authorization.k8s.io
12 | kind: ClusterRole
13 | name: prometheus-{{ .Release.Namespace }}
14 | subjects:
15 | - kind: ServiceAccount
16 | name: prometheus
17 | namespace: {{ .Release.Namespace }}
18 |
--------------------------------------------------------------------------------
/installer/helm/istio/charts/grafana/templates/configmap-custom-resources.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: ConfigMap
3 | metadata:
4 | name: istio-grafana-custom-resources
5 | namespace: {{ .Release.Namespace }}
6 | labels:
7 | app: {{ template "grafana.name" . }}
8 | chart: {{ template "grafana.chart" . }}
9 | heritage: {{ .Release.Service }}
10 | release: {{ .Release.Name }}
11 | istio: grafana
12 | data:
13 | custom-resources.yaml: |-
14 | {{- include "grafana-default.yaml.tpl" . | indent 4}}
15 | run.sh: |-
16 | {{- include "install-custom-resources.sh.tpl" . | indent 4}}
17 |
--------------------------------------------------------------------------------
/installer/helm/istio/charts/galley/templates/service.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: Service
3 | metadata:
4 | name: istio-galley
5 | namespace: {{ .Release.Namespace }}
6 | labels:
7 | app: {{ template "galley.name" . }}
8 | chart: {{ template "galley.chart" . }}
9 | heritage: {{ .Release.Service }}
10 | release: {{ .Release.Name }}
11 | istio: galley
12 | spec:
13 | ports:
14 | - port: 443
15 | name: https-validation
16 | - port: {{ .Values.global.monitoringPort }}
17 | name: http-monitoring
18 | - port: 9901
19 | name: grpc-mcp
20 | selector:
21 | istio: galley
22 |
--------------------------------------------------------------------------------
/installer/helm/cellery-runtime/charts/mysql/Chart.yaml:
--------------------------------------------------------------------------------
1 | name: mysql
2 | version: 0.19.0
3 | appVersion: 5.7.14
4 | description: Fast, reliable, scalable, and easy to use open-source relational database
5 | system.
6 | keywords:
7 | - mysql
8 | - database
9 | - sql
10 | home: https://www.mysql.com/
11 | icon: https://www.mysql.com/common/logos/logo-mysql-170x115.png
12 | sources:
13 | - https://github.com/kubernetes/charts
14 | - https://github.com/docker-library/mysql
15 | maintainers:
16 | - name: olemarkus
17 | email: o.with@sportradar.com
18 | - name: viglesiasce
19 | email: viglesias@google.com
20 | engine: gotpl
21 |
--------------------------------------------------------------------------------
/installer/helm/istio/charts/gateways/templates/rolebindings.yaml:
--------------------------------------------------------------------------------
1 | {{- range $key, $spec := .Values }}
2 | {{- if ne $key "enabled" }}
3 | {{- if $spec.enabled }}
4 | {{- if ($spec.sds) and (eq $spec.sds.enabled true) }}
5 | apiVersion: rbac.authorization.k8s.io/v1
6 | kind: RoleBinding
7 | metadata:
8 | name: {{ $key }}-sds
9 | namespace: {{ $.Release.Namespace }}
10 | roleRef:
11 | apiGroup: rbac.authorization.k8s.io
12 | kind: Role
13 | name: {{ $key }}-sds
14 | subjects:
15 | - kind: ServiceAccount
16 | name: {{ $key }}-service-account
17 | ---
18 | {{- end }}
19 | {{- end }}
20 | {{- end }}
21 | {{- end }}
22 |
--------------------------------------------------------------------------------
/installer/k8s-artefacts/system/cloud-generic.yaml:
--------------------------------------------------------------------------------
1 | kind: Service
2 | apiVersion: v1
3 | metadata:
4 | name: ingress-nginx
5 | namespace: ingress-nginx
6 | labels:
7 | app.kubernetes.io/name: ingress-nginx
8 | app.kubernetes.io/part-of: ingress-nginx
9 | spec:
10 | externalTrafficPolicy: Local
11 | type: LoadBalancer
12 | selector:
13 | app.kubernetes.io/name: ingress-nginx
14 | app.kubernetes.io/part-of: ingress-nginx
15 | ports:
16 | - name: http
17 | port: 80
18 | targetPort: http
19 | - name: https
20 | port: 443
21 | targetPort: https
22 |
23 | ---
24 |
25 |
--------------------------------------------------------------------------------
/installer/helm/istio/charts/sidecarInjectorWebhook/templates/serviceaccount.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: ServiceAccount
3 | {{- if .Values.global.imagePullSecrets }}
4 | imagePullSecrets:
5 | {{- range .Values.global.imagePullSecrets }}
6 | - name: {{ . }}
7 | {{- end }}
8 | {{- end }}
9 | metadata:
10 | name: istio-sidecar-injector-service-account
11 | namespace: {{ .Release.Namespace }}
12 | labels:
13 | app: {{ template "sidecar-injector.name" . }}
14 | chart: {{ template "sidecar-injector.chart" . }}
15 | heritage: {{ .Release.Service }}
16 | release: {{ .Release.Name }}
17 | istio: sidecar-injector
18 |
--------------------------------------------------------------------------------
/installer/helm/istio/example-values/values-istio-googleca.yaml:
--------------------------------------------------------------------------------
1 | global:
2 | controlPlaneSecurityEnabled: false
3 |
4 | mtls:
5 | # Default setting for service-to-service mtls. Can be set explicitly using
6 | # destination rules or service annotations.
7 | enabled: true
8 |
9 | sds:
10 | enabled: true
11 | udsPath: "unix:/var/run/sds/uds_path"
12 | useTrustworthyJwt: true
13 |
14 | trustDomain: ""
15 |
16 | nodeagent:
17 | enabled: true
18 | image: node-agent-k8s
19 | env:
20 | CA_PROVIDER: "GoogleCA"
21 | CA_ADDR: "istioca.googleapis.com:443"
22 | Plugins: "GoogleTokenExchange"
23 |
--------------------------------------------------------------------------------
/installer/helm/istio/charts/mixer/templates/serviceaccount.yaml:
--------------------------------------------------------------------------------
1 | {{- if or (.Values.policy.enabled) (.Values.telemetry.enabled) }}
2 | apiVersion: v1
3 | kind: ServiceAccount
4 | {{- if .Values.global.imagePullSecrets }}
5 | imagePullSecrets:
6 | {{- range .Values.global.imagePullSecrets }}
7 | - name: {{ . }}
8 | {{- end }}
9 | {{- end }}
10 | metadata:
11 | name: istio-mixer-service-account
12 | namespace: {{ .Release.Namespace }}
13 | labels:
14 | app: {{ template "mixer.name" . }}
15 | chart: {{ template "mixer.chart" . }}
16 | heritage: {{ .Release.Service }}
17 | release: {{ .Release.Name }}
18 | {{- end }}
19 |
--------------------------------------------------------------------------------
/installer/helm/istio/charts/pilot/templates/clusterrolebinding.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: rbac.authorization.k8s.io/v1
2 | kind: ClusterRoleBinding
3 | metadata:
4 | name: istio-pilot-{{ .Release.Namespace }}
5 | labels:
6 | app: {{ template "pilot.name" . }}
7 | chart: {{ template "pilot.chart" . }}
8 | heritage: {{ .Release.Service }}
9 | release: {{ .Release.Name }}
10 | roleRef:
11 | apiGroup: rbac.authorization.k8s.io
12 | kind: ClusterRole
13 | name: istio-pilot-{{ .Release.Namespace }}
14 | subjects:
15 | - kind: ServiceAccount
16 | name: istio-pilot-service-account
17 | namespace: {{ .Release.Namespace }}
18 |
--------------------------------------------------------------------------------
/installer/helm/istio-init/values.yaml:
--------------------------------------------------------------------------------
1 | global:
2 | # Default hub for Istio images.
3 | # Releases are published to docker hub under 'istio' project.
4 | # Daily builds from prow are on gcr.io, and nightly builds from circle on docker.io/istionightly
5 | hub: docker.io/istio
6 |
7 | # Default tag for Istio images.
8 | tag: 1.2.2
9 |
10 | # imagePullPolicy is applied to istio control plane components.
11 | # local tests require IfNotPresent, to avoid uploading to dockerhub.
12 | # TODO: Switch to Always as default, and override in the local tests.
13 | imagePullPolicy: IfNotPresent
14 |
15 | certmanager:
16 | enabled: false
17 |
--------------------------------------------------------------------------------
/installer/helm/istio/charts/istiocoredns/templates/clusterrolebinding.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: rbac.authorization.k8s.io/v1
2 | kind: ClusterRoleBinding
3 | metadata:
4 | name: istio-istiocoredns-role-binding-{{ .Release.Namespace }}
5 | labels:
6 | app: {{ template "istiocoredns.name" . }}
7 | chart: {{ template "istiocoredns.chart" . }}
8 | heritage: {{ .Release.Service }}
9 | release: {{ .Release.Name }}
10 | roleRef:
11 | apiGroup: rbac.authorization.k8s.io
12 | kind: ClusterRole
13 | name: istiocoredns
14 | subjects:
15 | - kind: ServiceAccount
16 | name: istiocoredns-service-account
17 | namespace: {{ .Release.Namespace }}
18 |
--------------------------------------------------------------------------------
/installer/helm/istio/charts/nodeagent/templates/clusterrolebinding.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: rbac.authorization.k8s.io/v1
2 | kind: ClusterRoleBinding
3 | metadata:
4 | name: istio-nodeagent-{{ .Release.Namespace }}
5 | labels:
6 | app: {{ template "nodeagent.name" . }}
7 | chart: {{ template "nodeagent.chart" . }}
8 | heritage: {{ .Release.Service }}
9 | release: {{ .Release.Name }}
10 | roleRef:
11 | apiGroup: rbac.authorization.k8s.io
12 | kind: ClusterRole
13 | name: istio-nodeagent-{{ .Release.Namespace }}
14 | subjects:
15 | - kind: ServiceAccount
16 | name: istio-nodeagent-service-account
17 | namespace: {{ .Release.Namespace }}
--------------------------------------------------------------------------------
/installer/helm/istio/charts/security/templates/clusterrolebinding.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: rbac.authorization.k8s.io/v1
2 | kind: ClusterRoleBinding
3 | metadata:
4 | name: istio-citadel-{{ .Release.Namespace }}
5 | labels:
6 | app: {{ template "security.name" . }}
7 | chart: {{ template "security.chart" . }}
8 | heritage: {{ .Release.Service }}
9 | release: {{ .Release.Name }}
10 | roleRef:
11 | apiGroup: rbac.authorization.k8s.io
12 | kind: ClusterRole
13 | name: istio-citadel-{{ .Release.Namespace }}
14 | subjects:
15 | - kind: ServiceAccount
16 | name: istio-citadel-service-account
17 | namespace: {{ .Release.Namespace }}
18 |
--------------------------------------------------------------------------------
/installer/helm/istio/charts/galley/templates/clusterrolebinding.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: rbac.authorization.k8s.io/v1
2 | kind: ClusterRoleBinding
3 | metadata:
4 | name: istio-galley-admin-role-binding-{{ .Release.Namespace }}
5 | labels:
6 | app: {{ template "galley.name" . }}
7 | chart: {{ template "galley.chart" . }}
8 | heritage: {{ .Release.Service }}
9 | release: {{ .Release.Name }}
10 | roleRef:
11 | apiGroup: rbac.authorization.k8s.io
12 | kind: ClusterRole
13 | name: istio-galley-{{ .Release.Namespace }}
14 | subjects:
15 | - kind: ServiceAccount
16 | name: istio-galley-service-account
17 | namespace: {{ .Release.Namespace }}
18 |
--------------------------------------------------------------------------------
/installer/helm/istio/charts/kiali/templates/clusterrolebinding.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: rbac.authorization.k8s.io/v1
2 | kind: ClusterRoleBinding
3 | metadata:
4 | name: istio-kiali-admin-role-binding-{{ .Release.Namespace }}
5 | labels:
6 | app: {{ template "kiali.name" . }}
7 | chart: {{ template "kiali.chart" . }}
8 | heritage: {{ .Release.Service }}
9 | release: {{ .Release.Name }}
10 | roleRef:
11 | apiGroup: rbac.authorization.k8s.io
12 | kind: ClusterRole
13 | name: kiali{{- if .Values.dashboard.viewOnlyMode }}-viewer{{- end }}
14 | subjects:
15 | - kind: ServiceAccount
16 | name: kiali-service-account
17 | namespace: {{ .Release.Namespace }}
18 |
--------------------------------------------------------------------------------
/installer/helm/istio/charts/prometheus/templates/clusterrole.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: rbac.authorization.k8s.io/v1
2 | kind: ClusterRole
3 | metadata:
4 | name: prometheus-{{ .Release.Namespace }}
5 | labels:
6 | app: prometheus
7 | chart: {{ template "prometheus.chart" . }}
8 | heritage: {{ .Release.Service }}
9 | release: {{ .Release.Name }}
10 | rules:
11 | - apiGroups: [""]
12 | resources:
13 | - nodes
14 | - services
15 | - endpoints
16 | - pods
17 | - nodes/proxy
18 | verbs: ["get", "list", "watch"]
19 | - apiGroups: [""]
20 | resources:
21 | - configmaps
22 | verbs: ["get"]
23 | - nonResourceURLs: ["/metrics"]
24 | verbs: ["get"]
25 |
--------------------------------------------------------------------------------
/installer/helm/istio/charts/grafana/templates/configmap-dashboards.yaml:
--------------------------------------------------------------------------------
1 | {{- $files := .Files }}
2 | {{- range $path, $bytes := .Files.Glob "dashboards/*.json" }}
3 | {{- $filename := trimSuffix (ext $path) (base $path) }}
4 | apiVersion: v1
5 | kind: ConfigMap
6 | metadata:
7 | name: istio-grafana-configuration-dashboards-{{ $filename }}
8 | namespace: {{ $.Release.Namespace }}
9 | labels:
10 | app: {{ template "grafana.name" $ }}
11 | chart: {{ template "grafana.chart" $ }}
12 | heritage: {{ $.Release.Service }}
13 | release: {{ $.Release.Name }}
14 | istio: grafana
15 | data:
16 | {{ base $path }}: '{{ $files.Get $path }}'
17 | ---
18 | {{- end }}
19 |
--------------------------------------------------------------------------------
/installer/helm/istio/charts/pilot/templates/service.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: Service
3 | metadata:
4 | name: istio-pilot
5 | namespace: {{ .Release.Namespace }}
6 | labels:
7 | app: {{ template "pilot.name" . }}
8 | chart: {{ template "pilot.chart" . }}
9 | heritage: {{ .Release.Service }}
10 | release: {{ .Release.Name }}
11 | istio: pilot
12 | spec:
13 | ports:
14 | - port: 15010
15 | name: grpc-xds # direct
16 | - port: 15011
17 | name: https-xds # mTLS
18 | - port: 8080
19 | name: http-legacy-discovery # direct
20 | - port: {{ .Values.global.monitoringPort }}
21 | name: http-monitoring
22 | selector:
23 | istio: pilot
24 |
--------------------------------------------------------------------------------
/installer/k8s-artefacts/metrics-server/resource-reader.yaml:
--------------------------------------------------------------------------------
1 | ---
2 | apiVersion: rbac.authorization.k8s.io/v1
3 | kind: ClusterRole
4 | metadata:
5 | name: system:metrics-server
6 | rules:
7 | - apiGroups:
8 | - ""
9 | resources:
10 | - pods
11 | - nodes
12 | - nodes/stats
13 | verbs:
14 | - get
15 | - list
16 | - watch
17 | ---
18 | apiVersion: rbac.authorization.k8s.io/v1
19 | kind: ClusterRoleBinding
20 | metadata:
21 | name: system:metrics-server
22 | roleRef:
23 | apiGroup: rbac.authorization.k8s.io
24 | kind: ClusterRole
25 | name: system:metrics-server
26 | subjects:
27 | - kind: ServiceAccount
28 | name: metrics-server
29 | namespace: kube-system
30 |
--------------------------------------------------------------------------------
/installer/helm/ingress-controller/charts/nginx-ingress/Chart.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | appVersion: 0.24.1
3 | description: An nginx Ingress controller that uses ConfigMap to store the nginx configuration.
4 | engine: gotpl
5 | home: https://github.com/kubernetes/ingress-nginx
6 | icon: https://upload.wikimedia.org/wikipedia/commons/thumb/c/c5/Nginx_logo.svg/500px-Nginx_logo.svg.png
7 | keywords:
8 | - ingress
9 | - nginx
10 | maintainers:
11 | - email: jack.zampolin@gmail.com
12 | name: jackzampolin
13 | - email: mgoodness@gmail.com
14 | name: mgoodness
15 | - name: ChiefAlexander
16 | name: nginx-ingress
17 | sources:
18 | - https://github.com/kubernetes/ingress-nginx
19 | version: 1.6.18
20 |
--------------------------------------------------------------------------------
/installer/helm/istio/charts/istiocoredns/templates/configmap.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: ConfigMap
3 | metadata:
4 | name: coredns
5 | namespace: {{ .Release.Namespace }}
6 | labels:
7 | app: {{ template "istiocoredns.name" . }}
8 | chart: {{ template "istiocoredns.chart" . }}
9 | heritage: {{ .Release.Service }}
10 | release: {{ .Release.Name }}
11 | data:
12 | Corefile: |
13 | .:53 {
14 | errors
15 | health
16 | proxy global 127.0.0.1:8053 {
17 | protocol grpc insecure
18 | }
19 | prometheus :9153
20 | proxy . /etc/resolv.conf
21 | cache 30
22 | reload
23 | }
24 | ---
25 |
--------------------------------------------------------------------------------
/installer/helm/istio/charts/sidecarInjectorWebhook/templates/clusterrole.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: rbac.authorization.k8s.io/v1
2 | kind: ClusterRole
3 | metadata:
4 | name: istio-sidecar-injector-{{ .Release.Namespace }}
5 | labels:
6 | app: {{ template "sidecar-injector.name" . }}
7 | chart: {{ template "sidecar-injector.chart" . }}
8 | heritage: {{ .Release.Service }}
9 | release: {{ .Release.Name }}
10 | istio: sidecar-injector
11 | rules:
12 | - apiGroups: [""]
13 | resources: ["configmaps"]
14 | verbs: ["get", "list", "watch"]
15 | - apiGroups: ["admissionregistration.k8s.io"]
16 | resources: ["mutatingwebhookconfigurations"]
17 | verbs: ["get", "list", "watch", "patch"]
18 |
--------------------------------------------------------------------------------
/installer/helm/metrics-server/values.yaml:
--------------------------------------------------------------------------------
1 | # Copyright (c) 2019, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
2 | #
3 | # Licensed under the Apache License, Version 2.0 (the "License");
4 | # you may not use this file except in compliance with the License.
5 | # You may obtain a copy of the License at
6 | #
7 | # http://www.apache.org/licenses/LICENSE-2.0
8 | #
9 | # Unless required by applicable law or agreed to in writing, software
10 | # distributed under the License is distributed on an "AS IS" BASIS,
11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | # See the License for the specific language governing permissions and
13 | # limitations under the License.
14 |
--------------------------------------------------------------------------------
/installer/helm/istio/charts/sidecarInjectorWebhook/templates/poddisruptionbudget.yaml:
--------------------------------------------------------------------------------
1 | {{- if .Values.global.defaultPodDisruptionBudget.enabled }}
2 | apiVersion: policy/v1beta1
3 | kind: PodDisruptionBudget
4 | metadata:
5 | name: istio-sidecar-injector
6 | namespace: {{ .Release.Namespace }}
7 | labels:
8 | app: {{ template "sidecar-injector.name" . }}
9 | release: {{ .Release.Name }}
10 | istio: sidecar-injector
11 | spec:
12 | {{ include "podDisruptionBudget.spec" .Values.global.defaultPodDisruptionBudget }}
13 | selector:
14 | matchLabels:
15 | app: {{ template "sidecar-injector.name" . }}
16 | release: {{ .Release.Name }}
17 | istio: sidecar-injector
18 | {{- end }}
--------------------------------------------------------------------------------
/installer/helm/knative/values.yaml:
--------------------------------------------------------------------------------
1 | # Copyright (c) 2019, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
2 | #
3 | # Licensed under the Apache License, Version 2.0 (the "License");
4 | # you may not use this file except in compliance with the License.
5 | # You may obtain a copy of the License at
6 | #
7 | # http://www.apache.org/licenses/LICENSE-2.0
8 | #
9 | # Unless required by applicable law or agreed to in writing, software
10 | # distributed under the License is distributed on an "AS IS" BASIS,
11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | # See the License for the specific language governing permissions and
13 | # limitations under the License.
14 |
15 | scaleToZero:
16 | enabled: true
--------------------------------------------------------------------------------
/installer/k8s-artefacts/system/service-nodeport.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: Service
3 | metadata:
4 | name: ingress-nginx
5 | namespace: ingress-nginx
6 | labels:
7 | app.kubernetes.io/name: ingress-nginx
8 | app.kubernetes.io/part-of: ingress-nginx
9 | spec:
10 | type: NodePort
11 | externalIPs:
12 | - 172.17.17.100
13 | - 10.0.2.15
14 | - 192.168.56.10
15 | - 192.168.99.100
16 | ports:
17 | - name: http
18 | port: 80
19 | targetPort: 80
20 | protocol: TCP
21 | - name: https
22 | port: 443
23 | targetPort: 443
24 | protocol: TCP
25 | selector:
26 | app.kubernetes.io/name: ingress-nginx
27 | app.kubernetes.io/part-of: ingress-nginx
28 |
29 | ---
30 |
31 |
--------------------------------------------------------------------------------
/installer/helm/ingress-controller/charts/nginx-ingress/templates/rolebinding.yaml:
--------------------------------------------------------------------------------
1 | {{- if .Values.rbac.create -}}
2 | apiVersion: rbac.authorization.k8s.io/v1beta1
3 | kind: RoleBinding
4 | metadata:
5 | labels:
6 | app: {{ template "nginx-ingress.name" . }}
7 | chart: {{ .Chart.Name }}-{{ .Chart.Version }}
8 | heritage: {{ .Release.Service }}
9 | release: {{ .Release.Name }}
10 | name: {{ template "nginx-ingress.fullname" . }}
11 | roleRef:
12 | apiGroup: rbac.authorization.k8s.io
13 | kind: Role
14 | name: {{ template "nginx-ingress.fullname" . }}
15 | subjects:
16 | - kind: ServiceAccount
17 | name: {{ template "nginx-ingress.serviceAccountName" . }}
18 | namespace: {{ .Release.Namespace }}
19 | {{- end -}}
20 |
--------------------------------------------------------------------------------
/installer/helm/istio/charts/gateways/templates/serviceaccount.yaml:
--------------------------------------------------------------------------------
1 | {{- range $key, $spec := .Values }}
2 | {{- if ne $key "enabled" }}
3 | {{- if $spec.enabled }}
4 | apiVersion: v1
5 | kind: ServiceAccount
6 | {{- if $.Values.global.imagePullSecrets }}
7 | imagePullSecrets:
8 | {{- range $.Values.global.imagePullSecrets }}
9 | - name: {{ . }}
10 | {{- end }}
11 | {{- end }}
12 | metadata:
13 | name: {{ $key }}-service-account
14 | namespace: {{ $spec.namespace | default $.Release.Namespace }}
15 | labels:
16 | app: {{ $spec.labels.app }}
17 | chart: {{ template "gateway.chart" $ }}
18 | heritage: {{ $.Release.Service }}
19 | release: {{ $.Release.Name }}
20 | ---
21 | {{- end }}
22 | {{- end }}
23 | {{- end }}
24 |
25 |
--------------------------------------------------------------------------------
/installer/helm/istio/charts/mixer/templates/clusterrolebinding.yaml:
--------------------------------------------------------------------------------
1 | {{- if or (.Values.policy.enabled) (.Values.telemetry.enabled) }}
2 | apiVersion: rbac.authorization.k8s.io/v1
3 | kind: ClusterRoleBinding
4 | metadata:
5 | name: istio-mixer-admin-role-binding-{{ .Release.Namespace }}
6 | labels:
7 | app: {{ template "mixer.name" . }}
8 | chart: {{ template "mixer.chart" . }}
9 | heritage: {{ .Release.Service }}
10 | release: {{ .Release.Name }}
11 | roleRef:
12 | apiGroup: rbac.authorization.k8s.io
13 | kind: ClusterRole
14 | name: istio-mixer-{{ .Release.Namespace }}
15 | subjects:
16 | - kind: ServiceAccount
17 | name: istio-mixer-service-account
18 | namespace: {{ .Release.Namespace }}
19 | {{- end }}
20 |
--------------------------------------------------------------------------------
/installer/helm/istio/charts/security/templates/configmap.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: ConfigMap
3 | metadata:
4 | name: istio-security-custom-resources
5 | namespace: {{ .Release.Namespace }}
6 | labels:
7 | app: {{ template "security.name" . }}
8 | chart: {{ template "security.chart" . }}
9 | heritage: {{ .Release.Service }}
10 | release: {{ .Release.Name }}
11 | istio: citadel
12 | data:
13 | custom-resources.yaml: |-
14 | {{- if .Values.global.mtls.enabled }}
15 | {{- include "security-default.yaml.tpl" . | indent 4}}
16 | {{- else }}
17 | {{- include "security-permissive.yaml.tpl" . | indent 4}}
18 | {{- end }}
19 | run.sh: |-
20 | {{- include "install-custom-resources.sh.tpl" . | indent 4}}
21 |
--------------------------------------------------------------------------------
/installer/helm/istio/charts/security/templates/service.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: Service
3 | metadata:
4 | # we use the normal name here (e.g. 'prometheus')
5 | # as grafana is configured to use this as a data source
6 | name: istio-citadel
7 | namespace: {{ .Release.Namespace }}
8 | labels:
9 | app: {{ template "security.name" . }}
10 | chart: {{ template "security.chart" . }}
11 | heritage: {{ .Release.Service }}
12 | release: {{ .Release.Name }}
13 | istio: citadel
14 | spec:
15 | ports:
16 | - name: grpc-citadel
17 | port: 8060
18 | targetPort: 8060
19 | protocol: TCP
20 | - name: http-monitoring
21 | port: {{ .Values.global.monitoringPort }}
22 | selector:
23 | istio: citadel
24 |
--------------------------------------------------------------------------------
/installer/helm/istio/charts/sidecarInjectorWebhook/templates/clusterrolebinding.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: rbac.authorization.k8s.io/v1
2 | kind: ClusterRoleBinding
3 | metadata:
4 | name: istio-sidecar-injector-admin-role-binding-{{ .Release.Namespace }}
5 | labels:
6 | app: {{ template "sidecar-injector.name" . }}
7 | chart: {{ template "sidecar-injector.chart" . }}
8 | heritage: {{ .Release.Service }}
9 | release: {{ .Release.Name }}
10 | istio: sidecar-injector
11 | roleRef:
12 | apiGroup: rbac.authorization.k8s.io
13 | kind: ClusterRole
14 | name: istio-sidecar-injector-{{ .Release.Namespace }}
15 | subjects:
16 | - kind: ServiceAccount
17 | name: istio-sidecar-injector-service-account
18 | namespace: {{ .Release.Namespace }}
19 |
--------------------------------------------------------------------------------
/installer/helm/istio/charts/grafana/templates/configmap.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: ConfigMap
3 | metadata:
4 | name: istio-grafana
5 | namespace: {{ .Release.Namespace }}
6 | labels:
7 | app: {{ template "grafana.name" . }}
8 | chart: {{ template "grafana.chart" . }}
9 | heritage: {{ .Release.Service }}
10 | release: {{ .Release.Name }}
11 | istio: grafana
12 | data:
13 | {{- if .Values.datasources }}
14 | {{- range $key, $value := .Values.datasources }}
15 | {{ $key }}: |
16 | {{ toYaml $value | indent 4 }}
17 | {{- end -}}
18 | {{- end -}}
19 |
20 | {{- if .Values.dashboardProviders }}
21 | {{- range $key, $value := .Values.dashboardProviders }}
22 | {{ $key }}: |
23 | {{ toYaml $value | indent 4 }}
24 | {{- end -}}
25 | {{- end -}}
26 |
--------------------------------------------------------------------------------
/installer/helm/cellery-runtime/charts/grafana/values.yaml:
--------------------------------------------------------------------------------
1 | # Copyright (c) 2019, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
2 | #
3 | # Licensed under the Apache License, Version 2.0 (the "License");
4 | # you may not use this file except in compliance with the License.
5 | # You may obtain a copy of the License at
6 | #
7 | # http://www.apache.org/licenses/LICENSE-2.0
8 | #
9 | # Unless required by applicable law or agreed to in writing, software
10 | # distributed under the License is distributed on an "AS IS" BASIS,
11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | # See the License for the specific language governing permissions and
13 | # limitations under the License.
14 |
15 | namespace: "cellery-system"
16 | svcaccount: "cellerysvc-account"
17 |
--------------------------------------------------------------------------------
/installer/helm/cellery-runtime/charts/prometheus/values.yaml:
--------------------------------------------------------------------------------
1 | # Copyright (c) 2019, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
2 | #
3 | # Licensed under the Apache License, Version 2.0 (the "License");
4 | # you may not use this file except in compliance with the License.
5 | # You may obtain a copy of the License at
6 | #
7 | # http://www.apache.org/licenses/LICENSE-2.0
8 | #
9 | # Unless required by applicable law or agreed to in writing, software
10 | # distributed under the License is distributed on an "AS IS" BASIS,
11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | # See the License for the specific language governing permissions and
13 | # limitations under the License.
14 |
15 | namespace: "cellery-system"
16 | svcaccount: "cellerysvc-account"
17 |
--------------------------------------------------------------------------------
/installer/helm/ingress-controller/charts/nginx-ingress/templates/controller-poddisruptionbudget.yaml:
--------------------------------------------------------------------------------
1 | {{- if gt .Values.controller.replicaCount 1.0 }}
2 | apiVersion: policy/v1beta1
3 | kind: PodDisruptionBudget
4 | metadata:
5 | labels:
6 | app: {{ template "nginx-ingress.name" . }}
7 | chart: {{ .Chart.Name }}-{{ .Chart.Version }}
8 | component: "{{ .Values.controller.name }}"
9 | heritage: {{ .Release.Service }}
10 | release: {{ .Release.Name }}
11 | name: {{ template "nginx-ingress.controller.fullname" . }}
12 | spec:
13 | selector:
14 | matchLabels:
15 | app: {{ template "nginx-ingress.name" . }}
16 | release: {{ .Release.Name }}
17 | component: "{{ .Values.controller.name }}"
18 | minAvailable: {{ .Values.controller.minAvailable }}
19 | {{- end }}
20 |
--------------------------------------------------------------------------------
/installer/helm/ingress-controller/charts/nginx-ingress/templates/clusterrolebinding.yaml:
--------------------------------------------------------------------------------
1 | {{- if and .Values.rbac.create (not .Values.controller.scope.enabled) -}}
2 | apiVersion: rbac.authorization.k8s.io/v1beta1
3 | kind: ClusterRoleBinding
4 | metadata:
5 | labels:
6 | app: {{ template "nginx-ingress.name" . }}
7 | chart: {{ .Chart.Name }}-{{ .Chart.Version }}
8 | heritage: {{ .Release.Service }}
9 | release: {{ .Release.Name }}
10 | name: {{ template "nginx-ingress.fullname" . }}
11 | roleRef:
12 | apiGroup: rbac.authorization.k8s.io
13 | kind: ClusterRole
14 | name: {{ template "nginx-ingress.fullname" . }}
15 | subjects:
16 | - kind: ServiceAccount
17 | name: {{ template "nginx-ingress.serviceAccountName" . }}
18 | namespace: {{ .Release.Namespace }}
19 | {{- end -}}
20 |
--------------------------------------------------------------------------------
/installer/helm/istio/charts/pilot/templates/poddisruptionbudget.yaml:
--------------------------------------------------------------------------------
1 | {{- if .Values.global.defaultPodDisruptionBudget.enabled }}
2 | apiVersion: policy/v1beta1
3 | kind: PodDisruptionBudget
4 | metadata:
5 | name: istio-pilot
6 | namespace: {{ .Release.Namespace }}
7 | labels:
8 | app: {{ template "pilot.name" . }}
9 | chart: {{ template "pilot.chart" . }}
10 | heritage: {{ .Release.Service }}
11 | release: {{ .Release.Name }}
12 | istio: pilot
13 | spec:
14 | {{- if .Values.global.defaultPodDisruptionBudget.enabled }}
15 | {{ include "podDisruptionBudget.spec" .Values.global.defaultPodDisruptionBudget }}
16 | {{- end }}
17 | selector:
18 | matchLabels:
19 | app: {{ template "pilot.name" . }}
20 | release: {{ .Release.Name }}
21 | istio: pilot
22 | {{- end }}
23 |
--------------------------------------------------------------------------------
/installer/helm/ingress-controller/charts/nginx-ingress/templates/controller-configmap.yaml:
--------------------------------------------------------------------------------
1 | {{- if or .Values.controller.headers .Values.controller.config }}
2 | apiVersion: v1
3 | kind: ConfigMap
4 | metadata:
5 | labels:
6 | app: {{ template "nginx-ingress.name" . }}
7 | chart: {{ .Chart.Name }}-{{ .Chart.Version }}
8 | component: "{{ .Values.controller.name }}"
9 | heritage: {{ .Release.Service }}
10 | release: {{ .Release.Name }}
11 | name: {{ template "nginx-ingress.controller.fullname" . }}
12 | data:
13 | {{- if .Values.controller.headers }}
14 | proxy-set-headers: {{ .Release.Namespace }}/{{ template "nginx-ingress.fullname" . }}-custom-headers
15 | {{- end }}
16 | {{- if .Values.controller.config }}
17 | {{ toYaml .Values.controller.config | indent 2 }}
18 | {{- end }}
19 | {{- end }}
20 |
--------------------------------------------------------------------------------
/installer/helm/istio/charts/galley/templates/poddisruptionbudget.yaml:
--------------------------------------------------------------------------------
1 | {{- if .Values.global.defaultPodDisruptionBudget.enabled }}
2 | apiVersion: policy/v1beta1
3 | kind: PodDisruptionBudget
4 | metadata:
5 | name: istio-galley
6 | namespace: {{ .Release.Namespace }}
7 | labels:
8 | app: {{ template "galley.name" . }}
9 | chart: {{ template "galley.chart" . }}
10 | heritage: {{ .Release.Service }}
11 | release: {{ .Release.Name }}
12 | istio: galley
13 | spec:
14 | {{- if .Values.global.defaultPodDisruptionBudget.enabled }}
15 | {{ include "podDisruptionBudget.spec" .Values.global.defaultPodDisruptionBudget }}
16 | {{- end }}
17 | selector:
18 | matchLabels:
19 | app: {{ template "galley.name" . }}
20 | release: {{ .Release.Name }}
21 | istio: galley
22 | {{- end }}
23 |
--------------------------------------------------------------------------------
/installer/helm/istio/charts/security/templates/clusterrole.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: rbac.authorization.k8s.io/v1
2 | kind: ClusterRole
3 | metadata:
4 | name: istio-citadel-{{ .Release.Namespace }}
5 | labels:
6 | app: {{ template "security.name" . }}
7 | chart: {{ template "security.chart" . }}
8 | heritage: {{ .Release.Service }}
9 | release: {{ .Release.Name }}
10 | rules:
11 | - apiGroups: [""]
12 | resources: ["configmaps"]
13 | verbs: ["create", "get", "update"]
14 | - apiGroups: [""]
15 | resources: ["secrets"]
16 | verbs: ["create", "get", "watch", "list", "update", "delete"]
17 | - apiGroups: [""]
18 | resources: ["serviceaccounts", "services"]
19 | verbs: ["get", "watch", "list"]
20 | - apiGroups: ["authentication.k8s.io"]
21 | resources: ["tokenreviews"]
22 | verbs: ["create"]
23 |
--------------------------------------------------------------------------------
/installer/helm/ingress-controller/charts/nginx-ingress/templates/default-backend-poddisruptionbudget.yaml:
--------------------------------------------------------------------------------
1 | {{- if gt .Values.defaultBackend.replicaCount 1.0 }}
2 | apiVersion: policy/v1beta1
3 | kind: PodDisruptionBudget
4 | metadata:
5 | labels:
6 | app: {{ template "nginx-ingress.name" . }}
7 | chart: {{ .Chart.Name }}-{{ .Chart.Version }}
8 | component: "{{ .Values.defaultBackend.name }}"
9 | heritage: {{ .Release.Service }}
10 | release: {{ .Release.Name }}
11 | name: {{ template "nginx-ingress.defaultBackend.fullname" . }}
12 | spec:
13 | selector:
14 | matchLabels:
15 | app: {{ template "nginx-ingress.name" . }}
16 | release: {{ .Release.Name }}
17 | component: "{{ .Values.defaultBackend.name }}"
18 | minAvailable: {{ .Values.defaultBackend.minAvailable }}
19 | {{- end }}
20 |
--------------------------------------------------------------------------------
/installer/helm/ingress-controller/requirements.yaml:
--------------------------------------------------------------------------------
1 | # Copyright (c) 2019, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
2 | #
3 | # Licensed under the Apache License, Version 2.0 (the "License");
4 | # you may not use this file except in compliance with the License.
5 | # You may obtain a copy of the License at
6 | #
7 | # http://www.apache.org/licenses/LICENSE-2.0
8 | #
9 | # Unless required by applicable law or agreed to in writing, software
10 | # distributed under the License is distributed on an "AS IS" BASIS,
11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | # See the License for the specific language governing permissions and
13 | # limitations under the License.
14 |
15 | dependencies:
16 | - name: nginx-ingress
17 | version: 1.11.5
18 | condition: nginx-ingress.enabled
19 |
--------------------------------------------------------------------------------
/installer/helm/knative/Chart.yaml:
--------------------------------------------------------------------------------
1 | # Copyright (c) 2019, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
2 | #
3 | # Licensed under the Apache License, Version 2.0 (the "License");
4 | # you may not use this file except in compliance with the License.
5 | # You may obtain a copy of the License at
6 | #
7 | # http://www.apache.org/licenses/LICENSE-2.0
8 | #
9 | # Unless required by applicable law or agreed to in writing, software
10 | # distributed under the License is distributed on an "AS IS" BASIS,
11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | # See the License for the specific language governing permissions and
13 | # limitations under the License.
14 |
15 | apiVersion: v1
16 | appVersion: "1.0"
17 | description: A Helm chart for Kubernetes
18 | name: knative
19 | version: 0.1.0
20 |
--------------------------------------------------------------------------------
/installer/helm/knative-crd/Chart.yaml:
--------------------------------------------------------------------------------
1 | # Copyright (c) 2019, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
2 | #
3 | # Licensed under the Apache License, Version 2.0 (the "License");
4 | # you may not use this file except in compliance with the License.
5 | # You may obtain a copy of the License at
6 | #
7 | # http://www.apache.org/licenses/LICENSE-2.0
8 | #
9 | # Unless required by applicable law or agreed to in writing, software
10 | # distributed under the License is distributed on an "AS IS" BASIS,
11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | # See the License for the specific language governing permissions and
13 | # limitations under the License.
14 |
15 | apiVersion: v1
16 | appVersion: "1.0"
17 | description: A Helm chart for Kubernetes
18 | name: knative-crd
19 | version: 0.1.0
20 |
--------------------------------------------------------------------------------
/installer/helm/cellery-runtime/charts/apim/Chart.yaml:
--------------------------------------------------------------------------------
1 | # Copyright (c) 2019, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
2 | #
3 | # Licensed under the Apache License, Version 2.0 (the "License");
4 | # you may not use this file except in compliance with the License.
5 | # You may obtain a copy of the License at
6 | #
7 | # http://www.apache.org/licenses/LICENSE-2.0
8 | #
9 | # Unless required by applicable law or agreed to in writing, software
10 | # distributed under the License is distributed on an "AS IS" BASIS,
11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | # See the License for the specific language governing permissions and
13 | # limitations under the License.
14 |
15 | apiVersion: v1
16 | appVersion: "2.6.0"
17 | description: WSO2 APIM 2.6.0 helm chart
18 | name: apim
19 | version: 0.1.0
20 |
--------------------------------------------------------------------------------
/installer/helm/istio/example-values/values-istio-multicluster-gateways.yaml:
--------------------------------------------------------------------------------
1 | global:
2 | # Provides dns resolution for global services
3 | podDNSSearchNamespaces:
4 | - global
5 | - "{{ valueOrDefault .DeploymentMeta.Namespace \"default\" }}.global"
6 |
7 | multiCluster:
8 | enabled: true
9 |
10 | controlPlaneSecurityEnabled: true
11 |
12 | # Multicluster with gateways requires a root CA
13 | # Cluster local CAs are bootstrapped with the root CA.
14 | security:
15 | selfSigned: false
16 |
17 | # Provides dns resolution for service entries of form
18 | # name.namespace.global
19 | istiocoredns:
20 | enabled: true
21 |
22 | gateways:
23 | istio-egressgateway:
24 | enabled: true
25 | env:
26 | # Needed to route traffic via egress gateway if desired.
27 | ISTIO_META_REQUESTED_NETWORK_VIEW: "external"
28 |
--------------------------------------------------------------------------------
/installer/helm/metrics-server/Chart.yaml:
--------------------------------------------------------------------------------
1 | # Copyright (c) 2019, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
2 | #
3 | # Licensed under the Apache License, Version 2.0 (the "License");
4 | # you may not use this file except in compliance with the License.
5 | # You may obtain a copy of the License at
6 | #
7 | # http://www.apache.org/licenses/LICENSE-2.0
8 | #
9 | # Unless required by applicable law or agreed to in writing, software
10 | # distributed under the License is distributed on an "AS IS" BASIS,
11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | # See the License for the specific language governing permissions and
13 | # limitations under the License.
14 |
15 | apiVersion: v1
16 | appVersion: "1.0"
17 | description: A Helm chart for Kubernetes
18 | name: metrics-server
19 | version: 0.1.0
20 |
--------------------------------------------------------------------------------
/installer/helm/istio/charts/kiali/templates/configmap.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: ConfigMap
3 | metadata:
4 | name: kiali
5 | namespace: {{ .Release.Namespace }}
6 | labels:
7 | app: {{ template "kiali.name" . }}
8 | chart: {{ template "kiali.chart" . }}
9 | heritage: {{ .Release.Service }}
10 | release: {{ .Release.Name }}
11 | data:
12 | config.yaml: |
13 | istio_namespace: {{ .Release.Namespace }}
14 | auth:
15 | strategy: "login"
16 | server:
17 | port: 20001
18 | {{- if .Values.contextPath }}
19 | web_root: {{ .Values.contextPath }}
20 | {{- end }}
21 | external_services:
22 | tracing:
23 | url: {{ .Values.dashboard.jaegerURL }}
24 | grafana:
25 | url: {{ .Values.dashboard.grafanaURL }}
26 | prometheus:
27 | url: {{ .Values.prometheusAddr }}
28 |
--------------------------------------------------------------------------------
/installer/helm/cellery-runtime/Chart.yaml:
--------------------------------------------------------------------------------
1 | # Copyright (c) 2019, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
2 | #
3 | # Licensed under the Apache License, Version 2.0 (the "License");
4 | # you may not use this file except in compliance with the License.
5 | # You may obtain a copy of the License at
6 | #
7 | # http://www.apache.org/licenses/LICENSE-2.0
8 | #
9 | # Unless required by applicable law or agreed to in writing, software
10 | # distributed under the License is distributed on an "AS IS" BASIS,
11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | # See the License for the specific language governing permissions and
13 | # limitations under the License.
14 |
15 | apiVersion: v1
16 | appVersion: "1.0"
17 | description: Cellery Runtime Helm chart for Kubernetes
18 | name: cellery-runtime
19 | version: 0.1.0
20 |
--------------------------------------------------------------------------------
/installer/helm/cellery-runtime/charts/grafana/Chart.yaml:
--------------------------------------------------------------------------------
1 | # Copyright (c) 2019, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
2 | #
3 | # Licensed under the Apache License, Version 2.0 (the "License");
4 | # you may not use this file except in compliance with the License.
5 | # You may obtain a copy of the License at
6 | #
7 | # http://www.apache.org/licenses/LICENSE-2.0
8 | #
9 | # Unless required by applicable law or agreed to in writing, software
10 | # distributed under the License is distributed on an "AS IS" BASIS,
11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | # See the License for the specific language governing permissions and
13 | # limitations under the License.
14 |
15 | apiVersion: v1
16 | appVersion: "1.0"
17 | description: A Helm chart for grafana subchart
18 | name: grafana
19 | version: 0.1.0
20 |
--------------------------------------------------------------------------------
/installer/helm/istio/charts/pilot/templates/autoscale.yaml:
--------------------------------------------------------------------------------
1 | {{- if and .Values.autoscaleEnabled .Values.autoscaleMin .Values.autoscaleMax }}
2 | apiVersion: autoscaling/v2beta1
3 | kind: HorizontalPodAutoscaler
4 | metadata:
5 | name: istio-pilot
6 | namespace: {{ .Release.Namespace }}
7 | labels:
8 | app: {{ template "pilot.name" . }}
9 | chart: {{ template "pilot.chart" . }}
10 | heritage: {{ .Release.Service }}
11 | release: {{ .Release.Name }}
12 | spec:
13 | maxReplicas: {{ .Values.autoscaleMax }}
14 | minReplicas: {{ .Values.autoscaleMin }}
15 | scaleTargetRef:
16 | apiVersion: apps/v1
17 | kind: Deployment
18 | name: istio-pilot
19 | metrics:
20 | - type: Resource
21 | resource:
22 | name: cpu
23 | targetAverageUtilization: {{ .Values.cpu.targetAverageUtilization }}
24 | ---
25 | {{- end }}
26 |
--------------------------------------------------------------------------------
/installer/helm/cellery-runtime/charts/prometheus/Chart.yaml:
--------------------------------------------------------------------------------
1 | # Copyright (c) 2019, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
2 | #
3 | # Licensed under the Apache License, Version 2.0 (the "License");
4 | # you may not use this file except in compliance with the License.
5 | # You may obtain a copy of the License at
6 | #
7 | # http://www.apache.org/licenses/LICENSE-2.0
8 | #
9 | # Unless required by applicable law or agreed to in writing, software
10 | # distributed under the License is distributed on an "AS IS" BASIS,
11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | # See the License for the specific language governing permissions and
13 | # limitations under the License.
14 |
15 | apiVersion: v1
16 | appVersion: "1.0"
17 | description: A Helm chart for Prometheus subchart
18 | name: prometheus
19 | version: 0.1.0
20 |
--------------------------------------------------------------------------------
/installer/helm/cellery-runtime/charts/controller/Chart.yaml:
--------------------------------------------------------------------------------
1 | # Copyright (c) 2019, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
2 | #
3 | # Licensed under the Apache License, Version 2.0 (the "License");
4 | # you may not use this file except in compliance with the License.
5 | # You may obtain a copy of the License at
6 | #
7 | # http://www.apache.org/licenses/LICENSE-2.0
8 | #
9 | # Unless required by applicable law or agreed to in writing, software
10 | # distributed under the License is distributed on an "AS IS" BASIS,
11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | # See the License for the specific language governing permissions and
13 | # limitations under the License.
14 |
15 | apiVersion: v1
16 | appVersion: "1.0"
17 | description: Cellery Controller Helm chart for Kubernetes
18 | name: controller
19 | version: 0.1.0
20 |
--------------------------------------------------------------------------------
/installer/helm/cellery-runtime/charts/idp/Chart.yaml:
--------------------------------------------------------------------------------
1 | # Copyright (c) 2018, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
2 | #
3 | # Licensed under the Apache License, Version 2.0 (the "License");
4 | # you may not use this file except in compliance with the License.
5 | # You may obtain a copy of the License at
6 | #
7 | # http://www.apache.org/licenses/LICENSE-2.0
8 | #
9 | # Unless required by applicable law or agreed to in writing, software
10 | # distributed under the License is distributed on an "AS IS" BASIS,
11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | # See the License for the specific language governing permissions and
13 | # limitations under the License.
14 |
15 | apiVersion: v1
16 | appVersion: "5.8.0-1"
17 | description: A Helm chart for the deployment of WSO2 IS Deployment
18 | name: idp
19 | version: 5.8.0-1
20 |
--------------------------------------------------------------------------------
/installer/helm/cellery-runtime/charts/idp/templates/svcaccount.yaml:
--------------------------------------------------------------------------------
1 | # Copyright (c) 2018, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
2 | #
3 | # Licensed under the Apache License, Version 2.0 (the "License");
4 | # you may not use this file except in compliance with the License.
5 | # You may obtain a copy of the License at
6 | #
7 | # http://www.apache.org/licenses/LICENSE-2.0
8 | #
9 | # Unless required by applicable law or agreed to in writing, software
10 | # distributed under the License is distributed on an "AS IS" BASIS,
11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | # See the License for the specific language governing permissions and
13 | # limitations under the License.
14 |
15 | apiVersion: v1
16 | kind: ServiceAccount
17 | metadata:
18 | name: {{ .Values.svcaccount }}
19 | namespace : {{ .Values.namespace }}
20 |
--------------------------------------------------------------------------------
/installer/helm/cellery-runtime/charts/apim/templates/svcaccount.yaml:
--------------------------------------------------------------------------------
1 | # Copyright (c) 2019, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
2 | #
3 | # Licensed under the Apache License, Version 2.0 (the "License");
4 | # you may not use this file except in compliance with the License.
5 | # You may obtain a copy of the License at
6 | #
7 | # http://www.apache.org/licenses/LICENSE-2.0
8 | #
9 | # Unless required by applicable law or agreed to in writing, software
10 | # distributed under the License is distributed on an "AS IS" BASIS,
11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | # See the License for the specific language governing permissions and
13 | # limitations under the License.
14 |
15 | apiVersion: v1
16 | kind: ServiceAccount
17 | metadata:
18 | name: {{ .Values.svcaccount }}
19 | namespace : {{ .Values.namespace }}
20 |
--------------------------------------------------------------------------------
/installer/helm/istio/charts/certmanager/templates/poddisruptionbudget.yaml:
--------------------------------------------------------------------------------
1 | {{- if .Values.global.defaultPodDisruptionBudget.enabled }}
2 | apiVersion: policy/v1beta1
3 | kind: PodDisruptionBudget
4 | metadata:
5 | name: certmanager
6 | namespace: {{ .Release.Namespace }}
7 | labels:
8 | app: certmanager
9 | chart: {{ template "certmanager.chart" . }}
10 | heritage: {{ .Release.Service }}
11 | release: {{ .Release.Name }}
12 | version: {{ .Chart.Version }}
13 | {{- if .Values.podLabels }}
14 | {{ toYaml .Values.podLabels | indent 4 }}
15 | {{- end }}
16 | spec:
17 | {{- if .Values.global.defaultPodDisruptionBudget.enabled }}
18 | {{ include "podDisruptionBudget.spec" .Values.global.defaultPodDisruptionBudget }}
19 | {{- end }}
20 | selector:
21 | matchLabels:
22 | app: certmanager
23 | release: {{ .Release.Name }}
24 | {{- end }}
25 |
--------------------------------------------------------------------------------
/installer/helm/istio/values-istio-remote.yaml:
--------------------------------------------------------------------------------
1 | gateways:
2 | enabled: false
3 |
4 | galley:
5 | enabled: false
6 |
7 | mixer:
8 | policy:
9 | enabled: false
10 | telemetry:
11 | enabled: false
12 |
13 | pilot:
14 | enabled: false
15 |
16 | security:
17 | enabled: true
18 | createMeshPolicy: false
19 |
20 | prometheus:
21 | enabled: false
22 |
23 | global:
24 | istioRemote: true
25 |
26 | enableTracing: false
27 |
28 | # Sets an identifier for the remote network to be used for Split Horizon EDS. The network will be sent
29 | # to the Pilot when connected by the sidecar and will affect the results returned in EDS requests.
30 | # Based on the network identifier Pilot will return all local endpoints + endpoints of gateways to
31 | # other networks.
32 | #
33 | # Must match the names in the meshNetworks section in the Istio local.
34 | network: ""
35 |
--------------------------------------------------------------------------------
/issue_template.md:
--------------------------------------------------------------------------------
1 | **Description:**
2 |
3 |
4 | **Suggested Labels:**
5 |
6 |
7 | **Suggested Assignees:**
8 |
9 |
10 | **Affected Product Version:**
11 |
12 | **OS, DB, other environment details and versions:**
13 |
14 | **Steps to reproduce:**
15 |
16 |
17 | **Related Issues:**
18 |
--------------------------------------------------------------------------------
/installer/k8s-artefacts/controller/00-namespace.yaml:
--------------------------------------------------------------------------------
1 | # Copyright (c) 2018 WSO2 Inc. (http:www.wso2.org) All Rights Reserved.
2 | #
3 | # WSO2 Inc. licenses this file to you under the Apache License,
4 | # Version 2.0 (the "License"); you may not use this file except
5 | # in compliance with the License.
6 | # You may obtain a copy of the License at
7 | #
8 | # http:www.apache.org/licenses/LICENSE-2.0
9 | #
10 | # Unless required by applicable law or agreed to in writing,
11 | # software distributed under the License is distributed on an
12 | # "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
13 | # KIND, either express or implied. See the License for the
14 | # specific language governing permissions and limitations
15 | # under the License.
16 |
17 | apiVersion: v1
18 | kind: Namespace
19 | metadata:
20 | labels:
21 | istio-injection: disabled
22 | name: cellery-system
23 |
--------------------------------------------------------------------------------
/installer/helm/istio-init/templates/job-crd-10.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: batch/v1
2 | kind: Job
3 | metadata:
4 | namespace: {{ .Release.Namespace }}
5 | name: istio-init-crd-10
6 | spec:
7 | template:
8 | metadata:
9 | annotations:
10 | sidecar.istio.io/inject: "false"
11 | spec:
12 | serviceAccountName: istio-init-service-account
13 | containers:
14 | - name: istio-init-crd-10
15 | image: "{{ .Values.global.hub }}/kubectl:{{ .Values.global.tag }}"
16 | imagePullPolicy: {{ .Values.global.imagePullPolicy }}
17 | volumeMounts:
18 | - name: crd-10
19 | mountPath: /etc/istio/crd-10
20 | readOnly: true
21 | command: ["kubectl", "apply", "-f", "/etc/istio/crd-10/crd-10.yaml"]
22 | volumes:
23 | - name: crd-10
24 | configMap:
25 | name: istio-crd-10
26 | restartPolicy: OnFailure
27 |
--------------------------------------------------------------------------------
/installer/helm/istio-init/templates/job-crd-11.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: batch/v1
2 | kind: Job
3 | metadata:
4 | namespace: {{ .Release.Namespace }}
5 | name: istio-init-crd-11
6 | spec:
7 | template:
8 | metadata:
9 | annotations:
10 | sidecar.istio.io/inject: "false"
11 | spec:
12 | serviceAccountName: istio-init-service-account
13 | containers:
14 | - name: istio-init-crd-11
15 | image: "{{ .Values.global.hub }}/kubectl:{{ .Values.global.tag }}"
16 | imagePullPolicy: {{ .Values.global.imagePullPolicy }}
17 | volumeMounts:
18 | - name: crd-11
19 | mountPath: /etc/istio/crd-11
20 | readOnly: true
21 | command: ["kubectl", "apply", "-f", "/etc/istio/crd-11/crd-11.yaml"]
22 | volumes:
23 | - name: crd-11
24 | configMap:
25 | name: istio-crd-11
26 | restartPolicy: OnFailure
27 |
--------------------------------------------------------------------------------
/installer/packer/gapim-runtime-images/cleanup.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 | # ------------------------------------------------------------------------
3 | #
4 | # Copyright 2019 WSO2, Inc. (http://wso2.com)
5 | #
6 | # Licensed under the Apache License, Version 2.0 (the "License");
7 | # you may not use this file except in compliance with the License.
8 | # You may obtain a copy of the License at
9 | #
10 | # http://www.apache.org/licenses/LICENSE-2.0
11 | #
12 | # Unless required by applicable law or agreed to in writing, software
13 | # distributed under the License is distributed on an "AS IS" BASIS,
14 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15 | # See the License for the specific language governing permissions and
16 | # limitations under the License
17 | #
18 | # ------------------------------------------------------------------------
19 |
20 | rm -fr box kubectl_conf VirtualBox
21 |
--------------------------------------------------------------------------------
/installer/helm/cellery-runtime/charts/idp/confs/hazelcast.properties:
--------------------------------------------------------------------------------
1 | #
2 | # Copyright (c) 2019, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
3 | #
4 | # Licensed under the Apache License, Version 2.0 (the "License");
5 | # you may not use this file except in compliance with the License.
6 | # You may obtain a copy of the License at
7 | #
8 | # http://www.apache.org/licenses/LICENSE-2.0
9 | #
10 | # Unless required by applicable law or agreed to in writing, software
11 | # distributed under the License is distributed on an "AS IS" BASIS,
12 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | # See the License for the specific language governing permissions and
14 | # limitations under the License.
15 | #
16 |
17 | #Disabling the hazelcast shutdown hook
18 | hazelcast.shutdownhook.enabled=false
19 | #Setting the hazelcast logging type to log4j
20 | hazelcast.logging.type=log4j
21 |
--------------------------------------------------------------------------------
/installer/packer/cellery-full-runtime-imgs/cleanup.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 | # ------------------------------------------------------------------------
3 | #
4 | # Copyright 2019 WSO2, Inc. (http://wso2.com)
5 | #
6 | # Licensed under the Apache License, Version 2.0 (the "License");
7 | # you may not use this file except in compliance with the License.
8 | # You may obtain a copy of the License at
9 | #
10 | # http://www.apache.org/licenses/LICENSE-2.0
11 | #
12 | # Unless required by applicable law or agreed to in writing, software
13 | # distributed under the License is distributed on an "AS IS" BASIS,
14 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15 | # See the License for the specific language governing permissions and
16 | # limitations under the License
17 | #
18 | # ------------------------------------------------------------------------
19 |
20 | rm -fr box kubectl_conf VirtualBox
21 |
--------------------------------------------------------------------------------
/installer/packer/cellery-min-runtime-imgs/cleanup.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 | # ------------------------------------------------------------------------
3 | #
4 | # Copyright 2019 WSO2, Inc. (http://wso2.com)
5 | #
6 | # Licensed under the Apache License, Version 2.0 (the "License");
7 | # you may not use this file except in compliance with the License.
8 | # You may obtain a copy of the License at
9 | #
10 | # http://www.apache.org/licenses/LICENSE-2.0
11 | #
12 | # Unless required by applicable law or agreed to in writing, software
13 | # distributed under the License is distributed on an "AS IS" BASIS,
14 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15 | # See the License for the specific language governing permissions and
16 | # limitations under the License
17 | #
18 | # ------------------------------------------------------------------------
19 |
20 | rm -fr box kubectl_conf VirtualBox
21 |
--------------------------------------------------------------------------------
/installer/packer/minimum-runtime-images/cleanup.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 | # ------------------------------------------------------------------------
3 | #
4 | # Copyright 2019 WSO2, Inc. (http://wso2.com)
5 | #
6 | # Licensed under the Apache License, Version 2.0 (the "License");
7 | # you may not use this file except in compliance with the License.
8 | # You may obtain a copy of the License at
9 | #
10 | # http://www.apache.org/licenses/LICENSE-2.0
11 | #
12 | # Unless required by applicable law or agreed to in writing, software
13 | # distributed under the License is distributed on an "AS IS" BASIS,
14 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15 | # See the License for the specific language governing permissions and
16 | # limitations under the License
17 | #
18 | # ------------------------------------------------------------------------
19 |
20 | rm -fr box kubectl_conf VirtualBox
21 |
--------------------------------------------------------------------------------
/installer/helm/istio/templates/sidecar-injector-configmap.yaml:
--------------------------------------------------------------------------------
1 | {{- if not .Values.global.omitSidecarInjectorConfigMap }}
2 | apiVersion: v1
3 | kind: ConfigMap
4 | metadata:
5 | name: istio-sidecar-injector
6 | namespace: {{ .Release.Namespace }}
7 | labels:
8 | app: {{ template "istio.name" . }}
9 | chart: {{ template "istio.chart" . }}
10 | heritage: {{ .Release.Service }}
11 | release: {{ .Release.Name }}
12 | istio: sidecar-injector
13 | data:
14 | values: |-
15 | {{ .Values | toJson }}
16 |
17 | config: |-
18 | policy: {{ .Values.global.proxy.autoInject }}
19 | alwaysInjectSelector:
20 | {{ toYaml .Values.sidecarInjectorWebhook.alwaysInjectSelector | indent 6 }}
21 | neverInjectSelector:
22 | {{ toYaml .Values.sidecarInjectorWebhook.neverInjectSelector | indent 6 }}
23 | template: |-
24 | {{ .Files.Get "files/injection-template.yaml" | indent 6 }}
25 | {{- end }}
26 |
--------------------------------------------------------------------------------
/installer/helm/cellery-runtime/charts/controller/templates/00-namespace.yaml:
--------------------------------------------------------------------------------
1 |
2 |
3 | # Copyright (c) 2018 WSO2 Inc. (http:www.wso2.org) All Rights Reserved.
4 | #
5 | # WSO2 Inc. licenses this file to you under the Apache License,
6 | # Version 2.0 (the "License"); you may not use this file except
7 | # in compliance with the License.
8 | # You may obtain a copy of the License at
9 | #
10 | # http:www.apache.org/licenses/LICENSE-2.0
11 | #
12 | # Unless required by applicable law or agreed to in writing,
13 | # software distributed under the License is distributed on an
14 | # "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
15 | # KIND, either express or implied. See the License for the
16 | # specific language governing permissions and limitations
17 | # under the License.
18 |
19 | apiVersion: v1
20 | kind: Namespace
21 | metadata:
22 | labels:
23 | istio-injection: disabled
24 | name: cellery-system
25 |
--------------------------------------------------------------------------------
/installer/helm/istio-init/templates/job-crd-12.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: batch/v1
2 | kind: Job
3 | metadata:
4 | namespace: {{ .Release.Namespace }}
5 | name: istio-init-crd-12
6 | spec:
7 | template:
8 | metadata:
9 | annotations:
10 | sidecar.istio.io/inject: "false"
11 | spec:
12 | serviceAccountName: istio-init-service-account
13 | containers:
14 | - name: istio-init-crd-12
15 | image: "{{ .Values.global.hub }}/kubectl:{{ .Values.global.tag }}"
16 | imagePullPolicy: {{ .Values.global.imagePullPolicy }}
17 | volumeMounts:
18 | - name: crd-12
19 | mountPath: /etc/istio/crd-12
20 | readOnly: true
21 | command: ["kubectl", "apply", "-f", "/etc/istio/crd-12/crd-12.yaml"]
22 | volumes:
23 | - name: crd-12
24 | configMap:
25 | name: istio-crd-12
26 | restartPolicy: OnFailure
27 |
--------------------------------------------------------------------------------
/installer/packer/gapim-runtime-images/build.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 | # ------------------------------------------------------------------------
3 | #
4 | # Copyright 2019 WSO2, Inc. (http://wso2.com)
5 | #
6 | # Licensed under the Apache License, Version 2.0 (the "License");
7 | # you may not use this file except in compliance with the License.
8 | # You may obtain a copy of the License at
9 | #
10 | # http://www.apache.org/licenses/LICENSE-2.0
11 | #
12 | # Unless required by applicable law or agreed to in writing, software
13 | # distributed under the License is distributed on an "AS IS" BASIS,
14 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15 | # See the License for the specific language governing permissions and
16 | # limitations under the License
17 | #
18 | # ------------------------------------------------------------------------
19 |
20 | packer build -var 'version=0.2.0' -on-error=ask ubuntu.json
21 |
--------------------------------------------------------------------------------
/installer/packer/cellery-full-runtime-imgs/build.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 | # ------------------------------------------------------------------------
3 | #
4 | # Copyright 2019 WSO2, Inc. (http://wso2.com)
5 | #
6 | # Licensed under the Apache License, Version 2.0 (the "License");
7 | # you may not use this file except in compliance with the License.
8 | # You may obtain a copy of the License at
9 | #
10 | # http://www.apache.org/licenses/LICENSE-2.0
11 | #
12 | # Unless required by applicable law or agreed to in writing, software
13 | # distributed under the License is distributed on an "AS IS" BASIS,
14 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15 | # See the License for the specific language governing permissions and
16 | # limitations under the License
17 | #
18 | # ------------------------------------------------------------------------
19 |
20 | packer build -var 'version=0.4.0' -on-error=ask ubuntu.json
21 |
--------------------------------------------------------------------------------
/installer/packer/cellery-min-runtime-imgs/build.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 | # ------------------------------------------------------------------------
3 | #
4 | # Copyright 2019 WSO2, Inc. (http://wso2.com)
5 | #
6 | # Licensed under the Apache License, Version 2.0 (the "License");
7 | # you may not use this file except in compliance with the License.
8 | # You may obtain a copy of the License at
9 | #
10 | # http://www.apache.org/licenses/LICENSE-2.0
11 | #
12 | # Unless required by applicable law or agreed to in writing, software
13 | # distributed under the License is distributed on an "AS IS" BASIS,
14 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15 | # See the License for the specific language governing permissions and
16 | # limitations under the License
17 | #
18 | # ------------------------------------------------------------------------
19 |
20 | packer build -var 'version=0.2.0' -on-error=ask ubuntu.json
21 |
--------------------------------------------------------------------------------
/installer/packer/minimum-runtime-images/build.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 | # ------------------------------------------------------------------------
3 | #
4 | # Copyright 2019 WSO2, Inc. (http://wso2.com)
5 | #
6 | # Licensed under the Apache License, Version 2.0 (the "License");
7 | # you may not use this file except in compliance with the License.
8 | # You may obtain a copy of the License at
9 | #
10 | # http://www.apache.org/licenses/LICENSE-2.0
11 | #
12 | # Unless required by applicable law or agreed to in writing, software
13 | # distributed under the License is distributed on an "AS IS" BASIS,
14 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15 | # See the License for the specific language governing permissions and
16 | # limitations under the License
17 | #
18 | # ------------------------------------------------------------------------
19 |
20 | packer build -var 'version=0.2.0' -on-error=ask ubuntu.json
21 |
--------------------------------------------------------------------------------
/installer/k8s-artefacts/controller/06-crd-gateway.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: apiextensions.k8s.io/v1beta1
2 | kind: CustomResourceDefinition
3 | metadata:
4 | name: gateways.mesh.cellery.io
5 | spec:
6 | group: mesh.cellery.io
7 | version: v1alpha2
8 | scope: Namespaced
9 | names:
10 | kind: Gateway
11 | plural: gateways
12 | singular: gateway
13 | shortNames:
14 | - cgateways
15 | - cgw
16 | subresources:
17 | status: {}
18 | additionalPrinterColumns:
19 | - name: Status
20 | type: string
21 | JSONPath: .status.status
22 | - name: Service-Name
23 | type: string
24 | description: Service name of this gateway
25 | JSONPath: .status.serviceName
26 | - name: Ready-Replicas
27 | type: integer
28 | description: Number of replicas available for this gateway
29 | JSONPath: .status.availableReplicas
30 | - name: Age
31 | type: date
32 | JSONPath: .metadata.creationTimestamp
33 |
--------------------------------------------------------------------------------
/installer/helm/cellery-runtime/charts/controller/templates/06-crd-gateway.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: apiextensions.k8s.io/v1beta1
2 | kind: CustomResourceDefinition
3 | metadata:
4 | name: gateways.mesh.cellery.io
5 | spec:
6 | group: mesh.cellery.io
7 | version: v1alpha2
8 | scope: Namespaced
9 | names:
10 | kind: Gateway
11 | plural: gateways
12 | singular: gateway
13 | shortNames:
14 | - cgateways
15 | - cgw
16 | subresources:
17 | status: {}
18 | additionalPrinterColumns:
19 | - name: Status
20 | type: string
21 | JSONPath: .status.status
22 | - name: Service-Name
23 | type: string
24 | description: Service name of this gateway
25 | JSONPath: .status.serviceName
26 | - name: Ready-Replicas
27 | type: integer
28 | description: Number of replicas available for this gateway
29 | JSONPath: .status.availableReplicas
30 | - name: Age
31 | type: date
32 | JSONPath: .metadata.creationTimestamp
33 |
--------------------------------------------------------------------------------
/installer/k8s-artefacts/controller/05-crd-composite.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: apiextensions.k8s.io/v1beta1
2 | kind: CustomResourceDefinition
3 | metadata:
4 | name: composites.mesh.cellery.io
5 | spec:
6 | group: mesh.cellery.io
7 | version: v1alpha2
8 | scope: Namespaced
9 | names:
10 | kind: Composite
11 | plural: composites
12 | singular: composite
13 | subresources:
14 | status: {}
15 | additionalPrinterColumns:
16 | - name: Status
17 | type: string
18 | description: Status of this composite
19 | JSONPath: .status.status
20 | - name: Total-Components
21 | type: integer
22 | description: Number of components in this composite
23 | JSONPath: .status.componentCount
24 | - name: Active-Components
25 | type: integer
26 | description: Number of active components in this composite
27 | JSONPath: .status.activeComponentCount
28 | - name: Age
29 | type: date
30 | JSONPath: .metadata.creationTimestamp
31 |
--------------------------------------------------------------------------------
/installer/k8s-artefacts/global-apim/conf/synapse-handlers.xml:
--------------------------------------------------------------------------------
1 |
18 |
19 |
20 |
21 |
22 |
--------------------------------------------------------------------------------
/docker/api-publisher/Dockerfile:
--------------------------------------------------------------------------------
1 | # ------------------------------------------------------------------------
2 | #
3 | # Copyright 2018 WSO2, Inc. (http://wso2.com)
4 | #
5 | # Licensed under the Apache License, Version 2.0 (the "License");
6 | # you may not use this file except in compliance with the License.
7 | # You may obtain a copy of the License at
8 | #
9 | # http://www.apache.org/licenses/LICENSE-2.0
10 | #
11 | # Unless required by applicable law or agreed to in writing, software
12 | # distributed under the License is distributed on an "AS IS" BASIS,
13 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 | # See the License for the specific language governing permissions and
15 | # limitations under the License
16 | #
17 | # ------------------------------------------------------------------------
18 |
19 | FROM openjdk:8
20 |
21 | COPY ./target/files/io.cellery.cell.api.publisher-*.jar /
22 |
23 | CMD java -jar /io.cellery.cell.api.publisher-*.jar
24 |
--------------------------------------------------------------------------------
/installer/helm/cellery-runtime/charts/apim/confs/apim/synapse-handlers.xml:
--------------------------------------------------------------------------------
1 |
18 |
19 |
20 |
21 |
22 |
--------------------------------------------------------------------------------
/installer/helm/cellery-runtime/charts/controller/templates/05-crd-composite.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: apiextensions.k8s.io/v1beta1
2 | kind: CustomResourceDefinition
3 | metadata:
4 | name: composites.mesh.cellery.io
5 | spec:
6 | group: mesh.cellery.io
7 | version: v1alpha2
8 | scope: Namespaced
9 | names:
10 | kind: Composite
11 | plural: composites
12 | singular: composite
13 | subresources:
14 | status: {}
15 | additionalPrinterColumns:
16 | - name: Status
17 | type: string
18 | description: Status of this composite
19 | JSONPath: .status.status
20 | - name: Total-Components
21 | type: integer
22 | description: Number of components in this composite
23 | JSONPath: .status.componentCount
24 | - name: Active-Components
25 | type: integer
26 | description: Number of active components in this composite
27 | JSONPath: .status.activeComponentCount
28 | - name: Age
29 | type: date
30 | JSONPath: .metadata.creationTimestamp
31 |
--------------------------------------------------------------------------------
/installer/helm/cellery-runtime/charts/sp/templates/sp-worker-conf.yaml:
--------------------------------------------------------------------------------
1 | {{- if .Values.datasources.enabled -}}
2 | # Copyright (c) 2018, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
3 | #
4 | # Licensed under the Apache License, Version 2.0 (the "License");
5 | # you may not use this file except in compliance with the License.
6 | # You may obtain a copy of the License at
7 | #
8 | # http://www.apache.org/licenses/LICENSE-2.0
9 | #
10 | # Unless required by applicable law or agreed to in writing, software
11 | # distributed under the License is distributed on an "AS IS" BASIS,
12 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | # See the License for the specific language governing permissions and
14 | # limitations under the License.
15 |
16 | apiVersion: v1
17 | kind: ConfigMap
18 | metadata:
19 | name: sp-worker-conf
20 | namespace : {{ .Values.namespace }}
21 | data:
22 | deployment.yaml: {{ tpl (.Files.Get "confs/deployment.yaml") . | quote }}
23 | {{- end -}}
--------------------------------------------------------------------------------
/installer/helm/cellery-runtime/charts/idp/templates/identity-server-conf-datasources.yaml:
--------------------------------------------------------------------------------
1 | # Copyright (c) 2018, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
2 | #
3 | # Licensed under the Apache License, Version 2.0 (the "License");
4 | # you may not use this file except in compliance with the License.
5 | # You may obtain a copy of the License at
6 | #
7 | # http://www.apache.org/licenses/LICENSE-2.0
8 | #
9 | # Unless required by applicable law or agreed to in writing, software
10 | # distributed under the License is distributed on an "AS IS" BASIS,
11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | # See the License for the specific language governing permissions and
13 | # limitations under the License.
14 |
15 | apiVersion: v1
16 | kind: ConfigMap
17 | metadata:
18 | name: identity-server-conf-datasources
19 | namespace : {{ .Values.namespace }}
20 | data:
21 | master-datasources.xml: {{ tpl (.Files.Get "confs/datasources/master-datasources.xml") . | quote }}
22 |
--------------------------------------------------------------------------------
/installer/helm/istio/charts/mixer/templates/clusterrole.yaml:
--------------------------------------------------------------------------------
1 | {{- if or (.Values.policy.enabled) (.Values.telemetry.enabled) }}
2 | apiVersion: rbac.authorization.k8s.io/v1
3 | kind: ClusterRole
4 | metadata:
5 | name: istio-mixer-{{ .Release.Namespace }}
6 | labels:
7 | app: {{ template "mixer.name" . }}
8 | chart: {{ template "mixer.chart" . }}
9 | heritage: {{ .Release.Service }}
10 | release: {{ .Release.Name }}
11 | rules:
12 | - apiGroups: ["config.istio.io"] # istio CRD watcher
13 | resources: ["*"]
14 | verbs: ["create", "get", "list", "watch", "patch"]
15 | - apiGroups: ["apiextensions.k8s.io"]
16 | resources: ["customresourcedefinitions"]
17 | verbs: ["get", "list", "watch"]
18 | - apiGroups: [""]
19 | resources: ["configmaps", "endpoints", "pods", "services", "namespaces", "secrets", "replicationcontrollers"]
20 | verbs: ["get", "list", "watch"]
21 | - apiGroups: ["extensions", "apps"]
22 | resources: ["replicasets"]
23 | verbs: ["get", "list", "watch"]
24 | {{- end }}
25 |
--------------------------------------------------------------------------------
/installer/helm/istio/charts/mixer/templates/autoscale.yaml:
--------------------------------------------------------------------------------
1 | {{- range $key, $spec := .Values }}
2 | {{- if or (eq $key "policy") (eq $key "telemetry") }}
3 | {{- if and $spec.enabled $spec.autoscaleEnabled $spec.autoscaleMin $spec.autoscaleMax }}
4 | apiVersion: autoscaling/v2beta1
5 | kind: HorizontalPodAutoscaler
6 | metadata:
7 | name: istio-{{ $key }}
8 | namespace: {{ $.Release.Namespace }}
9 | labels:
10 | app: {{ template "mixer.name" $ }}
11 | chart: {{ template "mixer.chart" $ }}
12 | heritage: {{ $.Release.Service }}
13 | release: {{ $.Release.Name }}
14 | spec:
15 | maxReplicas: {{ $spec.autoscaleMax }}
16 | minReplicas: {{ $spec.autoscaleMin }}
17 | scaleTargetRef:
18 | apiVersion: apps/v1
19 | kind: Deployment
20 | name: istio-{{ $key }}
21 | metrics:
22 | - type: Resource
23 | resource:
24 | name: cpu
25 | targetAverageUtilization: {{ $spec.cpu.targetAverageUtilization }}
26 | ---
27 | {{- end }}
28 | {{- end }}
29 | {{- end }}
30 |
--------------------------------------------------------------------------------
/installer/k8s-artefacts/mysql/mysql-service.yaml:
--------------------------------------------------------------------------------
1 | # Copyright (c) 2017, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
2 | #
3 | # Licensed under the Apache License, Version 2.0 (the "License");
4 | # you may not use this file except in compliance with the License.
5 | # You may obtain a copy of the License at
6 | #
7 | # http://www.apache.org/licenses/LICENSE-2.0
8 | #
9 | # Unless required by applicable law or agreed to in writing, software
10 | # distributed under the License is distributed on an "AS IS" BASIS,
11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | # See the License for the specific language governing permissions and
13 | # limitations under the License.
14 |
15 | apiVersion: v1
16 | kind: Service
17 | metadata:
18 | name: wso2apim-with-analytics-rdbms-service
19 | spec:
20 | type: ClusterIP
21 | selector:
22 | deployment: wso2apim-with-analytics-mysql
23 | ports:
24 | - name: mysql-port
25 | port: 3306
26 | targetPort: 3306
27 | protocol: TCP
28 |
--------------------------------------------------------------------------------
/components/api/io.cellery.cell.api.publisher/spotbugs-exclude.xml:
--------------------------------------------------------------------------------
1 |
18 |
19 |
20 |
21 |
22 |
23 |
24 |
--------------------------------------------------------------------------------
/components/gateway/io.cellery.cell.gateway.initializer/spotbugs-exclude.xml:
--------------------------------------------------------------------------------
1 |
18 |
19 |
20 |
21 |
22 |
23 |
24 |
--------------------------------------------------------------------------------
/installer/helm/cellery-runtime/charts/mysql/templates/pvc.yaml:
--------------------------------------------------------------------------------
1 | {{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) }}
2 | kind: PersistentVolumeClaim
3 | apiVersion: v1
4 | metadata:
5 | name: {{ template "mysql.fullname" . }}
6 | namespace: cellery-system
7 | {{- with .Values.persistence.annotations }}
8 | annotations:
9 | {{ toYaml . | indent 4 }}
10 | {{- end }}
11 | labels:
12 | app: {{ template "mysql.fullname" . }}
13 | chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
14 | release: "{{ .Release.Name }}"
15 | heritage: "{{ .Release.Service }}"
16 | spec:
17 | accessModes:
18 | - {{ .Values.persistence.accessMode | quote }}
19 | resources:
20 | requests:
21 | storage: {{ .Values.persistence.size | quote }}
22 | {{- if (eq "-" .Values.persistence.storageClass) }}
23 | storageClassName: ""
24 | {{- else }}
25 | storageClassName: "{{ .Values.persistence.storageClass }}"
26 | selector:
27 | matchLabels:
28 | purpose: apim-rdbms-data
29 | {{- end }}
30 | {{- end }}
31 |
--------------------------------------------------------------------------------
/installer/k8s-artefacts/nfs/nfs-persistent-volume-claim.yaml:
--------------------------------------------------------------------------------
1 | # Copyright (c) 2017, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
2 | #
3 | # Licensed under the Apache License, Version 2.0 (the "License");
4 | # you may not use this file except in compliance with the License.
5 | # You may obtain a copy of the License at
6 | #
7 | # http://www.apache.org/licenses/LICENSE-2.0
8 | #
9 | # Unless required by applicable law or agreed to in writing, software
10 | # distributed under the License is distributed on an "AS IS" BASIS,
11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | # See the License for the specific language governing permissions and
13 | # limitations under the License.
14 |
15 | apiVersion: v1
16 | kind: PersistentVolumeClaim
17 | metadata:
18 | name: nfs-volume-claim
19 | spec:
20 | accessModes:
21 | - ReadWriteOnce
22 | resources:
23 | requests:
24 | storage: 20Gi
25 | storageClassName: "local-storage"
26 | selector:
27 | matchLabels:
28 | purpose: apim-data
29 |
--------------------------------------------------------------------------------
/installer/helm/cellery-runtime/charts/apim/templates/apim-conf-datasources.yaml:
--------------------------------------------------------------------------------
1 | {{- if .Values.datasources.enabled -}}
2 | # Copyright (c) 2019, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
3 | #
4 | # Licensed under the Apache License, Version 2.0 (the "License");
5 | # you may not use this file except in compliance with the License.
6 | # You may obtain a copy of the License at
7 | #
8 | # http://www.apache.org/licenses/LICENSE-2.0
9 | #
10 | # Unless required by applicable law or agreed to in writing, software
11 | # distributed under the License is distributed on an "AS IS" BASIS,
12 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | # See the License for the specific language governing permissions and
14 | # limitations under the License.
15 |
16 | apiVersion: v1
17 | kind: ConfigMap
18 | metadata:
19 | name: apim-conf-datasources
20 | namespace : {{ .Values.namespace }}
21 | data:
22 | master-datasources.xml: {{ tpl (.Files.Get "confs/apim/datasources/master-datasources.xml") . | quote }}
23 | {{- end -}}
24 |
--------------------------------------------------------------------------------
/installer/helm/istio/charts/gateways/templates/autoscale.yaml:
--------------------------------------------------------------------------------
1 | {{- range $key, $spec := .Values }}
2 | {{- if ne $key "enabled" }}
3 | {{- if and $spec.enabled $spec.autoscaleEnabled $spec.autoscaleMin $spec.autoscaleMax }}
4 | apiVersion: autoscaling/v2beta1
5 | kind: HorizontalPodAutoscaler
6 | metadata:
7 | name: {{ $key }}
8 | namespace: {{ $spec.namespace | default $.Release.Namespace }}
9 | labels:
10 | chart: {{ template "gateway.chart" $ }}
11 | heritage: {{ $.Release.Service }}
12 | release: {{ $.Release.Name }}
13 | {{- range $key, $val := $spec.labels }}
14 | {{ $key }}: {{ $val }}
15 | {{- end }}
16 | spec:
17 | maxReplicas: {{ $spec.autoscaleMax }}
18 | minReplicas: {{ $spec.autoscaleMin }}
19 | scaleTargetRef:
20 | apiVersion: apps/v1
21 | kind: Deployment
22 | name: {{ $key }}
23 | metrics:
24 | - type: Resource
25 | resource:
26 | name: cpu
27 | targetAverageUtilization: {{ $spec.cpu.targetAverageUtilization }}
28 | ---
29 | {{- end }}
30 | {{- end }}
31 | {{- end }}
32 |
--------------------------------------------------------------------------------
/installer/k8s-artefacts/system/ns-init.yaml:
--------------------------------------------------------------------------------
1 | # Copyright (c) 2018, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
2 | #
3 | # Licensed under the Apache License, Version 2.0 (the "License");
4 | # you may not use this file except in compliance with the License.
5 | # You may obtain a copy of the License at
6 | #
7 | # http://www.apache.org/licenses/LICENSE-2.0
8 | #
9 | # Unless required by applicable law or agreed to in writing, software
10 | # distributed under the License is distributed on an "AS IS" BASIS,
11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | # See the License for the specific language governing permissions and
13 | # limitations under the License.
14 | ---
15 | #Create cellery namespace
16 | apiVersion: v1
17 | kind: Namespace
18 | metadata:
19 | name: cellery-system
20 | labels:
21 | creator: cellery-init
22 | ---
23 | #Create service account for the pub-store deployment
24 | apiVersion: v1
25 | kind: ServiceAccount
26 | metadata:
27 | name: cellerysvc-account
28 | namespace: cellery-system
29 |
--------------------------------------------------------------------------------
/installer/helm/istio-init/templates/job-crd-certmanager-10.yaml:
--------------------------------------------------------------------------------
1 | {{- if .Values.certmanager.enabled }}
2 | apiVersion: batch/v1
3 | kind: Job
4 | metadata:
5 | namespace: {{ .Release.Namespace }}
6 | name: istio-init-crd-certmanager-10
7 | spec:
8 | template:
9 | metadata:
10 | annotations:
11 | sidecar.istio.io/inject: "false"
12 | spec:
13 | serviceAccountName: istio-init-service-account
14 | containers:
15 | - name: istio-init-crd-certmanager-10
16 | image: "{{ .Values.global.hub }}/kubectl:{{ .Values.global.tag }}"
17 | imagePullPolicy: {{ .Values.global.imagePullPolicy }}
18 | volumeMounts:
19 | - name: crd-certmanager-10
20 | mountPath: /etc/istio/crd-certmanager-10
21 | readOnly: true
22 | command: ["kubectl", "apply", "-f", "/etc/istio/crd-certmanager-10/crd-certmanager-10.yaml"]
23 | volumes:
24 | - name: crd-certmanager-10
25 | configMap:
26 | name: istio-crd-certmanager-10
27 | restartPolicy: OnFailure
28 | {{- end }}
29 |
--------------------------------------------------------------------------------
/installer/helm/istio-init/templates/job-crd-certmanager-11.yaml:
--------------------------------------------------------------------------------
1 | {{- if .Values.certmanager.enabled }}
2 | apiVersion: batch/v1
3 | kind: Job
4 | metadata:
5 | namespace: {{ .Release.Namespace }}
6 | name: istio-init-crd-certmanager-11
7 | spec:
8 | template:
9 | metadata:
10 | annotations:
11 | sidecar.istio.io/inject: "false"
12 | spec:
13 | serviceAccountName: istio-init-service-account
14 | containers:
15 | - name: istio-init-crd-certmanager-11
16 | image: "{{ .Values.global.hub }}/kubectl:{{ .Values.global.tag }}"
17 | imagePullPolicy: {{ .Values.global.imagePullPolicy }}
18 | volumeMounts:
19 | - name: crd-certmanager-11
20 | mountPath: /etc/istio/crd-certmanager-11
21 | readOnly: true
22 | command: ["kubectl", "apply", "-f", "/etc/istio/crd-certmanager-11/crd-certmanager-11.yaml"]
23 | volumes:
24 | - name: crd-certmanager-11
25 | configMap:
26 | name: istio-crd-certmanager-11
27 | restartPolicy: OnFailure
28 | {{- end }}
29 |
--------------------------------------------------------------------------------
/installer/k8s-artefacts/controller/04-crd-cell.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: apiextensions.k8s.io/v1beta1
2 | kind: CustomResourceDefinition
3 | metadata:
4 | name: cells.mesh.cellery.io
5 | spec:
6 | group: mesh.cellery.io
7 | version: v1alpha2
8 | scope: Namespaced
9 | names:
10 | kind: Cell
11 | plural: cells
12 | singular: cell
13 | subresources:
14 | status: {}
15 | additionalPrinterColumns:
16 | - name: Status
17 | type: string
18 | description: Status of this cell
19 | JSONPath: .status.status
20 | - name: Gateway
21 | type: string
22 | description: Gateway service name of this cell
23 | JSONPath: .status.gatewayServiceName
24 | - name: Total-Components
25 | type: integer
26 | description: Number of components in this cell
27 | JSONPath: .status.componentCount
28 | - name: Active-Components
29 | type: integer
30 | description: Number of active components in this cell
31 | JSONPath: .status.activeComponentCount
32 | - name: Age
33 | type: date
34 | JSONPath: .metadata.creationTimestamp
35 |
--------------------------------------------------------------------------------
/installer/helm/istio/charts/gateways/templates/poddisruptionbudget.yaml:
--------------------------------------------------------------------------------
1 | {{- range $key, $spec := .Values }}
2 | {{- if and (ne $key "enabled") }}
3 | {{- if $spec.enabled }}
4 | {{- if $.Values.global.defaultPodDisruptionBudget.enabled }}
5 | apiVersion: policy/v1beta1
6 | kind: PodDisruptionBudget
7 | metadata:
8 | name: {{ $key }}
9 | namespace: {{ $spec.namespace | default $.Release.Namespace }}
10 | labels:
11 | chart: {{ template "gateway.chart" $ }}
12 | heritage: {{ $.Release.Service }}
13 | release: {{ $.Release.Name }}
14 | {{- range $key, $val := $spec.labels }}
15 | {{ $key }}: {{ $val }}
16 | {{- end }}
17 | spec:
18 | {{- if $.Values.global.defaultPodDisruptionBudget.enabled }}
19 | {{ include "podDisruptionBudget.spec" $.Values.global.defaultPodDisruptionBudget }}
20 | {{- end }}
21 | selector:
22 | matchLabels:
23 | release: {{ $.Release.Name }}
24 | {{- range $key, $val := $spec.labels }}
25 | {{ $key }}: {{ $val }}
26 | {{- end }}
27 | ---
28 | {{- end }}
29 | {{- end }}
30 | {{- end }}
31 | {{- end }}
32 |
--------------------------------------------------------------------------------
/installer/helm/istio/charts/grafana/templates/service.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: Service
3 | metadata:
4 | name: grafana
5 | namespace: {{ .Release.Namespace }}
6 | annotations:
7 | {{- range $key, $val := .Values.service.annotations }}
8 | {{ $key }}: {{ $val | quote }}
9 | {{- end }}
10 | labels:
11 | app: {{ template "grafana.name" . }}
12 | chart: {{ template "grafana.chart" . }}
13 | heritage: {{ .Release.Service }}
14 | release: {{ .Release.Name }}
15 | spec:
16 | type: {{ .Values.service.type }}
17 | ports:
18 | - port: {{ .Values.service.externalPort }}
19 | targetPort: 3000
20 | protocol: TCP
21 | name: {{ .Values.service.name }}
22 | selector:
23 | app: grafana
24 | {{- if .Values.service.loadBalancerIP }}
25 | loadBalancerIP: "{{ .Values.service.loadBalancerIP }}"
26 | {{- end }}
27 | {{if .Values.service.loadBalancerSourceRanges}}
28 | loadBalancerSourceRanges:
29 | {{range $rangeList := .Values.service.loadBalancerSourceRanges}}
30 | - {{ $rangeList }}
31 | {{end}}
32 | {{end}}
--------------------------------------------------------------------------------
/installer/k8s-artefacts/controller/07-crd-component.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: apiextensions.k8s.io/v1beta1
2 | kind: CustomResourceDefinition
3 | metadata:
4 | name: components.mesh.cellery.io
5 | spec:
6 | group: mesh.cellery.io
7 | version: v1alpha2
8 | scope: Namespaced
9 | names:
10 | kind: Component
11 | plural: components
12 | singular: component
13 | subresources:
14 | status: {}
15 | additionalPrinterColumns:
16 | - name: Type
17 | type: string
18 | description: Type of this component
19 | JSONPath: .status.componentType
20 | - name: Status
21 | type: string
22 | description: Status of this component
23 | JSONPath: .status.status
24 | - name: Service-Name
25 | type: string
26 | description: Service name of this component
27 | JSONPath: .status.serviceName
28 | - name: Ready-Replicas
29 | type: integer
30 | description: Number of replicas available for this component
31 | JSONPath: .status.availableReplicas
32 | - name: Age
33 | type: date
34 | JSONPath: .metadata.creationTimestamp
35 |
--------------------------------------------------------------------------------
/installer/helm/istio/charts/mixer/templates/poddisruptionbudget.yaml:
--------------------------------------------------------------------------------
1 | {{- range $key, $spec := .Values }}
2 | {{- if or (eq $key "policy") (eq $key "telemetry") }}
3 | {{- if $spec.enabled }}
4 | {{- if $.Values.global.defaultPodDisruptionBudget.enabled }}
5 | apiVersion: policy/v1beta1
6 | kind: PodDisruptionBudget
7 | metadata:
8 | name: istio-{{ $key }}
9 | namespace: {{ $.Release.Namespace }}
10 | labels:
11 | app: {{ $key }}
12 | chart: {{ template "mixer.chart" $ }}
13 | heritage: {{ $.Release.Service }}
14 | release: {{ $.Release.Name }}
15 | version: {{ $.Chart.Version }}
16 | istio: mixer
17 | istio-mixer-type: {{ $key }}
18 | spec:
19 | {{- if $.Values.global.defaultPodDisruptionBudget.enabled }}
20 | {{ include "podDisruptionBudget.spec" $.Values.global.defaultPodDisruptionBudget }}
21 | {{- end }}
22 | selector:
23 | matchLabels:
24 | app: {{ $key }}
25 | release: {{ $.Release.Name }}
26 | istio: mixer
27 | istio-mixer-type: {{ $key }}
28 | ---
29 | {{- end }}
30 | {{- end }}
31 | {{- end }}
32 | {{- end }}
33 |
--------------------------------------------------------------------------------
/installer/helm/metrics-server/templates/auth-delegator.yaml:
--------------------------------------------------------------------------------
1 | # Copyright (c) 2019, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
2 | #
3 | # Licensed under the Apache License, Version 2.0 (the "License");
4 | # you may not use this file except in compliance with the License.
5 | # You may obtain a copy of the License at
6 | #
7 | # http://www.apache.org/licenses/LICENSE-2.0
8 | #
9 | # Unless required by applicable law or agreed to in writing, software
10 | # distributed under the License is distributed on an "AS IS" BASIS,
11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | # See the License for the specific language governing permissions and
13 | # limitations under the License.
14 |
15 | apiVersion: rbac.authorization.k8s.io/v1beta1
16 | kind: ClusterRoleBinding
17 | metadata:
18 | name: metrics-server:system:auth-delegator
19 | roleRef:
20 | apiGroup: rbac.authorization.k8s.io
21 | kind: ClusterRole
22 | name: system:auth-delegator
23 | subjects:
24 | - kind: ServiceAccount
25 | name: metrics-server
26 | namespace: kube-system
27 |
--------------------------------------------------------------------------------
/installer/helm/metrics-server/templates/metrics-apiservice.yaml:
--------------------------------------------------------------------------------
1 | # Copyright (c) 2019, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
2 | #
3 | # Licensed under the Apache License, Version 2.0 (the "License");
4 | # you may not use this file except in compliance with the License.
5 | # You may obtain a copy of the License at
6 | #
7 | # http://www.apache.org/licenses/LICENSE-2.0
8 | #
9 | # Unless required by applicable law or agreed to in writing, software
10 | # distributed under the License is distributed on an "AS IS" BASIS,
11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | # See the License for the specific language governing permissions and
13 | # limitations under the License.
14 |
15 | apiVersion: apiregistration.k8s.io/v1beta1
16 | kind: APIService
17 | metadata:
18 | name: v1beta1.metrics.k8s.io
19 | spec:
20 | service:
21 | name: metrics-server
22 | namespace: kube-system
23 | group: metrics.k8s.io
24 | version: v1beta1
25 | insecureSkipTLSVerify: true
26 | groupPriorityMinimum: 100
27 | versionPriority: 100
28 |
--------------------------------------------------------------------------------
/installer/k8s-artefacts/mysql/mysql-persistent-volume-claim.yaml:
--------------------------------------------------------------------------------
1 | # Copyright (c) 2017, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
2 | #
3 | # Licensed under the Apache License, Version 2.0 (the "License");
4 | # you may not use this file except in compliance with the License.
5 | # You may obtain a copy of the License at
6 | #
7 | # http://www.apache.org/licenses/LICENSE-2.0
8 | #
9 | # Unless required by applicable law or agreed to in writing, software
10 | # distributed under the License is distributed on an "AS IS" BASIS,
11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | # See the License for the specific language governing permissions and
13 | # limitations under the License.
14 |
15 | apiVersion: v1
16 | kind: PersistentVolumeClaim
17 | metadata:
18 | name: wso2apim-with-analytics-rdbms-volume-claim
19 | spec:
20 | accessModes:
21 | - ReadWriteOnce
22 | resources:
23 | requests:
24 | storage: 20Gi
25 | storageClassName: "local-storage"
26 | selector:
27 | matchLabels:
28 | purpose: apim-rdbms-data
29 |
--------------------------------------------------------------------------------
/installer/helm/metrics-server/templates/metrics-server-service.yaml:
--------------------------------------------------------------------------------
1 | # Copyright (c) 2019, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
2 | #
3 | # Licensed under the Apache License, Version 2.0 (the "License");
4 | # you may not use this file except in compliance with the License.
5 | # You may obtain a copy of the License at
6 | #
7 | # http://www.apache.org/licenses/LICENSE-2.0
8 | #
9 | # Unless required by applicable law or agreed to in writing, software
10 | # distributed under the License is distributed on an "AS IS" BASIS,
11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | # See the License for the specific language governing permissions and
13 | # limitations under the License.
14 |
15 | apiVersion: v1
16 | kind: Service
17 | metadata:
18 | name: metrics-server
19 | namespace: kube-system
20 | labels:
21 | kubernetes.io/name: "Metrics-server"
22 | kubernetes.io/cluster-service: "true"
23 | spec:
24 | selector:
25 | k8s-app: metrics-server
26 | ports:
27 | - port: 443
28 | protocol: TCP
29 | targetPort: 443
30 |
--------------------------------------------------------------------------------
/installer/helm/istio/charts/mixer/templates/service.yaml:
--------------------------------------------------------------------------------
1 | {{- range $key, $spec := .Values }}
2 | {{- if or (eq $key "policy") (eq $key "telemetry") }}
3 | {{- if $spec.enabled }}
4 | apiVersion: v1
5 | kind: Service
6 | metadata:
7 | name: istio-{{ $key }}
8 | namespace: {{ $.Release.Namespace }}
9 | annotations:
10 | networking.istio.io/exportTo: "*"
11 | labels:
12 | app: {{ template "mixer.name" $ }}
13 | chart: {{ template "mixer.chart" $ }}
14 | heritage: {{ $.Release.Service }}
15 | release: {{ $.Release.Name }}
16 | istio: mixer
17 | spec:
18 | ports:
19 | - name: grpc-mixer
20 | port: 9091
21 | - name: grpc-mixer-mtls
22 | port: 15004
23 | - name: http-monitoring
24 | port: {{ $.Values.global.monitoringPort }}
25 | {{- if eq $key "telemetry" }}
26 | - name: prometheus
27 | port: 42422
28 | {{- if $spec.sessionAffinityEnabled }}
29 | sessionAffinity: ClientIP
30 | {{- end }}
31 | {{- end }}
32 | selector:
33 | istio: mixer
34 | istio-mixer-type: {{ $key }}
35 | ---
36 | {{- end }}
37 | {{- end }}
38 | {{- end }}
39 |
40 |
--------------------------------------------------------------------------------
/installer/helm/cellery-runtime/charts/controller/templates/04-crd-cell.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: apiextensions.k8s.io/v1beta1
2 | kind: CustomResourceDefinition
3 | metadata:
4 | name: cells.mesh.cellery.io
5 | spec:
6 | group: mesh.cellery.io
7 | version: v1alpha2
8 | scope: Namespaced
9 | names:
10 | kind: Cell
11 | plural: cells
12 | singular: cell
13 | subresources:
14 | status: {}
15 | additionalPrinterColumns:
16 | - name: Status
17 | type: string
18 | description: Status of this cell
19 | JSONPath: .status.status
20 | - name: Gateway
21 | type: string
22 | description: Gateway service name of this cell
23 | JSONPath: .status.gatewayServiceName
24 | - name: Total-Components
25 | type: integer
26 | description: Number of components in this cell
27 | JSONPath: .status.componentCount
28 | - name: Active-Components
29 | type: integer
30 | description: Number of active components in this cell
31 | JSONPath: .status.activeComponentCount
32 | - name: Age
33 | type: date
34 | JSONPath: .metadata.creationTimestamp
35 |
--------------------------------------------------------------------------------
/installer/helm/cellery-runtime/charts/controller/templates/07-crd-component.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: apiextensions.k8s.io/v1beta1
2 | kind: CustomResourceDefinition
3 | metadata:
4 | name: components.mesh.cellery.io
5 | spec:
6 | group: mesh.cellery.io
7 | version: v1alpha2
8 | scope: Namespaced
9 | names:
10 | kind: Component
11 | plural: components
12 | singular: component
13 | subresources:
14 | status: {}
15 | additionalPrinterColumns:
16 | - name: Type
17 | type: string
18 | description: Type of this component
19 | JSONPath: .status.componentType
20 | - name: Status
21 | type: string
22 | description: Status of this component
23 | JSONPath: .status.status
24 | - name: Service-Name
25 | type: string
26 | description: Service name of this component
27 | JSONPath: .status.serviceName
28 | - name: Ready-Replicas
29 | type: integer
30 | description: Number of replicas available for this component
31 | JSONPath: .status.availableReplicas
32 | - name: Age
33 | type: date
34 | JSONPath: .metadata.creationTimestamp
35 |
--------------------------------------------------------------------------------
/installer/k8s-artefacts/global-apim/persistent-volume-claim-local.yaml:
--------------------------------------------------------------------------------
1 | # Copyright (c) 2018, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
2 | #
3 | # Licensed under the Apache License, Version 2.0 (the "License");
4 | # you may not use this file except in compliance with the License.
5 | # You may obtain a copy of the License at
6 | #
7 | # http://www.apache.org/licenses/LICENSE-2.0
8 | #
9 | # Unless required by applicable law or agreed to in writing, software
10 | # distributed under the License is distributed on an "AS IS" BASIS,
11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | # See the License for the specific language governing permissions and
13 | # limitations under the License.
14 |
15 | apiVersion: v1
16 | kind: PersistentVolumeClaim
17 | metadata:
18 | name: apim-repository-deployment-server-pvc
19 | spec:
20 | accessModes:
21 | - ReadWriteMany
22 | resources:
23 | requests:
24 | storage: 2Gi
25 | storageClassName: "local-storage"
26 | selector:
27 | matchLabels:
28 | purpose: apim-repository-deployment-server
29 |
--------------------------------------------------------------------------------
/installer/k8s-artefacts/mysql/mysql-persistent-volumes.yaml:
--------------------------------------------------------------------------------
1 | # Copyright (c) 2018, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
2 | #
3 | # Licensed under the Apache License, Version 2.0 (the "License");
4 | # you may not use this file except in compliance with the License.
5 | # You may obtain a copy of the License at
6 | #
7 | # http://www.apache.org/licenses/LICENSE-2.0
8 | #
9 | # Unless required by applicable law or agreed to in writing, software
10 | # distributed under the License is distributed on an "AS IS" BASIS,
11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | # See the License for the specific language governing permissions and
13 | # limitations under the License.
14 |
15 | apiVersion: v1
16 | kind: PersistentVolume
17 | metadata:
18 | name: wso2apim-with-analytics-mysql-pv
19 | labels:
20 | purpose: apim-rdbms-data
21 | spec:
22 | capacity:
23 | storage: 20Gi
24 | accessModes:
25 | - ReadWriteOnce
26 | persistentVolumeReclaimPolicy: Retain
27 | nfs:
28 | server:
29 | path: ""
30 |
--------------------------------------------------------------------------------
/installer/helm/istio/templates/install-custom-resources.sh.tpl:
--------------------------------------------------------------------------------
1 | {{ define "install-custom-resources.sh.tpl" }}
2 | #!/bin/sh
3 |
4 | set -x
5 |
6 | if [ "$#" -ne "1" ]; then
7 | echo "first argument should be path to custom resource yaml"
8 | exit 1
9 | fi
10 |
11 | pathToResourceYAML=${1}
12 |
13 | kubectl get validatingwebhookconfiguration istio-galley 2>/dev/null
14 | if [ "$?" -eq 0 ]; then
15 | echo "istio-galley validatingwebhookconfiguration found - waiting for istio-galley deployment to be ready"
16 | while true; do
17 | kubectl -n {{ .Release.Namespace }} get deployment istio-galley 2>/dev/null
18 | if [ "$?" -eq 0 ]; then
19 | break
20 | fi
21 | sleep 1
22 | done
23 | kubectl -n {{ .Release.Namespace }} rollout status deployment istio-galley
24 | if [ "$?" -ne 0 ]; then
25 | echo "istio-galley deployment rollout status check failed"
26 | exit 1
27 | fi
28 | echo "istio-galley deployment ready for configuration validation"
29 | fi
30 | sleep 5
31 | kubectl apply -f ${pathToResourceYAML}
32 | {{ end }}
33 |
--------------------------------------------------------------------------------
/installer/helm/metrics-server/templates/auth-reader.yaml:
--------------------------------------------------------------------------------
1 | # Copyright (c) 2019, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
2 | #
3 | # Licensed under the Apache License, Version 2.0 (the "License");
4 | # you may not use this file except in compliance with the License.
5 | # You may obtain a copy of the License at
6 | #
7 | # http://www.apache.org/licenses/LICENSE-2.0
8 | #
9 | # Unless required by applicable law or agreed to in writing, software
10 | # distributed under the License is distributed on an "AS IS" BASIS,
11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | # See the License for the specific language governing permissions and
13 | # limitations under the License.
14 |
15 | apiVersion: rbac.authorization.k8s.io/v1beta1
16 | kind: RoleBinding
17 | metadata:
18 | name: metrics-server-auth-reader
19 | namespace: kube-system
20 | roleRef:
21 | apiGroup: rbac.authorization.k8s.io
22 | kind: Role
23 | name: extension-apiserver-authentication-reader
24 | subjects:
25 | - kind: ServiceAccount
26 | name: metrics-server
27 | namespace: kube-system
28 |
--------------------------------------------------------------------------------
/installer/helm/istio/templates/NOTES.txt:
--------------------------------------------------------------------------------
1 | Thank you for installing {{ .Chart.Name }}.
2 |
3 | Your release is named {{ .Release.Name }}.
4 |
5 | To get started running application with Istio, execute the following steps:
6 |
7 | {{- if index .Values "sidecarInjectorWebhook" "enabled" }}
8 | 1. Label namespace that application object will be deployed to by the following command (take default namespace as an example)
9 |
10 | $ kubectl label namespace default istio-injection=enabled
11 | $ kubectl get namespace -L istio-injection
12 |
13 | 2. Deploy your applications
14 |
15 | $ kubectl apply -f .yaml
16 | {{- else }}
17 | 1. Download the latest release package to get sidecar injection tool
18 |
19 | $ curl -L https://git.io/getLatestIstio | sh -
20 | $ mv istio-* istio-latest
21 | $ export PATH="$PATH:$PWD/istio-latest/bin"
22 |
23 | 2. Deploy your application by manually injecting envoy sidecar with `istioctl kube-inject`
24 |
25 | $ kubectl apply -f <(istioctl kube-inject -f .yaml)
26 | {{- end }}
27 |
28 | For more information on running Istio, visit:
29 | https://istio.io/
--------------------------------------------------------------------------------
/installer/helm/cellery-runtime/charts/idp/values.yaml:
--------------------------------------------------------------------------------
1 | # Copyright (c) 2019, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
2 | #
3 | # Licensed under the Apache License, Version 2.0 (the "License");
4 | # you may not use this file except in compliance with the License.
5 | # You may obtain a copy of the License at
6 | #
7 | # http://www.apache.org/licenses/LICENSE-2.0
8 | #
9 | # Unless required by applicable law or agreed to in writing, software
10 | # distributed under the License is distributed on an "AS IS" BASIS,
11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | # See the License for the specific language governing permissions and
13 | # limitations under the License.
14 |
15 | username: ""
16 | password: ""
17 | email: ""
18 |
19 | namespace: "cellery-system"
20 | svcaccount: "cellerysvc-account"
21 | serverIp: ""
22 | sharedDeploymentLocationPath: ""
23 | sharedTenantsLocationPath: ""
24 |
25 | persistence:
26 | enabled: false
27 | # media: "volatile"
28 |
29 | service:
30 | port: "9443"
31 |
32 |
33 | celleryRuntime:
34 | db:
35 | host: "cellery-runtime-mysql"
--------------------------------------------------------------------------------
/installer/helm/cellery-runtime/charts/mysql/templates/svc.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: Service
3 | metadata:
4 | name: {{ template "mysql.fullname" . }}
5 | namespace: cellery-system
6 | labels:
7 | app: {{ template "mysql.fullname" . }}
8 | chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
9 | release: "{{ .Release.Name }}"
10 | heritage: "{{ .Release.Service }}"
11 | annotations:
12 | {{- if .Values.service.annotations }}
13 | {{ toYaml .Values.service.annotations | indent 4 }}
14 | {{- end }}
15 | {{- if and (.Values.metrics.enabled) (.Values.metrics.annotations) }}
16 | {{ toYaml .Values.metrics.annotations | indent 4 }}
17 | {{- end }}
18 | spec:
19 | type: {{ .Values.service.type }}
20 | ports:
21 | - name: mysql
22 | port: {{ .Values.service.port }}
23 | targetPort: mysql
24 | {{- if .Values.service.nodePort }}
25 | nodePort: {{ .Values.service.nodePort }}
26 | {{- end }}
27 | {{- if .Values.metrics.enabled }}
28 | - name: metrics
29 | port: 9104
30 | targetPort: metrics
31 | {{- end }}
32 | selector:
33 | app: {{ template "mysql.fullname" . }}
34 |
--------------------------------------------------------------------------------
/installer/k8s-artefacts/global-apim/artifacts-persistent-volume-claim.yaml:
--------------------------------------------------------------------------------
1 | # Copyright (c) 2018, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
2 | #
3 | # Licensed under the Apache License, Version 2.0 (the "License");
4 | # you may not use this file except in compliance with the License.
5 | # You may obtain a copy of the License at
6 | #
7 | # http://www.apache.org/licenses/LICENSE-2.0
8 | #
9 | # Unless required by applicable law or agreed to in writing, software
10 | # distributed under the License is distributed on an "AS IS" BASIS,
11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | # See the License for the specific language governing permissions and
13 | # limitations under the License.
14 |
15 | apiVersion: v1
16 | kind: PersistentVolumeClaim
17 | metadata:
18 | name: apim-repository-deployment-server-pvc
19 | namespace: cellery-system
20 | spec:
21 | accessModes:
22 | - ReadWriteMany
23 | resources:
24 | requests:
25 | storage: 1Gi
26 | storageClassName: ""
27 | selector:
28 | matchLabels:
29 | purpose: apim-repository-deployment-server
30 |
--------------------------------------------------------------------------------
/installer/k8s-artefacts/global-apim/artifacts-persistent-volume.yaml:
--------------------------------------------------------------------------------
1 | # Copyright (c) 2018, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
2 | #
3 | # Licensed under the Apache License, Version 2.0 (the "License");
4 | # you may not use this file except in compliance with the License.
5 | # You may obtain a copy of the License at
6 | #
7 | # http://www.apache.org/licenses/LICENSE-2.0
8 | #
9 | # Unless required by applicable law or agreed to in writing, software
10 | # distributed under the License is distributed on an "AS IS" BASIS,
11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | # See the License for the specific language governing permissions and
13 | # limitations under the License.
14 |
15 | apiVersion: v1
16 | kind: PersistentVolume
17 | metadata:
18 | name: apim-repository-deployment-server-pv
19 | labels:
20 | purpose: apim-repository-deployment-server
21 | spec:
22 | capacity:
23 | storage: 1Gi
24 | accessModes:
25 | - ReadWriteMany
26 | persistentVolumeReclaimPolicy: Retain
27 | nfs:
28 | server: NFS_SERVER_IP
29 | path: "NFS_SHARE_LOCATION"
30 |
--------------------------------------------------------------------------------
/installer/helm/cellery-runtime/charts/idp/templates/identity-server-service.yaml:
--------------------------------------------------------------------------------
1 | # Copyright (c) 2017, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
2 | #
3 | # Licensed under the Apache License, Version 2.0 (the "License");
4 | # you may not use this file except in compliance with the License.
5 | # You may obtain a copy of the License at
6 | #
7 | # http://www.apache.org/licenses/LICENSE-2.0
8 | #
9 | # Unless required by applicable law or agreed to in writing, software
10 | # distributed under the License is distributed on an "AS IS" BASIS,
11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | # See the License for the specific language governing permissions and
13 | # limitations under the License.
14 |
15 | apiVersion: v1
16 | kind: Service
17 | metadata:
18 | name: idp
19 | namespace : {{ .Values.namespace }}
20 | spec:
21 | selector:
22 | deployment: idp
23 | ports:
24 | - name: servlet-http
25 | port: 9763
26 | targetPort: 9763
27 | protocol: TCP
28 | - name: servlet-https
29 | port: 443
30 | targetPort: 9443
31 | protocol: TCP
32 |
--------------------------------------------------------------------------------
/installer/helm/istio/values-istio-minimal.yaml:
--------------------------------------------------------------------------------
1 | #
2 | # Minimal Istio Configuration: https://istio.io/docs/setup/kubernetes/minimal-install/
3 | #
4 | pilot:
5 | enabled: true
6 | sidecar: false
7 |
8 | gateways:
9 | enabled: false
10 |
11 | security:
12 | enabled: false
13 |
14 | sidecarInjectorWebhook:
15 | enabled: false
16 |
17 | galley:
18 | enabled: false
19 |
20 | mixer:
21 | policy:
22 | enabled: false
23 | telemetry:
24 | enabled: false
25 |
26 | prometheus:
27 | enabled: false
28 |
29 |
30 | # Common settings.
31 | global:
32 |
33 | proxy:
34 | # Sets the destination Statsd in envoy (the value of the "--statsdUdpAddress" proxy argument
35 | # would be :).
36 | # Disabled by default.
37 | # The istio-statsd-prom-bridge is deprecated and should not be used moving forward.
38 | envoyStatsd:
39 | # If enabled is set to true, host and port must also be provided. Istio no longer provides a statsd collector.
40 | enabled: false
41 | host: # example: statsd-svc.istio-system
42 | port: # example: 9125
43 |
44 | useMCP: false
45 |
46 |
47 |
--------------------------------------------------------------------------------
/installer/helm/cellery-runtime/charts/idp/.helmignore:
--------------------------------------------------------------------------------
1 | # Copyright (c) 2018, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
2 | #
3 | # Licensed under the Apache License, Version 2.0 (the "License");
4 | # you may not use this file except in compliance with the License.
5 | # You may obtain a copy of the License at
6 | #
7 | # http://www.apache.org/licenses/LICENSE-2.0
8 | #
9 | # Unless required by applicable law or agreed to in writing, software
10 | # distributed under the License is distributed on an "AS IS" BASIS,
11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | # See the License for the specific language governing permissions and
13 | # limitations under the License.
14 |
15 | # Patterns to ignore when building packages.
16 | # This supports shell glob matching, relative path matching, and
17 | # negation (prefixed with !). Only one pattern per line.
18 | .DS_Store
19 | # Common VCS dirs
20 | .git/
21 | .gitignore
22 | .bzr/
23 | .bzrignore
24 | .hg/
25 | .hgignore
26 | .svn/
27 | # Common backup files
28 | *.swp
29 | *.bak
30 | *.tmp
31 | *~
32 | # Various IDEs
33 | .project
34 | .idea/
35 | *.tmproj
36 |
--------------------------------------------------------------------------------
/installer/helm/ingress-controller/values.yaml:
--------------------------------------------------------------------------------
1 | # Copyright (c) 2019, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
2 | #
3 | # Licensed under the Apache License, Version 2.0 (the "License");
4 | # you may not use this file except in compliance with the License.
5 | # You may obtain a copy of the License at
6 | #
7 | # http://www.apache.org/licenses/LICENSE-2.0
8 | #
9 | # Unless required by applicable law or agreed to in writing, software
10 | # distributed under the License is distributed on an "AS IS" BASIS,
11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | # See the License for the specific language governing permissions and
13 | # limitations under the License.
14 |
15 | # Default values for ingress-controller.
16 | # This is a YAML-formatted file.
17 | # Declare variables to be passed into your templates.
18 |
19 | # helm fetch stable/nginx-ingress in to the charts directory before execute this chart.
20 |
21 | nginx-ingress:
22 | enabled: true
23 | controller:
24 | image:
25 | tag: "0.19.0"
26 |
27 | # service:
28 | # type: "NodePort"
29 | #
30 | # externalIPs:
31 | # - 192.168.56.10
32 |
--------------------------------------------------------------------------------
/installer/helm/metrics-server/templates/aggregated-metrics-reader.yaml:
--------------------------------------------------------------------------------
1 | # Copyright (c) 2019, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
2 | #
3 | # Licensed under the Apache License, Version 2.0 (the "License");
4 | # you may not use this file except in compliance with the License.
5 | # You may obtain a copy of the License at
6 | #
7 | # http://www.apache.org/licenses/LICENSE-2.0
8 | #
9 | # Unless required by applicable law or agreed to in writing, software
10 | # distributed under the License is distributed on an "AS IS" BASIS,
11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | # See the License for the specific language governing permissions and
13 | # limitations under the License.
14 |
15 | kind: ClusterRole
16 | apiVersion: rbac.authorization.k8s.io/v1
17 | metadata:
18 | name: system:aggregated-metrics-reader
19 | labels:
20 | rbac.authorization.k8s.io/aggregate-to-view: "true"
21 | rbac.authorization.k8s.io/aggregate-to-edit: "true"
22 | rbac.authorization.k8s.io/aggregate-to-admin: "true"
23 | rules:
24 | - apiGroups: ["metrics.k8s.io"]
25 | resources: ["pods"]
26 | verbs: ["get", "list", "watch"]
27 |
--------------------------------------------------------------------------------
/installer/scripts/cellery-runtime-deployer/cellery.env.kubeadm:
--------------------------------------------------------------------------------
1 | # ------------------------------------------------------------------------
2 | #
3 | # Copyright 2019 WSO2, Inc. (http://wso2.com)
4 | #
5 | # Licensed under the Apache License, Version 2.0 (the "License");
6 | # you may not use this file except in compliance with the License.
7 | # You may obtain a copy of the License at
8 | #
9 | # http://www.apache.org/licenses/LICENSE-2.0
10 | #
11 | # Unless required by applicable law or agreed to in writing, software
12 | # distributed under the License is distributed on an "AS IS" BASIS,
13 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 | # See the License for the specific language governing permissions and
15 | # limitations under the License
16 | #
17 | # ------------------------------------------------------------------------
18 |
19 | #Cellery dependencies.
20 |
21 | K8S_VERSION=1.11.3-00
22 | FLANNEL_VERSION=0.10.0
23 | ISTIO_VERSION=1.0.2
24 | DOWNLOAD_PATH=tmp-wso2
25 | RELEASE_VERSION=master
26 | GIT_BASE_URL="https://raw.githubusercontent.com/wso2/cellery-distribution/master"
27 |
28 | #IaaS configurations.
29 | IAAS=kubeadm
30 |
--------------------------------------------------------------------------------
/installer/helm/istio/charts/kiali/templates/_helpers.tpl:
--------------------------------------------------------------------------------
1 | {{/* vim: set filetype=mustache: */}}
2 | {{/*
3 | Expand the name of the chart.
4 | */}}
5 | {{- define "kiali.name" -}}
6 | {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
7 | {{- end -}}
8 |
9 | {{/*
10 | Create a default fully qualified app name.
11 | We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
12 | If release name contains chart name it will be used as a full name.
13 | */}}
14 | {{- define "kiali.fullname" -}}
15 | {{- if .Values.fullnameOverride -}}
16 | {{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
17 | {{- else -}}
18 | {{- $name := default .Chart.Name .Values.nameOverride -}}
19 | {{- if contains $name .Release.Name -}}
20 | {{- .Release.Name | trunc 63 | trimSuffix "-" -}}
21 | {{- else -}}
22 | {{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
23 | {{- end -}}
24 | {{- end -}}
25 | {{- end -}}
26 |
27 | {{/*
28 | Create chart name and version as used by the chart label.
29 | */}}
30 | {{- define "kiali.chart" -}}
31 | {{- .Chart.Name | trunc 63 | trimSuffix "-" -}}
32 | {{- end -}}
33 |
--------------------------------------------------------------------------------
/installer/helm/istio/charts/mixer/templates/_helpers.tpl:
--------------------------------------------------------------------------------
1 | {{/* vim: set filetype=mustache: */}}
2 | {{/*
3 | Expand the name of the chart.
4 | */}}
5 | {{- define "mixer.name" -}}
6 | {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
7 | {{- end -}}
8 |
9 | {{/*
10 | Create a default fully qualified app name.
11 | We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
12 | If release name contains chart name it will be used as a full name.
13 | */}}
14 | {{- define "mixer.fullname" -}}
15 | {{- if .Values.fullnameOverride -}}
16 | {{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
17 | {{- else -}}
18 | {{- $name := default .Chart.Name .Values.nameOverride -}}
19 | {{- if contains $name .Release.Name -}}
20 | {{- .Release.Name | trunc 63 | trimSuffix "-" -}}
21 | {{- else -}}
22 | {{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
23 | {{- end -}}
24 | {{- end -}}
25 | {{- end -}}
26 |
27 | {{/*
28 | Create chart name and version as used by the chart label.
29 | */}}
30 | {{- define "mixer.chart" -}}
31 | {{- .Chart.Name | trunc 63 | trimSuffix "-" -}}
32 | {{- end -}}
33 |
--------------------------------------------------------------------------------
/installer/helm/istio/charts/pilot/templates/_helpers.tpl:
--------------------------------------------------------------------------------
1 | {{/* vim: set filetype=mustache: */}}
2 | {{/*
3 | Expand the name of the chart.
4 | */}}
5 | {{- define "pilot.name" -}}
6 | {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
7 | {{- end -}}
8 |
9 | {{/*
10 | Create a default fully qualified app name.
11 | We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
12 | If release name contains chart name it will be used as a full name.
13 | */}}
14 | {{- define "pilot.fullname" -}}
15 | {{- if .Values.fullnameOverride -}}
16 | {{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
17 | {{- else -}}
18 | {{- $name := default .Chart.Name .Values.nameOverride -}}
19 | {{- if contains $name .Release.Name -}}
20 | {{- .Release.Name | trunc 63 | trimSuffix "-" -}}
21 | {{- else -}}
22 | {{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
23 | {{- end -}}
24 | {{- end -}}
25 | {{- end -}}
26 |
27 | {{/*
28 | Create chart name and version as used by the chart label.
29 | */}}
30 | {{- define "pilot.chart" -}}
31 | {{- .Chart.Name | trunc 63 | trimSuffix "-" -}}
32 | {{- end -}}
33 |
--------------------------------------------------------------------------------
/installer/helm/cellery-runtime/charts/mysql/templates/_helpers.tpl:
--------------------------------------------------------------------------------
1 | {{/* vim: set filetype=mustache: */}}
2 | {{/*
3 | Expand the name of the chart.
4 | */}}
5 | {{- define "mysql.name" -}}
6 | {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
7 | {{- end -}}
8 |
9 | {{/*
10 | Create a default fully qualified app name.
11 | We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
12 | If release name contains chart name it will be used as a full name.
13 | */}}
14 | {{- define "mysql.fullname" -}}
15 | {{- if .Values.fullnameOverride -}}
16 | {{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
17 | {{- else -}}
18 | {{- $name := default .Chart.Name .Values.nameOverride -}}
19 | {{- if contains $name .Release.Name -}}
20 | {{- printf .Release.Name | trunc 63 | trimSuffix "-" -}}
21 | {{- else -}}
22 | {{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
23 | {{- end -}}
24 | {{- end -}}
25 | {{- end -}}
26 |
27 | {{/*
28 | Generate chart secret name
29 | */}}
30 | {{- define "mysql.secretName" -}}
31 | {{ default (include "mysql.fullname" .) .Values.existingSecret }}
32 | {{- end -}}
--------------------------------------------------------------------------------
/installer/helm/istio/charts/galley/templates/_helpers.tpl:
--------------------------------------------------------------------------------
1 | {{/* vim: set filetype=mustache: */}}
2 | {{/*
3 | Expand the name of the chart.
4 | */}}
5 | {{- define "galley.name" -}}
6 | {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
7 | {{- end -}}
8 |
9 | {{/*
10 | Create a default fully qualified app name.
11 | We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
12 | If release name contains chart name it will be used as a full name.
13 | */}}
14 | {{- define "galley.fullname" -}}
15 | {{- if .Values.fullnameOverride -}}
16 | {{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
17 | {{- else -}}
18 | {{- $name := default .Chart.Name .Values.nameOverride -}}
19 | {{- if contains $name .Release.Name -}}
20 | {{- .Release.Name | trunc 63 | trimSuffix "-" -}}
21 | {{- else -}}
22 | {{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
23 | {{- end -}}
24 | {{- end -}}
25 | {{- end -}}
26 |
27 | {{/*
28 | Create chart name and version as used by the chart label.
29 | */}}
30 | {{- define "galley.chart" -}}
31 | {{- .Chart.Name | trunc 63 | trimSuffix "-" -}}
32 | {{- end -}}
33 |
--------------------------------------------------------------------------------
/installer/helm/istio/charts/gateways/templates/_helpers.tpl:
--------------------------------------------------------------------------------
1 | {{/* vim: set filetype=mustache: */}}
2 | {{/*
3 | Expand the name of the chart.
4 | */}}
5 | {{- define "gateway.name" -}}
6 | {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
7 | {{- end -}}
8 |
9 | {{/*
10 | Create a default fully qualified app name.
11 | We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
12 | If release name contains chart name it will be used as a full name.
13 | */}}
14 | {{- define "gateway.fullname" -}}
15 | {{- if .Values.fullnameOverride -}}
16 | {{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
17 | {{- else -}}
18 | {{- $name := default .Chart.Name .Values.nameOverride -}}
19 | {{- if contains $name .Release.Name -}}
20 | {{- .Release.Name | trunc 63 | trimSuffix "-" -}}
21 | {{- else -}}
22 | {{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
23 | {{- end -}}
24 | {{- end -}}
25 | {{- end -}}
26 |
27 | {{/*
28 | Create chart name and version as used by the chart label.
29 | */}}
30 | {{- define "gateway.chart" -}}
31 | {{- .Chart.Name | trunc 63 | trimSuffix "-" -}}
32 | {{- end -}}
33 |
--------------------------------------------------------------------------------
/installer/helm/istio/charts/grafana/templates/_helpers.tpl:
--------------------------------------------------------------------------------
1 | {{/* vim: set filetype=mustache: */}}
2 | {{/*
3 | Expand the name of the chart.
4 | */}}
5 | {{- define "grafana.name" -}}
6 | {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
7 | {{- end -}}
8 |
9 | {{/*
10 | Create a default fully qualified app name.
11 | We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
12 | If release name contains chart name it will be used as a full name.
13 | */}}
14 | {{- define "grafana.fullname" -}}
15 | {{- if .Values.fullnameOverride -}}
16 | {{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
17 | {{- else -}}
18 | {{- $name := default .Chart.Name .Values.nameOverride -}}
19 | {{- if contains $name .Release.Name -}}
20 | {{- .Release.Name | trunc 63 | trimSuffix "-" -}}
21 | {{- else -}}
22 | {{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
23 | {{- end -}}
24 | {{- end -}}
25 | {{- end -}}
26 |
27 | {{/*
28 | Create chart name and version as used by the chart label.
29 | */}}
30 | {{- define "grafana.chart" -}}
31 | {{- .Chart.Name | trunc 63 | trimSuffix "-" -}}
32 | {{- end -}}
33 |
--------------------------------------------------------------------------------
/installer/helm/istio/charts/tracing/templates/_helpers.tpl:
--------------------------------------------------------------------------------
1 | {{/* vim: set filetype=mustache: */}}
2 | {{/*
3 | Expand the name of the chart.
4 | */}}
5 | {{- define "tracing.name" -}}
6 | {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
7 | {{- end -}}
8 |
9 | {{/*
10 | Create a default fully qualified app name.
11 | We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
12 | If release name contains chart name it will be used as a full name.
13 | */}}
14 | {{- define "tracing.fullname" -}}
15 | {{- if .Values.fullnameOverride -}}
16 | {{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
17 | {{- else -}}
18 | {{- $name := default .Chart.Name .Values.nameOverride -}}
19 | {{- if contains $name .Release.Name -}}
20 | {{- .Release.Name | trunc 63 | trimSuffix "-" -}}
21 | {{- else -}}
22 | {{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
23 | {{- end -}}
24 | {{- end -}}
25 | {{- end -}}
26 |
27 | {{/*
28 | Create chart name and version as used by the chart label.
29 | */}}
30 | {{- define "tracing.chart" -}}
31 | {{- .Chart.Name | trunc 63 | trimSuffix "-" -}}
32 | {{- end -}}
33 |
--------------------------------------------------------------------------------
/installer/helm/istio/charts/security/templates/_helpers.tpl:
--------------------------------------------------------------------------------
1 | {{/* vim: set filetype=mustache: */}}
2 | {{/*
3 | Expand the name of the chart.
4 | */}}
5 | {{- define "security.name" -}}
6 | {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
7 | {{- end -}}
8 |
9 | {{/*
10 | Create a default fully qualified app name.
11 | We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
12 | If release name contains chart name it will be used as a full name.
13 | */}}
14 | {{- define "security.fullname" -}}
15 | {{- if .Values.fullnameOverride -}}
16 | {{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
17 | {{- else -}}
18 | {{- $name := default .Chart.Name .Values.nameOverride -}}
19 | {{- if contains $name .Release.Name -}}
20 | {{- .Release.Name | trunc 63 | trimSuffix "-" -}}
21 | {{- else -}}
22 | {{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
23 | {{- end -}}
24 | {{- end -}}
25 | {{- end -}}
26 |
27 | {{/*
28 | Create chart name and version as used by the chart label.
29 | */}}
30 | {{- define "security.chart" -}}
31 | {{- .Chart.Name | trunc 63 | trimSuffix "-" -}}
32 | {{- end -}}
33 |
--------------------------------------------------------------------------------
/installer/helm/istio/requirements.yaml:
--------------------------------------------------------------------------------
1 | dependencies:
2 | - name: sidecarInjectorWebhook
3 | version: 1.2.2
4 | condition: sidecarInjectorWebhook.enabled
5 | - name: security
6 | version: 1.2.2
7 | condition: security.enabled
8 | - name: gateways
9 | version: 1.2.2
10 | condition: gateways.enabled
11 | - name: mixer
12 | version: 1.2.2
13 | condition: or mixer.policy.enabled mixer.telemetry.enabled
14 | - name: nodeagent
15 | version: 1.2.2
16 | condition: nodeagent.enabled
17 | - name: pilot
18 | version: 1.2.2
19 | condition: pilot.enabled
20 | - name: grafana
21 | version: 1.2.2
22 | condition: grafana.enabled
23 | - name: prometheus
24 | version: 1.2.2
25 | condition: prometheus.enabled
26 | - name: tracing
27 | version: 1.2.2
28 | condition: tracing.enabled
29 | - name: galley
30 | version: 1.2.2
31 | condition: galley.enabled
32 | - name: kiali
33 | version: 1.2.2
34 | condition: kiali.enabled
35 | - name: istiocoredns
36 | version: 1.2.2
37 | condition: istiocoredns.enabled
38 | - name: certmanager
39 | version: 1.2.2
40 | condition: certmanager.enabled
41 |
--------------------------------------------------------------------------------
/installer/helm/istio/charts/nodeagent/templates/_helpers.tpl:
--------------------------------------------------------------------------------
1 | {{/* vim: set filetype=mustache: */}}
2 | {{/*
3 | Expand the name of the chart.
4 | */}}
5 | {{- define "nodeagent.name" -}}
6 | {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
7 | {{- end -}}
8 |
9 | {{/*
10 | Create a default fully qualified app name.
11 | We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
12 | If release name contains chart name it will be used as a full name.
13 | */}}
14 | {{- define "nodeagent.fullname" -}}
15 | {{- if .Values.fullnameOverride -}}
16 | {{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
17 | {{- else -}}
18 | {{- $name := default .Chart.Name .Values.nameOverride -}}
19 | {{- if contains $name .Release.Name -}}
20 | {{- .Release.Name | trunc 63 | trimSuffix "-" -}}
21 | {{- else -}}
22 | {{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
23 | {{- end -}}
24 | {{- end -}}
25 | {{- end -}}
26 |
27 | {{/*
28 | Create chart name and version as used by the chart label.
29 | */}}
30 | {{- define "nodeagent.chart" -}}
31 | {{- .Chart.Name | trunc 63 | trimSuffix "-" -}}
32 | {{- end -}}
33 |
--------------------------------------------------------------------------------
/installer/helm/istio/charts/prometheus/templates/_helpers.tpl:
--------------------------------------------------------------------------------
1 | {{/* vim: set filetype=mustache: */}}
2 | {{/*
3 | Expand the name of the chart.
4 | */}}
5 | {{- define "prometheus.name" -}}
6 | {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
7 | {{- end -}}
8 |
9 | {{/*
10 | Create a default fully qualified app name.
11 | We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
12 | If release name contains chart name it will be used as a full name.
13 | */}}
14 | {{- define "prometheus.fullname" -}}
15 | {{- if .Values.fullnameOverride -}}
16 | {{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
17 | {{- else -}}
18 | {{- $name := default .Chart.Name .Values.nameOverride -}}
19 | {{- if contains $name .Release.Name -}}
20 | {{- .Release.Name | trunc 63 | trimSuffix "-" -}}
21 | {{- else -}}
22 | {{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
23 | {{- end -}}
24 | {{- end -}}
25 | {{- end -}}
26 |
27 | {{/*
28 | Create chart name and version as used by the chart label.
29 | */}}
30 | {{- define "prometheus.chart" -}}
31 | {{- .Chart.Name | trunc 63 | trimSuffix "-" -}}
32 | {{- end -}}
33 |
--------------------------------------------------------------------------------
/installer/helm/cellery-runtime/charts/apim/templates/apim-conf.yaml:
--------------------------------------------------------------------------------
1 | # Copyright (c) 2019, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
2 | #
3 | # Licensed under the Apache License, Version 2.0 (the "License");
4 | # you may not use this file except in compliance with the License.
5 | # You may obtain a copy of the License at
6 | #
7 | # http://www.apache.org/licenses/LICENSE-2.0
8 | #
9 | # Unless required by applicable law or agreed to in writing, software
10 | # distributed under the License is distributed on an "AS IS" BASIS,
11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | # See the License for the specific language governing permissions and
13 | # limitations under the License.
14 |
15 | apiVersion: v1
16 | kind: ConfigMap
17 | metadata:
18 | name: apim-conf
19 | namespace : {{ .Values.namespace }}
20 | data:
21 | {{- $file := .Files }}
22 | {{- range $path, $byte := .Files.Glob "confs/apim/*" }}
23 | {{- $list := $path | splitList "/"}}
24 | {{- $length := len $list }}
25 | {{- $last := add $length -1 }}
26 | {{ index $list $last }}: |-
27 | {{- range $file.Lines $path }}
28 | {{ . }}
29 | {{- end }}
30 | {{- end }}
31 |
--------------------------------------------------------------------------------
/installer/helm/istio/charts/certmanager/templates/_helpers.tpl:
--------------------------------------------------------------------------------
1 | {{/* vim: set filetype=mustache: */}}
2 | {{/*
3 | Expand the name of the chart.
4 | */}}
5 | {{- define "certmanager.name" -}}
6 | {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
7 | {{- end -}}
8 |
9 | {{/*
10 | Create a default fully qualified app name.
11 | We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
12 | If release name contains chart name it will be used as a full name.
13 | */}}
14 | {{- define "certmanager.fullname" -}}
15 | {{- if .Values.fullnameOverride -}}
16 | {{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
17 | {{- else -}}
18 | {{- $name := default .Chart.Name .Values.nameOverride -}}
19 | {{- if contains $name .Release.Name -}}
20 | {{- .Release.Name | trunc 63 | trimSuffix "-" -}}
21 | {{- else -}}
22 | {{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
23 | {{- end -}}
24 | {{- end -}}
25 | {{- end -}}
26 |
27 | {{/*
28 | Create chart name and version as used by the chart label.
29 | */}}
30 | {{- define "certmanager.chart" -}}
31 | {{- .Chart.Name | trunc 63 | trimSuffix "-" -}}
32 | {{- end -}}
33 |
--------------------------------------------------------------------------------
/installer/helm/istio/charts/galley/values.yaml:
--------------------------------------------------------------------------------
1 | #
2 | # galley configuration
3 | #
4 | enabled: true
5 | replicaCount: 1
6 | image: galley
7 | nodeSelector: {}
8 | tolerations: []
9 |
10 | # Specify the pod anti-affinity that allows you to constrain which nodes
11 | # your pod is eligible to be scheduled based on labels on pods that are
12 | # already running on the node rather than based on labels on nodes.
13 | # There are currently two types of anti-affinity:
14 | # "requiredDuringSchedulingIgnoredDuringExecution"
15 | # "preferredDuringSchedulingIgnoredDuringExecution"
16 | # which denote “hard” vs. “soft” requirements, you can define your values
17 | # in "podAntiAffinityLabelSelector" and "podAntiAffinityTermLabelSelector"
18 | # correspondingly.
19 | # For example:
20 | # podAntiAffinityLabelSelector:
21 | # - key: security
22 | # operator: In
23 | # values: S1,S2
24 | # topologyKey: "kubernetes.io/hostname"
25 | # This pod anti-affinity rule says that the pod requires not to be scheduled
26 | # onto a node if that node is already running a pod with label having key
27 | # “security” and value “S1”.
28 | podAntiAffinityLabelSelector: []
29 | podAntiAffinityTermLabelSelector: []
30 |
--------------------------------------------------------------------------------
/installer/helm/istio/charts/pilot/templates/clusterrole.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: rbac.authorization.k8s.io/v1
2 | kind: ClusterRole
3 | metadata:
4 | name: istio-pilot-{{ .Release.Namespace }}
5 | labels:
6 | app: {{ template "pilot.name" . }}
7 | chart: {{ template "pilot.chart" . }}
8 | heritage: {{ .Release.Service }}
9 | release: {{ .Release.Name }}
10 | rules:
11 | - apiGroups: ["config.istio.io"]
12 | resources: ["*"]
13 | verbs: ["*"]
14 | - apiGroups: ["rbac.istio.io"]
15 | resources: ["*"]
16 | verbs: ["get", "watch", "list"]
17 | - apiGroups: ["networking.istio.io"]
18 | resources: ["*"]
19 | verbs: ["*"]
20 | - apiGroups: ["authentication.istio.io"]
21 | resources: ["*"]
22 | verbs: ["*"]
23 | - apiGroups: ["apiextensions.k8s.io"]
24 | resources: ["customresourcedefinitions"]
25 | verbs: ["*"]
26 | - apiGroups: ["extensions"]
27 | resources: ["ingresses", "ingresses/status"]
28 | verbs: ["*"]
29 | - apiGroups: [""]
30 | resources: ["configmaps"]
31 | verbs: ["create", "get", "list", "watch", "update"]
32 | - apiGroups: [""]
33 | resources: ["endpoints", "pods", "services", "namespaces", "nodes", "secrets"]
34 | verbs: ["get", "list", "watch"]
35 |
--------------------------------------------------------------------------------
/installer/packer/cellery-full-runtime-imgs/resources/ingress-controller-values.yaml:
--------------------------------------------------------------------------------
1 | # Copyright (c) 2019, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
2 | #
3 | # Licensed under the Apache License, Version 2.0 (the "License");
4 | # you may not use this file except in compliance with the License.
5 | # You may obtain a copy of the License at
6 | #
7 | # http://www.apache.org/licenses/LICENSE-2.0
8 | #
9 | # Unless required by applicable law or agreed to in writing, software
10 | # distributed under the License is distributed on an "AS IS" BASIS,
11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | # See the License for the specific language governing permissions and
13 | # limitations under the License.
14 |
15 | # Default values for ingress-controller.
16 | # This is a YAML-formatted file.
17 | # Declare variables to be passed into your templates.
18 |
19 | # helm fetch stable/nginx-ingress in to the charts directory before execute this chart.
20 |
21 | nginx-ingress:
22 | enabled: true
23 | controller:
24 | image:
25 | tag: "0.19.0"
26 |
27 | service:
28 | type: "NodePort"
29 |
30 | externalIPs:
31 | - 192.168.56.10
32 |
--------------------------------------------------------------------------------
/installer/packer/cellery-min-runtime-imgs/resources/ingress-controller-values.yaml:
--------------------------------------------------------------------------------
1 | # Copyright (c) 2019, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
2 | #
3 | # Licensed under the Apache License, Version 2.0 (the "License");
4 | # you may not use this file except in compliance with the License.
5 | # You may obtain a copy of the License at
6 | #
7 | # http://www.apache.org/licenses/LICENSE-2.0
8 | #
9 | # Unless required by applicable law or agreed to in writing, software
10 | # distributed under the License is distributed on an "AS IS" BASIS,
11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | # See the License for the specific language governing permissions and
13 | # limitations under the License.
14 |
15 | # Default values for ingress-controller.
16 | # This is a YAML-formatted file.
17 | # Declare variables to be passed into your templates.
18 |
19 | # helm fetch stable/nginx-ingress in to the charts directory before execute this chart.
20 |
21 | nginx-ingress:
22 | enabled: true
23 | controller:
24 | image:
25 | tag: "0.19.0"
26 |
27 | service:
28 | type: "NodePort"
29 |
30 | externalIPs:
31 | - 192.168.56.10
32 |
--------------------------------------------------------------------------------
/installer/helm/istio/charts/certmanager/templates/issuer.yaml:
--------------------------------------------------------------------------------
1 | ---
2 | apiVersion: certmanager.k8s.io/v1alpha1
3 | kind: ClusterIssuer
4 | metadata:
5 | name: letsencrypt-staging
6 | namespace: {{ .Release.Namespace }}
7 | labels:
8 | app: certmanager
9 | chart: {{ template "certmanager.chart" . }}
10 | heritage: {{ .Release.Service }}
11 | release: {{ .Release.Name }}
12 | spec:
13 | acme:
14 | server: https://acme-staging-v02.api.letsencrypt.org/directory
15 | email: {{ .Values.email }}
16 | # Name of a secret used to store the ACME account private key
17 | privateKeySecretRef:
18 | name: letsencrypt-staging
19 | http01: {}
20 | ---
21 | apiVersion: certmanager.k8s.io/v1alpha1
22 | kind: ClusterIssuer
23 | metadata:
24 | name: letsencrypt
25 | namespace: {{ .Release.Namespace }}
26 | labels:
27 | app: certmanager
28 | chart: {{ template "certmanager.chart" . }}
29 | heritage: {{ .Release.Service }}
30 | release: {{ .Release.Name }}
31 | spec:
32 | acme:
33 | server: https://acme-v02.api.letsencrypt.org/directory
34 | email: {{ .Values.email }}
35 | privateKeySecretRef:
36 | name: letsencrypt
37 | http01: {}
38 |
--------------------------------------------------------------------------------
/installer/helm/istio/charts/istiocoredns/templates/_helpers.tpl:
--------------------------------------------------------------------------------
1 | {{/* vim: set filetype=mustache: */}}
2 | {{/*
3 | Expand the name of the chart.
4 | */}}
5 | {{- define "istiocoredns.name" -}}
6 | {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
7 | {{- end -}}
8 |
9 | {{/*
10 | Create a default fully qualified app name.
11 | We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
12 | If release name contains chart name it will be used as a full name.
13 | */}}
14 | {{- define "istiocoredns.fullname" -}}
15 | {{- if .Values.fullnameOverride -}}
16 | {{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
17 | {{- else -}}
18 | {{- $name := default .Chart.Name .Values.nameOverride -}}
19 | {{- if contains $name .Release.Name -}}
20 | {{- .Release.Name | trunc 63 | trimSuffix "-" -}}
21 | {{- else -}}
22 | {{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
23 | {{- end -}}
24 | {{- end -}}
25 | {{- end -}}
26 |
27 | {{/*
28 | Create chart name and version as used by the chart label.
29 | */}}
30 | {{- define "istiocoredns.chart" -}}
31 | {{- .Chart.Name | trunc 63 | trimSuffix "-" -}}
32 | {{- end -}}
33 |
--------------------------------------------------------------------------------
/installer/helm/cellery-runtime/charts/sp/templates/sp-worker-siddhi.yaml:
--------------------------------------------------------------------------------
1 | # Copyright (c) 2018, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
2 | #
3 | # Licensed under the Apache License, Version 2.0 (the "License");
4 | # you may not use this file except in compliance with the License.
5 | # You may obtain a copy of the License at
6 | #
7 | # http://www.apache.org/licenses/LICENSE-2.0
8 | #
9 | # Unless required by applicable law or agreed to in writing, software
10 | # distributed under the License is distributed on an "AS IS" BASIS,
11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | # See the License for the specific language governing permissions and
13 | # limitations under the License.
14 |
15 | apiVersion: v1
16 | kind: ConfigMap
17 | metadata:
18 | name: sp-worker-siddhi
19 | namespace : {{ .Values.namespace }}
20 | data:
21 | {{- $file := .Files }}
22 | {{- range $path, $byte := .Files.Glob "confs/siddhi/*" }}
23 | {{- $list := $path | splitList "/"}}
24 | {{- $length := len $list }}
25 | {{- $last := add $length -1 }}
26 | {{ index $list $last }}: |-
27 | {{- range $file.Lines $path }}
28 | {{ . }}
29 | {{- end }}
30 | {{- end }}
31 |
--------------------------------------------------------------------------------
/installer/helm/cellery-runtime/charts/apim/templates/apim-conf-tomcat.yaml:
--------------------------------------------------------------------------------
1 | # Copyright (c) 2019, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
2 | #
3 | # Licensed under the Apache License, Version 2.0 (the "License");
4 | # you may not use this file except in compliance with the License.
5 | # You may obtain a copy of the License at
6 | #
7 | # http://www.apache.org/licenses/LICENSE-2.0
8 | #
9 | # Unless required by applicable law or agreed to in writing, software
10 | # distributed under the License is distributed on an "AS IS" BASIS,
11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | # See the License for the specific language governing permissions and
13 | # limitations under the License.
14 |
15 | apiVersion: v1
16 | kind: ConfigMap
17 | metadata:
18 | name: apim-tomcat
19 | namespace : {{ .Values.namespace }}
20 | data:
21 | {{- $file := .Files }}
22 | {{- range $path, $byte := .Files.Glob "confs/apim/tomcat/*" }}
23 | {{- $list := $path | splitList "/"}}
24 | {{- $length := len $list }}
25 | {{- $last := add $length -1 }}
26 | {{ index $list $last }}: |-
27 | {{- range $file.Lines $path }}
28 | {{ . }}
29 | {{- end }}
30 | {{- end }}
31 |
--------------------------------------------------------------------------------
/installer/helm/cellery-runtime/charts/idp/templates/identity-server-conf.yaml:
--------------------------------------------------------------------------------
1 | # Copyright (c) 2018, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
2 | #
3 | # Licensed under the Apache License, Version 2.0 (the "License");
4 | # you may not use this file except in compliance with the License.
5 | # You may obtain a copy of the License at
6 | #
7 | # http://www.apache.org/licenses/LICENSE-2.0
8 | #
9 | # Unless required by applicable law or agreed to in writing, software
10 | # distributed under the License is distributed on an "AS IS" BASIS,
11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | # See the License for the specific language governing permissions and
13 | # limitations under the License.
14 |
15 | apiVersion: v1
16 | kind: ConfigMap
17 | metadata:
18 | name: identity-server-conf
19 | namespace : {{ .Values.namespace }}
20 | data:
21 | {{- $file := .Files }}
22 | {{- range $path, $byte := .Files.Glob "confs/*" }}
23 | {{- $list := $path | splitList "/"}}
24 | {{- $length := len $list }}
25 | {{- $last := add $length -1 }}
26 | {{ index $list $last }}: |-
27 | {{- range $file.Lines $path }}
28 | {{ . }}
29 | {{- end }}
30 | {{- end }}
31 |
--------------------------------------------------------------------------------
/installer/helm/cellery-runtime/charts/apim/templates/apim-conf-identity.yaml:
--------------------------------------------------------------------------------
1 | # Copyright (c) 2019, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
2 | #
3 | # Licensed under the Apache License, Version 2.0 (the "License");
4 | # you may not use this file except in compliance with the License.
5 | # You may obtain a copy of the License at
6 | #
7 | # http://www.apache.org/licenses/LICENSE-2.0
8 | #
9 | # Unless required by applicable law or agreed to in writing, software
10 | # distributed under the License is distributed on an "AS IS" BASIS,
11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | # See the License for the specific language governing permissions and
13 | # limitations under the License.
14 |
15 | apiVersion: v1
16 | kind: ConfigMap
17 | metadata:
18 | name: conf-identity
19 | namespace : {{ .Values.namespace }}
20 | data:
21 | {{- $file := .Files }}
22 | {{- range $path, $byte := .Files.Glob "confs/apim/identity/*" }}
23 | {{- $list := $path | splitList "/"}}
24 | {{- $length := len $list }}
25 | {{- $last := add $length -1 }}
26 | {{ index $list $last }}: |-
27 | {{- range $file.Lines $path }}
28 | {{ . }}
29 | {{- end }}
30 | {{- end }}
31 |
--------------------------------------------------------------------------------
/installer/helm/cellery-runtime/charts/apim/templates/apim-conf-security.yaml:
--------------------------------------------------------------------------------
1 | # Copyright (c) 2019, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
2 | #
3 | # Licensed under the Apache License, Version 2.0 (the "License");
4 | # you may not use this file except in compliance with the License.
5 | # You may obtain a copy of the License at
6 | #
7 | # http://www.apache.org/licenses/LICENSE-2.0
8 | #
9 | # Unless required by applicable law or agreed to in writing, software
10 | # distributed under the License is distributed on an "AS IS" BASIS,
11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | # See the License for the specific language governing permissions and
13 | # limitations under the License.
14 |
15 | apiVersion: v1
16 | kind: ConfigMap
17 | metadata:
18 | name: apim-security
19 | namespace : {{ .Values.namespace }}
20 | data:
21 | {{- $file := .Files }}
22 | {{- range $path, $byte := .Files.Glob "confs/apim/security/*" }}
23 | {{- $list := $path | splitList "/"}}
24 | {{- $length := len $list }}
25 | {{- $last := add $length -1 }}
26 | {{ index $list $last }}: |-
27 | {{- range $file.Lines $path }}
28 | {{ . }}
29 | {{- end }}
30 | {{- end }}
31 |
--------------------------------------------------------------------------------
/installer/helm/cellery-runtime/charts/grafana/templates/grafana-conf.yaml:
--------------------------------------------------------------------------------
1 | # Copyright (c) 2019, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
2 | #
3 | # Licensed under the Apache License, Version 2.0 (the "License");
4 | # you may not use this file except in compliance with the License.
5 | # You may obtain a copy of the License at
6 | #
7 | # http://www.apache.org/licenses/LICENSE-2.0
8 | #
9 | # Unless required by applicable law or agreed to in writing, software
10 | # distributed under the License is distributed on an "AS IS" BASIS,
11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | # See the License for the specific language governing permissions and
13 | # limitations under the License.
14 |
15 | apiVersion: v1
16 | kind: ConfigMap
17 | metadata:
18 | name: k8s-metrics-grafana-conf
19 | namespace : {{ .Values.namespace }}
20 | data:
21 | {{- $file := .Files }}
22 | {{- range $path, $byte := .Files.Glob "confs/config/*" }}
23 | {{- $list := $path | splitList "/"}}
24 | {{- $length := len $list }}
25 | {{- $last := add $length -1 }}
26 | {{ index $list $last }}: |-
27 | {{- range $file.Lines $path }}
28 | {{ . }}
29 | {{- end }}
30 | {{- end }}
31 |
--------------------------------------------------------------------------------
/installer/helm/cellery-runtime/charts/prometheus/templates/prometheus.yaml:
--------------------------------------------------------------------------------
1 | # Copyright (c) 2019, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
2 | #
3 | # Licensed under the Apache License, Version 2.0 (the "License");
4 | # you may not use this file except in compliance with the License.
5 | # You may obtain a copy of the License at
6 | #
7 | # http://www.apache.org/licenses/LICENSE-2.0
8 | #
9 | # Unless required by applicable law or agreed to in writing, software
10 | # distributed under the License is distributed on an "AS IS" BASIS,
11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | # See the License for the specific language governing permissions and
13 | # limitations under the License.
14 |
15 | apiVersion: v1
16 | kind: ConfigMap
17 | metadata:
18 | name: k8s-metrics-prometheus-conf
19 | namespace : {{ .Values.namespace }}
20 | data:
21 | {{- $file := .Files }}
22 | {{- range $path, $byte := .Files.Glob "confs/*" }}
23 | {{- $list := $path | splitList "/"}}
24 | {{- $length := len $list }}
25 | {{- $last := add $length -1 }}
26 | {{ index $list $last }}: |-
27 | {{- range $file.Lines $path }}
28 | {{ . }}
29 | {{- end }}
30 | {{- end }}
31 |
--------------------------------------------------------------------------------
/installer/helm/istio/charts/sidecarInjectorWebhook/templates/_helpers.tpl:
--------------------------------------------------------------------------------
1 | {{/* vim: set filetype=mustache: */}}
2 | {{/*
3 | Expand the name of the chart.
4 | */}}
5 | {{- define "sidecar-injector.name" -}}
6 | {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
7 | {{- end -}}
8 |
9 | {{/*
10 | Create a default fully qualified app name.
11 | We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
12 | If release name contains chart name it will be used as a full name.
13 | */}}
14 | {{- define "sidecar-injector.fullname" -}}
15 | {{- if .Values.fullnameOverride -}}
16 | {{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
17 | {{- else -}}
18 | {{- $name := default .Chart.Name .Values.nameOverride -}}
19 | {{- if contains $name .Release.Name -}}
20 | {{- .Release.Name | trunc 63 | trimSuffix "-" -}}
21 | {{- else -}}
22 | {{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
23 | {{- end -}}
24 | {{- end -}}
25 | {{- end -}}
26 |
27 | {{/*
28 | Create chart name and version as used by the chart label.
29 | */}}
30 | {{- define "sidecar-injector.chart" -}}
31 | {{- .Chart.Name | trunc 63 | trimSuffix "-" -}}
32 | {{- end -}}
33 |
--------------------------------------------------------------------------------
/components/api/io.cellery.cell.api.publisher/src/main/java/io/cellery/cell/api/publisher/exceptions/APIException.java:
--------------------------------------------------------------------------------
1 | /*
2 | * Copyright (c) 2018, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
3 | *
4 | * WSO2 Inc. licenses this file to you under the Apache License,
5 | * Version 2.0 (the "License"); you may not use this file except
6 | * in compliance with the License.
7 | * You may obtain a copy of the License at
8 | *
9 | * http://www.apache.org/licenses/LICENSE-2.0
10 | *
11 | * Unless required by applicable law or agreed to in writing,
12 | * software distributed under the License is distributed on an
13 | * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
14 | * KIND, either express or implied. See the License for the
15 | * specific language governing permissions and limitations
16 | * under the License.
17 | */
18 | package io.cellery.cell.api.publisher.exceptions;
19 |
20 | /** Vick API handler exceptions. */
21 | public class APIException extends Exception {
22 |
23 | public APIException() {}
24 |
25 | public APIException(String s) {
26 | super(s);
27 | }
28 |
29 | public APIException(String s, Throwable throwable) {
30 | super(s, throwable);
31 | }
32 | }
33 |
--------------------------------------------------------------------------------
/installer/helm/cellery-runtime/charts/idp/templates/identity-server-conf-axis2.yaml:
--------------------------------------------------------------------------------
1 | # Copyright (c) 2018, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
2 | #
3 | # Licensed under the Apache License, Version 2.0 (the "License");
4 | # you may not use this file except in compliance with the License.
5 | # You may obtain a copy of the License at
6 | #
7 | # http://www.apache.org/licenses/LICENSE-2.0
8 | #
9 | # Unless required by applicable law or agreed to in writing, software
10 | # distributed under the License is distributed on an "AS IS" BASIS,
11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | # See the License for the specific language governing permissions and
13 | # limitations under the License.
14 |
15 | apiVersion: v1
16 | kind: ConfigMap
17 | metadata:
18 | name: identity-server-conf-axis2
19 | namespace : {{ .Values.namespace }}
20 | data:
21 | {{- $file := .Files }}
22 | {{- range $path, $byte := .Files.Glob "confs/axis2/*" }}
23 | {{- $list := $path | splitList "/"}}
24 | {{- $length := len $list }}
25 | {{- $last := add $length -1 }}
26 | {{ index $list $last }}: |-
27 | {{- range $file.Lines $path }}
28 | {{ . }}
29 | {{- end }}
30 | {{- end }}
31 |
--------------------------------------------------------------------------------
/installer/helm/cellery-runtime/charts/idp/templates/identity-server-conf-tomcat.yaml:
--------------------------------------------------------------------------------
1 | # Copyright (c) 2018, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
2 | #
3 | # Licensed under the Apache License, Version 2.0 (the "License");
4 | # you may not use this file except in compliance with the License.
5 | # You may obtain a copy of the License at
6 | #
7 | # http://www.apache.org/licenses/LICENSE-2.0
8 | #
9 | # Unless required by applicable law or agreed to in writing, software
10 | # distributed under the License is distributed on an "AS IS" BASIS,
11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | # See the License for the specific language governing permissions and
13 | # limitations under the License.
14 |
15 | apiVersion: v1
16 | kind: ConfigMap
17 | metadata:
18 | name: identity-server-tomcat
19 | namespace : {{ .Values.namespace }}
20 | data:
21 | {{- $file := .Files }}
22 | {{- range $path, $byte := .Files.Glob "confs/tomcat/*" }}
23 | {{- $list := $path | splitList "/"}}
24 | {{- $length := len $list }}
25 | {{- $last := add $length -1 }}
26 | {{ index $list $last }}: |-
27 | {{- range $file.Lines $path }}
28 | {{ . }}
29 | {{- end }}
30 | {{- end }}
31 |
--------------------------------------------------------------------------------
/installer/helm/cellery-runtime/charts/portal/templates/observability-portal-config.yaml:
--------------------------------------------------------------------------------
1 | # Copyright (c) 2018, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
2 | #
3 | # Licensed under the Apache License, Version 2.0 (the "License");
4 | # you may not use this file except in compliance with the License.
5 | # You may obtain a copy of the License at
6 | #
7 | # http://www.apache.org/licenses/LICENSE-2.0
8 | #
9 | # Unless required by applicable law or agreed to in writing, software
10 | # distributed under the License is distributed on an "AS IS" BASIS,
11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | # See the License for the specific language governing permissions and
13 | # limitations under the License.
14 |
15 | apiVersion: v1
16 | kind: ConfigMap
17 | metadata:
18 | name: observability-portal-config
19 | namespace : {{ .Values.namespace }}
20 | data:
21 | {{- $file := .Files }}
22 | {{- range $path, $byte := .Files.Glob "confs/*" }}
23 | {{- $list := $path | splitList "/"}}
24 | {{- $length := len $list }}
25 | {{- $last := add $length -1 }}
26 | {{ index $list $last }}: |-
27 | {{- range $file.Lines $path }}
28 | {{ . }}
29 | {{- end }}
30 | {{- end }}
31 |
--------------------------------------------------------------------------------