├── .gitignore ├── LICENSE ├── README.md ├── dev-infras ├── README.md ├── cert-manager │ ├── README.md │ ├── letencrypt-cluster.yaml │ └── letencrypt-staging-cluster.yaml ├── cluster │ ├── README.md │ └── rancher-cluster.yml ├── docker-registry │ ├── README.md │ ├── registry-pv.yaml │ └── values.yaml ├── gitlab │ ├── README.md │ ├── gitlab-ce │ │ ├── .helmignore │ │ ├── Chart.yaml │ │ ├── README.md │ │ ├── charts │ │ │ ├── postgresql │ │ │ │ ├── Chart.yaml │ │ │ │ ├── README.md │ │ │ │ ├── templates │ │ │ │ │ ├── NOTES.txt │ │ │ │ │ ├── _helpers.tpl │ │ │ │ │ ├── deployment.yaml │ │ │ │ │ ├── pvc.yaml │ │ │ │ │ ├── secrets.yaml │ │ │ │ │ └── service.yaml │ │ │ │ └── values.yaml │ │ │ └── redis │ │ │ │ ├── .helmignore │ │ │ │ ├── Chart.yaml │ │ │ │ ├── README.md │ │ │ │ ├── templates │ │ │ │ ├── NOTES.txt │ │ │ │ ├── _helpers.tpl │ │ │ │ ├── deployment.yaml │ │ │ │ ├── pvc.yaml │ │ │ │ ├── secrets.yaml │ │ │ │ └── service.yaml │ │ │ │ └── values.yaml │ │ ├── templates │ │ │ ├── NOTES.txt │ │ │ ├── _helpers.tpl │ │ │ ├── configmap.yaml │ │ │ ├── deployment.yaml │ │ │ ├── ingress.yaml │ │ │ ├── pvc-data.yaml │ │ │ ├── pvc-etc.yaml │ │ │ ├── secrets.yaml │ │ │ ├── service.yaml │ │ │ └── serviceaccount.yaml │ │ └── values.yaml │ └── yourdomain-gitlab │ │ ├── gitlab-data.yaml │ │ ├── gitlab-etc.yaml │ │ ├── gitlab-postgresql.yaml │ │ └── values.yaml ├── namespaces │ ├── README.md │ ├── yourbiz-dev │ │ ├── yourbiz-dev-admin.yaml │ │ └── yourbiz-dev-ns.yaml │ ├── yourbiz-infra │ │ └── yourbiz-infra-ns.yaml │ └── yourbiz-prod │ │ ├── yourbiz-prod-admin.yaml │ │ └── yourbiz-prod-ns.yaml ├── offline-install.sh ├── rancher │ ├── README.md │ └── rancher-ingress.yaml ├── sonatype-nexus │ ├── README.md │ ├── sonatype-nexus-pv.yaml │ └── values.yaml └── storage │ ├── README.md │ ├── rook-ceph-tools.yaml │ ├── rook-cluster.yaml │ ├── rook-example-pvc.yaml │ └── rook-storageclass.yaml ├── docker-compose └── python-redis │ ├── Dockerfile │ ├── README.md │ ├── app.py │ ├── docker-compose.yml │ └── requirements.txt ├── helm-charts ├── backend-app │ ├── .helmignore │ ├── Chart.yaml │ ├── README.md │ ├── templates │ │ ├── _helpers.tpl │ │ ├── configmap.yaml │ │ ├── deployment.yaml │ │ ├── ingress.yaml │ │ ├── pvc.yaml │ │ ├── service.yaml │ │ ├── serviceaccount.yaml │ │ └── tests │ │ │ └── test-connection.yaml │ └── values.yaml ├── backend-spring-app │ ├── .helmignore │ ├── Chart.lock │ ├── Chart.yaml │ ├── README.md │ ├── charts │ │ └── mysql-1.6.2.tgz │ ├── templates │ │ ├── NOTES.txt │ │ ├── _helpers.tpl │ │ ├── application-configmap.yaml │ │ ├── deployment.yaml │ │ ├── extra-configmap.yaml │ │ ├── ingress.yaml │ │ ├── pvc.yaml │ │ ├── secret.yaml │ │ ├── service.yaml │ │ ├── serviceaccount.yaml │ │ └── tests │ │ │ └── test-connection.yaml │ └── values.yaml ├── caddy1-static-app │ ├── .helmignore │ ├── Chart.yaml │ ├── README.md │ ├── example │ │ └── values.yaml │ ├── templates │ │ ├── NOTES.txt │ │ ├── _helpers.tpl │ │ ├── configmap.yaml │ │ ├── deployment.yaml │ │ ├── ingress.yaml │ │ ├── service.yaml │ │ ├── serviceaccount.yaml │ │ └── tests │ │ │ └── test-connection.yaml │ └── values.yaml ├── caddy2-static-app │ ├── .helmignore │ ├── .prettierignore │ ├── Chart.yaml │ ├── README.md │ ├── deploy-web-static.sh │ ├── example │ │ └── values.yaml │ ├── templates │ │ ├── NOTES.txt │ │ ├── _helpers.tpl │ │ ├── configmap.yaml │ │ ├── deployment.yaml │ │ ├── ingress.yaml │ │ ├── service.yaml │ │ ├── serviceaccount.yaml │ │ └── tests │ │ │ └── test-connection.yaml │ ├── upgrade-web-static.sh │ └── values.yaml └── docker-app │ ├── .helmignore │ ├── Chart.yaml │ ├── README.md │ ├── deploy-web-static.sh │ ├── example │ └── values.yaml │ ├── templates │ ├── NOTES.txt │ ├── _helpers.tpl │ ├── deployment.yaml │ ├── ingress.yaml │ ├── service.yaml │ ├── serviceaccount.yaml │ └── tests │ │ └── test-connection.yaml │ ├── upgrade-web-static.sh │ └── values.yaml ├── helm-middleware ├── airflow │ ├── .helmignore │ ├── Chart.yaml │ ├── OWNERS │ ├── README.md │ ├── examples │ │ └── minikube-values.yaml │ ├── requirements.lock │ ├── requirements.yaml │ ├── templates │ │ ├── NOTES.txt │ │ ├── _helpers.tpl │ │ ├── configmap-env.yaml │ │ ├── configmap-git-clone.yaml │ │ ├── configmap-scripts.yaml │ │ ├── configmap-variables-pools.yaml │ │ ├── deployments-flower.yaml │ │ ├── deployments-scheduler.yaml │ │ ├── deployments-web.yaml │ │ ├── extra-manifests.yaml │ │ ├── ingress-flower.yaml │ │ ├── ingress-web.yaml │ │ ├── poddisruptionbudget.yaml │ │ ├── prometheus-rule.yaml │ │ ├── pvc-logs.yaml │ │ ├── pvc.yaml │ │ ├── role-binding.yaml │ │ ├── role.yaml │ │ ├── secret-connections.yaml │ │ ├── service-account.yaml │ │ ├── service-flower.yaml │ │ ├── service-web.yaml │ │ ├── service-worker.yaml │ │ ├── servicemonitor.yaml │ │ └── statefulsets-workers.yaml │ └── values.yaml ├── cert-manager │ ├── README.md │ ├── cluster-issuer.yaml │ ├── prod-issuer.yaml │ └── staging-issuer.yaml ├── docker-registry │ ├── README.md │ ├── pv.yaml │ └── values.yaml ├── elastic-stack │ ├── .helmignore │ ├── Chart.yaml │ ├── OWNERS │ ├── README.md │ ├── requirements.lock │ ├── requirements.yaml │ ├── templates │ │ ├── NOTES.txt │ │ └── _helpers.tpl │ └── values.yaml ├── elasticsearch │ ├── .helmignore │ ├── Chart.yaml │ ├── OWNERS │ ├── README.md │ ├── ci │ │ ├── expose-transport-port-on-service-values.yaml │ │ ├── extrainitcontainers-values.yaml │ │ ├── hooks-values.yaml │ │ ├── nonroot-deployment-values.yaml │ │ ├── plugin-initcontainer-values.yaml │ │ └── updatestrategy-values.yaml │ ├── templates │ │ ├── NOTES.txt │ │ ├── _helpers.tpl │ │ ├── client-auth.yaml │ │ ├── client-deployment.yaml │ │ ├── client-ingress.yaml │ │ ├── client-pdb.yaml │ │ ├── client-serviceaccount.yaml │ │ ├── client-svc.yaml │ │ ├── configmap.yaml │ │ ├── data-pdb.yaml │ │ ├── data-serviceaccount.yaml │ │ ├── data-statefulset.yaml │ │ ├── job.yaml │ │ ├── master-pdb.yaml │ │ ├── master-serviceaccount.yaml │ │ ├── master-statefulset.yaml │ │ ├── master-svc.yaml │ │ ├── podsecuritypolicy.yaml │ │ ├── role.yaml │ │ ├── rolebinding.yaml │ │ └── tests │ │ │ ├── test-configmap.yaml │ │ │ └── test.yaml │ └── values.yaml ├── external-service │ ├── .helmignore │ ├── Chart.yaml │ ├── templates │ │ ├── _helpers.tpl │ │ ├── ingress.yaml │ │ └── svc.yaml │ └── values.yaml ├── filebeat │ ├── .helmignore │ ├── Chart.yaml │ ├── OWNERS │ ├── README.md │ ├── templates │ │ ├── NOTES.txt │ │ ├── _helpers.tpl │ │ ├── clusterrole.yaml │ │ ├── clusterrolebinding.yaml │ │ ├── daemonset.yaml │ │ ├── podsecuritypolicy.yaml │ │ ├── role.yaml │ │ ├── rolebinding.yaml │ │ ├── secret.yaml │ │ ├── service.yaml │ │ ├── serviceaccount.yaml │ │ └── servicemonitor.yaml │ └── values.yaml ├── fluentd-elasticsearch │ ├── Chart.yaml │ ├── OWNERS │ ├── README.md │ ├── templates │ │ ├── NOTES.txt │ │ ├── _helpers.tpl │ │ ├── clusterrole.yaml │ │ ├── clusterrolebinding.yaml │ │ ├── configmap.yaml │ │ ├── daemonset.yaml │ │ ├── pod-security-policy.yaml │ │ ├── role.yaml │ │ ├── rolebinding.yaml │ │ ├── service-account.yaml │ │ └── service.yaml │ └── values.yaml ├── fluentd │ ├── .helmignore │ ├── Chart.yaml │ ├── OWNERS │ ├── README.md │ ├── templates │ │ ├── NOTES.txt │ │ ├── _helpers.tpl │ │ ├── clusterrole.yaml │ │ ├── clusterrolebinding.yaml │ │ ├── configmap.yaml │ │ ├── deployment.yaml │ │ ├── hpa.yaml │ │ ├── ingress.yaml │ │ ├── pvc.yaml │ │ ├── role.yaml │ │ ├── rolebinding.yaml │ │ ├── service.yaml │ │ ├── serviceaccount.yaml │ │ └── servicemonitor.yaml │ └── values.yaml ├── gitlab │ ├── README.md │ ├── gitlab-ce │ │ ├── .helmignore │ │ ├── Chart.yaml │ │ ├── README.md │ │ ├── charts │ │ │ ├── postgresql │ │ │ │ ├── Chart.yaml │ │ │ │ ├── README.md │ │ │ │ ├── templates │ │ │ │ │ ├── NOTES.txt │ │ │ │ │ ├── _helpers.tpl │ │ │ │ │ ├── deployment.yaml │ │ │ │ │ ├── networkpolicy.yaml │ │ │ │ │ ├── pvc.yaml │ │ │ │ │ ├── secrets.yaml │ │ │ │ │ └── svc.yaml │ │ │ │ └── values.yaml │ │ │ └── redis │ │ │ │ ├── .helmignore │ │ │ │ ├── Chart.yaml │ │ │ │ ├── README.md │ │ │ │ ├── templates │ │ │ │ ├── NOTES.txt │ │ │ │ ├── _helpers.tpl │ │ │ │ ├── deployment.yaml │ │ │ │ ├── pvc.yaml │ │ │ │ ├── secrets.yaml │ │ │ │ └── svc.yaml │ │ │ │ └── values.yaml │ │ ├── requirements.lock │ │ ├── requirements.yaml │ │ ├── templates │ │ │ ├── NOTES.txt │ │ │ ├── _helpers.tpl │ │ │ ├── configmap.yaml │ │ │ ├── data-pvc.yaml │ │ │ ├── deployment.yaml │ │ │ ├── etc-pvc.yaml │ │ │ ├── ingress.yaml │ │ │ ├── secrets.yaml │ │ │ └── svc.yaml │ │ └── values.yaml │ ├── pv.yaml │ └── values.yaml ├── grafana │ ├── .helmignore │ ├── Chart.yaml │ ├── OWNERS │ ├── README.md │ ├── ci │ │ ├── default-values.yaml │ │ ├── with-dashboard-json-values.yaml │ │ └── with-dashboard-values.yaml │ ├── dashboards │ │ └── custom-dashboard.json │ ├── templates │ │ ├── NOTES.txt │ │ ├── _helpers.tpl │ │ ├── _pod.tpl │ │ ├── clusterrole.yaml │ │ ├── clusterrolebinding.yaml │ │ ├── configmap-dashboard-provider.yaml │ │ ├── configmap.yaml │ │ ├── dashboards-json-configmap.yaml │ │ ├── deployment.yaml │ │ ├── headless-service.yaml │ │ ├── ingress.yaml │ │ ├── poddisruptionbudget.yaml │ │ ├── podsecuritypolicy.yaml │ │ ├── pvc.yaml │ │ ├── role.yaml │ │ ├── rolebinding.yaml │ │ ├── secret-env.yaml │ │ ├── secret.yaml │ │ ├── service.yaml │ │ ├── serviceaccount.yaml │ │ ├── statefulset.yaml │ │ └── tests │ │ │ ├── test-configmap.yaml │ │ │ ├── test-podsecuritypolicy.yaml │ │ │ ├── test-role.yaml │ │ │ ├── test-rolebinding.yaml │ │ │ ├── test-serviceaccount.yaml │ │ │ └── test.yaml │ └── values.yaml ├── hadoop │ ├── .helmignore │ ├── Chart.yaml │ ├── README.md │ ├── templates │ │ ├── NOTES.txt │ │ ├── _helpers.tpl │ │ ├── hadoop-configmap.yaml │ │ ├── hdfs-dn-pdb.yaml │ │ ├── hdfs-dn-pvc.yaml │ │ ├── hdfs-dn-statefulset.yaml │ │ ├── hdfs-dn-svc.yaml │ │ ├── hdfs-nn-pdb.yaml │ │ ├── hdfs-nn-pvc.yaml │ │ ├── hdfs-nn-statefulset.yaml │ │ ├── hdfs-nn-svc.yaml │ │ ├── yarn-nm-pdb.yaml │ │ ├── yarn-nm-statefulset.yaml │ │ ├── yarn-nm-svc.yaml │ │ ├── yarn-rm-pdb.yaml │ │ ├── yarn-rm-statefulset.yaml │ │ ├── yarn-rm-svc.yaml │ │ └── yarn-ui-svc.yaml │ ├── tools │ │ └── calc_resources.sh │ └── values.yaml ├── hazelcast-jet │ ├── .helmignore │ ├── Chart.yaml │ ├── OWNERS │ ├── README.adoc │ ├── templates │ │ ├── NOTES.txt │ │ ├── _helpers.tpl │ │ ├── config.yaml │ │ ├── management-center-config.yaml │ │ ├── management-center-deployment.yaml │ │ ├── management-center-service.yaml │ │ ├── metrics-service.yaml │ │ ├── role.yaml │ │ ├── rolebinding.yaml │ │ ├── service.yaml │ │ ├── serviceaccount.yaml │ │ ├── statefulset.yaml │ │ └── tests │ │ │ ├── test-hazelcast-jet.yaml │ │ │ └── test-management-center.yaml │ └── values.yaml ├── hazelcast │ ├── .helmignore │ ├── Chart.yaml │ ├── OWNERS │ ├── README.adoc │ ├── templates │ │ ├── NOTES.txt │ │ ├── _helpers.tpl │ │ ├── config.yaml │ │ ├── mancenter-ingress.yaml │ │ ├── mancenter-pvc.yaml │ │ ├── mancenter-service.yaml │ │ ├── mancenter-statefulset.yaml │ │ ├── metrics-service.yaml │ │ ├── role.yaml │ │ ├── rolebinding.yaml │ │ ├── service.yaml │ │ ├── serviceaccount.yaml │ │ ├── statefulset.yaml │ │ └── tests │ │ │ ├── test-hazelcast.yaml │ │ │ └── test-management-center.yaml │ └── values.yaml ├── influxdb │ ├── .helmignore │ ├── Chart.yaml │ ├── OWNERS │ ├── README.md │ ├── templates │ │ ├── NOTES.txt │ │ ├── _helpers.tpl │ │ ├── backup-cronjob.yaml │ │ ├── config.yaml │ │ ├── ingress.yaml │ │ ├── init-config.yaml │ │ ├── post-install-set-auth.yaml │ │ ├── secret.yaml │ │ ├── service.yaml │ │ └── statefulset.yaml │ └── values.yaml ├── jenkins │ ├── .helmignore │ ├── CHANGELOG.md │ ├── Chart.yaml │ ├── OWNERS │ ├── README.md │ ├── ci │ │ ├── casc-values.yaml │ │ └── default-values.yaml │ ├── templates │ │ ├── NOTES.txt │ │ ├── _helpers.tpl │ │ ├── config.yaml │ │ ├── deprecation.yaml │ │ ├── home-pvc.yaml │ │ ├── jcasc-config.yaml │ │ ├── jenkins-agent-svc.yaml │ │ ├── jenkins-backup-cronjob.yaml │ │ ├── jenkins-backup-rbac.yaml │ │ ├── jenkins-master-alerting-rules.yaml │ │ ├── jenkins-master-backendconfig.yaml │ │ ├── jenkins-master-deployment.yaml │ │ ├── jenkins-master-ingress.yaml │ │ ├── jenkins-master-networkpolicy.yaml │ │ ├── jenkins-master-route.yaml │ │ ├── jenkins-master-servicemonitor.yaml │ │ ├── jenkins-master-svc.yaml │ │ ├── jobs.yaml │ │ ├── rbac.yaml │ │ ├── secret-https-jks.yaml │ │ ├── secret.yaml │ │ ├── service-account-agent.yaml │ │ ├── service-account.yaml │ │ └── tests │ │ │ ├── jenkins-test.yaml │ │ │ └── test-config.yaml │ └── values.yaml ├── kafka-manager │ ├── .helmignore │ ├── Chart.yaml │ ├── OWNERS │ ├── README.md │ ├── ci │ │ └── example-values.yaml │ ├── requirements.lock │ ├── requirements.yaml │ ├── templates │ │ ├── NOTES.txt │ │ ├── _helpers.tpl │ │ ├── configmap.yaml │ │ ├── deployment.yaml │ │ ├── ingress.yaml │ │ ├── job.yaml │ │ ├── secrets.yaml │ │ ├── service.yaml │ │ └── serviceaccount.yaml │ └── values.yaml ├── kibana │ ├── .helmignore │ ├── Chart.yaml │ ├── OWNERS │ ├── README.md │ ├── ci │ │ ├── authproxy-enabled.yaml │ │ ├── dashboard-values.yaml │ │ ├── extra-configmap-mounts.yaml │ │ ├── ingress-hosts-paths.yaml │ │ ├── ingress-hosts.yaml │ │ ├── initcontainers-all-values.yaml │ │ ├── initcontainers-values.yaml │ │ ├── plugin-install.yaml │ │ ├── pvc.yaml │ │ ├── security-context.yaml │ │ ├── service-values.yaml │ │ └── url_dashboard-values.yaml │ ├── templates │ │ ├── NOTES.txt │ │ ├── _helpers.tpl │ │ ├── configmap-dashboardimport.yaml │ │ ├── configmap.yaml │ │ ├── deployment.yaml │ │ ├── ingress.yaml │ │ ├── service.yaml │ │ ├── serviceaccount.yaml │ │ ├── tests │ │ │ ├── test-configmap.yaml │ │ │ └── test.yaml │ │ └── volume-claim.yaml │ └── values.yaml ├── kong │ ├── .helmignore │ ├── Chart.yaml │ ├── OWNERS │ ├── README.md │ ├── ci │ │ ├── dbless-no-kic-internal-declarative-config-values.yaml │ │ ├── dbless-no-kic-values.yaml │ │ ├── dbless-values.yaml │ │ ├── default-values-with-psp.yaml │ │ ├── default-values.yaml │ │ ├── ingress-with-hosts.yaml │ │ ├── ingress-without-hosts.yaml │ │ ├── ingressController-db.yaml │ │ ├── ingressController-dbless.yaml │ │ ├── ingressController-with-psp.yaml │ │ ├── ingressController-with-webhook.yaml │ │ └── loadbalancer-values.yaml │ ├── requirements.lock │ ├── requirements.yaml │ ├── templates │ │ ├── NOTES.txt │ │ ├── _helpers.tpl │ │ ├── admission-webhook.yaml │ │ ├── config-custom-server-blocks.yaml │ │ ├── config-dbless.yaml │ │ ├── controller-cluster-role.yaml │ │ ├── controller-pdb.yaml │ │ ├── controller-rbac-cluster-role-binding.yaml │ │ ├── controller-rbac-role-binding.yaml │ │ ├── controller-rbac-role.yaml │ │ ├── controller-service-account.yaml │ │ ├── crd-kongconsumer.yaml │ │ ├── crd-kongcredential.yaml │ │ ├── crd-kongingress.yaml │ │ ├── crd-kongplugins.yaml │ │ ├── deployment.yaml │ │ ├── ingress-admin.yaml │ │ ├── ingress-manager.yaml │ │ ├── ingress-portal-api.yaml │ │ ├── ingress-portal.yaml │ │ ├── ingress-proxy.yaml │ │ ├── migrations-post-upgrade.yaml │ │ ├── migrations-pre-upgrade.yaml │ │ ├── migrations.yaml │ │ ├── pdb.yaml │ │ ├── psp.yaml │ │ ├── service-kong-admin.yaml │ │ ├── service-kong-manager.yaml │ │ ├── service-kong-portal-api.yaml │ │ ├── service-kong-portal.yaml │ │ ├── service-kong-proxy.yaml │ │ └── servicemonitor.yaml │ └── values.yaml ├── logstash │ ├── .helmignore │ ├── Chart.yaml │ ├── OWNERS │ ├── README.md │ ├── serviceaccount.yaml │ ├── templates │ │ ├── NOTES.txt │ │ ├── _helpers.tpl │ │ ├── files-config.yaml │ │ ├── ingress.yaml │ │ ├── patterns-config.yaml │ │ ├── pipeline-config.yaml │ │ ├── poddisruptionbudget.yaml │ │ ├── service.yaml │ │ ├── serviceaccount.yaml │ │ ├── servicemonitor.yaml │ │ └── statefulset.yaml │ └── values.yaml ├── mariadb │ ├── .helmignore │ ├── Chart.yaml │ ├── OWNERS │ ├── README.md │ ├── files │ │ └── docker-entrypoint-initdb.d │ │ │ └── README.md │ ├── templates │ │ ├── NOTES.txt │ │ ├── _helpers.tpl │ │ ├── initialization-configmap.yaml │ │ ├── master-configmap.yaml │ │ ├── master-pdb.yaml │ │ ├── master-statefulset.yaml │ │ ├── master-svc.yaml │ │ ├── role.yaml │ │ ├── rolebinding.yaml │ │ ├── secrets.yaml │ │ ├── serviceaccount.yaml │ │ ├── servicemonitor.yaml │ │ ├── slave-configmap.yaml │ │ ├── slave-pdb.yaml │ │ ├── slave-statefulset.yaml │ │ ├── slave-svc.yaml │ │ ├── test-runner.yaml │ │ └── tests.yaml │ ├── values-production.yaml │ ├── values.schema.json │ └── values.yaml ├── matomo │ ├── .helmignore │ ├── Chart.yaml │ ├── README.md │ ├── charts │ │ └── mariadb-5.11.1.tgz │ ├── requirements.lock │ ├── requirements.yaml │ ├── templates │ │ ├── NOTES.txt │ │ ├── _helpers.tpl │ │ ├── deployment.yaml │ │ ├── ingress.yaml │ │ ├── service.yaml │ │ └── tests │ │ │ └── test-connection.yaml │ └── values.yaml ├── mongodb-replicaset │ ├── .helmignore │ ├── Chart.yaml │ ├── OWNERS │ ├── README.md │ ├── ci │ │ ├── default-values.yaml │ │ ├── metrics-values.yaml │ │ └── tls-values.yaml │ ├── init │ │ └── on-start.sh │ ├── install │ │ ├── .dockerignore │ │ ├── Dockerfile │ │ ├── Makefile │ │ └── install.sh │ ├── templates │ │ ├── NOTES.txt │ │ ├── _helpers.tpl │ │ ├── mongodb-admin-secret.yaml │ │ ├── mongodb-ca-secret.yaml │ │ ├── mongodb-init-configmap.yaml │ │ ├── mongodb-keyfile-secret.yaml │ │ ├── mongodb-metrics-secret.yaml │ │ ├── mongodb-mongodb-configmap.yaml │ │ ├── mongodb-poddisruptionbudget.yaml │ │ ├── mongodb-service-client.yaml │ │ ├── mongodb-service.yaml │ │ ├── mongodb-statefulset.yaml │ │ └── tests │ │ │ ├── mongodb-up-test-configmap.yaml │ │ │ └── mongodb-up-test-pod.yaml │ ├── test.sh │ ├── tests │ │ └── mongodb-up-test.sh │ └── values.yaml ├── mongodb │ ├── .helmignore │ ├── Chart.yaml │ ├── OWNERS │ ├── README.md │ ├── files │ │ └── docker-entrypoint-initdb.d │ │ │ └── README.md │ ├── templates │ │ ├── NOTES.txt │ │ ├── _helpers.tpl │ │ ├── configmap.yaml │ │ ├── deployment-standalone.yaml │ │ ├── ingress.yaml │ │ ├── initialization-configmap.yaml │ │ ├── poddisruptionbudget-arbiter-rs.yaml │ │ ├── poddisruptionbudget-secondary-rs.yaml │ │ ├── prometheus-alerting-rule.yaml │ │ ├── prometheus-service-monitor.yaml │ │ ├── pvc-standalone.yaml │ │ ├── secrets.yaml │ │ ├── statefulset-arbiter-rs.yaml │ │ ├── statefulset-primary-rs.yaml │ │ ├── statefulset-secondary-rs.yaml │ │ ├── svc-headless-rs.yaml │ │ ├── svc-primary-rs.yaml │ │ └── svc-standalone.yaml │ ├── values-production.yaml │ ├── values.schema.json │ └── values.yaml ├── mysql-dump │ ├── .helmignore │ ├── Chart.yaml │ ├── OWNERS │ ├── README.md │ ├── files │ │ ├── job.tpl │ │ └── openstack-upload.py │ ├── templates │ │ ├── NOTES.txt │ │ ├── _helpers.tpl │ │ ├── configmap.yaml │ │ ├── cron.yaml │ │ ├── gcpserviceaccount.yaml │ │ ├── job.yaml │ │ ├── pvc.yaml │ │ └── secret.yaml │ └── values.yaml ├── mysql │ ├── .helmignore │ ├── Chart.yaml │ ├── OWNERS │ ├── README.md │ ├── templates │ │ ├── NOTES.txt │ │ ├── _helpers.tpl │ │ ├── configurationFiles-configmap.yaml │ │ ├── deployment.yaml │ │ ├── initializationFiles-configmap.yaml │ │ ├── pvc.yaml │ │ ├── secrets.yaml │ │ ├── serviceaccount.yaml │ │ ├── servicemonitor.yaml │ │ ├── svc.yaml │ │ └── tests │ │ │ ├── test-configmap.yaml │ │ │ └── test.yaml │ └── values.yaml ├── neo4j │ ├── Chart.yaml │ ├── README.md │ ├── ci │ │ └── ci-values.yaml │ ├── templates │ │ ├── NOTES.txt │ │ ├── _helpers.tpl │ │ ├── core-dns.yaml │ │ ├── core-statefulset.yaml │ │ ├── poddisruptionbudget.yaml │ │ ├── readreplicas-deployment.yaml │ │ ├── readreplicas-hpa.yaml │ │ ├── secret.yaml │ │ └── tests │ │ │ ├── test-config.yaml │ │ │ └── test-neo4j-cluster.yaml │ ├── test.sh │ └── values.yaml ├── nginx-ingress │ ├── .helmignore │ ├── Chart.yaml │ ├── OWNERS │ ├── README.md │ ├── ci │ │ ├── daemonset-customconfig-values.yaml │ │ ├── daemonset-customnodeport-values.yaml │ │ ├── daemonset-headers-values.yaml │ │ ├── daemonset-nodeport-values.yaml │ │ ├── daemonset-tcp-udp-configMapNamespace-values.yaml │ │ ├── daemonset-tcp-udp-values.yaml │ │ ├── daemonset-tcp-values.yaml │ │ ├── deamonset-default-values.yaml │ │ ├── deamonset-metrics-values.yaml │ │ ├── deamonset-psp-values.yaml │ │ ├── deamonset-webhook-and-psp-values.yaml │ │ ├── deamonset-webhook-values.yaml │ │ ├── deployment-autoscaling-values.yaml │ │ ├── deployment-customconfig-values.yaml │ │ ├── deployment-customnodeport-values.yaml │ │ ├── deployment-default-values.yaml │ │ ├── deployment-headers-values.yaml │ │ ├── deployment-metrics-values.yaml │ │ ├── deployment-nodeport-values.yaml │ │ ├── deployment-psp-values.yaml │ │ ├── deployment-tcp-udp-configMapNamespace-values.yaml │ │ ├── deployment-tcp-udp-values.yaml │ │ ├── deployment-tcp-values.yaml │ │ ├── deployment-webhook-and-psp-values.yaml │ │ └── deployment-webhook-values.yaml │ ├── templates │ │ ├── NOTES.txt │ │ ├── _helpers.tpl │ │ ├── addheaders-configmap.yaml │ │ ├── admission-webhooks │ │ │ ├── job-patch │ │ │ │ ├── clusterrole.yaml │ │ │ │ ├── clusterrolebinding.yaml │ │ │ │ ├── job-createSecret.yaml │ │ │ │ ├── job-patchWebhook.yaml │ │ │ │ ├── psp.yaml │ │ │ │ ├── role.yaml │ │ │ │ ├── rolebinding.yaml │ │ │ │ └── serviceaccount.yaml │ │ │ └── validating-webhook.yaml │ │ ├── clusterrole.yaml │ │ ├── clusterrolebinding.yaml │ │ ├── controller-configmap.yaml │ │ ├── controller-daemonset.yaml │ │ ├── controller-deployment.yaml │ │ ├── controller-hpa.yaml │ │ ├── controller-metrics-service.yaml │ │ ├── controller-poddisruptionbudget.yaml │ │ ├── controller-prometheusrules.yaml │ │ ├── controller-psp.yaml │ │ ├── controller-role.yaml │ │ ├── controller-rolebinding.yaml │ │ ├── controller-service.yaml │ │ ├── controller-serviceaccount.yaml │ │ ├── controller-servicemonitor.yaml │ │ ├── controller-webhook-service.yaml │ │ ├── default-backend-deployment.yaml │ │ ├── default-backend-poddisruptionbudget.yaml │ │ ├── default-backend-psp.yaml │ │ ├── default-backend-role.yaml │ │ ├── default-backend-rolebinding.yaml │ │ ├── default-backend-service.yaml │ │ ├── default-backend-serviceaccount.yaml │ │ ├── proxyheaders-configmap.yaml │ │ ├── tcp-configmap.yaml │ │ └── udp-configmap.yaml │ └── values.yaml ├── percona-xtradb-cluster │ ├── .helmignore │ ├── Chart.yaml │ ├── OWNERS │ ├── README.md │ ├── files │ │ ├── entrypoint.sh │ │ ├── functions.sh │ │ └── node.cnf │ ├── templates │ │ ├── NOTES.txt │ │ ├── _helpers.tpl │ │ ├── config-map_mysql-config.yaml │ │ ├── config-map_startup-scripts.yaml │ │ ├── pdb.yaml │ │ ├── prometheusrule.yaml │ │ ├── secrets.yaml │ │ ├── service-metrics.yaml │ │ ├── service-percona.yaml │ │ ├── service-repl.yaml │ │ ├── servicemonitor.yaml │ │ ├── statefulset.yaml │ │ └── tests │ │ │ ├── pxc-test-cm.yaml │ │ │ └── pxc-test.yaml │ └── values.yaml ├── percona │ ├── .helmignore │ ├── Chart.yaml │ ├── README.md │ ├── templates │ │ ├── NOTES.txt │ │ ├── _helpers.tpl │ │ ├── deployment.yaml │ │ ├── pvc.yaml │ │ ├── secrets.yaml │ │ └── svc.yaml │ └── values.yaml ├── postgresql │ ├── .helmignore │ ├── Chart.yaml │ ├── OWNERS │ ├── README.md │ ├── ci │ │ ├── default-values.yaml │ │ └── shmvolume-disabled-values.yaml │ ├── files │ │ ├── README.md │ │ ├── conf.d │ │ │ └── README.md │ │ └── docker-entrypoint-initdb.d │ │ │ └── README.md │ ├── templates │ │ ├── NOTES.txt │ │ ├── _helpers.tpl │ │ ├── configmap.yaml │ │ ├── extended-config-configmap.yaml │ │ ├── initialization-configmap.yaml │ │ ├── metrics-configmap.yaml │ │ ├── metrics-svc.yaml │ │ ├── networkpolicy.yaml │ │ ├── prometheusrule.yaml │ │ ├── secrets.yaml │ │ ├── serviceaccount.yaml │ │ ├── servicemonitor.yaml │ │ ├── statefulset-slaves.yaml │ │ ├── statefulset.yaml │ │ ├── svc-headless.yaml │ │ ├── svc-read.yaml │ │ └── svc.yaml │ ├── values-production.yaml │ ├── values.schema.json │ └── values.yaml ├── presto │ ├── .helmignore │ ├── Chart.yaml │ ├── README.md │ ├── templates │ │ ├── NOTES.txt │ │ ├── _helpers.tpl │ │ ├── configmap-coordinator.yaml │ │ ├── configmap-worker.yaml │ │ ├── deployment-coordinator.yaml │ │ ├── deployment-worker.yaml │ │ └── service.yaml │ └── values.yaml ├── prisma │ ├── .helmignore │ ├── Chart.yaml │ ├── OWNERS │ ├── README.md │ ├── ci │ │ └── example-values.yaml │ ├── requirements.lock │ ├── requirements.yaml │ ├── templates │ │ ├── NOTES.txt │ │ ├── _helpers.tpl │ │ ├── configmap.yaml │ │ ├── deployment.yaml │ │ ├── ingress.yaml │ │ ├── secret.yaml │ │ ├── service.yaml │ │ └── serviceaccount.yaml │ └── values.yaml ├── prometheus │ ├── prometheus-adapter │ │ ├── .helmignore │ │ ├── Chart.yaml │ │ ├── OWNERS │ │ ├── README.md │ │ ├── ci │ │ │ ├── default-values.yaml │ │ │ └── external-rules-values.yaml │ │ ├── templates │ │ │ ├── NOTES.txt │ │ │ ├── _helpers.tpl │ │ │ ├── custom-metrics-apiserver-auth-delegator-cluster-role-binding.yaml │ │ │ ├── custom-metrics-apiserver-auth-reader-role-binding.yaml │ │ │ ├── custom-metrics-apiserver-deployment.yaml │ │ │ ├── custom-metrics-apiserver-resource-reader-cluster-role-binding.yaml │ │ │ ├── custom-metrics-apiserver-service-account.yaml │ │ │ ├── custom-metrics-apiserver-service.yaml │ │ │ ├── custom-metrics-apiservice.yaml │ │ │ ├── custom-metrics-cluster-role.yaml │ │ │ ├── custom-metrics-configmap.yaml │ │ │ ├── custom-metrics-resource-reader-cluster-role.yaml │ │ │ ├── external-metrics-apiservice.yaml │ │ │ ├── external-metrics-cluster-role.yaml │ │ │ ├── hpa-custom-metrics-cluster-role-binding.yaml │ │ │ ├── hpa-external-metrics-cluster-role-binding.yaml │ │ │ ├── resource-metrics-apiservice.yaml │ │ │ ├── resource-metrics-cluster-role-binding.yaml │ │ │ ├── resource-metrics-cluster-role.yaml │ │ │ └── secret.yaml │ │ └── values.yaml │ ├── prometheus-base │ │ ├── .helmignore │ │ ├── Chart.yaml │ │ ├── OWNERS │ │ ├── README.md │ │ ├── templates │ │ │ ├── NOTES.txt │ │ │ ├── _helpers.tpl │ │ │ ├── alertmanager-clusterrole.yaml │ │ │ ├── alertmanager-clusterrolebinding.yaml │ │ │ ├── alertmanager-configmap.yaml │ │ │ ├── alertmanager-deployment.yaml │ │ │ ├── alertmanager-ingress.yaml │ │ │ ├── alertmanager-networkpolicy.yaml │ │ │ ├── alertmanager-pdb.yaml │ │ │ ├── alertmanager-podsecuritypolicy.yaml │ │ │ ├── alertmanager-pvc.yaml │ │ │ ├── alertmanager-service-headless.yaml │ │ │ ├── alertmanager-service.yaml │ │ │ ├── alertmanager-serviceaccount.yaml │ │ │ ├── alertmanager-statefulset.yaml │ │ │ ├── kube-state-metrics-clusterrole.yaml │ │ │ ├── kube-state-metrics-clusterrolebinding.yaml │ │ │ ├── kube-state-metrics-deployment.yaml │ │ │ ├── kube-state-metrics-networkpolicy.yaml │ │ │ ├── kube-state-metrics-pdb.yaml │ │ │ ├── kube-state-metrics-podsecuritypolicy.yaml │ │ │ ├── kube-state-metrics-serviceaccount.yaml │ │ │ ├── kube-state-metrics-svc.yaml │ │ │ ├── node-exporter-daemonset.yaml │ │ │ ├── node-exporter-podsecuritypolicy.yaml │ │ │ ├── node-exporter-role.yaml │ │ │ ├── node-exporter-rolebinding.yaml │ │ │ ├── node-exporter-service.yaml │ │ │ ├── node-exporter-serviceaccount.yaml │ │ │ ├── pushgateway-clusterrole.yaml │ │ │ ├── pushgateway-clusterrolebinding.yaml │ │ │ ├── pushgateway-deployment.yaml │ │ │ ├── pushgateway-ingress.yaml │ │ │ ├── pushgateway-networkpolicy.yaml │ │ │ ├── pushgateway-pdb.yaml │ │ │ ├── pushgateway-podsecuritypolicy.yaml │ │ │ ├── pushgateway-pvc.yaml │ │ │ ├── pushgateway-service.yaml │ │ │ ├── pushgateway-serviceaccount.yaml │ │ │ ├── server-clusterrole.yaml │ │ │ ├── server-clusterrolebinding.yaml │ │ │ ├── server-configmap.yaml │ │ │ ├── server-deployment.yaml │ │ │ ├── server-ingress.yaml │ │ │ ├── server-networkpolicy.yaml │ │ │ ├── server-pdb.yaml │ │ │ ├── server-podsecuritypolicy.yaml │ │ │ ├── server-pvc.yaml │ │ │ ├── server-service-headless.yaml │ │ │ ├── server-service.yaml │ │ │ ├── server-serviceaccount.yaml │ │ │ └── server-statefulset.yaml │ │ └── values.yaml │ ├── prometheus-blackbox-exporter │ │ ├── Chart.yaml │ │ ├── OWNERS │ │ ├── README.md │ │ ├── ci │ │ │ ├── default-values.yaml │ │ │ └── secret-values.yaml │ │ ├── templates │ │ │ ├── NOTES.txt │ │ │ ├── _helpers.tpl │ │ │ ├── configmap.yaml │ │ │ ├── deployment.yaml │ │ │ ├── ingress.yaml │ │ │ ├── poddisruptionbudget.yaml │ │ │ ├── service.yaml │ │ │ └── servicemonitor.yaml │ │ └── values.yaml │ ├── prometheus-cloudwatch-exporter │ │ ├── .helmignore │ │ ├── CHANGELOG.md │ │ ├── Chart.yaml │ │ ├── OWNERS │ │ ├── README.md │ │ ├── templates │ │ │ ├── NOTES.txt │ │ │ ├── _helpers.tpl │ │ │ ├── clusterrole.yaml │ │ │ ├── clusterrolebinding.yaml │ │ │ ├── configmap.yaml │ │ │ ├── deployment.yaml │ │ │ ├── ingress.yaml │ │ │ ├── secrets.yaml │ │ │ ├── service.yaml │ │ │ ├── serviceaccount.yaml │ │ │ └── servicemonitor.yaml │ │ └── values.yaml │ ├── prometheus-consul-exporter │ │ ├── .helmignore │ │ ├── Chart.yaml │ │ ├── README.md │ │ ├── templates │ │ │ ├── NOTES.txt │ │ │ ├── _helpers.tpl │ │ │ ├── deployment.yaml │ │ │ ├── podsecuritypolicy.yaml │ │ │ ├── role.yaml │ │ │ ├── rolebinding.yaml │ │ │ ├── service.yaml │ │ │ └── serviceaccount.yaml │ │ └── values.yaml │ ├── prometheus-couchdb-exporter │ │ ├── .helmignore │ │ ├── Chart.yaml │ │ ├── README.md │ │ ├── templates │ │ │ ├── NOTES.txt │ │ │ ├── _helpers.tpl │ │ │ ├── deployment.yaml │ │ │ ├── ingress.yaml │ │ │ ├── podsecuritypolicy.yaml │ │ │ ├── role.yaml │ │ │ ├── rolebinding.yaml │ │ │ ├── service.yaml │ │ │ └── serviceaccount.yaml │ │ └── values.yaml │ ├── prometheus-mongodb-exporter │ │ ├── .helmignore │ │ ├── Chart.yaml │ │ ├── OWNERS │ │ ├── README.md │ │ ├── ci │ │ │ ├── env-values.yaml │ │ │ └── servicemonitor-disabled-values.yaml │ │ ├── templates │ │ │ ├── NOTES.txt │ │ │ ├── _helpers.tpl │ │ │ ├── deployment.yaml │ │ │ ├── secret.yaml │ │ │ ├── service.yaml │ │ │ ├── serviceaccount.yaml │ │ │ ├── servicemonitor.yaml │ │ │ └── tests │ │ │ │ └── test-connection.yaml │ │ └── values.yaml │ ├── prometheus-mysql-exporter │ │ ├── .helmignore │ │ ├── Chart.yaml │ │ ├── OWNERS │ │ ├── README.md │ │ ├── templates │ │ │ ├── NOTES.txt │ │ │ ├── _helpers.tpl │ │ │ ├── deployment.yaml │ │ │ ├── secret-env.yaml │ │ │ ├── secret.yaml │ │ │ ├── service.yaml │ │ │ └── servicemonitor.yaml │ │ └── values.yaml │ ├── prometheus-nats-exporter │ │ ├── .helmignore │ │ ├── Chart.yaml │ │ ├── OWNERS │ │ ├── README.md │ │ ├── templates │ │ │ ├── NOTES.txt │ │ │ ├── _helpers.tpl │ │ │ ├── deployment.yaml │ │ │ └── service.yaml │ │ └── values.yaml │ ├── prometheus-node-exporter │ │ ├── .helmignore │ │ ├── Chart.yaml │ │ ├── OWNERS │ │ ├── README.md │ │ ├── templates │ │ │ ├── NOTES.txt │ │ │ ├── _helpers.tpl │ │ │ ├── daemonset.yaml │ │ │ ├── endpoints.yaml │ │ │ ├── monitor.yaml │ │ │ ├── psp-clusterrole.yaml │ │ │ ├── psp-clusterrolebinding.yaml │ │ │ ├── psp.yaml │ │ │ ├── service.yaml │ │ │ └── serviceaccount.yaml │ │ └── values.yaml │ ├── prometheus-operator │ │ ├── .helmignore │ │ ├── CONTRIBUTING.md │ │ ├── Chart.yaml │ │ ├── OWNERS │ │ ├── README.md │ │ ├── ci │ │ │ ├── 01-provision-crds-values.yaml │ │ │ └── 02-test-without-crds-values.yaml │ │ ├── crds │ │ │ ├── crd-alertmanager.yaml │ │ │ ├── crd-podmonitor.yaml │ │ │ ├── crd-prometheus.yaml │ │ │ ├── crd-prometheusrules.yaml │ │ │ └── crd-servicemonitor.yaml │ │ ├── hack │ │ │ ├── README.md │ │ │ ├── minikube │ │ │ │ ├── README.md │ │ │ │ ├── cmd.sh │ │ │ │ └── values.yaml │ │ │ ├── requirements.txt │ │ │ ├── sync_grafana_dashboards.py │ │ │ └── sync_prometheus_rules.py │ │ ├── requirements.lock │ │ ├── requirements.yaml │ │ ├── templates │ │ │ ├── NOTES.txt │ │ │ ├── _helpers.tpl │ │ │ ├── alertmanager │ │ │ │ ├── alertmanager.yaml │ │ │ │ ├── ingress.yaml │ │ │ │ ├── podDisruptionBudget.yaml │ │ │ │ ├── psp-clusterrole.yaml │ │ │ │ ├── psp-clusterrolebinding.yaml │ │ │ │ ├── psp.yaml │ │ │ │ ├── secret.yaml │ │ │ │ ├── service.yaml │ │ │ │ ├── serviceaccount.yaml │ │ │ │ └── servicemonitor.yaml │ │ │ ├── exporters │ │ │ │ ├── core-dns │ │ │ │ │ ├── service.yaml │ │ │ │ │ └── servicemonitor.yaml │ │ │ │ ├── kube-api-server │ │ │ │ │ └── servicemonitor.yaml │ │ │ │ ├── kube-controller-manager │ │ │ │ │ ├── endpoints.yaml │ │ │ │ │ ├── service.yaml │ │ │ │ │ └── servicemonitor.yaml │ │ │ │ ├── kube-dns │ │ │ │ │ ├── service.yaml │ │ │ │ │ └── servicemonitor.yaml │ │ │ │ ├── kube-etcd │ │ │ │ │ ├── endpoints.yaml │ │ │ │ │ ├── service.yaml │ │ │ │ │ └── servicemonitor.yaml │ │ │ │ ├── kube-proxy │ │ │ │ │ ├── endpoints.yaml │ │ │ │ │ ├── service.yaml │ │ │ │ │ └── servicemonitor.yaml │ │ │ │ ├── kube-scheduler │ │ │ │ │ ├── endpoints.yaml │ │ │ │ │ ├── service.yaml │ │ │ │ │ └── servicemonitor.yaml │ │ │ │ ├── kube-state-metrics │ │ │ │ │ └── serviceMonitor.yaml │ │ │ │ ├── kubelet │ │ │ │ │ └── servicemonitor.yaml │ │ │ │ └── node-exporter │ │ │ │ │ └── servicemonitor.yaml │ │ │ ├── grafana │ │ │ │ ├── configmap-dashboards.yaml │ │ │ │ ├── configmaps-datasources.yaml │ │ │ │ ├── dashboards-1.14 │ │ │ │ │ ├── apiserver.yaml │ │ │ │ │ ├── cluster-total.yaml │ │ │ │ │ ├── controller-manager.yaml │ │ │ │ │ ├── etcd.yaml │ │ │ │ │ ├── k8s-coredns.yaml │ │ │ │ │ ├── k8s-resources-cluster.yaml │ │ │ │ │ ├── k8s-resources-namespace.yaml │ │ │ │ │ ├── k8s-resources-node.yaml │ │ │ │ │ ├── k8s-resources-pod.yaml │ │ │ │ │ ├── k8s-resources-workload.yaml │ │ │ │ │ ├── k8s-resources-workloads-namespace.yaml │ │ │ │ │ ├── kubelet.yaml │ │ │ │ │ ├── namespace-by-pod.yaml │ │ │ │ │ ├── namespace-by-workload.yaml │ │ │ │ │ ├── node-cluster-rsrc-use.yaml │ │ │ │ │ ├── node-rsrc-use.yaml │ │ │ │ │ ├── nodes.yaml │ │ │ │ │ ├── persistentvolumesusage.yaml │ │ │ │ │ ├── pod-total.yaml │ │ │ │ │ ├── pods.yaml │ │ │ │ │ ├── prometheus-remote-write.yaml │ │ │ │ │ ├── prometheus.yaml │ │ │ │ │ ├── proxy.yaml │ │ │ │ │ ├── scheduler.yaml │ │ │ │ │ ├── statefulset.yaml │ │ │ │ │ └── workload-total.yaml │ │ │ │ ├── dashboards │ │ │ │ │ ├── etcd.yaml │ │ │ │ │ ├── k8s-cluster-rsrc-use.yaml │ │ │ │ │ ├── k8s-node-rsrc-use.yaml │ │ │ │ │ ├── k8s-resources-cluster.yaml │ │ │ │ │ ├── k8s-resources-namespace.yaml │ │ │ │ │ ├── k8s-resources-pod.yaml │ │ │ │ │ ├── k8s-resources-workload.yaml │ │ │ │ │ ├── k8s-resources-workloads-namespace.yaml │ │ │ │ │ ├── nodes.yaml │ │ │ │ │ ├── persistentvolumesusage.yaml │ │ │ │ │ ├── pods.yaml │ │ │ │ │ └── statefulset.yaml │ │ │ │ └── servicemonitor.yaml │ │ │ ├── prometheus-operator │ │ │ │ ├── admission-webhooks │ │ │ │ │ ├── job-patch │ │ │ │ │ │ ├── clusterrole.yaml │ │ │ │ │ │ ├── clusterrolebinding.yaml │ │ │ │ │ │ ├── job-createSecret.yaml │ │ │ │ │ │ ├── job-patchWebhook.yaml │ │ │ │ │ │ ├── psp.yaml │ │ │ │ │ │ ├── role.yaml │ │ │ │ │ │ ├── rolebinding.yaml │ │ │ │ │ │ └── serviceaccount.yaml │ │ │ │ │ ├── mutatingWebhookConfiguration.yaml │ │ │ │ │ └── validatingWebhookConfiguration.yaml │ │ │ │ ├── cleanup-crds.yaml │ │ │ │ ├── clusterrole.yaml │ │ │ │ ├── clusterrolebinding.yaml │ │ │ │ ├── crds.yaml │ │ │ │ ├── deployment.yaml │ │ │ │ ├── psp-clusterrole.yaml │ │ │ │ ├── psp-clusterrolebinding.yaml │ │ │ │ ├── psp.yaml │ │ │ │ ├── service.yaml │ │ │ │ ├── serviceaccount.yaml │ │ │ │ └── servicemonitor.yaml │ │ │ └── prometheus │ │ │ │ ├── additionalAlertRelabelConfigs.yaml │ │ │ │ ├── additionalAlertmanagerConfigs.yaml │ │ │ │ ├── additionalPrometheusRules.yaml │ │ │ │ ├── additionalScrapeConfigs.yaml │ │ │ │ ├── clusterrole.yaml │ │ │ │ ├── clusterrolebinding.yaml │ │ │ │ ├── ingress.yaml │ │ │ │ ├── ingressperreplica.yaml │ │ │ │ ├── podDisruptionBudget.yaml │ │ │ │ ├── podmonitors.yaml │ │ │ │ ├── prometheus.yaml │ │ │ │ ├── psp-clusterrole.yaml │ │ │ │ ├── psp-clusterrolebinding.yaml │ │ │ │ ├── psp.yaml │ │ │ │ ├── rules-1.14 │ │ │ │ ├── alertmanager.rules.yaml │ │ │ │ ├── etcd.yaml │ │ │ │ ├── general.rules.yaml │ │ │ │ ├── k8s.rules.yaml │ │ │ │ ├── kube-apiserver.rules.yaml │ │ │ │ ├── kube-prometheus-node-recording.rules.yaml │ │ │ │ ├── kube-scheduler.rules.yaml │ │ │ │ ├── kubernetes-absent.yaml │ │ │ │ ├── kubernetes-apps.yaml │ │ │ │ ├── kubernetes-resources.yaml │ │ │ │ ├── kubernetes-storage.yaml │ │ │ │ ├── kubernetes-system-apiserver.yaml │ │ │ │ ├── kubernetes-system-controller-manager.yaml │ │ │ │ ├── kubernetes-system-kubelet.yaml │ │ │ │ ├── kubernetes-system-scheduler.yaml │ │ │ │ ├── kubernetes-system.yaml │ │ │ │ ├── node-exporter.rules.yaml │ │ │ │ ├── node-exporter.yaml │ │ │ │ ├── node-network.yaml │ │ │ │ ├── node-time.yaml │ │ │ │ ├── node.rules.yaml │ │ │ │ ├── prometheus-operator.yaml │ │ │ │ └── prometheus.yaml │ │ │ │ ├── rules │ │ │ │ ├── alertmanager.rules.yaml │ │ │ │ ├── etcd.yaml │ │ │ │ ├── general.rules.yaml │ │ │ │ ├── k8s.rules.yaml │ │ │ │ ├── kube-apiserver.rules.yaml │ │ │ │ ├── kube-prometheus-node-alerting.rules.yaml │ │ │ │ ├── kube-prometheus-node-recording.rules.yaml │ │ │ │ ├── kube-scheduler.rules.yaml │ │ │ │ ├── kubernetes-absent.yaml │ │ │ │ ├── kubernetes-apps.yaml │ │ │ │ ├── kubernetes-resources.yaml │ │ │ │ ├── kubernetes-storage.yaml │ │ │ │ ├── kubernetes-system.yaml │ │ │ │ ├── node-network.yaml │ │ │ │ ├── node-time.yaml │ │ │ │ ├── node.rules.yaml │ │ │ │ ├── prometheus-operator.yaml │ │ │ │ └── prometheus.rules.yaml │ │ │ │ ├── service.yaml │ │ │ │ ├── serviceaccount.yaml │ │ │ │ ├── servicemonitor.yaml │ │ │ │ ├── servicemonitors.yaml │ │ │ │ └── serviceperreplica.yaml │ │ └── values.yaml │ ├── prometheus-postgres-exporter │ │ ├── .helmignore │ │ ├── Chart.yaml │ │ ├── README.md │ │ ├── templates │ │ │ ├── NOTES.txt │ │ │ ├── _helpers.tpl │ │ │ ├── configmap.yaml │ │ │ ├── deployment.yaml │ │ │ ├── podsecuritypolicy.yaml │ │ │ ├── role.yaml │ │ │ ├── rolebinding.yaml │ │ │ ├── secrets.yaml │ │ │ ├── service.yaml │ │ │ ├── serviceaccount.yaml │ │ │ └── servicemonitor.yaml │ │ └── values.yaml │ ├── prometheus-pushgateway │ │ ├── .helmignore │ │ ├── Chart.yaml │ │ ├── OWNERS │ │ ├── README.md │ │ ├── templates │ │ │ ├── NOTES.txt │ │ │ ├── _helpers.tpl │ │ │ ├── deployment.yaml │ │ │ ├── ingress.yaml │ │ │ ├── networkpolicy.yaml │ │ │ ├── pdb.yaml │ │ │ ├── service.yaml │ │ │ ├── serviceaccount.yaml │ │ │ └── servicemonitor.yaml │ │ └── values.yaml │ ├── prometheus-rabbitmq-exporter │ │ ├── .helmignore │ │ ├── Chart.yaml │ │ ├── README.md │ │ ├── templates │ │ │ ├── NOTES.txt │ │ │ ├── _helpers.tpl │ │ │ ├── deployment.yaml │ │ │ ├── prometheusrule.yaml │ │ │ ├── service.yaml │ │ │ └── servicemonitor.yaml │ │ └── values.yaml │ ├── prometheus-redis-exporter │ │ ├── .helmignore │ │ ├── Chart.yaml │ │ ├── OWNERS │ │ ├── README.md │ │ ├── templates │ │ │ ├── NOTES.txt │ │ │ ├── _helpers.tpl │ │ │ ├── deployment.yaml │ │ │ ├── podsecuritypolicy.yaml │ │ │ ├── role.yaml │ │ │ ├── rolebinding.yaml │ │ │ ├── service.yaml │ │ │ ├── serviceaccount.yaml │ │ │ └── servicemonitor.yaml │ │ └── values.yaml │ ├── prometheus-snmp-exporter │ │ ├── Chart.yaml │ │ ├── OWNERS │ │ ├── README.md │ │ ├── templates │ │ │ ├── NOTES.txt │ │ │ ├── _helpers.tpl │ │ │ ├── configmap.yaml │ │ │ ├── deployment.yaml │ │ │ ├── ingress.yaml │ │ │ ├── role.yaml │ │ │ ├── rolebinding.yaml │ │ │ ├── service.yaml │ │ │ ├── serviceaccount.yaml │ │ │ └── servicemonitor.yaml │ │ └── values.yaml │ └── prometheus-to-sd │ │ ├── .helmignore │ │ ├── Chart.yaml │ │ ├── OWNERS │ │ ├── README.md │ │ ├── templates │ │ ├── NOTES.txt │ │ ├── _helpers.tpl │ │ └── deployment.yaml │ │ └── values.yaml ├── rabbitmq-ha │ ├── .helmignore │ ├── Chart.yaml │ ├── OWNERS │ ├── README.md │ ├── ci │ │ ├── prometheus-exporter-values.yaml │ │ └── prometheus-plugin-values.yaml │ ├── templates │ │ ├── NOTES.txt │ │ ├── _helpers.tpl │ │ ├── alerts.yaml │ │ ├── configmap.yaml │ │ ├── ingress.yaml │ │ ├── pdb.yaml │ │ ├── role.yaml │ │ ├── rolebinding.yaml │ │ ├── secret.yaml │ │ ├── service-discovery.yaml │ │ ├── service.yaml │ │ ├── serviceaccount.yaml │ │ ├── servicemonitor.yaml │ │ └── statefulset.yaml │ └── values.yaml ├── rabbitmq │ ├── .helmignore │ ├── Chart.yaml │ ├── OWNERS │ ├── README.md │ ├── ci │ │ ├── affinity-toleration-values.yaml │ │ ├── default-values.yaml │ │ └── networkpolicy-values.yaml │ ├── templates │ │ ├── NOTES.txt │ │ ├── _helpers.tpl │ │ ├── certs.yaml │ │ ├── configuration.yaml │ │ ├── healthchecks.yaml │ │ ├── ingress.yaml │ │ ├── networkpolicy.yaml │ │ ├── pdb.yaml │ │ ├── role.yaml │ │ ├── rolebinding.yaml │ │ ├── secrets.yaml │ │ ├── serviceaccount.yaml │ │ ├── servicemonitor.yaml │ │ ├── statefulset.yaml │ │ ├── svc-headless.yaml │ │ └── svc.yaml │ ├── values-production.yaml │ ├── values.schema.json │ └── values.yaml ├── redis-ha │ ├── Chart.yaml │ ├── OWNERS │ ├── README.md │ ├── ci │ │ └── haproxy-enabled-values.yaml │ ├── templates │ │ ├── NOTES.txt │ │ ├── _configs.tpl │ │ ├── _helpers.tpl │ │ ├── redis-auth-secret.yaml │ │ ├── redis-ha-announce-service.yaml │ │ ├── redis-ha-configmap.yaml │ │ ├── redis-ha-pdb.yaml │ │ ├── redis-ha-role.yaml │ │ ├── redis-ha-rolebinding.yaml │ │ ├── redis-ha-service.yaml │ │ ├── redis-ha-serviceaccount.yaml │ │ ├── redis-ha-servicemonitor.yaml │ │ ├── redis-ha-statefulset.yaml │ │ ├── redis-haproxy-deployment.yaml │ │ ├── redis-haproxy-service.yaml │ │ ├── redis-haproxy-serviceaccount.yaml │ │ ├── redis-haproxy-servicemonitor.yaml │ │ └── tests │ │ │ ├── test-redis-ha-configmap.yaml │ │ │ └── test-redis-ha-pod.yaml │ └── values.yaml ├── redis │ ├── .helmignore │ ├── Chart.yaml │ ├── OWNERS │ ├── README.md │ ├── ci │ │ ├── default-values.yaml │ │ ├── dev-values.yaml │ │ ├── extra-flags-values.yaml │ │ ├── insecure-sentinel-values.yaml │ │ ├── production-sentinel-values.yaml │ │ ├── production-values.yaml │ │ ├── redis-lib-values.yaml │ │ └── redisgraph-module-values.yaml │ ├── templates │ │ ├── NOTES.txt │ │ ├── _helpers.tpl │ │ ├── configmap.yaml │ │ ├── headless-svc.yaml │ │ ├── health-configmap.yaml │ │ ├── metrics-prometheus.yaml │ │ ├── metrics-svc.yaml │ │ ├── networkpolicy.yaml │ │ ├── psp.yaml │ │ ├── redis-master-statefulset.yaml │ │ ├── redis-master-svc.yaml │ │ ├── redis-role.yaml │ │ ├── redis-rolebinding.yaml │ │ ├── redis-serviceaccount.yaml │ │ ├── redis-slave-statefulset.yaml │ │ ├── redis-slave-svc.yaml │ │ ├── redis-with-sentinel-svc.yaml │ │ └── secret.yaml │ ├── values-production.yaml │ ├── values.schema.json │ └── values.yaml ├── sentry │ ├── .helmignore │ ├── Chart.yaml │ ├── OWNERS │ ├── README.md │ ├── requirements.lock │ ├── requirements.yaml │ ├── templates │ │ ├── NOTES.txt │ │ ├── _helpers.tpl │ │ ├── configmap.yaml │ │ ├── cron-deployment.yaml │ │ ├── hooks │ │ │ ├── db-init.job.yaml │ │ │ └── user-create.job.yaml │ │ ├── ingress.yaml │ │ ├── metrics-deployment.yaml │ │ ├── metrics-prometheus.yaml │ │ ├── metrics-service.yaml │ │ ├── pvc.yaml │ │ ├── secrets.yaml │ │ ├── serviceaccount.yaml │ │ ├── web-deployment.yaml │ │ ├── web-service.yaml │ │ └── workers-deployment.yaml │ └── values.yaml ├── spark-history-server │ ├── .helmignore │ ├── Chart.yaml │ ├── OWNERS │ ├── README.md │ ├── charts │ │ └── nfs │ │ │ ├── Chart.yaml │ │ │ ├── README.md │ │ │ ├── nfs-data │ │ │ ├── Dockerfile │ │ │ ├── README.md │ │ │ ├── index.html │ │ │ └── run_nfs.sh │ │ │ ├── nfs-pv.png │ │ │ ├── templates │ │ │ ├── _helpers.tpl │ │ │ ├── nfs-pv.yaml │ │ │ ├── nfs-pvc.yaml │ │ │ ├── nfs-server-deployment.yaml │ │ │ ├── nfs-server-gce-pv.yaml │ │ │ └── nfs-server-service.yaml │ │ │ └── values.yaml │ ├── templates │ │ ├── NOTES.txt │ │ ├── _helpers.tpl │ │ ├── cleanup-job.yaml │ │ ├── configmap.yaml │ │ ├── deployment.yaml │ │ ├── ingress.yaml │ │ ├── rbac.yaml │ │ ├── service.yaml │ │ └── serviceaccount.yaml │ └── values.yaml ├── spark │ ├── .helmignore │ ├── Chart.yaml │ ├── OWNERS │ ├── README.md │ ├── templates │ │ ├── NOTES.txt │ │ ├── _helpers.tpl │ │ ├── spark-master-deployment.yaml │ │ ├── spark-sql-test.yaml │ │ ├── spark-worker-deployment.yaml │ │ ├── spark-worker-hpa.yaml │ │ ├── spark-zeppelin-config-pvc.yaml │ │ ├── spark-zeppelin-deployment.yaml │ │ ├── spark-zeppelin-ingress.yaml │ │ └── spark-zeppelin-notebook-pvc.yaml │ └── values.yaml ├── spinnaker │ ├── .helmignore │ ├── Chart.yaml │ ├── OWNERS │ ├── README.md │ ├── requirements.lock │ ├── requirements.yaml │ ├── templates │ │ ├── NOTES.txt │ │ ├── _helpers.tpl │ │ ├── configmap │ │ │ ├── additional-configmaps.yaml │ │ │ ├── additional-profile-configmaps.yaml │ │ │ ├── additional-scripts.yaml │ │ │ ├── bom.yaml │ │ │ ├── halyard-config.yaml │ │ │ ├── halyard-init-script.yaml │ │ │ ├── service-configs.yaml │ │ │ └── service-settings.yaml │ │ ├── hooks │ │ │ ├── cleanup.yaml │ │ │ └── install-using-hal.yaml │ │ ├── ingress │ │ │ ├── deck.yaml │ │ │ └── gate.yaml │ │ ├── rbac │ │ │ ├── halyard-sa.yaml │ │ │ ├── rolebinding.yaml │ │ │ └── spinnaker-sa.yaml │ │ ├── secrets │ │ │ ├── additional-secrets.yaml │ │ │ ├── gcs.yaml │ │ │ ├── registry.yaml │ │ │ └── s3.yaml │ │ ├── services │ │ │ └── halyard.yaml │ │ └── statefulsets │ │ │ └── halyard.yaml │ ├── values.yaml │ └── values_saml.yaml ├── spring-cloud-data-flow │ ├── .helmignore │ ├── Chart.yaml │ ├── OWNERS │ ├── README.md │ ├── requirements.lock │ ├── requirements.yaml │ ├── templates │ │ ├── NOTES.txt │ │ ├── _helpers.tpl │ │ ├── database-secret.yaml │ │ ├── grafana-configmap.yaml │ │ ├── grafana-secret.yaml │ │ ├── prometheus-proxy-clusterrolebinding.yaml │ │ ├── prometheus-proxy-deployment.yaml │ │ ├── prometheus-proxy-service.yaml │ │ ├── prometheus-proxy-serviceaccount.yaml │ │ ├── server-config.yaml │ │ ├── server-deployment.yaml │ │ ├── server-rbac.yaml │ │ ├── server-service.yaml │ │ ├── service-account.yaml │ │ ├── skipper-config.yaml │ │ ├── skipper-deployment.yaml │ │ └── skipper-service.yaml │ └── values.yaml ├── telegraf │ ├── .helmignore │ ├── Chart.yaml │ ├── OWNERS │ ├── README.md │ ├── templates │ │ ├── NOTES.txt │ │ ├── _helpers.tpl │ │ ├── configmap.yaml │ │ ├── deployment.yaml │ │ └── service.yaml │ └── values.yaml ├── tensorflow-notebook │ ├── .helmignore │ ├── Chart.yaml │ ├── OWNERS │ ├── README.md │ ├── jupyter.jpg │ ├── templates │ │ ├── NOTES.txt │ │ ├── _helpers.tpl │ │ ├── deployment.yaml │ │ ├── secrets.yaml │ │ └── service.yaml │ ├── tensorboard.jpg │ └── values.yaml ├── tensorflow-serving │ ├── .helmignore │ ├── Chart.yaml │ ├── OWNERS │ ├── README.md │ ├── models │ │ └── mnist-export.tar.gz │ ├── templates │ │ ├── NOTES.txt │ │ ├── _helpers.tpl │ │ ├── deployment.yaml │ │ ├── pvc.yaml │ │ └── service.yaml │ └── values.yaml ├── tomcat │ ├── Chart.yaml │ ├── README.md │ ├── templates │ │ ├── NOTES.txt │ │ ├── _helpers.tpl │ │ ├── appsrv-svc.yaml │ │ └── appsrv.yaml │ └── values.yaml ├── traefik │ ├── .helmignore │ ├── Chart.yaml │ ├── OWNERS │ ├── README.md │ ├── ci │ │ └── ci-values.yaml │ ├── templates │ │ ├── NOTES.txt │ │ ├── _helpers.tpl │ │ ├── acme-pvc.yaml │ │ ├── client-ca-configmap.yaml │ │ ├── config-files.yaml │ │ ├── configmap.yaml │ │ ├── dashboard-ingress.yaml │ │ ├── dashboard-service.yaml │ │ ├── default-cert-secret.yaml │ │ ├── deployment.yaml │ │ ├── dns-provider-secret.yaml │ │ ├── hpa.yaml │ │ ├── poddisruptionbudget.yaml │ │ ├── prometheus-service.yaml │ │ ├── rbac.yaml │ │ ├── secret-files.yaml │ │ ├── service.yaml │ │ ├── servicemonitor.yaml │ │ ├── storeconfig-job.yaml │ │ └── tests │ │ │ ├── test-configmap.yaml │ │ │ └── test.yaml │ └── values.yaml └── wordpress │ ├── .helmignore │ ├── Chart.yaml │ ├── OWNERS │ ├── README.md │ ├── requirements.lock │ ├── requirements.yaml │ ├── templates │ ├── NOTES.txt │ ├── _helpers.tpl │ ├── deployment.yaml │ ├── externaldb-secrets.yaml │ ├── ingress.yaml │ ├── pvc.yaml │ ├── secrets.yaml │ ├── servicemonitor.yaml │ ├── svc.yaml │ ├── tests │ │ └── test-mariadb-connection.yaml │ └── tls-secrets.yaml │ ├── values-production.yaml │ ├── values.schema.json │ └── values.yaml ├── k3d ├── .gitignore ├── Makefile ├── README.md ├── sample │ ├── Dockerfile │ ├── Makefile │ ├── bin │ │ ├── format │ │ ├── lint │ │ ├── noop │ │ ├── serve-develop │ │ └── serve-production │ ├── conf │ │ ├── app │ │ │ ├── gunicorn.py │ │ │ └── requirements.txt │ │ ├── charts │ │ │ └── sample-app │ │ │ │ ├── .helmignore │ │ │ │ ├── Chart.yaml │ │ │ │ ├── templates │ │ │ │ ├── _helpers.tpl │ │ │ │ └── web.yaml │ │ │ │ └── values.yaml │ │ └── docker-compose.local.yml │ ├── docker-compose.override.yml │ ├── docker-compose.yml │ └── src │ │ └── app │ │ ├── __init__.py │ │ ├── app.py │ │ ├── settings.py │ │ └── web │ │ ├── __init__.py │ │ ├── controllers.py │ │ ├── static │ │ └── css │ │ │ └── main.css │ │ └── templates │ │ └── index.html └── scripts │ ├── common.sh │ ├── lifecycle.sh │ ├── multiserver.sh │ └── prep.sh ├── k8s-yaml-templates ├── .gitignore ├── README.org ├── config │ ├── configmap-plaintext.yaml │ ├── pod-configmap.yaml │ ├── pod-env-metada.yaml │ └── pod-environment-var.yaml ├── crd │ └── monkeys.yaml ├── deployment │ ├── deployment-mysql.yaml │ ├── deployment-nginx-serviceaccount.yaml │ └── deployment-nginx.yaml ├── hpa │ └── hpa-nginx.yaml ├── job │ └── job-affinity.yaml ├── namespace │ └── ns-dummy.yaml ├── networksecurity │ ├── networksecurity-allowall-ingress.yaml │ ├── networksecurity-complicated.yaml │ ├── networksecurity-deny-othernamespaces.yaml │ ├── networksecurity-denyall-ingress.yaml │ ├── networksecurity-denyall.yaml │ ├── networksecurity-denyegress-exceptdns.yaml │ ├── networksecurity-pod.yaml │ └── networksecurity-port.yaml ├── pod │ ├── pod-dummy.yaml │ ├── pod-gitclone.yaml │ ├── pod-handlers.yaml │ ├── pod-healthcheck-nginx.yaml │ ├── pod-hostaliases.yaml │ ├── pod-initcontainer-sysctl.yaml │ ├── pod-nginx.yaml │ ├── pod-secrets.yaml │ └── pod-serviceaccount.yaml ├── podsecurity │ ├── podsecurity-advanced.yaml │ ├── podsecurity-enforce.yaml │ ├── podsecurity-example.yaml │ ├── podsecurity-privileged-usage.yaml │ ├── podsecurity-privileged.yaml │ ├── podsecurity-restricted.yaml │ └── securitycontext-user.yaml ├── quota │ ├── limitrange-mem-size.yaml │ ├── limitrange-pvc-cumulative-size.yaml │ └── limitrange-pvc-size.yaml ├── rbac │ ├── rbac-default.yaml │ └── serviceaccount-default.yaml ├── service │ ├── service-cassandra.yaml │ ├── service-clusterip-nginx.yaml │ ├── service-ingress.yaml │ ├── service-loadbalancer.yaml │ └── service-nodeport.yaml ├── statefulset │ ├── statefulset-nginx.yaml │ ├── statefulset-replicated-cassandra.yaml │ ├── statefulset-replicated-mysql │ │ └── README.md │ └── statefulset-single-mysql │ │ └── README.md └── volume │ ├── volume-digitalocean.yaml │ ├── volume-ebs.yaml │ ├── volume-emptydir.yaml │ ├── volume-gcePersistentDisk.yaml │ ├── volume-manual-pv.yaml │ ├── volume-mount-localpath.yaml │ ├── volume-nfs.yaml │ └── volume-preset.yaml ├── playground ├── create_namespace_and_serivce_account_for_it.sh └── nginx-deployment-service.yaml ├── serverless └── faas │ ├── README.md │ └── docker-compose.yml └── sidecar ├── k8s-mutate-webhook ├── .gitignore ├── Dockerfile ├── Makefile ├── README.md ├── cmd │ ├── main.go │ └── main_test.go ├── deploy │ └── webhook.yaml ├── go.mod ├── go.sum ├── kind.yaml ├── pkg │ └── mutate │ │ ├── mutate.go │ │ └── mutate_test.go ├── pod.yaml └── ssl │ ├── Makefile │ ├── csr.conf │ └── ssl.sh ├── k8s-sidecar-injector ├── .gitignore ├── .travis.yml ├── DEVELOP.md ├── Dockerfile ├── Gopkg.toml ├── LICENSE ├── Makefile ├── README.md ├── deployment │ ├── helm │ │ ├── .helmignore │ │ ├── Chart.yaml │ │ ├── templates │ │ │ ├── deployment.yaml │ │ │ ├── mutatingwebhook-template.yaml │ │ │ ├── sidecar-configmap.yaml │ │ │ └── sidecar-injector-service.yaml │ │ └── values.yaml │ └── kubectl │ │ ├── create-server-cert.sh │ │ ├── csr-template.conf │ │ ├── csr-template.yaml │ │ ├── deploy.sh │ │ ├── mutatingwebhook-template.yaml │ │ ├── replace-ca-token.sh │ │ ├── sidecar-configmap.yaml │ │ └── sidecar-injector-deployment.yaml ├── docker-push.sh ├── docker-run.sh ├── httpd │ └── simpleserver.go ├── main.go ├── routes │ └── mutator.go ├── sample │ ├── admission-request-with-env.json │ ├── admission-request.json │ ├── certs │ │ ├── cert.pem │ │ └── key.pem │ ├── echo-server-service.yaml │ ├── echo-server.yaml │ ├── namespace-label.yaml │ └── sidecar.yaml └── webhook │ └── mutator.go ├── k8s-sidecar-simple-injection ├── .gitignore ├── Dockerfile ├── Gopkg.lock ├── Gopkg.toml ├── LICENSE ├── README.md ├── build ├── deployment │ ├── configmap.yaml │ ├── deployment.yaml │ ├── mutatingwebhook.yaml │ ├── nginxconfigmap.yaml │ ├── service.yaml │ ├── webhook-create-signed-cert.sh │ └── webhook-patch-ca-bundle.sh ├── main.go ├── medium-article.md ├── mutating-admission-webhook.jpg ├── mutating-admission-webhook.xml └── webhook.go └── k8s-webhook ├── .gitignore ├── LICENSE ├── README.md ├── cmd └── main.go ├── deployment ├── configmap.yaml ├── deployment.yaml ├── mutatingwebhook-ca-bundle.yaml ├── mutatingwebhook.yaml ├── nginxconfigmap.yaml ├── service.yaml ├── sleep-no-validation.yaml ├── sleep-with-labels.yaml ├── sleep.yaml ├── validatingwebhook-ca-bundle.yaml ├── validatingwebhook.yaml ├── webhook-create-signed-cert.sh └── webhook-patch-ca-bundle.sh ├── docker └── Dockerfile ├── go.mod ├── go.sum └── pkg └── webhook ├── types.go └── webhook.go /.gitignore: -------------------------------------------------------------------------------- 1 | # Binaries for programs and plugins 2 | *.exe 3 | *.exe~ 4 | *.dll 5 | *.so 6 | *.dylib 7 | 8 | # Test binary, built with `go test -c` 9 | *.test 10 | 11 | # Output of the go coverage tool, specifically when used with LiteIDE 12 | *.out 13 | 14 | # Dependency directories (remove the comment below to include it) 15 | vendor/ 16 | -------------------------------------------------------------------------------- /dev-infras/cert-manager/letencrypt-cluster.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: cert-manager.io/v1alpha2 2 | kind: ClusterIssuer 3 | metadata: 4 | name: letsencrypt-cluster 5 | spec: 6 | acme: 7 | email: yourbiz@yourdomain.com 8 | privateKeySecretRef: 9 | name: letsencrypt-cluster 10 | server: https://acme-v02.api.letsencrypt.org/directory 11 | solvers: 12 | - http01: 13 | ingress: 14 | class: nginx 15 | -------------------------------------------------------------------------------- /dev-infras/cert-manager/letencrypt-staging-cluster.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: cert-manager.io/v1alpha2 2 | kind: ClusterIssuer 3 | metadata: 4 | name: letsencrypt-staging-cluster 5 | spec: 6 | acme: 7 | email: yourbiz@yourdomain.com 8 | privateKeySecretRef: 9 | name: letsencrypt-staging-cluster 10 | server: https://acme-staging-v02.api.letsencrypt.org/directory 11 | solvers: 12 | - http01: 13 | ingress: 14 | class: nginx 15 | -------------------------------------------------------------------------------- /dev-infras/gitlab/README.md: -------------------------------------------------------------------------------- 1 | ```sh 2 | # 初始化存储,PV & PVC 3 | kubectl apply -f yourdomain-gitlab/gitlab-data.yaml 4 | kubectl apply -f yourdomain-gitlab/gitlab-etc.yaml 5 | kubectl apply -f yourdomain-gitlab/gitlab-postgresql.yaml 6 | 7 | # 初次安装 8 | helm -n yourbiz-infra install yourdomain-gitlab ./gitlab-ce -f yourdomain-gitlab/values.yaml 9 | 10 | # 后续更新 11 | helm -n yourbiz-infra install yourdomain-gitlab ./gitlab-ce -f yourdomain-gitlab/values.yaml 12 | ``` 13 | -------------------------------------------------------------------------------- /dev-infras/gitlab/gitlab-ce/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *~ 18 | # Various IDEs 19 | .project 20 | .idea/ 21 | *.tmproj 22 | -------------------------------------------------------------------------------- /dev-infras/gitlab/gitlab-ce/Chart.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v2 2 | name: gitlab-ce 3 | description: GitLab Community Edition 4 | 5 | type: application 6 | 7 | version: 0.1.0 8 | appVersion: 12.0.9-ce.0 9 | -------------------------------------------------------------------------------- /dev-infras/gitlab/gitlab-ce/charts/postgresql/Chart.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v2 2 | name: postgresql 3 | description: Object-relational database management system (ORDBMS) with an emphasis 4 | on extensibility and on standards-compliance. 5 | 6 | type: application 7 | version: 0.1.0 8 | appVersion: 9.6.2 9 | -------------------------------------------------------------------------------- /dev-infras/gitlab/gitlab-ce/charts/postgresql/templates/secrets.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Secret 3 | metadata: 4 | name: {{ template "postgresql.fullname" . }} 5 | labels: 6 | {{- include "postgresql.labels" . | nindent 4 }} 7 | type: Opaque 8 | data: 9 | {{ if .Values.postgresPassword }} 10 | postgres-password: {{ .Values.postgresPassword | b64enc | quote }} 11 | {{ else }} 12 | postgres-password: {{ randAlphaNum 10 | b64enc | quote }} 13 | {{ end }} 14 | -------------------------------------------------------------------------------- /dev-infras/gitlab/gitlab-ce/charts/redis/.helmignore: -------------------------------------------------------------------------------- 1 | .git 2 | -------------------------------------------------------------------------------- /dev-infras/gitlab/gitlab-ce/charts/redis/Chart.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v2 2 | name: redis 3 | description: Open source, advanced key-value store. It is often referred to as a data 4 | structure server since keys can contain strings, hashes, lists, sets and sorted 5 | sets. 6 | 7 | type: application 8 | version: 0.1.0 9 | appVersion: 3.2.9-r2 10 | -------------------------------------------------------------------------------- /dev-infras/gitlab/gitlab-ce/charts/redis/templates/secrets.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.usePassword -}} 2 | apiVersion: v1 3 | kind: Secret 4 | metadata: 5 | name: {{ template "redis.fullname" . }} 6 | labels: 7 | {{- include "redis.labels" . | nindent 4}} 8 | type: Opaque 9 | data: 10 | {{- if .Values.redisPassword }} 11 | redis-password: {{ .Values.redisPassword | b64enc | quote }} 12 | {{- else }} 13 | redis-password: {{ randAlphaNum 10 | b64enc | quote }} 14 | {{- end }} 15 | {{- end -}} 16 | -------------------------------------------------------------------------------- /dev-infras/gitlab/gitlab-ce/charts/redis/templates/service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: {{ template "redis.fullname" . }} 5 | labels: 6 | {{- include "redis.labels" . | nindent 4}} 7 | {{- if .Values.metrics.enabled }} 8 | annotations: 9 | {{ toYaml .Values.metrics.annotations | indent 4 }} 10 | {{- end }} 11 | spec: 12 | ports: 13 | - name: redis 14 | port: 6379 15 | targetPort: redis 16 | selector: 17 | {{- include "redis.selectorLabels" . | nindent 4}} 18 | -------------------------------------------------------------------------------- /dev-infras/gitlab/gitlab-ce/templates/serviceaccount.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.serviceAccount.create -}} 2 | apiVersion: v1 3 | kind: ServiceAccount 4 | metadata: 5 | name: {{ include "gitlab-ce.serviceAccountName" . }} 6 | labels: 7 | {{ include "gitlab-ce.labels" . | nindent 4 }} 8 | {{- end -}} 9 | -------------------------------------------------------------------------------- /dev-infras/namespaces/yourbiz-dev/yourbiz-dev-ns.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Namespace 3 | metadata: 4 | name: yourbiz-dev 5 | -------------------------------------------------------------------------------- /dev-infras/namespaces/yourbiz-infra/yourbiz-infra-ns.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Namespace 3 | metadata: 4 | name: yourbiz-infra 5 | -------------------------------------------------------------------------------- /dev-infras/namespaces/yourbiz-prod/yourbiz-prod-ns.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Namespace 3 | metadata: 4 | name: yourbiz-prod 5 | -------------------------------------------------------------------------------- /dev-infras/storage/rook-cluster.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: ceph.rook.io/v1 2 | kind: CephCluster 3 | metadata: 4 | name: rook-ceph 5 | namespace: rook-ceph 6 | spec: 7 | cephVersion: 8 | image: ceph/ceph:v14.2.5 9 | allowUnsupported: true 10 | dataDirHostPath: /opt/disks/vdb/rook-ceph 11 | mon: 12 | count: 3 13 | dashboard: 14 | enabled: true 15 | storage: 16 | useAllNodes: true 17 | useAllDevices: false 18 | directories: 19 | - path: /opt/disks/vdb/rook-ceph 20 | -------------------------------------------------------------------------------- /dev-infras/storage/rook-example-pvc.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: PersistentVolumeClaim 3 | metadata: 4 | name: rook-example-pvc 5 | spec: 6 | storageClassName: rook-ceph-block 7 | accessModes: 8 | - ReadWriteOnce 9 | resources: 10 | requests: 11 | storage: 10Gi 12 | -------------------------------------------------------------------------------- /docker-compose/python-redis/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM python:3.4-alpine 2 | ADD . /code 3 | WORKDIR /code 4 | RUN pip install -r requirements.txt 5 | CMD ["python", "app.py"] -------------------------------------------------------------------------------- /docker-compose/python-redis/README.md: -------------------------------------------------------------------------------- 1 | # Python Redis 2 | 3 | ```sh 4 | $ docker-compose up 5 | ``` 6 | -------------------------------------------------------------------------------- /docker-compose/python-redis/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: '3' 2 | services: 3 | web: 4 | build: . 5 | ports: 6 | - '5000:5000' 7 | redis: 8 | image: 'redis:alpine' 9 | -------------------------------------------------------------------------------- /docker-compose/python-redis/requirements.txt: -------------------------------------------------------------------------------- 1 | flask 2 | redis -------------------------------------------------------------------------------- /helm-charts/backend-app/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *~ 18 | # Various IDEs 19 | .project 20 | .idea/ 21 | *.tmproj 22 | .vscode/ 23 | -------------------------------------------------------------------------------- /helm-charts/backend-app/templates/configmap.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.biz.configMap.enabled -}} 2 | {{- $fullName := include "yourbiz-be.fullname" . -}} 3 | apiVersion: v1 4 | kind: ConfigMap 5 | metadata: 6 | name: {{ $fullName }} 7 | labels: 8 | {{- include "yourbiz-be.labels" . | nindent 4 }} 9 | data: 10 | {{ .Values.biz.configMap.name }}: |- 11 | {{ .Values.biz.configMap.content | nindent 4 }} 12 | {{- end }} -------------------------------------------------------------------------------- /helm-charts/backend-app/templates/service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: {{ include "yourbiz-be.fullname" . }} 5 | labels: 6 | {{- include "yourbiz-be.labels" . | nindent 4 }} 7 | spec: 8 | type: {{ .Values.service.type }} 9 | ports: 10 | - port: {{ .Values.service.port }} 11 | # see deployment containers[0].ports 12 | targetPort: http 13 | protocol: TCP 14 | name: http 15 | selector: 16 | {{- include "yourbiz-be.selectorLabels" . | nindent 4 }} 17 | -------------------------------------------------------------------------------- /helm-charts/backend-app/templates/serviceaccount.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.serviceAccount.create -}} 2 | apiVersion: v1 3 | kind: ServiceAccount 4 | metadata: 5 | name: {{ include "yourbiz-be.serviceAccountName" . }} 6 | labels: 7 | {{ include "yourbiz-be.labels" . | nindent 4 }} 8 | {{- end -}} 9 | -------------------------------------------------------------------------------- /helm-charts/backend-app/templates/tests/test-connection.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Pod 3 | metadata: 4 | name: "{{ include "yourbiz-be.fullname" . }}-test-connection" 5 | labels: 6 | {{ include "yourbiz-be.labels" . | nindent 4 }} 7 | annotations: 8 | "helm.sh/hook": test-success 9 | spec: 10 | containers: 11 | - name: wget 12 | image: busybox 13 | command: ['wget'] 14 | args: ['{{ include "yourbiz-be.fullname" . }}:{{ .Values.service.port }}'] 15 | restartPolicy: Never 16 | -------------------------------------------------------------------------------- /helm-charts/backend-spring-app/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *~ 18 | # Various IDEs 19 | .project 20 | .idea/ 21 | *.tmproj 22 | .vscode/ 23 | -------------------------------------------------------------------------------- /helm-charts/backend-spring-app/Chart.lock: -------------------------------------------------------------------------------- 1 | dependencies: 2 | - name: mysql 3 | repository: https://kubernetes-charts.storage.googleapis.com/ 4 | version: 1.6.2 5 | - name: rabbitmq 6 | repository: https://kubernetes-charts.storage.googleapis.com/ 7 | version: 6.16.1 8 | digest: sha256:49b4f16785a30b10386d27de8c4dcbe76c82d3493825c871f418c870493c28cf 9 | generated: "2020-01-14T13:11:04.171151+08:00" 10 | -------------------------------------------------------------------------------- /helm-charts/backend-spring-app/charts/mysql-1.6.2.tgz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/wx-chevalier/k8s-examples/39baff1c7670e9027267c572606f0083194a0519/helm-charts/backend-spring-app/charts/mysql-1.6.2.tgz -------------------------------------------------------------------------------- /helm-charts/backend-spring-app/templates/extra-configmap.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.externalConfigMap.enabled -}} 2 | {{- $fullName := include "yourbiz-be.fullname" . -}} 3 | apiVersion: v1 4 | kind: ConfigMap 5 | metadata: 6 | name: {{ $fullName }}-extra 7 | labels: 8 | {{- include "yourbiz-be.labels" . | nindent 4 }} 9 | data: 10 | {{ .Values.externalConfigMap.name }}: |- 11 | {{ .Values.externalConfigMap.content | nindent 4 }} 12 | {{- end }} -------------------------------------------------------------------------------- /helm-charts/backend-spring-app/templates/service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: {{ include "yourbiz-be.fullname" . }} 5 | labels: 6 | {{- include "yourbiz-be.labels" . | nindent 4 }} 7 | spec: 8 | type: {{ .Values.service.type }} 9 | ports: 10 | - port: {{ .Values.service.port }} 11 | # see deployment containers[0].ports 12 | targetPort: http 13 | protocol: TCP 14 | name: http 15 | selector: 16 | {{- include "yourbiz-be.selectorLabels" . | nindent 4 }} 17 | -------------------------------------------------------------------------------- /helm-charts/backend-spring-app/templates/serviceaccount.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.serviceAccount.create -}} 2 | apiVersion: v1 3 | kind: ServiceAccount 4 | metadata: 5 | name: {{ include "yourbiz-be.serviceAccountName" . }} 6 | labels: 7 | {{ include "yourbiz-be.labels" . | nindent 4 }} 8 | {{- end -}} 9 | -------------------------------------------------------------------------------- /helm-charts/backend-spring-app/templates/tests/test-connection.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Pod 3 | metadata: 4 | name: "{{ include "yourbiz-be.fullname" . }}-test-connection" 5 | labels: 6 | {{ include "yourbiz-be.labels" . | nindent 4 }} 7 | annotations: 8 | "helm.sh/hook": test-success 9 | spec: 10 | containers: 11 | - name: wget 12 | image: busybox 13 | command: ['wget'] 14 | args: ['{{ include "yourbiz-be.fullname" . }}:{{ .Values.service.port }}'] 15 | restartPolicy: Never 16 | -------------------------------------------------------------------------------- /helm-charts/caddy1-static-app/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *~ 18 | # Various IDEs 19 | .project 20 | .idea/ 21 | *.tmproj 22 | .vscode/ 23 | -------------------------------------------------------------------------------- /helm-charts/caddy1-static-app/Chart.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v2 2 | name: ufc-static 3 | description: A Helm chart for staic site using CaddyServer 4 | 5 | type: application 6 | 7 | version: 0.1.0 8 | 9 | appVersion: 1.0.3 10 | -------------------------------------------------------------------------------- /helm-charts/caddy1-static-app/templates/configmap.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.customCaddyfile.enabled }} 2 | apiVersion: v1 3 | kind: ConfigMap 4 | metadata: 5 | name: {{ include "ufc-static.fullname" . }} 6 | labels: 7 | {{- include "ufc-static.labels" . | nindent 4 }} 8 | data: 9 | Caddyfile: | 10 | {{ .Values.customCaddyfile.content | nindent 4 }} 11 | {{- end }} 12 | -------------------------------------------------------------------------------- /helm-charts/caddy1-static-app/templates/service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: {{ include "ufc-static.fullname" . }} 5 | labels: 6 | {{- include "ufc-static.labels" . | nindent 4 }} 7 | spec: 8 | type: {{ .Values.service.type }} 9 | ports: 10 | - port: {{ .Values.service.port }} 11 | targetPort: http 12 | protocol: TCP 13 | name: http 14 | selector: 15 | {{- include "ufc-static.selectorLabels" . | nindent 4 }} 16 | -------------------------------------------------------------------------------- /helm-charts/caddy1-static-app/templates/serviceaccount.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.serviceAccount.create -}} 2 | apiVersion: v1 3 | kind: ServiceAccount 4 | metadata: 5 | name: {{ include "ufc-static.serviceAccountName" . }} 6 | labels: 7 | {{ include "ufc-static.labels" . | nindent 4 }} 8 | {{- end -}} 9 | -------------------------------------------------------------------------------- /helm-charts/caddy1-static-app/templates/tests/test-connection.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Pod 3 | metadata: 4 | name: "{{ include "ufc-static.fullname" . }}-test-connection" 5 | labels: 6 | {{ include "ufc-static.labels" . | nindent 4 }} 7 | annotations: 8 | "helm.sh/hook": test-success 9 | spec: 10 | containers: 11 | - name: wget 12 | image: busybox 13 | command: ['wget'] 14 | args: ['{{ include "ufc-static.fullname" . }}:{{ .Values.service.port }}'] 15 | restartPolicy: Never 16 | -------------------------------------------------------------------------------- /helm-charts/caddy2-static-app/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *~ 18 | # Various IDEs 19 | .project 20 | .idea/ 21 | *.tmproj 22 | .vscode/ 23 | -------------------------------------------------------------------------------- /helm-charts/caddy2-static-app/.prettierignore: -------------------------------------------------------------------------------- 1 | service.yaml -------------------------------------------------------------------------------- /helm-charts/caddy2-static-app/Chart.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v2 2 | name: yourbiz-static 3 | description: A Helm chart for staic site using CaddyServer 4 | 5 | type: application 6 | 7 | version: 0.1.0 8 | 9 | appVersion: 2.1.1-alpine 10 | -------------------------------------------------------------------------------- /helm-charts/caddy2-static-app/deploy-web-static.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | 3 | cd `dirname $0` 4 | 5 | helm install --namespace test --name test-web-client ./charts/ 6 | -------------------------------------------------------------------------------- /helm-charts/caddy2-static-app/templates/configmap.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.customCaddyfile.enabled }} 2 | apiVersion: v1 3 | kind: ConfigMap 4 | metadata: 5 | name: {{ include "yourbiz-static.fullname" . }} 6 | labels: 7 | {{- include "yourbiz-static.labels" . | nindent 4 }} 8 | data: 9 | Caddyfile: | 10 | {{ .Values.customCaddyfile.content | nindent 4 }} 11 | {{- end }} 12 | -------------------------------------------------------------------------------- /helm-charts/caddy2-static-app/templates/service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: {{ include "yourbiz-static.fullname" . }} 5 | labels: 6 | {{- include "yourbiz-static.labels" . | nindent 4 }} 7 | spec: 8 | type: {{ .Values.service.type }} 9 | ports: 10 | - port: {{ .Values.service.port }} 11 | targetPort: http 12 | protocol: TCP 13 | name: http 14 | selector: 15 | {{- include "yourbiz-static.selectorLabels" . | nindent 4 }} 16 | -------------------------------------------------------------------------------- /helm-charts/caddy2-static-app/templates/serviceaccount.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.serviceAccount.create -}} 2 | apiVersion: v1 3 | kind: ServiceAccount 4 | metadata: 5 | name: {{ include "yourbiz-static.serviceAccountName" . }} 6 | labels: 7 | {{ include "yourbiz-static.labels" . | nindent 4 }} 8 | {{- end -}} 9 | -------------------------------------------------------------------------------- /helm-charts/caddy2-static-app/templates/tests/test-connection.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Pod 3 | metadata: 4 | name: "{{ include "yourbiz-static.fullname" . }}-test-connection" 5 | labels: 6 | {{ include "yourbiz-static.labels" . | nindent 4 }} 7 | annotations: 8 | "helm.sh/hook": test-success 9 | spec: 10 | containers: 11 | - name: wget 12 | image: busybox 13 | command: ['wget'] 14 | args: ['{{ include "yourbiz-static.fullname" . }}:{{ .Values.service.port }}'] 15 | restartPolicy: Never 16 | -------------------------------------------------------------------------------- /helm-charts/caddy2-static-app/upgrade-web-static.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | 3 | cd `dirname $0` 4 | 5 | helm upgrade --namespace test --name test-web-client ./charts/ 6 | -------------------------------------------------------------------------------- /helm-charts/docker-app/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *~ 18 | # Various IDEs 19 | .project 20 | .idea/ 21 | *.tmproj 22 | .vscode/ 23 | -------------------------------------------------------------------------------- /helm-charts/docker-app/Chart.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v2 2 | name: yourbiz-static 3 | description: A Helm chart for Docker Apps 4 | 5 | type: application 6 | 7 | version: 0.1.0 8 | -------------------------------------------------------------------------------- /helm-charts/docker-app/deploy-web-static.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | 3 | cd `dirname $0` 4 | 5 | helm install --namespace test --name test-web-client ./charts/ 6 | -------------------------------------------------------------------------------- /helm-charts/docker-app/templates/service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: {{ include "yourbiz-static.fullname" . }} 5 | labels: 6 | {{- include "yourbiz-static.labels" . | nindent 4 }} 7 | spec: 8 | type: {{ .Values.service.type }} 9 | ports: 10 | - port: {{ .Values.service.port }} 11 | targetPort: http 12 | protocol: TCP 13 | name: http 14 | selector: 15 | {{- include "yourbiz-static.selectorLabels" . | nindent 4 }} 16 | -------------------------------------------------------------------------------- /helm-charts/docker-app/templates/serviceaccount.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.serviceAccount.create -}} 2 | apiVersion: v1 3 | kind: ServiceAccount 4 | metadata: 5 | name: {{ include "yourbiz-static.serviceAccountName" . }} 6 | labels: 7 | {{ include "yourbiz-static.labels" . | nindent 4 }} 8 | {{- end -}} 9 | -------------------------------------------------------------------------------- /helm-charts/docker-app/templates/tests/test-connection.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Pod 3 | metadata: 4 | name: "{{ include "yourbiz-static.fullname" . }}-test-connection" 5 | labels: 6 | {{ include "yourbiz-static.labels" . | nindent 4 }} 7 | annotations: 8 | "helm.sh/hook": test-success 9 | spec: 10 | containers: 11 | - name: wget 12 | image: busybox 13 | command: ['wget'] 14 | args: ['{{ include "yourbiz-static.fullname" . }}:{{ .Values.service.port }}'] 15 | restartPolicy: Never 16 | -------------------------------------------------------------------------------- /helm-charts/docker-app/upgrade-web-static.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | 3 | cd `dirname $0` 4 | 5 | helm upgrade --namespace test --name test-web-client ./charts/ 6 | -------------------------------------------------------------------------------- /helm-middleware/airflow/.helmignore: -------------------------------------------------------------------------------- 1 | .git 2 | -------------------------------------------------------------------------------- /helm-middleware/airflow/Chart.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | description: Airflow is a platform to programmatically author, schedule and monitor workflows 3 | name: airflow 4 | version: 5.2.4 5 | appVersion: 1.10.4 6 | icon: https://airflow.apache.org/_images/pin_large.png 7 | home: https://airflow.apache.org/ 8 | maintainers: 9 | - name: gsemet 10 | email: gaetan@xeberon.net 11 | sources: 12 | - https://airflow.apache.org/ 13 | keywords: 14 | - workflow 15 | - dag 16 | -------------------------------------------------------------------------------- /helm-middleware/airflow/OWNERS: -------------------------------------------------------------------------------- 1 | approvers: 2 | - gsemet 3 | - maver1ck 4 | reviewers: 5 | - gsemet 6 | - maver1ck 7 | -------------------------------------------------------------------------------- /helm-middleware/airflow/requirements.lock: -------------------------------------------------------------------------------- 1 | dependencies: 2 | - name: postgresql 3 | repository: https://kubernetes-charts.storage.googleapis.com/ 4 | version: 0.13.1 5 | - name: redis 6 | repository: https://kubernetes-charts.storage.googleapis.com/ 7 | version: 7.0.0 8 | digest: sha256:b69868c9f0a2f73e76764c7aef0e738d77c4af2010d0d2b808fa82bedd239389 9 | generated: "2019-05-23T17:08:16.898581+07:00" 10 | -------------------------------------------------------------------------------- /helm-middleware/airflow/requirements.yaml: -------------------------------------------------------------------------------- 1 | dependencies: 2 | - name: postgresql 3 | version: 0.13.1 4 | repository: https://kubernetes-charts.storage.googleapis.com/ 5 | condition: postgresql.enabled 6 | - name: redis 7 | version: 7.0.0 8 | repository: https://kubernetes-charts.storage.googleapis.com/ 9 | condition: redis.enabled 10 | -------------------------------------------------------------------------------- /helm-middleware/airflow/templates/extra-manifests.yaml: -------------------------------------------------------------------------------- 1 | {{- range .Values.extraManifests }} 2 | --- 3 | {{ tpl (toYaml .) $ }} 4 | {{- end }} -------------------------------------------------------------------------------- /helm-middleware/airflow/templates/service-account.yaml: -------------------------------------------------------------------------------- 1 | {{ if .Values.serviceAccount.create }} 2 | apiVersion: v1 3 | kind: ServiceAccount 4 | metadata: 5 | name: {{ template "airflow.serviceAccountName" . }} 6 | labels: 7 | app: {{ template "airflow.name" . }} 8 | chart: {{ template "airflow.chart" . }} 9 | release: {{ .Release.Name }} 10 | heritage: {{ .Release.Service }} 11 | {{ end }} -------------------------------------------------------------------------------- /helm-middleware/cert-manager/README.md: -------------------------------------------------------------------------------- 1 | # cert-manager 2 | 3 | ```sh 4 | # 集群公用 Issuer: letsencrypt-cluster 5 | kubectl apply -f cluster-issuer.yaml 6 | 7 | ## namespace test 8 | # 测试用 Issuer: letsencrypt-staging 9 | kubectl apply -f staging-issuer.yaml 10 | # 生产用 Issuer: letsencrypt-prod 11 | kubectl apply -f prod-issuer.yaml 12 | 13 | ``` 14 | 15 | # 参考 16 | 17 | 1. https://docs.cert-manager.io/en/latest/getting-started/install/kubernetes.html 18 | -------------------------------------------------------------------------------- /helm-middleware/cert-manager/cluster-issuer.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: certmanager.k8s.io/v1alpha1 2 | kind: ClusterIssuer 3 | metadata: 4 | labels: 5 | name: letsencrypt-cluster 6 | name: letsencrypt-cluster 7 | spec: 8 | acme: 9 | email: test@test.com 10 | http01: {} 11 | privateKeySecretRef: 12 | name: letsencrypt-cluster 13 | server: https://acme-v02.api.letsencrypt.org/directory 14 | -------------------------------------------------------------------------------- /helm-middleware/elastic-stack/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *~ 18 | # Various IDEs 19 | .project 20 | .idea/ 21 | *.tmproj 22 | -------------------------------------------------------------------------------- /helm-middleware/elastic-stack/Chart.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | description: A Helm chart for ELK 3 | home: https://www.elastic.co/products 4 | icon: https://www.elastic.co/assets/bltb35193323e8f1770/logo-elastic-stack-lt.svg 5 | name: elastic-stack 6 | version: 1.8.0 7 | appVersion: 6.0 8 | maintainers: 9 | - name: rendhalver 10 | email: pete.brown@powerhrg.com 11 | - name: jar361 12 | email: jrodgers@powerhrg.com 13 | - name: christian-roggia 14 | email: christian.roggia@gmail.com 15 | -------------------------------------------------------------------------------- /helm-middleware/elastic-stack/OWNERS: -------------------------------------------------------------------------------- 1 | approvers: 2 | - christian-roggia 3 | - rendhalver 4 | reviewers: 5 | - christian-roggia 6 | - rendhalver 7 | -------------------------------------------------------------------------------- /helm-middleware/elasticsearch/.helmignore: -------------------------------------------------------------------------------- 1 | .git 2 | # OWNERS file for Kubernetes 3 | OWNERS -------------------------------------------------------------------------------- /helm-middleware/elasticsearch/OWNERS: -------------------------------------------------------------------------------- 1 | approvers: 2 | - simonswine 3 | - icereval 4 | - rendhalver 5 | - desaintmartin 6 | - KongZ 7 | - Towmeykaw 8 | - hectorj2f 9 | reviewers: 10 | - simonswine 11 | - icereval 12 | - rendhalver 13 | - desaintmartin 14 | - KongZ 15 | - Towmeykaw 16 | - hectorj2f 17 | -------------------------------------------------------------------------------- /helm-middleware/elasticsearch/ci/expose-transport-port-on-service-values.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | # Expose transport port on ClusterIP service 3 | 4 | client: 5 | exposeTransportPort: true 6 | -------------------------------------------------------------------------------- /helm-middleware/elasticsearch/ci/nonroot-deployment-values.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | # Deploy Chart as non-root and unprivileged 3 | 4 | chownInitContainer: 5 | enabled: false 6 | 7 | securityContext: 8 | enabled: true 9 | runAsUser: 1000 10 | 11 | sysctlInitContainer: 12 | enabled: false 13 | -------------------------------------------------------------------------------- /helm-middleware/elasticsearch/ci/plugin-initcontainer-values.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | # Enable init container for installing plugins 3 | 4 | cluster: 5 | plugins: 6 | - ingest-attachment 7 | - mapper-size 8 | -------------------------------------------------------------------------------- /helm-middleware/elasticsearch/ci/updatestrategy-values.yaml: -------------------------------------------------------------------------------- 1 | data: 2 | updateStrategy: 3 | type: RollingUpdate 4 | 5 | master: 6 | updateStrategy: 7 | type: RollingUpdate 8 | -------------------------------------------------------------------------------- /helm-middleware/elasticsearch/templates/client-auth.yaml: -------------------------------------------------------------------------------- 1 | {{- if and ( .Values.client.ingress.user ) ( .Values.client.ingress.password ) }} 2 | --- 3 | apiVersion: v1 4 | kind: Secret 5 | metadata: 6 | name: '{{ include "elasticsearch.client.fullname" . }}-auth' 7 | type: Opaque 8 | data: 9 | auth: {{ printf "%s:{PLAIN}%s\n" .Values.client.ingress.user .Values.client.ingress.password | b64enc | quote }} 10 | {{- end }} 11 | 12 | -------------------------------------------------------------------------------- /helm-middleware/elasticsearch/templates/client-serviceaccount.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.serviceAccounts.client.create }} 2 | apiVersion: v1 3 | kind: ServiceAccount 4 | metadata: 5 | labels: 6 | app: {{ template "elasticsearch.name" . }} 7 | chart: {{ .Chart.Name }}-{{ .Chart.Version }} 8 | component: "{{ .Values.client.name }}" 9 | heritage: {{ .Release.Service }} 10 | release: {{ .Release.Name }} 11 | name: {{ template "elasticsearch.client.fullname" . }} 12 | {{- end }} 13 | -------------------------------------------------------------------------------- /helm-middleware/elasticsearch/templates/data-serviceaccount.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.serviceAccounts.data.create }} 2 | apiVersion: v1 3 | kind: ServiceAccount 4 | metadata: 5 | labels: 6 | app: {{ template "elasticsearch.name" . }} 7 | chart: {{ .Chart.Name }}-{{ .Chart.Version }} 8 | component: "{{ .Values.data.name }}" 9 | heritage: {{ .Release.Service }} 10 | release: {{ .Release.Name }} 11 | name: {{ template "elasticsearch.data.fullname" . }} 12 | {{- end }} 13 | -------------------------------------------------------------------------------- /helm-middleware/elasticsearch/templates/master-serviceaccount.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.serviceAccounts.master.create }} 2 | apiVersion: v1 3 | kind: ServiceAccount 4 | metadata: 5 | labels: 6 | app: {{ template "elasticsearch.name" . }} 7 | chart: {{ .Chart.Name }}-{{ .Chart.Version }} 8 | component: "{{ .Values.master.name }}" 9 | heritage: {{ .Release.Service }} 10 | release: {{ .Release.Name }} 11 | name: {{ template "elasticsearch.master.fullname" . }} 12 | {{- end }} 13 | -------------------------------------------------------------------------------- /helm-middleware/external-service/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *~ 18 | # Various IDEs 19 | .project 20 | .idea/ 21 | *.tmproj 22 | .vscode/ 23 | -------------------------------------------------------------------------------- /helm-middleware/external-service/Chart.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | appVersion: '1.0' 3 | description: A Helm chart for UnionFab Cloud Rancher 4 | name: ufc-rancher 5 | version: 0.1.0 6 | -------------------------------------------------------------------------------- /helm-middleware/filebeat/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *~ 18 | # Various IDEs 19 | .project 20 | .idea/ 21 | *.tmproj 22 | -------------------------------------------------------------------------------- /helm-middleware/filebeat/Chart.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | description: A Helm chart to collect Kubernetes logs with filebeat 3 | icon: https://www.elastic.co/assets/blt47799dcdcf08438d/logo-elastic-beats-lt.svg 4 | name: filebeat 5 | version: 3.1.1 6 | appVersion: 7.0.1 7 | home: https://www.elastic.co/products/beats/filebeat 8 | sources: 9 | - https://www.elastic.co/guide/en/beats/filebeat/current/index.html 10 | maintainers: 11 | - name: rendhalver 12 | email: pete.brown@powerhrg.com 13 | - name: sstarcher 14 | email: shane.starcher@gmail.com 15 | -------------------------------------------------------------------------------- /helm-middleware/filebeat/OWNERS: -------------------------------------------------------------------------------- 1 | approvers: 2 | - rendhalver 3 | - sstarcher 4 | reviewers: 5 | - rendhalver 6 | - sstarcher 7 | -------------------------------------------------------------------------------- /helm-middleware/filebeat/templates/NOTES.txt: -------------------------------------------------------------------------------- 1 | To verify that Filebeat has started, run: 2 | 3 | kubectl --namespace={{ .Release.Namespace }} get pods -l "app={{ template "filebeat.name" . }},release={{ .Release.Name }}" 4 | -------------------------------------------------------------------------------- /helm-middleware/filebeat/templates/serviceaccount.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.serviceAccount.create -}} 2 | apiVersion: v1 3 | kind: ServiceAccount 4 | metadata: 5 | name: {{ template "filebeat.serviceAccountName" . }} 6 | labels: 7 | app.kubernetes.io/name: {{ template "filebeat.name" . }} 8 | helm.sh/chart: {{ template "filebeat.chart" . }} 9 | app.kubernetes.io/instance: {{ .Release.Name }} 10 | app.kubernetes.io/managed-by: {{ .Release.Service }} 11 | {{- end -}} 12 | -------------------------------------------------------------------------------- /helm-middleware/fluentd-elasticsearch/OWNERS: -------------------------------------------------------------------------------- 1 | approvers: 2 | - axdotl 3 | - monotek 4 | reviewers: 5 | - axdotl 6 | - monotek 7 | -------------------------------------------------------------------------------- /helm-middleware/fluentd/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *~ 18 | # Various IDEs 19 | .project 20 | .idea/ 21 | *.tmproj 22 | -------------------------------------------------------------------------------- /helm-middleware/fluentd/OWNERS: -------------------------------------------------------------------------------- 1 | approvers: 2 | - rendhalver 3 | - miouge1 4 | - hectorj2f 5 | reviewers: 6 | - rendhalver 7 | - miouge1 8 | - hectorj2f 9 | -------------------------------------------------------------------------------- /helm-middleware/fluentd/templates/NOTES.txt: -------------------------------------------------------------------------------- 1 | To verify that Fluentd Elasticsearch has started, run: 2 | 3 | kubectl --namespace={{ .Release.Namespace }} get all -l "app={{ template "fluentd.name" . }},release={{ .Release.Name }}" 4 | 5 | THIS APPLICATION CAPTURES ALL CONSOLE OUTPUT AND FORWARDS IT TO Elasticsearch. Anything that might be identifying, 6 | including things like IP addresses, container images, and object names will NOT be anonymized. 7 | -------------------------------------------------------------------------------- /helm-middleware/fluentd/templates/serviceaccount.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.serviceAccount.create -}} 2 | apiVersion: v1 3 | kind: ServiceAccount 4 | metadata: 5 | name: {{ include "fluentd.serviceAccountName" . }} 6 | labels: 7 | app: {{ template "fluentd.name" . }} 8 | chart: {{ template "fluentd.chart" . }} 9 | release: {{ .Release.Name }} 10 | heritage: {{ .Release.Service }} 11 | {{- end -}} 12 | -------------------------------------------------------------------------------- /helm-middleware/gitlab/README.md: -------------------------------------------------------------------------------- 1 | ```sh 2 | ## 1. 创建 Gitlab 所需 PV & PVC 3 | kubectl apply -f pv.yaml 4 | 5 | ## 2. 启动 Docker Registry 6 | helm install --namespace test --name gitlab -f values.yaml gitlab-ce 7 | 8 | ## 3. 可以使用 values.yaml 更新 Docker registry 9 | helm upgrade --namespace test -f values.yaml gitlab gitlab-ce 10 | ``` 11 | -------------------------------------------------------------------------------- /helm-middleware/gitlab/gitlab-ce/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *~ 18 | # Various IDEs 19 | .project 20 | .idea/ 21 | *.tmproj 22 | -------------------------------------------------------------------------------- /helm-middleware/gitlab/gitlab-ce/Chart.yaml: -------------------------------------------------------------------------------- 1 | appVersion: 9.4.1 2 | deprecated: true 3 | description: GitLab Community Edition 4 | home: https://about.gitlab.com 5 | icon: https://gitlab.com/uploads/group/avatar/6543/gitlab-logo-square.png 6 | keywords: 7 | - git 8 | - ci 9 | - deploy 10 | - issue tracker 11 | - code review 12 | - wiki 13 | name: gitlab-ce 14 | sources: 15 | - https://hub.docker.com/r/gitlab/gitlab-ce/ 16 | - https://docs.gitlab.com/omnibus/ 17 | version: 0.2.2 18 | -------------------------------------------------------------------------------- /helm-middleware/gitlab/gitlab-ce/charts/redis/.helmignore: -------------------------------------------------------------------------------- 1 | .git 2 | -------------------------------------------------------------------------------- /helm-middleware/gitlab/gitlab-ce/requirements.lock: -------------------------------------------------------------------------------- 1 | dependencies: 2 | - name: redis 3 | repository: https://kubernetes-charts.storage.googleapis.com/ 4 | version: 0.9.0 5 | - name: postgresql 6 | repository: https://kubernetes-charts.storage.googleapis.com/ 7 | version: 0.8.1 8 | digest: sha256:94bbb4af5c8b8e6114938d06650c9e82b0a80613e0b60a6cdbb5031fb7771ae2 9 | generated: 2018-09-08T11:28:35.128492897-04:00 10 | -------------------------------------------------------------------------------- /helm-middleware/gitlab/gitlab-ce/requirements.yaml: -------------------------------------------------------------------------------- 1 | dependencies: 2 | - name: redis 3 | version: 0.9.0 4 | repository: https://kubernetes-charts.storage.googleapis.com/ 5 | - name: postgresql 6 | version: 0.8.1 7 | repository: https://kubernetes-charts.storage.googleapis.com/ 8 | -------------------------------------------------------------------------------- /helm-middleware/grafana/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *~ 18 | # Various IDEs 19 | .vscode 20 | .project 21 | .idea/ 22 | *.tmproj 23 | OWNERS 24 | -------------------------------------------------------------------------------- /helm-middleware/grafana/OWNERS: -------------------------------------------------------------------------------- 1 | approvers: 2 | - zanhsieh 3 | - rtluckie 4 | - maorfr 5 | reviewers: 6 | - zanhsieh 7 | - rtluckie 8 | - maorfr 9 | -------------------------------------------------------------------------------- /helm-middleware/grafana/ci/default-values.yaml: -------------------------------------------------------------------------------- 1 | # Leave this file empty to ensure that CI runs builds against the default configuration in values.yaml. 2 | -------------------------------------------------------------------------------- /helm-middleware/grafana/ci/with-dashboard-values.yaml: -------------------------------------------------------------------------------- 1 | dashboards: 2 | my-provider: 3 | my-awesome-dashboard: 4 | gnetId: 10000 5 | revision: 1 6 | datasource: Prometheus 7 | dashboardProviders: 8 | dashboardproviders.yaml: 9 | apiVersion: 1 10 | providers: 11 | - name: 'my-provider' 12 | orgId: 1 13 | folder: '' 14 | type: file 15 | updateIntervalSeconds: 10 16 | disableDeletion: true 17 | editable: true 18 | options: 19 | path: /var/lib/grafana/dashboards/my-provider 20 | -------------------------------------------------------------------------------- /helm-middleware/grafana/dashboards/custom-dashboard.json: -------------------------------------------------------------------------------- 1 | {} -------------------------------------------------------------------------------- /helm-middleware/grafana/templates/tests/test-serviceaccount.yaml: -------------------------------------------------------------------------------- 1 | {{- if and .Values.testFramework.enabled .Values.serviceAccount.create }} 2 | apiVersion: v1 3 | kind: ServiceAccount 4 | metadata: 5 | labels: 6 | app: {{ template "grafana.name" . }} 7 | chart: {{ .Chart.Name }}-{{ .Chart.Version }} 8 | heritage: {{ .Release.Service }} 9 | release: {{ .Release.Name }} 10 | name: {{ template "grafana.serviceAccountNameTest" . }} 11 | namespace: {{ .Release.Namespace }} 12 | {{- end }} 13 | -------------------------------------------------------------------------------- /helm-middleware/hadoop/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *~ 18 | # Various IDEs 19 | .project 20 | .idea/ 21 | *.tmproj 22 | -------------------------------------------------------------------------------- /helm-middleware/hadoop/Chart.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | description: The Apache Hadoop software library is a framework that allows for the distributed processing of large data sets across clusters of computers using simple programming models. 3 | name: hadoop 4 | version: 1.1.1 5 | appVersion: 2.9.0 6 | home: https://hadoop.apache.org/ 7 | sources: 8 | - https://github.com/apache/hadoop 9 | icon: http://hadoop.apache.org/images/hadoop-logo.jpg 10 | maintainers: 11 | - name: danisla 12 | email: disla@google.com 13 | -------------------------------------------------------------------------------- /helm-middleware/hadoop/templates/yarn-ui-svc.yaml: -------------------------------------------------------------------------------- 1 | # Service to access the yarn web ui 2 | apiVersion: v1 3 | kind: Service 4 | metadata: 5 | name: {{ include "hadoop.fullname" . }}-yarn-ui 6 | labels: 7 | app: {{ include "hadoop.name" . }} 8 | chart: {{ include "hadoop.chart" . }} 9 | release: {{ .Release.Name }} 10 | component: yarn-ui 11 | spec: 12 | ports: 13 | - port: 8088 14 | name: web 15 | selector: 16 | app: {{ include "hadoop.name" . }} 17 | component: yarn-rm 18 | -------------------------------------------------------------------------------- /helm-middleware/hazelcast-jet/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *~ 18 | # Various IDEs 19 | .project 20 | .idea/ 21 | *.tmproj 22 | 23 | -------------------------------------------------------------------------------- /helm-middleware/hazelcast-jet/OWNERS: -------------------------------------------------------------------------------- 1 | approvers: 2 | - eminn 3 | - leszko 4 | - mesutcelik 5 | - googlielmo 6 | reviewers: 7 | - eminn 8 | - leszko 9 | - mesutcelik 10 | - googlielmo 11 | -------------------------------------------------------------------------------- /helm-middleware/hazelcast-jet/templates/serviceaccount.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.serviceAccount.create -}} 2 | apiVersion: v1 3 | kind: ServiceAccount 4 | metadata: 5 | name: {{ template "hazelcast-jet.serviceAccountName" . }} 6 | labels: 7 | app.kubernetes.io/name: {{ template "hazelcast-jet.name" . }} 8 | helm.sh/chart: {{ template "hazelcast-jet.chart" . }} 9 | app.kubernetes.io/instance: "{{ .Release.Name }}" 10 | app.kubernetes.io/managed-by: "{{ .Release.Service }}" 11 | {{- end -}} 12 | -------------------------------------------------------------------------------- /helm-middleware/hazelcast/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *~ 18 | # Various IDEs 19 | .project 20 | .idea/ 21 | *.tmproj -------------------------------------------------------------------------------- /helm-middleware/hazelcast/OWNERS: -------------------------------------------------------------------------------- 1 | approvers: 2 | - leszko 3 | - mesutcelik 4 | - googlielmo 5 | reviewers: 6 | - leszko 7 | - mesutcelik 8 | - googlielmo 9 | -------------------------------------------------------------------------------- /helm-middleware/hazelcast/templates/serviceaccount.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.serviceAccount.create -}} 2 | apiVersion: v1 3 | kind: ServiceAccount 4 | metadata: 5 | name: {{ template "hazelcast.serviceAccountName" . }} 6 | labels: 7 | app.kubernetes.io/name: {{ template "hazelcast.name" . }} 8 | helm.sh/chart: {{ template "hazelcast.chart" . }} 9 | app.kubernetes.io/instance: "{{ .Release.Name }}" 10 | app.kubernetes.io/managed-by: "{{ .Release.Service }}" 11 | {{- end -}} 12 | -------------------------------------------------------------------------------- /helm-middleware/influxdb/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *~ 18 | # Various IDEs 19 | .project 20 | .idea/ 21 | *.tmproj 22 | -------------------------------------------------------------------------------- /helm-middleware/influxdb/Chart.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | name: influxdb 3 | version: 3.0.2 4 | appVersion: 1.7.6 5 | description: Scalable datastore for metrics, events, and real-time analytics. 6 | keywords: 7 | - influxdb 8 | - database 9 | - timeseries 10 | home: https://www.influxdata.com/time-series-platform/influxdb/ 11 | sources: 12 | - https://github.com/influxdata/influxdb 13 | maintainers: 14 | - name: jackzampolin 15 | email: jack@influxdb.com 16 | - name: aisuko 17 | email: urakiny@gmail.com 18 | engine: gotpl 19 | -------------------------------------------------------------------------------- /helm-middleware/influxdb/OWNERS: -------------------------------------------------------------------------------- 1 | approvers: 2 | - jackzampolin 3 | - aisuko 4 | reviewers: 5 | - jackzampolin 6 | - aisuko 7 | -------------------------------------------------------------------------------- /helm-middleware/influxdb/templates/init-config.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.initScripts.enabled -}} 2 | apiVersion: v1 3 | kind: ConfigMap 4 | metadata: 5 | name: "{{ template "influxdb.fullname" . }}-init" 6 | labels: 7 | app: "{{ template "influxdb.fullname" . }}" 8 | chart: "{{ template "influxdb.chart" . }}" 9 | release: "{{ .Release.Name }}" 10 | heritage: "{{ .Release.Service }}" 11 | data: 12 | {{ toYaml .Values.initScripts.scripts | indent 2 }} 13 | {{- end -}} 14 | -------------------------------------------------------------------------------- /helm-middleware/jenkins/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *~ 18 | # Various IDEs 19 | .project 20 | .idea/ 21 | *.tmproj 22 | ci/ 23 | -------------------------------------------------------------------------------- /helm-middleware/jenkins/OWNERS: -------------------------------------------------------------------------------- 1 | approvers: 2 | - lachie83 3 | - viglesiasce 4 | - maorfr 5 | - torstenwalter 6 | - mogaal 7 | reviewers: 8 | - lachie83 9 | - viglesiasce 10 | - maorfr 11 | - torstenwalter 12 | - mogaal 13 | -------------------------------------------------------------------------------- /helm-middleware/jenkins/ci/casc-values.yaml: -------------------------------------------------------------------------------- 1 | master: 2 | JCasC: 3 | enabled: true 4 | sidecars: 5 | configAutoReload: 6 | enabled: true 7 | healthProbeLivenessInitialDelay: 10 8 | healthProbeReadinessInitialDelay: 10 9 | persistence: 10 | enabled: false 11 | -------------------------------------------------------------------------------- /helm-middleware/jenkins/ci/default-values.yaml: -------------------------------------------------------------------------------- 1 | # this file is empty to check if defaults within values.yaml work as expected 2 | -------------------------------------------------------------------------------- /helm-middleware/jenkins/templates/tests/test-config.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.master.testEnabled }} 2 | apiVersion: v1 3 | kind: ConfigMap 4 | metadata: 5 | name: {{ template "jenkins.fullname" . }}-tests 6 | namespace: {{ template "jenkins.namespace" . }} 7 | data: 8 | run.sh: |- 9 | @test "Testing Jenkins UI is accessible" { 10 | curl --retry 48 --retry-delay 10 {{ template "jenkins.fullname" . }}:{{ .Values.master.servicePort }}{{ default "" .Values.master.jenkinsUriPrefix }}/login 11 | } 12 | {{- end }} 13 | -------------------------------------------------------------------------------- /helm-middleware/kafka-manager/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *~ 18 | # Various IDEs 19 | .project 20 | .idea/ 21 | *.tmproj 22 | OWNERS 23 | -------------------------------------------------------------------------------- /helm-middleware/kafka-manager/OWNERS: -------------------------------------------------------------------------------- 1 | approvers: 2 | - giacomoguiulfo 3 | - ssalaues 4 | reviewers: 5 | - giacomoguiulfo 6 | - ssalaues 7 | -------------------------------------------------------------------------------- /helm-middleware/kafka-manager/ci/example-values.yaml: -------------------------------------------------------------------------------- 1 | zookeeper: 2 | enabled: true 3 | -------------------------------------------------------------------------------- /helm-middleware/kafka-manager/requirements.lock: -------------------------------------------------------------------------------- 1 | dependencies: 2 | - name: zookeeper 3 | repository: https://kubernetes-charts-incubator.storage.googleapis.com/ 4 | version: 1.2.0 5 | digest: sha256:48de211cbffc0b7df9995edc4fd5d693e8bbc94e684aa83c11e6f94803f0e8b9 6 | generated: 2018-10-24T11:47:00.371605298-07:00 7 | -------------------------------------------------------------------------------- /helm-middleware/kafka-manager/requirements.yaml: -------------------------------------------------------------------------------- 1 | dependencies: 2 | - name: zookeeper 3 | version: 1.2.0 4 | repository: https://kubernetes-charts-incubator.storage.googleapis.com/ 5 | condition: zookeeper.enabled 6 | -------------------------------------------------------------------------------- /helm-middleware/kibana/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *~ 18 | # Various IDEs 19 | .project 20 | .idea/ 21 | *.tmproj -------------------------------------------------------------------------------- /helm-middleware/kibana/OWNERS: -------------------------------------------------------------------------------- 1 | approvers: 2 | - compleatang 3 | - monotek 4 | reviewers: 5 | - compleatang 6 | - monotek 7 | -------------------------------------------------------------------------------- /helm-middleware/kibana/ci/authproxy-enabled.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | # disable internal port by setting authProxyEnabled 3 | authProxyEnabled: true 4 | -------------------------------------------------------------------------------- /helm-middleware/kibana/ci/extra-configmap-mounts.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | extraConfigMapMounts: 3 | - name: logtrail-configs 4 | configMap: kibana-logtrail 5 | mountPath: /usr/share/kibana/plugins/logtrail/logtrail.json 6 | subPath: logtrail.json 7 | -------------------------------------------------------------------------------- /helm-middleware/kibana/ci/ingress-hosts-paths.yaml: -------------------------------------------------------------------------------- 1 | ingress: 2 | hosts: 3 | - localhost.localdomain/kibana 4 | -------------------------------------------------------------------------------- /helm-middleware/kibana/ci/ingress-hosts.yaml: -------------------------------------------------------------------------------- 1 | ingress: 2 | hosts: 3 | - kibana.localhost.localdomain 4 | -------------------------------------------------------------------------------- /helm-middleware/kibana/ci/initcontainers-values.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | # enable user-defined init containers 3 | 4 | initContainers: 5 | numbers-container: 6 | image: "busybox" 7 | imagePullPolicy: "IfNotPresent" 8 | command: 9 | - "/bin/sh" 10 | - "-c" 11 | - | 12 | for i in $(seq 1 10); do 13 | echo $i 14 | done 15 | 16 | echo-container: 17 | image: "busybox" 18 | command: ['sh', '-c', 'echo Hello from init container! && sleep 3'] 19 | -------------------------------------------------------------------------------- /helm-middleware/kibana/ci/plugin-install.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | # enable the plugin init container with plugins retrieved from an URL 3 | plugins: 4 | enabled: true 5 | reset: false 6 | # Use to add/upgrade plugin 7 | values: 8 | - analyze-api-ui-plugin,6.7.0,https://github.com/johtani/analyze-api-ui-plugin/releases/download/6.7.0/analyze-api-ui-plugin-6.7.0.zip 9 | # - other_plugin 10 | -------------------------------------------------------------------------------- /helm-middleware/kibana/ci/pvc.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | persistentVolumeClaim: 3 | # set to true to use pvc 4 | enabled: true 5 | # set to true to use you own pvc 6 | existingClaim: false 7 | annotations: {} 8 | 9 | accessModes: 10 | - ReadWriteOnce 11 | size: "5Gi" -------------------------------------------------------------------------------- /helm-middleware/kibana/ci/security-context.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | securityContext: 3 | enabled: true 4 | allowPrivilegeEscalation: false 5 | runAsUser: 1000 6 | fsGroup: 2000 -------------------------------------------------------------------------------- /helm-middleware/kibana/ci/service-values.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | service: 3 | selector: 4 | foo: bar 5 | -------------------------------------------------------------------------------- /helm-middleware/kibana/ci/url_dashboard-values.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | # enable the dashboard init container with dashboard retrieved from an URL 3 | 4 | dashboardImport: 5 | enabled: true 6 | dashboards: 7 | k8s: https://raw.githubusercontent.com/monotek/kibana-dashboards/master/k8s-fluentd-elasticsearch.json 8 | -------------------------------------------------------------------------------- /helm-middleware/kibana/templates/configmap.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ConfigMap 3 | metadata: 4 | name: {{ template "kibana.fullname" . }} 5 | labels: 6 | app: {{ template "kibana.name" . }} 7 | chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" 8 | release: {{ .Release.Name }} 9 | heritage: {{ .Release.Service }} 10 | data: 11 | {{- range $key, $value := .Values.files }} 12 | {{ $key }}: | 13 | {{ toYaml $value | default "{}" | indent 4 }} 14 | {{- end -}} 15 | -------------------------------------------------------------------------------- /helm-middleware/kibana/templates/serviceaccount.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.serviceAccount.create -}} 2 | apiVersion: v1 3 | kind: ServiceAccount 4 | metadata: 5 | name: {{ template "kibana.serviceAccountName" . }} 6 | labels: 7 | app: {{ template "kibana.name" . }} 8 | chart: {{ .Chart.Name }}-{{ .Chart.Version }} 9 | heritage: {{ .Release.Service }} 10 | release: {{ .Release.Name }} 11 | {{- end -}} 12 | -------------------------------------------------------------------------------- /helm-middleware/kong/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *~ 18 | # Various IDEs 19 | .project 20 | .idea/ 21 | *.tmproj 22 | OWNERS 23 | -------------------------------------------------------------------------------- /helm-middleware/kong/Chart.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | description: The Cloud-Native Ingress and 3 | Service Mesh for APIs and Microservices 4 | engine: gotpl 5 | home: https://KongHQ.com/ 6 | icon: https://s3.amazonaws.com/downloads.kong/universe/assets/icon-kong-inc-large.png 7 | maintainers: 8 | - name: shashiranjan84 9 | email: shashi@konghq.com 10 | - name: hbagdi 11 | email: harry@konghq.com 12 | name: kong 13 | sources: 14 | - https://github.com/Kong/kong 15 | version: 0.30.0 16 | appVersion: 1.3 17 | -------------------------------------------------------------------------------- /helm-middleware/kong/OWNERS: -------------------------------------------------------------------------------- 1 | approvers: 2 | - hbagdi 3 | - shashiranjan84 4 | reviewers: 5 | - hbagdi 6 | - shashiranjan84 7 | -------------------------------------------------------------------------------- /helm-middleware/kong/ci/dbless-no-kic-values.yaml: -------------------------------------------------------------------------------- 1 | # CI test for testing dbless deployment 2 | env: 3 | database: "off" 4 | postgresql: 5 | enabled: false 6 | -------------------------------------------------------------------------------- /helm-middleware/kong/ci/dbless-values.yaml: -------------------------------------------------------------------------------- 1 | # CI test for testing dbless deployment 2 | 3 | podDisruptionBudget: 4 | enabled: true 5 | 6 | ingressController: 7 | enabled: true 8 | podDisruptionBudget: 9 | enabled: true 10 | env: 11 | database: "off" 12 | postgresql: 13 | enabled: false 14 | -------------------------------------------------------------------------------- /helm-middleware/kong/ci/default-values-with-psp.yaml: -------------------------------------------------------------------------------- 1 | # CI test for proxy controller default installation and PodSecurityPolicy 2 | podSecurityPolicy: 3 | enabled: true -------------------------------------------------------------------------------- /helm-middleware/kong/ci/default-values.yaml: -------------------------------------------------------------------------------- 1 | ../values.yaml -------------------------------------------------------------------------------- /helm-middleware/kong/ci/ingress-with-hosts.yaml: -------------------------------------------------------------------------------- 1 | admin: 2 | ingress: 3 | enabled: true 4 | hosts: ["test.com", "test2.com"] 5 | annotations: {} 6 | path: / 7 | 8 | proxy: 9 | ingress: 10 | enabled: true 11 | hosts: ["test.com", "test2.com"] 12 | annotations: {} 13 | path: / -------------------------------------------------------------------------------- /helm-middleware/kong/ci/ingress-without-hosts.yaml: -------------------------------------------------------------------------------- 1 | admin: 2 | ingress: 3 | enabled: true 4 | hosts: [] 5 | annotations: {} 6 | path: / 7 | 8 | proxy: 9 | ingress: 10 | enabled: true 11 | hosts: [] 12 | annotations: {} 13 | path: / -------------------------------------------------------------------------------- /helm-middleware/kong/ci/ingressController-db.yaml: -------------------------------------------------------------------------------- 1 | # CI test for Ingress controller basic installation 2 | ingressController: 3 | enabled: true 4 | -------------------------------------------------------------------------------- /helm-middleware/kong/ci/ingressController-dbless.yaml: -------------------------------------------------------------------------------- 1 | # CI test for Ingress controller basic installation 2 | ingressController: 3 | enabled: true 4 | env: 5 | database: "off" 6 | postgresql: 7 | enabled: false 8 | -------------------------------------------------------------------------------- /helm-middleware/kong/ci/ingressController-with-psp.yaml: -------------------------------------------------------------------------------- 1 | # CI test for Ingress controller basic installation and PodSecurityPolicy 2 | ingressController: 3 | enabled: true 4 | podSecurityPolicy: 5 | enabled: true -------------------------------------------------------------------------------- /helm-middleware/kong/ci/ingressController-with-webhook.yaml: -------------------------------------------------------------------------------- 1 | # CI test for Ingress controller basic installation and admission webhook 2 | ingressController: 3 | enabled: true 4 | admissionWebhook: 5 | enabled: true 6 | env: 7 | kong_admin_header: "foo:bar" 8 | -------------------------------------------------------------------------------- /helm-middleware/kong/requirements.lock: -------------------------------------------------------------------------------- 1 | dependencies: 2 | - name: postgresql 3 | repository: https://kubernetes-charts.storage.googleapis.com/ 4 | version: 6.3.15 5 | digest: sha256:1110c0b8497a990af34f196753420ab9b1b00fed77c540bce43542bdedd74b9b 6 | generated: "2019-10-31T09:56:30.102440266-07:00" 7 | -------------------------------------------------------------------------------- /helm-middleware/kong/requirements.yaml: -------------------------------------------------------------------------------- 1 | dependencies: 2 | - name: postgresql 3 | version: ~6.3.0 4 | repository: https://kubernetes-charts.storage.googleapis.com/ 5 | condition: postgresql.enabled 6 | -------------------------------------------------------------------------------- /helm-middleware/kong/templates/controller-service-account.yaml: -------------------------------------------------------------------------------- 1 | {{- if or .Values.podSecurityPolicy.enabled (and .Values.ingressController.enabled .Values.ingressController.serviceAccount.create) -}} 2 | apiVersion: v1 3 | kind: ServiceAccount 4 | metadata: 5 | name: {{ template "kong.serviceAccountName" . }} 6 | namespace: {{ .Release.namespace }} 7 | labels: 8 | app: {{ template "kong.name" . }} 9 | chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" 10 | release: "{{ .Release.Name }}" 11 | heritage: "{{ .Release.Service }}" 12 | {{- end -}} 13 | -------------------------------------------------------------------------------- /helm-middleware/logstash/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *~ 18 | # Various IDEs 19 | .project 20 | .idea/ 21 | *.tmproj 22 | -------------------------------------------------------------------------------- /helm-middleware/logstash/OWNERS: -------------------------------------------------------------------------------- 1 | approvers: 2 | - christian-roggia 3 | - rendhalver 4 | reviewers: 5 | - christian-roggia 6 | - rendhalver 7 | -------------------------------------------------------------------------------- /helm-middleware/logstash/serviceaccount.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/wx-chevalier/k8s-examples/39baff1c7670e9027267c572606f0083194a0519/helm-middleware/logstash/serviceaccount.yaml -------------------------------------------------------------------------------- /helm-middleware/logstash/templates/patterns-config.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ConfigMap 3 | metadata: 4 | name: {{ template "logstash.fullname" . }}-patterns 5 | labels: 6 | app: {{ template "logstash.name" . }} 7 | chart: {{ template "logstash.chart" . }} 8 | release: {{ .Release.Name }} 9 | heritage: {{ .Release.Service }} 10 | data: 11 | {{- range $key, $value := .Values.patterns }} 12 | {{ $key }}: |- 13 | {{ $value | indent 4 }} 14 | {{- end }} 15 | -------------------------------------------------------------------------------- /helm-middleware/logstash/templates/poddisruptionbudget.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: policy/v1beta1 2 | kind: PodDisruptionBudget 3 | metadata: 4 | name: {{ template "logstash.fullname" . }} 5 | labels: 6 | app: {{ template "logstash.name" . }} 7 | chart: {{ template "logstash.chart" . }} 8 | release: {{ .Release.Name }} 9 | heritage: {{ .Release.Service }} 10 | spec: 11 | selector: 12 | matchLabels: 13 | app: {{ template "logstash.name" . }} 14 | release: {{ .Release.Name }} 15 | {{ toYaml .Values.podDisruptionBudget | indent 2 }} 16 | -------------------------------------------------------------------------------- /helm-middleware/logstash/templates/serviceaccount.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.serviceAccount.create -}} 2 | apiVersion: v1 3 | kind: ServiceAccount 4 | metadata: 5 | name: {{ template "logstash.serviceAccountName" . }} 6 | labels: 7 | app: {{ template "logstash.name" . }} 8 | chart: {{ template "logstash.chart" . }} 9 | release: {{ .Release.Name }} 10 | heritage: {{ .Release.Service }} 11 | {{- end -}} 12 | -------------------------------------------------------------------------------- /helm-middleware/mariadb/.helmignore: -------------------------------------------------------------------------------- 1 | .git 2 | -------------------------------------------------------------------------------- /helm-middleware/mariadb/OWNERS: -------------------------------------------------------------------------------- 1 | approvers: 2 | - prydonius 3 | - tompizmor 4 | - sameersbn 5 | - carrodher 6 | - javsalgar 7 | - juan131 8 | - miguelaeh 9 | reviewers: 10 | - prydonius 11 | - tompizmor 12 | - sameersbn 13 | - carrodher 14 | - javsalgar 15 | - juan131 16 | - miguelaeh 17 | -------------------------------------------------------------------------------- /helm-middleware/mariadb/files/docker-entrypoint-initdb.d/README.md: -------------------------------------------------------------------------------- 1 | You can copy here your custom .sh, .sql or .sql.gz file so they are executed during the first boot of the image. 2 | 3 | More info in the [bitnami-docker-mariadb](https://github.com/bitnami/bitnami-docker-mariadb#initializing-a-new-instance) repository. -------------------------------------------------------------------------------- /helm-middleware/mariadb/templates/master-configmap.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.master.config }} 2 | apiVersion: v1 3 | kind: ConfigMap 4 | metadata: 5 | name: {{ template "master.fullname" . }} 6 | labels: 7 | app: "{{ template "mariadb.name" . }}" 8 | component: "master" 9 | chart: "{{ template "mariadb.chart" . }}" 10 | release: {{ .Release.Name | quote }} 11 | heritage: {{ .Release.Service | quote }} 12 | data: 13 | my.cnf: |- 14 | {{ .Values.master.config | indent 4 }} 15 | {{- end -}} 16 | -------------------------------------------------------------------------------- /helm-middleware/mariadb/templates/role.yaml: -------------------------------------------------------------------------------- 1 | {{- if and .Values.serviceAccount.create .Values.rbac.create }} 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: Role 4 | metadata: 5 | name: {{ template "master.fullname" . }} 6 | labels: 7 | app: "{{ template "mariadb.name" . }}" 8 | chart: "{{ template "mariadb.chart" . }}" 9 | release: {{ .Release.Name | quote }} 10 | heritage: {{ .Release.Service | quote }} 11 | rules: 12 | - apiGroups: 13 | - "" 14 | resources: 15 | - endpoints 16 | verbs: 17 | - get 18 | {{- end }} 19 | -------------------------------------------------------------------------------- /helm-middleware/mariadb/templates/serviceaccount.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.serviceAccount.create }} 2 | apiVersion: v1 3 | kind: ServiceAccount 4 | metadata: 5 | name: {{ template "mariadb.serviceAccountName" . }} 6 | labels: 7 | app: "{{ template "mariadb.name" . }}" 8 | chart: "{{ template "mariadb.chart" . }}" 9 | release: {{ .Release.Name | quote }} 10 | heritage: {{ .Release.Service | quote }} 11 | {{- end }} 12 | -------------------------------------------------------------------------------- /helm-middleware/mariadb/templates/slave-configmap.yaml: -------------------------------------------------------------------------------- 1 | {{- if and .Values.replication.enabled .Values.slave.config }} 2 | apiVersion: v1 3 | kind: ConfigMap 4 | metadata: 5 | name: {{ template "slave.fullname" . }} 6 | labels: 7 | app: "{{ template "mariadb.name" . }}" 8 | component: "slave" 9 | chart: "{{ template "mariadb.chart" . }}" 10 | release: {{ .Release.Name | quote }} 11 | heritage: {{ .Release.Service | quote }} 12 | data: 13 | my.cnf: |- 14 | {{ .Values.slave.config | indent 4 }} 15 | {{- end }} 16 | -------------------------------------------------------------------------------- /helm-middleware/mariadb/templates/tests.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.tests.enabled }} 2 | apiVersion: v1 3 | kind: ConfigMap 4 | metadata: 5 | name: {{ template "mariadb.fullname" . }}-tests 6 | data: 7 | run.sh: |- 8 | @test "Testing MariaDB is accessible" { 9 | mysql -h {{ template "mariadb.fullname" . }} -uroot -p$MARIADB_ROOT_PASSWORD -e 'show databases;' 10 | } 11 | {{- end }} 12 | -------------------------------------------------------------------------------- /helm-middleware/matomo/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *~ 18 | # Various IDEs 19 | .project 20 | .idea/ 21 | *.tmproj 22 | .vscode/ 23 | secrets 24 | -------------------------------------------------------------------------------- /helm-middleware/matomo/Chart.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | appVersion: "1.0" 3 | description: Matomo helm chart 4 | name: matomo 5 | version: 0.2.0 6 | -------------------------------------------------------------------------------- /helm-middleware/matomo/README.md: -------------------------------------------------------------------------------- 1 | # Matomo helm chart 2 | 3 | Example helm chart for Matomo using bitnami mariadb. 4 | -------------------------------------------------------------------------------- /helm-middleware/matomo/charts/mariadb-5.11.1.tgz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/wx-chevalier/k8s-examples/39baff1c7670e9027267c572606f0083194a0519/helm-middleware/matomo/charts/mariadb-5.11.1.tgz -------------------------------------------------------------------------------- /helm-middleware/matomo/requirements.lock: -------------------------------------------------------------------------------- 1 | dependencies: 2 | - name: mariadb 3 | repository: https://kubernetes-charts.storage.googleapis.com 4 | version: 5.11.1 5 | digest: sha256:375e685ae5b92df326814e2b57579cd2ea912bae38e2b7d9a48d74143d26311a 6 | generated: 2019-04-05T10:36:52.432057-04:00 7 | -------------------------------------------------------------------------------- /helm-middleware/matomo/requirements.yaml: -------------------------------------------------------------------------------- 1 | dependencies: 2 | - name: mariadb 3 | version: 5.11.1 4 | repository: https://kubernetes-charts.storage.googleapis.com -------------------------------------------------------------------------------- /helm-middleware/mongodb-replicaset/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *~ 18 | # Various IDEs 19 | .project 20 | .idea/ 21 | *.tmproj 22 | install 23 | -------------------------------------------------------------------------------- /helm-middleware/mongodb-replicaset/OWNERS: -------------------------------------------------------------------------------- 1 | approvers: 2 | - unguiculus 3 | - steven-sheehy 4 | reviewers: 5 | - unguiculus 6 | - steven-sheehy 7 | -------------------------------------------------------------------------------- /helm-middleware/mongodb-replicaset/ci/default-values.yaml: -------------------------------------------------------------------------------- 1 | # No config change. Just use defaults. 2 | -------------------------------------------------------------------------------- /helm-middleware/mongodb-replicaset/ci/metrics-values.yaml: -------------------------------------------------------------------------------- 1 | auth: 2 | enabled: true 3 | adminUser: username 4 | adminPassword: password 5 | metricsUser: metrics 6 | metricsPassword: password 7 | key: keycontent 8 | 9 | metrics: 10 | enabled: true 11 | -------------------------------------------------------------------------------- /helm-middleware/mongodb-replicaset/install/.dockerignore: -------------------------------------------------------------------------------- 1 | Makefile -------------------------------------------------------------------------------- /helm-middleware/mongodb-replicaset/templates/tests/mongodb-up-test-configmap.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ConfigMap 3 | metadata: 4 | labels: 5 | app: {{ template "mongodb-replicaset.name" . }} 6 | chart: {{ .Chart.Name }}-{{ .Chart.Version }} 7 | heritage: {{ .Release.Service }} 8 | release: {{ .Release.Name }} 9 | name: {{ template "mongodb-replicaset.fullname" . }}-tests 10 | data: 11 | mongodb-up-test.sh: | 12 | {{ .Files.Get "tests/mongodb-up-test.sh" | indent 4 }} 13 | -------------------------------------------------------------------------------- /helm-middleware/mongodb/.helmignore: -------------------------------------------------------------------------------- 1 | .git 2 | -------------------------------------------------------------------------------- /helm-middleware/mongodb/OWNERS: -------------------------------------------------------------------------------- 1 | approvers: 2 | - prydonius 3 | - tompizmor 4 | - sameersbn 5 | - carrodher 6 | - javsalgar 7 | - juan131 8 | - miguelaeh 9 | reviewers: 10 | - prydonius 11 | - tompizmor 12 | - sameersbn 13 | - carrodher 14 | - javsalgar 15 | - juan131 16 | - miguelaeh 17 | -------------------------------------------------------------------------------- /helm-middleware/mongodb/files/docker-entrypoint-initdb.d/README.md: -------------------------------------------------------------------------------- 1 | You can copy here your custom .sh, or .js file so they are executed during the first boot of the image. 2 | 3 | More info in the [bitnami-docker-mongodb](https://github.com/bitnami/bitnami-docker-mongodb#initializing-a-new-instance) repository. -------------------------------------------------------------------------------- /helm-middleware/mongodb/templates/configmap.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.configmap }} 2 | apiVersion: v1 3 | kind: ConfigMap 4 | metadata: 5 | labels: 6 | app: {{ template "mongodb.name" . }} 7 | chart: {{ template "mongodb.chart" . }} 8 | heritage: {{ .Release.Service }} 9 | release: {{ .Release.Name }} 10 | name: {{ template "mongodb.fullname" . }} 11 | data: 12 | mongodb.conf: |- 13 | {{ toYaml .Values.configmap | indent 4 }} 14 | {{- end }} -------------------------------------------------------------------------------- /helm-middleware/mysql-dump/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *~ 18 | # Various IDEs 19 | .project 20 | .idea/ 21 | *.tmproj 22 | -------------------------------------------------------------------------------- /helm-middleware/mysql-dump/OWNERS: -------------------------------------------------------------------------------- 1 | approvers: 2 | - paulczar 3 | - monotek 4 | - axdotl 5 | reviewers: 6 | - paulczar 7 | - monotek 8 | - axdotl 9 | -------------------------------------------------------------------------------- /helm-middleware/mysql-dump/templates/job.yaml: -------------------------------------------------------------------------------- 1 | {{- if eq .Values.schedule "now" -}} 2 | apiVersion: batch/v1 3 | kind: Job 4 | metadata: 5 | name: {{ template "mysqldump.fullname" . }} 6 | labels: 7 | {{ include "mysqldump.labels" . | indent 4 }} 8 | spec: 9 | backoffLimit: 1 10 | template: 11 | {{- $file := .Files.Get "files/job.tpl" }} 12 | {{ tpl $file . | indent 4 }} 13 | {{ end }} 14 | -------------------------------------------------------------------------------- /helm-middleware/mysql/.helmignore: -------------------------------------------------------------------------------- 1 | .git 2 | OWNERS -------------------------------------------------------------------------------- /helm-middleware/mysql/OWNERS: -------------------------------------------------------------------------------- 1 | approvers: 2 | - olemarkus 3 | reviewers: 4 | - olemarkus -------------------------------------------------------------------------------- /helm-middleware/mysql/templates/configurationFiles-configmap.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.configurationFiles }} 2 | apiVersion: v1 3 | kind: ConfigMap 4 | metadata: 5 | name: {{ template "mysql.fullname" . }}-configuration 6 | namespace: {{ .Release.Namespace }} 7 | data: 8 | {{- range $key, $val := .Values.configurationFiles }} 9 | {{ $key }}: |- 10 | {{ $val | indent 4}} 11 | {{- end }} 12 | {{- end -}} -------------------------------------------------------------------------------- /helm-middleware/mysql/templates/initializationFiles-configmap.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.initializationFiles }} 2 | apiVersion: v1 3 | kind: ConfigMap 4 | metadata: 5 | name: {{ template "mysql.fullname" . }}-initialization 6 | namespace: {{ .Release.Namespace }} 7 | data: 8 | {{- range $key, $val := .Values.initializationFiles }} 9 | {{ $key }}: |- 10 | {{ $val | indent 4}} 11 | {{- end }} 12 | {{- end -}} -------------------------------------------------------------------------------- /helm-middleware/mysql/templates/serviceaccount.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.serviceAccount.create }} 2 | apiVersion: v1 3 | kind: ServiceAccount 4 | metadata: 5 | name: {{ template "mysql.serviceAccountName" . }} 6 | labels: 7 | app: {{ template "mysql.fullname" . }} 8 | chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" 9 | release: "{{ .Release.Name }}" 10 | heritage: "{{ .Release.Service }}" 11 | {{- end }} 12 | -------------------------------------------------------------------------------- /helm-middleware/neo4j/Chart.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | name: neo4j 3 | home: https://www.neo4j.com 4 | version: 1.2.2 5 | appVersion: 3.4.5 6 | description: Neo4j is the world's leading graph database 7 | icon: http://info.neo4j.com/rs/773-GON-065/images/neo4j_logo.png 8 | sources: 9 | - https://github.com/neo4j/neo4j 10 | - https://github.com/neo4j/docker-neo4j 11 | - https://github.com/mneedham/k8s-kubectl 12 | maintainers: 13 | - name: mneedham 14 | email: mark.needham@neo4j.com 15 | -------------------------------------------------------------------------------- /helm-middleware/neo4j/ci/ci-values.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | acceptLicenseAgreement: "yes" 3 | -------------------------------------------------------------------------------- /helm-middleware/nginx-ingress/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *~ 18 | # Various IDEs 19 | .project 20 | .idea/ 21 | *.tmproj 22 | -------------------------------------------------------------------------------- /helm-middleware/nginx-ingress/OWNERS: -------------------------------------------------------------------------------- 1 | approvers: 2 | - ChiefAlexander 3 | - taharah 4 | reviewers: 5 | - ChiefAlexander 6 | - taharah 7 | -------------------------------------------------------------------------------- /helm-middleware/nginx-ingress/ci/daemonset-customconfig-values.yaml: -------------------------------------------------------------------------------- 1 | controller: 2 | kind: DaemonSet 3 | config: 4 | use-proxy-protocol: "true" 5 | -------------------------------------------------------------------------------- /helm-middleware/nginx-ingress/ci/daemonset-customnodeport-values.yaml: -------------------------------------------------------------------------------- 1 | controller: 2 | kind: DaemonSet 3 | service: 4 | type: NodePort 5 | nodePorts: 6 | tcp: 7 | 9000: 30090 8 | udp: 9 | 9001: 30091 10 | 11 | tcp: 12 | 9000: "default/test:8080" 13 | 14 | udp: 15 | 9001: "default/test:8080" 16 | -------------------------------------------------------------------------------- /helm-middleware/nginx-ingress/ci/daemonset-headers-values.yaml: -------------------------------------------------------------------------------- 1 | controller: 2 | kind: DaemonSet 3 | addHeaders: 4 | X-Frame-Options: deny 5 | proxySetHeaders: 6 | X-Forwarded-Proto: https 7 | -------------------------------------------------------------------------------- /helm-middleware/nginx-ingress/ci/daemonset-nodeport-values.yaml: -------------------------------------------------------------------------------- 1 | controller: 2 | kind: DaemonSet 3 | service: 4 | type: NodePort 5 | -------------------------------------------------------------------------------- /helm-middleware/nginx-ingress/ci/daemonset-tcp-udp-configMapNamespace-values.yaml: -------------------------------------------------------------------------------- 1 | controller: 2 | kind: DaemonSet 3 | service: 4 | type: ClusterIP 5 | tcp: 6 | configMapNamespace: default 7 | udp: 8 | configMapNamespace: default 9 | 10 | tcp: 11 | 9000: "default/test:8080" 12 | 13 | udp: 14 | 9001: "default/test:8080" 15 | -------------------------------------------------------------------------------- /helm-middleware/nginx-ingress/ci/daemonset-tcp-udp-values.yaml: -------------------------------------------------------------------------------- 1 | controller: 2 | kind: DaemonSet 3 | service: 4 | type: ClusterIP 5 | 6 | tcp: 7 | 9000: "default/test:8080" 8 | 9 | udp: 10 | 9001: "default/test:8080" 11 | -------------------------------------------------------------------------------- /helm-middleware/nginx-ingress/ci/daemonset-tcp-values.yaml: -------------------------------------------------------------------------------- 1 | controller: 2 | kind: DaemonSet 3 | 4 | tcp: 5 | 9000: "default/test:8080" 6 | 9001: "default/test:8080" 7 | -------------------------------------------------------------------------------- /helm-middleware/nginx-ingress/ci/deamonset-default-values.yaml: -------------------------------------------------------------------------------- 1 | controller: 2 | kind: DaemonSet 3 | -------------------------------------------------------------------------------- /helm-middleware/nginx-ingress/ci/deamonset-metrics-values.yaml: -------------------------------------------------------------------------------- 1 | controller: 2 | kind: DaemonSet 3 | metrics: 4 | enabled: true 5 | -------------------------------------------------------------------------------- /helm-middleware/nginx-ingress/ci/deamonset-psp-values.yaml: -------------------------------------------------------------------------------- 1 | controller: 2 | kind: DaemonSet 3 | 4 | podSecurityPolicy: 5 | enabled: true 6 | -------------------------------------------------------------------------------- /helm-middleware/nginx-ingress/ci/deamonset-webhook-and-psp-values.yaml: -------------------------------------------------------------------------------- 1 | controller: 2 | kind: DaemonSet 3 | admissionWebhooks: 4 | enabled: true 5 | 6 | podSecurityPolicy: 7 | enabled: true 8 | -------------------------------------------------------------------------------- /helm-middleware/nginx-ingress/ci/deamonset-webhook-values.yaml: -------------------------------------------------------------------------------- 1 | controller: 2 | kind: DaemonSet 3 | admissionWebhooks: 4 | enabled: true 5 | -------------------------------------------------------------------------------- /helm-middleware/nginx-ingress/ci/deployment-autoscaling-values.yaml: -------------------------------------------------------------------------------- 1 | controller: 2 | autoscaling: 3 | enabled: true 4 | -------------------------------------------------------------------------------- /helm-middleware/nginx-ingress/ci/deployment-customconfig-values.yaml: -------------------------------------------------------------------------------- 1 | controller: 2 | config: 3 | use-proxy-protocol: "true" 4 | -------------------------------------------------------------------------------- /helm-middleware/nginx-ingress/ci/deployment-customnodeport-values.yaml: -------------------------------------------------------------------------------- 1 | controller: 2 | service: 3 | type: NodePort 4 | nodePorts: 5 | tcp: 6 | 9000: 30090 7 | udp: 8 | 9001: 30091 9 | 10 | tcp: 11 | 9000: "default/test:8080" 12 | 13 | udp: 14 | 9001: "default/test:8080" 15 | -------------------------------------------------------------------------------- /helm-middleware/nginx-ingress/ci/deployment-default-values.yaml: -------------------------------------------------------------------------------- 1 | # Left blank to test default values 2 | -------------------------------------------------------------------------------- /helm-middleware/nginx-ingress/ci/deployment-headers-values.yaml: -------------------------------------------------------------------------------- 1 | controller: 2 | addHeaders: 3 | X-Frame-Options: deny 4 | proxySetHeaders: 5 | X-Forwarded-Proto: https 6 | -------------------------------------------------------------------------------- /helm-middleware/nginx-ingress/ci/deployment-metrics-values.yaml: -------------------------------------------------------------------------------- 1 | controller: 2 | metrics: 3 | enabled: true 4 | -------------------------------------------------------------------------------- /helm-middleware/nginx-ingress/ci/deployment-nodeport-values.yaml: -------------------------------------------------------------------------------- 1 | controller: 2 | service: 3 | type: NodePort 4 | -------------------------------------------------------------------------------- /helm-middleware/nginx-ingress/ci/deployment-psp-values.yaml: -------------------------------------------------------------------------------- 1 | podSecurityPolicy: 2 | enabled: true 3 | -------------------------------------------------------------------------------- /helm-middleware/nginx-ingress/ci/deployment-tcp-udp-configMapNamespace-values.yaml: -------------------------------------------------------------------------------- 1 | controller: 2 | service: 3 | type: ClusterIP 4 | tcp: 5 | configMapNamespace: default 6 | udp: 7 | configMapNamespace: default 8 | 9 | tcp: 10 | 9000: "default/test:8080" 11 | 12 | udp: 13 | 9001: "default/test:8080" 14 | -------------------------------------------------------------------------------- /helm-middleware/nginx-ingress/ci/deployment-tcp-udp-values.yaml: -------------------------------------------------------------------------------- 1 | controller: 2 | service: 3 | type: ClusterIP 4 | 5 | tcp: 6 | 9000: "default/test:8080" 7 | 8 | udp: 9 | 9001: "default/test:8080" 10 | -------------------------------------------------------------------------------- /helm-middleware/nginx-ingress/ci/deployment-tcp-values.yaml: -------------------------------------------------------------------------------- 1 | tcp: 2 | 9000: "default/test:8080" 3 | 9001: "default/test:8080" 4 | -------------------------------------------------------------------------------- /helm-middleware/nginx-ingress/ci/deployment-webhook-and-psp-values.yaml: -------------------------------------------------------------------------------- 1 | controller: 2 | admissionWebhooks: 3 | enabled: true 4 | 5 | podSecurityPolicy: 6 | enabled: true 7 | -------------------------------------------------------------------------------- /helm-middleware/nginx-ingress/ci/deployment-webhook-values.yaml: -------------------------------------------------------------------------------- 1 | controller: 2 | admissionWebhooks: 3 | enabled: true 4 | -------------------------------------------------------------------------------- /helm-middleware/nginx-ingress/templates/addheaders-configmap.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.controller.addHeaders }} 2 | apiVersion: v1 3 | kind: ConfigMap 4 | metadata: 5 | labels: 6 | app: {{ template "nginx-ingress.name" . }} 7 | chart: {{ template "nginx-ingress.chart" . }} 8 | component: "{{ .Values.controller.name }}" 9 | heritage: {{ .Release.Service }} 10 | release: {{ .Release.Name }} 11 | name: {{ template "nginx-ingress.fullname" . }}-custom-add-headers 12 | data: 13 | {{ toYaml .Values.controller.addHeaders | indent 2 }} 14 | {{- end }} 15 | -------------------------------------------------------------------------------- /helm-middleware/nginx-ingress/templates/controller-serviceaccount.yaml: -------------------------------------------------------------------------------- 1 | {{- if or .Values.serviceAccount.create -}} 2 | apiVersion: v1 3 | kind: ServiceAccount 4 | metadata: 5 | labels: 6 | app: {{ template "nginx-ingress.name" . }} 7 | chart: {{ template "nginx-ingress.chart" . }} 8 | heritage: {{ .Release.Service }} 9 | release: {{ .Release.Name }} 10 | name: {{ template "nginx-ingress.serviceAccountName" . }} 11 | {{- end -}} 12 | -------------------------------------------------------------------------------- /helm-middleware/nginx-ingress/templates/default-backend-serviceaccount.yaml: -------------------------------------------------------------------------------- 1 | {{- if and .Values.defaultBackend.enabled .Values.defaultBackend.serviceAccount.create }} 2 | apiVersion: v1 3 | kind: ServiceAccount 4 | metadata: 5 | labels: 6 | app: {{ template "nginx-ingress.name" . }} 7 | chart: {{ template "nginx-ingress.chart" . }} 8 | heritage: {{ .Release.Service }} 9 | release: {{ .Release.Name }} 10 | name: {{ template "nginx-ingress.defaultBackend.serviceAccountName" . }} 11 | {{- end }} 12 | -------------------------------------------------------------------------------- /helm-middleware/nginx-ingress/templates/tcp-configmap.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.tcp }} 2 | apiVersion: v1 3 | kind: ConfigMap 4 | metadata: 5 | labels: 6 | app: {{ template "nginx-ingress.name" . }} 7 | chart: {{ template "nginx-ingress.chart" . }} 8 | component: "{{ .Values.controller.name }}" 9 | heritage: {{ .Release.Service }} 10 | release: {{ .Release.Name }} 11 | name: {{ template "nginx-ingress.fullname" . }}-tcp 12 | data: 13 | {{ tpl (toYaml .Values.tcp) . | indent 2 }} 14 | {{- end }} 15 | -------------------------------------------------------------------------------- /helm-middleware/nginx-ingress/templates/udp-configmap.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.udp }} 2 | apiVersion: v1 3 | kind: ConfigMap 4 | metadata: 5 | labels: 6 | app: {{ template "nginx-ingress.name" . }} 7 | chart: {{ template "nginx-ingress.chart" . }} 8 | component: "{{ .Values.controller.name }}" 9 | heritage: {{ .Release.Service }} 10 | release: {{ .Release.Name }} 11 | name: {{ template "nginx-ingress.fullname" . }}-udp 12 | data: 13 | {{ tpl (toYaml .Values.udp) . | indent 2 }} 14 | {{- end }} 15 | -------------------------------------------------------------------------------- /helm-middleware/percona-xtradb-cluster/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *~ 18 | # Various IDEs 19 | .project 20 | .idea/ 21 | *.tmproj 22 | -------------------------------------------------------------------------------- /helm-middleware/percona-xtradb-cluster/OWNERS: -------------------------------------------------------------------------------- 1 | approvers: 2 | - paulczar 3 | - maver1ck 4 | reviewers: 5 | - paulczar 6 | - maver1ck 7 | 8 | 9 | -------------------------------------------------------------------------------- /helm-middleware/percona-xtradb-cluster/files/node.cnf: -------------------------------------------------------------------------------- 1 | [mysqld] 2 | datadir=/var/lib/mysql 3 | default_storage_engine=InnoDB 4 | binlog_format=ROW 5 | innodb_flush_log_at_trx_commit = 0 6 | innodb_flush_method = O_DIRECT 7 | innodb_file_per_table = 1 8 | innodb_autoinc_lock_mode=2 9 | bind_address = 0.0.0.0 10 | wsrep_slave_threads=2 11 | wsrep_cluster_address=gcomm:// 12 | wsrep_provider=/usr/lib/galera3/libgalera_smm.so 13 | wsrep_sst_method=xtrabackup-v2 -------------------------------------------------------------------------------- /helm-middleware/percona/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *~ 18 | # Various IDEs 19 | .project 20 | .idea/ 21 | *.tmproj 22 | -------------------------------------------------------------------------------- /helm-middleware/percona/templates/svc.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: {{ template "percona.fullname" . }} 5 | labels: 6 | app: {{ template "percona.fullname" . }} 7 | chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" 8 | release: "{{ .Release.Name }}" 9 | heritage: "{{ .Release.Service }}" 10 | spec: 11 | ports: 12 | - name: mysql 13 | port: 3306 14 | targetPort: mysql 15 | selector: 16 | app: {{ template "percona.fullname" . }} 17 | -------------------------------------------------------------------------------- /helm-middleware/postgresql/.helmignore: -------------------------------------------------------------------------------- 1 | .git 2 | OWNERS -------------------------------------------------------------------------------- /helm-middleware/postgresql/OWNERS: -------------------------------------------------------------------------------- 1 | approvers: 2 | - prydonius 3 | - tompizmor 4 | - sameersbn 5 | - carrodher 6 | - javsalgar 7 | - juan131 8 | - desaintmartin 9 | - miguelaeh 10 | reviewers: 11 | - prydonius 12 | - tompizmor 13 | - sameersbn 14 | - carrodher 15 | - javsalgar 16 | - juan131 17 | - desaintmartin 18 | - miguelaeh 19 | -------------------------------------------------------------------------------- /helm-middleware/postgresql/ci/default-values.yaml: -------------------------------------------------------------------------------- 1 | # Leave this file empty to ensure that CI runs builds against the default configuration in values.yaml. 2 | -------------------------------------------------------------------------------- /helm-middleware/postgresql/ci/shmvolume-disabled-values.yaml: -------------------------------------------------------------------------------- 1 | shmVolume: 2 | enabled: false 3 | -------------------------------------------------------------------------------- /helm-middleware/postgresql/files/README.md: -------------------------------------------------------------------------------- 1 | Copy here your postgresql.conf and/or pg_hba.conf files to use it as a config map. 2 | -------------------------------------------------------------------------------- /helm-middleware/postgresql/files/conf.d/README.md: -------------------------------------------------------------------------------- 1 | If you don't want to provide the whole configuration file and only specify certain parameters, you can copy here your extended `.conf` files. 2 | These files will be injected as a config maps and add/overwrite the default configuration using the `include_dir` directive that allows settings to be loaded from files other than the default `postgresql.conf`. 3 | 4 | More info in the [bitnami-docker-postgresql README](https://github.com/bitnami/bitnami-docker-postgresql#configuration-file). 5 | -------------------------------------------------------------------------------- /helm-middleware/postgresql/files/docker-entrypoint-initdb.d/README.md: -------------------------------------------------------------------------------- 1 | You can copy here your custom `.sh`, `.sql` or `.sql.gz` file so they are executed during the first boot of the image. 2 | 3 | More info in the [bitnami-docker-postgresql](https://github.com/bitnami/bitnami-docker-postgresql#initializing-a-new-instance) repository. -------------------------------------------------------------------------------- /helm-middleware/postgresql/templates/metrics-configmap.yaml: -------------------------------------------------------------------------------- 1 | {{- if and .Values.metrics.enabled .Values.metrics.customMetrics }} 2 | apiVersion: v1 3 | kind: ConfigMap 4 | metadata: 5 | name: {{ template "postgresql.metricsCM" . }} 6 | labels: 7 | app: {{ template "postgresql.name" . }} 8 | chart: {{ template "postgresql.chart" . }} 9 | release: {{ .Release.Name | quote }} 10 | heritage: {{ .Release.Service | quote }} 11 | data: 12 | custom-metrics.yaml: {{ toYaml .Values.metrics.customMetrics | quote }} 13 | {{- end }} 14 | -------------------------------------------------------------------------------- /helm-middleware/postgresql/templates/serviceaccount.yaml: -------------------------------------------------------------------------------- 1 | {{- if and (.Values.serviceAccount.enabled) (not .Values.serviceAccount.name) }} 2 | apiVersion: v1 3 | kind: ServiceAccount 4 | metadata: 5 | labels: 6 | app: {{ template "postgresql.name" . }} 7 | chart: {{ template "postgresql.chart" . }} 8 | release: {{ .Release.Name | quote }} 9 | heritage: {{ .Release.Service | quote }} 10 | name: {{ template "postgresql.fullname" . }} 11 | {{- end }} -------------------------------------------------------------------------------- /helm-middleware/presto/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *~ 18 | # Various IDEs 19 | .project 20 | .idea/ 21 | *.tmproj 22 | -------------------------------------------------------------------------------- /helm-middleware/presto/Chart.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | appVersion: 0.196 3 | description: Distributed SQL query engine for running interactive analytic queries 4 | name: presto 5 | version: 0.1.1 6 | home: https://prestodb.io 7 | icon: https://prestodb.io/static/presto.png 8 | sources: 9 | - https://github.com/facebook/presto 10 | maintainers: 11 | - name: bivas 12 | email: eliran.bivas@gmail.com 13 | -------------------------------------------------------------------------------- /helm-middleware/prisma/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *~ 18 | # Various IDEs 19 | .project 20 | .idea/ 21 | *.tmproj 22 | OWNERS 23 | -------------------------------------------------------------------------------- /helm-middleware/prisma/Chart.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | name: prisma 3 | version: 1.2.1 4 | appVersion: 1.29.1 5 | kubeVersion: "^1.8.0-0" 6 | description: Prisma turns your database into a realtime GraphQL API 7 | home: https://www.prisma.io/ 8 | icon: https://i.imgur.com/wD4rVt4.png 9 | sources: 10 | - https://github.com/prismagraphql/prisma 11 | maintainers: 12 | - name: giacomoguiulfo 13 | email: giacomoguiulfo@gmail.com 14 | engine: gotpl 15 | -------------------------------------------------------------------------------- /helm-middleware/prisma/OWNERS: -------------------------------------------------------------------------------- 1 | approvers: 2 | - giacomoguiulfo 3 | reviewers: 4 | - giacomoguiulfo 5 | -------------------------------------------------------------------------------- /helm-middleware/prisma/ci/example-values.yaml: -------------------------------------------------------------------------------- 1 | postgresql: 2 | enabled: true 3 | -------------------------------------------------------------------------------- /helm-middleware/prisma/requirements.lock: -------------------------------------------------------------------------------- 1 | dependencies: 2 | - name: postgresql 3 | repository: https://kubernetes-charts.storage.googleapis.com/ 4 | version: 0.15.0 5 | digest: sha256:bbc1e13abc845c3e5cad4c328105a9c50ee5692d73547065ffbf63f15e6fd533 6 | generated: 2018-08-09T17:19:54.160902267-07:00 7 | -------------------------------------------------------------------------------- /helm-middleware/prisma/requirements.yaml: -------------------------------------------------------------------------------- 1 | dependencies: 2 | - name: postgresql 3 | version: ~0.15.0 4 | repository: "https://kubernetes-charts.storage.googleapis.com/" 5 | condition: postgresql.enabled 6 | -------------------------------------------------------------------------------- /helm-middleware/prisma/templates/serviceaccount.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.serviceAccount.create }} 2 | apiVersion: v1 3 | kind: ServiceAccount 4 | metadata: 5 | labels: 6 | app: {{ template "prisma.name" . }} 7 | chart: {{ template "prisma.chart" . }} 8 | heritage: {{ .Release.Service }} 9 | release: {{ .Release.Name }} 10 | name: {{ template "prisma.serviceAccountName" . }} 11 | {{- end }} 12 | -------------------------------------------------------------------------------- /helm-middleware/prometheus/prometheus-adapter/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *~ 18 | # Various IDEs 19 | .project 20 | .idea/ 21 | *.tmproj 22 | -------------------------------------------------------------------------------- /helm-middleware/prometheus/prometheus-adapter/OWNERS: -------------------------------------------------------------------------------- 1 | approvers: 2 | - mattiasgees 3 | - steven-sheehy 4 | - hectorj2f 5 | reviewers: 6 | - mattiasgees 7 | - steven-sheehy 8 | - hectorj2f 9 | -------------------------------------------------------------------------------- /helm-middleware/prometheus/prometheus-adapter/ci/default-values.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/wx-chevalier/k8s-examples/39baff1c7670e9027267c572606f0083194a0519/helm-middleware/prometheus/prometheus-adapter/ci/default-values.yaml -------------------------------------------------------------------------------- /helm-middleware/prometheus/prometheus-adapter/ci/external-rules-values.yaml: -------------------------------------------------------------------------------- 1 | rules: 2 | external: 3 | - seriesQuery: '{__name__=~"^some_metric_count$"}' 4 | resources: 5 | template: <<.Resource>> 6 | name: 7 | matches: "" 8 | as: "my_custom_metric" 9 | metricsQuery: sum(<<.Series>>{<<.LabelMatchers>>}) by (<<.GroupBy>>) 10 | -------------------------------------------------------------------------------- /helm-middleware/prometheus/prometheus-adapter/templates/NOTES.txt: -------------------------------------------------------------------------------- 1 | {{ template "k8s-prometheus-adapter.fullname" . }} has been deployed. 2 | In a few minutes you should be able to list metrics using the following command(s): 3 | {{ if .Values.rules.resource }} 4 | kubectl get --raw /apis/metrics.k8s.io/v1beta1 5 | {{- end }} 6 | kubectl get --raw /apis/custom.metrics.k8s.io/v1beta1 7 | {{ if .Values.rules.external }} 8 | kubectl get --raw /apis/external.metrics.k8s.io/v1beta1 9 | {{- end }} 10 | -------------------------------------------------------------------------------- /helm-middleware/prometheus/prometheus-adapter/templates/custom-metrics-apiserver-service-account.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.serviceAccount.create -}} 2 | apiVersion: v1 3 | kind: ServiceAccount 4 | metadata: 5 | labels: 6 | app: {{ template "k8s-prometheus-adapter.name" . }} 7 | chart: {{ template "k8s-prometheus-adapter.chart" . }} 8 | release: {{ .Release.Name }} 9 | heritage: {{ .Release.Service }} 10 | name: {{ template "k8s-prometheus-adapter.serviceAccountName" . }} 11 | {{- end -}} 12 | -------------------------------------------------------------------------------- /helm-middleware/prometheus/prometheus-base/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *~ 18 | # Various IDEs 19 | .project 20 | .idea/ 21 | *.tmproj 22 | 23 | OWNERS 24 | -------------------------------------------------------------------------------- /helm-middleware/prometheus/prometheus-base/OWNERS: -------------------------------------------------------------------------------- 1 | approvers: 2 | - gianrubio 3 | - zanhsieh 4 | reviewers: 5 | - gianrubio 6 | - zanhsieh 7 | -------------------------------------------------------------------------------- /helm-middleware/prometheus/prometheus-base/templates/alertmanager-serviceaccount.yaml: -------------------------------------------------------------------------------- 1 | {{- if and .Values.alertmanager.enabled .Values.serviceAccounts.alertmanager.create -}} 2 | apiVersion: v1 3 | kind: ServiceAccount 4 | metadata: 5 | labels: 6 | {{- include "prometheus.alertmanager.labels" . | nindent 4 }} 7 | name: {{ template "prometheus.serviceAccountName.alertmanager" . }} 8 | {{- end -}} 9 | -------------------------------------------------------------------------------- /helm-middleware/prometheus/prometheus-base/templates/kube-state-metrics-serviceaccount.yaml: -------------------------------------------------------------------------------- 1 | {{- if and .Values.kubeStateMetrics.enabled .Values.serviceAccounts.kubeStateMetrics.create -}} 2 | apiVersion: v1 3 | kind: ServiceAccount 4 | metadata: 5 | labels: 6 | {{- include "prometheus.kubeStateMetrics.labels" . | nindent 4 }} 7 | name: {{ template "prometheus.serviceAccountName.kubeStateMetrics" . }} 8 | {{- end -}} 9 | -------------------------------------------------------------------------------- /helm-middleware/prometheus/prometheus-base/templates/node-exporter-serviceaccount.yaml: -------------------------------------------------------------------------------- 1 | {{- if and .Values.nodeExporter.enabled .Values.serviceAccounts.nodeExporter.create -}} 2 | apiVersion: v1 3 | kind: ServiceAccount 4 | metadata: 5 | labels: 6 | {{- include "prometheus.nodeExporter.labels" . | nindent 4 }} 7 | name: {{ template "prometheus.serviceAccountName.nodeExporter" . }} 8 | {{- end -}} 9 | -------------------------------------------------------------------------------- /helm-middleware/prometheus/prometheus-base/templates/pushgateway-serviceaccount.yaml: -------------------------------------------------------------------------------- 1 | {{- if and .Values.pushgateway.enabled .Values.serviceAccounts.pushgateway.create -}} 2 | apiVersion: v1 3 | kind: ServiceAccount 4 | metadata: 5 | labels: 6 | {{- include "prometheus.pushgateway.labels" . | nindent 4 }} 7 | name: {{ template "prometheus.serviceAccountName.pushgateway" . }} 8 | {{- end -}} 9 | -------------------------------------------------------------------------------- /helm-middleware/prometheus/prometheus-base/templates/server-pdb.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.server.podDisruptionBudget.enabled }} 2 | apiVersion: policy/v1beta1 3 | kind: PodDisruptionBudget 4 | metadata: 5 | name: {{ template "prometheus.server.fullname" . }} 6 | labels: 7 | {{- include "prometheus.server.labels" . | nindent 4 }} 8 | spec: 9 | maxUnavailable: {{ .Values.server.podDisruptionBudget.maxUnavailable }} 10 | selector: 11 | matchLabels: 12 | {{- include "prometheus.server.labels" . | nindent 6 }} 13 | {{- end }} 14 | -------------------------------------------------------------------------------- /helm-middleware/prometheus/prometheus-base/templates/server-serviceaccount.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.server.enabled -}} 2 | {{- if .Values.serviceAccounts.server.create }} 3 | apiVersion: v1 4 | kind: ServiceAccount 5 | metadata: 6 | labels: 7 | {{- include "prometheus.server.labels" . | nindent 4 }} 8 | name: {{ template "prometheus.serviceAccountName.server" . }} 9 | {{- end }} 10 | {{- end }} 11 | -------------------------------------------------------------------------------- /helm-middleware/prometheus/prometheus-blackbox-exporter/Chart.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | description: Prometheus Blackbox Exporter 3 | name: prometheus-blackbox-exporter 4 | version: 1.6.0 5 | appVersion: 0.15.1 6 | home: https://github.com/prometheus/blackbox_exporter 7 | sources: 8 | - https://github.com/prometheus/blackbox_exporter 9 | keywords: 10 | - prometheus 11 | - blackbox 12 | - monitoring 13 | maintainers: 14 | - name: desaintmartin 15 | email: cedric@desaintmartin.fr 16 | - name: gianrubio 17 | email: gianrubio@gmail.com 18 | -------------------------------------------------------------------------------- /helm-middleware/prometheus/prometheus-blackbox-exporter/OWNERS: -------------------------------------------------------------------------------- 1 | approvers: 2 | - desaintmartin 3 | - gianrubio 4 | reviewers: 5 | - desaintmartin 6 | - gianrubio 7 | -------------------------------------------------------------------------------- /helm-middleware/prometheus/prometheus-blackbox-exporter/ci/default-values.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/wx-chevalier/k8s-examples/39baff1c7670e9027267c572606f0083194a0519/helm-middleware/prometheus/prometheus-blackbox-exporter/ci/default-values.yaml -------------------------------------------------------------------------------- /helm-middleware/prometheus/prometheus-blackbox-exporter/ci/secret-values.yaml: -------------------------------------------------------------------------------- 1 | secretConfig: true 2 | -------------------------------------------------------------------------------- /helm-middleware/prometheus/prometheus-blackbox-exporter/templates/NOTES.txt: -------------------------------------------------------------------------------- 1 | See https://github.com/prometheus/blackbox_exporter/ for how to configure Prometheus and the Blackbox Exporter. 2 | -------------------------------------------------------------------------------- /helm-middleware/prometheus/prometheus-cloudwatch-exporter/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *~ 18 | # Various IDEs 19 | .project 20 | .idea/ 21 | *.tmproj 22 | -------------------------------------------------------------------------------- /helm-middleware/prometheus/prometheus-cloudwatch-exporter/OWNERS: -------------------------------------------------------------------------------- 1 | approvers: 2 | - gianrubio 3 | - torstenwalter 4 | - asherf 5 | reviewers: 6 | - gianrubio 7 | - torstenwalter 8 | - asherf 9 | -------------------------------------------------------------------------------- /helm-middleware/prometheus/prometheus-cloudwatch-exporter/templates/configmap.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ConfigMap 3 | metadata: 4 | name: {{ template "prometheus-cloudwatch-exporter.fullname" . }} 5 | labels: 6 | app: {{ template "prometheus-cloudwatch-exporter.name" . }} 7 | chart: {{ template "prometheus-cloudwatch-exporter.chart" . }} 8 | release: {{ .Release.Name }} 9 | heritage: {{ .Release.Service }} 10 | data: 11 | config.yml: | 12 | {{ printf .Values.config | indent 4 }} 13 | -------------------------------------------------------------------------------- /helm-middleware/prometheus/prometheus-cloudwatch-exporter/templates/serviceaccount.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.serviceAccount.create }} 2 | apiVersion: v1 3 | kind: ServiceAccount 4 | metadata: 5 | name: {{ template "prometheus-cloudwatch-exporter.fullname" . }} 6 | labels: 7 | app: {{ template "prometheus-cloudwatch-exporter.name" . }} 8 | chart: {{ template "prometheus-cloudwatch-exporter.chart" . }} 9 | release: "{{ .Release.Name }}" 10 | heritage: "{{ .Release.Service }}" 11 | {{- end }} 12 | -------------------------------------------------------------------------------- /helm-middleware/prometheus/prometheus-consul-exporter/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *~ 18 | # Various IDEs 19 | .project 20 | .idea/ 21 | *.tmproj 22 | -------------------------------------------------------------------------------- /helm-middleware/prometheus/prometheus-consul-exporter/Chart.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | appVersion: "0.4.0" 3 | description: A Helm chart for the Prometheus Consul Exporter 4 | name: prometheus-consul-exporter 5 | version: 0.1.4 6 | keywords: 7 | - metrics 8 | - consul 9 | - monitoring 10 | home: https://github.com/prometheus/consul_exporter 11 | maintainers: 12 | - name: timm088 13 | email: 8890118+timm088@users.noreply.github.com 14 | -------------------------------------------------------------------------------- /helm-middleware/prometheus/prometheus-consul-exporter/templates/serviceaccount.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.serviceAccount.create -}} 2 | apiVersion: v1 3 | kind: ServiceAccount 4 | metadata: 5 | name: {{ template "prometheus-consul-exporter.serviceAccountName" . }} 6 | labels: 7 | app: {{ template "prometheus-consul-exporter.name" . }} 8 | chart: {{ template "prometheus-consul-exporter.chart" . }} 9 | release: "{{ .Release.Name }}" 10 | heritage: "{{ .Release.Service }}" 11 | {{- end -}} 12 | -------------------------------------------------------------------------------- /helm-middleware/prometheus/prometheus-couchdb-exporter/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *~ 18 | # Various IDEs 19 | .project 20 | .idea/ 21 | *.tmproj 22 | -------------------------------------------------------------------------------- /helm-middleware/prometheus/prometheus-couchdb-exporter/Chart.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | appVersion: "1.0" 3 | description: A Helm chart to export the metrics from couchdb in Prometheus format. 4 | name: prometheus-couchdb-exporter 5 | home: https://github.com/gesellix/couchdb-prometheus-exporter 6 | version: 0.1.1 7 | keywords: 8 | - couchdb-exporter 9 | sources: 10 | - https://github.com/gesellix/couchdb-prometheus-exporter 11 | maintainers: 12 | - name: gkarthiks 13 | email: github.gkarthiks@gmail.com 14 | engine: gotpl 15 | -------------------------------------------------------------------------------- /helm-middleware/prometheus/prometheus-couchdb-exporter/templates/serviceaccount.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.serviceAccount.create -}} 2 | apiVersion: v1 3 | kind: ServiceAccount 4 | metadata: 5 | name: {{ template "prometheus-couchdb-exporter.serviceAccountName" . }} 6 | labels: 7 | app: {{ template "prometheus-couchdb-exporter.name" . }} 8 | chart: {{ template "prometheus-couchdb-exporter.chart" . }} 9 | release: "{{ .Release.Name }}" 10 | heritage: "{{ .Release.Service }}" 11 | {{- end -}} -------------------------------------------------------------------------------- /helm-middleware/prometheus/prometheus-mongodb-exporter/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *~ 18 | # Various IDEs 19 | .project 20 | .idea/ 21 | *.tmproj 22 | .vscode/ 23 | -------------------------------------------------------------------------------- /helm-middleware/prometheus/prometheus-mongodb-exporter/Chart.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | appVersion: "v0.10.0" 3 | description: A Prometheus exporter for MongoDB metrics 4 | home: https://github.com/percona/mongodb_exporter 5 | keywords: 6 | - exporter 7 | - metrics 8 | - mongodb 9 | - prometheus 10 | maintainers: 11 | - email: ssheehy@firescope.com 12 | name: steven-sheehy 13 | name: prometheus-mongodb-exporter 14 | sources: 15 | - https://github.com/percona/mongodb_exporter 16 | version: 2.4.0 17 | -------------------------------------------------------------------------------- /helm-middleware/prometheus/prometheus-mongodb-exporter/OWNERS: -------------------------------------------------------------------------------- 1 | approvers: 2 | - steven-sheehy 3 | reviewers: 4 | - steven-sheehy 5 | -------------------------------------------------------------------------------- /helm-middleware/prometheus/prometheus-mongodb-exporter/ci/env-values.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | # Test adding environment variables 3 | 4 | mongodb: 5 | uri: mongodb://localhost:9216 6 | serviceMonitor: 7 | enabled: false 8 | env: 9 | TEST_ENV: test 10 | MONGODB_URI: mongodb://hostfromenv:9216 11 | -------------------------------------------------------------------------------- /helm-middleware/prometheus/prometheus-mongodb-exporter/ci/servicemonitor-disabled-values.yaml: -------------------------------------------------------------------------------- 1 | mongodb: 2 | uri: mongodb://localhost:9216 3 | serviceMonitor: 4 | enabled: false 5 | -------------------------------------------------------------------------------- /helm-middleware/prometheus/prometheus-mysql-exporter/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *~ 18 | # Various IDEs 19 | .project 20 | .idea/ 21 | *.tmproj 22 | -------------------------------------------------------------------------------- /helm-middleware/prometheus/prometheus-mysql-exporter/Chart.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | description: A Helm chart for prometheus mysql exporter with cloudsqlproxy 3 | name: prometheus-mysql-exporter 4 | version: 0.5.2 5 | home: https://github.com/prometheus/mysqld_exporter 6 | appVersion: v0.11.0 7 | sources: 8 | - https://github.com/prometheus/mysqld_exporter 9 | maintainers: 10 | - name: juanchimienti 11 | email: juan.chimienti@gmail.com 12 | - name: monotek 13 | email: monotek23@gmail.com 14 | -------------------------------------------------------------------------------- /helm-middleware/prometheus/prometheus-mysql-exporter/OWNERS: -------------------------------------------------------------------------------- 1 | approvers: 2 | - juanchimienti 3 | - monotek 4 | reviewers: 5 | - juanchimienti 6 | - monotek 7 | -------------------------------------------------------------------------------- /helm-middleware/prometheus/prometheus-mysql-exporter/templates/secret.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.cloudsqlproxy.enabled }} 2 | apiVersion: v1 3 | kind: Secret 4 | metadata: 5 | name: {{ template "prometheus-mysql-exporter.cloudsqlsecret" . }} 6 | type: Opaque 7 | data: 8 | credentials.json: {{ .Values.cloudsqlproxy.credentials | b64enc }} 9 | {{- end }} 10 | -------------------------------------------------------------------------------- /helm-middleware/prometheus/prometheus-nats-exporter/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *~ 18 | # Various IDEs 19 | .project 20 | .idea/ 21 | *.tmproj 22 | 23 | OWNERS 24 | -------------------------------------------------------------------------------- /helm-middleware/prometheus/prometheus-nats-exporter/Chart.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | appVersion: "0.6.0" 3 | description: A Helm chart for prometheus-nats-exporter 4 | name: prometheus-nats-exporter 5 | version: 2.3.0 6 | home: https://github.com/nats-io/prometheus-nats-exporter 7 | sources: 8 | - https://github.com/nats-io/prometheus-nats-exporter 9 | keywords: 10 | - nats 11 | - prometheus 12 | - exporter 13 | maintainers: 14 | - email: okgolove@markeloff.net 15 | name: okgolove 16 | - email: carlos@carlosbecker.com 17 | name: caarlos0 18 | -------------------------------------------------------------------------------- /helm-middleware/prometheus/prometheus-nats-exporter/OWNERS: -------------------------------------------------------------------------------- 1 | approvers: 2 | - okgolove 3 | - caarlos0 4 | reviewers: 5 | - okgolove 6 | - caarlos0 7 | -------------------------------------------------------------------------------- /helm-middleware/prometheus/prometheus-node-exporter/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *~ 18 | # Various IDEs 19 | .project 20 | .idea/ 21 | *.tmproj 22 | -------------------------------------------------------------------------------- /helm-middleware/prometheus/prometheus-node-exporter/Chart.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | appVersion: 0.18.1 3 | description: A Helm chart for prometheus node-exporter 4 | name: prometheus-node-exporter 5 | version: 1.8.1 6 | home: https://github.com/prometheus/node_exporter/ 7 | sources: 8 | - https://github.com/prometheus/node_exporter/ 9 | keywords: 10 | - node-exporter 11 | - prometheus 12 | - exporter 13 | maintainers: 14 | - email: gianrubio@gmail.com 15 | name: gianrubio 16 | - name: vsliouniaev 17 | -------------------------------------------------------------------------------- /helm-middleware/prometheus/prometheus-node-exporter/OWNERS: -------------------------------------------------------------------------------- 1 | approvers: 2 | - gianrubio 3 | - vsliouniaev 4 | reviewers: 5 | - gianrubio 6 | - vsliouniaev -------------------------------------------------------------------------------- /helm-middleware/prometheus/prometheus-operator/OWNERS: -------------------------------------------------------------------------------- 1 | approvers: 2 | - vsliouniaev 3 | - bismarck 4 | - gianrubio 5 | reviewers: 6 | - vsliouniaev 7 | - bismarck 8 | - gianrubio 9 | -------------------------------------------------------------------------------- /helm-middleware/prometheus/prometheus-operator/ci/02-test-without-crds-values.yaml: -------------------------------------------------------------------------------- 1 | prometheusOperator: 2 | createCustomResource: false 3 | namespaces: 4 | releaseNamespace: true 5 | additional: 6 | - kube-system 7 | -------------------------------------------------------------------------------- /helm-middleware/prometheus/prometheus-operator/hack/minikube/README.md: -------------------------------------------------------------------------------- 1 | The configuration in this folder lets you locally test the setup on minikube. Use cmd.sh to set up components and hack a working etcd scrape configuration. Run the commands in the sequence listed in the script to get a local working minikube cluster. 2 | 3 | If you're using windows, there's a commented-out section that you should add to the minikube command. -------------------------------------------------------------------------------- /helm-middleware/prometheus/prometheus-operator/hack/minikube/values.yaml: -------------------------------------------------------------------------------- 1 | prometheus: 2 | prometheusSpec: 3 | secrets: [etcd-certs] 4 | kubeEtcd: 5 | serviceMonitor: 6 | scheme: https 7 | caFile: /etc/prometheus/secrets/etcd-certs/ca.crt 8 | certFile: /etc/prometheus/secrets/etcd-certs/client.crt 9 | keyFile: /etc/prometheus/secrets/etcd-certs/client.key -------------------------------------------------------------------------------- /helm-middleware/prometheus/prometheus-operator/hack/requirements.txt: -------------------------------------------------------------------------------- 1 | PyYAML==5.1.2 2 | requests==2.22.0 3 | -------------------------------------------------------------------------------- /helm-middleware/prometheus/prometheus-operator/templates/NOTES.txt: -------------------------------------------------------------------------------- 1 | The Prometheus Operator has been installed. Check its status by running: 2 | kubectl --namespace {{ $.Release.Namespace }} get pods -l "release={{ $.Release.Name }}" 3 | 4 | Visit https://github.com/coreos/prometheus-operator for instructions on how 5 | to create & configure Alertmanager and Prometheus instances using the Operator. -------------------------------------------------------------------------------- /helm-middleware/prometheus/prometheus-operator/templates/prometheus-operator/crds.yaml: -------------------------------------------------------------------------------- 1 | {{- if and .Values.prometheusOperator.enabled .Values.prometheusOperator.createCustomResource -}} 2 | {{- range $path, $bytes := .Files.Glob "crds/*.yaml" }} 3 | {{ $.Files.Get $path }} 4 | --- 5 | {{- end }} 6 | {{- end }} 7 | -------------------------------------------------------------------------------- /helm-middleware/prometheus/prometheus-postgres-exporter/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *~ 18 | # Various IDEs 19 | .project 20 | .idea/ 21 | *.tmproj 22 | -------------------------------------------------------------------------------- /helm-middleware/prometheus/prometheus-postgres-exporter/Chart.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | appVersion: "0.5.1" 3 | description: A Helm chart for prometheus postgres-exporter 4 | name: prometheus-postgres-exporter 5 | version: 1.1.1 6 | home: https://github.com/wrouesnel/postgres_exporter 7 | sources: 8 | - https://github.com/wrouesnel/postgres_exporter 9 | keywords: 10 | - postgresql 11 | - prometheus 12 | - exporter 13 | maintainers: 14 | - email: gianrubio@gmail.com 15 | name: gianrubio 16 | -------------------------------------------------------------------------------- /helm-middleware/prometheus/prometheus-postgres-exporter/templates/configmap.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ConfigMap 3 | metadata: 4 | name: {{ template "prometheus-postgres-exporter.fullname" . }} 5 | labels: 6 | app: {{ template "prometheus-postgres-exporter.name" . }} 7 | chart: {{ template "prometheus-postgres-exporter.chart" . }} 8 | release: {{ .Release.Name }} 9 | heritage: {{ .Release.Service }} 10 | data: 11 | config.yaml: | 12 | {{ printf .Values.config.queries | indent 4 }} -------------------------------------------------------------------------------- /helm-middleware/prometheus/prometheus-postgres-exporter/templates/serviceaccount.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.serviceAccount.create -}} 2 | apiVersion: v1 3 | kind: ServiceAccount 4 | metadata: 5 | name: {{ template "prometheus-postgres-exporter.serviceAccountName" . }} 6 | labels: 7 | app: {{ template "prometheus-postgres-exporter.name" . }} 8 | chart: {{ template "prometheus-postgres-exporter.chart" . }} 9 | release: "{{ .Release.Name }}" 10 | heritage: "{{ .Release.Service }}" 11 | {{- end -}} 12 | -------------------------------------------------------------------------------- /helm-middleware/prometheus/prometheus-pushgateway/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *~ 18 | # Various IDEs 19 | .project 20 | .idea/ 21 | *.tmproj 22 | 23 | # OWNERS file for Kubernetes 24 | OWNERS -------------------------------------------------------------------------------- /helm-middleware/prometheus/prometheus-pushgateway/Chart.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | appVersion: "1.0.0" 3 | description: A Helm chart for prometheus pushgateway 4 | name: prometheus-pushgateway 5 | version: 1.2.8 6 | home: https://github.com/prometheus/pushgateway 7 | sources: 8 | - https://github.com/prometheus/pushgateway 9 | keywords: 10 | - pushgateway 11 | - prometheus 12 | maintainers: 13 | - email: gianrubio@gmail.com 14 | name: gianrubio 15 | - email: christian.staude@staffbase.com 16 | name: cstaud 17 | -------------------------------------------------------------------------------- /helm-middleware/prometheus/prometheus-pushgateway/OWNERS: -------------------------------------------------------------------------------- 1 | approvers: 2 | - gianrubio 3 | - cstaud 4 | reviewers: 5 | - gianrubio 6 | - cstaud -------------------------------------------------------------------------------- /helm-middleware/prometheus/prometheus-pushgateway/templates/pdb.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.podDisruptionBudget -}} 2 | apiVersion: policy/v1beta1 3 | kind: PodDisruptionBudget 4 | metadata: 5 | name: {{ template "prometheus-pushgateway.fullname" . }} 6 | labels: 7 | {{ template "prometheus-pushgateway.defaultLabels" merge (dict "extraLabels" .Values.podLabels) . }} 8 | spec: 9 | selector: 10 | matchLabels: 11 | app: {{ template "prometheus-pushgateway.name" . }} 12 | {{ toYaml .Values.podDisruptionBudget | indent 2 }} 13 | {{- end -}} -------------------------------------------------------------------------------- /helm-middleware/prometheus/prometheus-pushgateway/templates/serviceaccount.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.serviceAccount.create -}} 2 | apiVersion: v1 3 | kind: ServiceAccount 4 | metadata: 5 | name: {{ template "prometheus-pushgateway.serviceAccountName" . }} 6 | labels: 7 | {{ template "prometheus-pushgateway.defaultLabels" merge (dict "extraLabels" .Values.serviceAccountLabels) . }} 8 | {{- end -}} 9 | -------------------------------------------------------------------------------- /helm-middleware/prometheus/prometheus-rabbitmq-exporter/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *~ 18 | # Various IDEs 19 | .project 20 | .idea/ 21 | *.tmproj 22 | -------------------------------------------------------------------------------- /helm-middleware/prometheus/prometheus-rabbitmq-exporter/Chart.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | description: Rabbitmq metrics exporter for prometheus 3 | name: prometheus-rabbitmq-exporter 4 | version: 0.5.5 5 | appVersion: v0.29.0 6 | home: https://github.com/kbudde/rabbitmq_exporter 7 | sources: 8 | - https://github.com/kbudde/rabbitmq_exporter 9 | maintainers: 10 | - name: juanchimienti 11 | email: juan.chimienti@gmail.com 12 | -------------------------------------------------------------------------------- /helm-middleware/prometheus/prometheus-redis-exporter/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *~ 18 | # Various IDEs 19 | .project 20 | .idea/ 21 | *.tmproj 22 | -------------------------------------------------------------------------------- /helm-middleware/prometheus/prometheus-redis-exporter/Chart.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | appVersion: 1.0.4 3 | description: Prometheus exporter for Redis metrics 4 | name: prometheus-redis-exporter 5 | version: 3.2.0 6 | home: https://github.com/oliver006/redis_exporter 7 | sources: 8 | - https://github.com/oliver006/redis_exporter 9 | keywords: 10 | - prometheus 11 | - redis 12 | maintainers: 13 | - name: acondrat 14 | email: arcadie.condrat@gmail.com 15 | -------------------------------------------------------------------------------- /helm-middleware/prometheus/prometheus-redis-exporter/OWNERS: -------------------------------------------------------------------------------- 1 | approvers: 2 | - acondrat 3 | reviewers: 4 | - acondrat 5 | -------------------------------------------------------------------------------- /helm-middleware/prometheus/prometheus-redis-exporter/templates/serviceaccount.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.serviceAccount.create -}} 2 | apiVersion: v1 3 | kind: ServiceAccount 4 | metadata: 5 | name: {{ template "prometheus-redis-exporter.serviceAccountName" . }} 6 | labels: 7 | app: {{ template "prometheus-redis-exporter.name" . }} 8 | chart: {{ template "prometheus-redis-exporter.chart" . }} 9 | release: "{{ .Release.Name }}" 10 | heritage: "{{ .Release.Service }}" 11 | {{- end -}} 12 | -------------------------------------------------------------------------------- /helm-middleware/prometheus/prometheus-snmp-exporter/Chart.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | description: Prometheus SNMP Exporter 3 | name: prometheus-snmp-exporter 4 | version: 0.0.4 5 | appVersion: 0.14.0 6 | home: https://github.com/prometheus/snmp_exporter 7 | sources: 8 | - https://github.com/prometheus/snmp_exporter 9 | keywords: 10 | - prometheus 11 | - snmp 12 | - monitoring 13 | maintainers: 14 | - name: miouge1 15 | email: maxime@root314.com 16 | -------------------------------------------------------------------------------- /helm-middleware/prometheus/prometheus-snmp-exporter/OWNERS: -------------------------------------------------------------------------------- 1 | approvers: 2 | - miouge1 3 | reviewers: 4 | - miouge1 5 | -------------------------------------------------------------------------------- /helm-middleware/prometheus/prometheus-snmp-exporter/templates/NOTES.txt: -------------------------------------------------------------------------------- 1 | See https://github.com/prometheus/snmp_exporter/ for how to configure Prometheus and the SNMP Exporter. 2 | -------------------------------------------------------------------------------- /helm-middleware/prometheus/prometheus-to-sd/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *~ 18 | # Various IDEs 19 | .project 20 | .idea/ 21 | *.tmproj 22 | -------------------------------------------------------------------------------- /helm-middleware/prometheus/prometheus-to-sd/Chart.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | appVersion: 0.5.2 3 | description: Scrape metrics stored in prometheus format and push them to the Stackdriver 4 | home: https://github.com/GoogleCloudPlatform/k8s-stackdriver/tree/master/prometheus-to-sd 5 | keywords: 6 | - prometheus 7 | - stackdriver 8 | maintainers: 9 | - name: acondrat 10 | email: arcadie.condrat@gmail.com 11 | name: prometheus-to-sd 12 | version: 0.3.0 13 | -------------------------------------------------------------------------------- /helm-middleware/prometheus/prometheus-to-sd/OWNERS: -------------------------------------------------------------------------------- 1 | approvers: 2 | - acondrat 3 | reviewers: 4 | - acondrat 5 | -------------------------------------------------------------------------------- /helm-middleware/prometheus/prometheus-to-sd/templates/NOTES.txt: -------------------------------------------------------------------------------- 1 | Check prometheus-to-sd pod 2 | $ kubectl get pods --namespace={{ .Release.Namespace }} 3 | -------------------------------------------------------------------------------- /helm-middleware/prometheus/prometheus-to-sd/values.yaml: -------------------------------------------------------------------------------- 1 | replicaCount: 1 2 | image: 3 | repository: gcr.io/google-containers/prometheus-to-sd 4 | tag: v0.5.2 5 | pullPolicy: IfNotPresent 6 | resources: {} 7 | port: 6060 8 | metricsSources: 9 | kube-state-metrics: http://kube-state-metrics:8080 10 | nodeSelector: {} 11 | tolerations: [] 12 | -------------------------------------------------------------------------------- /helm-middleware/rabbitmq-ha/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *~ 18 | # Various IDEs 19 | .project 20 | .idea/ 21 | *.tmproj 22 | -------------------------------------------------------------------------------- /helm-middleware/rabbitmq-ha/OWNERS: -------------------------------------------------------------------------------- 1 | approvers: 2 | - steven-sheehy 3 | reviewers: 4 | - steven-sheehy 5 | 6 | -------------------------------------------------------------------------------- /helm-middleware/rabbitmq-ha/ci/prometheus-exporter-values.yaml: -------------------------------------------------------------------------------- 1 | # Testing Prometheus exporter 2 | 3 | prometheus: 4 | exporter: 5 | enabled: true 6 | 7 | operator: 8 | enabled: false 9 | -------------------------------------------------------------------------------- /helm-middleware/rabbitmq-ha/ci/prometheus-plugin-values.yaml: -------------------------------------------------------------------------------- 1 | # Testing native Prometheus plugin 2 | 3 | rabbitmqPrometheusPlugin: 4 | enabled: true 5 | 6 | prometheus: 7 | operator: 8 | enabled: false 9 | -------------------------------------------------------------------------------- /helm-middleware/rabbitmq/.helmignore: -------------------------------------------------------------------------------- 1 | .git 2 | OWNERS 3 | -------------------------------------------------------------------------------- /helm-middleware/rabbitmq/OWNERS: -------------------------------------------------------------------------------- 1 | approvers: 2 | - carrodher 3 | - javsalgar 4 | - desaintmartin 5 | - juan131 6 | - prydonius 7 | - sameersbn 8 | - tompizmor 9 | - miguelaeh 10 | reviewers: 11 | - carrodher 12 | - javsalgar 13 | - desaintmartin 14 | - juan131 15 | - prydonius 16 | - sameersbn 17 | - tompizmor 18 | - miguelaeh 19 | -------------------------------------------------------------------------------- /helm-middleware/rabbitmq/ci/affinity-toleration-values.yaml: -------------------------------------------------------------------------------- 1 | tolerations: 2 | - key: foo 3 | operator: "Equal" 4 | value: bar 5 | affinity: 6 | nodeAffinity: 7 | preferredDuringSchedulingIgnoredDuringExecution: 8 | - weight: 100 9 | preference: 10 | matchExpressions: 11 | - key: foo 12 | operator: In 13 | values: 14 | - bar 15 | -------------------------------------------------------------------------------- /helm-middleware/rabbitmq/ci/default-values.yaml: -------------------------------------------------------------------------------- 1 | # Leave this file empty to ensure that CI runs builds against the default configuration in values.yaml. 2 | -------------------------------------------------------------------------------- /helm-middleware/rabbitmq/ci/networkpolicy-values.yaml: -------------------------------------------------------------------------------- 1 | networkPolicy: 2 | enable: true 3 | allowExternal: false 4 | additionalRules: 5 | - matchLabels: 6 | - role: foo 7 | - matchExpressions: 8 | - key: role 9 | operator: In 10 | values: 11 | - bar 12 | -------------------------------------------------------------------------------- /helm-middleware/rabbitmq/templates/role.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.rbacEnabled }} 2 | kind: Role 3 | apiVersion: rbac.authorization.k8s.io/v1 4 | metadata: 5 | name: {{ template "rabbitmq.fullname" . }}-endpoint-reader 6 | labels: 7 | app: {{ template "rabbitmq.name" . }} 8 | chart: {{ template "rabbitmq.chart" . }} 9 | release: "{{ .Release.Name }}" 10 | heritage: "{{ .Release.Service }}" 11 | rules: 12 | - apiGroups: [""] 13 | resources: ["endpoints"] 14 | verbs: ["get"] 15 | {{- end }} 16 | -------------------------------------------------------------------------------- /helm-middleware/rabbitmq/templates/serviceaccount.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.rbacEnabled }} 2 | apiVersion: v1 3 | kind: ServiceAccount 4 | metadata: 5 | name: {{ template "rabbitmq.fullname" . }} 6 | labels: 7 | app: {{ template "rabbitmq.name" . }} 8 | chart: {{ template "rabbitmq.chart" . }} 9 | release: "{{ .Release.Name }}" 10 | heritage: "{{ .Release.Service }}" 11 | {{- end }} 12 | -------------------------------------------------------------------------------- /helm-middleware/redis-ha/OWNERS: -------------------------------------------------------------------------------- 1 | approvers: 2 | - ssalaues 3 | - dandydeveloper 4 | reviewers: 5 | - ssalaues 6 | - dandydeveloper -------------------------------------------------------------------------------- /helm-middleware/redis-ha/ci/haproxy-enabled-values.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | ## Enable HAProxy to manage Load Balancing 3 | haproxy: 4 | enabled: true 5 | annotations: 6 | any.domain/key: "value" 7 | serviceAccount: 8 | create: true 9 | metrics: 10 | enabled: true 11 | -------------------------------------------------------------------------------- /helm-middleware/redis-ha/templates/redis-auth-secret.yaml: -------------------------------------------------------------------------------- 1 | {{- if and .Values.auth (not .Values.existingSecret) -}} 2 | apiVersion: v1 3 | kind: Secret 4 | metadata: 5 | name: {{ template "redis-ha.fullname" . }} 6 | namespace: {{ .Release.Namespace }} 7 | labels: 8 | {{ include "labels.standard" . | indent 4 }} 9 | type: Opaque 10 | data: 11 | {{ .Values.authKey }}: {{ .Values.redisPassword | b64enc | quote }} 12 | {{- end -}} 13 | -------------------------------------------------------------------------------- /helm-middleware/redis-ha/templates/redis-ha-pdb.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.podDisruptionBudget -}} 2 | apiVersion: policy/v1beta1 3 | kind: PodDisruptionBudget 4 | metadata: 5 | name: {{ template "redis-ha.fullname" . }}-pdb 6 | namespace: {{ .Release.Namespace }} 7 | labels: 8 | {{ include "labels.standard" . | indent 4 }} 9 | spec: 10 | selector: 11 | matchLabels: 12 | release: {{ .Release.Name }} 13 | app: {{ template "redis-ha.name" . }} 14 | {{ toYaml .Values.podDisruptionBudget | indent 2 }} 15 | {{- end -}} 16 | -------------------------------------------------------------------------------- /helm-middleware/redis-ha/templates/redis-ha-serviceaccount.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.serviceAccount.create }} 2 | apiVersion: v1 3 | kind: ServiceAccount 4 | metadata: 5 | name: {{ template "redis-ha.serviceAccountName" . }} 6 | namespace: {{ .Release.Namespace }} 7 | labels: 8 | heritage: {{ .Release.Service }} 9 | release: {{ .Release.Name }} 10 | chart: {{ .Chart.Name }}-{{ .Chart.Version }} 11 | app: {{ template "redis-ha.fullname" . }} 12 | {{- end }} 13 | -------------------------------------------------------------------------------- /helm-middleware/redis-ha/templates/redis-haproxy-serviceaccount.yaml: -------------------------------------------------------------------------------- 1 | {{- if and .Values.haproxy.serviceAccount.create .Values.haproxy.enabled }} 2 | apiVersion: v1 3 | kind: ServiceAccount 4 | metadata: 5 | name: {{ template "redis-ha.serviceAccountName" . }}-haproxy 6 | namespace: {{ .Release.Namespace }} 7 | labels: 8 | heritage: {{ .Release.Service }} 9 | release: {{ .Release.Name }} 10 | chart: {{ .Chart.Name }}-{{ .Chart.Version }} 11 | app: {{ template "redis-ha.fullname" . }} 12 | {{- end }} 13 | -------------------------------------------------------------------------------- /helm-middleware/redis/.helmignore: -------------------------------------------------------------------------------- 1 | .git 2 | # OWNERS file for Kubernetes 3 | OWNERS 4 | -------------------------------------------------------------------------------- /helm-middleware/redis/OWNERS: -------------------------------------------------------------------------------- 1 | approvers: 2 | - carrodher 3 | - javsalgar 4 | - desaintmartin 5 | - juan131 6 | - prydonius 7 | - sameersbn 8 | - tompizmor 9 | - miguelaeh 10 | reviewers: 11 | - carrodher 12 | - javsalgar 13 | - desaintmartin 14 | - juan131 15 | - prydonius 16 | - sameersbn 17 | - tompizmor 18 | - miguelaeh 19 | -------------------------------------------------------------------------------- /helm-middleware/redis/ci/default-values.yaml: -------------------------------------------------------------------------------- 1 | # Leave this file empty to ensure that CI runs builds against the default configuration in values.yaml. 2 | -------------------------------------------------------------------------------- /helm-middleware/redis/ci/dev-values.yaml: -------------------------------------------------------------------------------- 1 | master: 2 | persistence: 3 | enabled: false 4 | 5 | cluster: 6 | enabled: true 7 | slaveCount: 1 8 | 9 | usePassword: false 10 | -------------------------------------------------------------------------------- /helm-middleware/redis/ci/extra-flags-values.yaml: -------------------------------------------------------------------------------- 1 | master: 2 | extraFlags: 3 | - --maxmemory-policy allkeys-lru 4 | persistence: 5 | enabled: false 6 | slave: 7 | extraFlags: 8 | - --maxmemory-policy allkeys-lru 9 | persistence: 10 | enabled: false 11 | usePassword: false 12 | -------------------------------------------------------------------------------- /helm-middleware/redis/ci/redis-lib-values.yaml: -------------------------------------------------------------------------------- 1 | ## Redis library image 2 | ## ref: https://hub.docker.com/r/library/redis/ 3 | ## 4 | image: 5 | registry: docker.io 6 | repository: redis 7 | tag: '5.0.5' 8 | 9 | master: 10 | command: "redis-server" 11 | 12 | slave: 13 | command: "redis-server" 14 | -------------------------------------------------------------------------------- /helm-middleware/redis/ci/redisgraph-module-values.yaml: -------------------------------------------------------------------------------- 1 | image: 2 | registry: docker.io 3 | repository: redislabs/redisgraph 4 | tag: '1.0.0' 5 | 6 | master: 7 | command: "redis-server" 8 | 9 | slave: 10 | command: "redis-server" 11 | -------------------------------------------------------------------------------- /helm-middleware/redis/templates/redis-serviceaccount.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.serviceAccount.create -}} 2 | apiVersion: v1 3 | kind: ServiceAccount 4 | metadata: 5 | name: {{ template "redis.serviceAccountName" . }} 6 | labels: 7 | app: {{ template "redis.name" . }} 8 | chart: {{ template "redis.chart" . }} 9 | release: {{ .Release.Name }} 10 | heritage: {{ .Release.Service }} 11 | {{- end -}} 12 | -------------------------------------------------------------------------------- /helm-middleware/redis/templates/secret.yaml: -------------------------------------------------------------------------------- 1 | {{- if and .Values.usePassword (not .Values.existingSecret) -}} 2 | apiVersion: v1 3 | kind: Secret 4 | metadata: 5 | name: {{ template "redis.fullname" . }} 6 | labels: 7 | app: {{ template "redis.name" . }} 8 | chart: {{ template "redis.chart" . }} 9 | release: "{{ .Release.Name }}" 10 | heritage: "{{ .Release.Service }}" 11 | type: Opaque 12 | data: 13 | redis-password: {{ include "redis.password" . | b64enc | quote }} 14 | {{- end -}} 15 | -------------------------------------------------------------------------------- /helm-middleware/sentry/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *~ 18 | # Various IDEs 19 | .project 20 | .idea/ 21 | *.tmproj 22 | -------------------------------------------------------------------------------- /helm-middleware/sentry/Chart.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | description: Sentry is a cross-platform crash reporting and aggregation platform. 3 | name: sentry 4 | version: 3.1.7 5 | appVersion: 9.1.2 6 | keywords: 7 | - debugging 8 | - logging 9 | sources: 10 | - https://github.com/getsentry/sentry 11 | home: https://sentry.io/ 12 | icon: https://sentry-brand.storage.googleapis.com/sentry-glyph-black.png 13 | maintainers: 14 | - name: rothgar 15 | email: justin@linux.com 16 | - name: okgolove 17 | email: okgolove@markeloff.net 18 | -------------------------------------------------------------------------------- /helm-middleware/sentry/OWNERS: -------------------------------------------------------------------------------- 1 | approvers: 2 | - okgolove 3 | reviewers: 4 | - okgolove 5 | -------------------------------------------------------------------------------- /helm-middleware/sentry/requirements.lock: -------------------------------------------------------------------------------- 1 | dependencies: 2 | - name: postgresql 3 | repository: https://kubernetes-charts.storage.googleapis.com/ 4 | version: 6.5.0 5 | - name: redis 6 | repository: https://kubernetes-charts.storage.googleapis.com/ 7 | version: 9.3.2 8 | digest: sha256:ec1c090ef960c117f69fb79617eacfa01ee787312a5f00a1d5a3bfe97ae00ef6 9 | generated: "2019-10-20T12:47:31.239466+01:00" 10 | -------------------------------------------------------------------------------- /helm-middleware/sentry/requirements.yaml: -------------------------------------------------------------------------------- 1 | dependencies: 2 | - name: postgresql 3 | version: 6.5.0 4 | repository: https://kubernetes-charts.storage.googleapis.com/ 5 | condition: postgresql.enabled 6 | - name: redis 7 | version: 9.3.2 8 | repository: https://kubernetes-charts.storage.googleapis.com/ 9 | condition: redis.enabled 10 | -------------------------------------------------------------------------------- /helm-middleware/spark-history-server/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *~ 18 | # Various IDEs 19 | .project 20 | .idea/ 21 | *.tmproj 22 | # OWNERS file for Kubernetes 23 | OWNERS 24 | -------------------------------------------------------------------------------- /helm-middleware/spark-history-server/Chart.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | name: spark-history-server 3 | version: 1.1.1 4 | appVersion: 2.4.0 5 | description: A Helm chart for Spark History Server 6 | home: https://spark.apache.org 7 | sources: 8 | - https://github.com/apache/spark 9 | - https://github.com/lightbend/spark-history-server-docker 10 | keywords: 11 | - spark 12 | - history-server 13 | maintainers: 14 | - name: yuchaoran2011 15 | email: yuchaoran2011@gmail.com 16 | -------------------------------------------------------------------------------- /helm-middleware/spark-history-server/OWNERS: -------------------------------------------------------------------------------- 1 | approvers: 2 | - yuchaoran2011 3 | reviewers: 4 | - yuchaoran2011 5 | -------------------------------------------------------------------------------- /helm-middleware/spark-history-server/charts/nfs/Chart.yaml: -------------------------------------------------------------------------------- 1 | name: nfs 2 | version: 0.1.0 3 | appVersion: 0.1.0 4 | description: A Helm chart for NFS server 5 | sources: 6 | - https://github.com/kubernetes/examples/tree/master/staging/volumes/nfs 7 | keywords: 8 | - nfs 9 | maintainers: 10 | - name: yuchaoran2011 11 | email: yuchaoran2011@gmail.com 12 | -------------------------------------------------------------------------------- /helm-middleware/spark-history-server/charts/nfs/nfs-data/README.md: -------------------------------------------------------------------------------- 1 | # NFS-exporter container with a file 2 | 3 | This container exports /exports with index.html in it via NFS. Based on 4 | ../exports. Since some Linux kernels have issues running NFSv4 daemons in containers, 5 | only NFSv3 is opened in this container. 6 | 7 | Available as `gcr.io/google-samples/nfs-server`. 8 | 9 | -------------------------------------------------------------------------------- /helm-middleware/spark-history-server/charts/nfs/nfs-data/index.html: -------------------------------------------------------------------------------- 1 | Hello world! 2 | -------------------------------------------------------------------------------- /helm-middleware/spark-history-server/charts/nfs/nfs-pv.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/wx-chevalier/k8s-examples/39baff1c7670e9027267c572606f0083194a0519/helm-middleware/spark-history-server/charts/nfs/nfs-pv.png -------------------------------------------------------------------------------- /helm-middleware/spark-history-server/charts/nfs/values.yaml: -------------------------------------------------------------------------------- 1 | gceStorage: 5Gi 2 | pvcStorage: 1Mi 3 | pvStorage: 1Mi 4 | 5 | pvName: nfs-pv 6 | pvcName: nfs-pvc 7 | 8 | enableExampleNFS: true 9 | -------------------------------------------------------------------------------- /helm-middleware/spark-history-server/templates/serviceaccount.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.serviceAccount.create }} 2 | apiVersion: v1 3 | kind: ServiceAccount 4 | metadata: 5 | name: {{ include "spark-history-server.serviceAccountName" . }} 6 | labels: 7 | app.kubernetes.io/name: {{ include "spark-history-server.name" . }} 8 | helm.sh/chart: {{ include "spark-history-server.chart" . }} 9 | app.kubernetes.io/instance: {{ .Release.Name }} 10 | app.kubernetes.io/managed-by: {{ .Release.Service }} 11 | {{- end }} 12 | -------------------------------------------------------------------------------- /helm-middleware/spark/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *~ 18 | # Various IDEs 19 | .project 20 | .idea/ 21 | *.tmproj 22 | -------------------------------------------------------------------------------- /helm-middleware/spark/Chart.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | name: spark 3 | version: 1.0.2 4 | appVersion: 1.5.1 5 | description: Fast and general-purpose cluster computing system. 6 | home: http://spark.apache.org 7 | icon: http://spark.apache.org/images/spark-logo-trademark.png 8 | sources: 9 | - https://github.com/kubernetes/kubernetes/tree/master/examples/spark 10 | - https://github.com/apache/spark 11 | maintainers: 12 | - name: lachie83 13 | email: lachlan.evenson@gmail.com 14 | - name: daixiang0 15 | email: 764524258@qq.com 16 | -------------------------------------------------------------------------------- /helm-middleware/spark/OWNERS: -------------------------------------------------------------------------------- 1 | approvers: 2 | - lachie83 3 | - daixiang0 4 | reviewers: 5 | - lachie83 6 | - daixiang0 7 | -------------------------------------------------------------------------------- /helm-middleware/spinnaker/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *~ 18 | # Various IDEs 19 | .project 20 | .idea/ 21 | *.tmproj 22 | -------------------------------------------------------------------------------- /helm-middleware/spinnaker/OWNERS: -------------------------------------------------------------------------------- 1 | approvers: 2 | - viglesiasce 3 | - ezimanyi 4 | - dwardu89 5 | - paulczar 6 | reviewers: 7 | - viglesiasce 8 | - ezimanyi 9 | - dwardu89 10 | - paulczar 11 | -------------------------------------------------------------------------------- /helm-middleware/spinnaker/requirements.lock: -------------------------------------------------------------------------------- 1 | dependencies: 2 | - name: redis 3 | repository: https://kubernetes-charts.storage.googleapis.com/ 4 | version: 3.8.0 5 | - name: minio 6 | repository: https://kubernetes-charts.storage.googleapis.com/ 7 | version: 1.6.3 8 | digest: sha256:bccb7348a48817b0c0c654dfecd2f399a64a50b0f677b483a27a76f4ff7ddd89 9 | generated: 2019-01-21T21:59:54.069291+05:30 10 | -------------------------------------------------------------------------------- /helm-middleware/spinnaker/requirements.yaml: -------------------------------------------------------------------------------- 1 | dependencies: 2 | - name: redis 3 | version: 3.8.0 4 | repository: https://kubernetes-charts.storage.googleapis.com/ 5 | condition: redis.enabled 6 | - name: minio 7 | version: 1.6.3 8 | repository: https://kubernetes-charts.storage.googleapis.com/ 9 | condition: minio.enabled 10 | -------------------------------------------------------------------------------- /helm-middleware/spinnaker/templates/configmap/bom.yaml: -------------------------------------------------------------------------------- 1 | {{ if .Values.halyard.bom -}} 2 | apiVersion: v1 3 | kind: ConfigMap 4 | metadata: 5 | name: {{ template "spinnaker.fullname" . }}-halyard-bom 6 | labels: 7 | {{ include "spinnaker.standard-labels" . | indent 4 }} 8 | data: 9 | {{ .Values.halyard.spinnakerVersion }}.yml: 10 | {{ .Values.halyard.bom | toYaml | indent 4 }} 11 | {{- end }} 12 | -------------------------------------------------------------------------------- /helm-middleware/spinnaker/templates/rbac/halyard-sa.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.serviceAccount.create }} 2 | apiVersion: v1 3 | kind: ServiceAccount 4 | metadata: 5 | {{- if .Values.serviceAccount.halyardName }} 6 | name: {{ .Values.serviceAccount.halyardName }} 7 | {{- else }} 8 | name: {{ template "spinnaker.fullname" . }}-halyard 9 | {{- end }} 10 | namespace: {{ .Release.Namespace }} 11 | labels: 12 | {{ include "spinnaker.standard-labels" . | indent 4 }} 13 | {{- end }} 14 | -------------------------------------------------------------------------------- /helm-middleware/spinnaker/templates/secrets/gcs.yaml: -------------------------------------------------------------------------------- 1 | {{ if and .Values.gcs.enabled .Values.gcs.jsonKey }} 2 | apiVersion: v1 3 | kind: Secret 4 | metadata: 5 | {{- if .Values.gcs.secret }} 6 | name: {{ .Values.gcs.secret }} 7 | {{- else }} 8 | name: {{ template "spinnaker.fullname" . }}-gcs 9 | {{- end }} 10 | labels: 11 | {{ include "spinnaker.standard-labels" . | indent 4 }} 12 | component: halyard 13 | type: Opaque 14 | data: 15 | key.json: {{ .Values.gcs.jsonKey | b64enc }} 16 | {{ end }} 17 | -------------------------------------------------------------------------------- /helm-middleware/spinnaker/templates/secrets/registry.yaml: -------------------------------------------------------------------------------- 1 | {{- if not .Values.dockerRegistryAccountSecret }} 2 | apiVersion: v1 3 | kind: Secret 4 | metadata: 5 | name: {{ template "spinnaker.fullname" . }}-registry 6 | labels: 7 | {{ include "spinnaker.standard-labels" . | indent 4 }} 8 | component: clouddriver 9 | type: Opaque 10 | data: 11 | {{- range $index, $account := .Values.dockerRegistries }} 12 | {{ $account.name }}: {{ default "" $account.password | b64enc | quote }} 13 | {{- end }} 14 | {{- end }} 15 | -------------------------------------------------------------------------------- /helm-middleware/spinnaker/templates/services/halyard.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: {{ template "spinnaker.fullname" . }}-halyard 5 | labels: 6 | {{ include "spinnaker.standard-labels" . | indent 4 }} 7 | component: halyard 8 | spec: 9 | ports: 10 | - port: 8064 11 | name: daemon 12 | clusterIP: None 13 | selector: 14 | app: {{ template "spinnaker.fullname" . }} 15 | component: halyard 16 | -------------------------------------------------------------------------------- /helm-middleware/spring-cloud-data-flow/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *~ 18 | # Various IDEs 19 | .project 20 | .idea/ 21 | *.tmproj 22 | OWNERS 23 | -------------------------------------------------------------------------------- /helm-middleware/spring-cloud-data-flow/OWNERS: -------------------------------------------------------------------------------- 1 | approvers: 2 | - chrisjs 3 | - sabbyanandan 4 | reviewers: 5 | - chrisjs 6 | - sabbyanandan 7 | -------------------------------------------------------------------------------- /helm-middleware/spring-cloud-data-flow/templates/database-secret.yaml: -------------------------------------------------------------------------------- 1 | {{- if not .Values.mysql.enabled }} 2 | apiVersion: v1 3 | kind: Secret 4 | metadata: 5 | name: {{ printf "%s-%s" .Release.Name "database" | trunc 63 | trimSuffix "-" }} 6 | labels: 7 | app: {{ template "scdf.name" . }} 8 | chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" 9 | release: "{{ .Release.Name }}" 10 | heritage: "{{ .Release.Service }}" 11 | type: Opaque 12 | data: 13 | database-password: {{ .Values.database.password | b64enc | quote }} 14 | {{- end }} 15 | -------------------------------------------------------------------------------- /helm-middleware/spring-cloud-data-flow/templates/grafana-secret.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.features.monitoring.enabled }} 2 | apiVersion: v1 3 | kind: Secret 4 | type: Opaque 5 | metadata: 6 | name: scdf-grafana-secret 7 | labels: 8 | app: scdf-grafana-secret 9 | data: 10 | admin-user: {{ .Values.grafana.admin.defaultUsername }} 11 | admin-password: {{ .Values.grafana.admin.defaultPassword }} 12 | {{- end }} 13 | -------------------------------------------------------------------------------- /helm-middleware/spring-cloud-data-flow/templates/prometheus-proxy-service.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.features.monitoring.enabled }} 2 | apiVersion: v1 3 | kind: Service 4 | metadata: 5 | name: {{ .Release.Name }}-prometheus-proxy 6 | labels: 7 | app: {{ .Release.Name }}-prometheus-proxy 8 | spec: 9 | selector: 10 | app: prometheus-proxy 11 | ports: 12 | - name: scrape 13 | port: 8080 14 | targetPort: 8080 15 | - name: rsocket 16 | port: 7001 17 | targetPort: 7001 18 | type: LoadBalancer 19 | {{- end }} 20 | -------------------------------------------------------------------------------- /helm-middleware/spring-cloud-data-flow/templates/prometheus-proxy-serviceaccount.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.features.monitoring.enabled }} 2 | apiVersion: v1 3 | kind: ServiceAccount 4 | metadata: 5 | name: {{ .Release.Name }}-prometheus-proxy 6 | labels: 7 | app: {{ .Release.Name }}-prometheus-proxy 8 | namespace: default 9 | {{- end }} 10 | 11 | -------------------------------------------------------------------------------- /helm-middleware/spring-cloud-data-flow/templates/service-account.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.serviceAccount.create -}} 2 | apiVersion: v1 3 | kind: ServiceAccount 4 | metadata: 5 | name: {{ template "scdf.serviceAccountName" . }} 6 | labels: 7 | app: {{ template "scdf.name" . }} 8 | chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" 9 | release: "{{ .Release.Name }}" 10 | heritage: "{{ .Release.Service }}" 11 | {{- end -}} 12 | -------------------------------------------------------------------------------- /helm-middleware/telegraf/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *~ 18 | # Various IDEs 19 | .project 20 | .idea/ 21 | *.tmproj 22 | -------------------------------------------------------------------------------- /helm-middleware/telegraf/Chart.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | name: telegraf 3 | version: 1.4.0 4 | appVersion: 1.12 5 | deprecated: false 6 | description: Telegraf is an agent written in Go for collecting, processing, aggregating, and writing metrics. 7 | keywords: 8 | - telegraf 9 | - collector 10 | - timeseries 11 | - influxdata 12 | home: https://www.influxdata.com/time-series-platform/telegraf/ 13 | maintainers: 14 | - name: naseemkullah 15 | email: naseemkullah@gmail.com 16 | engine: gotpl 17 | -------------------------------------------------------------------------------- /helm-middleware/telegraf/OWNERS: -------------------------------------------------------------------------------- 1 | approvers: 2 | - naseemkullah 3 | reviewers: 4 | - naseemkullah 5 | 6 | -------------------------------------------------------------------------------- /helm-middleware/tensorflow-notebook/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *.jpg 18 | *~ 19 | # Various IDEs 20 | .project 21 | .idea/ 22 | *.tmproj 23 | -------------------------------------------------------------------------------- /helm-middleware/tensorflow-notebook/Chart.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | description: A Helm chart for tensorflow notebook and tensorboard 3 | name: tensorflow-notebook 4 | version: 0.1.3 5 | appVersion: 1.6.0 6 | sources: 7 | - https://github.com/tensorflow/tensorflow 8 | - https://github.com/jupyter 9 | home: https://www.tensorflow.org 10 | maintainers: 11 | - name: cheyang 12 | email: cheyang@163.com 13 | -------------------------------------------------------------------------------- /helm-middleware/tensorflow-notebook/OWNERS: -------------------------------------------------------------------------------- 1 | approvers: 2 | - cheyang 3 | reviewers: 4 | - cheyang 5 | -------------------------------------------------------------------------------- /helm-middleware/tensorflow-notebook/jupyter.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/wx-chevalier/k8s-examples/39baff1c7670e9027267c572606f0083194a0519/helm-middleware/tensorflow-notebook/jupyter.jpg -------------------------------------------------------------------------------- /helm-middleware/tensorflow-notebook/templates/secrets.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Secret 3 | metadata: 4 | name: {{ template "tensorflow-notebook.fullname" . }} 5 | labels: 6 | app: {{ template "tensorflow-notebook.name" . }} 7 | chart: {{ template "tensorflow-notebook.chart" . }} 8 | release: {{ .Release.Name }} 9 | heritage: {{ .Release.Service }} 10 | annotations: 11 | "helm.sh/hook": pre-install,pre-upgrade 12 | type: Opaque 13 | data: 14 | password: {{ .Values.jupyter.password | b64enc | quote }} -------------------------------------------------------------------------------- /helm-middleware/tensorflow-notebook/tensorboard.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/wx-chevalier/k8s-examples/39baff1c7670e9027267c572606f0083194a0519/helm-middleware/tensorflow-notebook/tensorboard.jpg -------------------------------------------------------------------------------- /helm-middleware/tensorflow-serving/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *~ 18 | # Various IDEs 19 | .project 20 | .idea/ 21 | *.tmproj 22 | -------------------------------------------------------------------------------- /helm-middleware/tensorflow-serving/Chart.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | name: tensorflow-serving 3 | home: https://github.com/kubernetes/charts 4 | version: 1.0.1 5 | appVersion: 1.14.0 6 | description: TensorFlow Serving is an open-source software library for serving machine learning models. 7 | sources: 8 | - https://github.com/tensorflow/serving 9 | maintainers: 10 | - name: cheyang 11 | email: cheyang@163.com 12 | -------------------------------------------------------------------------------- /helm-middleware/tensorflow-serving/OWNERS: -------------------------------------------------------------------------------- 1 | approvers: 2 | - cheyang 3 | reviewers: 4 | - cheyang 5 | -------------------------------------------------------------------------------- /helm-middleware/tensorflow-serving/models/mnist-export.tar.gz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/wx-chevalier/k8s-examples/39baff1c7670e9027267c572606f0083194a0519/helm-middleware/tensorflow-serving/models/mnist-export.tar.gz -------------------------------------------------------------------------------- /helm-middleware/tomcat/Chart.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | name: tomcat 3 | description: Deploy a basic tomcat application server with sidecar as web archive container 4 | icon: http://tomcat.apache.org/res/images/tomcat.png 5 | version: 0.4.0 6 | appVersion: "7.0" 7 | home: https://github.com/yahavb 8 | maintainers: 9 | - name: yahavb 10 | email: ybiran@ananware.systems 11 | -------------------------------------------------------------------------------- /helm-middleware/traefik/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *~ 18 | # Various IDEs 19 | .project 20 | .idea/ 21 | *.tmproj 22 | # OWNERS file for Kubernetes 23 | OWNERS 24 | -------------------------------------------------------------------------------- /helm-middleware/traefik/OWNERS: -------------------------------------------------------------------------------- 1 | approvers: 2 | - emilevauge 3 | - dtomcej 4 | - timoreimann 5 | - vdemeester 6 | - nmengin 7 | - mmatur 8 | - ldez 9 | - Juliens 10 | - jbdoumenjou 11 | - geraldcroes 12 | - SantoDE 13 | - errm 14 | reviewers: 15 | - emilevauge 16 | - dtomcej 17 | - timoreimann 18 | - vdemeester 19 | - nmengin 20 | - mmatur 21 | - ldez 22 | - Juliens 23 | - jbdoumenjou 24 | - geraldcroes 25 | - SantoDE 26 | - errm 27 | -------------------------------------------------------------------------------- /helm-middleware/traefik/ci/ci-values.yaml: -------------------------------------------------------------------------------- 1 | serviceType: NodePort 2 | testFramework: 3 | enabled: true 4 | -------------------------------------------------------------------------------- /helm-middleware/traefik/templates/config-files.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.configFiles }} 2 | apiVersion: v1 3 | kind: ConfigMap 4 | metadata: 5 | name: {{ template "traefik.fullname" . }}-configs 6 | labels: 7 | app: {{ template "traefik.name" . }} 8 | chart: {{ template "traefik.chart" . }} 9 | release: "{{ .Release.Name }}" 10 | heritage: "{{ .Release.Service }}" 11 | data: 12 | {{- range $filename, $fileContents := .Values.configFiles }} 13 | {{ $filename }}: |- 14 | {{ $fileContents | indent 4 }} 15 | {{- end }} 16 | {{- end }} 17 | -------------------------------------------------------------------------------- /helm-middleware/traefik/templates/tests/test-configmap.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.testFramework.enabled }} 2 | apiVersion: v1 3 | kind: ConfigMap 4 | metadata: 5 | name: {{ template "traefik.fullname" . }}-test 6 | labels: 7 | app: {{ template "traefik.fullname" . }} 8 | chart: {{ template "traefik.chart" . }} 9 | heritage: "{{ .Release.Service }}" 10 | release: "{{ .Release.Name }}" 11 | data: 12 | run.sh: |- 13 | @test "Test Access" { 14 | curl -D - http://{{ template "traefik.fullname" . }}/ 15 | } 16 | {{- end }} 17 | -------------------------------------------------------------------------------- /helm-middleware/wordpress/.helmignore: -------------------------------------------------------------------------------- 1 | .git 2 | # OWNERS file for Kubernetes 3 | OWNERS 4 | # example production yaml 5 | values-production.yaml -------------------------------------------------------------------------------- /helm-middleware/wordpress/OWNERS: -------------------------------------------------------------------------------- 1 | approvers: 2 | - prydonius 3 | - tompizmor 4 | - sameersbn 5 | - carrodher 6 | - javsalgar 7 | - juan131 8 | - miguelaeh 9 | reviewers: 10 | - prydonius 11 | - tompizmor 12 | - sameersbn 13 | - carrodher 14 | - javsalgar 15 | - juan131 16 | - miguelaeh 17 | -------------------------------------------------------------------------------- /helm-middleware/wordpress/requirements.lock: -------------------------------------------------------------------------------- 1 | dependencies: 2 | - name: mariadb 3 | repository: https://kubernetes-charts.storage.googleapis.com/ 4 | version: 7.3.1 5 | digest: sha256:0a5be71f27bb4258b63df284f5006ab452666b4c3125a1c15b8753e71ec8c118 6 | generated: 2019-12-13T02:09:46.04124621Z 7 | -------------------------------------------------------------------------------- /helm-middleware/wordpress/requirements.yaml: -------------------------------------------------------------------------------- 1 | dependencies: 2 | - name: mariadb 3 | version: 7.x.x 4 | repository: https://kubernetes-charts.storage.googleapis.com/ 5 | condition: mariadb.enabled 6 | tags: 7 | - wordpress-database 8 | -------------------------------------------------------------------------------- /helm-middleware/wordpress/templates/externaldb-secrets.yaml: -------------------------------------------------------------------------------- 1 | {{- if not .Values.mariadb.enabled }} 2 | apiVersion: v1 3 | kind: Secret 4 | metadata: 5 | name: {{ printf "%s-%s" .Release.Name "externaldb" }} 6 | labels: 7 | app: {{ printf "%s-%s" .Release.Name "externaldb" }} 8 | chart: "{{ template "wordpress.chart" . }}" 9 | release: {{ .Release.Name | quote }} 10 | heritage: {{ .Release.Service | quote }} 11 | type: Opaque 12 | data: 13 | db-password: {{ .Values.externalDatabase.password | b64enc | quote }} 14 | {{- end }} 15 | -------------------------------------------------------------------------------- /k3d/.gitignore: -------------------------------------------------------------------------------- 1 | .vscode/ 2 | .local/ 3 | **/__pycache__/ 4 | docker-compose.orverride.yml -------------------------------------------------------------------------------- /k3d/Makefile: -------------------------------------------------------------------------------- 1 | .PHONY: run prep 2 | 3 | demo: 4 | scripts/lifecycle.sh 5 | 6 | demo-multiserver: 7 | scripts/multiserver.sh 8 | 9 | prep: 10 | scripts/prep.sh -------------------------------------------------------------------------------- /k3d/sample/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM python:3.7-slim 2 | 3 | ENV PATH="/app/bin:${PATH}" \ 4 | PYTHONPATH=/app/src 5 | 6 | COPY . /app/ 7 | 8 | RUN pip3 install -r /app/conf/app/requirements.txt 9 | 10 | WORKDIR /app 11 | 12 | ENTRYPOINT ["/bin/bash", "-c"] 13 | 14 | -------------------------------------------------------------------------------- /k3d/sample/Makefile: -------------------------------------------------------------------------------- 1 | 2 | .PHONY: 3 | help: 4 | @echo "Run 'make init' to initialize the local environment" 5 | 6 | .PHONY: 7 | init: set-override 8 | 9 | .PHONY: 10 | set-override: 11 | ln -sf conf/docker-compose.local.yml docker-compose.override.yml 12 | 13 | .PHONY: 14 | lint: 15 | -black --check src/; true 16 | 17 | .PHONY: 18 | format: 19 | docker-compose run app format 20 | 21 | .PHONY: 22 | check-format: 23 | docker-compose run app format --check 24 | -------------------------------------------------------------------------------- /k3d/sample/bin/format: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | CHECK=$1 3 | SCRIPT_DIRS="/app/bin/" 4 | PYTHON_SCRIPTS=$(grep -Erl "^#\!.*python[23]?(\.[0-9]+)?$" ${SCRIPT_DIRS}) 5 | black $CHECK /app/src/ ${PYTHON_SCRIPTS} -------------------------------------------------------------------------------- /k3d/sample/bin/lint: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | black --check /app/src/ 4 | 5 | -------------------------------------------------------------------------------- /k3d/sample/bin/noop: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | # just to keep a container running 4 | echo "noop!" 5 | tail -f /dev/null 6 | 7 | 8 | -------------------------------------------------------------------------------- /k3d/sample/bin/serve-develop: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | export FLASK_APP=app.app 3 | export FLASK_ENV=development 4 | flask run -h 0.0.0.0 -------------------------------------------------------------------------------- /k3d/sample/bin/serve-production: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | gunicorn app.app:app -c/app/conf/app/gunicorn.py -------------------------------------------------------------------------------- /k3d/sample/conf/app/requirements.txt: -------------------------------------------------------------------------------- 1 | flask 2 | gunicorn 3 | black -------------------------------------------------------------------------------- /k3d/sample/conf/charts/sample-app/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *.orig 18 | *~ 19 | # Various IDEs 20 | .project 21 | .idea/ 22 | *.tmproj 23 | .vscode/ 24 | -------------------------------------------------------------------------------- /k3d/sample/conf/charts/sample-app/Chart.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v2 2 | name: sample-app 3 | description: Helm Chart to deploy a ample-app 4 | type: application 5 | version: 0.1.0 6 | appVersion: 1.0.0 7 | 8 | -------------------------------------------------------------------------------- /k3d/sample/conf/charts/sample-app/templates/_helpers.tpl: -------------------------------------------------------------------------------- 1 | 2 | {{- define "env_vars" -}} 3 | {{- range $key, $value := . }} 4 | - name: {{ $key | quote }} 5 | {{- if kindIs "map" $value }} 6 | valueFrom: {{ $value | toYaml | nindent 4 }} 7 | {{- else }} 8 | value: {{ $value | quote }} 9 | {{ end }} 10 | {{- end -}} 11 | {{- end -}} 12 | -------------------------------------------------------------------------------- /k3d/sample/conf/charts/sample-app/values.yaml: -------------------------------------------------------------------------------- 1 | 2 | # general app values 3 | team: Rancher 4 | app: 5 | image: sample-app:local 6 | env: 7 | AUDIENCE: rancher 8 | args: '["serve-develop"]' 9 | domain: sample.k3d.localhost 10 | port: 5000 11 | srcFrom: /src 12 | -------------------------------------------------------------------------------- /k3d/sample/conf/docker-compose.local.yml: -------------------------------------------------------------------------------- 1 | version: "3.2" 2 | services: 3 | app: 4 | container_name: sample-app 5 | build: . 6 | volumes: 7 | - .:/app 8 | environment: 9 | LOG_LEVEL: debug 10 | ports: 11 | - "5000:5000" 12 | command: ["serve-develop"] 13 | -------------------------------------------------------------------------------- /k3d/sample/docker-compose.override.yml: -------------------------------------------------------------------------------- 1 | version: "3.2" 2 | services: 3 | app: 4 | container_name: sample-app 5 | build: . 6 | volumes: 7 | - .:/app 8 | environment: 9 | LOG_LEVEL: debug 10 | ports: 11 | - "5000:5000" 12 | command: ["serve-develop"] 13 | -------------------------------------------------------------------------------- /k3d/sample/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: "3.2" 2 | services: 3 | app: 4 | image: sample-app:local 5 | environment: 6 | AUDIENCE: Rancher 7 | command: ["noop"] 8 | -------------------------------------------------------------------------------- /k3d/sample/src/app/__init__.py: -------------------------------------------------------------------------------- 1 | # register http app 2 | from . import app 3 | -------------------------------------------------------------------------------- /k3d/sample/src/app/app.py: -------------------------------------------------------------------------------- 1 | from flask import Flask 2 | from . import settings 3 | 4 | # create app 5 | app = Flask(__name__, template_folder="web/templates", static_folder="web/static") 6 | app.config.from_object("app.settings") 7 | 8 | # register blueprints 9 | from .web import bp as web 10 | 11 | app.register_blueprint(web) 12 | -------------------------------------------------------------------------------- /k3d/sample/src/app/settings.py: -------------------------------------------------------------------------------- 1 | import logging as log 2 | import os 3 | 4 | # Log settings 5 | LOG_LEVEL = os.environ.get("LOG_LEVEL", "warning").upper() 6 | 7 | log.basicConfig(level=LOG_LEVEL) 8 | 9 | AUDIENCE = os.environ.get("AUDIENCE", "Rancher") 10 | SOMENAME = os.environ.get("SOMENAME", "Meetup") 11 | -------------------------------------------------------------------------------- /k3d/sample/src/app/web/__init__.py: -------------------------------------------------------------------------------- 1 | from flask import Blueprint 2 | 3 | bp = Blueprint("web", __name__, url_prefix="/") 4 | 5 | from . import controllers 6 | -------------------------------------------------------------------------------- /k3d/sample/src/app/web/controllers.py: -------------------------------------------------------------------------------- 1 | import logging as log 2 | import os 3 | from flask import Flask, render_template, request 4 | from .. import settings 5 | from . import bp 6 | 7 | 8 | @bp.route("/", methods=["GET"]) 9 | def index(): 10 | return render_template("index.html", audience=settings.AUDIENCE) 11 | -------------------------------------------------------------------------------- /k3d/sample/src/app/web/templates/index.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | k3d Demo 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 |
14 |
15 |

k3d Demo

16 |
17 |

Hey {{ audience }}!

18 |
19 |
20 | 21 | -------------------------------------------------------------------------------- /k8s-yaml-templates/.gitignore: -------------------------------------------------------------------------------- 1 | *.tex 2 | README.pdf 3 | .DS_Store 4 | *-A4.log 5 | -------------------------------------------------------------------------------- /k8s-yaml-templates/config/configmap-plaintext.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ConfigMap 3 | metadata: 4 | name: test-staging-sidekiq 5 | labels: 6 | name: test-staging-sidekiq 7 | namespace: test 8 | data: 9 | config: |- 10 | --- 11 | :verbose: true 12 | :environment: staging 13 | :pidfile: tmp/pids/sidekiq.pid 14 | :logfile: log/sidekiq.log 15 | :concurrency: 20 16 | :queues: 17 | - [default, 1] 18 | :dynamic: true 19 | :timeout: 300 20 | -------------------------------------------------------------------------------- /k8s-yaml-templates/crd/monkeys.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apiextensions.k8s.io/v1beta1 2 | kind: CustomResourceDefinition 3 | metadata: 4 | name: monkeys.my.com 5 | spec: 6 | group: my.com 7 | version: v1 8 | names: 9 | plural: monkeys 10 | kind: Monkey 11 | -------------------------------------------------------------------------------- /k8s-yaml-templates/hpa/hpa-nginx.yaml: -------------------------------------------------------------------------------- 1 | # https://cheatsheet.dennyzhang.com/kubernetes-yaml-templates 2 | apiVersion: autoscaling/v2beta2 3 | kind: HorizontalPodAutoscaler 4 | metadata: 5 | name: nginx 6 | spec: 7 | scaleTargetRef: 8 | apiVersion: apps/v1 9 | kind: Deployment 10 | name: nginx-deployment 11 | minReplicas: 1 12 | maxReplicas: 10 13 | metrics: 14 | - type: Resource 15 | resource: 16 | name: cpu 17 | target: 18 | type: Utilization 19 | averageUtilization: 50 20 | -------------------------------------------------------------------------------- /k8s-yaml-templates/namespace/ns-dummy.yaml: -------------------------------------------------------------------------------- 1 | # https://github.com/kubernetes/kubernetes/blob/v1.14.0-alpha.0/cluster/addons/addon-manager/namespace.yaml 2 | apiVersion: v1 3 | kind: Namespace 4 | metadata: 5 | name: my-dummy 6 | -------------------------------------------------------------------------------- /k8s-yaml-templates/networksecurity/networksecurity-allowall-ingress.yaml: -------------------------------------------------------------------------------- 1 | # https://kubernetes.io/docs/concepts/services-networking/network-policies/ 2 | # https://cheatsheet.dennyzhang.com/kubernetes-yaml-templates 3 | apiVersion: networking.k8s.io/v1 4 | kind: NetworkPolicy 5 | metadata: 6 | name: default-deny 7 | spec: 8 | podSelector: {} 9 | policyTypes: 10 | - Ingress 11 | -------------------------------------------------------------------------------- /k8s-yaml-templates/networksecurity/networksecurity-deny-othernamespaces.yaml: -------------------------------------------------------------------------------- 1 | # https://github.com/ahmetb/kubernetes-network-policy-recipes/blob/master/04-deny-traffic-from-other-namespaces.md 2 | # Deny all traffic from other namespaces 3 | # https://cheatsheet.dennyzhang.com/kubernetes-yaml-templates 4 | kind: NetworkPolicy 5 | apiVersion: networking.k8s.io/v1 6 | metadata: 7 | namespace: secondary 8 | name: deny-from-other-namespaces 9 | spec: 10 | podSelector: 11 | matchLabels: 12 | ingress: 13 | - from: 14 | - podSelector: {} 15 | -------------------------------------------------------------------------------- /k8s-yaml-templates/networksecurity/networksecurity-denyall-ingress.yaml: -------------------------------------------------------------------------------- 1 | # https://kubernetes.io/docs/concepts/services-networking/network-policies/ 2 | # https://cheatsheet.dennyzhang.com/kubernetes-yaml-templates 3 | apiVersion: networking.k8s.io/v1 4 | kind: NetworkPolicy 5 | metadata: 6 | name: default-deny 7 | spec: 8 | podSelector: {} 9 | policyTypes: 10 | - Ingress 11 | -------------------------------------------------------------------------------- /k8s-yaml-templates/networksecurity/networksecurity-denyall.yaml: -------------------------------------------------------------------------------- 1 | # https://kubernetes.io/docs/concepts/services-networking/network-policies/ 2 | # https://cheatsheet.dennyzhang.com/kubernetes-yaml-templates 3 | apiVersion: networking.k8s.io/v1 4 | kind: NetworkPolicy 5 | metadata: 6 | name: default-deny 7 | spec: 8 | podSelector: {} 9 | policyTypes: 10 | - Ingress 11 | - Egress 12 | -------------------------------------------------------------------------------- /k8s-yaml-templates/networksecurity/networksecurity-denyegress-exceptdns.yaml: -------------------------------------------------------------------------------- 1 | # https://kubernetes.io/blog/2017/10/enforcing-network-policies-in-kubernetes/ 2 | # nginx pods only allow ingress traffic from foo pods 3 | # https://cheatsheet.dennyzhang.com/kubernetes-yaml-templates 4 | kind: NetworkPolicy 5 | apiVersion: networking.k8s.io/v1 6 | metadata: 7 | name: access-nginx 8 | spec: 9 | podSelector: 10 | matchLabels: 11 | app: nginx 12 | ingress: 13 | - from: 14 | - podSelector: 15 | matchLabels: 16 | app: foo 17 | -------------------------------------------------------------------------------- /k8s-yaml-templates/networksecurity/networksecurity-pod.yaml: -------------------------------------------------------------------------------- 1 | # https://kubernetes.io/blog/2017/10/enforcing-network-policies-in-kubernetes/ 2 | # nginx pods only allow ingress traffic from foo pods 3 | # https://cheatsheet.dennyzhang.com/kubernetes-yaml-templates 4 | kind: NetworkPolicy 5 | apiVersion: networking.k8s.io/v1 6 | metadata: 7 | name: access-nginx 8 | spec: 9 | podSelector: 10 | matchLabels: 11 | app: nginx 12 | ingress: 13 | - from: 14 | - podSelector: 15 | matchLabels: 16 | app: foo 17 | -------------------------------------------------------------------------------- /k8s-yaml-templates/pod/pod-dummy.yaml: -------------------------------------------------------------------------------- 1 | # https://github.com/dennyzhang/cheatsheet-kubernetes-A4 2 | # https://cheatsheet.dennyzhang.com/kubernetes-yaml-templates 3 | apiVersion: v1 4 | kind: Pod 5 | metadata: 6 | name: dummy 7 | namespace: default 8 | labels: 9 | env: test 10 | spec: 11 | containers: 12 | - name: dummy 13 | image: ubuntu 14 | # image: busybox 15 | args: [/bin/sh, -c, 16 | 'i=0; while true; do echo "$i: $(date)"; i=$((i+1)); sleep 1; done'] 17 | -------------------------------------------------------------------------------- /k8s-yaml-templates/pod/pod-nginx.yaml: -------------------------------------------------------------------------------- 1 | # https://kubernetes.io/docs/tutorials/k8s101/ 2 | # https://cheatsheet.dennyzhang.com/kubernetes-yaml-templates 3 | apiVersion: v1 4 | kind: Pod 5 | metadata: 6 | name: nginx 7 | spec: 8 | containers: 9 | - name: nginx 10 | image: nginx:1.7.9 11 | ports: 12 | - containerPort: 80 13 | -------------------------------------------------------------------------------- /k8s-yaml-templates/pod/pod-serviceaccount.yaml: -------------------------------------------------------------------------------- 1 | # https://github.com/dennyzhang/cheatsheet-kubernetes-A4 2 | # https://cheatsheet.dennyzhang.com/kubernetes-yaml-templates 3 | apiVersion: v1 4 | kind: Pod 5 | metadata: 6 | name: dummy 7 | namespace: default 8 | labels: 9 | env: test 10 | spec: 11 | serviceAccountName: my-serviceaccount 12 | containers: 13 | - name: dummy 14 | image: ubuntu 15 | # image: busybox 16 | args: [/bin/sh, -c, 17 | 'i=0; while true; do echo "$i: $(date)"; i=$((i+1)); sleep 1; done'] 18 | -------------------------------------------------------------------------------- /k8s-yaml-templates/quota/limitrange-mem-size.yaml: -------------------------------------------------------------------------------- 1 | # https://hackernoon.com/top-10-kubernetes-tips-and-tricks-27528c2d0222 2 | # https://cheatsheet.dennyzhang.com/kubernetes-yaml-templates 3 | apiVersion: v1 4 | kind: LimitRange 5 | metadata: 6 | name: mem-limit-range 7 | spec: 8 | limits: 9 | - default: 10 | memory: 512Mi 11 | defaultRequest: 12 | memory: 256Mi 13 | type: Container 14 | -------------------------------------------------------------------------------- /k8s-yaml-templates/quota/limitrange-pvc-cumulative-size.yaml: -------------------------------------------------------------------------------- 1 | # https://kubernetes.io/docs/tasks/administer-cluster/limit-storage-consumption/ 2 | # In this example, a 6th PVC in the namespace would be rejected because it exceeds the maximum count of 5. 3 | # https://cheatsheet.dennyzhang.com/kubernetes-yaml-templates 4 | apiVersion: v1 5 | kind: ResourceQuota 6 | metadata: 7 | name: storagequota 8 | spec: 9 | hard: 10 | persistentvolumeclaims: "5" 11 | requests.storage: "5Gi" 12 | -------------------------------------------------------------------------------- /k8s-yaml-templates/quota/limitrange-pvc-size.yaml: -------------------------------------------------------------------------------- 1 | # https://kubernetes.io/docs/tasks/administer-cluster/limit-storage-consumption/ 2 | # In this example, a PVC requesting 10Gi of storage would be rejected because it exceeds the 2Gi max. 3 | # https://cheatsheet.dennyzhang.com/kubernetes-yaml-templates 4 | apiVersion: v1 5 | kind: LimitRange 6 | metadata: 7 | name: storagelimits 8 | spec: 9 | limits: 10 | - type: PersistentVolumeClaim 11 | max: 12 | storage: 2Gi 13 | min: 14 | storage: 1Gi 15 | -------------------------------------------------------------------------------- /k8s-yaml-templates/service/service-cassandra.yaml: -------------------------------------------------------------------------------- 1 | # https://kubernetes.io/docs/tutorials/stateful-application/cassandra/ 2 | # https://cheatsheet.dennyzhang.com/kubernetes-yaml-templates 3 | apiVersion: v1 4 | kind: Service 5 | metadata: 6 | labels: 7 | app: cassandra 8 | name: cassandra 9 | spec: 10 | clusterIP: None 11 | ports: 12 | - port: 9042 13 | selector: 14 | app: cassandra 15 | -------------------------------------------------------------------------------- /k8s-yaml-templates/service/service-ingress.yaml: -------------------------------------------------------------------------------- 1 | # https://kubernetes.io/docs/concepts/services-networking/ingress/ 2 | # https://cheatsheet.dennyzhang.com/kubernetes-yaml-templates 3 | apiVersion: extensions/v1beta1 4 | kind: Ingress 5 | metadata: 6 | name: test-ingress 7 | namespace: wordpress 8 | spec: 9 | backend: 10 | serviceName: wordpress-1-wordpress-svc 11 | servicePort: 80 12 | -------------------------------------------------------------------------------- /k8s-yaml-templates/service/service-loadbalancer.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: jenkins-monitoring 5 | namespace: ns-ci 6 | spec: 7 | type: LoadBalancer 8 | selector: 9 | app: jenkins 10 | ports: 11 | - name: http 12 | port: 8080 13 | targetPort: 8080 14 | protocol: TCP 15 | -------------------------------------------------------------------------------- /k8s-yaml-templates/statefulset/statefulset-replicated-mysql/README.md: -------------------------------------------------------------------------------- 1 | https://kubernetes.io/docs/tasks/run-application/run-replicated-stateful-application/ 2 | 3 | Accessing the MySQL instance 4 | 5 | ``` 6 | kubectl run -it --rm --image=mysql:5.6 --restart=Never mysql-client -- mysql -h mysql -ppassword 7 | ``` 8 | -------------------------------------------------------------------------------- /k8s-yaml-templates/statefulset/statefulset-single-mysql/README.md: -------------------------------------------------------------------------------- 1 | https://kubernetes.io/docs/tasks/run-application/run-single-instance-stateful-application/ 2 | 3 | Accessing the MySQL instance 4 | 5 | ``` 6 | kubectl run -it --rm --image=mysql:5.6 --restart=Never mysql-client -- mysql -h mysql -ppassword 7 | ``` 8 | -------------------------------------------------------------------------------- /k8s-yaml-templates/volume/volume-digitalocean.yaml: -------------------------------------------------------------------------------- 1 | # https://github.com/digitalocean/csi-digitalocean 2 | apiVersion: v1 3 | kind: PersistentVolumeClaim 4 | metadata: 5 | name: csi-pvc 6 | spec: 7 | accessModes: 8 | - ReadWriteOnce 9 | resources: 10 | requests: 11 | storage: 5Gi 12 | storageClassName: do-block-storage 13 | -------------------------------------------------------------------------------- /k8s-yaml-templates/volume/volume-emptydir.yaml: -------------------------------------------------------------------------------- 1 | # https://kubernetes.io/docs/tutorials/k8s101/ 2 | # https://cheatsheet.dennyzhang.com/kubernetes-yaml-templates 3 | apiVersion: v1 4 | kind: Pod 5 | metadata: 6 | name: redis 7 | spec: 8 | containers: 9 | - name: redis 10 | image: redis 11 | volumeMounts: 12 | - name: redis-storage 13 | mountPath: /data/redis 14 | readOnly: false 15 | volumes: 16 | - name: redis-storage 17 | emptyDir: {} 18 | -------------------------------------------------------------------------------- /serverless/faas/README.md: -------------------------------------------------------------------------------- 1 | # faas 2 | 3 | ```sh 4 | $ docker stack deploy func --compose-file docker-compose.yml 5 | ``` 6 | -------------------------------------------------------------------------------- /sidecar/k8s-mutate-webhook/.gitignore: -------------------------------------------------------------------------------- 1 | ssl/*.key 2 | ssl/*.pem 3 | ssl/*.csr 4 | /mutateme 5 | verndor/ -------------------------------------------------------------------------------- /sidecar/k8s-mutate-webhook/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM golang:1.12-alpine AS build 2 | ENV GO111MODULE on 3 | ENV CGO_ENABLED 0 4 | ENV GOOS linux 5 | 6 | RUN apk add git make openssl 7 | 8 | WORKDIR /go/src/wx.dev 9 | ADD . . 10 | RUN make test 11 | RUN make app 12 | 13 | FROM alpine 14 | RUN apk --no-cache add ca-certificates && mkdir -p /app 15 | WORKDIR /app 16 | COPY --from=build /go/src/wx.dev/mutateme . 17 | COPY --from=build /go/src/wx.dev/ssl ssl 18 | CMD ["/app/mutateme"] 19 | -------------------------------------------------------------------------------- /sidecar/k8s-mutate-webhook/go.mod: -------------------------------------------------------------------------------- 1 | module wx.dev 2 | 3 | go 1.12 4 | 5 | require ( 6 | github.com/stretchr/testify v1.3.0 7 | k8s.io/api v0.0.0-20190720062849-3043179095b6 8 | k8s.io/apimachinery v0.0.0-20190719140911-bfcf53abc9f8 9 | ) 10 | -------------------------------------------------------------------------------- /sidecar/k8s-mutate-webhook/pod.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: v1 3 | kind: Pod 4 | metadata: 5 | name: c7m 6 | labels: 7 | name: c7m 8 | spec: 9 | containers: 10 | - name: c7m 11 | image: centos:7 12 | command: 13 | - /bin/bash 14 | args: 15 | - -c 16 | - trap "exit" TERM; while :; do sleep 1; done 17 | -------------------------------------------------------------------------------- /sidecar/k8s-mutate-webhook/ssl/Makefile: -------------------------------------------------------------------------------- 1 | APP = mutateme 2 | NAMESPACE = default 3 | 4 | .PHONY:cert 5 | cert: 6 | @./ssl.sh $(APP) $(NAMESPACE) 7 | 8 | .PHONY:clean 9 | clean: 10 | rm -vf *.key *.pem *.cert *.crt *.csr 11 | 12 | -------------------------------------------------------------------------------- /sidecar/k8s-mutate-webhook/ssl/csr.conf: -------------------------------------------------------------------------------- 1 | [req] 2 | req_extensions = v3_req 3 | distinguished_name = req_distinguished_name 4 | [req_distinguished_name] 5 | [ v3_req ] 6 | basicConstraints = CA:FALSE 7 | keyUsage = nonRepudiation, digitalSignature, keyEncipherment 8 | extendedKeyUsage = serverAuth 9 | subjectAltName = @alt_names 10 | [alt_names] 11 | DNS.1 = mutateme 12 | DNS.2 = mutateme.default 13 | DNS.3 = mutateme.default.svc 14 | DNS.4 = mutateme.default.svc.cluster.local 15 | -------------------------------------------------------------------------------- /sidecar/k8s-sidecar-injector/.gitignore: -------------------------------------------------------------------------------- 1 | #intellij 2 | .idea 3 | *.iml 4 | *.ipr 5 | *.iws 6 | kubernetes-sidecar-injector 7 | generated-*.yaml 8 | 9 | Gopkg.lock 10 | /vendor/ 11 | -------------------------------------------------------------------------------- /sidecar/k8s-sidecar-injector/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM scratch 2 | 3 | ADD kubernetes-sidecar-injector /kubernetes-sidecar-injector 4 | 5 | ENTRYPOINT ["/kubernetes-sidecar-injector"] 6 | -------------------------------------------------------------------------------- /sidecar/k8s-sidecar-injector/deployment/helm/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *~ 18 | # Various IDEs 19 | .project 20 | .idea/ 21 | *.tmproj 22 | -------------------------------------------------------------------------------- /sidecar/k8s-sidecar-injector/deployment/helm/Chart.yaml: -------------------------------------------------------------------------------- 1 | name: kubernetes-sidecar-injector 2 | home: https://github.com/expediadotcom/kubernetes-sidecar-injector 3 | version: 0.1 4 | appVersion: 0.1 5 | keywords: 6 | - kubernetes 7 | - sidecar-injection 8 | description: 9 | apiVersion: 10 | sources: 11 | - https://github.com/expediadotcom/kubernetes-sidecar-injector 12 | maintainers: 13 | - name: Ayan Sen 14 | email: aysen@expedia.com 15 | -------------------------------------------------------------------------------- /sidecar/k8s-sidecar-injector/deployment/helm/templates/sidecar-injector-service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: kubernetes-sidecar-injector-svc 5 | labels: 6 | app: sidecar-injector 7 | spec: 8 | ports: 9 | - port: 443 10 | targetPort: 8443 11 | selector: 12 | app: kubernetes-sidecar-injector 13 | -------------------------------------------------------------------------------- /sidecar/k8s-sidecar-injector/deployment/helm/values.yaml: -------------------------------------------------------------------------------- 1 | # Default values for kube sidecar intector 2 | # This is a YAML-formatted file. 3 | # Declare name/value pairs to be passed into your templates. 4 | # name: value 5 | 6 | image: 7 | repository: expediadotcom/kubernetes-sidecar-injector 8 | tag: latest -------------------------------------------------------------------------------- /sidecar/k8s-sidecar-injector/deployment/kubectl/csr-template.conf: -------------------------------------------------------------------------------- 1 | [req] 2 | req_extensions = v3_req 3 | distinguished_name = req_distinguished_name 4 | [req_distinguished_name] 5 | [ v3_req ] 6 | basicConstraints = CA:FALSE 7 | keyUsage = nonRepudiation, digitalSignature, keyEncipherment 8 | extendedKeyUsage = serverAuth 9 | subjectAltName = @alt_names 10 | [alt_names] 11 | DNS.1 = ${SERVICE} 12 | DNS.2 = ${SERVICE}.${NAMESPACE} 13 | DNS.3 = ${SERVICE}.${NAMESPACE}.svc -------------------------------------------------------------------------------- /sidecar/k8s-sidecar-injector/deployment/kubectl/csr-template.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: certificates.k8s.io/v1beta1 2 | kind: CertificateSigningRequest 3 | metadata: 4 | name: ${CSR_NAME} 5 | spec: 6 | groups: 7 | - system:authenticated 8 | request: ${CSR_STR} 9 | usages: 10 | - digital signature 11 | - key encipherment 12 | - server auth -------------------------------------------------------------------------------- /sidecar/k8s-sidecar-injector/deployment/kubectl/replace-ca-token.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | set -euo pipefail 3 | set -o errexit 4 | set -o nounset 5 | 6 | export CA_BUNDLE=$(kubectl get configmap -n kube-system extension-apiserver-authentication -o=jsonpath='{.data.client-ca-file}' | base64 | tr -d '\n') 7 | 8 | sed -e "s|\${CA_BUNDLE}|${CA_BUNDLE}|g" 9 | -------------------------------------------------------------------------------- /sidecar/k8s-sidecar-injector/docker-run.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | make docker 3 | 4 | docker run -d --name injector -p 8443:443 --mount type=bind,src=${GOPATH}/src/github.com/expediadotcom/kubernetes-sidecar-injector/sample,dst=/etc/mutator expediadotcom/kubernetes-sidecar-injector:latest -logtostderr 5 | 6 | docker logs -f $(docker ps -f name=injector -q) 7 | 8 | -------------------------------------------------------------------------------- /sidecar/k8s-sidecar-injector/sample/echo-server-service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: echo-server-svc 5 | labels: 6 | app: echo-server 7 | spec: 8 | ports: 9 | - port: 8080 10 | targetPort: 8080 11 | type: NodePort 12 | selector: 13 | app: echo-server -------------------------------------------------------------------------------- /sidecar/k8s-sidecar-injector/sample/namespace-label.yaml: -------------------------------------------------------------------------------- 1 | { 2 | "kind": "Namespace", 3 | "apiVersion": "v1", 4 | "metadata": { 5 | "name": "default", 6 | "labels": { 7 | "kubernetes-sidecar-injector": "enabled" 8 | } 9 | } 10 | } -------------------------------------------------------------------------------- /sidecar/k8s-sidecar-simple-injection/.gitignore: -------------------------------------------------------------------------------- 1 | # Binaries for programs and plugins 2 | *.exe 3 | *.dll 4 | *.so 5 | *.dylib 6 | 7 | # Test binary, build with `go test -c` 8 | *.test 9 | 10 | # Output of the go coverage tool, specifically when used with LiteIDE 11 | *.out 12 | 13 | vendor/* -------------------------------------------------------------------------------- /sidecar/k8s-sidecar-simple-injection/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM alpine:latest 2 | 3 | ADD kube-mutating-webhook-tutorial /kube-mutating-webhook-tutorial 4 | ENTRYPOINT ["./kube-mutating-webhook-tutorial"] -------------------------------------------------------------------------------- /sidecar/k8s-sidecar-simple-injection/build: -------------------------------------------------------------------------------- 1 | dep ensure 2 | CGO_ENABLED=0 GOOS=linux go build -a -installsuffix cgo -o kube-mutating-webhook-tutorial . 3 | docker build --no-cache -t morvencao/sidecar-injector:v1 . 4 | rm -rf kube-mutating-webhook-tutorial 5 | 6 | docker push morvencao/sidecar-injector:v1 -------------------------------------------------------------------------------- /sidecar/k8s-sidecar-simple-injection/deployment/service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: sidecar-injector-webhook-svc 5 | labels: 6 | app: sidecar-injector 7 | spec: 8 | ports: 9 | - port: 443 10 | targetPort: 443 11 | selector: 12 | app: sidecar-injector 13 | -------------------------------------------------------------------------------- /sidecar/k8s-sidecar-simple-injection/deployment/webhook-patch-ca-bundle.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | ROOT=$(cd $(dirname $0)/../../; pwd) 4 | 5 | set -o errexit 6 | set -o nounset 7 | set -o pipefail 8 | 9 | export CA_BUNDLE=$(kubectl config view --raw --minify --flatten -o jsonpath='{.clusters[].cluster.certificate-authority-data}') 10 | 11 | if command -v envsubst >/dev/null 2>&1; then 12 | envsubst 13 | else 14 | sed -e "s|\${CA_BUNDLE}|${CA_BUNDLE}|g" 15 | fi 16 | -------------------------------------------------------------------------------- /sidecar/k8s-sidecar-simple-injection/mutating-admission-webhook.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/wx-chevalier/k8s-examples/39baff1c7670e9027267c572606f0083194a0519/sidecar/k8s-sidecar-simple-injection/mutating-admission-webhook.jpg -------------------------------------------------------------------------------- /sidecar/k8s-webhook/.gitignore: -------------------------------------------------------------------------------- 1 | # Binaries for programs and plugins 2 | *.exe 3 | *.exe~ 4 | *.dll 5 | *.so 6 | *.dylib 7 | 8 | # Test binary, build with `go test -c` 9 | *.test 10 | 11 | # Output of the go coverage tool, specifically when used with LiteIDE 12 | *.out 13 | 14 | ./vendor -------------------------------------------------------------------------------- /sidecar/k8s-webhook/deployment/configmap.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ConfigMap 3 | metadata: 4 | name: admission-webhook-example-configmap 5 | data: 6 | sidecarconfig.yaml: | 7 | containers: 8 | - name: sidecar-nginx 9 | image: nginx 10 | imagePullPolicy: IfNotPresent 11 | ports: 12 | - containerPort: 80 13 | volumeMounts: 14 | - name: nginx-conf 15 | mountPath: /etc/nginx 16 | volumes: 17 | - name: nginx-conf 18 | configMap: 19 | name: nginx-configmap 20 | -------------------------------------------------------------------------------- /sidecar/k8s-webhook/deployment/service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: admission-webhook-example-svc 5 | labels: 6 | app: admission-webhook-example 7 | spec: 8 | ports: 9 | - port: 443 10 | targetPort: 443 11 | nodePort: 30443 12 | type: NodePort 13 | selector: 14 | app: admission-webhook-example 15 | -------------------------------------------------------------------------------- /sidecar/k8s-webhook/deployment/sleep-no-validation.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | name: sleep 5 | annotations: 6 | admission-webhook-example.iceyao.com/validate: "false" 7 | spec: 8 | replicas: 3 9 | selector: 10 | matchLabels: 11 | app: sleep 12 | template: 13 | metadata: 14 | labels: 15 | app: sleep 16 | spec: 17 | containers: 18 | - name: sleep 19 | image: nginx 20 | imagePullPolicy: IfNotPresent 21 | -------------------------------------------------------------------------------- /sidecar/k8s-webhook/deployment/sleep-with-labels.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | name: sleep 5 | labels: 6 | app.kubernetes.io/name: sleep 7 | spec: 8 | replicas: 3 9 | selector: 10 | matchLabels: 11 | app.kubernetes.io/name: sleep 12 | template: 13 | metadata: 14 | labels: 15 | app.kubernetes.io/name: sleep 16 | spec: 17 | containers: 18 | - name: sleep 19 | image: nginx 20 | imagePullPolicy: IfNotPresent 21 | -------------------------------------------------------------------------------- /sidecar/k8s-webhook/deployment/webhook-patch-ca-bundle.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | ROOT=$(cd $(dirname $0)/../../; pwd) 4 | 5 | set -o errexit 6 | set -o nounset 7 | set -o pipefail 8 | 9 | 10 | export CA_BUNDLE=$(kubectl config view --raw --flatten -o json | jq -r '.clusters[] | select(.name == "'$(kubectl config current-context)'") | .cluster."certificate-authority-data"') 11 | 12 | if command -v envsubst >/dev/null 2>&1; then 13 | envsubst 14 | else 15 | sed -e "s|\${CA_BUNDLE}|${CA_BUNDLE}|g" 16 | fi 17 | -------------------------------------------------------------------------------- /sidecar/k8s-webhook/docker/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM golang:1.11-alpine3.9 2 | 3 | WORKDIR /go/src/github.com/yaoice/webhook-demo 4 | 5 | COPY . /go/src/github.com/yaoice/webhook-demo 6 | 7 | ENV CGO_ENABLED 0 8 | 9 | RUN go build -o /go/bin/webhook-demo cmd/main.go 10 | 11 | FROM alpine:3.9 12 | 13 | LABEL maintainer="iceyao" 14 | 15 | # copy the go binaries from the building stage 16 | COPY --from=0 /go/bin /go/bin 17 | 18 | EXPOSE 443 19 | 20 | ENTRYPOINT ["/go/bin/webhook-demo"] 21 | --------------------------------------------------------------------------------