jrivera
/
flux
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Revert "Upgrading metallb" 

This reverts commit 4393fb4ea5.
main
Jaromir Rivera 2022-08-26 09:40:26 -04:00
parent 940b17c7ab
commit bc5e177deb
4 changed files with 208 additions and 764 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
bootstrap/helmrepositories/helmrepository-bitnami.yaml
View File

@ -2,8 +2,8 @@
apiVersion: source.toolkit.fluxcd.io/v1beta1 apiVersion: source.toolkit.fluxcd.io/v1beta1
kind: HelmRepository kind: HelmRepository
metadata: metadata:
name: bitnami name: metallb
namespace: flux-system namespace: flux-system
spec: spec:
interval: 15m interval: 15m
url: https://charts.bitnami.com/bitnami url: https://metallb.github.io/metallb

954
metallb-system/configmap-metallb-helm-chart-value-overrides.yaml
View File

@ -6,697 +6,170 @@ metadata:
namespace: metallb-system namespace: metallb-system
data: data:
values.yaml: |- values.yaml: |-
## @section Global parameters # Default values for metallb.
## Global Docker image parameters # This is a YAML-formatted file.
## Please, note that this will override the image parameters, including dependencies, configured to use the global value # Declare variables to be passed into your templates.
## Current available global Docker image parameters: imageRegistry, imagePullSecrets and storageClass
## @param global.imageRegistry Global Docker image registry
## @param global.imagePullSecrets Global Docker registry secret names as an array
##
global:
imageRegistry: ""
## E.g.
## imagePullSecrets:
## - myRegistryKeySecretName
##
imagePullSecrets: [] imagePullSecrets: []
## @section Common parameters
## @param kubeVersion Force target Kubernetes version (using Helm capabilities if not set)
##
kubeVersion: ""
## @param nameOverride String to partially override metallb.fullname include (will maintain the release name)
##
nameOverride: "" nameOverride: ""
## @param fullnameOverride String to fully override metallb.fullname template
##
fullnameOverride: "" fullnameOverride: ""
## @param commonLabels Add labels to all the deployed resources
##
commonLabels: {}
## @param commonAnnotations Add annotations to all the deployed resources
##
commonAnnotations: {
configmap.reloader.stakater.com/reload: "metallb-config"
}
## @param extraDeploy Array of extra objects to deploy with the release
##
extraDeploy: []
## Enable diagnostic mode in the deployment(s)/statefulset(s) # To configure MetalLB, you must specify ONE of the following two
## # options.
diagnosticMode:
## @param diagnosticMode.enabled Enable diagnostic mode (all probes will be disabled and the command will be overridden) # existingConfigMap specifies the name of an externally-defined
## # ConfigMap to use as the configuration. Helm will not manage the
enabled: false # contents of this ConfigMap, it is your responsibility to create it.
## @param diagnosticMode.command Command to override all containers in the the deployment(s)/ statefulset(s) existingConfigMap: "metallb-config"
##
command: # configInline specifies MetalLB's configuration directly, in yaml
- sleep # format. When configInline is used, Helm manages MetalLB's
## @param diagnosticMode.args Args to override all containers in the the deployment(s)/statefulset (s) # configuration ConfigMap as part of the release, and
## # existingConfigMap is ignored.
args: #
- infinity # Refer to https://metallb.universe.tf/configuration/ for
## @section MetalLB parameters # available options.
# configInline: {}
## RBAC creation for controller and speaker
##
rbac: rbac:
## @param rbac.create Specifies whether to install and use RBAC rules # create specifies whether to install and use RBAC rules.
##
create: true create: true
## PSP creation for controller and speaker
##
psp: psp:
## @param psp.create Whether to create a PodSecurityPolicy. WARNING: PodSecurityPolicy is deprecated in Kubernetes v1.21 or later, unavailable in v1.25 or later # create specifies whether to install and use Pod Security Policies.
## create: true
create: false
## Prometheus Operator alertmanager alerts prometheus:
## # scrape annotations specifies whether to add Prometheus metric
networkPolicy: # auto-collection annotations to pods. See
## @param networkPolicy.enabled Enable NetworkPolicy # https://github.com/prometheus/prometheus/blob/release-2.1/documentation/examples/ prometheus-kubernetes.yml
## Prometheus scraping of the controller # for a corresponding Prometheus configuration. Alternatively, you
## # may want to use the Prometheus Operator
# (https://github.com/coreos/prometheus-operator) for more powerful
# monitoring configuration. If you use the Prometheus operator, this
# can be left at false.
scrapeAnnotations: false
# port both controller and speaker will listen on for metrics
metricsPort: 7472
# the service account used by prometheus
# required when .Values.prometheus.podMonitor.enabled == true
serviceAccount: ""
# the namespace where prometheus is deployed
# required when .Values.prometheus.podMonitor.enabled == true
namespace: ""
# Prometheus Operator PodMonitors
podMonitor:
# enable support for Prometheus Operator
enabled: false enabled: false
## @param networkPolicy.ingressNSMatchLabels Allow connections from other namespaces
## Set label for namespace and pods (optional). # optional additionnal labels for podMonitors
## additionalLabels: {}
ingressNSMatchLabels: {}
## @param networkPolicy.ingressNSPodMatchLabels For other namespaces match by pod labels and namespace labels # Job label for scrape target
## jobLabel: "app.kubernetes.io/name"
ingressNSPodMatchLabels: {}
## @param prometheusRule.enabled Prometheus Operator alertmanager alerts are created # Scrape interval. If not set, the Prometheus default scrape interval is used.
## interval:
# metric relabel configs to apply to samples before ingestion.
metricRelabelings: []
# - action: keep
# regex: 'kube_(daemonset|deployment|pod|namespace|node|statefulset).+'
# sourceLabels: [__name__]
# relabel configs to apply to samples before ingestion.
relabelings: []
# - sourceLabels: [__meta_kubernetes_pod_node_name]
# separator: ;
# regex: ^(.*)$
# target_label: nodename
# replacement: $1
# action: replace
# Prometheus Operator alertmanager alerts
prometheusRule: prometheusRule:
# enable alertmanager alerts
enabled: false enabled: false
## @section Controller parameters # optional additionnal labels for prometheusRules
additionalLabels: {}
## Metallb Controller deployment. # MetalLBStaleConfig
## ref: https://hub.docker.com/r/bitnami/metallb-controller/tags staleConfig:
## enabled: true
labels:
severity: warning
# MetalLBConfigNotLoaded
configNotLoaded:
enabled: true
labels:
severity: warning
# MetalLBAddressPoolExhausted
addressPoolExhausted:
enabled: true
labels:
severity: alert
addressPoolUsage:
enabled: true
thresholds:
- percent: 75
labels:
severity: warning
- percent: 85
labels:
severity: warning
- percent: 95
labels:
severity: alert
# MetalLBBGPSessionDown
bgpSessionDown:
enabled: true
labels:
severity: alert
extraAlerts: []
# controller contains configuration specific to the MetalLB cluster
# controller.
controller: controller:
## @param controller.image.registry MetalLB Controller image registry enabled: true
## @param controller.image.repository MetalLB Controller image repository # -- Controller log level. Must be one of: `all`, `debug`, `info`, `warn`, `error` or `none`
## @param controller.image.tag MetalLB Controller image tag (immutable tags are recommended) logLevel: info
## @param controller.image.digest MetalLB Controller image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag
## @param controller.image.pullPolicy MetalLB Controller image pull policy
## @param controller.image.pullSecrets Specify docker-registry secret names as an array
##
image: image:
registry: docker.io repository: quay.io/metallb/controller
repository: bitnami/metallb-controller tag:
tag: 0.13.4-debian-11-r3 pullPolicy:
digest: "" serviceAccount:
## Specify a imagePullPolicy # Specifies whether a ServiceAccount should be created
## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
## ref: https://kubernetes.io/docs/user-guide/images/#pre-pulling-images
##
pullPolicy: IfNotPresent
## Optionally specify an array of imagePullSecrets.
## Secrets must be manually created in the namespace.
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
## e.g:
## pullSecrets:
## - myRegistryKeySecretName
##
pullSecrets: []
## @param controller.updateStrategy.type Metallb controller deployment strategy type.
## ref: https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#strategy
## e.g:
## updateStrategy:
## type: RollingUpdate
## rollingUpdate:
## maxSurge: 25%
## maxUnavailable: 25%
##
updateStrategy:
type: RollingUpdate
## @param controller.hostAliases Deployment pod host aliases
## https://kubernetes.io/docs/concepts/services-networking/ add-entries-to-pod-etc-hosts-with-host-aliases/
##
hostAliases: []
## If global .Values.rbac.create is disabled no rbac is created.
## This value is then meaningless
## Defines if the controller rbac should be created.
##
rbac:
## @param controller.rbac.create create specifies whether to install and use RBAC rules.
##
create: true create: true
## If global .Values.psp.create is disabled no psp is created. # The name of the ServiceAccount to use. If not set and create is
## This value is then meaningless # true, a name is generated using the fullname template
## Defines if the controller psp should be created. name: ""
## annotations: {}
psp: securityContext:
## @param controller.psp.create Whether to create a PodSecurityPolicy. WARNING: PodSecurityPolicy is deprecated in Kubernetes v1.21 or later, unavailable in v1.25 or later
##
create: true
## @param controller.priorityClassName Metallb controller pods' priorityClassName
##
priorityClassName: ""
## @param controller.schedulerName Name of the k8s scheduler (other than default)
## ref: https://kubernetes.io/docs/tasks/administer-cluster/configure-multiple-schedulers/
##
schedulerName: ""
## @param controller.terminationGracePeriodSeconds In seconds, time the given to the Metallb controller pod needs to terminate gracefully
## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod/#termination-of-pods
##
terminationGracePeriodSeconds: 0
## @param controller.topologySpreadConstraints Topology Spread Constraints for pod assignment
## https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/
## The value is evaluated as a template
##
topologySpreadConstraints: []
## Controller container resource requests and limits
## ref: https://kubernetes.io/docs/user-guide/compute-resources/
## We usually recommend not to specify default resources and to leave this as a conscious
## choice for the user. This also increases chances charts run on environments with little
## resources, such as Minikube. If you do want to specify resources, uncomment the following
## lines, adjust them as necessary, and remove the curly braces after 'resources:'.
## @param controller.resources.limits The resources limits for the container
## @param controller.resources.requests The requested resources for the container
##
resources:
## Example:
## limits:
## cpu: 100m
## memory: 100Mi
limits: {}
## Examples:
## requests:
## cpu: 25m
## memory: 25Mi
requests: {}
## @param controller.nodeSelector Node labels for controller pod assignment
## ref: https://kubernetes.io/docs/user-guide/node-selection/
##
nodeSelector: {}
## @param controller.tolerations Tolerations for controller pod assignment
## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
##
tolerations: []
## @param controller.affinity Affinity for controller pod assignment
## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ #affinity-and-anti-affinity
##
affinity: {}
## @param controller.podAnnotations Controller Pod annotations
## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/
##
podAnnotations: {}
## @param controller.podLabels Controller Pod labels
## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/
##
podLabels: {}
## @param controller.podAffinityPreset Controller Pod affinitypreset. Allowed values: soft, hard
## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/ #inter-pod-affinity-and-anti-affinity
##
podAffinityPreset: ""
## @param controller.podAntiAffinityPreset Controller Pod anti affinitypreset. Allowed values: soft, hard
## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/ #inter-pod-affinity-and-anti-affinity
##
podAntiAffinityPreset: soft
## Node affinity preset
## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#node-affinity
## Allowed values: soft, hard
##
nodeAffinityPreset:
## @param controller.nodeAffinityPreset.type Controller Pod Node affinity preset. Allowed values: soft, hard
##
type: ""
## @param controller.nodeAffinityPreset.key Controller Pod Node affinity label key to match
## E.g.
## key: "kubernetes.io/e2e-az-name"
##
key: ""
## @param controller.nodeAffinityPreset.values Controller Pod Node affinity label values to match
## E.g.
## values:
## - e2e-az1
## - e2e-az2
##
values: []
## Configure Pods Security Context
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ #set-the-security-context-for-a-pod
## @param controller.podSecurityContext.enabled Enabled Metallb Controller pods' Security Context
## @param controller.podSecurityContext.fsGroup Set Metallb Controller pod's Security Context fsGroup
##
podSecurityContext:
enabled: true
fsGroup: 1001
## Configure Container Security Context
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ #set-the-security-context-for-a-pod
## @param controller.containerSecurityContext.enabled Enabled Metallb Controller containers' Security Context
## @param controller.containerSecurityContext.runAsUser Set Metallb Controller containers' Security Context runAsUser
## @param controller.containerSecurityContext.runAsNonRoot Set Metallb Controller container's Security Context runAsNonRoot
## @param controller.containerSecurityContext.allowPrivilegeEscalation Enables privilege Escalation context for the pod.
## @param controller.containerSecurityContext.readOnlyRootFilesystem Allows the pod to mount the RootFS as ReadOnly
## @param controller.containerSecurityContext.capabilities.drop [array] Drop capabilities for the securityContext
##
containerSecurityContext:
enabled: true
runAsUser: 1001
runAsNonRoot: true runAsNonRoot: true
allowPrivilegeEscalation: false # nobody
readOnlyRootFilesystem: true runAsUser: 65534
capabilities: fsGroup: 65534
drop: resources: {}
- ALL # limits:
## @param controller.command Override default container command (useful when using custom images) # cpu: 100m
## # memory: 100Mi
command: []
## @param controller.args Override default container args (useful when using custom images)
##
args: []
## @param controller.lifecycleHooks for the Metallb Controller container(s) to automate configuration before or after startup
##
lifecycleHooks: {}
## @param controller.extraEnvVars Extra environment variable to pass to the running container.
## For example:
## extraEnvVars:
## - name: MY_ENV_VAR
## value: env_var_value
##
extraEnvVars: []
## @param controller.extraEnvVarsCM Name of existing ConfigMap containing extra env vars for Metallb controller nodes
##
extraEnvVarsCM: "metallb-config"
## @param controller.extraEnvVarsSecret Name of existing Secret containing extra env vars for Metallb controller nodes
##
extraEnvVarsSecret: ""
## @param controller.extraVolumes Optionally specify extra list of additional volumes for the Metallb controller pod(s)
##
extraVolumes: []
## @param controller.extraVolumeMounts Optionally specify extra list of additional volumeMounts for the Metallb controller container(s)
##
extraVolumeMounts: []
## @param controller.sidecars Add additional sidecar containers to the Metallb Controller pod(s)
## e.g:
## sidecars:
## - name: your-image-name
## image: your-image
## imagePullPolicy: Always
## ports:
## - name: portname
## containerPort: 1234
##
sidecars: []
## @param controller.initContainers Add additional init containers to the Metallb Controller pod (s)
## ref: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/
## e.g:
## initContainers:
## - name: your-image-name
## image: your-image
## imagePullPolicy: Always
## command: ['sh', '-c', 'echo "hello world"']
##
initContainers: []
## Pods Service Account
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/
## @param controller.serviceAccount.create Specifies whether a ServiceAccount should be created
## @param controller.serviceAccount.name Name of the service account to use. If not set and create is true, a name is generated using the fullname template.
## @param controller.serviceAccount.automountServiceAccountToken Automount service account token for the server service account
## @param controller.serviceAccount.annotations Annotations for service account. Evaluated as a template. Only used if `create` is `true`.
##
serviceAccount:
create: true
name: ""
automountServiceAccountToken: true
annotations: {}
## @param controller.revisionHistoryLimit Configure the revisionHistoryLimit of the Controller deployment
## ref: https://kubernetes.io/docs/concepts/workloads/controllers/deployment/ #revision-history-limit
##
revisionHistoryLimit: 3
## @param controller.containerPorts.metrics Configures the ports the MetalLB Controller listens on for metrics
##
containerPorts:
metrics: 7472
## Liveness probe values
## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes
## @param controller.livenessProbe.enabled Enable livenessProbe
## @param controller.livenessProbe.initialDelaySeconds Initial delay seconds for livenessProbe
## @param controller.livenessProbe.periodSeconds Period seconds for livenessProbe
## @param controller.livenessProbe.timeoutSeconds Timeout seconds for livenessProbe
## @param controller.livenessProbe.failureThreshold Failure threshold for livenessProbe
## @param controller.livenessProbe.successThreshold Success threshold for livenessProbe
##
livenessProbe:
enabled: true
failureThreshold: 3
initialDelaySeconds: 10
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 1
## Readiness probe values
## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes
## @param controller.readinessProbe.enabled Enable readinessProbe
## @param controller.readinessProbe.initialDelaySeconds Initial delay seconds for readinessProbe
## @param controller.readinessProbe.periodSeconds Period seconds for readinessProbe
## @param controller.readinessProbe.timeoutSeconds Timeout seconds for readinessProbe
## @param controller.readinessProbe.failureThreshold Failure threshold for readinessProbe
## @param controller.readinessProbe.successThreshold Success threshold for readinessProbe
##
readinessProbe:
enabled: true
failureThreshold: 3
initialDelaySeconds: 10
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 1
## Startup probe values
## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes
## @param controller.startupProbe.enabled Enable startupProbe
## @param controller.startupProbe.initialDelaySeconds Initial delay seconds for startupProbe
## @param controller.startupProbe.periodSeconds Period seconds for startupProbe
## @param controller.startupProbe.timeoutSeconds Timeout seconds for startupProbe
## @param controller.startupProbe.failureThreshold Failure threshold for startupProbe
## @param controller.startupProbe.successThreshold Success threshold for startupProbe
##
startupProbe:
enabled: false
failureThreshold: 3
initialDelaySeconds: 10
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 1
## @param controller.customStartupProbe Custom liveness probe for the Web component
##
customStartupProbe: {}
## @param controller.customLivenessProbe Custom liveness probe for the Web component
##
customLivenessProbe: {}
## @param controller.customReadinessProbe Custom readiness probe for the Web component
##
customReadinessProbe: {}
## @section Metallb controller Prometheus metrics export
##
metrics:
## @param controller.metrics.enabled Enable the export of Prometheus metrics
##
enabled: false
## Prometheus Exporter service parameters
##
service:
## @param controller.metrics.service.port Prometheus metrics service port
##
port: 7472
## @param controller.metrics.service.annotations [object] Annotations for the Prometheus Exporter service service
##
annotations:
prometheus.io/scrape: "true"
prometheus.io/port: "7472"
prometheus.io/path: "/metrics" ## Prometheus Operator service monitors
##
serviceMonitor:
## @param controller.metrics.serviceMonitor.enabled Specify if a servicemonitor will be deployed for prometheus-operator
##
enabled: false
## @param controller.metrics.serviceMonitor.namespace Namespace which Prometheus is running in
## e.g:
## namespace: monitoring
##
namespace: ""
## @param controller.metrics.serviceMonitor.jobLabel Specify the jobLabel to use for the prometheus-operator
##
jobLabel: "app.kubernetes.io/name"
## @param controller.metrics.serviceMonitor.interval Scrape interval. If not set, the Prometheus default scrape interval is used
##
interval: ""
## @param controller.metrics.serviceMonitor.scrapeTimeout Timeout after which the scrape is ended
## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api. md#endpoint
##
scrapeTimeout: ""
## @param controller.metrics.serviceMonitor.metricRelabelings Specify additional relabeling of metrics
##
metricRelabelings: []
## @param controller.metrics.serviceMonitor.relabelings Specify general relabeling
##
relabelings: []
## @param controller.metrics.serviceMonitor.selector ServiceMonitor selector labels
## ref: https://github.com/bitnami/charts/tree/master/bitnami/ prometheus-operator#prometheus-configuration
##
## selector:
## prometheus: my-prometheus
##
selector: {}
## @param controller.metrics.serviceMonitor.labels Extra labels for the ServiceMonitor
##
labels: {}
## @param controller.metrics.serviceMonitor.honorLabels honorLabels chooses the metric's labels on collisions with target labels
##
honorLabels: false
## @section Speaker parameters
## Metallb Speaker daemonset.
## ref: https://hub.docker.com/r/bitnami/metallb-speaker/tags
##
speaker:
## @param speaker.image.registry MetalLB Speaker image registry
## @param speaker.image.repository MetalLB Speaker image repository
## @param speaker.image.tag MetalLB Speaker image tag (immutable tags are recommended)
## @param speaker.image.digest MetalLB Speaker image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag
## @param speaker.image.pullPolicy MetalLB Speaker image pull policy
## @param speaker.image.pullSecrets Specify docker-registry secret names as an array
##
image:
registry: docker.io
repository: bitnami/metallb-speaker
tag: 0.13.4-debian-11-r7
digest: ""
## Specify a imagePullPolicy
## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
## ref: https://kubernetes.io/docs/user-guide/images/#pre-pulling-images
##
pullPolicy: IfNotPresent
## Optionally specify an array of imagePullSecrets.
## Secrets must be manually created in the namespace.
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
## e.g:
## pullSecrets:
## - myRegistryKeySecretName
##
pullSecrets: []
## @param speaker.updateStrategy.type Speaker daemonset strategy type
## ref: https://kubernetes.io/docs/tasks/manage-daemon/update-daemon-set/
##
updateStrategy:
## StrategyType
## Can be set to RollingUpdate or OnDelete
##
type: RollingUpdate
## If global .Values.rbac.create is disabled no rbac is created.
## This value is then meaningless
## Defines if the speaker rbac should be created.
##
rbac:
## @param speaker.rbac.create create specifies whether to install and use RBAC rules.
##
create: true
## @param speaker.hostAliases Deployment pod host aliases
## https://kubernetes.io/docs/concepts/services-networking/ add-entries-to-pod-etc-hosts-with-host-aliases/
##
hostAliases: []
## If global .Values.psp.create is disabled no psp is created.
## This value is then meaningless
## Defines if the speaker psp should be created.
##
psp:
## @param speaker.psp.create Whether to create a PodSecurityPolicy. WARNING: PodSecurityPolicy is deprecated in Kubernetes v1.21 or later, unavailable in v1.25 or later
##
create: true
## @param speaker.priorityClassName Speaker pods' priorityClassName
##
priorityClassName: ""
## @param speaker.terminationGracePeriodSeconds In seconds, time the given to the Speaker pod needs to terminate gracefully
## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod/#termination-of-pods
##
terminationGracePeriodSeconds: 2
## Speaker container resource requests and limits
## ref: https://kubernetes.io/docs/user-guide/compute-resources/
## We usually recommend not to specify default resources and to leave this as a conscious
## choice for the user. This also increases chances charts run on environments with little
## resources, such as Minikube. If you do want to specify resources, uncomment the following
## lines, adjust them as necessary, and remove the curly braces after 'resources:'.
## @param speaker.resources.limits The resources limits for the container
## @param speaker.resources.requests The requested resources for the container
##
resources:
## Example:
## limits:
## cpu: 100m
## memory: 100Mi
limits: {}
## Examples:
## requests:
## cpu: 25m
## memory: 25Mi
requests: {}
## @param speaker.nodeSelector Node labels for speaker pod assignment
## ref: https://kubernetes.io/docs/user-guide/node-selection/
##
nodeSelector: {} nodeSelector: {}
## @param speaker.tolerations Tolerations for speaker pod assignment
## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
##
tolerations: [] tolerations: []
## @param speaker.affinity Affinity for speaker pod assignment priorityClassName: ""
## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ #affinity-and-anti-affinity
##
affinity: {} affinity: {}
## Node speaker.affinity preset
## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#node-affinity
##
nodeAffinityPreset:
## @param speaker.nodeAffinityPreset.type Node affinity preset type. Ignored if `speaker. affinity` is set. Allowed values: `soft` or `hard`
##
type: ""
## @param speaker.nodeAffinityPreset.key Node label key to match. Ignored if `speaker.affinity` is set
##
key: ""
## @param speaker.nodeAffinityPreset.values Node label values to match. Ignored if `speaker. affinity` is set
## E.g.
## values:
## - e2e-az1
## - e2e-az2
##
values: []
## @param speaker.podAffinityPreset Pod affinity preset. Ignored if `speaker.affinity` is set. Allowed values: `soft` or `hard`
## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/ #inter-pod-affinity-and-anti-affinity
##
podAffinityPreset: ""
## @param speaker.podAntiAffinityPreset Pod anti-affinity preset. Ignored if `speaker.affinity` is set. Allowed values: `soft` or `hard`
## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/ #inter-pod-affinity-and-anti-affinity
##
podAntiAffinityPreset: soft
## @param speaker.podAnnotations Speaker Pod annotations
## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/
##
podAnnotations: {} podAnnotations: {}
## @param speaker.podLabels Speaker Pod labels
## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/
##
podLabels: {}
## Configure Pods Security Context
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ #set-the-security-context-for-a-pod
## @param speaker.podSecurityContext.enabled Enabled Speaker pods' Security Context
## @param speaker.podSecurityContext.fsGroup Set Speaker pod's Security Context fsGroup
##
podSecurityContext:
enabled: true
fsGroup: 0
## Configure Container Security Context
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ #set-the-security-context-for-a-pod
## @param speaker.containerSecurityContext.enabled Enabled Speaker containers' Security Context
## @param speaker.containerSecurityContext.runAsUser Set Speaker containers' Security Context runAsUser
## @param speaker.containerSecurityContext.allowPrivilegeEscalation Enables privilege Escalation context for the pod.
## @param speaker.containerSecurityContext.readOnlyRootFilesystem Allows the pod to mount the RootFS as ReadOnly
## @param speaker.containerSecurityContext.capabilities.drop [array] Drop capabilities for the securityContext
## @param speaker.containerSecurityContext.capabilities.add [array] Add capabilities for the securityContext
##
containerSecurityContext:
enabled: true
runAsUser: 0
allowPrivilegeEscalation: false
readOnlyRootFilesystem: true
capabilities:
drop:
- ALL
add:
- NET_ADMIN
- NET_RAW
- SYS_ADMIN
## @param speaker.command Override default container command (useful when using custom images)
##
command: []
## @param speaker.args Override default container args (useful when using custom images)
##
args: []
## @param speaker.lifecycleHooks for the Speaker container(s) to automate configuration before or after startup
##
lifecycleHooks: {}
## @param speaker.sidecars Add additional sidecar containers to the Speaker pod(s)
## e.g:
## sidecars:
## - name: your-image-name
## image: your-image
## imagePullPolicy: Always
## ports:
## - name: portname
## containerPort: 1234
##
sidecars: []
## @param speaker.initContainers Add additional init containers to the Speaker pod(s)
## ref: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/
## e.g:
## initContainers:
## - name: your-image-name
## image: your-image
## imagePullPolicy: Always
## command: ['sh', '-c', 'echo "hello world"']
##
initContainers: []
## Pods Service Account
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/
## @param speaker.serviceAccount.create Specifies whether a ServiceAccount should be created
## @param speaker.serviceAccount.name Name of the service account to use. If not set and create is true, a name is generated using the fullname template.
## @param speaker.serviceAccount.automountServiceAccountToken Automount service account token for the server service account
## @param speaker.serviceAccount.annotations Annotations for service account. Evaluated as a template. Only used if `create` is `true`.
##
serviceAccount:
create: true
name: ""
automountServiceAccountToken: true
annotations: {}
## Defines a secret to use outside of the auto generate
## @param speaker.secretName References a Secret name for the member secret outside of the helm chart
## @param speaker.secretKey References a Secret key the member secret outside of the helm chart
## @param speaker.secretValue Custom value for `speaker.secretKey`
## Default: {{ randAlphaNum 256 | b64enc | quote }}
## The auto generated secret has:
## secretName: {{ "common.names.fullname" }}-memberlist
## secretKey: secretkey
## secretValue: random 256 character alphanumeric string
##
secretName: ""
secretKey: ""
secretValue: ""
## @param speaker.extraEnvVars Extra environment variable to pass to the running container.
## For example:
## extraEnvVars:
## - name: MY_ENV_VAR
## value: env_var_value
##
extraEnvVars: []
## @param speaker.extraEnvVarsCM Name of existing ConfigMap containing extra env vars for Speaker nodes
##
extraEnvVarsCM: ""
## @param speaker.extraEnvVarsSecret Name of existing Secret containing extra env vars for Speaker nodes
##
extraEnvVarsSecret: ""
## @param speaker.extraVolumes Optionally specify extra list of additional volumes for the Speaker pod(s)
##
extraVolumes: []
## @param speaker.extraVolumeMounts Optionally specify extra list of additional volumeMounts for the Speaker container(s)
##
extraVolumeMounts: []
## @param speaker.containerPorts.metrics HTTP Metrics Endpoint
##
containerPorts:
metrics: 7472
## Liveness probe values
## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes
## @param speaker.livenessProbe.enabled Enable livenessProbe
## @param speaker.livenessProbe.initialDelaySeconds Initial delay seconds for livenessProbe
## @param speaker.livenessProbe.periodSeconds Period seconds for livenessProbe
## @param speaker.livenessProbe.timeoutSeconds Timeout seconds for livenessProbe
## @param speaker.livenessProbe.failureThreshold Failure threshold for livenessProbe
## @param speaker.livenessProbe.successThreshold Success threshold for livenessProbe
##
livenessProbe: livenessProbe:
enabled: true enabled: true
failureThreshold: 3 failureThreshold: 3
@ -704,15 +177,6 @@ data:
periodSeconds: 10 periodSeconds: 10
successThreshold: 1 successThreshold: 1
timeoutSeconds: 1 timeoutSeconds: 1
## Readiness probe values
## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes
## @param speaker.readinessProbe.enabled Enable readinessProbe
## @param speaker.readinessProbe.initialDelaySeconds Initial delay seconds for readinessProbe
## @param speaker.readinessProbe.periodSeconds Period seconds for readinessProbe
## @param speaker.readinessProbe.timeoutSeconds Timeout seconds for readinessProbe
## @param speaker.readinessProbe.failureThreshold Failure threshold for readinessProbe
## @param speaker.readinessProbe.successThreshold Success threshold for readinessProbe
##
readinessProbe: readinessProbe:
enabled: true enabled: true
failureThreshold: 3 failureThreshold: 3
@ -720,86 +184,66 @@ data:
periodSeconds: 10 periodSeconds: 10
successThreshold: 1 successThreshold: 1
timeoutSeconds: 1 timeoutSeconds: 1
## Startup probe values
## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes # speaker contains configuration specific to the MetalLB speaker
## @param speaker.startupProbe.enabled Enable startupProbe # daemonset.
## @param speaker.startupProbe.initialDelaySeconds Initial delay seconds for startupProbe speaker:
## @param speaker.startupProbe.periodSeconds Period seconds for startupProbe enabled: true
## @param speaker.startupProbe.timeoutSeconds Timeout seconds for startupProbe # -- Speaker log level. Must be one of: `all`, `debug`, `info`, `warn`, `error` or `none`
## @param speaker.startupProbe.failureThreshold Failure threshold for startupProbe logLevel: info
## @param speaker.startupProbe.successThreshold Success threshold for startupProbe tolerateMaster: true
memberlist:
enabled: true
mlBindPort: 7946
image:
repository: quay.io/metallb/speaker
tag:
pullPolicy:
serviceAccount:
# Specifies whether a ServiceAccount should be created
create: true
# The name of the ServiceAccount to use. If not set and create is
# true, a name is generated using the fullname template
name: ""
annotations: {}
## Defines a secret name for the controller to generate a memberlist encryption secret
## By default secretName: {{ "metallb.fullname" }}-memberlist
## ##
startupProbe: # secretName:
enabled: false resources: {}
# limits:
# cpu: 100m
# memory: 100Mi
nodeSelector: {}
tolerations: []
priorityClassName: ""
affinity: {}
## Selects which runtime class will be used by the pod.
# runtimeClassName:
podAnnotations: {}
livenessProbe:
enabled: true
failureThreshold: 3 failureThreshold: 3
initialDelaySeconds: 10 initialDelaySeconds: 10
periodSeconds: 10 periodSeconds: 10
successThreshold: 1 successThreshold: 1
timeoutSeconds: 1 timeoutSeconds: 1
## @param speaker.customStartupProbe Custom liveness probe for the Web component readinessProbe:
## enabled: true
customStartupProbe: {} failureThreshold: 3
## @param speaker.customLivenessProbe Custom liveness probe for the Web component initialDelaySeconds: 10
## periodSeconds: 10
customLivenessProbe: {} successThreshold: 1
## @param speaker.customReadinessProbe Custom readiness probe for the Web component timeoutSeconds: 1
## # frr contains configuration specific to the MetalLB FRR container,
customReadinessProbe: {} # for speaker running alongside FRR.
frr:
## @section Speaker Prometheus metrics export enabled: true
metrics: # FRR_LOGGING_LEVEL used to set logging level for all running frr processes.
## @param speaker.metrics.enabled Enable the export of Prometheus metrics # Possible settings are :-
## # informational, warning, errors and debugging.
enabled: false logLevel: informational
## Prometheus Exporter service parameters image:
## repository: quay.io/frrouting/frr
service: tag: stable_7.5
## @param speaker.metrics.service.port Prometheus metrics service port pullPolicy:
##
port: 7472
## @param speaker.metrics.service.annotations [object] Annotations for the Prometheus Exporter service service
##
annotations:
prometheus.io/scrape: "true"
prometheus.io/port: "7472"
prometheus.io/path: "/metrics"
## Prometheus Operator service monitors
##
serviceMonitor:
## @param speaker.metrics.serviceMonitor.enabled Enable support for Prometheus Operator
##
enabled: false
## @param speaker.metrics.serviceMonitor.namespace Namespace which Prometheus is running in
## e.g:
## namespace: monitoring
##
namespace: ""
## @param speaker.metrics.serviceMonitor.jobLabel Job label for scrape target
##
jobLabel: "app.kubernetes.io/name"
## @param speaker.metrics.serviceMonitor.interval Scrape interval. If not set, the Prometheus default scrape interval is used
##
interval: ""
## @param speaker.metrics.serviceMonitor.scrapeTimeout Timeout after which the scrape is ended
## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api. md#endpoint
##
scrapeTimeout: ""
## @param speaker.metrics.serviceMonitor.metricRelabelings Specify additional relabeling of metrics
##
metricRelabelings: []
## @param speaker.metrics.serviceMonitor.relabelings Specify general relabeling
##
relabelings: []
## @param speaker.metrics.serviceMonitor.selector ServiceMonitor selector labels
## ref: https://github.com/bitnami/charts/tree/master/bitnami/ prometheus-operator#prometheus-configuration
##
## selector:
## prometheus: my-prometheus
##
selector: {}
## @param speaker.metrics.serviceMonitor.labels Extra labels for the ServiceMonitor
##
labels: {}
## @param speaker.metrics.serviceMonitor.honorLabels honorLabels chooses the metric's labels on collisions with target labels
##
honorLabels: false

4
metallb-system/helmrelease-metallb.yaml
View File

@ -7,10 +7,10 @@ spec:
chart: chart:
spec: spec:
chart: metallb chart: metallb
version: 2.x version: 0.11.0
sourceRef: sourceRef:
kind: HelmRepository kind: HelmRepository
name: bitnami name: metallb
namespace: flux-system namespace: flux-system
interval: 15m interval: 15m
timeout: 5m timeout: 5m