github/kubevela
1
0
Fork 0
mirror of https://github.com/kubevela/kubevela.git synced 2026-02-14 10:00:06 +00:00
Code Issues Packages Projects Releases Wiki Activity

add manual test for containerized and metricsTrait

Browse Source
This commit is contained in:
Ryan Zhang
2020-09-02 21:16:44 -07:00
parent fe05ee22de
commit 8597a122fb
69 changed files with 206 additions and 59007 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5424
charts/third_party/cert-manager/cert-manager.yaml vendored
View File

File diff suppressed because it is too large Load Diff

19447
charts/third_party/cert-manager/cert-manager.yaml.1 vendored
View File

File diff suppressed because it is too large Load Diff

19447
charts/third_party/cert-manager/cert-manager.yaml.2 vendored
View File

File diff suppressed because it is too large Load Diff

13
charts/third_party/cert-manager/owner-ref.patch vendored
View File

@@ -1,13 +0,0 @@
6206@6207,1
diff --git a/third_party/cert-manager-0.12.0/cert-manager.yaml b/third_party/cert-manager-0.12.0/cert-manager.yaml
index 1ee179c02..0a96ed86b 100644
--- a/third_party/cert-manager-0.12.0/cert-manager.yaml
+++ b/third_party/cert-manager-0.12.0/cert-manager.yaml
@@ -6206,6 +6206,7 @@ spec:
- --webhook-ca-secret=cert-manager-webhook-ca
- --webhook-serving-secret=cert-manager-webhook-tls
- --webhook-dns-names=cert-manager-webhook,cert-manager-webhook.cert-manager,cert-manager-webhook.cert-manager.svc
+ - --enable-certificate-owner-ref
ports:
- containerPort: 9402
protocol: TCP

4
charts/third_party/grafana/download-grafana.sh vendored Normal file
View File

@@ -0,0 +1,4 @@
#!/bin/bash
# Download and unpack operator Lifecycle Manager (coreos)
curl -sL https://github.com/operator-framework/operator-lifecycle-manager/releases/download/0.15.1/install.sh | bash -s 0.15.1

24
charts/third_party/grafana/grafana-operator.yaml vendored Normal file
View File

@@ -0,0 +1,24 @@
apiVersion: v1
kind: Namespace
metadata:
name: my-grafana-operator
---
apiVersion: operators.coreos.com/v1
kind: OperatorGroup
metadata:
name: operatorgroup
namespace: my-grafana-operator
spec:
targetNamespaces:
- my-grafana-operator
---
apiVersion: operators.coreos.com/v1alpha1
kind: Subscription
metadata:
name: my-grafana-operator
namespace: my-grafana-operator
spec:
channel: alpha
name: grafana-operator
source: operatorhubio-catalog
sourceNamespace: olm

17
charts/third_party/istio-stable/README.md vendored
View File

@@ -1,17 +0,0 @@
The istio\*.yaml files are generated by running
```
./download-istio.sh
```
using Helm v3.0.1.
The generated files are:
- istio-ci-no-mesh.yaml: used in our continuous testing of Knative with Istio
having sidecar disabled. This is also the setting that we use in our presubmit
tests.
- istio-ci-mesh.yaml: used in our continuous testing of Knative with Istio
having sidecar and mTLS enabled.
- istio-minimal.yaml: a minimal Istio installation used for development
purposes.

76
charts/third_party/istio-stable/download-istio.sh vendored
View File

@@ -1,76 +0,0 @@
#!/usr/bin/env bash
# Copyright 2019 The Knative Authors
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# Download and unpack Istio
ISTIO_VERSION=1.4.9
DOWNLOAD_URL=https://github.com/istio/istio/releases/download/${ISTIO_VERSION}/istio-${ISTIO_VERSION}-linux.tar.gz
wget --no-check-certificate $DOWNLOAD_URL
if [ $? != 0 ]; then
echo "Failed to download istio package"
exit 1
fi
tar xzf istio-${ISTIO_VERSION}-linux.tar.gz
( # subshell in downloaded directory
cd istio-${ISTIO_VERSION} || exit
# Create CRDs template
helm template --namespace=istio-system \
install/kubernetes/helm/istio-init \
`# Removing trailing whitespaces to make automation happy` \
| sed 's/[ \t]*$//' \
> ../istio-crds.yaml
# Create a custom cluster local gateway, based on the Istio custom-gateway template.
helm template --namespace=istio-system install/kubernetes/helm/istio --values ../values-extras.yaml \
`# Removing trailing whitespaces to make automation happy` \
| sed 's/[ \t]*$//' \
> ../istio-knative-extras.yaml
# A template with sidecar injection enabled.
helm template --namespace=istio-system install/kubernetes/helm/istio --values ../values.yaml \
`# Removing trailing whitespaces to make automation happy` \
| sed 's/[ \t]*$//' \
> ../istio-ci-mesh.yaml
# A lighter template, with just pilot/gateway.
# Based on install/kubernetes/helm/istio/values-istio-minimal.yaml
helm template --namespace=istio-system install/kubernetes/helm/istio --values ../values-lean.yaml \
`# Removing trailing whitespaces to make automation happy` \
| sed 's/[ \t]*$//' \
> ../istio-ci-no-mesh.yaml
# An even lighter template, with just pilot/gateway and small resource requests.
# Based on install/kubernetes/helm/istio/values-istio-minimal.yaml
helm template --namespace=istio-system install/kubernetes/helm/istio --values ../values-local.yaml \
`# Removing trailing whitespaces to make automation happy` \
| sed 's/[ \t]*$//' \
> ../istio-minimal.yaml
)
# Clean up.
rm -rf istio-${ISTIO_VERSION}
rm istio-${ISTIO_VERSION}-linux.tar.gz
# Add in the `istio-system` namespace to reduce number of commands.
patch istio-crds.yaml namespace.yaml.patch
patch istio-ci-mesh.yaml namespace.yaml.patch
patch istio-ci-no-mesh.yaml namespace.yaml.patch
patch istio-minimal.yaml namespace.yaml.patch
# Increase termination drain duration seconds.
patch -l istio-ci-mesh.yaml drain-seconds.yaml.patch

5
charts/third_party/istio-stable/drain-seconds.yaml.patch vendored
View File

@@ -1,5 +0,0 @@
820a821,824
> # PATCH #2: Increase termination drain duration.
> - name: TERMINATION_DRAIN_DURATION_SECONDS
> value: "20"
> # PATCH #2 ends.

3554
charts/third_party/istio-stable/istio-ci-mesh.yaml vendored
View File

File diff suppressed because one or more lines are too long

1737
charts/third_party/istio-stable/istio-ci-no-mesh.yaml vendored
View File

File diff suppressed because it is too large Load Diff

5255
charts/third_party/istio-stable/istio-crds.yaml vendored
View File

File diff suppressed because it is too large Load Diff

268
charts/third_party/istio-stable/istio-knative-extras.yaml vendored
View File

@@ -1,268 +0,0 @@
---
# Source: istio/charts/gateways/templates/serviceaccount.yaml
apiVersion: v1
kind: ServiceAccount
metadata:
name: cluster-local-gateway-service-account
namespace: istio-system
labels:
app: cluster-local-gateway
chart: gateways
heritage: Helm
release: RELEASE-NAME
---
# Source: istio/templates/serviceaccount.yaml
apiVersion: v1
kind: ServiceAccount
metadata:
name: istio-multi
namespace: istio-system
---
# Source: istio/templates/clusterrole.yaml
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: istio-reader
rules:
- apiGroups: ['']
resources: ['nodes', 'pods', 'services', 'endpoints', "replicationcontrollers"]
verbs: ['get', 'watch', 'list']
- apiGroups: ["extensions", "apps"]
resources: ["replicasets"]
verbs: ["get", "list", "watch"]
---
# Source: istio/templates/clusterrolebinding.yaml
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: istio-multi
labels:
chart: istio-1.4.9
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: istio-reader
subjects:
- kind: ServiceAccount
name: istio-multi
namespace: istio-system
---
# Source: istio/charts/gateways/templates/service.yaml
apiVersion: v1
kind: Service
metadata:
name: cluster-local-gateway
namespace: istio-system
annotations:
labels:
chart: gateways
heritage: Helm
release: RELEASE-NAME
app: cluster-local-gateway
istio: cluster-local-gateway
spec:
type: ClusterIP
selector:
release: RELEASE-NAME
app: cluster-local-gateway
istio: cluster-local-gateway
ports:
-
name: status-port
port: 15020
-
name: http2
port: 80
-
name: https
port: 443
---
# Source: istio/charts/gateways/templates/deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: cluster-local-gateway
namespace: istio-system
labels:
app: cluster-local-gateway
chart: gateways
heritage: Helm
istio: cluster-local-gateway
release: RELEASE-NAME
spec:
replicas: 1
selector:
matchLabels:
app: cluster-local-gateway
istio: cluster-local-gateway
strategy:
rollingUpdate:
maxSurge:
maxUnavailable:
template:
metadata:
labels:
app: cluster-local-gateway
chart: gateways
heritage: Helm
istio: cluster-local-gateway
release: RELEASE-NAME
annotations:
sidecar.istio.io/inject: "false"
spec:
serviceAccountName: cluster-local-gateway-service-account
containers:
- name: istio-proxy
image: "docker.io/istio/proxyv2:1.4.9"
imagePullPolicy: IfNotPresent
ports:
- containerPort: 15020
- containerPort: 80
- containerPort: 443
- containerPort: 15090
protocol: TCP
name: http-envoy-prom
args:
- proxy
- router
- --domain
- $(POD_NAMESPACE).svc.cluster.local
- --log_output_level=default:info
- --drainDuration
- '45s' #drainDuration
- --parentShutdownDuration
- '1m0s' #parentShutdownDuration
- --connectTimeout
- '10s' #connectTimeout
- --serviceCluster
- cluster-local-gateway
- --zipkinAddress
- zipkin:9411
- --proxyAdminPort
- "15000"
- --statusPort
- "15020"
- --controlPlaneAuthPolicy
- NONE
- --discoveryAddress
- istio-pilot:15010
readinessProbe:
failureThreshold: 30
httpGet:
path: /healthz/ready
port: 15020
scheme: HTTP
initialDelaySeconds: 1
periodSeconds: 2
successThreshold: 1
timeoutSeconds: 1
resources:
requests:
cpu: 10m
env:
- name: NODE_NAME
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: spec.nodeName
- name: POD_NAME
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: metadata.name
- name: POD_NAMESPACE
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: metadata.namespace
- name: INSTANCE_IP
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: status.podIP
- name: HOST_IP
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: status.hostIP
- name: SERVICE_ACCOUNT
valueFrom:
fieldRef:
fieldPath: spec.serviceAccountName
- name: ISTIO_META_POD_NAME
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: metadata.name
- name: ISTIO_META_CONFIG_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
- name: ISTIO_METAJSON_LABELS
value: |
{"app":"cluster-local-gateway","chart":"gateways","heritage":"Helm","istio":"cluster-local-gateway","release":"RELEASE-NAME"}
- name: ISTIO_META_CLUSTER_ID
value: "Kubernetes"
- name: SDS_ENABLED
value: "false"
- name: ISTIO_META_WORKLOAD_NAME
value: cluster-local-gateway
- name: ISTIO_META_OWNER
value: kubernetes://apis/apps/v1/namespaces/istio-system/deployments/cluster-local-gateway
volumeMounts:
- name: istio-certs
mountPath: /etc/certs
readOnly: true
- name: cluster-local-gateway-certs
mountPath: "/etc/istio/cluster-local-gateway-certs"
readOnly: true
- name: cluster-local-gateway-ca-certs
mountPath: "/etc/istio/cluster-local-gateway-ca-certs"
readOnly: true
volumes:
- name: istio-certs
secret:
secretName: istio.cluster-local-gateway-service-account
optional: true
- name: cluster-local-gateway-certs
secret:
secretName: "istio-cluster-local-gateway-certs"
optional: true
- name: cluster-local-gateway-ca-certs
secret:
secretName: "istio-cluster-local-gateway-ca-certs"
optional: true
affinity:
nodeAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
nodeSelectorTerms:
- matchExpressions:
- key: beta.kubernetes.io/arch
operator: In
values:
- "amd64"
- "ppc64le"
- "s390x"
preferredDuringSchedulingIgnoredDuringExecution:
- weight: 2
preference:
matchExpressions:
- key: beta.kubernetes.io/arch
operator: In
values:
- "amd64"
- weight: 2
preference:
matchExpressions:
- key: beta.kubernetes.io/arch
operator: In
values:
- "ppc64le"
- weight: 2
preference:
matchExpressions:
- key: beta.kubernetes.io/arch
operator: In
values:
- "s390x"

960
charts/third_party/istio-stable/istio-minimal.yaml vendored
View File

@@ -1,960 +0,0 @@
---
# PATCH #1: Creating the istio-system namespace.
apiVersion: v1
kind: Namespace
metadata:
name: istio-system
labels:
istio-injection: disabled
# PATCH #1 ends.
---
# Source: istio/templates/configmap.yaml
apiVersion: v1
kind: ConfigMap
metadata:
name: istio
namespace: istio-system
labels:
app: istio
chart: istio
heritage: Helm
release: RELEASE-NAME
data:
mesh: |-
# Set the following variable to true to disable policy checks by Mixer.
# Note that metrics will still be reported to Mixer.
disablePolicyChecks: true
disableMixerHttpReports: false
# reportBatchMaxEntries is the number of requests that are batched before telemetry data is sent to the mixer server
reportBatchMaxEntries: 100
# reportBatchMaxTime is the max waiting time before the telemetry data of a request is sent to the mixer server
reportBatchMaxTime: 1s
# Set enableTracing to false to disable request tracing.
enableTracing: true
# Set accessLogFile to empty string to disable access log.
accessLogFile: "/dev/stdout"
# If accessLogEncoding is TEXT, value will be used directly as the log format
# example: "[%START_TIME%] %REQ(:METHOD)% %REQ(X-ENVOY-ORIGINAL-PATH?:PATH)% %PROTOCOL%\n"
# If AccessLogEncoding is JSON, value will be parsed as map[string]string
# example: '{"start_time": "%START_TIME%", "req_method": "%REQ(:METHOD)%"}'
# Leave empty to use default log format
accessLogFormat: ""
# Set accessLogEncoding to JSON or TEXT to configure sidecar access log
accessLogEncoding: 'JSON'
enableEnvoyAccessLogService: false
# Let Pilot give ingresses the public IP of the Istio ingressgateway
ingressService: istio-ingressgateway
# Default connect timeout for dynamic clusters generated by Pilot and returned via XDS
connectTimeout: 10s
# Automatic protocol detection uses a set of heuristics to
# determine whether the connection is using TLS or not (on the
# server side), as well as the application protocol being used
# (e.g., http vs tcp). These heuristics rely on the client sending
# the first bits of data. For server first protocols like MySQL,
# MongoDB, etc., Envoy will timeout on the protocol detection after
# the specified period, defaulting to non mTLS plain TCP
# traffic. Set this field to tweak the period that Envoy will wait
# for the client to send the first bits of data. (MUST BE >=1ms)
protocolDetectionTimeout: 100ms
# DNS refresh rate for Envoy clusters of type STRICT_DNS
dnsRefreshRate: 300s
# Unix Domain Socket through which envoy communicates with NodeAgent SDS to get
# key/cert for mTLS. Use secret-mount files instead of SDS if set to empty.
sdsUdsPath: ""
# The trust domain corresponds to the trust root of a system.
# Refer to https://github.com/spiffe/spiffe/blob/master/standards/SPIFFE-ID.md#21-trust-domain
trustDomain: ""
# The trust domain aliases represent the aliases of trust_domain.
# For example, if we have
# trustDomain: td1
# trustDomainAliases: [“td2”, "td3"]
# Any service with the identity "td1/ns/foo/sa/a-service-account", "td2/ns/foo/sa/a-service-account",
# or "td3/ns/foo/sa/a-service-account" will be treated the same in the Istio mesh.
trustDomainAliases:
# If true, automatically configure client side mTLS settings to match the corresponding service's
# server side mTLS authentication policy, when destination rule for that service does not specify
# TLS settings.
enableAutoMtls: false
# Set the default behavior of the sidecar for handling outbound traffic from the application:
# ALLOW_ANY - outbound traffic to unknown destinations will be allowed, in case there are no
# services or ServiceEntries for the destination port
# REGISTRY_ONLY - restrict outbound traffic to services defined in the service registry as well
# as those defined through ServiceEntries
outboundTrafficPolicy:
mode: ALLOW_ANY
localityLbSetting:
enabled: true
# The namespace to treat as the administrative root namespace for istio
# configuration.
rootNamespace: istio-system
# Configures DNS certificates provisioned through Chiron linked into Pilot.
certificates:
[]
defaultConfig:
#
# TCP connection timeout between Envoy & the application, and between Envoys. Used for static clusters
# defined in Envoy's configuration file
connectTimeout: 10s
#
### ADVANCED SETTINGS #############
# Where should envoy's configuration be stored in the istio-proxy container
configPath: "/etc/istio/proxy"
binaryPath: "/usr/local/bin/envoy"
# The pseudo service name used for Envoy.
serviceCluster: istio-proxy
# These settings that determine how long an old Envoy
# process should be kept alive after an occasional reload.
drainDuration: 45s
parentShutdownDuration: 1m0s
#
# The mode used to redirect inbound connections to Envoy. This setting
# has no effect on outbound traffic: iptables REDIRECT is always used for
# outbound connections.
# If "REDIRECT", use iptables REDIRECT to NAT and redirect to Envoy.
# The "REDIRECT" mode loses source addresses during redirection.
# If "TPROXY", use iptables TPROXY to redirect to Envoy.
# The "TPROXY" mode preserves both the source and destination IP
# addresses and ports, so that they can be used for advanced filtering
# and manipulation.
# The "TPROXY" mode also configures the sidecar to run with the
# CAP_NET_ADMIN capability, which is required to use TPROXY.
#interceptionMode: REDIRECT
#
# Port where Envoy listens (on local host) for admin commands
# You can exec into the istio-proxy container in a pod and
# curl the admin port (curl http://localhost:15000/) to obtain
# diagnostic information from Envoy. See
# https://lyft.github.io/envoy/docs/operations/admin.html
# for more details
proxyAdminPort: 15000
#
# Set concurrency to a specific number to control the number of Proxy worker threads.
# If set to 0 (default), then start worker thread for each CPU thread/core.
concurrency: 2
#
tracing:
zipkin:
# Address of the Zipkin collector
address: zipkin.istio-system:9411
#
# Mutual TLS authentication between sidecars and istio control plane.
controlPlaneAuthPolicy: NONE
#
# Address where istio Pilot service is running
discoveryAddress: istio-pilot.istio-system:15010
# Configuration file for the mesh networks to be used by the Split Horizon EDS.
meshNetworks: |-
networks: {}
---
# Source: istio/charts/gateways/templates/serviceaccount.yaml
apiVersion: v1
kind: ServiceAccount
metadata:
name: cluster-local-gateway-service-account
namespace: istio-system
labels:
app: cluster-local-gateway
chart: gateways
heritage: Helm
release: RELEASE-NAME
---
# Source: istio/charts/gateways/templates/serviceaccount.yaml
apiVersion: v1
kind: ServiceAccount
metadata:
name: istio-ingressgateway-service-account
namespace: istio-system
labels:
app: istio-ingressgateway
chart: gateways
heritage: Helm
release: RELEASE-NAME
---
# Source: istio/charts/pilot/templates/serviceaccount.yaml
apiVersion: v1
kind: ServiceAccount
metadata:
name: istio-pilot-service-account
namespace: istio-system
labels:
app: pilot
chart: pilot
heritage: Helm
release: RELEASE-NAME
---
# Source: istio/templates/serviceaccount.yaml
apiVersion: v1
kind: ServiceAccount
metadata:
name: istio-multi
namespace: istio-system
---
# Source: istio/charts/pilot/templates/clusterrole.yaml
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: istio-pilot-istio-system
labels:
app: pilot
chart: pilot
heritage: Helm
release: RELEASE-NAME
rules:
- apiGroups: ["config.istio.io"]
resources: ["*"]
verbs: ["*"]
- apiGroups: ["rbac.istio.io"]
resources: ["*"]
verbs: ["get", "watch", "list"]
- apiGroups: ["security.istio.io"]
resources: ["*"]
verbs: ["get", "watch", "list"]
- apiGroups: ["networking.istio.io"]
resources: ["*"]
verbs: ["*"]
- apiGroups: ["authentication.istio.io"]
resources: ["*"]
verbs: ["*"]
- apiGroups: ["apiextensions.k8s.io"]
resources: ["customresourcedefinitions"]
verbs: ["*"]
- apiGroups: ["extensions"]
resources: ["ingresses", "ingresses/status"]
verbs: ["*"]
- apiGroups: [""]
resources: ["configmaps"]
verbs: ["create", "get", "list", "watch", "update"]
- apiGroups: [""]
resources: ["endpoints", "pods", "services", "namespaces", "nodes"]
verbs: ["get", "list", "watch"]
- apiGroups: [""]
resources: ["secrets"]
verbs: ["create", "get", "watch", "list", "update", "delete"]
- apiGroups: ["certificates.k8s.io"]
resources:
- "certificatesigningrequests"
- "certificatesigningrequests/approval"
- "certificatesigningrequests/status"
verbs: ["update", "create", "get", "delete"]
---
# Source: istio/templates/clusterrole.yaml
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: istio-reader
rules:
- apiGroups: ['']
resources: ['nodes', 'pods', 'services', 'endpoints', "replicationcontrollers"]
verbs: ['get', 'watch', 'list']
- apiGroups: ["extensions", "apps"]
resources: ["replicasets"]
verbs: ["get", "list", "watch"]
---
# Source: istio/charts/pilot/templates/clusterrolebinding.yaml
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: istio-pilot-istio-system
labels:
app: pilot
chart: pilot
heritage: Helm
release: RELEASE-NAME
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: istio-pilot-istio-system
subjects:
- kind: ServiceAccount
name: istio-pilot-service-account
namespace: istio-system
---
# Source: istio/templates/clusterrolebinding.yaml
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: istio-multi
labels:
chart: istio-1.4.9
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: istio-reader
subjects:
- kind: ServiceAccount
name: istio-multi
namespace: istio-system
---
# Source: istio/charts/gateways/templates/role.yaml
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
name: istio-ingressgateway-sds
namespace: istio-system
rules:
- apiGroups: [""]
resources: ["secrets"]
verbs: ["get", "watch", "list"]
---
# Source: istio/charts/gateways/templates/rolebindings.yaml
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
name: istio-ingressgateway-sds
namespace: istio-system
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: istio-ingressgateway-sds
subjects:
- kind: ServiceAccount
name: istio-ingressgateway-service-account
---
# Source: istio/charts/gateways/templates/service.yaml
apiVersion: v1
kind: Service
metadata:
name: cluster-local-gateway
namespace: istio-system
annotations:
labels:
chart: gateways
heritage: Helm
release: RELEASE-NAME
app: cluster-local-gateway
istio: cluster-local-gateway
spec:
type: ClusterIP
selector:
release: RELEASE-NAME
app: cluster-local-gateway
istio: cluster-local-gateway
ports:
-
name: status-port
port: 15020
-
name: http2
port: 80
-
name: https
port: 443
---
# Source: istio/charts/gateways/templates/service.yaml
apiVersion: v1
kind: Service
metadata:
name: istio-ingressgateway
namespace: istio-system
annotations:
labels:
chart: gateways
heritage: Helm
release: RELEASE-NAME
app: istio-ingressgateway
istio: ingressgateway
spec:
type: LoadBalancer
selector:
release: RELEASE-NAME
app: istio-ingressgateway
istio: ingressgateway
ports:
-
name: status-port
port: 15020
-
name: http2
port: 80
-
name: https
port: 443
---
# Source: istio/charts/pilot/templates/service.yaml
apiVersion: v1
kind: Service
metadata:
name: istio-pilot
namespace: istio-system
labels:
app: pilot
chart: pilot
heritage: Helm
release: RELEASE-NAME
istio: pilot
spec:
ports:
- port: 15010
name: grpc-xds # direct
- port: 15011
name: https-xds # mTLS
- port: 8080
name: http-legacy-discovery # direct
- port: 15014
name: http-monitoring
selector:
istio: pilot
---
# Source: istio/charts/gateways/templates/deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: istio-ingressgateway
namespace: istio-system
labels:
app: istio-ingressgateway
chart: gateways
heritage: Helm
istio: ingressgateway
release: RELEASE-NAME
spec:
replicas: 1
selector:
matchLabels:
app: istio-ingressgateway
istio: ingressgateway
strategy:
rollingUpdate:
maxSurge: 100%
maxUnavailable: 25%
template:
metadata:
labels:
app: istio-ingressgateway
chart: gateways
heritage: Helm
istio: ingressgateway
release: RELEASE-NAME
annotations:
sidecar.istio.io/inject: "false"
spec:
serviceAccountName: istio-ingressgateway-service-account
containers:
- name: ingress-sds
image: "docker.io/istio/node-agent-k8s:1.4.9"
imagePullPolicy: IfNotPresent
resources:
limits:
cpu: 2000m
memory: 1024Mi
requests:
cpu: 100m
memory: 128Mi
env:
- name: "ENABLE_WORKLOAD_SDS"
value: "false"
- name: "ENABLE_INGRESS_GATEWAY_SDS"
value: "true"
- name: "INGRESS_GATEWAY_NAMESPACE"
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: metadata.namespace
volumeMounts:
- name: ingressgatewaysdsudspath
mountPath: /var/run/ingress_gateway
- name: istio-proxy
image: "docker.io/istio/proxyv2:1.4.9"
imagePullPolicy: IfNotPresent
ports:
- containerPort: 15020
- containerPort: 80
- containerPort: 443
- containerPort: 15090
protocol: TCP
name: http-envoy-prom
args:
- proxy
- router
- --domain
- $(POD_NAMESPACE).svc.cluster.local
- --log_output_level=default:info
- --drainDuration
- '45s' #drainDuration
- --parentShutdownDuration
- '1m0s' #parentShutdownDuration
- --connectTimeout
- '10s' #connectTimeout
- --serviceCluster
- istio-ingressgateway
- --zipkinAddress
- zipkin:9411
- --proxyAdminPort
- "15000"
- --statusPort
- "15020"
- --controlPlaneAuthPolicy
- NONE
- --discoveryAddress
- istio-pilot:15010
readinessProbe:
failureThreshold: 30
httpGet:
path: /healthz/ready
port: 15020
scheme: HTTP
initialDelaySeconds: 1
periodSeconds: 2
successThreshold: 1
timeoutSeconds: 1
resources:
limits:
cpu: 2000m
memory: 1024Mi
requests:
cpu: 100m
memory: 128Mi
env:
- name: NODE_NAME
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: spec.nodeName
- name: POD_NAME
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: metadata.name
- name: POD_NAMESPACE
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: metadata.namespace
- name: INSTANCE_IP
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: status.podIP
- name: HOST_IP
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: status.hostIP
- name: SERVICE_ACCOUNT
valueFrom:
fieldRef:
fieldPath: spec.serviceAccountName
- name: ISTIO_META_POD_NAME
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: metadata.name
- name: ISTIO_META_CONFIG_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
- name: ISTIO_METAJSON_LABELS
value: |
{"app":"istio-ingressgateway","chart":"gateways","heritage":"Helm","istio":"ingressgateway","release":"RELEASE-NAME"}
- name: ISTIO_META_CLUSTER_ID
value: "Kubernetes"
- name: SDS_ENABLED
value: "false"
- name: ISTIO_META_WORKLOAD_NAME
value: istio-ingressgateway
- name: ISTIO_META_OWNER
value: kubernetes://apis/apps/v1/namespaces/istio-system/deployments/istio-ingressgateway
- name: ISTIO_META_USER_SDS
value: "true"
- name: ISTIO_META_ROUTER_MODE
value: sni-dnat
volumeMounts:
- name: ingressgatewaysdsudspath
mountPath: /var/run/ingress_gateway
- name: istio-certs
mountPath: /etc/certs
readOnly: true
- name: ingressgateway-certs
mountPath: "/etc/istio/ingressgateway-certs"
readOnly: true
- name: ingressgateway-ca-certs
mountPath: "/etc/istio/ingressgateway-ca-certs"
readOnly: true
volumes:
- name: ingressgatewaysdsudspath
emptyDir: {}
- name: istio-certs
secret:
secretName: istio.istio-ingressgateway-service-account
optional: true
- name: ingressgateway-certs
secret:
secretName: "istio-ingressgateway-certs"
optional: true
- name: ingressgateway-ca-certs
secret:
secretName: "istio-ingressgateway-ca-certs"
optional: true
affinity:
nodeAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
nodeSelectorTerms:
- matchExpressions:
- key: beta.kubernetes.io/arch
operator: In
values:
- "amd64"
- "ppc64le"
- "s390x"
preferredDuringSchedulingIgnoredDuringExecution:
- weight: 2
preference:
matchExpressions:
- key: beta.kubernetes.io/arch
operator: In
values:
- "amd64"
- weight: 2
preference:
matchExpressions:
- key: beta.kubernetes.io/arch
operator: In
values:
- "ppc64le"
- weight: 2
preference:
matchExpressions:
- key: beta.kubernetes.io/arch
operator: In
values:
- "s390x"
---
# Source: istio/charts/gateways/templates/deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: cluster-local-gateway
namespace: istio-system
labels:
app: cluster-local-gateway
chart: gateways
heritage: Helm
istio: cluster-local-gateway
release: RELEASE-NAME
spec:
replicas: 1
selector:
matchLabels:
app: cluster-local-gateway
istio: cluster-local-gateway
strategy:
rollingUpdate:
maxSurge:
maxUnavailable:
template:
metadata:
labels:
app: cluster-local-gateway
chart: gateways
heritage: Helm
istio: cluster-local-gateway
release: RELEASE-NAME
annotations:
sidecar.istio.io/inject: "false"
spec:
serviceAccountName: cluster-local-gateway-service-account
containers:
- name: istio-proxy
image: "docker.io/istio/proxyv2:1.4.9"
imagePullPolicy: IfNotPresent
ports:
- containerPort: 15020
- containerPort: 80
- containerPort: 443
- containerPort: 15090
protocol: TCP
name: http-envoy-prom
args:
- proxy
- router
- --domain
- $(POD_NAMESPACE).svc.cluster.local
- --log_output_level=default:info
- --drainDuration
- '45s' #drainDuration
- --parentShutdownDuration
- '1m0s' #parentShutdownDuration
- --connectTimeout
- '10s' #connectTimeout
- --serviceCluster
- cluster-local-gateway
- --zipkinAddress
- zipkin:9411
- --proxyAdminPort
- "15000"
- --statusPort
- "15020"
- --controlPlaneAuthPolicy
- NONE
- --discoveryAddress
- istio-pilot:15010
readinessProbe:
failureThreshold: 30
httpGet:
path: /healthz/ready
port: 15020
scheme: HTTP
initialDelaySeconds: 1
periodSeconds: 2
successThreshold: 1
timeoutSeconds: 1
resources:
requests:
cpu: 100m
memory: 128Mi
env:
- name: NODE_NAME
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: spec.nodeName
- name: POD_NAME
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: metadata.name
- name: POD_NAMESPACE
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: metadata.namespace
- name: INSTANCE_IP
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: status.podIP
- name: HOST_IP
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: status.hostIP
- name: SERVICE_ACCOUNT
valueFrom:
fieldRef:
fieldPath: spec.serviceAccountName
- name: ISTIO_META_POD_NAME
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: metadata.name
- name: ISTIO_META_CONFIG_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
- name: ISTIO_METAJSON_LABELS
value: |
{"app":"cluster-local-gateway","chart":"gateways","heritage":"Helm","istio":"cluster-local-gateway","release":"RELEASE-NAME"}
- name: ISTIO_META_CLUSTER_ID
value: "Kubernetes"
- name: SDS_ENABLED
value: "false"
- name: ISTIO_META_WORKLOAD_NAME
value: cluster-local-gateway
- name: ISTIO_META_OWNER
value: kubernetes://apis/apps/v1/namespaces/istio-system/deployments/cluster-local-gateway
volumeMounts:
- name: istio-certs
mountPath: /etc/certs
readOnly: true
- name: cluster-local-gateway-certs
mountPath: "/etc/istio/cluster-local-gateway-certs"
readOnly: true
- name: cluster-local-gateway-ca-certs
mountPath: "/etc/istio/cluster-local-gateway-ca-certs"
readOnly: true
volumes:
- name: istio-certs
secret:
secretName: istio.cluster-local-gateway-service-account
optional: true
- name: cluster-local-gateway-certs
secret:
secretName: "istio-cluster-local-gateway-certs"
optional: true
- name: cluster-local-gateway-ca-certs
secret:
secretName: "istio-cluster-local-gateway-ca-certs"
optional: true
affinity:
nodeAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
nodeSelectorTerms:
- matchExpressions:
- key: beta.kubernetes.io/arch
operator: In
values:
- "amd64"
- "ppc64le"
- "s390x"
preferredDuringSchedulingIgnoredDuringExecution:
- weight: 2
preference:
matchExpressions:
- key: beta.kubernetes.io/arch
operator: In
values:
- "amd64"
- weight: 2
preference:
matchExpressions:
- key: beta.kubernetes.io/arch
operator: In
values:
- "ppc64le"
- weight: 2
preference:
matchExpressions:
- key: beta.kubernetes.io/arch
operator: In
values:
- "s390x"
---
# Source: istio/charts/pilot/templates/deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: istio-pilot
namespace: istio-system
# TODO: default template doesn't have this, which one is right ?
labels:
app: pilot
chart: pilot
heritage: Helm
release: RELEASE-NAME
istio: pilot
spec:
replicas: 1
strategy:
rollingUpdate:
maxSurge: 100%
maxUnavailable: 25%
selector:
matchLabels:
istio: pilot
template:
metadata:
labels:
app: pilot
chart: pilot
heritage: Helm
release: RELEASE-NAME
istio: pilot
annotations:
sidecar.istio.io/inject: "false"
spec:
serviceAccountName: istio-pilot-service-account
containers:
- name: discovery
image: "docker.io/istio/pilot:1.4.9"
imagePullPolicy: IfNotPresent
args:
- "discovery"
- --monitoringAddr=:15014
- --log_output_level=default:info
- --domain
- cluster.local
- --secureGrpcAddr
- ""
- --keepaliveMaxServerConnectionAge
- "30m"
ports:
- containerPort: 8080
- containerPort: 15010
- containerPort: 15011
readinessProbe:
httpGet:
path: /ready
port: 8080
initialDelaySeconds: 5
periodSeconds: 5
timeoutSeconds: 5
env:
- name: POD_NAME
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: metadata.name
- name: POD_NAMESPACE
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: metadata.namespace
- name: PILOT_PUSH_THROTTLE
value: "100"
- name: PILOT_TRACE_SAMPLING
value: "100"
- name: PILOT_ENABLE_PROTOCOL_SNIFFING_FOR_OUTBOUND
value: "true"
- name: PILOT_ENABLE_PROTOCOL_SNIFFING_FOR_INBOUND
value: "false"
resources:
requests:
cpu: 100m
memory: 128Mi
volumeMounts:
- name: config-volume
mountPath: /etc/istio/config
- name: istio-certs
mountPath: /etc/certs
readOnly: true
volumes:
- name: config-volume
configMap:
name: istio
- name: istio-certs
secret:
secretName: istio.istio-pilot-service-account
optional: true
affinity:
nodeAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
nodeSelectorTerms:
- matchExpressions:
- key: beta.kubernetes.io/arch
operator: In
values:
- "amd64"
- "ppc64le"
- "s390x"
preferredDuringSchedulingIgnoredDuringExecution:
- weight: 2
preference:
matchExpressions:
- key: beta.kubernetes.io/arch
operator: In
values:
- "amd64"
- weight: 2
preference:
matchExpressions:
- key: beta.kubernetes.io/arch
operator: In
values:
- "ppc64le"
- weight: 2
preference:
matchExpressions:
- key: beta.kubernetes.io/arch
operator: In
values:
- "s390x"

10
charts/third_party/istio-stable/namespace.yaml.patch vendored
View File

@@ -1,10 +0,0 @@
1a2,10
> # PATCH #1: Creating the istio-system namespace.
> apiVersion: v1
> kind: Namespace
> metadata:
> name: istio-system
> labels:
> istio-injection: disabled
> # PATCH #1 ends.
> ---

86
charts/third_party/istio-stable/values-extras.yaml vendored
View File

@@ -1,86 +0,0 @@
global:
proxy:
# Enable proxy to write access log to /dev/stdout.
accessLogFile: "/dev/stdout"
autoInject: disabled
disablePolicyChecks: true
omitSidecarInjectorConfigMap: true
defaultPodDisruptionBudget:
enabled: false
useMCP: false
sidecarInjectorWebhook:
enabled: false
enableNamespacesByDefault: false
gateways:
enabled: true
istio-ingressgateway:
enabled: false
istio-egressgateway:
enabled: false
istio-ilbgateway:
enabled: false
cluster-local-gateway:
enabled: true
labels:
app: cluster-local-gateway
istio: cluster-local-gateway
replicaCount: 1
autoscaleMin: 1
autoscaleMax: 1
resources: {}
cpu:
targetAverageUtilization: 80
loadBalancerIP: ""
loadBalancerSourceRanges: {}
externalIPs: []
serviceAnnotations: {}
podAnnotations: {}
type: ClusterIP
ports:
- name: status-port
port: 15020
- name: http2
port: 80
- name: https
port: 443
secretVolumes:
- name: cluster-local-gateway-certs
secretName: istio-cluster-local-gateway-certs
mountPath: /etc/istio/cluster-local-gateway-certs
- name: cluster-local-gateway-ca-certs
secretName: istio-cluster-local-gateway-ca-certs
mountPath: /etc/istio/cluster-local-gateway-ca-certs
security:
enabled: false
galley:
enabled: false
mixer:
policy:
enabled: false
telemetry:
enabled: false
pilot:
enabled: false
grafana:
enabled: false
prometheus:
enabled: false
tracing:
enabled: false
kiali:
enabled: false
certmanager:
enabled: false

100
charts/third_party/istio-stable/values-lean.yaml vendored
View File

@@ -1,100 +0,0 @@
global:
proxy:
# Enable proxy to write access log to /dev/stdout.
accessLogFile: "/dev/stdout"
accessLogEncoding: 'JSON'
autoInject: disabled
disablePolicyChecks: true
omitSidecarInjectorConfigMap: true
defaultPodDisruptionBudget:
enabled: false
useMCP: false
sidecarInjectorWebhook:
enabled: false
enableNamespacesByDefault: false
gateways:
istio-ingressgateway:
enabled: true
sds:
enabled: true
replicaCount: 2
autoscaleMin: 2
autoscaleMax: 5
resources:
requests:
cpu: 1000m
memory: 1024Mi
ports:
- name: status-port
port: 15020
- name: http2
port: 80
- port: 443
name: https
cluster-local-gateway:
enabled: true
labels:
app: cluster-local-gateway
istio: cluster-local-gateway
replicaCount: 2
autoscaleMin: 2
autoscaleMax: 5
resources:
requests:
cpu: 1000m
memory: 1024Mi
cpu:
targetAverageUtilization: 80
loadBalancerIP: ""
loadBalancerSourceRanges: {}
externalIPs: []
serviceAnnotations: {}
podAnnotations: {}
type: ClusterIP
ports:
- name: status-port
port: 15020
- name: http2
port: 80
- name: https
port: 443
secretVolumes:
- name: cluster-local-gateway-certs
secretName: istio-cluster-local-gateway-certs
mountPath: /etc/istio/cluster-local-gateway-certs
- name: cluster-local-gateway-ca-certs
secretName: istio-cluster-local-gateway-ca-certs
mountPath: /etc/istio/cluster-local-gateway-ca-certs
prometheus:
enabled: false
mixer:
enabled: false
policy:
enabled: false
telemetry:
enabled: false
adapters:
prometheus:
enabled: false
pilot:
traceSampling: 100
sidecar: false
autoscaleMin: 3
autoscaleMax: 10
cpu:
targetAverageUtilization: 60
resources:
requests:
cpu: 1000m
memory: 1024Mi
galley:
enabled: true
security:
enabled: true

91
charts/third_party/istio-stable/values-local.yaml vendored
View File

@@ -1,91 +0,0 @@
global:
proxy:
# Enable proxy to write access log to /dev/stdout.
accessLogFile: "/dev/stdout"
accessLogEncoding: 'JSON'
autoInject: disabled
disablePolicyChecks: true
omitSidecarInjectorConfigMap: true
defaultPodDisruptionBudget:
enabled: false
useMCP: false
sidecarInjectorWebhook:
enabled: false
enableNamespacesByDefault: false
gateways:
istio-ingressgateway:
enabled: true
sds:
enabled: true
autoscaleEnabled: false
resources:
requests:
cpu: 100m
memory: 128Mi
ports:
- name: status-port
port: 15020
- name: http2
port: 80
- port: 443
name: https
cluster-local-gateway:
enabled: true
labels:
app: cluster-local-gateway
istio: cluster-local-gateway
autoscaleEnabled: false
resources:
requests:
cpu: 100m
memory: 128Mi
loadBalancerIP: ""
loadBalancerSourceRanges: {}
externalIPs: []
serviceAnnotations: {}
podAnnotations: {}
type: ClusterIP
ports:
- name: status-port
port: 15020
- name: http2
port: 80
- name: https
port: 443
secretVolumes:
- name: cluster-local-gateway-certs
secretName: istio-cluster-local-gateway-certs
mountPath: /etc/istio/cluster-local-gateway-certs
- name: cluster-local-gateway-ca-certs
secretName: istio-cluster-local-gateway-ca-certs
mountPath: /etc/istio/cluster-local-gateway-ca-certs
prometheus:
enabled: false
mixer:
enabled: false
policy:
enabled: false
telemetry:
enabled: false
adapters:
prometheus:
enabled: false
pilot:
traceSampling: 100
sidecar: false
autoscaleEnabled: false
resources:
requests:
cpu: 100m
memory: 128Mi
galley:
enabled: false
security:
enabled: false

88
charts/third_party/istio-stable/values.yaml vendored
View File

@@ -1,88 +0,0 @@
global:
proxy:
# Enable proxy to write access log to /dev/stdout.
accessLogFile: "/dev/stdout"
accessLogEncoding: 'JSON'
autoInject: enabled
disablePolicyChecks: true
sidecarInjectorWebhook:
enabled: true
enableNamespacesByDefault: false
rewriteAppHTTPProbe: true
gateways:
istio-ingressgateway:
enabled: true
sds:
enabled: true
replicaCount: 2
autoscaleMin: 2
autoscaleMax: 4
resources:
limits:
cpu: 3000m
memory: 2048Mi
requests:
cpu: 3000m
memory: 2048Mi
ports:
- name: status-port
port: 15020
- name: http2
port: 80
- port: 443
name: https
cluster-local-gateway:
enabled: true
labels:
app: cluster-local-gateway
istio: cluster-local-gateway
replicaCount: 2
autoscaleMin: 2
autoscaleMax: 4
resources:
requests:
cpu: 250m
memory: 256Mi
cpu:
targetAverageUtilization: 80
loadBalancerIP: ""
loadBalancerSourceRanges: {}
externalIPs: []
serviceAnnotations: {}
podAnnotations: {}
type: ClusterIP
ports:
- name: status-port
port: 15020
- name: http2
port: 80
- name: https
port: 443
secretVolumes:
- name: cluster-local-gateway-certs
secretName: istio-cluster-local-gateway-certs
mountPath: /etc/istio/cluster-local-gateway-certs
- name: cluster-local-gateway-ca-certs
secretName: istio-cluster-local-gateway-ca-certs
mountPath: /etc/istio/cluster-local-gateway-ca-certs
prometheus:
enabled: false
mixer:
adapters:
prometheus:
enabled: false
pilot:
traceSampling: 100
autoscaleMin: 3
autoscaleMax: 10
cpu:
targetAverageUtilization: 60
resources:
requests:
cpu: 3000m
memory: 2048Mi

0
charts/vela/.helmignore → charts/vela-core/.helmignore
View File

2
charts/vela/Chart.yaml → charts/vela-core/Chart.yaml
View File

@@ -1,5 +1,5 @@
apiVersion: v2
name: vela
name: vela-core
description: A Helm chart for Kubernetes
# A chart can be either an 'application' or a 'library' chart.

0
charts/vela/crds/core.oam.dev_applicationconfigurations.yaml → charts/vela-core/crds/core.oam.dev_applicationconfigurations.yaml
View File

0
charts/vela/crds/core.oam.dev_components.yaml → charts/vela-core/crds/core.oam.dev_components.yaml
View File

0
charts/vela/crds/core.oam.dev_containerizedworkloads.yaml → charts/vela-core/crds/core.oam.dev_containerizedworkloads.yaml
View File

0
charts/vela/crds/core.oam.dev_healthscopes.yaml → charts/vela-core/crds/core.oam.dev_healthscopes.yaml
View File

0
charts/vela/crds/core.oam.dev_manualscalertraits.yaml → charts/vela-core/crds/core.oam.dev_manualscalertraits.yaml
View File

0
charts/vela/crds/core.oam.dev_scopedefinitions.yaml → charts/vela-core/crds/core.oam.dev_scopedefinitions.yaml
View File

0
charts/vela/crds/core.oam.dev_traitdefinitions.yaml → charts/vela-core/crds/core.oam.dev_traitdefinitions.yaml
View File

0
charts/vela/crds/core.oam.dev_workloaddefinitions.yaml → charts/vela-core/crds/core.oam.dev_workloaddefinitions.yaml
View File

0
charts/vela/crds/standard.oam.dev_containerizeds.yaml → charts/vela-core/crds/standard.oam.dev_containerizeds.yaml
View File

0
charts/vela/crds/standard.oam.dev_metricstraits.yaml → charts/vela-core/crds/standard.oam.dev_metricstraits.yaml
View File

0
charts/vela/templates/NOTES.txt → charts/vela-core/templates/NOTES.txt
View File

0
charts/vela/templates/_helpers.tpl → charts/vela-core/templates/_helpers.tpl
View File

2
charts/vela/templates/backends.yaml → charts/vela-core/templates/backends.yaml
View File

@@ -7,7 +7,7 @@ metadata:
definition.oam.dev/kind: "ContainerizedWorkload"
spec:
definitionRef:
name: containerizedworkloads.core.oam.dev
name: containerizeds.standard.oam.dev
childResourceKinds:
- apiVersion: apps/v1
kind: Deployment

43
charts/vela-core/templates/containerized.yaml Normal file
View File

@@ -0,0 +1,43 @@
apiVersion: core.oam.dev/v1alpha2
kind: WorkloadDefinition
metadata:
name: containerizeds.standard.oam.dev
annotations:
definition.oam.dev/apiVersion: "core.oam.dev/v1alpha2"
definition.oam.dev/kind: "ContainerizedWorkload"
spec:
definitionRef:
name: containerizeds.standard.oam.dev
childResourceKinds:
- apiVersion: apps/v1
kind: Deployment
- apiVersion: v1
kind: Service
extension:
template: |
#Template: {
apiVersion: "core.oam.dev/v1alpha2"
kind: "ContainerizedWorkload"
metadata:
name: containerized.name
spec: {
containers: [{
image: containerized.image
name: containerized.name
ports: [{
containerPort: containerized.port
protocol: "TCP"
name: "default"
}]
}]
}
}
containerized: {
name: string
// +usage=specify app image
// +short=i
image: string
// +usage=specify port for container
// +short=p
port: *6379 | int
}

0
charts/vela/templates/healthscopes.yaml → charts/vela-core/templates/healthscopes.yaml
View File

0
charts/vela/templates/ingress.yaml → charts/vela-core/templates/ingress.yaml
View File

0
charts/vela/templates/kubevela-controller.yaml → charts/vela-core/templates/kubevela-controller.yaml
View File

0
charts/vela/templates/manualscalars.yaml → charts/vela-core/templates/manualscalars.yaml
View File

41
charts/vela-core/templates/metricstraits.yaml Normal file
View File

@@ -0,0 +1,41 @@
apiVersion: core.oam.dev/v1alpha2
kind: TraitDefinition
metadata:
name: metricstraits.standard.oam.dev
spec:
appliesToWorkloads:
- containerizedworkloads.core.oam.dev
- clonesetworkloads.apps.kruise.io
- deployments.apps
- statefulsets.apps
definitionRef:
name: metricstraits.standard.oam.dev
workloadRefPath: spec.workloadRef
extension:
template: |
#Template: {
apiVersion: "standard.oam.dev/v1alpha1"
kind: "MetricsTrait"
metadata:
name: metricstraits.name
spec: {
containers: [{
image: containerized.image
name: containerized.name
ports: [{
containerPort: containerized.port
protocol: "TCP"
name: "default"
}]
}]
}
}
containerized: {
name: string
// +usage=specify app image
// +short=i
image: string
// +usage=specify port for container
// +short=p
port: *6379 | int
}

0
charts/vela/templates/tasks.yaml → charts/vela-core/templates/tasks.yaml
View File

0
charts/vela/templates/tests/test-connection.yaml → charts/vela-core/templates/tests/test-connection.yaml
View File

0
charts/vela/templates/webhook.yaml → charts/vela-core/templates/webhook.yaml
View File

5
charts/vela/templates/webservices.yaml → charts/vela-core/templates/webservices.yaml
View File

@@ -7,7 +7,7 @@ metadata:
definition.oam.dev/kind: "ContainerizedWorkload"
spec:
definitionRef:
name: containerizedworkloads.core.oam.dev
name: containerizeds.standard.oam.dev
childResourceKinds:
- apiVersion: apps/v1
kind: Deployment
@@ -18,7 +18,8 @@ spec:
#Template: {
apiVersion: "core.oam.dev/v1alpha2"
kind: "ContainerizedWorkload"
metadata: name: containerized.name
metadata:
name: containerized.name
spec: {
containers: [{
image: containerized.image

0
charts/vela/values.yaml → charts/vela-core/values.yaml
View File

34
config/samples/metrics-demo/definitions.yaml
View File

@@ -1,34 +0,0 @@
apiVersion: core.oam.dev/v1alpha2
kind: WorkloadDefinition
metadata:
name: deployments.apps
spec:
definitionRef:
name: deployments.apps
---
apiVersion: core.oam.dev/v1alpha2
kind: TraitDefinition
metadata:
name: services
spec:
appliesToWorkloads:
- containerizedworkloads.core.oam.dev
- deployments.apps
- statefulsets.apps
definitionRef:
name: services
---
apiVersion: core.oam.dev/v1alpha2
kind: TraitDefinition
metadata:
name: metricstraits.standard.oam.dev
spec:
appliesToWorkloads:
- containerizedworkloads.core.oam.dev
- clonesetworkloads.apps.kruise.io
- deployments.apps
- statefulsets.apps
definitionRef:
name: metricstraits.standard.oam.dev
workloadRefPath: spec.workloadRef

28
config/samples/metrics-demo/metrics-component.yaml
View File

@@ -1,28 +0,0 @@
apiVersion: core.oam.dev/v1alpha2
kind: Component
metadata:
name: metrics-application
spec:
workload:
apiVersion: apps/v1
kind: Deployment
metadata:
name: metrics-app
labels:
app: metrics-app
spec:
replicas: 1
selector:
matchLabels:
app: metrics-app
template:
metadata:
labels:
app: metrics-app
spec:
containers:
- image: christianhxc/gorandom:1.0
name: metrics-provider
ports:
- name: http
containerPort: 8080

7
config/samples/metrics-demo/prometheus/grafana-oam-datasource.yaml
View File

@@ -1,7 +0,0 @@
grafana:
additionalDataSources:
- name: Prometheus-OAM
type: prometheus
url: http://prometheus-oam:4848/
access: proxy
isDefault: false

11
config/samples/metrics-demo/README.md → documentation/samples/metrics-demo/README.md
View File

@@ -7,19 +7,16 @@ This example show case how one can use a metricsTrait to add prometheus monitori
```shell script
kubectl apply -f charts/third_party/cert-manager
kubectl apply -f charts/third_party/prometheus
## install OAM Prometheus instance
kubectl apply -f config/oam/prometheus-oam.yaml
make docker-build
kubectl create ns vela-system
helm install kube --namespace vela-system charts/vela/
```
## Install OAM Prometheus
```shell script
kubectl apply -f config/oam/prometheus-oam.yaml
helm install kube --namespace vela-system charts/vela-core/
```
## Run ApplicationConfiguration
```shell script
kubectl apply -f config/samples/application/
kubectl apply -f documentation/samples/metrics-demo/
workloaddefinition.core.oam.dev/deployments.apps created
traitdefinition.core.oam.dev/services created
traitdefinition.core.oam.dev/metricstraits.standard.oam.dev created

7
config/samples/metrics-demo/sample-applicationconfiguration.yaml → documentation/samples/metrics-demo/appConfig.yaml
View File

@@ -16,6 +16,13 @@ spec:
path: "/metrics"
scheme: "http"
enabled: true
- trait:
apiVersion: core.oam.dev/v1alpha2
kind: ManualScalerTrait
metadata:
name: example-appconfig-trait
spec:
replicaCount: 3
- componentName: metrics-application
traits:
- trait:

0
config/samples/metrics-demo/autoscale-component.yaml → documentation/samples/metrics-demo/autoscale-component.yaml
View File

17
documentation/samples/metrics-demo/dashboard/grafana-oam-datasource.yaml Normal file
View File

@@ -0,0 +1,17 @@
apiVersion: integreatly.org/v1alpha1
kind: GrafanaDataSource
metadata:
name: oam-grafanadatasource
spec:
name: middleware.yaml
datasources:
- name: Prometheus-OAM
type: prometheus
access: proxy
url: http://prometheus-oam:4848/
isDefault: false
version: 1
editable: false
jsonData:
tlsSkipVerify: true
timeInterval: "5s"

0
config/samples/metrics-demo/dashboard/OAM-Workload-Dashboard.yaml → documentation/samples/metrics-demo/dashboard/workload-dashboard.yaml
View File

19
documentation/samples/metrics-demo/definitions.yaml Normal file
View File

@@ -0,0 +1,19 @@
apiVersion: core.oam.dev/v1alpha2
kind: WorkloadDefinition
metadata:
name: deployments.apps
spec:
definitionRef:
name: deployments.apps
---
apiVersion: core.oam.dev/v1alpha2
kind: TraitDefinition
metadata:
name: services
spec:
appliesToWorkloads:
- containerizedworkloads.core.oam.dev
- deployments.apps
- statefulsets.apps
definitionRef:
name: services

21
documentation/samples/metrics-demo/metrics-component.yaml Normal file
View File

@@ -0,0 +1,21 @@
apiVersion: core.oam.dev/v1alpha2
kind: Component
metadata:
name: metrics-application
spec:
workload:
apiVersion: standard.oam.dev/v1alpha1
kind: Containerized
metadata:
name: metrics-app
labels:
app: metrics-app
spec:
replicas: 2
podSpec:
containers:
- image: christianhxc/gorandom:1.0
name: metrics-provider
ports:
- name: http
containerPort: 8080

0
config/samples/metrics-demo/prometheus/prometheus-oam.yaml → documentation/samples/metrics-demo/prometheus/prometheus-oam.yaml
View File

498
hack/crds/core.oam.dev_applicationconfigurations.yaml
View File

@@ -1,498 +0,0 @@
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.2.4
creationTimestamp: null
name: applicationconfigurations.core.oam.dev
spec:
group: core.oam.dev
names:
categories:
- crossplane
- oam
kind: ApplicationConfiguration
listKind: ApplicationConfigurationList
plural: applicationconfigurations
shortNames:
- appconfig
singular: applicationconfiguration
scope: Namespaced
versions:
- name: v1alpha2
schema:
openAPIV3Schema:
description: An ApplicationConfiguration represents an OAM application.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: An ApplicationConfigurationSpec defines the desired state
of a ApplicationConfiguration.
properties:
components:
description: Components of which this ApplicationConfiguration consists.
Each component will be used to instantiate a workload.
items:
description: An ApplicationConfigurationComponent specifies a component
of an ApplicationConfiguration. Each component is used to instantiate
a workload.
properties:
componentName:
description: ComponentName specifies a component whose latest
revision will be bind with ApplicationConfiguration. When
the spec of the referenced component changes, ApplicationConfiguration
will automatically migrate all trait affect from the prior
revision to the new one. This is mutually exclusive with RevisionName.
type: string
dataInputs:
description: DataInputs specify the data input sinks into this
component.
items:
description: DataInput specifies a data input sink to an object.
If input is array, it will be appended to the target field
paths.
properties:
toFieldPaths:
description: ToFieldPaths specifies the field paths of
an object to fill passed value.
items:
type: string
type: array
valueFrom:
description: ValueFrom specifies the value source.
properties:
dataOutputName:
description: DataOutputName matches a name of a DataOutput
in the same AppConfig.
type: string
required:
- dataOutputName
type: object
type: object
type: array
dataOutputs:
description: DataOutputs specify the data output sources from
this component.
items:
description: DataOutput specifies a data output source from
an object.
properties:
conditions:
description: Conditions specify the conditions that should
be satisfied before emitting a data output. Different
conditions are AND-ed together. If no conditions is
specified, it is by default to check output value not
empty.
items:
description: ConditionRequirement specifies the requirement
to match a value.
properties:
fieldPath:
type: string
op:
description: ConditionOperator specifies the operator
to match a value.
type: string
value:
type: string
required:
- op
- value
type: object
type: array
fieldPath:
description: FieldPath refers to the value of an object's
field.
type: string
name:
description: Name is the unique name of a DataOutput in
an ApplicationConfiguration.
type: string
type: object
type: array
parameterValues:
description: ParameterValues specify values for the the specified
component's parameters. Any parameter required by the component
must be specified.
items:
description: A ComponentParameterValue specifies a value for
a named parameter. The associated component must publish
a parameter with this name.
properties:
name:
description: Name of the component parameter to set.
type: string
value:
anyOf:
- type: integer
- type: string
description: Value to set.
x-kubernetes-int-or-string: true
required:
- name
- value
type: object
type: array
revisionName:
description: RevisionName of a specific component revision to
which to bind ApplicationConfiguration. This is mutually exclusive
with componentName.
type: string
scopes:
description: Scopes in which the specified component should
exist.
items:
description: A ComponentScope specifies a scope in which a
component should exist.
properties:
scopeRef:
description: A ScopeReference must refer to an OAM scope
resource.
properties:
apiVersion:
description: APIVersion of the referenced object.
type: string
kind:
description: Kind of the referenced object.
type: string
name:
description: Name of the referenced object.
type: string
uid:
description: UID of the referenced object.
type: string
required:
- apiVersion
- kind
- name
type: object
required:
- scopeRef
type: object
type: array
traits:
description: Traits of the specified component.
items:
description: A ComponentTrait specifies a trait that should
be applied to a component.
properties:
dataInputs:
description: DataInputs specify the data input sinks into
this trait.
items:
description: DataInput specifies a data input sink to
an object. If input is array, it will be appended
to the target field paths.
properties:
toFieldPaths:
description: ToFieldPaths specifies the field paths
of an object to fill passed value.
items:
type: string
type: array
valueFrom:
description: ValueFrom specifies the value source.
properties:
dataOutputName:
description: DataOutputName matches a name of
a DataOutput in the same AppConfig.
type: string
required:
- dataOutputName
type: object
type: object
type: array
dataOutputs:
description: DataOutputs specify the data output sources
from this trait.
items:
description: DataOutput specifies a data output source
from an object.
properties:
conditions:
description: Conditions specify the conditions that
should be satisfied before emitting a data output.
Different conditions are AND-ed together. If no
conditions is specified, it is by default to check
output value not empty.
items:
description: ConditionRequirement specifies the
requirement to match a value.
properties:
fieldPath:
type: string
op:
description: ConditionOperator specifies the
operator to match a value.
type: string
value:
type: string
required:
- op
- value
type: object
type: array
fieldPath:
description: FieldPath refers to the value of an
object's field.
type: string
name:
description: Name is the unique name of a DataOutput
in an ApplicationConfiguration.
type: string
type: object
type: array
trait:
description: A Trait that will be created for the component
type: object
x-kubernetes-embedded-resource: true
x-kubernetes-preserve-unknown-fields: true
required:
- trait
type: object
type: array
type: object
type: array
required:
- components
type: object
status:
description: An ApplicationConfigurationStatus represents the observed
state of a ApplicationConfiguration.
properties:
conditions:
description: Conditions of the resource.
items:
description: A Condition that may apply to a resource.
properties:
lastTransitionTime:
description: LastTransitionTime is the last time this condition
transitioned from one status to another.
format: date-time
type: string
message:
description: A Message containing details about this condition's
last transition from one status to another, if any.
type: string
reason:
description: A Reason for this condition's last transition from
one status to another.
type: string
status:
description: Status of this condition; is it currently True,
False, or Unknown?
type: string
type:
description: Type of this condition. At most one of each condition
type may apply to a resource at any point in time.
type: string
required:
- lastTransitionTime
- reason
- status
- type
type: object
type: array
dependency:
description: DependencyStatus represents the observed state of the
dependency of an ApplicationConfiguration.
properties:
unsatisfied:
items:
description: UnstaifiedDependency describes unsatisfied dependency
flow between one pair of objects.
properties:
from:
description: DependencyFromObject represents the object
that dependency data comes from.
properties:
apiVersion:
description: APIVersion of the referenced object.
type: string
fieldPath:
type: string
kind:
description: Kind of the referenced object.
type: string
name:
description: Name of the referenced object.
type: string
uid:
description: UID of the referenced object.
type: string
required:
- apiVersion
- kind
- name
type: object
to:
description: DependencyToObject represents the object that
dependency data goes to.
properties:
apiVersion:
description: APIVersion of the referenced object.
type: string
fieldPaths:
items:
type: string
type: array
kind:
description: Kind of the referenced object.
type: string
name:
description: Name of the referenced object.
type: string
uid:
description: UID of the referenced object.
type: string
required:
- apiVersion
- kind
- name
type: object
required:
- from
- to
type: object
type: array
type: object
status:
description: Status is a place holder for a customized controller
to fill if it needs a single place to summarize the status of the
entire application
type: string
workloads:
description: Workloads created by this ApplicationConfiguration.
items:
description: A WorkloadStatus represents the status of a workload.
properties:
componentName:
description: ComponentName that produced this workload.
type: string
componentRevisionName:
description: ComponentRevisionName of current component
type: string
scopes:
description: Scopes associated with this workload.
items:
description: A WorkloadScope represents a scope associated
with a workload and its status
properties:
scopeRef:
description: Reference to a scope created by an ApplicationConfiguration.
properties:
apiVersion:
description: APIVersion of the referenced object.
type: string
kind:
description: Kind of the referenced object.
type: string
name:
description: Name of the referenced object.
type: string
uid:
description: UID of the referenced object.
type: string
required:
- apiVersion
- kind
- name
type: object
status:
description: Status is a place holder for a customized
controller to fill if it needs a single place to summarize
the status of the scope
type: string
required:
- scopeRef
type: object
type: array
status:
description: Status is a place holder for a customized controller
to fill if it needs a single place to summarize the entire
status of the workload
type: string
traits:
description: Traits associated with this workload.
items:
description: A WorkloadTrait represents a trait associated
with a workload and its status
properties:
status:
description: Status is a place holder for a customized
controller to fill if it needs a single place to summarize
the status of the trait
type: string
traitRef:
description: Reference to a trait created by an ApplicationConfiguration.
properties:
apiVersion:
description: APIVersion of the referenced object.
type: string
kind:
description: Kind of the referenced object.
type: string
name:
description: Name of the referenced object.
type: string
uid:
description: UID of the referenced object.
type: string
required:
- apiVersion
- kind
- name
type: object
required:
- traitRef
type: object
type: array
workloadRef:
description: Reference to a workload created by an ApplicationConfiguration.
properties:
apiVersion:
description: APIVersion of the referenced object.
type: string
kind:
description: Kind of the referenced object.
type: string
name:
description: Name of the referenced object.
type: string
uid:
description: UID of the referenced object.
type: string
required:
- apiVersion
- kind
- name
type: object
type: object
type: array
required:
- dependency
type: object
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []

151
hack/crds/core.oam.dev_components.yaml
View File

@@ -1,151 +0,0 @@
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.2.4
creationTimestamp: null
name: components.core.oam.dev
spec:
group: core.oam.dev
names:
categories:
- crossplane
- oam
kind: Component
listKind: ComponentList
plural: components
singular: component
scope: Namespaced
versions:
- additionalPrinterColumns:
- jsonPath: .spec.workload.kind
name: WORKLOAD-KIND
type: string
- jsonPath: .metadata.creationTimestamp
name: age
type: date
name: v1alpha2
schema:
openAPIV3Schema:
description: A Component describes how an OAM workload kind may be instantiated.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: A ComponentSpec defines the desired state of a Component.
properties:
parameters:
description: Parameters exposed by this component. ApplicationConfigurations
that reference this component may specify values for these parameters,
which will in turn be injected into the embedded workload.
items:
description: A ComponentParameter defines a configurable parameter
of a component.
properties:
description:
description: Description of this parameter.
type: string
fieldPaths:
description: FieldPaths specifies an array of fields within
this Component's workload that will be overwritten by the
value of this parameter. The type of the parameter (e.g. int,
string) is inferred from the type of these fields; All fields
must be of the same type. Fields are specified as JSON field
paths without a leading dot, for example 'spec.replicas'.
items:
type: string
type: array
name:
description: Name of this parameter. OAM ApplicationConfigurations
will specify parameter values using this name.
type: string
required:
description: Required specifies whether or not a value for this
parameter must be supplied when authoring an ApplicationConfiguration.
type: boolean
required:
- fieldPaths
- name
type: object
type: array
workload:
description: A Workload that will be created for each ApplicationConfiguration
that includes this Component. Workloads must be defined by a WorkloadDefinition.
type: object
x-kubernetes-embedded-resource: true
x-kubernetes-preserve-unknown-fields: true
required:
- workload
type: object
status:
description: A ComponentStatus represents the observed state of a Component.
properties:
conditions:
description: Conditions of the resource.
items:
description: A Condition that may apply to a resource.
properties:
lastTransitionTime:
description: LastTransitionTime is the last time this condition
transitioned from one status to another.
format: date-time
type: string
message:
description: A Message containing details about this condition's
last transition from one status to another, if any.
type: string
reason:
description: A Reason for this condition's last transition from
one status to another.
type: string
status:
description: Status of this condition; is it currently True,
False, or Unknown?
type: string
type:
description: Type of this condition. At most one of each condition
type may apply to a resource at any point in time.
type: string
required:
- lastTransitionTime
- reason
- status
- type
type: object
type: array
latestRevision:
description: LatestRevision of component
properties:
name:
type: string
revision:
format: int64
type: integer
required:
- name
- revision
type: object
type: object
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []

541
hack/crds/core.oam.dev_containerizedworkloads.yaml
View File

@@ -1,541 +0,0 @@
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.2.4
creationTimestamp: null
name: containerizedworkloads.core.oam.dev
spec:
group: core.oam.dev
names:
categories:
- crossplane
- oam
kind: ContainerizedWorkload
listKind: ContainerizedWorkloadList
plural: containerizedworkloads
singular: containerizedworkload
scope: Namespaced
versions:
- name: v1alpha2
schema:
openAPIV3Schema:
description: A ContainerizedWorkload is a workload that runs OCI containers.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: A ContainerizedWorkloadSpec defines the desired state of
a ContainerizedWorkload.
properties:
arch:
description: CPUArchitecture required by this workload.
enum:
- i386
- amd64
- arm
- arm64
type: string
containers:
description: Containers of which this workload consists.
items:
description: A Container represents an Open Containers Initiative
(OCI) container.
properties:
args:
description: Arguments to be passed to the command run by this
container.
items:
type: string
type: array
command:
description: Command to be run by this container.
items:
type: string
type: array
config:
description: ConfigFiles that should be written within this
container.
items:
description: A ContainerConfigFile specifies a configuration
file that should be written within a container.
properties:
fromSecret:
description: FromSecret is a secret key reference which
can be used to assign a value to be written to the configuration
file at the given path in the container.
properties:
key:
description: The key to select.
type: string
name:
description: The name of the secret.
type: string
required:
- key
- name
type: object
path:
description: Path within the container at which the configuration
file should be written.
type: string
value:
description: Value that should be written to the configuration
file.
type: string
required:
- path
type: object
type: array
env:
description: Environment variables that should be set within
this container.
items:
description: A ContainerEnvVar specifies an environment variable
that should be set within a container.
properties:
fromSecret:
description: FromSecret is a secret key reference which
can be used to assign a value to the environment variable.
properties:
key:
description: The key to select.
type: string
name:
description: The name of the secret.
type: string
required:
- key
- name
type: object
name:
description: Name of the environment variable. Must be
composed of valid Unicode letter and number characters,
as well as _ and -.
pattern: ^[-_a-zA-Z0-9]+$
type: string
value:
description: Value of the environment variable.
type: string
required:
- name
type: object
type: array
image:
description: Image this container should run. Must be a path-like
or URI-like representation of an OCI image. May be prefixed
with a registry address and should be suffixed with a tag.
type: string
imagePullSecret:
description: ImagePullSecret specifies the name of a Secret
from which the credentials required to pull this container's
image can be loaded.
type: string
livenessProbe:
description: A LivenessProbe assesses whether this container
is alive. Containers that fail liveness probes will be restarted.
properties:
exec:
description: Exec probes a container's health by executing
a command.
properties:
command:
description: Command to be run by this probe.
items:
type: string
type: array
required:
- command
type: object
failureThreshold:
description: FailureThreshold specifies how many consecutive
probes must fail in order for the container to be considered
healthy.
format: int32
type: integer
httpGet:
description: HTTPGet probes a container's health by sending
an HTTP GET request.
properties:
httpHeaders:
description: HTTPHeaders to send with the GET request.
items:
description: A HTTPHeader to be passed when probing
a container.
properties:
name:
description: Name of this HTTP header. Must be
unique per probe.
type: string
value:
description: Value of this HTTP header.
type: string
required:
- name
- value
type: object
type: array
path:
description: Path to probe, e.g. '/healthz'.
type: string
port:
description: Port to probe.
format: int32
type: integer
required:
- path
- port
type: object
initialDelaySeconds:
description: InitialDelaySeconds after a container starts
before the first probe.
format: int32
type: integer
periodSeconds:
description: PeriodSeconds between probes.
format: int32
type: integer
successThreshold:
description: SuccessThreshold specifies how many consecutive
probes must success in order for the container to be considered
healthy.
format: int32
type: integer
tcpSocket:
description: TCPSocketProbe probes a container's health
by connecting to a TCP socket.
properties:
port:
description: Port this probe should connect to.
format: int32
type: integer
required:
- port
type: object
timeoutSeconds:
description: TimeoutSeconds after which the probe times
out.
format: int32
type: integer
type: object
name:
description: Name of this container. Must be unique within its
workload.
type: string
ports:
description: Ports exposed by this container.
items:
description: A ContainerPort specifies a port that is exposed
by a container.
properties:
containerPort:
description: Port number. Must be unique within its container.
format: int32
type: integer
name:
description: Name of this port. Must be unique within
its container. Must be lowercase alphabetical characters.
pattern: ^[a-z]+$
type: string
protocol:
description: Protocol used by the server listening on
this port.
enum:
- TCP
- UDP
type: string
required:
- containerPort
- name
type: object
type: array
readinessProbe:
description: A ReadinessProbe assesses whether this container
is ready to serve requests. Containers that fail readiness
probes will be withdrawn from service.
properties:
exec:
description: Exec probes a container's health by executing
a command.
properties:
command:
description: Command to be run by this probe.
items:
type: string
type: array
required:
- command
type: object
failureThreshold:
description: FailureThreshold specifies how many consecutive
probes must fail in order for the container to be considered
healthy.
format: int32
type: integer
httpGet:
description: HTTPGet probes a container's health by sending
an HTTP GET request.
properties:
httpHeaders:
description: HTTPHeaders to send with the GET request.
items:
description: A HTTPHeader to be passed when probing
a container.
properties:
name:
description: Name of this HTTP header. Must be
unique per probe.
type: string
value:
description: Value of this HTTP header.
type: string
required:
- name
- value
type: object
type: array
path:
description: Path to probe, e.g. '/healthz'.
type: string
port:
description: Port to probe.
format: int32
type: integer
required:
- path
- port
type: object
initialDelaySeconds:
description: InitialDelaySeconds after a container starts
before the first probe.
format: int32
type: integer
periodSeconds:
description: PeriodSeconds between probes.
format: int32
type: integer
successThreshold:
description: SuccessThreshold specifies how many consecutive
probes must success in order for the container to be considered
healthy.
format: int32
type: integer
tcpSocket:
description: TCPSocketProbe probes a container's health
by connecting to a TCP socket.
properties:
port:
description: Port this probe should connect to.
format: int32
type: integer
required:
- port
type: object
timeoutSeconds:
description: TimeoutSeconds after which the probe times
out.
format: int32
type: integer
type: object
resources:
description: Resources required by this container
properties:
cpu:
description: CPU required by this container.
properties:
required:
description: Required CPU count. 1.0 represents one
CPU core.
type: string
required:
- required
type: object
extended:
description: Extended resources required by this container.
items:
description: ExtendedResource required by a container.
properties:
name:
description: Name of the external resource. Resource
names are specified in kind.group/version format,
e.g. motionsensor.ext.example.com/v1.
type: string
required:
anyOf:
- type: integer
- type: string
description: Required extended resource(s), e.g. 8
or "very-cool-widget"
x-kubernetes-int-or-string: true
required:
- name
- required
type: object
type: array
gpu:
description: GPU required by this container.
properties:
required:
description: Required GPU count.
type: string
required:
- required
type: object
memory:
description: Memory required by this container.
properties:
required:
description: Required memory.
type: string
required:
- required
type: object
volumes:
description: Volumes required by this container.
items:
description: VolumeResource required by a container.
properties:
accessMode:
description: AccessMode of this volume; RO (read only)
or RW (read and write).
enum:
- RO
- RW
type: string
disk:
description: Disk requirements of this volume.
properties:
ephemeral:
description: Ephemeral specifies whether an external
disk needs to be mounted.
type: boolean
required:
description: Required disk space.
type: string
required:
- required
type: object
mountPath:
description: MountPath at which this volume will be
mounted within its container.
type: string
name:
description: Name of this volume. Must be unique within
its container.
type: string
sharingPolicy:
description: SharingPolicy of this volume; Exclusive
or Shared.
enum:
- Exclusive
- Shared
type: string
required:
- mountPath
- name
type: object
type: array
required:
- cpu
- memory
type: object
required:
- image
- name
type: object
type: array
osType:
description: OperatingSystem required by this workload.
enum:
- linux
- windows
type: string
required:
- containers
type: object
status:
description: A ContainerizedWorkloadStatus represents the observed state
of a ContainerizedWorkload.
properties:
conditions:
description: Conditions of the resource.
items:
description: A Condition that may apply to a resource.
properties:
lastTransitionTime:
description: LastTransitionTime is the last time this condition
transitioned from one status to another.
format: date-time
type: string
message:
description: A Message containing details about this condition's
last transition from one status to another, if any.
type: string
reason:
description: A Reason for this condition's last transition from
one status to another.
type: string
status:
description: Status of this condition; is it currently True,
False, or Unknown?
type: string
type:
description: Type of this condition. At most one of each condition
type may apply to a resource at any point in time.
type: string
required:
- lastTransitionTime
- reason
- status
- type
type: object
type: array
resources:
description: Resources managed by this containerised workload.
items:
description: A TypedReference refers to an object by Name, Kind,
and APIVersion. It is commonly used to reference cluster-scoped
objects or objects where the namespace is already known.
properties:
apiVersion:
description: APIVersion of the referenced object.
type: string
kind:
description: Kind of the referenced object.
type: string
name:
description: Name of the referenced object.
type: string
uid:
description: UID of the referenced object.
type: string
required:
- apiVersion
- kind
- name
type: object
type: array
type: object
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []

135
hack/crds/core.oam.dev_healthscopes.yaml
View File

@@ -1,135 +0,0 @@
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.2.4
creationTimestamp: null
name: healthscopes.core.oam.dev
spec:
group: core.oam.dev
names:
categories:
- crossplane
- oam
kind: HealthScope
listKind: HealthScopeList
plural: healthscopes
singular: healthscope
scope: Namespaced
versions:
- additionalPrinterColumns:
- jsonPath: .status.health
name: HEALTH
type: string
name: v1alpha2
schema:
openAPIV3Schema:
description: A HealthScope determines an aggregate health status based of
the health of components.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: A HealthScopeSpec defines the desired state of a HealthScope.
properties:
probe-interval:
description: ProbeInterval is the amount of time in seconds between
probing tries.
format: int32
type: integer
probe-timeout:
description: ProbeTimeout is the amount of time in seconds to wait
when receiving a response before marked failure.
format: int32
type: integer
workloadRefs:
description: WorkloadReferences to the workloads that are in this
scope.
items:
description: A TypedReference refers to an object by Name, Kind,
and APIVersion. It is commonly used to reference cluster-scoped
objects or objects where the namespace is already known.
properties:
apiVersion:
description: APIVersion of the referenced object.
type: string
kind:
description: Kind of the referenced object.
type: string
name:
description: Name of the referenced object.
type: string
uid:
description: UID of the referenced object.
type: string
required:
- apiVersion
- kind
- name
type: object
type: array
type: object
status:
description: A HealthScopeStatus represents the observed state of a HealthScope.
properties:
conditions:
description: Conditions of the resource.
items:
description: A Condition that may apply to a resource.
properties:
lastTransitionTime:
description: LastTransitionTime is the last time this condition
transitioned from one status to another.
format: date-time
type: string
message:
description: A Message containing details about this condition's
last transition from one status to another, if any.
type: string
reason:
description: A Reason for this condition's last transition from
one status to another.
type: string
status:
description: Status of this condition; is it currently True,
False, or Unknown?
type: string
type:
description: Type of this condition. At most one of each condition
type may apply to a resource at any point in time.
type: string
required:
- lastTransitionTime
- reason
- status
- type
type: object
type: array
health:
type: string
required:
- health
type: object
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []

120
hack/crds/core.oam.dev_manualscalertraits.yaml
View File

@@ -1,120 +0,0 @@
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.2.4
creationTimestamp: null
name: manualscalertraits.core.oam.dev
spec:
group: core.oam.dev
names:
categories:
- crossplane
- oam
kind: ManualScalerTrait
listKind: ManualScalerTraitList
plural: manualscalertraits
singular: manualscalertrait
scope: Namespaced
versions:
- name: v1alpha2
schema:
openAPIV3Schema:
description: A ManualScalerTrait determines how many replicas a workload should
have.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: A ManualScalerTraitSpec defines the desired state of a ManualScalerTrait.
properties:
replicaCount:
description: ReplicaCount of the workload this trait applies to.
format: int32
type: integer
workloadRef:
description: WorkloadReference to the workload this trait applies
to.
properties:
apiVersion:
description: APIVersion of the referenced object.
type: string
kind:
description: Kind of the referenced object.
type: string
name:
description: Name of the referenced object.
type: string
uid:
description: UID of the referenced object.
type: string
required:
- apiVersion
- kind
- name
type: object
required:
- replicaCount
- workloadRef
type: object
status:
description: A ManualScalerTraitStatus represents the observed state of
a ManualScalerTrait.
properties:
conditions:
description: Conditions of the resource.
items:
description: A Condition that may apply to a resource.
properties:
lastTransitionTime:
description: LastTransitionTime is the last time this condition
transitioned from one status to another.
format: date-time
type: string
message:
description: A Message containing details about this condition's
last transition from one status to another, if any.
type: string
reason:
description: A Reason for this condition's last transition from
one status to another.
type: string
status:
description: Status of this condition; is it currently True,
False, or Unknown?
type: string
type:
description: Type of this condition. At most one of each condition
type may apply to a resource at any point in time.
type: string
required:
- lastTransitionTime
- reason
- status
- type
type: object
type: array
type: object
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []

85
hack/crds/core.oam.dev_scopedefinitions.yaml
View File

@@ -1,85 +0,0 @@
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.2.4
creationTimestamp: null
name: scopedefinitions.core.oam.dev
spec:
group: core.oam.dev
names:
categories:
- crossplane
- oam
kind: ScopeDefinition
listKind: ScopeDefinitionList
plural: scopedefinitions
singular: scopedefinition
scope: Cluster
versions:
- additionalPrinterColumns:
- jsonPath: .spec.definitionRef.name
name: DEFINITION-NAME
type: string
name: v1alpha2
schema:
openAPIV3Schema:
description: A ScopeDefinition registers a kind of Kubernetes custom resource
as a valid OAM scope kind by referencing its CustomResourceDefinition. The
CRD is used to validate the schema of the scope when it is embedded in an
OAM ApplicationConfiguration.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: A ScopeDefinitionSpec defines the desired state of a ScopeDefinition.
properties:
allowComponentOverlap:
description: AllowComponentOverlap specifies whether an OAM component
may exist in multiple instances of this kind of scope.
type: boolean
definitionRef:
description: Reference to the CustomResourceDefinition that defines
this scope kind.
properties:
name:
description: Name of the referenced CustomResourceDefinition.
type: string
required:
- name
type: object
extension:
description: Extension is used for extension needs by OAM platform
builders
type: object
x-kubernetes-preserve-unknown-fields: true
workloadRefsPath:
description: WorkloadRefsPath indicates if/where a scope accepts workloadRef
objects
type: string
required:
- allowComponentOverlap
- definitionRef
type: object
type: object
served: true
storage: true
subresources: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []

92
hack/crds/core.oam.dev_traitdefinitions.yaml
View File

@@ -1,92 +0,0 @@
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.2.4
creationTimestamp: null
name: traitdefinitions.core.oam.dev
spec:
group: core.oam.dev
names:
categories:
- crossplane
- oam
kind: TraitDefinition
listKind: TraitDefinitionList
plural: traitdefinitions
singular: traitdefinition
scope: Cluster
versions:
- additionalPrinterColumns:
- jsonPath: .spec.definitionRef.name
name: DEFINITION-NAME
type: string
name: v1alpha2
schema:
openAPIV3Schema:
description: A TraitDefinition registers a kind of Kubernetes custom resource
as a valid OAM trait kind by referencing its CustomResourceDefinition. The
CRD is used to validate the schema of the trait when it is embedded in an
OAM ApplicationConfiguration.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: A TraitDefinitionSpec defines the desired state of a TraitDefinition.
properties:
appliesToWorkloads:
description: AppliesToWorkloads specifies the list of workload kinds
this trait applies to. Workload kinds are specified in kind.group/version
format, e.g. server.core.oam.dev/v1alpha2. Traits that omit this
field apply to all workload kinds.
items:
type: string
type: array
definitionRef:
description: Reference to the CustomResourceDefinition that defines
this trait kind.
properties:
name:
description: Name of the referenced CustomResourceDefinition.
type: string
required:
- name
type: object
extension:
description: Extension is used for extension needs by OAM platform
builders
type: object
x-kubernetes-preserve-unknown-fields: true
revisionEnabled:
description: Revision indicates whether a trait is aware of component
revision
type: boolean
workloadRefPath:
description: WorkloadRefPath indicates where/if a trait accepts a
workloadRef object
type: string
required:
- definitionRef
type: object
type: object
served: true
storage: true
subresources: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []

100
hack/crds/core.oam.dev_workloaddefinitions.yaml
View File

@@ -1,100 +0,0 @@
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.2.4
creationTimestamp: null
name: workloaddefinitions.core.oam.dev
spec:
group: core.oam.dev
names:
categories:
- crossplane
- oam
kind: WorkloadDefinition
listKind: WorkloadDefinitionList
plural: workloaddefinitions
singular: workloaddefinition
scope: Cluster
versions:
- additionalPrinterColumns:
- jsonPath: .spec.definitionRef.name
name: DEFINITION-NAME
type: string
name: v1alpha2
schema:
openAPIV3Schema:
description: A WorkloadDefinition registers a kind of Kubernetes custom resource
as a valid OAM workload kind by referencing its CustomResourceDefinition.
The CRD is used to validate the schema of the workload when it is embedded
in an OAM Component.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: A WorkloadDefinitionSpec defines the desired state of a WorkloadDefinition.
properties:
childResourceKinds:
description: ChildResourceKinds are the list of GVK of the child resources
this workload generates
items:
description: A ChildResourceKind defines a child Kubernetes resource
kind with a selector
properties:
apiVersion:
description: APIVersion of the child resource
type: string
kind:
description: Kind of the child resource
type: string
selector:
additionalProperties:
type: string
description: Selector to select the child resources that the
workload wants to expose to traits
type: object
required:
- apiVersion
- kind
type: object
type: array
definitionRef:
description: Reference to the CustomResourceDefinition that defines
this workload kind.
properties:
name:
description: Name of the referenced CustomResourceDefinition.
type: string
required:
- name
type: object
extension:
description: Extension is used for extension needs by OAM platform
builders
type: object
x-kubernetes-preserve-unknown-fields: true
required:
- definitionRef
type: object
type: object
served: true
storage: true
subresources: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []

465
hack/crds/servcieMonitor.yaml
View File

@@ -1,465 +0,0 @@
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.2.4
creationTimestamp: null
name: servicemonitors.monitoring.coreos.com
spec:
group: monitoring.coreos.com
names:
kind: ServiceMonitor
listKind: ServiceMonitorList
plural: servicemonitors
singular: servicemonitor
scope: Namespaced
versions:
- name: v1
schema:
openAPIV3Schema:
description: ServiceMonitor defines monitoring for a set of services.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: Specification of desired Service selection for target discovery
by Prometheus.
properties:
endpoints:
description: A list of endpoints allowed as part of this ServiceMonitor.
items:
description: Endpoint defines a scrapeable endpoint serving Prometheus
metrics.
properties:
basicAuth:
description: 'BasicAuth allow an endpoint to authenticate over
basic authentication More info: https://prometheus.io/docs/operating/configuration/#endpoints'
properties:
password:
description: The secret in the service monitor namespace
that contains the password for authentication.
properties:
key:
description: The key of the secret to select from. Must
be a valid secret key.
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind, uid?'
type: string
optional:
description: Specify whether the Secret or its key must
be defined
type: boolean
required:
- key
type: object
username:
description: The secret in the service monitor namespace
that contains the username for authentication.
properties:
key:
description: The key of the secret to select from. Must
be a valid secret key.
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind, uid?'
type: string
optional:
description: Specify whether the Secret or its key must
be defined
type: boolean
required:
- key
type: object
type: object
bearerTokenFile:
description: File to read bearer token for scraping targets.
type: string
bearerTokenSecret:
description: Secret to mount to read bearer token for scraping
targets. The secret needs to be in the same namespace as the
service monitor and accessible by the Prometheus Operator.
properties:
key:
description: The key of the secret to select from. Must
be a valid secret key.
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind, uid?'
type: string
optional:
description: Specify whether the Secret or its key must
be defined
type: boolean
required:
- key
type: object
honorLabels:
description: HonorLabels chooses the metric's labels on collisions
with target labels.
type: boolean
honorTimestamps:
description: HonorTimestamps controls whether Prometheus respects
the timestamps present in scraped data.
type: boolean
interval:
description: Interval at which metrics should be scraped
type: string
metricRelabelings:
description: MetricRelabelConfigs to apply to samples before
ingestion.
items:
description: 'RelabelConfig allows dynamic rewriting of the
label set, being applied to samples before ingestion. It
defines `<metric_relabel_configs>`-section of Prometheus
configuration. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs'
properties:
action:
description: Action to perform based on regex matching.
Default is 'replace'
type: string
modulus:
description: Modulus to take of the hash of the source
label values.
format: int64
type: integer
regex:
description: Regular expression against which the extracted
value is matched. Default is '(.*)'
type: string
replacement:
description: Replacement value against which a regex replace
is performed if the regular expression matches. Regex
capture groups are available. Default is '$1'
type: string
separator:
description: Separator placed between concatenated source
label values. default is ';'.
type: string
sourceLabels:
description: The source labels select values from existing
labels. Their content is concatenated using the configured
separator and matched against the configured regular
expression for the replace, keep, and drop actions.
items:
type: string
type: array
targetLabel:
description: Label to which the resulting value is written
in a replace action. It is mandatory for replace actions.
Regex capture groups are available.
type: string
type: object
type: array
params:
additionalProperties:
items:
type: string
type: array
description: Optional HTTP URL parameters
type: object
path:
description: HTTP path to scrape for metrics.
type: string
port:
description: Name of the service port this endpoint refers to.
Mutually exclusive with targetPort.
type: string
proxyUrl:
description: ProxyURL eg http://proxyserver:2195 Directs scrapes
to proxy through this endpoint.
type: string
relabelings:
description: 'RelabelConfigs to apply to samples before scraping.
More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config'
items:
description: 'RelabelConfig allows dynamic rewriting of the
label set, being applied to samples before ingestion. It
defines `<metric_relabel_configs>`-section of Prometheus
configuration. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#metric_relabel_configs'
properties:
action:
description: Action to perform based on regex matching.
Default is 'replace'
type: string
modulus:
description: Modulus to take of the hash of the source
label values.
format: int64
type: integer
regex:
description: Regular expression against which the extracted
value is matched. Default is '(.*)'
type: string
replacement:
description: Replacement value against which a regex replace
is performed if the regular expression matches. Regex
capture groups are available. Default is '$1'
type: string
separator:
description: Separator placed between concatenated source
label values. default is ';'.
type: string
sourceLabels:
description: The source labels select values from existing
labels. Their content is concatenated using the configured
separator and matched against the configured regular
expression for the replace, keep, and drop actions.
items:
type: string
type: array
targetLabel:
description: Label to which the resulting value is written
in a replace action. It is mandatory for replace actions.
Regex capture groups are available.
type: string
type: object
type: array
scheme:
description: HTTP scheme to use for scraping.
type: string
scrapeTimeout:
description: Timeout after which the scrape is ended
type: string
targetPort:
anyOf:
- type: integer
- type: string
description: Name or number of the pod port this endpoint refers
to. Mutually exclusive with port.
x-kubernetes-int-or-string: true
tlsConfig:
description: TLS configuration to use when scraping the endpoint
properties:
ca:
description: Stuct containing the CA cert to use for the
targets.
properties:
configMap:
description: ConfigMap containing data to use for the
targets.
properties:
key:
description: The key to select.
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind,
uid?'
type: string
optional:
description: Specify whether the ConfigMap or its
key must be defined
type: boolean
required:
- key
type: object
secret:
description: Secret containing data to use for the targets.
properties:
key:
description: The key of the secret to select from. Must
be a valid secret key.
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind,
uid?'
type: string
optional:
description: Specify whether the Secret or its key
must be defined
type: boolean
required:
- key
type: object
type: object
caFile:
description: Path to the CA cert in the Prometheus container
to use for the targets.
type: string
cert:
description: Struct containing the client cert file for
the targets.
properties:
configMap:
description: ConfigMap containing data to use for the
targets.
properties:
key:
description: The key to select.
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind,
uid?'
type: string
optional:
description: Specify whether the ConfigMap or its
key must be defined
type: boolean
required:
- key
type: object
secret:
description: Secret containing data to use for the targets.
properties:
key:
description: The key of the secret to select from. Must
be a valid secret key.
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind,
uid?'
type: string
optional:
description: Specify whether the Secret or its key
must be defined
type: boolean
required:
- key
type: object
type: object
certFile:
description: Path to the client cert file in the Prometheus
container for the targets.
type: string
insecureSkipVerify:
description: Disable target certificate validation.
type: boolean
keyFile:
description: Path to the client key file in the Prometheus
container for the targets.
type: string
keySecret:
description: Secret containing the client key file for the
targets.
properties:
key:
description: The key of the secret to select from. Must
be a valid secret key.
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind, uid?'
type: string
optional:
description: Specify whether the Secret or its key must
be defined
type: boolean
required:
- key
type: object
serverName:
description: Used to verify the hostname for the targets.
type: string
type: object
type: object
type: array
jobLabel:
description: The label to use to retrieve the job name from.
type: string
namespaceSelector:
description: Selector to select which namespaces the Endpoints objects
are discovered from.
properties:
any:
description: Boolean describing whether all namespaces are selected
in contrast to a list restricting them.
type: boolean
matchNames:
description: List of namespace names.
items:
type: string
type: array
type: object
podTargetLabels:
description: PodTargetLabels transfers labels on the Kubernetes Pod
onto the target.
items:
type: string
type: array
sampleLimit:
description: SampleLimit defines per-scrape limit on number of scraped
samples that will be accepted.
format: int64
type: integer
selector:
description: Selector to select Endpoints objects.
properties:
matchExpressions:
description: matchExpressions is a list of label selector requirements.
The requirements are ANDed.
items:
description: A label selector requirement is a selector that
contains values, a key, and an operator that relates the key
and values.
properties:
key:
description: key is the label key that the selector applies
to.
type: string
operator:
description: operator represents a key's relationship to
a set of values. Valid operators are In, NotIn, Exists
and DoesNotExist.
type: string
values:
description: values is an array of string values. If the
operator is In or NotIn, the values array must be non-empty.
If the operator is Exists or DoesNotExist, the values
array must be empty. This array is replaced during a strategic
merge patch.
items:
type: string
type: array
required:
- key
- operator
type: object
type: array
matchLabels:
additionalProperties:
type: string
description: matchLabels is a map of {key,value} pairs. A single
{key,value} in the matchLabels map is equivalent to an element
of matchExpressions, whose key field is "key", the operator
is "In", and the values array contains only "value". The requirements
are ANDed.
type: object
type: object
targetLabels:
description: TargetLabels transfers labels on the Kubernetes Service
onto the target.
items:
type: string
type: array
required:
- endpoints
- selector
type: object
required:
- spec
type: object
served: true
storage: true
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []

153
hack/crds/standard.oam.dev_metricstraits.yaml
View File

@@ -1,153 +0,0 @@
---
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.2.5
creationTimestamp: null
name: metricstraits.standard.oam.dev
spec:
group: standard.oam.dev
names:
categories:
- oam
kind: MetricsTrait
listKind: MetricsTraitList
plural: metricstraits
singular: metricstrait
scope: Namespaced
subresources:
status: {}
validation:
openAPIV3Schema:
description: MetricsTrait is the Schema for the metricstraits API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: MetricsTraitSpec defines the desired state of MetricsTrait
properties:
scrapeService:
description: An endpoint to be monitored by a ServiceMonitor.
properties:
enabled:
description: The default is true
type: boolean
format:
description: The format of the metrics data, The default and only
supported format is "prometheus" for now
type: string
path:
description: HTTP path to scrape for metrics. default is /metrics
type: string
port:
anyOf:
- type: integer
- type: string
description: Number or name of the port to access on the pods targeted
by the service. When this field has value implies that we need
to create a service for the workload Mutually exclusive with port.
x-kubernetes-int-or-string: true
scheme:
description: Scheme at which metrics should be scraped The default
and only supported scheme is "http"
type: string
selector:
additionalProperties:
type: string
description: Route service traffic to pods with label keys and values
matching this The default is the labels in the workload Mutually
exclusive with port.
type: object
type: object
workloadRef:
description: WorkloadReference to the workload whose metrics needs to
be exposed
properties:
apiVersion:
description: APIVersion of the referenced object.
type: string
kind:
description: Kind of the referenced object.
type: string
name:
description: Name of the referenced object.
type: string
uid:
description: UID of the referenced object.
type: string
required:
- apiVersion
- kind
- name
type: object
required:
- scrapeService
type: object
status:
description: MetricsTraitStatus defines the observed state of MetricsTrait
properties:
conditions:
description: Conditions of the resource.
items:
description: A Condition that may apply to a resource.
properties:
lastTransitionTime:
description: LastTransitionTime is the last time this condition
transitioned from one status to another.
format: date-time
type: string
message:
description: A Message containing details about this condition's
last transition from one status to another, if any.
type: string
reason:
description: A Reason for this condition's last transition from
one status to another.
type: string
status:
description: Status of this condition; is it currently True, False,
or Unknown?
type: string
type:
description: Type of this condition. At most one of each condition
type may apply to a resource at any point in time.
type: string
required:
- lastTransitionTime
- reason
- status
- type
type: object
type: array
serviceMonitorName:
description: ServiceMonitorNames managed by this trait
items:
type: string
type: array
type: object
required:
- spec
type: object
version: v1alpha1
versions:
- name: v1alpha1
served: true
storage: true
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []

17
pkg/controller/v1alpha1/containerized/containerized_controller.go
View File

@@ -97,9 +97,9 @@ func (r *ContainerizedReconciler) Reconcile(req ctrl.Request) (ctrl.Result, erro
return util.ReconcileWaitResult,
util.PatchCondition(ctx, r, &workload, cpv1alpha1.ReconcileError(errors.Wrap(err, errRenderDeployment)))
}
// merge patch
// server side apply
applyOpts := []client.PatchOption{client.ForceOwnership, client.FieldOwner(workload.GetUID())}
if err := r.Patch(ctx, deploy, client.Merge, applyOpts...); err != nil {
if err := r.Patch(ctx, deploy, client.Apply, applyOpts...); err != nil {
log.Error(err, "Failed to apply to a deployment")
r.record.Event(eventObj, event.Warning(errApplyDeployment, err))
return util.ReconcileWaitResult,
@@ -117,8 +117,8 @@ func (r *ContainerizedReconciler) Reconcile(req ctrl.Request) (ctrl.Result, erro
return util.ReconcileWaitResult,
util.PatchCondition(ctx, r, &workload, cpv1alpha1.ReconcileError(errors.Wrap(err, errRenderService)))
}
// merge apply the service
if err := r.Patch(ctx, service, client.Merge, applyOpts...); err != nil {
// server side apply the service
if err := r.Patch(ctx, service, client.Apply, applyOpts...); err != nil {
log.Error(err, "Failed to apply a service")
r.record.Event(eventObj, event.Warning(errApplyDeployment, err))
return util.ReconcileWaitResult,
@@ -180,6 +180,15 @@ func (r *ContainerizedReconciler) renderDeployment(ctx context.Context,
},
},
}
// k8s server-side patch complains if the protocol is not set
for i := 0; i < len(deploy.Spec.Template.Spec.Containers); i++ {
for j := 0; j < len(deploy.Spec.Template.Spec.Containers[i].Ports); j++ {
if len(deploy.Spec.Template.Spec.Containers[i].Ports[j].Protocol) == 0 {
deploy.Spec.Template.Spec.Containers[i].Ports[j].Protocol = corev1.ProtocolTCP
}
}
}
// pass through label and annotation from the workload to the deployment
util.PassLabelAndAnnotation(workload, deploy)
// pass through label and annotation from the workload to the pod template too

10
pkg/controller/v1alpha1/metrics/metricstrait_controller.go
View File

@@ -42,7 +42,9 @@ import (
const (
errApplyServiceMonitor = "failed to apply the service monitor"
errLocatingWorkload = "failed to locate the workload"
errLocatingService = "failed to locate any the services"
errCreatingService = "failed to create the services"
servicePort = 4848
)
@@ -113,10 +115,10 @@ func (r *MetricsTraitReconciler) Reconcile(req ctrl.Request) (ctrl.Result, error
if err != nil {
mLog.Error(err, "Error while fetching the workload", "workload reference",
metricsTrait.GetWorkloadReference())
r.record.Event(eventObj, event.Warning(errLocatingService, err))
r.record.Event(eventObj, event.Warning(errLocatingWorkload, err))
return oamutil.ReconcileWaitResult,
oamutil.PatchCondition(ctx, r, &metricsTrait,
cpv1alpha1.ReconcileError(errors.Wrap(err, errLocatingService)))
cpv1alpha1.ReconcileError(errors.Wrap(err, errLocatingWorkload)))
}
// try to see if the workload already has services as child resources
serviceLabel, err := r.fetchServicesLabel(ctx, mLog, workload, metricsTrait.Spec.ScrapeService.TargetPort)
@@ -130,10 +132,10 @@ func (r *MetricsTraitReconciler) Reconcile(req ctrl.Request) (ctrl.Result, error
// no service with the targetPort found, we will create a service that talks to the targetPort
serviceLabel, err = r.createService(ctx, mLog, workload, &metricsTrait)
if err != nil {
r.record.Event(eventObj, event.Warning(errLocatingService, err))
r.record.Event(eventObj, event.Warning(errCreatingService, err))
return oamutil.ReconcileWaitResult,
oamutil.PatchCondition(ctx, r, &metricsTrait,
cpv1alpha1.ReconcileError(errors.Wrap(err, errLocatingService)))
cpv1alpha1.ReconcileError(errors.Wrap(err, errCreatingService)))
}
}
// construct the serviceMonitor that hooks the service to the prometheus server

3
pkg/controller/v1alpha1/metrics/suite_test.go
View File

@@ -67,7 +67,8 @@ var _ = BeforeSuite(func(done Done) {
By("Bootstrapping test environment")
testEnv = &envtest.Environment{
CRDDirectoryPaths: []string{
filepath.Join("../../../..", "hack/crds"), // this has all the required CRDs, a bit hacky
filepath.Join("../../../..", "charts/third_party/prometheus"), // this has all the required CRDs,
filepath.Join("../../../..", "charts/vela-core/crds"), // this has all the required CRDs,
},
}
var err error