diff --git a/charts/weave-flux/.helmignore b/charts/weave-flux/.helmignore new file mode 100644 index 0000000..f0c1319 --- /dev/null +++ b/charts/weave-flux/.helmignore @@ -0,0 +1,21 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj diff --git a/charts/weave-flux/Chart.yaml b/charts/weave-flux/Chart.yaml new file mode 100644 index 0000000..39c6b54 --- /dev/null +++ b/charts/weave-flux/Chart.yaml @@ -0,0 +1,13 @@ +apiVersion: v1 +appVersion: "1.2.5" +description: Flux is a tool that automatically ensures that the state of a cluster matches what is specified in version control +name: weave-flux +version: 0.1.0 +home: https://weave.works +sources: +- https://github.com/weaveworks/flux +maintainers: + - name: Stefan Prodan + email: stefan@weave.works +engine: gotpl +icon: https://www.weave.works/assets/images/bltd108e8f850ae9e7c/weave-logo-512.png diff --git a/charts/weave-flux/README.md b/charts/weave-flux/README.md new file mode 100755 index 0000000..c785fb2 --- /dev/null +++ b/charts/weave-flux/README.md @@ -0,0 +1,67 @@ +# Weave Flux OSS + +Flux is a tool that automatically ensures that the state of a cluster matches what is specified in version control. +It is most useful when used as a deployment tool at the end of a Continuous Delivery pipeline. Flux will make sure that your new container images and config changes are propagated to the cluster. + +## Introduction + +This chart bootstraps an [Weave Flux](https://github.com/weaveworks/flux) deployment on +a [Kubernetes](http://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager. + +## Prerequisites + +- Kubernetes 1.7+ + +## Installing the Chart + +To install the chart with the release name `cd`: + +```console +$ helm install --name cd \ +--set git.url=git@github.com:weaveworks/flux-example +stable/weave-flux +``` + +The [configuration](#configuration) section lists the parameters that can be configured during installation. + +At startup Flux generates a SSH key and stores it on the git-deploy secret. +Find the SSH public key in Flux logs with: + +```bash +POD_NAME=$(kubectl get pods --namespace default -l "app=weave-flux,release=cd" -o jsonpath="{.items[0].metadata.name}") +kubectl logs $POD_NAME | grep identity.pub | cut -d '"' -f2 | sed 's/.\{2\}$//' +``` + +Copy the public key and use it to create a deploy key with write access on your GitHub repository. + +## Uninstalling the Chart + +To uninstall/delete the `cd` deployment: + +```console +$ helm delete --purge cd +``` + +The command removes all the Kubernetes components associated with the chart and deletes the release. + +## Configuration + +The following tables lists the configurable parameters of the Weave Flux chart and their default values. + +| Parameter | Description | Default | +| ------------------------------- | ------------------------------------------ | ---------------------------------------------------------- | +| `image` | Image | `quay.io/weaveworks/flux` +| `imageTag` | Image tag | `1.2.5` +| `imagePullPolicy` | Image pull policy | `IfNotPresent` +| `resources` | CPU/memory resource requests/limits | None +| `rbac.create` | If `true`, create and use RBAC resources | `true` +| `serviceAccount.create` | If `true`, create a new service account | `true` +| `serviceAccount.name` | Service account to be used | `weave-flux` +| `service.type` | Service type to be used | `ClusterIP` +| `git.url` | URL of git repo with Kubernetes manifests | None +| `git.branch` | Branch of git repo to use for Kubernetes manifests | `master` +| `git.path` | Path within git repo to locate Kubernetes manifests (relative path) | None +| `git.user` | Username to use as git committer | `Weave Flux` +| `git.email` | Email to use as git committer | `support@weave.works` + + diff --git a/charts/weave-flux/templates/NOTES.txt b/charts/weave-flux/templates/NOTES.txt new file mode 100644 index 0000000..a015e74 --- /dev/null +++ b/charts/weave-flux/templates/NOTES.txt @@ -0,0 +1,20 @@ +1. Get the application URL by running these commands: +{{- if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ template "weave-flux.fullname" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get svc -w {{ template "weave-flux.fullname" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ template "weave-flux.fullname" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') + echo http://$SERVICE_IP:{{ .Values.service.port }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app={{ template "weave-flux.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl port-forward $POD_NAME 8080:3030 +{{- end }} + +2. Get the Git deploy key by running these commands: + export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app={{ template "weave-flux.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + kubectl logs $POD_NAME | grep identity.pub | cut -d '"' -f2 | sed 's/.\{2\}$//' + diff --git a/charts/weave-flux/templates/_helpers.tpl b/charts/weave-flux/templates/_helpers.tpl new file mode 100644 index 0000000..1159ad2 --- /dev/null +++ b/charts/weave-flux/templates/_helpers.tpl @@ -0,0 +1,43 @@ +{{/* vim: set filetype=mustache: */}} +{{/* +Expand the name of the chart. +*/}} +{{- define "weave-flux.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "weave-flux.fullname" -}} +{{- if .Values.fullnameOverride -}} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- $name := default .Chart.Name .Values.nameOverride -}} +{{- if contains $name .Release.Name -}} +{{- .Release.Name | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} +{{- end -}} +{{- end -}} +{{- end -}} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "weave-flux.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Create the name of the service account to use +*/}} +{{- define "weave-flux.serviceAccountName" -}} +{{- if .Values.serviceAccount.create -}} + {{ default (include "weave-flux.fullname" .) .Values.serviceAccount.name }} +{{- else -}} + {{ default "default" .Values.serviceAccount.name }} +{{- end -}} +{{- end -}} diff --git a/charts/weave-flux/templates/deployment.yaml b/charts/weave-flux/templates/deployment.yaml new file mode 100644 index 0000000..07deabb --- /dev/null +++ b/charts/weave-flux/templates/deployment.yaml @@ -0,0 +1,69 @@ +apiVersion: apps/v1beta2 +kind: Deployment +metadata: + name: {{ template "weave-flux.fullname" . }} + labels: + app: {{ template "weave-flux.name" . }} + chart: {{ template "weave-flux.chart" . }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + replicas: {{ .Values.replicaCount }} + selector: + matchLabels: + app: {{ template "weave-flux.name" . }} + release: {{ .Release.Name }} + template: + metadata: + labels: + app: {{ template "weave-flux.name" . }} + release: {{ .Release.Name }} + spec: + {{- if .Values.serviceAccount.create }} + serviceAccountName: {{ template "weave-flux.serviceAccountName" . }} + {{- end }} + volumes: + - name: git-key + secret: + secretName: {{ template "weave-flux.fullname" . }}-git-deploy + defaultMode: 0400 + - name: git-keygen + emptyDir: + medium: Memory + containers: + - name: {{ .Chart.Name }} + image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + ports: + - name: http + containerPort: 3030 + protocol: TCP + volumeMounts: + - name: git-key + mountPath: /etc/fluxd/ssh + readOnly: true + - name: git-keygen + mountPath: /var/fluxd/keygen + args: + - --ssh-keygen-dir=/var/fluxd/keygen + - --k8s-secret-name={{ template "weave-flux.fullname" . }}-git-deploy + - --memcached-hostname={{ template "weave-flux.fullname" . }}-memcached + - --git-url={{ .Values.git.url }} + - --git-branch={{ .Values.git.branch }} + - --git-path={{ .Values.git.path }} + - --git-user={{ .Values.git.user }} + - --git-email={{ .Values.git.email }} + resources: +{{ toYaml .Values.resources | indent 12 }} + {{- with .Values.nodeSelector }} + nodeSelector: +{{ toYaml . | indent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: +{{ toYaml . | indent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: +{{ toYaml . | indent 8 }} + {{- end }} diff --git a/charts/weave-flux/templates/memcached.yaml b/charts/weave-flux/templates/memcached.yaml new file mode 100755 index 0000000..8714ecf --- /dev/null +++ b/charts/weave-flux/templates/memcached.yaml @@ -0,0 +1,54 @@ +apiVersion: apps/v1beta2 +kind: Deployment +metadata: + name: {{ template "weave-flux.fullname" . }}-memcached + labels: + app: {{ template "weave-flux.name" . }}-memcached + chart: {{ template "weave-flux.chart" . }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + replicas: 1 + strategy: + type: Recreate + selector: + matchLabels: + app: {{ template "weave-flux.name" . }}-memcached + release: {{ .Release.Name }} + template: + metadata: + labels: + app: {{ template "weave-flux.name" . }}-memcached + release: {{ .Release.Name }} + spec: + containers: + - name: memcached + image: memcached:1.4.25 + imagePullPolicy: IfNotPresent + args: + - -m 64 # Maximum memory to use, in megabytes. 64MB is default. + - -p 11211 # Default port, but being explicit is nice. + - -vv # This gets us to the level of request logs. + ports: + - name: memcached + containerPort: 11211 +--- +apiVersion: v1 +kind: Service +metadata: + name: {{ template "weave-flux.fullname" . }}-memcached + labels: + app: {{ template "weave-flux.name" . }}-memcached + chart: {{ template "weave-flux.chart" . }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + clusterIP: None + ports: + - port: 11211 + targetPort: memcached + protocol: TCP + name: memcached + selector: + app: {{ template "weave-flux.name" . }}-memcached + release: {{ .Release.Name }} diff --git a/charts/weave-flux/templates/rbac.yaml b/charts/weave-flux/templates/rbac.yaml new file mode 100644 index 0000000..83a5c0d --- /dev/null +++ b/charts/weave-flux/templates/rbac.yaml @@ -0,0 +1,40 @@ +{{- if .Values.rbac.create -}} +apiVersion: rbac.authorization.k8s.io/v1beta1 +kind: ClusterRole +metadata: + name: {{ template "weave-flux.fullname" . }} + labels: + app: {{ template "weave-flux.name" . }} + chart: {{ template "weave-flux.chart" . }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +rules: + - apiGroups: + - '*' + resources: + - '*' + verbs: + - '*' + - nonResourceURLs: + - '*' + verbs: + - '*' +--- +apiVersion: rbac.authorization.k8s.io/v1beta1 +kind: ClusterRoleBinding +metadata: + name: {{ template "weave-flux.fullname" . }} + labels: + app: {{ template "weave-flux.name" . }} + chart: {{ template "weave-flux.chart" . }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: {{ template "weave-flux.fullname" . }} +subjects: + - name: {{ template "weave-flux.serviceAccountName" . }} + namespace: {{ .Release.Namespace | quote }} + kind: ServiceAccount +{{- end -}} diff --git a/charts/weave-flux/templates/secret.yaml b/charts/weave-flux/templates/secret.yaml new file mode 100644 index 0000000..e52098d --- /dev/null +++ b/charts/weave-flux/templates/secret.yaml @@ -0,0 +1,5 @@ +apiVersion: v1 +kind: Secret +metadata: + name: {{ template "weave-flux.fullname" . }}-git-deploy +type: Opaque diff --git a/charts/weave-flux/templates/service.yaml b/charts/weave-flux/templates/service.yaml new file mode 100644 index 0000000..25426fd --- /dev/null +++ b/charts/weave-flux/templates/service.yaml @@ -0,0 +1,19 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ template "weave-flux.fullname" . }} + labels: + app: {{ template "weave-flux.name" . }} + chart: {{ template "weave-flux.chart" . }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + type: {{ .Values.service.type }} + ports: + - port: {{ .Values.service.port }} + targetPort: http + protocol: TCP + name: http + selector: + app: {{ template "weave-flux.name" . }} + release: {{ .Release.Name }} diff --git a/charts/weave-flux/templates/serviceaccount.yaml b/charts/weave-flux/templates/serviceaccount.yaml new file mode 100644 index 0000000..c4e1add --- /dev/null +++ b/charts/weave-flux/templates/serviceaccount.yaml @@ -0,0 +1,11 @@ +{{- if .Values.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ template "weave-flux.serviceAccountName" . }} + labels: + app: {{ template "weave-flux.name" . }} + chart: {{ template "weave-flux.chart" . }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +{{- end -}} diff --git a/charts/weave-flux/values.yaml b/charts/weave-flux/values.yaml new file mode 100644 index 0000000..57c7d2b --- /dev/null +++ b/charts/weave-flux/values.yaml @@ -0,0 +1,51 @@ +# Default values for weave-flux. + +replicaCount: 1 + +image: + repository: quay.io/weaveworks/flux + tag: 1.2.5 + pullPolicy: IfNotPresent + +service: + type: ClusterIP + port: 3030 + +rbac: + # Specifies whether RBAC resources should be created + create: true + +serviceAccount: + # Specifies whether a service account should be created + create: true + # The name of the service account to use. + # If not set and create is true, a name is generated using the fullname template + name: + +resources: {} + # If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # limits: + # cpu: 100m + # memory: 128Mi + # requests: + # cpu: 100m + # memory: 128Mi + +nodeSelector: {} + +tolerations: [] + +affinity: {} + +git: + # URL of git repo with Kubernetes manifests; e.g. git@github.com:weaveworks/flux-example + url: "" + # Branch of git repo to use for Kubernetes manifests + branch: "master" + # Path within git repo to locate Kubernetes manifests (relative path) + path: "" + # Username to use as git committer + user: "Weave Flux" + # Email to use as git committer + email: "support@weave.works"