From dc3d5bf08ce940992d4d66830d4fec3ddaa38fdd Mon Sep 17 00:00:00 2001 From: "Roland.Ma" Date: Wed, 26 May 2021 09:09:49 +0000 Subject: [PATCH] user helm release namespace Signed-off-by: Roland.Ma --- config/ks-core/templates/ks-apiserver.yml | 2 - .../ks-core/templates/ks-console-config.yml | 1 - config/ks-core/templates/ks-console.yml | 2 - .../templates/ks-controller-manager.yaml | 2 - config/ks-core/templates/ks-router-cm.yaml | 1 - config/ks-core/templates/ks-router-config.tpl | 82 +++++++++---------- .../ks-core/templates/kubesphere-config.yaml | 1 - .../templates/kubesphere-controls-system.yaml | 5 ++ .../templates/sample-bookinfo-configmap.yaml | 1 - config/ks-core/templates/serviceaccount.yaml | 2 +- config/ks-core/templates/webhook.yaml | 7 +- 11 files changed, 50 insertions(+), 56 deletions(-) diff --git a/config/ks-core/templates/ks-apiserver.yml b/config/ks-core/templates/ks-apiserver.yml index 9e1d589b8..79ad22125 100644 --- a/config/ks-core/templates/ks-apiserver.yml +++ b/config/ks-core/templates/ks-apiserver.yml @@ -6,7 +6,6 @@ metadata: tier: backend version: {{ .Chart.AppVersion }} name: ks-apiserver - namespace: kubesphere-system spec: strategy: rollingUpdate: @@ -116,7 +115,6 @@ metadata: tier: backend version: {{ .Chart.AppVersion }} name: ks-apiserver - namespace: kubesphere-system spec: ports: - port: 80 diff --git a/config/ks-core/templates/ks-console-config.yml b/config/ks-core/templates/ks-console-config.yml index 2c3ea8736..14b8f78b4 100644 --- a/config/ks-core/templates/ks-console-config.yml +++ b/config/ks-core/templates/ks-console-config.yml @@ -25,4 +25,3 @@ data: kind: ConfigMap metadata: name: ks-console-config - namespace: kubesphere-system diff --git a/config/ks-core/templates/ks-console.yml b/config/ks-core/templates/ks-console.yml index e5fd2b4d1..de7d0e428 100644 --- a/config/ks-core/templates/ks-console.yml +++ b/config/ks-core/templates/ks-console.yml @@ -6,7 +6,6 @@ metadata: tier: frontend version: {{ .Chart.AppVersion }} name: ks-console - namespace: kubesphere-system spec: strategy: rollingUpdate: @@ -101,7 +100,6 @@ metadata: tier: frontend version: {{ .Chart.AppVersion }} name: ks-console - namespace: kubesphere-system spec: ports: - name: nginx diff --git a/config/ks-core/templates/ks-controller-manager.yaml b/config/ks-core/templates/ks-controller-manager.yaml index e9234f91d..bb3d13ef8 100644 --- a/config/ks-core/templates/ks-controller-manager.yaml +++ b/config/ks-core/templates/ks-controller-manager.yaml @@ -6,7 +6,6 @@ metadata: tier: backend version: {{ .Chart.AppVersion }} name: ks-controller-manager - namespace: kubesphere-system spec: strategy: rollingUpdate: @@ -115,7 +114,6 @@ metadata: tier: backend version: {{ .Chart.AppVersion }} name: ks-controller-manager - namespace: kubesphere-system spec: ports: - port: 443 diff --git a/config/ks-core/templates/ks-router-cm.yaml b/config/ks-core/templates/ks-router-cm.yaml index c61622ce5..045019143 100644 --- a/config/ks-core/templates/ks-router-cm.yaml +++ b/config/ks-core/templates/ks-router-cm.yaml @@ -2,7 +2,6 @@ apiVersion: v1 kind: ConfigMap metadata: name: ks-router-config - namespace: kubesphere-system data: ingress-controller-svc.yaml: |+ {{- include "ingress-controller-svc.yaml" . }} diff --git a/config/ks-core/templates/ks-router-config.tpl b/config/ks-core/templates/ks-router-config.tpl index 68b5c059a..69b001fdb 100644 --- a/config/ks-core/templates/ks-router-config.tpl +++ b/config/ks-core/templates/ks-router-config.tpl @@ -4,68 +4,68 @@ apiVersion: apps/v1 kind: Deployment metadata: - name: ks-router + name: ks-router spec: - replicas: 1 - selector: + replicas: 1 + selector: matchLabels: - app: kubesphere - component: ks-router - tier: backend - template: + app: kubesphere + component: ks-router + tier: backend + template: metadata: - labels: + labels: app: kubesphere component: ks-router tier: backend - annotations: + annotations: prometheus.io/port: '10254' prometheus.io/scrape: 'true' spec: - serviceAccountName: kubesphere-router-serviceaccount - containers: + serviceAccountName: kubesphere-router-serviceaccount + containers: - name: nginx-ingress-controller - image: {{ .Values.image.nginx_ingress_controller_repo }}:{{ .Values.image.nginx_ingress_controller_tag | default .Chart.AppVersion}} - args: + image: image: {{ .Values.image.nginx_ingress_controller_repo }}:{{ .Values.image.nginx_ingress_controller_tag | default .Chart.AppVersion}} + args: - /nginx-ingress-controller - --default-backend-service=$(POD_NAMESPACE)/default-http-backend - --annotations-prefix=nginx.ingress.kubernetes.io - --update-status - --update-status-on-shutdown - env: + env: - name: POD_NAME - valueFrom: + valueFrom: fieldRef: - fieldPath: metadata.name + fieldPath: metadata.name - name: POD_NAMESPACE - valueFrom: + valueFrom: fieldRef: - fieldPath: metadata.namespace - ports: - - name: http + fieldPath: metadata.namespace + ports: + - name: http containerPort: 80 - - name: https + - name: https containerPort: 443 - livenessProbe: + livenessProbe: failureThreshold: 3 httpGet: - path: /healthz - port: 10254 - scheme: HTTP + path: /healthz + port: 10254 + scheme: HTTP initialDelaySeconds: 10 periodSeconds: 10 successThreshold: 1 timeoutSeconds: 1 - readinessProbe: + readinessProbe: failureThreshold: 3 httpGet: - path: /healthz - port: 10254 - scheme: HTTP + path: /healthz + port: 10254 + scheme: HTTP periodSeconds: 10 successThreshold: 1 timeoutSeconds: 1 - securityContext: + securityContext: runAsNonRoot: false {{- end }} @@ -73,24 +73,24 @@ apiVersion: v1 kind: Service metadata: - name: kubesphere-router-gateway - labels: + name: kubesphere-router-gateway + labels: app: kubesphere component: ks-router tier: backend spec: - selector: + selector: app: kubesphere component: ks-router tier: backend - type: LoadBalancer - ports: + type: LoadBalancer + ports: - name: http - protocol: TCP - port: 80 - targetPort: 80 + protocol: TCP + port: 80 + targetPort: 80 - name: https - protocol: TCP - port: 443 - targetPort: 443 + protocol: TCP + port: 443 + targetPort: 443 {{- end }} \ No newline at end of file diff --git a/config/ks-core/templates/kubesphere-config.yaml b/config/ks-core/templates/kubesphere-config.yaml index 96fb32049..85c84245d 100644 --- a/config/ks-core/templates/kubesphere-config.yaml +++ b/config/ks-core/templates/kubesphere-config.yaml @@ -3,7 +3,6 @@ apiVersion: v1 kind: ConfigMap metadata: name: kubesphere-config - namespace: kubesphere-system data: kubesphere.yaml: | authentication: diff --git a/config/ks-core/templates/kubesphere-controls-system.yaml b/config/ks-core/templates/kubesphere-controls-system.yaml index aaf34b017..e5a17ac72 100644 --- a/config/ks-core/templates/kubesphere-controls-system.yaml +++ b/config/ks-core/templates/kubesphere-controls-system.yaml @@ -73,6 +73,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: name: system:kubesphere-router-role + namespace: kubesphere-controls-system annotations: kubernetes.io/created-by: kubesphere.io/ks-router rules: @@ -115,6 +116,7 @@ apiVersion: v1 kind: ServiceAccount metadata: name: kubesphere-router-serviceaccount + namespace: kubesphere-controls-system annotations: kubernetes.io/created-by: kubesphere.io/ks-router --- @@ -137,6 +139,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: name: nginx-ingress-role-nisa-binding + namespace: kubesphere-controls-system annotations: kubernetes.io/created-by: kubesphere.io/ks-router roleRef: @@ -152,6 +155,7 @@ apiVersion: apps/v1 kind: Deployment metadata: name: default-http-backend + namespace: kubesphere-controls-system labels: app: kubesphere component: kubesphere-router @@ -198,6 +202,7 @@ apiVersion: v1 kind: Service metadata: name: default-http-backend + namespace: kubesphere-controls-system labels: app: kubesphere component: kubesphere-router diff --git a/config/ks-core/templates/sample-bookinfo-configmap.yaml b/config/ks-core/templates/sample-bookinfo-configmap.yaml index bbfc3c1ab..0855e7f12 100644 --- a/config/ks-core/templates/sample-bookinfo-configmap.yaml +++ b/config/ks-core/templates/sample-bookinfo-configmap.yaml @@ -375,4 +375,3 @@ data: kind: ConfigMap metadata: name: sample-bookinfo - namespace: kubesphere-system diff --git a/config/ks-core/templates/serviceaccount.yaml b/config/ks-core/templates/serviceaccount.yaml index 4627bf3a3..0fa0ba760 100644 --- a/config/ks-core/templates/serviceaccount.yaml +++ b/config/ks-core/templates/serviceaccount.yaml @@ -23,4 +23,4 @@ roleRef: subjects: - kind: ServiceAccount name: kubesphere - namespace: kubesphere-system + namespace: {{ .Release.Namespace }} diff --git a/config/ks-core/templates/webhook.yaml b/config/ks-core/templates/webhook.yaml index f98c513dc..4276ba507 100644 --- a/config/ks-core/templates/webhook.yaml +++ b/config/ks-core/templates/webhook.yaml @@ -12,7 +12,6 @@ data: kind: Secret metadata: name: ks-controller-manager-webhook-cert - namespace: kubesphere-system type: Opaque --- apiVersion: admissionregistration.k8s.io/v1beta1 @@ -26,7 +25,7 @@ webhooks: caBundle: {{ b64enc $ca.Cert | quote }} service: name: ks-controller-manager - namespace: kubesphere-system + namespace: {{ .Release.Namespace }} path: /validate-email-iam-kubesphere-io-v1alpha2 port: 443 failurePolicy: Fail @@ -64,7 +63,7 @@ webhooks: caBundle: {{ b64enc $ca.Cert | quote }} service: name: ks-controller-manager - namespace: kubesphere-system + namespace: {{ .Release.Namespace }} path: /validate-network-kubesphere-io-v1alpha1 port: 443 failurePolicy: Fail @@ -102,7 +101,7 @@ webhooks: caBundle: {{ b64enc $ca.Cert | quote }} service: name: ks-controller-manager - namespace: kubesphere-system + namespace: {{ .Release.Namespace }} path: /validate-quota-kubesphere-io-v1alpha2 port: 443 failurePolicy: Ignore