From 3468c3467de6cef68b16c4765f192a45ab540406 Mon Sep 17 00:00:00 2001 From: Pete Brown Date: Tue, 11 Sep 2018 15:04:10 -0400 Subject: [PATCH 1/7] Fix #17: Make RBAC resources unique and optional Problem: With the current Chart RBAC resource names are hard coded and not optional so it's impossible to deploy more than one instance in a namespace Solution: This uses the helper f5-bigip-ctlr.fullname as the name of each resource to it's unique. It also add variables to make the RBAc resources optional. You can also set the name of the service account to use so you can use it across all deploys. Testing (optional if not described in Solution section): Description of tests that were run to exercise the solutions (unit tests, system tests, etc) --- src/incubator/f5-bigip-ctlr/Chart.yaml | 7 ++++- .../f5-bigip-ctlr/templates/_helpers.tpl | 27 +++++++++++++++++++ .../templates/f5-bigip-ctlr-clusterrole.yaml | 6 +++-- .../f5-bigip-ctlr-clusterrolebinding.yaml | 12 +++++---- .../templates/f5-bigip-ctlr-deploy.yaml | 6 ++--- .../f5-bigip-ctlr-serviceaccount.yaml | 12 ++++++--- src/incubator/f5-bigip-ctlr/values.yaml | 15 ++++++++--- 7 files changed, 67 insertions(+), 18 deletions(-) diff --git a/src/incubator/f5-bigip-ctlr/Chart.yaml b/src/incubator/f5-bigip-ctlr/Chart.yaml index 7d76edc89..cc462d238 100644 --- a/src/incubator/f5-bigip-ctlr/Chart.yaml +++ b/src/incubator/f5-bigip-ctlr/Chart.yaml @@ -1,4 +1,9 @@ apiVersion: v1 description: Deploy the F5 Networks BIG-IP Controller for Kubernetes and OpenShift (k8s-bigip-ctlr). name: f5-bigip-ctlr -version: 0.0.4 +version: 0.1.0 +home: https://github.com/F5Networks/charts +keywords: + - f5-bigip +sources: + - https://clouddocs.f5.com/containers/v2/kubernetes/kctlr-k8s-ingress-ctlr.html diff --git a/src/incubator/f5-bigip-ctlr/templates/_helpers.tpl b/src/incubator/f5-bigip-ctlr/templates/_helpers.tpl index f5e1ca8c5..874352b75 100644 --- a/src/incubator/f5-bigip-ctlr/templates/_helpers.tpl +++ b/src/incubator/f5-bigip-ctlr/templates/_helpers.tpl @@ -9,8 +9,35 @@ Expand the name of the chart. {{/* Create a default fully qualified app name. We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. */}} {{- define "f5-bigip-ctlr.fullname" -}} +{{- if .Values.fullnameOverride -}} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} +{{- else -}} {{- $name := default .Chart.Name .Values.nameOverride -}} +{{- if contains $name .Release.Name -}} +{{- .Release.Name | trunc 63 | trimSuffix "-" -}} +{{- else -}} {{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} {{- end -}} +{{- end -}} +{{- end -}} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "f5-bigip-ctlr.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Create the name of the service account to use +*/}} +{{- define "cert-manager.serviceAccountName" -}} +{{- if .Values.serviceAccount.create -}} + {{ default (include "cert-manager.fullname" .) .Values.serviceAccount.name }} +{{- else -}} + {{ default "default" .Values.serviceAccount.name }} +{{- end -}} +{{- end -}} diff --git a/src/incubator/f5-bigip-ctlr/templates/f5-bigip-ctlr-clusterrole.yaml b/src/incubator/f5-bigip-ctlr/templates/f5-bigip-ctlr-clusterrole.yaml index 33d482593..aae22f577 100644 --- a/src/incubator/f5-bigip-ctlr/templates/f5-bigip-ctlr-clusterrole.yaml +++ b/src/incubator/f5-bigip-ctlr/templates/f5-bigip-ctlr-clusterrole.yaml @@ -1,10 +1,11 @@ +{{- if .Values.rbac.create -}} kind: ClusterRole apiVersion: rbac.authorization.k8s.io/v1beta1 metadata: - name: f5-bigip-ctlr-clusterrole + name: {{ template "f5-bigip-ctlr.fullname" . }} labels: app: {{ template "f5-bigip-ctlr.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + chart: {{ template "f5-bigip-ctlr.chart" . }} release: {{ .Release.Name }} heritage: {{ .Release.Service }} rules: @@ -37,3 +38,4 @@ rules: - update - create - patch +{{- end -}} diff --git a/src/incubator/f5-bigip-ctlr/templates/f5-bigip-ctlr-clusterrolebinding.yaml b/src/incubator/f5-bigip-ctlr/templates/f5-bigip-ctlr-clusterrolebinding.yaml index 898aa1014..d5b567988 100644 --- a/src/incubator/f5-bigip-ctlr/templates/f5-bigip-ctlr-clusterrolebinding.yaml +++ b/src/incubator/f5-bigip-ctlr/templates/f5-bigip-ctlr-clusterrolebinding.yaml @@ -1,11 +1,12 @@ +{{- if .Values.rbac.create -}} kind: ClusterRoleBinding apiVersion: rbac.authorization.k8s.io/v1beta1 metadata: - name: f5-bigip-ctlr-clusterrolebinding - namespace: kube-system + name: {{ template "f5-bigip-ctlr.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: app: {{ template "f5-bigip-ctlr.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + chart: {{ template "f5-bigip-ctlr.chart" . }} release: {{ .Release.Name }} heritage: {{ .Release.Service }} roleRef: @@ -14,5 +15,6 @@ roleRef: name: f5-bigip-ctlr-clusterrole subjects: - kind: ServiceAccount - name: f5-bigip-ctlr-serviceaccount - namespace: kube-system + name: {{ template "f5-bigip-ctlr.serviceAccountName" . }} + namespace: {{ .Release.Namespace | quote }} +{{- end -}} diff --git a/src/incubator/f5-bigip-ctlr/templates/f5-bigip-ctlr-deploy.yaml b/src/incubator/f5-bigip-ctlr/templates/f5-bigip-ctlr-deploy.yaml index 3a8acba98..7d53f3a14 100644 --- a/src/incubator/f5-bigip-ctlr/templates/f5-bigip-ctlr-deploy.yaml +++ b/src/incubator/f5-bigip-ctlr/templates/f5-bigip-ctlr-deploy.yaml @@ -9,10 +9,10 @@ apiVersion: extensions/v1beta1 kind: Deployment metadata: name: {{ template "f5-bigip-ctlr.fullname" . }} - namespace: {{ .Values.namespace }} + namespace: {{ .Release.Namespace | quote }} labels: app: {{ template "f5-bigip-ctlr.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "-" }} + chart: {{ template "f5-bigip-ctlr.chart" . }} release: {{ .Release.Name }} heritage: {{ .Release.Service }} spec: @@ -23,7 +23,7 @@ spec: app: {{ template "f5-bigip-ctlr.name" . }} release: {{ .Release.Name }} spec: - serviceAccountName: {{ .Values.serviceaccount }} + serviceAccountName: {{ template "f5-bigip-ctlr.serviceAccountName" . }} {{- if .Values.image.pullSecrets }} imagePullSecrets: {{- range $pullSecret := .Values.image.pullSecrets }} diff --git a/src/incubator/f5-bigip-ctlr/templates/f5-bigip-ctlr-serviceaccount.yaml b/src/incubator/f5-bigip-ctlr/templates/f5-bigip-ctlr-serviceaccount.yaml index 5c9e869e7..52112bb18 100644 --- a/src/incubator/f5-bigip-ctlr/templates/f5-bigip-ctlr-serviceaccount.yaml +++ b/src/incubator/f5-bigip-ctlr/templates/f5-bigip-ctlr-serviceaccount.yaml @@ -1,10 +1,14 @@ +{{- if .Values.rbac.create -}} +{{- if .Values.serviceAccount.create -}} apiVersion: v1 kind: ServiceAccount metadata: - name: f5-bigip-ctlr-serviceaccount - namespace: kube-system + name: {{ template "f5-bigip-ctlr.fullname" . }} + namespace: {{ .Release.Namespace | quote }} labels: app: {{ template "f5-bigip-ctlr.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + chart: {{ template "f5-bigip-ctlr.chart" . }} release: {{ .Release.Name }} - heritage: {{ .Release.Service }} + heritage: {{ .Release.Service }} +{{- end -}} +{{- end -}} diff --git a/src/incubator/f5-bigip-ctlr/values.yaml b/src/incubator/f5-bigip-ctlr/values.yaml index f888276cd..d24828bcd 100644 --- a/src/incubator/f5-bigip-ctlr/values.yaml +++ b/src/incubator/f5-bigip-ctlr/values.yaml @@ -6,9 +6,18 @@ # To create a secret using kubectl see # http://clouddocs.f5.com/containers/latest/kubernetes/kctlr-secrets.html#secret-bigip-login bigip_login_secret: f5-bigip-ctlr-login -serviceaccount: f5-bigip-ctlr-serviceaccount -# This namespace is where the Controller lives; -namespace: kube-system + +rbac: + # Specifies whether RBAC resources should be created + create: true + +serviceAccount: + # Specifies whether a service account should be created + create: true + # The name of the service account to use. + # If not set and create is true, a name is generated using the fullname template + name: + args: # See http://clouddocs.f5.com/products/connectors/k8s-bigip-ctlr/latest/#controller-configuration-parameters # NOTE: helm has difficulty with values using `-`; `_` are used for naming From 0d562c8a45da37348ef081635d44f0c3282f270c Mon Sep 17 00:00:00 2001 From: Pete Brown Date: Wed, 12 Sep 2018 14:02:29 -0400 Subject: [PATCH 2/7] Fix name of ServiceAccount --- src/incubator/f5-bigip-ctlr/templates/_helpers.tpl | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/incubator/f5-bigip-ctlr/templates/_helpers.tpl b/src/incubator/f5-bigip-ctlr/templates/_helpers.tpl index 874352b75..7b18eb30e 100644 --- a/src/incubator/f5-bigip-ctlr/templates/_helpers.tpl +++ b/src/incubator/f5-bigip-ctlr/templates/_helpers.tpl @@ -34,9 +34,9 @@ Create chart name and version as used by the chart label. {{/* Create the name of the service account to use */}} -{{- define "cert-manager.serviceAccountName" -}} +{{- define "f5-bigip-ctlr.serviceAccountName" -}} {{- if .Values.serviceAccount.create -}} - {{ default (include "cert-manager.fullname" .) .Values.serviceAccount.name }} + {{ default (include "f5-bigip-ctlr.fullname" .) .Values.serviceAccount.name }} {{- else -}} {{ default "default" .Values.serviceAccount.name }} {{- end -}} From 8dfae0c017a4369aba034895d17f8c0db6163841 Mon Sep 17 00:00:00 2001 From: Pete Brown Date: Wed, 12 Sep 2018 14:39:22 -0400 Subject: [PATCH 3/7] Remove namespace from resources. Fix name of ClusterRole in ClusterRoleBinding --- .../templates/f5-bigip-ctlr-clusterrolebinding.yaml | 3 +-- .../f5-bigip-ctlr/templates/f5-bigip-ctlr-deploy.yaml | 1 - .../f5-bigip-ctlr/templates/f5-bigip-ctlr-serviceaccount.yaml | 1 - 3 files changed, 1 insertion(+), 4 deletions(-) diff --git a/src/incubator/f5-bigip-ctlr/templates/f5-bigip-ctlr-clusterrolebinding.yaml b/src/incubator/f5-bigip-ctlr/templates/f5-bigip-ctlr-clusterrolebinding.yaml index d5b567988..bc5e19a41 100644 --- a/src/incubator/f5-bigip-ctlr/templates/f5-bigip-ctlr-clusterrolebinding.yaml +++ b/src/incubator/f5-bigip-ctlr/templates/f5-bigip-ctlr-clusterrolebinding.yaml @@ -3,7 +3,6 @@ kind: ClusterRoleBinding apiVersion: rbac.authorization.k8s.io/v1beta1 metadata: name: {{ template "f5-bigip-ctlr.fullname" . }} - namespace: {{ .Release.Namespace | quote }} labels: app: {{ template "f5-bigip-ctlr.name" . }} chart: {{ template "f5-bigip-ctlr.chart" . }} @@ -12,7 +11,7 @@ metadata: roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole - name: f5-bigip-ctlr-clusterrole + name: {{ template "f5-bigip-ctlr.fullname" . }} subjects: - kind: ServiceAccount name: {{ template "f5-bigip-ctlr.serviceAccountName" . }} diff --git a/src/incubator/f5-bigip-ctlr/templates/f5-bigip-ctlr-deploy.yaml b/src/incubator/f5-bigip-ctlr/templates/f5-bigip-ctlr-deploy.yaml index 7d53f3a14..109298600 100644 --- a/src/incubator/f5-bigip-ctlr/templates/f5-bigip-ctlr-deploy.yaml +++ b/src/incubator/f5-bigip-ctlr/templates/f5-bigip-ctlr-deploy.yaml @@ -9,7 +9,6 @@ apiVersion: extensions/v1beta1 kind: Deployment metadata: name: {{ template "f5-bigip-ctlr.fullname" . }} - namespace: {{ .Release.Namespace | quote }} labels: app: {{ template "f5-bigip-ctlr.name" . }} chart: {{ template "f5-bigip-ctlr.chart" . }} diff --git a/src/incubator/f5-bigip-ctlr/templates/f5-bigip-ctlr-serviceaccount.yaml b/src/incubator/f5-bigip-ctlr/templates/f5-bigip-ctlr-serviceaccount.yaml index 52112bb18..82cf570a9 100644 --- a/src/incubator/f5-bigip-ctlr/templates/f5-bigip-ctlr-serviceaccount.yaml +++ b/src/incubator/f5-bigip-ctlr/templates/f5-bigip-ctlr-serviceaccount.yaml @@ -4,7 +4,6 @@ apiVersion: v1 kind: ServiceAccount metadata: name: {{ template "f5-bigip-ctlr.fullname" . }} - namespace: {{ .Release.Namespace | quote }} labels: app: {{ template "f5-bigip-ctlr.name" . }} chart: {{ template "f5-bigip-ctlr.chart" . }} From 03cc231ac40f8350fc4291b96da773b5cebd7cf4 Mon Sep 17 00:00:00 2001 From: Pete Brown Date: Mon, 12 Nov 2018 07:47:54 -0500 Subject: [PATCH 4/7] Set version to 0.0.5 --- src/incubator/f5-bigip-ctlr/Chart.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/incubator/f5-bigip-ctlr/Chart.yaml b/src/incubator/f5-bigip-ctlr/Chart.yaml index cc462d238..18493bc9e 100644 --- a/src/incubator/f5-bigip-ctlr/Chart.yaml +++ b/src/incubator/f5-bigip-ctlr/Chart.yaml @@ -1,7 +1,7 @@ apiVersion: v1 description: Deploy the F5 Networks BIG-IP Controller for Kubernetes and OpenShift (k8s-bigip-ctlr). name: f5-bigip-ctlr -version: 0.1.0 +version: 0.0.5 home: https://github.com/F5Networks/charts keywords: - f5-bigip From 6b215d2b348562ae3684d2e3f736ebd9bbf7478a Mon Sep 17 00:00:00 2001 From: Eric Chen Date: Thu, 25 Apr 2019 03:58:35 -0400 Subject: [PATCH 5/7] merge in PR #17 into stable --- src/stable/f5-bigip-ctlr/Chart.yaml | 2 +- .../f5-bigip-ctlr/templates/_helpers.tpl | 27 +++++++++++++++++++ .../templates/f5-bigip-ctlr-clusterrole.yaml | 6 +++-- .../f5-bigip-ctlr-clusterrolebinding.yaml | 13 ++++----- .../templates/f5-bigip-ctlr-deploy.yaml | 11 +++++--- .../f5-bigip-ctlr-serviceaccount.yaml | 11 +++++--- src/stable/f5-bigip-ctlr/values.yaml | 14 ++++++++-- 7 files changed, 66 insertions(+), 18 deletions(-) diff --git a/src/stable/f5-bigip-ctlr/Chart.yaml b/src/stable/f5-bigip-ctlr/Chart.yaml index 11b49c36f..201a56814 100644 --- a/src/stable/f5-bigip-ctlr/Chart.yaml +++ b/src/stable/f5-bigip-ctlr/Chart.yaml @@ -1,4 +1,4 @@ apiVersion: v1 description: Deploy the F5 Networks BIG-IP Controller for Kubernetes and OpenShift (k8s-bigip-ctlr). name: f5-bigip-ctlr -version: 0.0.3 +version: 0.0.5 diff --git a/src/stable/f5-bigip-ctlr/templates/_helpers.tpl b/src/stable/f5-bigip-ctlr/templates/_helpers.tpl index f5e1ca8c5..7b18eb30e 100644 --- a/src/stable/f5-bigip-ctlr/templates/_helpers.tpl +++ b/src/stable/f5-bigip-ctlr/templates/_helpers.tpl @@ -9,8 +9,35 @@ Expand the name of the chart. {{/* Create a default fully qualified app name. We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. */}} {{- define "f5-bigip-ctlr.fullname" -}} +{{- if .Values.fullnameOverride -}} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} +{{- else -}} {{- $name := default .Chart.Name .Values.nameOverride -}} +{{- if contains $name .Release.Name -}} +{{- .Release.Name | trunc 63 | trimSuffix "-" -}} +{{- else -}} {{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} {{- end -}} +{{- end -}} +{{- end -}} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "f5-bigip-ctlr.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Create the name of the service account to use +*/}} +{{- define "f5-bigip-ctlr.serviceAccountName" -}} +{{- if .Values.serviceAccount.create -}} + {{ default (include "f5-bigip-ctlr.fullname" .) .Values.serviceAccount.name }} +{{- else -}} + {{ default "default" .Values.serviceAccount.name }} +{{- end -}} +{{- end -}} diff --git a/src/stable/f5-bigip-ctlr/templates/f5-bigip-ctlr-clusterrole.yaml b/src/stable/f5-bigip-ctlr/templates/f5-bigip-ctlr-clusterrole.yaml index 33d482593..aae22f577 100644 --- a/src/stable/f5-bigip-ctlr/templates/f5-bigip-ctlr-clusterrole.yaml +++ b/src/stable/f5-bigip-ctlr/templates/f5-bigip-ctlr-clusterrole.yaml @@ -1,10 +1,11 @@ +{{- if .Values.rbac.create -}} kind: ClusterRole apiVersion: rbac.authorization.k8s.io/v1beta1 metadata: - name: f5-bigip-ctlr-clusterrole + name: {{ template "f5-bigip-ctlr.fullname" . }} labels: app: {{ template "f5-bigip-ctlr.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + chart: {{ template "f5-bigip-ctlr.chart" . }} release: {{ .Release.Name }} heritage: {{ .Release.Service }} rules: @@ -37,3 +38,4 @@ rules: - update - create - patch +{{- end -}} diff --git a/src/stable/f5-bigip-ctlr/templates/f5-bigip-ctlr-clusterrolebinding.yaml b/src/stable/f5-bigip-ctlr/templates/f5-bigip-ctlr-clusterrolebinding.yaml index 898aa1014..bc5e19a41 100644 --- a/src/stable/f5-bigip-ctlr/templates/f5-bigip-ctlr-clusterrolebinding.yaml +++ b/src/stable/f5-bigip-ctlr/templates/f5-bigip-ctlr-clusterrolebinding.yaml @@ -1,18 +1,19 @@ +{{- if .Values.rbac.create -}} kind: ClusterRoleBinding apiVersion: rbac.authorization.k8s.io/v1beta1 metadata: - name: f5-bigip-ctlr-clusterrolebinding - namespace: kube-system + name: {{ template "f5-bigip-ctlr.fullname" . }} labels: app: {{ template "f5-bigip-ctlr.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + chart: {{ template "f5-bigip-ctlr.chart" . }} release: {{ .Release.Name }} heritage: {{ .Release.Service }} roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole - name: f5-bigip-ctlr-clusterrole + name: {{ template "f5-bigip-ctlr.fullname" . }} subjects: - kind: ServiceAccount - name: f5-bigip-ctlr-serviceaccount - namespace: kube-system + name: {{ template "f5-bigip-ctlr.serviceAccountName" . }} + namespace: {{ .Release.Namespace | quote }} +{{- end -}} diff --git a/src/stable/f5-bigip-ctlr/templates/f5-bigip-ctlr-deploy.yaml b/src/stable/f5-bigip-ctlr/templates/f5-bigip-ctlr-deploy.yaml index 36649bb5a..109298600 100644 --- a/src/stable/f5-bigip-ctlr/templates/f5-bigip-ctlr-deploy.yaml +++ b/src/stable/f5-bigip-ctlr/templates/f5-bigip-ctlr-deploy.yaml @@ -9,10 +9,9 @@ apiVersion: extensions/v1beta1 kind: Deployment metadata: name: {{ template "f5-bigip-ctlr.fullname" . }} - namespace: {{ .Values.namespace }} labels: app: {{ template "f5-bigip-ctlr.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "-" }} + chart: {{ template "f5-bigip-ctlr.chart" . }} release: {{ .Release.Name }} heritage: {{ .Release.Service }} spec: @@ -23,7 +22,13 @@ spec: app: {{ template "f5-bigip-ctlr.name" . }} release: {{ .Release.Name }} spec: - serviceAccountName: {{ .Values.serviceaccount }} + serviceAccountName: {{ template "f5-bigip-ctlr.serviceAccountName" . }} +{{- if .Values.image.pullSecrets }} + imagePullSecrets: + {{- range $pullSecret := .Values.image.pullSecrets }} + - name: {{ $pullSecret }} + {{- end }} +{{- end }} containers: - name: {{ template "f5-bigip-ctlr.name" . }} image: "{{ .Values.image.user }}/{{ .Values.image.repo }}:{{ .Values.image.tag }}" diff --git a/src/stable/f5-bigip-ctlr/templates/f5-bigip-ctlr-serviceaccount.yaml b/src/stable/f5-bigip-ctlr/templates/f5-bigip-ctlr-serviceaccount.yaml index 5c9e869e7..82cf570a9 100644 --- a/src/stable/f5-bigip-ctlr/templates/f5-bigip-ctlr-serviceaccount.yaml +++ b/src/stable/f5-bigip-ctlr/templates/f5-bigip-ctlr-serviceaccount.yaml @@ -1,10 +1,13 @@ +{{- if .Values.rbac.create -}} +{{- if .Values.serviceAccount.create -}} apiVersion: v1 kind: ServiceAccount metadata: - name: f5-bigip-ctlr-serviceaccount - namespace: kube-system + name: {{ template "f5-bigip-ctlr.fullname" . }} labels: app: {{ template "f5-bigip-ctlr.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + chart: {{ template "f5-bigip-ctlr.chart" . }} release: {{ .Release.Name }} - heritage: {{ .Release.Service }} + heritage: {{ .Release.Service }} +{{- end -}} +{{- end -}} diff --git a/src/stable/f5-bigip-ctlr/values.yaml b/src/stable/f5-bigip-ctlr/values.yaml index 1cebc7c62..2832144b9 100644 --- a/src/stable/f5-bigip-ctlr/values.yaml +++ b/src/stable/f5-bigip-ctlr/values.yaml @@ -7,8 +7,18 @@ # http://clouddocs.f5.com/containers/latest/kubernetes/kctlr-secrets.html#secret-bigip-login bigip_login_secret: f5-bigip-ctlr-login serviceaccount: f5-bigip-ctlr-serviceaccount -# This namespace is where the Controller lives; -namespace: kube-system + +rbac: + # Specifies whether RBAC resources should be created + create: true + +serviceAccount: + # Specifies whether a service account should be created + create: true + # The name of the service account to use. + # If not set and create is true, a name is generated using the fullname template + name: + args: # See http://clouddocs.f5.com/products/connectors/k8s-bigip-ctlr/latest/#controller-configuration-parameters # NOTE: helm has difficulty with values using `-`; `_` are used for naming From d59c9629807b3a590827d7d97d23d5bc8cdef0f5 Mon Sep 17 00:00:00 2001 From: Eric Chen Date: Thu, 25 Apr 2019 04:32:45 -0400 Subject: [PATCH 6/7] default to using credentials directory --- src/stable/f5-bigip-ctlr/Chart.yaml | 9 +++++++-- .../templates/f5-bigip-ctlr-deploy.yaml | 16 ++++++++++++++++ 2 files changed, 23 insertions(+), 2 deletions(-) diff --git a/src/stable/f5-bigip-ctlr/Chart.yaml b/src/stable/f5-bigip-ctlr/Chart.yaml index 201a56814..452f83165 100644 --- a/src/stable/f5-bigip-ctlr/Chart.yaml +++ b/src/stable/f5-bigip-ctlr/Chart.yaml @@ -1,4 +1,9 @@ apiVersion: v1 -description: Deploy the F5 Networks BIG-IP Controller for Kubernetes and OpenShift (k8s-bigip-ctlr). +description: Deploy the F5 Networks BIG-IP Controller for Kubernetes and OpenShift (k8s-bigip-ctlr). name: f5-bigip-ctlr -version: 0.0.5 +version: 0.0.6 +home: https://github.com/F5Networks/charts +keywords: + - f5-bigip +sources: + - https://clouddocs.f5.com/containers/v2/kubernetes/kctlr-k8s-ingress-ctlr.html diff --git a/src/stable/f5-bigip-ctlr/templates/f5-bigip-ctlr-deploy.yaml b/src/stable/f5-bigip-ctlr/templates/f5-bigip-ctlr-deploy.yaml index 109298600..851f0071a 100644 --- a/src/stable/f5-bigip-ctlr/templates/f5-bigip-ctlr-deploy.yaml +++ b/src/stable/f5-bigip-ctlr/templates/f5-bigip-ctlr-deploy.yaml @@ -32,6 +32,7 @@ spec: containers: - name: {{ template "f5-bigip-ctlr.name" . }} image: "{{ .Values.image.user }}/{{ .Values.image.repo }}:{{ .Values.image.tag }}" +{{- if .Values.secrets_env }} env: - name: BIGIP_USERNAME valueFrom: @@ -43,14 +44,29 @@ spec: secretKeyRef: name: {{ .Values.bigip_login_secret }} key: password +{{ else }} + volumeMounts: + - name: bigip-creds + mountPath: "/tmp/creds" + readOnly: true + volumes: + - name: bigip-creds + secret: + secretName: {{ .Values.bigip_login_secret }} +{{- end }} imagePullPolicy: {{ .Values.image.pullPolicy }} command: - /app/bin/k8s-bigip-ctlr args: +{{- if .Values.secrets_env }} - --bigip-username - $(BIGIP_USERNAME) - --bigip-password - $(BIGIP_PASSWORD) +{{ else }} + - --credentials-directory + - /tmp/creds +{{- end }} {{- range $key, $value := .Values.args }} - --{{ $key | replace "_" "-"}} - {{ $value | quote }} From a6dfafcd4886370a9df13bfbee40175df2a9b13d Mon Sep 17 00:00:00 2001 From: Eric Chen Date: Thu, 25 Apr 2019 04:53:01 -0400 Subject: [PATCH 7/7] default to using credentials directory --- src/incubator/f5-bigip-ctlr/Chart.yaml | 2 +- .../templates/f5-bigip-ctlr-deploy.yaml | 18 ++++++++++++++++++ .../templates/f5-bigip-ctlr-deploy.yaml | 10 ++++++---- 3 files changed, 25 insertions(+), 5 deletions(-) diff --git a/src/incubator/f5-bigip-ctlr/Chart.yaml b/src/incubator/f5-bigip-ctlr/Chart.yaml index 18493bc9e..452f83165 100644 --- a/src/incubator/f5-bigip-ctlr/Chart.yaml +++ b/src/incubator/f5-bigip-ctlr/Chart.yaml @@ -1,7 +1,7 @@ apiVersion: v1 description: Deploy the F5 Networks BIG-IP Controller for Kubernetes and OpenShift (k8s-bigip-ctlr). name: f5-bigip-ctlr -version: 0.0.5 +version: 0.0.6 home: https://github.com/F5Networks/charts keywords: - f5-bigip diff --git a/src/incubator/f5-bigip-ctlr/templates/f5-bigip-ctlr-deploy.yaml b/src/incubator/f5-bigip-ctlr/templates/f5-bigip-ctlr-deploy.yaml index 109298600..dae776afb 100644 --- a/src/incubator/f5-bigip-ctlr/templates/f5-bigip-ctlr-deploy.yaml +++ b/src/incubator/f5-bigip-ctlr/templates/f5-bigip-ctlr-deploy.yaml @@ -32,6 +32,7 @@ spec: containers: - name: {{ template "f5-bigip-ctlr.name" . }} image: "{{ .Values.image.user }}/{{ .Values.image.repo }}:{{ .Values.image.tag }}" +{{- if .Values.secrets_env }} env: - name: BIGIP_USERNAME valueFrom: @@ -43,16 +44,33 @@ spec: secretKeyRef: name: {{ .Values.bigip_login_secret }} key: password +{{ else }} + volumeMounts: + - name: bigip-creds + mountPath: "/tmp/creds" + readOnly: true +{{- end }} imagePullPolicy: {{ .Values.image.pullPolicy }} command: - /app/bin/k8s-bigip-ctlr args: +{{- if .Values.secrets_env }} - --bigip-username - $(BIGIP_USERNAME) - --bigip-password - $(BIGIP_PASSWORD) +{{ else }} + - --credentials-directory + - /tmp/creds +{{- end }} {{- range $key, $value := .Values.args }} - --{{ $key | replace "_" "-"}} - {{ $value | quote }} {{- end }} +{{- if not .Values.secret_env }} + volumes: + - name: bigip-creds + secret: + secretName: {{ .Values.bigip_login_secret }} +{{- end }} {{- end }} diff --git a/src/stable/f5-bigip-ctlr/templates/f5-bigip-ctlr-deploy.yaml b/src/stable/f5-bigip-ctlr/templates/f5-bigip-ctlr-deploy.yaml index 851f0071a..dae776afb 100644 --- a/src/stable/f5-bigip-ctlr/templates/f5-bigip-ctlr-deploy.yaml +++ b/src/stable/f5-bigip-ctlr/templates/f5-bigip-ctlr-deploy.yaml @@ -49,10 +49,6 @@ spec: - name: bigip-creds mountPath: "/tmp/creds" readOnly: true - volumes: - - name: bigip-creds - secret: - secretName: {{ .Values.bigip_login_secret }} {{- end }} imagePullPolicy: {{ .Values.image.pullPolicy }} command: @@ -71,4 +67,10 @@ spec: - --{{ $key | replace "_" "-"}} - {{ $value | quote }} {{- end }} +{{- if not .Values.secret_env }} + volumes: + - name: bigip-creds + secret: + secretName: {{ .Values.bigip_login_secret }} +{{- end }} {{- end }}