Portworx: operator helm chart

charts/portworx/Chart.yaml

@@ -2,7 +2,7 @@ name: portworx
 version: 2.13.3
 description: A Helm chart for installing Portworx on Kubernetes.
 kubeVersion: ">=1.10.0"
-appVersion: "2.13.3"
+appVersion: 2.13.3
 apiVersion: v1
 keywords:
   - Storage

charts/portworx/clusterrolebinding.yaml

@@ -0,0 +1,13 @@
+---
+kind: ClusterRoleBinding
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+  name: portworx-operator
+subjects:
+  - kind: ServiceAccount
+    name: portworx-operator
+    namespace: {{ .Release.Namespace }}
+roleRef:
+  kind: ClusterRole
+  name: portworx-operator
+  apiGroup: rbac.authorization.k8s.io

charts/portworx/files/portworx-cluster-dashboard.json

@@ -333,7 +333,7 @@
             "#d44a3a"
           ],
           "datasource": "prometheus",
-          "format": "none",
+          "format": "null",
           "gauge": {
             "maxValue": 100,
             "minValue": 0,
@@ -508,7 +508,7 @@
             "#d44a3a"
           ],
           "datasource": "prometheus",
-          "format": "none",
+          "format": "null",
           "gauge": {
             "maxValue": 100,
             "minValue": 0,
@@ -600,7 +600,7 @@
             "#d44a3a"
           ],
           "datasource": "prometheus",
-          "format": "none",
+          "format": "null",
           "gauge": {
             "maxValue": 100,
             "minValue": 0,
@@ -972,4 +972,4 @@
       "title": "Portworx Cluster Dashboard",
       "uid": "xLgt8oTik",
       "version": 6
-    }	
+    }

charts/portworx/files/portworx-etcd-dashboard.json

@@ -67,7 +67,7 @@
           "datasource": "prometheus",
           "editable": true,
           "error": false,
-          "format": "none",
+          "format": "null",
           "gauge": {
             "maxValue": 100,
             "minValue": 0,

charts/portworx/files/portworx-node-dashboard.json

@@ -78,7 +78,7 @@
             "#d44a3a"
           ],
           "datasource": "prometheus",
-          "format": "none",
+          "format": "null",
           "gauge": {
             "maxValue": 100,
             "minValue": 0,
@@ -168,7 +168,7 @@
             "#d44a3a"
           ],
           "datasource": "prometheus",
-          "format": "none",
+          "format": "null",
           "gauge": {
             "maxValue": 100,
             "minValue": 0,

charts/portworx/files/portworx-volume-dashboard.json

@@ -434,7 +434,7 @@
             "rgba(50, 172, 45, 0.97)"
           ],
           "datasource": "prometheus",
-          "format": "none",
+          "format": "null",
           "gauge": {
             "maxValue": 3,
             "minValue": 0,
@@ -561,7 +561,7 @@
             "rgba(50, 172, 45, 0.97)"
           ],
           "datasource": "prometheus",
-          "format": "none",
+          "format": "null",
           "gauge": {
             "maxValue": 3,
             "minValue": 0,
@@ -1055,7 +1055,7 @@
             "rgba(50, 172, 45, 0.97)"
           ],
           "datasource": "prometheus",
-          "format": "none",
+          "format": "null",
           "gauge": {
             "maxValue": 3,
             "minValue": 0,
@@ -1477,7 +1477,7 @@
           "yaxes": [
             {
               "decimals": 0,
-              "format": "none",
+              "format": "null",
               "label": null,
               "logBase": 1,
               "max": null,
@@ -1950,7 +1950,7 @@
           },
           "yaxes": [
             {
-              "format": "none",
+              "format": "null",
               "label": "",
               "logBase": 1,
               "max": null,

charts/portworx/templates/_helpers.tpl

@@ -243,19 +243,19 @@ Generate a random token for storage provisioning
 
 {{- define "px.deprecatedKvdbArgs" }}
 {{- $result := "" }}
-{{- if ne .Values.etcd.credentials "none:none" }}
+{{- if ne .Values.etcd.credentials "null:null" }}
     {{- $result = printf "%s -userpwd %s" $result .Values.etcd.credentials }}
 {{- end }}
-{{- if ne .Values.etcd.ca "none" }}
+{{- if ne .Values.etcd.ca "null" }}
     {{- $result = printf "%s -ca %s" $result .Values.etcd.ca }}
 {{- end }}
-{{- if ne .Values.etcd.cert "none" }}
+{{- if ne .Values.etcd.cert "null" }}
     {{- $result = printf "%s -cert %s" $result .Values.etcd.cert }}
 {{- end }}
-{{- if ne .Values.etcd.key "none" }}
+{{- if ne .Values.etcd.key "null" }}
     {{- $result = printf "%s -key %s" $result .Values.etcd.key }}
 {{- end }}
-{{- if ne .Values.consul.token "none" }}
+{{- if ne .Values.consul.token "null" }}
     {{- $result = printf "%s -acltoken %s" $result .Values.consul.token }}
 {{- end }}
 {{- trim $result }}
@@ -266,7 +266,7 @@ Generate a random token for storage provisioning
 {{- if (include "px.deprecatedKvdbArgs" .) }}
     {{- $result = printf "%s %s" $result (include "px.deprecatedKvdbArgs" .) }}
 {{- end }}
-{{- if ne .Values.miscArgs "none" }}
+{{- if ne .Values.miscArgs "null" }}
     {{- $result = printf "%s %s" $result .Values.miscArgs }}
 {{- end }}
 {{- trim $result }}
@@ -277,7 +277,7 @@ Generate a random token for storage provisioning
 {{- if (default false .Values.isTargetOSCoreOS) }}
     {{- $result = true }}
 {{- end }}
-{{- if ne (default "none" .Values.etcd.certPath) "none" }}
+{{- if ne (default "null" .Values.etcd.certPath) "null" }}
     {{- $result = true }}
 {{- end }}
 {{- if .Values.volumes }}

charts/portworx/templates/clusterrole.yaml

@@ -0,0 +1,15 @@
+---
+kind: ClusterRole
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+  name: portworx-operator
+rules:
+  - apiGroups: ["*"]
+    resources: ["*"]
+    verbs: ["*"]
+  {{- if semverCompare "<1.25" (.Capabilities.KubeVersion.Version) }}
+  - apiGroups: ["policy"]
+    resources: ["podsecuritypolicies"]
+    resourceNames: ["px-operator"]
+    verbs: ["use"]
+  {{- end }}

charts/portworx/templates/clustertoken-serviceaccount.yaml

@@ -0,0 +1,14 @@
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ .Values.clusterToken.serviceAccountName }}
+  annotations:
+    helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded,hook-failed
+    helm.sh/hook: post-install
+  labels:
+    heritage: {{ .Release.Service }}
+    release: {{ .Release.Name }}
+    app.kubernetes.io/managed-by: {{ .Release.Service | quote }}
+    app.kubernetes.io/instance: {{ .Release.Name | quote }}
+    chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"

charts/portworx/templates/deployment.yaml

@@ -0,0 +1,48 @@
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: portworx-operator
+  namespace: {{ .Release.Namespace }}
+spec:
+  strategy:
+    rollingUpdate:
+      maxSurge: 1
+      maxUnavailable: 1
+    type: RollingUpdate
+  replicas: 1
+  selector:
+    matchLabels:
+      name: portworx-operator
+  template:
+    metadata:
+      labels:
+        name: portworx-operator
+    spec:
+      containers:
+        - name: portworx-operator
+          imagePullPolicy: Always
+          image: "{{ .Values.operator.image.repository }}:{{ default .Chart.AppVersion .Values.image.operator.tag }}"
+          command:
+            - /operator
+            - --verbose
+            - --driver=portworx
+            - --leader-elect=true
+          env:
+            - name: OPERATOR_NAME
+              value: portworx-operator
+            - name: POD_NAME
+              valueFrom:
+                fieldRef:
+                  fieldPath: metadata.name
+      affinity:
+        podAntiAffinity:
+          requiredDuringSchedulingIgnoredDuringExecution:
+            - labelSelector:
+                matchExpressions:
+                  - key: "name"
+                    operator: In
+                    values:
+                      - portworx-operator
+              topologyKey: "kubernetes.io/hostname"
+      serviceAccountName: portworx-operator

charts/portworx/templates/hooks/clusterrole.yaml

@@ -0,0 +1,15 @@
+---
+kind: ClusterRole
+apiVersion: {{ template "rbac.apiVersion" . }}
+metadata:
+  annotations:
+    helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded
+    helm.sh/hook: post-install,pre-upgrade,pre-delete
+  name: {{ template "px.hookClusterRole" . }}
+rules:
+  # for daemonset to operator migration, we need hooks for all resources deployed by daemonset, due to resources are
+  # different in different helm charts (GCP, IKS, Rancher and portworx), we use wild card here. After daemonset
+  # migration is finished for all customers we shall change this back to limited access.
+  - apiGroups: ["*"]
+    resources: ["*"]
+    verbs: ["*"]

charts/portworx/templates/hooks/clusterrolebinding.yaml

@@ -0,0 +1,17 @@
+---
+kind: ClusterRoleBinding
+apiVersion: {{ template "rbac.apiVersion" . }}
+metadata:
+  annotations:
+    helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded
+    helm.sh/hook: "post-install,pre-upgrade,pre-delete"
+  name: {{ template "px.hookClusterRoleBinding" . }}
+subjects:
+  - kind: ServiceAccount
+    name: {{ template "px.hookServiceAccount" . }}
+    namespace: {{ .Release.Namespace }}
+roleRef:
+  kind: ClusterRole
+  name: {{ template "px.hookClusterRole" . }}
+  apiGroup: rbac.authorization.k8s.io
+{{- end }}

charts/portworx/templates/hooks/post-install/px-create-cluster-token.yaml

@@ -1,35 +1,37 @@
-{{- if (.Values.clusterToken.create) }}
-  {{- $customRegistryURL := .Values.customRegistryURL | default "none" }}
-  {{- $registrySecret := .Values.registrySecret | default "none" }}
-
+{{- if .Values.clusterToken.create }}
+{{- $customRegistryURL := .Values.customRegistryURL | default "null" }}
+{{- $registrySecret := .Values.registrySecret | default "null" }}
 apiVersion: batch/v1
 kind: Job
 metadata:
+<<<<<<< HEAD
   namespace: {{ template "px.getDeploymentNamespace" . }}
+=======
+>>>>>>> 593b69e (Portworx: operator helm chart)
   name: px-set-cluster-token
   labels:
-    heritage: {{.Release.Service | quote }}
-    release: {{.Release.Name | quote }}
-    chart: "{{.Chart.Name}}-{{.Chart.Version}}"
-    app.kubernetes.io/managed-by: {{.Release.Service | quote }}
-    app.kubernetes.io/instance: {{.Release.Name | quote }}
+    heritage: {{ .Release.Service | quote }}
+    release: {{ .Release.Name | quote }}
+    chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
+    app.kubernetes.io/managed-by: {{ .Release.Service | quote }}
+    app.kubernetes.io/instance: {{ .Release.Name | quote }}
   annotations:
-    "helm.sh/hook": post-install
-    "helm.sh/hook-weight": "10"
-    "helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded
+    helm.sh/hook: post-install
+    helm.sh/hook-weight: "10"
+    helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded
 spec:
   backoffLimit: 0
   template:
     spec:
-      {{- if not (eq $registrySecret "none") }}
+      {{- if not (eq $registrySecret "null") }}
       imagePullSecrets:
         - name: {{ $registrySecret }}
       {{- end }}
       restartPolicy: Never
       serviceAccountName: {{ .Values.clusterToken.serviceAccountName }}
       containers:
         - name: post-install-job
-          {{- if eq $customRegistryURL "none" }}
+          {{- if eq $customRegistryURL "null" }}
           image: "bitnami/kubectl:{{ template "px.kubectlImageTag" . }}"
           {{- else}}
           image: "{{ $customRegistryURL }}/bitnami/kubectl:{{ template "px.kubectlImageTag" . }}"
@@ -46,7 +48,7 @@ spec:
               kubectl -n $NS exec -c portworx $readyPortworxPod -- /opt/pwx/bin/pxctl secrets set-cluster-key --secret $KEY
       initContainers:
         - name: post-install-job-init
-          {{- if eq $customRegistryURL "none" }}
+          {{- if eq $customRegistryURL "null" }}
           image: "bitnami/kubectl:{{ template "px.kubectlImageTag" . }}"
           {{- else}}
           image: "{{ $customRegistryURL }}/bitnami/kubectl:{{ template "px.kubectlImageTag" . }}"
@@ -64,6 +66,7 @@ spec:
                 sleep 5
                 output=$(kubectl -n $NS get pods -l name=portworx -o 'jsonpath={..status.conditions[?(@.type=="Ready")].status}')
               done
+<<<<<<< HEAD
 ---
 apiVersion: v1
 kind: ServiceAccount
@@ -131,4 +134,6 @@ metadata:
 type: "Opaque"
 data:
   cluster-wide-secret-key: {{ template "portworx-cluster-key"  }}
+=======
+>>>>>>> 593b69e (Portworx: operator helm chart)
 {{- end }}