Add back vk-for-aks

2018-08-06 17:42:37 -04:00
parent 9bf226d02e
commit 5500055558
8 changed files with 163 additions and 0 deletions
--- a/charts/virtual-kubelet-for-aks/Chart.yaml
+++ b/charts/virtual-kubelet-for-aks/Chart.yaml
@@ -0,0 +1,8 @@
+name: virtual-kubelet-for-aks
+version: 0.1.6
+description: a Helm chart to install virtual kubelet in an AKS or ACS cluster.
+sources:
+  - https://github.com/virtual-kubelet/virtual-kubelet
+maintainers:
+  - name: Robbie Zhang
+    email: junjiez@microsoft.com
--- a/charts/virtual-kubelet-for-aks/templates/NOTES.txt
+++ b/charts/virtual-kubelet-for-aks/templates/NOTES.txt
@@ -0,0 +1,12 @@
+The virtual kubelet is getting deployed on your cluster.
+
+To verify that virtual kubelet has started, run:
+
+  kubectl --namespace={{ .Release.Namespace }} get pods -l "app={{ template "fullname" . }}"
+
+{{- if (not .Values.env.apiserverCert) and (not .Values.env.apiserverKey) }}
+
+Note: 
+TLS key pair not provided for VK HTTP listener. A key pair was generated for you. This generated key pair is not suitable for production use.
+
+{{- end }}
--- a/charts/virtual-kubelet-for-aks/templates/_helpers.tpl
+++ b/charts/virtual-kubelet-for-aks/templates/_helpers.tpl
@@ -0,0 +1,16 @@
+{{/* vim: set filetype=mustache: */}}
+{{/*
+Expand the name of the chart.
+*/}}
+{{- define "name" -}}
+{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+{{/*
+Create a default fully qualified app name.
+We truncate at 24 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+*/}}
+{{- define "fullname" -}}
+{{- $name := default .Chart.Name .Values.nameOverride -}}
+{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
--- a/charts/virtual-kubelet-for-aks/templates/clusterrolebinding.yaml
+++ b/charts/virtual-kubelet-for-aks/templates/clusterrolebinding.yaml
@@ -0,0 +1,14 @@
+{{ if .Values.rbac.install }}
+apiVersion: "rbac.authorization.k8s.io/{{ .Values.rbac.apiVersion }}"
+kind: ClusterRoleBinding
+metadata:
+  name: {{ template "fullname" . }}
+subjects:
+- kind: ServiceAccount
+  name: {{ template "fullname" . }}
+  namespace: {{ .Release.Namespace }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: {{ .Values.rbac.roleRef }}
+{{ end }}
--- a/charts/virtual-kubelet-for-aks/templates/deployment.yaml
+++ b/charts/virtual-kubelet-for-aks/templates/deployment.yaml
@@ -0,0 +1,63 @@
+apiVersion: extensions/v1beta1
+kind: Deployment
+metadata:
+  name: {{ template "fullname" . }}
+spec:
+  replicas: 1
+  template:
+    metadata:
+      labels:
+        app: {{ template "fullname" . }}
+    spec:
+      containers:
+      - name: {{ template "fullname" . }}
+        image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
+        imagePullPolicy: {{ .Values.image.pullPolicy }}
+        env:
+        - name: KUBELET_PORT
+          value: "10250"
+        - name: ACS_CREDENTIAL_LOCATION
+          value: /etc/acs/azure.json
+        - name: AZURE_TENANT_ID
+          value: {{ .Values.env.azureTenantId }}
+        - name: AZURE_SUBSCRIPTION_ID
+          value: {{ .Values.env.azureSubscriptionId }}
+        - name: AZURE_CLIENT_ID
+          value: {{ .Values.env.azureClientId }}
+        - name: AZURE_CLIENT_SECRET
+          valueFrom:
+            secretKeyRef:
+              name: {{ template "fullname" . }}
+              key: clientSecret
+        - name: ACI_RESOURCE_GROUP
+          value: {{ .Values.env.aciResourceGroup }}
+        - name: ACI_REGION
+          value: {{ default "westus" .Values.env.aciRegion }}
+        - name: APISERVER_CERT_LOCATION
+          value: /etc/virtual-kubelet/cert.pem
+        - name: APISERVER_KEY_LOCATION
+          value: /etc/virtual-kubelet/key.pem
+        - name: VKUBELET_POD_IP
+          valueFrom:
+            fieldRef:
+              fieldPath: status.podIP
+        volumeMounts:
+        - name: credentials
+          mountPath: "/etc/virtual-kubelet"
+        - name: acs-credential
+          mountPath: "/etc/acs/azure.json"
+        command: ["virtual-kubelet"]
+        args: ["--provider", "azure", "--namespace", {{ default "" .Values.env.monitoredNamespace | quote }}, "--nodename", {{ default "virtual-kubelet" .Values.env.nodeName | quote }} , "--os", {{ default "Linux" .Values.env.nodeOsType | quote }}, "--taint", {{ default "azure.com/aci" .Values.env.nodeTaint | quote }}]
+      volumes:
+      - name: credentials
+        secret:
+          secretName: {{ template "fullname" . }}
+      - name: acs-credential
+        hostPath:
+          path: /etc/kubernetes/azure.json
+          type: File
+      {{ if .Values.rbac.install }}
+      serviceAccountName: {{ template "fullname" . }}
+      {{ end }}
+      nodeSelector:
+        beta.kubernetes.io/os: linux
--- a/charts/virtual-kubelet-for-aks/templates/secrets.yaml
+++ b/charts/virtual-kubelet-for-aks/templates/secrets.yaml
@@ -0,0 +1,19 @@
+apiVersion: v1
+kind: Secret
+metadata:
+  name: {{ template "fullname" . }}
+type: Opaque
+data:
+  {{- if (not .Values.env.apiserverCert) and (not .Values.env.apiserverKey) }}
+  {{- $ca := genCA "virtual-kubelet-ca" 3650 }}
+  {{- $cn := printf "%s-virtual-kubelet-apiserver" .Release.Name }}
+  {{- $altName1 := printf "%s-virtual-kubelet-apiserver.%s" .Release.Name .Release.Namespace }}
+  {{- $altName2 := printf "%s-virtual-kubelet-apiserver.%s.svc" .Release.Name .Release.Namespace }}
+  {{- $cert := genSignedCert $cn nil (list $altName1 $altName2) 3650 $ca }}
+  cert.pem: {{ b64enc $cert.Cert }}
+  key.pem: {{ b64enc $cert.Key }}
+  {{ else }}
+  cert.pem: {{ quote .Values.env.apiserverCert }}
+  key.pem: {{ quote .Values.env.apiserverKey }}
+  {{ end}}
+  clientSecret: {{ default "" .Values.env.azureClientKey | b64enc | quote }}
--- a/charts/virtual-kubelet-for-aks/templates/serviceaccount.yaml
+++ b/charts/virtual-kubelet-for-aks/templates/serviceaccount.yaml
@@ -0,0 +1,6 @@
+{{ if .Values.rbac.install }}
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ template "fullname" . }}
+{{ end }}
--- a/charts/virtual-kubelet-for-aks/values.yaml
+++ b/charts/virtual-kubelet-for-aks/values.yaml
@@ -0,0 +1,25 @@
+image:
+  repository: microsoft/virtual-kubelet
+  tag: latest
+  pullPolicy: Always
+env:
+  azureClientId: 
+  azureClientKey: 
+  azureTenantId: 
+  azureSubscriptionId: 
+  aciResourceGroup: 
+  aciRegion: 
+  nodeName: 
+  nodeTaint: 
+  nodeOsType: 
+  apiserverCert: 
+  apiserverKey: 
+  monitoredNamespace:
+
+# Install Default RBAC roles and bindings
+rbac:
+  install: true
+  ## RBAC api version
+  apiVersion: v1beta1
+  # Cluster role reference
+  roleRef: cluster-admin