This is an automated email from the ASF dual-hosted git repository.
daisyguo pushed a commit to branch master
in repository
https://gitbox.apache.org/repos/asf/incubator-openwhisk-deploy-kube.git
The following commit(s) were added to refs/heads/master by this push:
new 9015a10 Conform to Helm best practices for structure of templates/
(#340)
9015a10 is described below
commit 9015a10f0c96a88b5ef88da7f22e5319dba15cec
Author: David Grove <dgrove-...@users.noreply.github.com>
AuthorDate: Wed Nov 7 04:14:24 2018 -0500
Conform to Helm best practices for structure of templates/ (#340)
Specifically make changes to comply with the rules:
1. Each resource definition should be in its own template file.
2. Template file names should use dashed notation, not camelcase.
3. Template file names should reflect the resource kind in the name.
See guidelines at
https://github.com/helm/helm/blob/master/docs/chart_best_practices/templates.md.
---
docs/troubleshooting.md | 2 +-
...gAlarmProvider.yaml => alarm-provider-pod.yaml} | 16 ------
.../ow-alarm/templates/alarm-provider-pvc.yaml | 17 ++++++
.../templates/install-alarm-provider-cm.yaml | 10 ++++
...armJob.yaml => install-alarm-provider-job.yaml} | 8 ---
...antProvider.yaml => cloudant-provider-pod.yaml} | 16 ------
.../templates/cloudant-provider-pvc.yaml | 17 ++++++
.../templates/install-cloudant-provider-cm.yaml | 10 ++++
...Job.yaml => install-cloudant-provider-job.yaml} | 8 ---
.../templates/install-kafka-provider-cm.yaml | 10 ++++
...fkaJob.yaml => install-kafka-provider-job.yaml} | 8 ---
...gKafkaProvider.yaml => kafka-provider-pod.yaml} | 0
.../{_invokerHelpers.tpl => _invoker-helpers.tpl} | 0
.../{apigateway.yaml => apigateway-pod.yaml} | 18 ------
helm/openwhisk/templates/apigateway-svc.yaml | 18 ++++++
helm/openwhisk/templates/authSecrets.yaml | 35 ------------
.../{controller.yaml => controller-pod.yaml} | 15 -----
helm/openwhisk/templates/controller-svc.yaml | 16 ++++++
helm/openwhisk/templates/couchdb-init-cm.yaml | 12 ++++
.../{initCouchDBJob.yaml => couchdb-init-job.yaml} | 11 ----
.../templates/{couchdb.yaml => couchdb-pod.yaml} | 32 -----------
helm/openwhisk/templates/couchdb-pvc.yaml | 19 +++++++
helm/openwhisk/templates/couchdb-svc.yaml | 18 ++++++
.../{ingress.yaml => frontdoor-ingress.yaml} | 15 -----
helm/openwhisk/templates/frontdoor-secrets.yaml | 16 ++++++
helm/openwhisk/templates/install-catalog-cm.yaml | 10 ++++
...allCatalogJob.yaml => install-catalog-job.yaml} | 9 ---
helm/openwhisk/templates/install-routemgmt-cm.yaml | 10 ++++
...outeMgmtJob.yaml => install-routemgmt-job.yaml} | 9 ---
helm/openwhisk/templates/invoker-agent-pod.yaml | 52 ++++++++++++++++++
helm/openwhisk/templates/invoker-cm.yaml | 10 ++++
.../templates/{invoker.yaml => invoker-pod.yaml} | 64 +---------------------
.../{rolebindings.yaml => invoker-role.yaml} | 44 ---------------
helm/openwhisk/templates/invoker-rolebind.yaml | 23 ++++++++
helm/openwhisk/templates/invoker-svcacct.yaml | 15 +++++
.../templates/{kafka.yaml => kafka-pod.yaml} | 31 +----------
helm/openwhisk/templates/kafka-pvc.yaml | 19 +++++++
helm/openwhisk/templates/kafka-svc.yaml | 16 ++++++
.../{nginxConfigMap.yaml => nginx-cm.yaml} | 0
.../templates/{nginx.yaml => nginx-pod.yaml} | 27 ---------
.../{nginxSecret.yaml => nginx-secret.yaml} | 0
helm/openwhisk/templates/nginx-svc.yaml | 28 ++++++++++
helm/openwhisk/templates/ow-core-rolebind.yaml | 17 ++++++
helm/openwhisk/templates/ow-core-svcacct.yaml | 9 +++
helm/openwhisk/templates/ow-db-cm.yaml | 19 +++++++
helm/openwhisk/templates/ow-db-secret.yaml | 12 ++++
.../templates/ow-docker-registry-secret.yaml | 12 ++++
.../{clusterConfigMaps.yaml => ow-whisk-cm.yaml} | 19 -------
helm/openwhisk/templates/ow-whisk-secret.yaml | 12 ++++
.../templates/{redis.yaml => redis-pod.yaml} | 34 +-----------
helm/openwhisk/templates/redis-pvc.yaml | 17 ++++++
helm/openwhisk/templates/redis-svc.yaml | 16 ++++++
helm/openwhisk/templates/zookeeper-cm.yaml | 25 +++++++++
.../{zookeeper.yaml => zookeeper-pod.yaml} | 44 +--------------
helm/openwhisk/templates/zookeeper-svc.yaml | 23 ++++++++
55 files changed, 513 insertions(+), 460 deletions(-)
diff --git a/docs/troubleshooting.md b/docs/troubleshooting.md
index 9dc78fc..36d34e0 100644
--- a/docs/troubleshooting.md
+++ b/docs/troubleshooting.md
@@ -35,7 +35,7 @@ means that the default volume hostPath values assume that the
Kubernetes worker
node image is Ubuntu. If containers fail to start with errors related
mounting`/sys/fs/cgroup`, `/run/runc`,`/var/lib/docker/containers`, or
`/var/run/docker.sock`, then you will need to change the corresponding
-value in `helm/templates/invoker.yaml` to match the host operating system
+value in `helm/openwhisk/templates/_invoker-helpers.yaml` to match the host
operating system
running on your Kubernetes worker node.
### Controller and Invoker cannot connect to Kafka
diff --git
a/helm/openwhisk-providers/charts/ow-alarm/templates/pkgAlarmProvider.yaml
b/helm/openwhisk-providers/charts/ow-alarm/templates/alarm-provider-pod.yaml
similarity index 85%
rename from
helm/openwhisk-providers/charts/ow-alarm/templates/pkgAlarmProvider.yaml
rename to
helm/openwhisk-providers/charts/ow-alarm/templates/alarm-provider-pod.yaml
index 131b480..4cc3951 100644
--- a/helm/openwhisk-providers/charts/ow-alarm/templates/pkgAlarmProvider.yaml
+++ b/helm/openwhisk-providers/charts/ow-alarm/templates/alarm-provider-pod.yaml
@@ -82,19 +82,3 @@ spec:
volumeMounts:
- name: alarm-logs
mountPath: /logs
-
----
-{{- if ne .Values.alarmprovider.persistence.storageClass "none" }}
-apiVersion: v1
-kind: PersistentVolumeClaim
-metadata:
- name: {{ .Values.alarmprovider.persistence.pvcName | quote }}
- namespace: {{ .Release.Namespace | quote }}
-spec:
- storageClassName: {{ .Values.alarmprovider.persistence.storageClass }}
- accessModes:
- - {{ .Values.alarmprovider.persistence.accessMode }}
- resources:
- requests:
- storage: {{ .Values.alarmprovider.persistence.size }}
-{{- end }}
diff --git
a/helm/openwhisk-providers/charts/ow-alarm/templates/alarm-provider-pvc.yaml
b/helm/openwhisk-providers/charts/ow-alarm/templates/alarm-provider-pvc.yaml
new file mode 100644
index 0000000..bea64f7
--- /dev/null
+++ b/helm/openwhisk-providers/charts/ow-alarm/templates/alarm-provider-pvc.yaml
@@ -0,0 +1,17 @@
+# Licensed to the Apache Software Foundation (ASF) under one or more
contributor
+# license agreements; and to You under the Apache License, Version 2.0.
+
+{{- if ne .Values.alarmprovider.persistence.storageClass "none" }}
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+ name: {{ .Values.alarmprovider.persistence.pvcName | quote }}
+ namespace: {{ .Release.Namespace | quote }}
+spec:
+ storageClassName: {{ .Values.alarmprovider.persistence.storageClass }}
+ accessModes:
+ - {{ .Values.alarmprovider.persistence.accessMode }}
+ resources:
+ requests:
+ storage: {{ .Values.alarmprovider.persistence.size }}
+{{- end }}
diff --git
a/helm/openwhisk-providers/charts/ow-alarm/templates/install-alarm-provider-cm.yaml
b/helm/openwhisk-providers/charts/ow-alarm/templates/install-alarm-provider-cm.yaml
new file mode 100644
index 0000000..8fa15cd
--- /dev/null
+++
b/helm/openwhisk-providers/charts/ow-alarm/templates/install-alarm-provider-cm.yaml
@@ -0,0 +1,10 @@
+# Licensed to the Apache Software Foundation (ASF) under one or more
contributor
+# license agreements; and to You under the Apache License, Version 2.0.
+
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: install-package-alarms
+ namespace: {{ .Release.Namespace | quote }}
+data:
+{{ (.Files.Glob "configMapFiles/myTask.sh").AsConfig | indent 2 }}
diff --git
a/helm/openwhisk-providers/charts/ow-alarm/templates/installPkgAlarmJob.yaml
b/helm/openwhisk-providers/charts/ow-alarm/templates/install-alarm-provider-job.yaml
similarity index 93%
rename from
helm/openwhisk-providers/charts/ow-alarm/templates/installPkgAlarmJob.yaml
rename to
helm/openwhisk-providers/charts/ow-alarm/templates/install-alarm-provider-job.yaml
index fdddef9..1966ba4 100644
--- a/helm/openwhisk-providers/charts/ow-alarm/templates/installPkgAlarmJob.yaml
+++
b/helm/openwhisk-providers/charts/ow-alarm/templates/install-alarm-provider-job.yaml
@@ -79,11 +79,3 @@ spec:
{{ end }}
- name: "DB_PREFIX"
value: "{{- .Values.alarmprovider.db.prefix -}}"
----
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: install-package-alarms
- namespace: {{ .Release.Namespace | quote }}
-data:
-{{ (.Files.Glob "configMapFiles/myTask.sh").AsConfig | indent 2 }}
diff --git
a/helm/openwhisk-providers/charts/ow-cloudant/templates/pkgCloudantProvider.yaml
b/helm/openwhisk-providers/charts/ow-cloudant/templates/cloudant-provider-pod.yaml
similarity index 85%
rename from
helm/openwhisk-providers/charts/ow-cloudant/templates/pkgCloudantProvider.yaml
rename to
helm/openwhisk-providers/charts/ow-cloudant/templates/cloudant-provider-pod.yaml
index 5e0e103..5eae53f 100644
---
a/helm/openwhisk-providers/charts/ow-cloudant/templates/pkgCloudantProvider.yaml
+++
b/helm/openwhisk-providers/charts/ow-cloudant/templates/cloudant-provider-pod.yaml
@@ -83,19 +83,3 @@ spec:
volumeMounts:
- name: cloudant-logs
mountPath: /logs
-
----
-{{- if ne .Values.cloudantprovider.persistence.storageClass "none" }}
-apiVersion: v1
-kind: PersistentVolumeClaim
-metadata:
- name: {{ .Values.cloudantprovider.persistence.pvcName | quote }}
- namespace: {{ .Release.Namespace | quote }}
-spec:
- storageClassName: {{ .Values.cloudantprovider.persistence.storageClass }}
- accessModes:
- - {{ .Values.cloudantprovider.persistence.accessMode }}
- resources:
- requests:
- storage: {{ .Values.cloudantprovider.persistence.size }}
-{{- end }}
diff --git
a/helm/openwhisk-providers/charts/ow-cloudant/templates/cloudant-provider-pvc.yaml
b/helm/openwhisk-providers/charts/ow-cloudant/templates/cloudant-provider-pvc.yaml
new file mode 100644
index 0000000..24b74b6
--- /dev/null
+++
b/helm/openwhisk-providers/charts/ow-cloudant/templates/cloudant-provider-pvc.yaml
@@ -0,0 +1,17 @@
+# Licensed to the Apache Software Foundation (ASF) under one or more
contributor
+# license agreements; and to You under the Apache License, Version 2.0.
+
+{{- if ne .Values.cloudantprovider.persistence.storageClass "none" }}
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+ name: {{ .Values.cloudantprovider.persistence.pvcName | quote }}
+ namespace: {{ .Release.Namespace | quote }}
+spec:
+ storageClassName: {{ .Values.cloudantprovider.persistence.storageClass }}
+ accessModes:
+ - {{ .Values.cloudantprovider.persistence.accessMode }}
+ resources:
+ requests:
+ storage: {{ .Values.cloudantprovider.persistence.size }}
+{{- end }}
diff --git
a/helm/openwhisk-providers/charts/ow-cloudant/templates/install-cloudant-provider-cm.yaml
b/helm/openwhisk-providers/charts/ow-cloudant/templates/install-cloudant-provider-cm.yaml
new file mode 100644
index 0000000..e2b973d
--- /dev/null
+++
b/helm/openwhisk-providers/charts/ow-cloudant/templates/install-cloudant-provider-cm.yaml
@@ -0,0 +1,10 @@
+# Licensed to the Apache Software Foundation (ASF) under one or more
contributor
+# license agreements; and to You under the Apache License, Version 2.0.
+
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: install-package-cloudant
+ namespace: {{ .Release.Namespace | quote }}
+data:
+{{ (.Files.Glob "configMapFiles/myTask.sh").AsConfig | indent 2 }}
diff --git
a/helm/openwhisk-providers/charts/ow-cloudant/templates/installPkgCloudantJob.yaml
b/helm/openwhisk-providers/charts/ow-cloudant/templates/install-cloudant-provider-job.yaml
similarity index 93%
rename from
helm/openwhisk-providers/charts/ow-cloudant/templates/installPkgCloudantJob.yaml
rename to
helm/openwhisk-providers/charts/ow-cloudant/templates/install-cloudant-provider-job.yaml
index 439a1a5..81fc62d 100644
---
a/helm/openwhisk-providers/charts/ow-cloudant/templates/installPkgCloudantJob.yaml
+++
b/helm/openwhisk-providers/charts/ow-cloudant/templates/install-cloudant-provider-job.yaml
@@ -79,11 +79,3 @@ spec:
{{ end }}
- name: "DB_PREFIX"
value: {{ .Values.cloudantprovider.db.prefix | default "cldt" |
quote }}
----
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: install-package-cloudant
- namespace: {{ .Release.Namespace | quote }}
-data:
-{{ (.Files.Glob "configMapFiles/myTask.sh").AsConfig | indent 2 }}
diff --git
a/helm/openwhisk-providers/charts/ow-kafka/templates/install-kafka-provider-cm.yaml
b/helm/openwhisk-providers/charts/ow-kafka/templates/install-kafka-provider-cm.yaml
new file mode 100644
index 0000000..2b0399a
--- /dev/null
+++
b/helm/openwhisk-providers/charts/ow-kafka/templates/install-kafka-provider-cm.yaml
@@ -0,0 +1,10 @@
+# Licensed to the Apache Software Foundation (ASF) under one or more
contributor
+# license agreements; and to You under the Apache License, Version 2.0.
+
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: install-package-kafka
+ namespace: {{ .Release.Namespace | quote }}
+data:
+{{ (.Files.Glob "configMapFiles/myTask.sh").AsConfig | indent 2 }}
diff --git
a/helm/openwhisk-providers/charts/ow-kafka/templates/installPkgKafkaJob.yaml
b/helm/openwhisk-providers/charts/ow-kafka/templates/install-kafka-provider-job.yaml
similarity index 93%
rename from
helm/openwhisk-providers/charts/ow-kafka/templates/installPkgKafkaJob.yaml
rename to
helm/openwhisk-providers/charts/ow-kafka/templates/install-kafka-provider-job.yaml
index 1b68d73..bd16aa2 100644
--- a/helm/openwhisk-providers/charts/ow-kafka/templates/installPkgKafkaJob.yaml
+++
b/helm/openwhisk-providers/charts/ow-kafka/templates/install-kafka-provider-job.yaml
@@ -79,11 +79,3 @@ spec:
{{ end }}
- name: "DB_PREFIX"
value: "{{- .Values.kafkaprovider.db.prefix -}}"
----
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: install-package-kafka
- namespace: {{ .Release.Namespace | quote }}
-data:
-{{ (.Files.Glob "configMapFiles/myTask.sh").AsConfig | indent 2 }}
diff --git
a/helm/openwhisk-providers/charts/ow-kafka/templates/pkgKafkaProvider.yaml
b/helm/openwhisk-providers/charts/ow-kafka/templates/kafka-provider-pod.yaml
similarity index 100%
rename from
helm/openwhisk-providers/charts/ow-kafka/templates/pkgKafkaProvider.yaml
rename to
helm/openwhisk-providers/charts/ow-kafka/templates/kafka-provider-pod.yaml
diff --git a/helm/openwhisk/templates/_invokerHelpers.tpl
b/helm/openwhisk/templates/_invoker-helpers.tpl
similarity index 100%
rename from helm/openwhisk/templates/_invokerHelpers.tpl
rename to helm/openwhisk/templates/_invoker-helpers.tpl
diff --git a/helm/openwhisk/templates/apigateway.yaml
b/helm/openwhisk/templates/apigateway-pod.yaml
similarity index 80%
rename from helm/openwhisk/templates/apigateway.yaml
rename to helm/openwhisk/templates/apigateway-pod.yaml
index 5f7e3c8..974738c 100644
--- a/helm/openwhisk/templates/apigateway.yaml
+++ b/helm/openwhisk/templates/apigateway-pod.yaml
@@ -1,24 +1,6 @@
# Licensed to the Apache Software Foundation (ASF) under one or more
contributor
# license agreements; and to You under the Apache License, Version 2.0.
----
-apiVersion: v1
-kind: Service
-metadata:
- name: {{ .Values.apigw.name | quote }}
- namespace: {{ .Release.Namespace | quote }}
- labels:
- name: {{ .Values.apigw.name | quote }}
-spec:
- selector:
- name: {{ .Values.apigw.name | quote }}
- ports:
- - port: {{ .Values.apigw.mgmtPort }}
- name: mgmt
- - port: {{ .Values.apigw.apiPort }}
- name: api
-
----
apiVersion: apps/v1
kind: Deployment
metadata:
diff --git a/helm/openwhisk/templates/apigateway-svc.yaml
b/helm/openwhisk/templates/apigateway-svc.yaml
new file mode 100644
index 0000000..1e4854f
--- /dev/null
+++ b/helm/openwhisk/templates/apigateway-svc.yaml
@@ -0,0 +1,18 @@
+# Licensed to the Apache Software Foundation (ASF) under one or more
contributor
+# license agreements; and to You under the Apache License, Version 2.0.
+
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ .Values.apigw.name | quote }}
+ namespace: {{ .Release.Namespace | quote }}
+ labels:
+ name: {{ .Values.apigw.name | quote }}
+spec:
+ selector:
+ name: {{ .Values.apigw.name | quote }}
+ ports:
+ - port: {{ .Values.apigw.mgmtPort }}
+ name: mgmt
+ - port: {{ .Values.apigw.apiPort }}
+ name: api
diff --git a/helm/openwhisk/templates/authSecrets.yaml
b/helm/openwhisk/templates/authSecrets.yaml
deleted file mode 100644
index b81e013..0000000
--- a/helm/openwhisk/templates/authSecrets.yaml
+++ /dev/null
@@ -1,35 +0,0 @@
-# Licensed to the Apache Software Foundation (ASF) under one or more
contributor
-# license agreements; and to You under the Apache License, Version 2.0.
-
----
-apiVersion: v1
-kind: Secret
-metadata:
- name: whisk.auth
- namespace: {{ .Release.Namespace | quote }}
-type: Opaque
-data:
- system: {{ .Values.whisk.auth.system | b64enc }}
- guest: {{ .Values.whisk.auth.guest | b64enc }}
-
----
-apiVersion: v1
-kind: Secret
-metadata:
- name: db.auth
- namespace: {{ .Release.Namespace | quote }}
-type: Opaque
-data:
- db_username: {{ .Values.db.auth.username | b64enc }}
- db_password: {{ .Values.db.auth.password | b64enc }}
-
----
-apiVersion: v1
-kind: Secret
-metadata:
- name: docker.registry.auth
- namespace: {{ .Release.Namespace | quote }}
-type: Opaque
-data:
- docker_registry_username: {{ .Values.docker.registry.username | b64enc }}
- docker_registry_password: {{ .Values.docker.registry.password | b64enc }}
diff --git a/helm/openwhisk/templates/controller.yaml
b/helm/openwhisk/templates/controller-pod.yaml
similarity index 93%
rename from helm/openwhisk/templates/controller.yaml
rename to helm/openwhisk/templates/controller-pod.yaml
index 0135dad..7f1682f 100644
--- a/helm/openwhisk/templates/controller.yaml
+++ b/helm/openwhisk/templates/controller-pod.yaml
@@ -1,21 +1,6 @@
# Licensed to the Apache Software Foundation (ASF) under one or more
contributor
# license agreements; and to You under the Apache License, Version 2.0.
----
-apiVersion: v1
-kind: Service
-metadata:
- name: {{ .Values.controller.name | quote }}
- namespace: {{ .Release.Namespace | quote }}
- labels:
- name: {{ .Values.controller.name | quote }}
-spec:
- selector:
- name: {{ .Values.controller.name | quote }}
- ports:
- - port: {{ .Values.controller.port }}
- name: http
----
apiVersion: apps/v1
kind: StatefulSet
metadata:
diff --git a/helm/openwhisk/templates/controller-svc.yaml
b/helm/openwhisk/templates/controller-svc.yaml
new file mode 100644
index 0000000..d9d1db5
--- /dev/null
+++ b/helm/openwhisk/templates/controller-svc.yaml
@@ -0,0 +1,16 @@
+# Licensed to the Apache Software Foundation (ASF) under one or more
contributor
+# license agreements; and to You under the Apache License, Version 2.0.
+
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ .Values.controller.name | quote }}
+ namespace: {{ .Release.Namespace | quote }}
+ labels:
+ name: {{ .Values.controller.name | quote }}
+spec:
+ selector:
+ name: {{ .Values.controller.name | quote }}
+ ports:
+ - port: {{ .Values.controller.port }}
+ name: http
diff --git a/helm/openwhisk/templates/couchdb-init-cm.yaml
b/helm/openwhisk/templates/couchdb-init-cm.yaml
new file mode 100644
index 0000000..80d1ff4
--- /dev/null
+++ b/helm/openwhisk/templates/couchdb-init-cm.yaml
@@ -0,0 +1,12 @@
+# Licensed to the Apache Software Foundation (ASF) under one or more
contributor
+# license agreements; and to You under the Apache License, Version 2.0.
+
+{{ if .Values.db.wipeAndInit }}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: init-couchdb
+ namespace: {{ .Release.Namespace | quote }}
+data:
+{{ (.Files.Glob "configMapFiles/initCouchDB/initdb.sh").AsConfig | indent 2 }}
+{{ end }}
diff --git a/helm/openwhisk/templates/initCouchDBJob.yaml
b/helm/openwhisk/templates/couchdb-init-job.yaml
similarity index 90%
rename from helm/openwhisk/templates/initCouchDBJob.yaml
rename to helm/openwhisk/templates/couchdb-init-job.yaml
index 8414bca..566c461 100644
--- a/helm/openwhisk/templates/initCouchDBJob.yaml
+++ b/helm/openwhisk/templates/couchdb-init-job.yaml
@@ -2,7 +2,6 @@
# license agreements; and to You under the Apache License, Version 2.0.
{{ if .Values.db.wipeAndInit }}
-
apiVersion: batch/v1
kind: Job
metadata:
@@ -66,14 +65,4 @@ spec:
key: db_password
- name: "NODENAME"
value: "couchdb0"
-
----
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: init-couchdb
- namespace: {{ .Release.Namespace | quote }}
-data:
-{{ (.Files.Glob "configMapFiles/initCouchDB/initdb.sh").AsConfig | indent 2 }}
-
{{ end }}
diff --git a/helm/openwhisk/templates/couchdb.yaml
b/helm/openwhisk/templates/couchdb-pod.yaml
similarity index 71%
rename from helm/openwhisk/templates/couchdb.yaml
rename to helm/openwhisk/templates/couchdb-pod.yaml
index 23a72b9..2692b50 100644
--- a/helm/openwhisk/templates/couchdb.yaml
+++ b/helm/openwhisk/templates/couchdb-pod.yaml
@@ -2,21 +2,6 @@
# license agreements; and to You under the Apache License, Version 2.0.
{{ if not .Values.db.external }}
-apiVersion: v1
-kind: Service
-metadata:
- name: {{ .Values.db.name | quote }}
- namespace: {{ .Release.Namespace | quote }}
- labels:
- name: {{ .Values.db.name | quote }}
-spec:
- selector:
- name: {{ .Values.db.name | quote }}
- ports:
- - port: {{ .Values.db.port }}
- name: couchdb
-
----
apiVersion: apps/v1
kind: Deployment
metadata:
@@ -73,21 +58,4 @@ spec:
persistentVolumeClaim:
claimName: {{ .Values.db.persistence.pvcName | quote }}
{{- end }}
-
-{{- if .Values.db.persistence.enabled }}
----
-apiVersion: v1
-kind: PersistentVolumeClaim
-metadata:
- name: {{ .Values.db.persistence.pvcName | quote }}
- namespace: {{ .Release.Namespace | quote }}
-spec:
- storageClassName: {{ .Values.db.persistence.storageClass }}
- accessModes:
- - {{ .Values.db.persistence.accessMode }}
- resources:
- requests:
- storage: {{ .Values.db.persistence.size }}
-{{- end }}
-
{{ end }}
diff --git a/helm/openwhisk/templates/couchdb-pvc.yaml
b/helm/openwhisk/templates/couchdb-pvc.yaml
new file mode 100644
index 0000000..9ae38d4
--- /dev/null
+++ b/helm/openwhisk/templates/couchdb-pvc.yaml
@@ -0,0 +1,19 @@
+# Licensed to the Apache Software Foundation (ASF) under one or more
contributor
+# license agreements; and to You under the Apache License, Version 2.0.
+
+{{ if not .Values.db.external }}
+{{- if .Values.db.persistence.enabled }}
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+ name: {{ .Values.db.persistence.pvcName | quote }}
+ namespace: {{ .Release.Namespace | quote }}
+spec:
+ storageClassName: {{ .Values.db.persistence.storageClass }}
+ accessModes:
+ - {{ .Values.db.persistence.accessMode }}
+ resources:
+ requests:
+ storage: {{ .Values.db.persistence.size }}
+{{- end }}
+{{ end }}
diff --git a/helm/openwhisk/templates/couchdb-svc.yaml
b/helm/openwhisk/templates/couchdb-svc.yaml
new file mode 100644
index 0000000..33b8171
--- /dev/null
+++ b/helm/openwhisk/templates/couchdb-svc.yaml
@@ -0,0 +1,18 @@
+# Licensed to the Apache Software Foundation (ASF) under one or more
contributor
+# license agreements; and to You under the Apache License, Version 2.0.
+
+{{ if not .Values.db.external }}
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ .Values.db.name | quote }}
+ namespace: {{ .Release.Namespace | quote }}
+ labels:
+ name: {{ .Values.db.name | quote }}
+spec:
+ selector:
+ name: {{ .Values.db.name | quote }}
+ ports:
+ - port: {{ .Values.db.port }}
+ name: couchdb
+{{ end }}
diff --git a/helm/openwhisk/templates/ingress.yaml
b/helm/openwhisk/templates/frontdoor-ingress.yaml
similarity index 80%
rename from helm/openwhisk/templates/ingress.yaml
rename to helm/openwhisk/templates/frontdoor-ingress.yaml
index 9145f30..3fcdbdd 100644
--- a/helm/openwhisk/templates/ingress.yaml
+++ b/helm/openwhisk/templates/frontdoor-ingress.yaml
@@ -2,7 +2,6 @@
# license agreements; and to You under the Apache License, Version 2.0.
{{- if eq .Values.whisk.ingress.type "standard" }}
----
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
@@ -52,18 +51,4 @@ spec:
backend:
serviceName: nginx
servicePort: http
-
-{{- if .Values.whisk.ingress.tls.createsecret }}
----
-apiVersion: v1
-kind: Secret
-metadata:
- name: {{ .Values.whisk.ingress.tls.secretname | quote }}
- namespace: {{ .Release.Namespace | quote }}
-type: {{ .Values.whisk.ingress.tls.secrettype | quote }}
-data:
- tls.crt: {{ .Values.whisk.ingress.tls.crt }}
- tls.key: {{ .Values.whisk.ingress.tls.key }}
-{{- end}}
-
{{- end }}
diff --git a/helm/openwhisk/templates/frontdoor-secrets.yaml
b/helm/openwhisk/templates/frontdoor-secrets.yaml
new file mode 100644
index 0000000..e84976a
--- /dev/null
+++ b/helm/openwhisk/templates/frontdoor-secrets.yaml
@@ -0,0 +1,16 @@
+# Licensed to the Apache Software Foundation (ASF) under one or more
contributor
+# license agreements; and to You under the Apache License, Version 2.0.
+
+{{- if eq .Values.whisk.ingress.type "standard" }}
+{{- if .Values.whisk.ingress.tls.createsecret }}
+apiVersion: v1
+kind: Secret
+metadata:
+ name: {{ .Values.whisk.ingress.tls.secretname | quote }}
+ namespace: {{ .Release.Namespace | quote }}
+type: {{ .Values.whisk.ingress.tls.secrettype | quote }}
+data:
+ tls.crt: {{ .Values.whisk.ingress.tls.crt }}
+ tls.key: {{ .Values.whisk.ingress.tls.key }}
+{{- end}}
+{{- end }}
diff --git a/helm/openwhisk/templates/install-catalog-cm.yaml
b/helm/openwhisk/templates/install-catalog-cm.yaml
new file mode 100644
index 0000000..f5544d4
--- /dev/null
+++ b/helm/openwhisk/templates/install-catalog-cm.yaml
@@ -0,0 +1,10 @@
+# Licensed to the Apache Software Foundation (ASF) under one or more
contributor
+# license agreements; and to You under the Apache License, Version 2.0.
+
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: install-catalog
+ namespace: {{ .Release.Namespace | quote }}
+data:
+{{ (.Files.Glob "configMapFiles/installCatalog/myTask.sh").AsConfig | indent 2
}}
diff --git a/helm/openwhisk/templates/installCatalogJob.yaml
b/helm/openwhisk/templates/install-catalog-job.yaml
similarity index 86%
rename from helm/openwhisk/templates/installCatalogJob.yaml
rename to helm/openwhisk/templates/install-catalog-job.yaml
index f893ce3..bf31711 100644
--- a/helm/openwhisk/templates/installCatalogJob.yaml
+++ b/helm/openwhisk/templates/install-catalog-job.yaml
@@ -40,12 +40,3 @@ spec:
configMapKeyRef:
name: whisk.config
key: whisk_api_host_nameAndPort
-
----
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: install-catalog
- namespace: {{ .Release.Namespace | quote }}
-data:
-{{ (.Files.Glob "configMapFiles/installCatalog/myTask.sh").AsConfig | indent 2
}}
diff --git a/helm/openwhisk/templates/install-routemgmt-cm.yaml
b/helm/openwhisk/templates/install-routemgmt-cm.yaml
new file mode 100644
index 0000000..79a7c98
--- /dev/null
+++ b/helm/openwhisk/templates/install-routemgmt-cm.yaml
@@ -0,0 +1,10 @@
+# Licensed to the Apache Software Foundation (ASF) under one or more
contributor
+# license agreements; and to You under the Apache License, Version 2.0.
+
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: install-routemgmt
+ namespace: {{ .Release.Namespace | quote }}
+data:
+{{ (.Files.Glob "configMapFiles/installRouteMgmt/myTask.sh").AsConfig | indent
2 }}
diff --git a/helm/openwhisk/templates/installRouteMgmtJob.yaml
b/helm/openwhisk/templates/install-routemgmt-job.yaml
similarity index 88%
rename from helm/openwhisk/templates/installRouteMgmtJob.yaml
rename to helm/openwhisk/templates/install-routemgmt-job.yaml
index 3126b6b..0db56ef 100644
--- a/helm/openwhisk/templates/installRouteMgmtJob.yaml
+++ b/helm/openwhisk/templates/install-routemgmt-job.yaml
@@ -47,12 +47,3 @@ spec:
key: whisk_system_namespace
- name: "WHISK_API_GATEWAY_HOST_V2"
value:
"http://$(APIGATEWAY_SERVICE_HOST):$(APIGATEWAY_SERVICE_PORT_API)/v2"
-
----
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: install-routemgmt
- namespace: {{ .Release.Namespace | quote }}
-data:
-{{ (.Files.Glob "configMapFiles/installRouteMgmt/myTask.sh").AsConfig | indent
2 }}
diff --git a/helm/openwhisk/templates/invoker-agent-pod.yaml
b/helm/openwhisk/templates/invoker-agent-pod.yaml
new file mode 100644
index 0000000..dfa0a5c
--- /dev/null
+++ b/helm/openwhisk/templates/invoker-agent-pod.yaml
@@ -0,0 +1,52 @@
+# Licensed to the Apache Software Foundation (ASF) under one or more
contributor
+# license agreements; and to You under the Apache License, Version 2.0.
+
+{{ if .Values.invoker.containerFactory.kubernetes.agent.enabled }}
+apiVersion: apps/v1
+kind: DaemonSet
+metadata:
+ name: {{ .Values.invoker.containerFactory.kubernetes.agent.name | quote }}
+ namespace: {{ .Release.Namespace | quote }}
+ labels:
+ name: {{ .Values.invoker.containerFactory.kubernetes.agent.name | quote }}
+spec:
+ selector:
+ matchLabels:
+ name: {{ .Values.invoker.containerFactory.kubernetes.agent.name | quote
}}
+ template:
+ metadata:
+ labels:
+ name: {{ .Values.invoker.containerFactory.kubernetes.agent.name |
quote }}
+ spec:
+ restartPolicy: Always
+ hostNetwork: true
+
+ affinity:
+{{ include "affinity.invoker" . | indent 8 }}
+
+ volumes:
+{{ include "docker_volumes" . | indent 6 }}
+ - name: userlogs
+ emptyDir: {}
+ - name: task-dir
+ configMap:
+ name: docker-pull-runtimes
+
+ initContainers:
+ # Pull images for all default runtimes before starting invoker
+{{ include "docker_pull_runtimes" . | indent 6 }}
+
+ containers:
+ - name: {{ .Values.invoker.containerFactory.kubernetes.agent.name |
quote }}
+ imagePullPolicy: {{ .Values.invoker.imagePullPolicy | quote }}
+ image: {{ .Values.invoker.containerFactory.kubernetes.agent.image }}
+ securityContext:
+ privileged: true
+ ports:
+ - name: agent
+ containerPort: {{
.Values.invoker.containerFactory.kubernetes.agent.port }}
+ volumeMounts:
+{{ include "docker_volume_mounts" . | indent 8 }}
+ - name: userlogs
+ mountPath: "/action-logs"
+{{- end }}
diff --git a/helm/openwhisk/templates/invoker-cm.yaml
b/helm/openwhisk/templates/invoker-cm.yaml
new file mode 100644
index 0000000..997d0fe
--- /dev/null
+++ b/helm/openwhisk/templates/invoker-cm.yaml
@@ -0,0 +1,10 @@
+# Licensed to the Apache Software Foundation (ASF) under one or more
contributor
+# license agreements; and to You under the Apache License, Version 2.0.
+
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: docker-pull-runtimes
+ namespace: {{ .Release.Namespace | quote }}
+data:
+{{ (.Files.Glob "configMapFiles/dockerPullRuntimes/playbook.yml").AsConfig |
indent 2 }}
diff --git a/helm/openwhisk/templates/invoker.yaml
b/helm/openwhisk/templates/invoker-pod.yaml
similarity index 77%
rename from helm/openwhisk/templates/invoker.yaml
rename to helm/openwhisk/templates/invoker-pod.yaml
index 50580a2..63ade46 100644
--- a/helm/openwhisk/templates/invoker.yaml
+++ b/helm/openwhisk/templates/invoker-pod.yaml
@@ -1,11 +1,10 @@
# Licensed to the Apache Software Foundation (ASF) under one or more
contributor
# license agreements; and to You under the Apache License, Version 2.0.
----
{{- if eq .Values.invoker.containerFactory.impl "docker" }}
apiVersion: apps/v1
kind: DaemonSet
-{{- else if eq .Values.invoker.containerFactory.impl "kubernetes" -}}
+{{- else if eq .Values.invoker.containerFactory.impl "kubernetes" }}
apiVersion: apps/v1
kind: StatefulSet
{{- end }}
@@ -155,64 +154,3 @@ spec:
volumeMounts:
{{ include "docker_volume_mounts" . | indent 8 }}
{{- end }}
-
-{{ if .Values.invoker.containerFactory.kubernetes.agent.enabled }}
----
-apiVersion: apps/v1
-kind: DaemonSet
-metadata:
- name: {{ .Values.invoker.containerFactory.kubernetes.agent.name | quote }}
- namespace: {{ .Release.Namespace | quote }}
- labels:
- name: {{ .Values.invoker.containerFactory.kubernetes.agent.name | quote }}
-spec:
- selector:
- matchLabels:
- name: {{ .Values.invoker.containerFactory.kubernetes.agent.name | quote
}}
- template:
- metadata:
- labels:
- name: {{ .Values.invoker.containerFactory.kubernetes.agent.name |
quote }}
- spec:
- restartPolicy: Always
- hostNetwork: true
-
- affinity:
-{{ include "affinity.invoker" . | indent 8 }}
-
- volumes:
-{{ include "docker_volumes" . | indent 6 }}
- - name: userlogs
- emptyDir: {}
- - name: task-dir
- configMap:
- name: docker-pull-runtimes
-
- initContainers:
- # Pull images for all default runtimes before starting invoker
-{{ include "docker_pull_runtimes" . | indent 6 }}
-
- containers:
- - name: {{ .Values.invoker.containerFactory.kubernetes.agent.name |
quote }}
- imagePullPolicy: {{ .Values.invoker.imagePullPolicy | quote }}
- image: {{ .Values.invoker.containerFactory.kubernetes.agent.image }}
- securityContext:
- privileged: true
- ports:
- - name: agent
- containerPort: {{
.Values.invoker.containerFactory.kubernetes.agent.port }}
- volumeMounts:
-{{ include "docker_volume_mounts" . | indent 8 }}
- - name: userlogs
- mountPath: "/action-logs"
-{{- end }}
-
-
----
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: docker-pull-runtimes
- namespace: {{ .Release.Namespace | quote }}
-data:
-{{ (.Files.Glob "configMapFiles/dockerPullRuntimes/playbook.yml").AsConfig |
indent 2 }}
diff --git a/helm/openwhisk/templates/rolebindings.yaml
b/helm/openwhisk/templates/invoker-role.yaml
similarity index 50%
rename from helm/openwhisk/templates/rolebindings.yaml
rename to helm/openwhisk/templates/invoker-role.yaml
index 25a4fa3..b5b08e4 100644
--- a/helm/openwhisk/templates/rolebindings.yaml
+++ b/helm/openwhisk/templates/invoker-role.yaml
@@ -1,42 +1,12 @@
# Licensed to the Apache Software Foundation (ASF) under one or more
contributor
# license agreements; and to You under the Apache License, Version 2.0.
-# Core pods are allowed to have view access to k8s APIs
----
-apiVersion: v1
-kind: ServiceAccount
-metadata:
- namespace: {{ .Release.Namespace | quote }}
- name: ow-core
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: RoleBinding
-metadata:
- name: allow-view
- namespace: {{ .Release.Namespace | quote }}
-roleRef:
- apiGroup: rbac.authorization.k8s.io
- kind: ClusterRole
- name: view
-subjects:
- - kind: ServiceAccount
- name: ow-core
- namespace: {{ .Release.Namespace | quote }}
-
-
{{ if eq .Values.invoker.containerFactory.impl "kubernetes" }}
# When using KubernetesContainerFactory, invoker pods need extensive
# permissions to manage pods and deployments. The ability to create
# pods can enable privilege escalation attacks, so restrict it to a
# ServiceAccount that is only used for the invokers and only defined
# when using KubernetesContainerFactory.
----
-apiVersion: v1
-kind: ServiceAccount
-metadata:
- namespace: {{ .Release.Namespace | quote }}
- name: {{ .Values.invoker.name | quote }}
----
kind: Role
apiVersion: rbac.authorization.k8s.io/v1
metadata:
@@ -52,18 +22,4 @@ rules:
- apiGroups: [""]
resources: ["pods/log"]
verbs: ["get", "list"]
----
-kind: RoleBinding
-apiVersion: rbac.authorization.k8s.io/v1
-metadata:
- namespace: {{ .Release.Namespace | quote }}
- name: {{ .Values.invoker.name | quote }}
-subjects:
-- kind: ServiceAccount
- namespace: {{ .Release.Namespace | quote }}
- name: {{ .Values.invoker.name | quote }}
-roleRef:
- kind: Role
- name: {{ .Values.invoker.name | quote }}
- apiGroup: rbac.authorization.k8s.io
{{- end }}
diff --git a/helm/openwhisk/templates/invoker-rolebind.yaml
b/helm/openwhisk/templates/invoker-rolebind.yaml
new file mode 100644
index 0000000..faa2235
--- /dev/null
+++ b/helm/openwhisk/templates/invoker-rolebind.yaml
@@ -0,0 +1,23 @@
+# Licensed to the Apache Software Foundation (ASF) under one or more
contributor
+# license agreements; and to You under the Apache License, Version 2.0.
+
+{{ if eq .Values.invoker.containerFactory.impl "kubernetes" }}
+# When using KubernetesContainerFactory, invoker pods need extensive
+# permissions to manage pods and deployments. The ability to create
+# pods can enable privilege escalation attacks, so restrict it to a
+# ServiceAccount that is only used for the invokers and only defined
+# when using KubernetesContainerFactory.
+kind: RoleBinding
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+ namespace: {{ .Release.Namespace | quote }}
+ name: {{ .Values.invoker.name | quote }}
+subjects:
+- kind: ServiceAccount
+ namespace: {{ .Release.Namespace | quote }}
+ name: {{ .Values.invoker.name | quote }}
+roleRef:
+ kind: Role
+ name: {{ .Values.invoker.name | quote }}
+ apiGroup: rbac.authorization.k8s.io
+{{- end }}
diff --git a/helm/openwhisk/templates/invoker-svcacct.yaml
b/helm/openwhisk/templates/invoker-svcacct.yaml
new file mode 100644
index 0000000..006a786
--- /dev/null
+++ b/helm/openwhisk/templates/invoker-svcacct.yaml
@@ -0,0 +1,15 @@
+# Licensed to the Apache Software Foundation (ASF) under one or more
contributor
+# license agreements; and to You under the Apache License, Version 2.0.
+
+{{ if eq .Values.invoker.containerFactory.impl "kubernetes" }}
+# When using KubernetesContainerFactory, invoker pods need extensive
+# permissions to manage pods and deployments. The ability to create
+# pods can enable privilege escalation attacks, so restrict it to a
+# ServiceAccount that is only used for the invokers and only defined
+# when using KubernetesContainerFactory.
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+ namespace: {{ .Release.Namespace | quote }}
+ name: {{ .Values.invoker.name | quote }}
+{{- end }}
diff --git a/helm/openwhisk/templates/kafka.yaml
b/helm/openwhisk/templates/kafka-pod.yaml
similarity index 75%
rename from helm/openwhisk/templates/kafka.yaml
rename to helm/openwhisk/templates/kafka-pod.yaml
index 75d8041..b42981f 100644
--- a/helm/openwhisk/templates/kafka.yaml
+++ b/helm/openwhisk/templates/kafka-pod.yaml
@@ -1,20 +1,7 @@
# Licensed to the Apache Software Foundation (ASF) under one or more
contributor
# license agreements; and to You under the Apache License, Version 2.0.
-{{ if not .Values.kafka.external }}
-
-apiVersion: v1
-kind: Service
-metadata:
- name: {{ .Values.kafka.name | quote }}
- namespace: {{ .Release.Namespace | quote }}
-spec:
- ports:
- - name: broker
- port: {{ .Values.kafka.port }}
- selector:
- name: {{ .Values.kafka.name | quote }}
----
+{{ if not .Values.kafka.external }}
apiVersion: apps/v1
kind: StatefulSet
metadata:
@@ -79,20 +66,4 @@ spec:
# zookeeper info
- name: "KAFKA_ZOOKEEPER_CONNECT"
value: "{{ include "zookeeper_connect" . }}"
-
-{{- if .Values.kafka.persistence.enabled }}
----
-apiVersion: v1
-kind: PersistentVolumeClaim
-metadata:
- name: {{ .Values.kafka.persistence.pvcName | quote }}
- namespace: {{ .Release.Namespace | quote }}
-spec:
- storageClassName: {{ .Values.kafka.persistence.storageClass }}
- accessModes:
- - {{ .Values.kafka.persistence.accessMode }}
- resources:
- requests:
- storage: {{ .Values.kafka.persistence.size }}
-{{- end }}
{{- end }}
diff --git a/helm/openwhisk/templates/kafka-pvc.yaml
b/helm/openwhisk/templates/kafka-pvc.yaml
new file mode 100644
index 0000000..3d18e00
--- /dev/null
+++ b/helm/openwhisk/templates/kafka-pvc.yaml
@@ -0,0 +1,19 @@
+# Licensed to the Apache Software Foundation (ASF) under one or more
contributor
+# license agreements; and to You under the Apache License, Version 2.0.
+
+{{- if not .Values.kafka.external }}
+{{- if .Values.kafka.persistence.enabled }}
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+ name: {{ .Values.kafka.persistence.pvcName | quote }}
+ namespace: {{ .Release.Namespace | quote }}
+spec:
+ storageClassName: {{ .Values.kafka.persistence.storageClass }}
+ accessModes:
+ - {{ .Values.kafka.persistence.accessMode }}
+ resources:
+ requests:
+ storage: {{ .Values.kafka.persistence.size }}
+{{- end }}
+{{- end }}
diff --git a/helm/openwhisk/templates/kafka-svc.yaml
b/helm/openwhisk/templates/kafka-svc.yaml
new file mode 100644
index 0000000..0668489
--- /dev/null
+++ b/helm/openwhisk/templates/kafka-svc.yaml
@@ -0,0 +1,16 @@
+# Licensed to the Apache Software Foundation (ASF) under one or more
contributor
+# license agreements; and to You under the Apache License, Version 2.0.
+
+{{ if not .Values.kafka.external }}
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ .Values.kafka.name | quote }}
+ namespace: {{ .Release.Namespace | quote }}
+spec:
+ ports:
+ - name: broker
+ port: {{ .Values.kafka.port }}
+ selector:
+ name: {{ .Values.kafka.name | quote }}
+{{- end }}
diff --git a/helm/openwhisk/templates/nginxConfigMap.yaml
b/helm/openwhisk/templates/nginx-cm.yaml
similarity index 100%
rename from helm/openwhisk/templates/nginxConfigMap.yaml
rename to helm/openwhisk/templates/nginx-cm.yaml
diff --git a/helm/openwhisk/templates/nginx.yaml
b/helm/openwhisk/templates/nginx-pod.yaml
similarity index 70%
rename from helm/openwhisk/templates/nginx.yaml
rename to helm/openwhisk/templates/nginx-pod.yaml
index ef93432..5ed1300 100644
--- a/helm/openwhisk/templates/nginx.yaml
+++ b/helm/openwhisk/templates/nginx-pod.yaml
@@ -1,33 +1,6 @@
# Licensed to the Apache Software Foundation (ASF) under one or more
contributor
# license agreements; and to You under the Apache License, Version 2.0.
-apiVersion: v1
-kind: Service
-metadata:
- name: {{ .Values.nginx.name | quote }}
- namespace: {{ .Release.Namespace | quote }}
- labels:
- name: {{ .Values.nginx.name | quote }}
-spec:
- {{- if eq .Values.whisk.ingress.type "LoadBalancer" }}
- type: LoadBalancer
- {{- else if .Values.nginx.httpsNodePort }}
- type: NodePort
- {{- end }}
- selector:
- name: {{ .Values.nginx.name | quote }}
- ports:
- - port: {{ .Values.nginx.httpPort }}
- name: http
- - port: {{ .Values.nginx.httpsPort }}
- {{- if .Values.nginx.httpsNodePort }}
- nodePort: {{ .Values.nginx.httpsNodePort }}
- {{- end }}
- name: https-api
- - port: {{ .Values.nginx.httpsAdminPort }}
- name: https-admin
-
----
apiVersion: apps/v1
kind: Deployment
metadata:
diff --git a/helm/openwhisk/templates/nginxSecret.yaml
b/helm/openwhisk/templates/nginx-secret.yaml
similarity index 100%
rename from helm/openwhisk/templates/nginxSecret.yaml
rename to helm/openwhisk/templates/nginx-secret.yaml
diff --git a/helm/openwhisk/templates/nginx-svc.yaml
b/helm/openwhisk/templates/nginx-svc.yaml
new file mode 100644
index 0000000..5bf808b
--- /dev/null
+++ b/helm/openwhisk/templates/nginx-svc.yaml
@@ -0,0 +1,28 @@
+# Licensed to the Apache Software Foundation (ASF) under one or more
contributor
+# license agreements; and to You under the Apache License, Version 2.0.
+
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ .Values.nginx.name | quote }}
+ namespace: {{ .Release.Namespace | quote }}
+ labels:
+ name: {{ .Values.nginx.name | quote }}
+spec:
+ {{- if eq .Values.whisk.ingress.type "LoadBalancer" }}
+ type: LoadBalancer
+ {{- else if .Values.nginx.httpsNodePort }}
+ type: NodePort
+ {{- end }}
+ selector:
+ name: {{ .Values.nginx.name | quote }}
+ ports:
+ - port: {{ .Values.nginx.httpPort }}
+ name: http
+ - port: {{ .Values.nginx.httpsPort }}
+ {{- if .Values.nginx.httpsNodePort }}
+ nodePort: {{ .Values.nginx.httpsNodePort }}
+ {{- end }}
+ name: https-api
+ - port: {{ .Values.nginx.httpsAdminPort }}
+ name: https-admin
diff --git a/helm/openwhisk/templates/ow-core-rolebind.yaml
b/helm/openwhisk/templates/ow-core-rolebind.yaml
new file mode 100644
index 0000000..c2d928f
--- /dev/null
+++ b/helm/openwhisk/templates/ow-core-rolebind.yaml
@@ -0,0 +1,17 @@
+# Licensed to the Apache Software Foundation (ASF) under one or more
contributor
+# license agreements; and to You under the Apache License, Version 2.0.
+
+# Core pods are allowed to have view access to k8s APIs
+apiVersion: rbac.authorization.k8s.io/v1
+kind: RoleBinding
+metadata:
+ name: allow-view
+ namespace: {{ .Release.Namespace | quote }}
+roleRef:
+ apiGroup: rbac.authorization.k8s.io
+ kind: ClusterRole
+ name: view
+subjects:
+ - kind: ServiceAccount
+ name: ow-core
+ namespace: {{ .Release.Namespace | quote }}
diff --git a/helm/openwhisk/templates/ow-core-svcacct.yaml
b/helm/openwhisk/templates/ow-core-svcacct.yaml
new file mode 100644
index 0000000..23e223d
--- /dev/null
+++ b/helm/openwhisk/templates/ow-core-svcacct.yaml
@@ -0,0 +1,9 @@
+# Licensed to the Apache Software Foundation (ASF) under one or more
contributor
+# license agreements; and to You under the Apache License, Version 2.0.
+
+# Core pods are allowed to have view access to k8s APIs
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+ namespace: {{ .Release.Namespace | quote }}
+ name: ow-core
diff --git a/helm/openwhisk/templates/ow-db-cm.yaml
b/helm/openwhisk/templates/ow-db-cm.yaml
new file mode 100644
index 0000000..4949add
--- /dev/null
+++ b/helm/openwhisk/templates/ow-db-cm.yaml
@@ -0,0 +1,19 @@
+# Licensed to the Apache Software Foundation (ASF) under one or more
contributor
+# license agreements; and to You under the Apache License, Version 2.0.
+
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: db.config
+ namespace: {{ .Release.Namespace | quote }}
+data:
+ db_prefix: {{ .Values.db.dbPrefix | quote }}
+ db_protocol: {{ .Values.db.protocol | quote }}
+ db_provider: {{ .Values.db.provider | quote }}
+ db_host: {{ include "db_host" . | quote }}
+ db_port: {{ .Values.db.port | quote }}
+ db_url: "{{ .Values.db.protocol }}://{{ include "db_host" . }}:{{
.Values.db.port }}"
+ db_host_port: "{{ include "db_host" . }}:{{ .Values.db.port }}"
+ db_whisk_actions: {{ .Values.db.actionsTable | quote }}
+ db_whisk_activations: {{ .Values.db.activationsTable | quote }}
+ db_whisk_auths: {{ .Values.db.authsTable | quote }}
diff --git a/helm/openwhisk/templates/ow-db-secret.yaml
b/helm/openwhisk/templates/ow-db-secret.yaml
new file mode 100644
index 0000000..01d3054
--- /dev/null
+++ b/helm/openwhisk/templates/ow-db-secret.yaml
@@ -0,0 +1,12 @@
+# Licensed to the Apache Software Foundation (ASF) under one or more
contributor
+# license agreements; and to You under the Apache License, Version 2.0.
+
+apiVersion: v1
+kind: Secret
+metadata:
+ name: db.auth
+ namespace: {{ .Release.Namespace | quote }}
+type: Opaque
+data:
+ db_username: {{ .Values.db.auth.username | b64enc }}
+ db_password: {{ .Values.db.auth.password | b64enc }}
diff --git a/helm/openwhisk/templates/ow-docker-registry-secret.yaml
b/helm/openwhisk/templates/ow-docker-registry-secret.yaml
new file mode 100644
index 0000000..ec8db97
--- /dev/null
+++ b/helm/openwhisk/templates/ow-docker-registry-secret.yaml
@@ -0,0 +1,12 @@
+# Licensed to the Apache Software Foundation (ASF) under one or more
contributor
+# license agreements; and to You under the Apache License, Version 2.0.
+
+apiVersion: v1
+kind: Secret
+metadata:
+ name: docker.registry.auth
+ namespace: {{ .Release.Namespace | quote }}
+type: Opaque
+data:
+ docker_registry_username: {{ .Values.docker.registry.username | b64enc }}
+ docker_registry_password: {{ .Values.docker.registry.password | b64enc }}
diff --git a/helm/openwhisk/templates/clusterConfigMaps.yaml
b/helm/openwhisk/templates/ow-whisk-cm.yaml
similarity index 76%
rename from helm/openwhisk/templates/clusterConfigMaps.yaml
rename to helm/openwhisk/templates/ow-whisk-cm.yaml
index a581a64..acc0279 100644
--- a/helm/openwhisk/templates/clusterConfigMaps.yaml
+++ b/helm/openwhisk/templates/ow-whisk-cm.yaml
@@ -10,7 +10,6 @@
# whisk.ingress.apiHostPort is {{ required "You must provide a value for
whisk.ingress.apiHostPort (See docs/ingress.md)"
.Values.whisk.ingress.apiHostPort }}
{{- end }}
----
apiVersion: v1
kind: ConfigMap
metadata:
@@ -34,21 +33,3 @@ data:
whisk_api_host_nameAndPort: "{{ .Values.whisk.ingress.apiHostName }}:{{
.Values.whisk.ingress.apiHostPort }}"
whisk_api_host_url: "{{ .Values.whisk.ingress.apiHostProto }}://{{
.Values.whisk.ingress.apiHostName }}:{{ .Values.whisk.ingress.apiHostPort }}"
{{- end }}
-
----
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: db.config
- namespace: {{ .Release.Namespace | quote }}
-data:
- db_prefix: {{ .Values.db.dbPrefix | quote }}
- db_protocol: {{ .Values.db.protocol | quote }}
- db_provider: {{ .Values.db.provider | quote }}
- db_host: {{ include "db_host" . | quote }}
- db_port: {{ .Values.db.port | quote }}
- db_url: "{{ .Values.db.protocol }}://{{ include "db_host" . }}:{{
.Values.db.port }}"
- db_host_port: "{{ include "db_host" . }}:{{ .Values.db.port }}"
- db_whisk_actions: {{ .Values.db.actionsTable | quote }}
- db_whisk_activations: {{ .Values.db.activationsTable | quote }}
- db_whisk_auths: {{ .Values.db.authsTable | quote }}
diff --git a/helm/openwhisk/templates/ow-whisk-secret.yaml
b/helm/openwhisk/templates/ow-whisk-secret.yaml
new file mode 100644
index 0000000..db27da3
--- /dev/null
+++ b/helm/openwhisk/templates/ow-whisk-secret.yaml
@@ -0,0 +1,12 @@
+# Licensed to the Apache Software Foundation (ASF) under one or more
contributor
+# license agreements; and to You under the Apache License, Version 2.0.
+
+apiVersion: v1
+kind: Secret
+metadata:
+ name: whisk.auth
+ namespace: {{ .Release.Namespace | quote }}
+type: Opaque
+data:
+ system: {{ .Values.whisk.auth.system | b64enc }}
+ guest: {{ .Values.whisk.auth.guest | b64enc }}
diff --git a/helm/openwhisk/templates/redis.yaml
b/helm/openwhisk/templates/redis-pod.yaml
similarity index 69%
rename from helm/openwhisk/templates/redis.yaml
rename to helm/openwhisk/templates/redis-pod.yaml
index e6939fd..d71ab2b 100644
--- a/helm/openwhisk/templates/redis.yaml
+++ b/helm/openwhisk/templates/redis-pod.yaml
@@ -1,22 +1,6 @@
# Licensed to the Apache Software Foundation (ASF) under one or more
contributor
# license agreements; and to You under the Apache License, Version 2.0.
----
-apiVersion: v1
-kind: Service
-metadata:
- name: {{ .Values.redis.name | quote }}
- namespace: {{ .Release.Namespace | quote }}
- labels:
- name: {{ .Values.redis.name | quote }}
-spec:
- selector:
- name: {{ .Values.redis.name | quote }}
- ports:
- - port: {{ .Values.redis.port }}
- name: redis
-
----
apiVersion: apps/v1
kind: Deployment
metadata:
@@ -70,7 +54,7 @@ spec:
imagePullPolicy: {{ .Values.redis.imagePullPolicy | quote }}
image: {{ .Values.redis.image | quote }}
{{- if .Values.redis.persistence.enabled }}
- volumeMounts:
+ volumeMounts:
- mountPath: /data
name: redis-data
readOnly: false
@@ -78,19 +62,3 @@ spec:
ports:
- name: redis
containerPort: {{ .Values.redis.port }}
-
-{{- if .Values.redis.persistence.enabled }}
----
-apiVersion: v1
-kind: PersistentVolumeClaim
-metadata:
- name: {{ .Values.redis.persistence.pvcName | quote }}
- namespace: {{ .Release.Namespace | quote }}
-spec:
- storageClassName: {{ .Values.redis.persistence.storageClass }}
- accessModes:
- - {{ .Values.redis.persistence.accessMode }}
- resources:
- requests:
- storage: {{ .Values.redis.persistence.size }}
-{{- end }}
diff --git a/helm/openwhisk/templates/redis-pvc.yaml
b/helm/openwhisk/templates/redis-pvc.yaml
new file mode 100644
index 0000000..41e19af
--- /dev/null
+++ b/helm/openwhisk/templates/redis-pvc.yaml
@@ -0,0 +1,17 @@
+# Licensed to the Apache Software Foundation (ASF) under one or more
contributor
+# license agreements; and to You under the Apache License, Version 2.0.
+
+{{- if .Values.redis.persistence.enabled }}
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+ name: {{ .Values.redis.persistence.pvcName | quote }}
+ namespace: {{ .Release.Namespace | quote }}
+spec:
+ storageClassName: {{ .Values.redis.persistence.storageClass }}
+ accessModes:
+ - {{ .Values.redis.persistence.accessMode }}
+ resources:
+ requests:
+ storage: {{ .Values.redis.persistence.size }}
+{{- end }}
diff --git a/helm/openwhisk/templates/redis-svc.yaml
b/helm/openwhisk/templates/redis-svc.yaml
new file mode 100644
index 0000000..67fbe45
--- /dev/null
+++ b/helm/openwhisk/templates/redis-svc.yaml
@@ -0,0 +1,16 @@
+# Licensed to the Apache Software Foundation (ASF) under one or more
contributor
+# license agreements; and to You under the Apache License, Version 2.0.
+
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ .Values.redis.name | quote }}
+ namespace: {{ .Release.Namespace | quote }}
+ labels:
+ name: {{ .Values.redis.name | quote }}
+spec:
+ selector:
+ name: {{ .Values.redis.name | quote }}
+ ports:
+ - port: {{ .Values.redis.port }}
+ name: redis
diff --git a/helm/openwhisk/templates/zookeeper-cm.yaml
b/helm/openwhisk/templates/zookeeper-cm.yaml
new file mode 100644
index 0000000..db9f9d4
--- /dev/null
+++ b/helm/openwhisk/templates/zookeeper-cm.yaml
@@ -0,0 +1,25 @@
+# Licensed to the Apache Software Foundation (ASF) under one or more
contributor
+# license agreements; and to You under the Apache License, Version 2.0.
+
+{{ if not .Values.zookeeper.external }}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ .Values.zookeeper.name | quote }}
+ namespace: {{ .Release.Namespace | quote }}
+data:
+ zoo.cfg: |
+ tickTime={{ .Values.zookeeper.config.tickTime }}
+ clientPort={{ .Values.zookeeper.port }}
+ initLimit={{ .Values.zookeeper.config.initLimit }}
+ syncLimit={{ .Values.zookeeper.config.syncLimit }}
+ dataDir={{ .Values.zookeeper.config.dataDir }}
+ dataLogDir={{ .Values.zookeeper.config.dataLogDir }}
+{{- $kubeDomain := .Values.k8s.domain }}
+{{- $zkname := .Values.zookeeper.name }}
+{{- $zkserverport := .Values.zookeeper.serverPort }}
+{{- $zkelectionport := .Values.zookeeper.leaderElectionPort }}
+{{- range $i, $e := until (int .Values.zookeeper.replicaCount) }}
+ server.{{ . }}={{ $zkname }}-{{ . }}.{{ $zkname }}.{{ $.Release.Namespace
}}.svc.{{ $kubeDomain }}:{{ $zkserverport }}:{{ $zkelectionport }}
+{{- end }}
+{{- end }}
diff --git a/helm/openwhisk/templates/zookeeper.yaml
b/helm/openwhisk/templates/zookeeper-pod.yaml
similarity index 67%
rename from helm/openwhisk/templates/zookeeper.yaml
rename to helm/openwhisk/templates/zookeeper-pod.yaml
index 1132f66..0f5b4a6 100644
--- a/helm/openwhisk/templates/zookeeper.yaml
+++ b/helm/openwhisk/templates/zookeeper-pod.yaml
@@ -1,49 +1,7 @@
# Licensed to the Apache Software Foundation (ASF) under one or more
contributor
# license agreements; and to You under the Apache License, Version 2.0.
-{{ if not .Values.zookeeper.external }}
-
-apiVersion: v1
-kind: Service
-metadata:
- name: {{ .Values.zookeeper.name | quote }}
- namespace: {{ .Release.Namespace | quote }}
- labels:
- name: {{ .Values.zookeeper.name | quote }}
-spec:
- selector:
- name: {{ .Values.zookeeper.name | quote }}
- clusterIP: None
- ports:
- - port: {{ .Values.zookeeper.port }}
- name: "zookeeper"
- - port: {{ .Values.zookeeper.serverPort }}
- name: "server"
- - port: {{ .Values.zookeeper.leaderElectionPort }}
- name: "leader-election"
----
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: {{ .Values.zookeeper.name | quote }}
- namespace: {{ .Release.Namespace | quote }}
-data:
- zoo.cfg: |
- tickTime={{ .Values.zookeeper.config.tickTime }}
- clientPort={{ .Values.zookeeper.port }}
- initLimit={{ .Values.zookeeper.config.initLimit }}
- syncLimit={{ .Values.zookeeper.config.syncLimit }}
- dataDir={{ .Values.zookeeper.config.dataDir }}
- dataLogDir={{ .Values.zookeeper.config.dataLogDir }}
-{{- $kubeDomain := .Values.k8s.domain }}
-{{- $zkname := .Values.zookeeper.name }}
-{{- $zkserverport := .Values.zookeeper.serverPort }}
-{{- $zkelectionport := .Values.zookeeper.leaderElectionPort }}
-{{- range $i, $e := until (int .Values.zookeeper.replicaCount) }}
- server.{{ . }}={{ $zkname }}-{{ . }}.{{ $zkname }}.{{ $.Release.Namespace
}}.svc.{{ $kubeDomain }}:{{ $zkserverport }}:{{ $zkelectionport }}
-{{- end }}
-
----
+{{ if not .Values.zookeeper.external }}
apiVersion: apps/v1
kind: StatefulSet
metadata:
diff --git a/helm/openwhisk/templates/zookeeper-svc.yaml
b/helm/openwhisk/templates/zookeeper-svc.yaml
new file mode 100644
index 0000000..9ed2933
--- /dev/null
+++ b/helm/openwhisk/templates/zookeeper-svc.yaml
@@ -0,0 +1,23 @@
+# Licensed to the Apache Software Foundation (ASF) under one or more
contributor
+# license agreements; and to You under the Apache License, Version 2.0.
+
+{{ if not .Values.zookeeper.external }}
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ .Values.zookeeper.name | quote }}
+ namespace: {{ .Release.Namespace | quote }}
+ labels:
+ name: {{ .Values.zookeeper.name | quote }}
+spec:
+ selector:
+ name: {{ .Values.zookeeper.name | quote }}
+ clusterIP: None
+ ports:
+ - port: {{ .Values.zookeeper.port }}
+ name: "zookeeper"
+ - port: {{ .Values.zookeeper.serverPort }}
+ name: "server"
+ - port: {{ .Values.zookeeper.leaderElectionPort }}
+ name: "leader-election"
+{{- end }}
