-
Notifications
You must be signed in to change notification settings - Fork 72
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Co-authored-by: loganrobertclemons <loganrobertclemons.com>
- Loading branch information
1 parent
ce43fbb
commit 6c5787e
Showing
8 changed files
with
243 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,4 @@ | ||
| apiVersion: v2 | ||
| name: kubeip | ||
| description: A Helm chart for KubeIP | ||
| version: 0.1.0 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,27 @@ | ||
| {{- if .Release.IsInstall }} | ||
| 🎉 KubeIP v2 Deployment Successful! 🎉 | ||
|
|
||
| Thank you for installing KubeIP v2, ensuring that your Kubernetes nodes are now equipped with static public IP addresses for improved connectivity and reliability. | ||
|
|
||
| Next Steps: | ||
|
|
||
| 1. Verify the Operation: Ensure that KubeIP is running successfully on all desired nodes. You can check the status of the DaemonSet by running: | ||
|
|
||
| $ kubectl get daemonset kubeip -n kube-system | ||
|
|
||
| 2. Check IP Assignment: Ensure that static public IPs are assigned to your nodes. Run the following command to see the assigned IPs: | ||
|
|
||
| $ kubectl get nodes -o wide | ||
|
|
||
| 3. Review Logs (Optional): If you want to delve deeper or troubleshoot, you can review the logs of the KubeIP pods: | ||
|
|
||
| $ kubectl logs -l app=kubeip -n kube-system | ||
|
|
||
| 4. Update Your Firewall Rules: If you have specific firewall rules or IP whitelists, ensure they are updated to include the static IPs assigned to your nodes. | ||
|
|
||
| 5. Documentation and Support: For more information on configuration options, troubleshooting, and usage, please visit the [official KubeIP repository](https://github.com/doitintl/kubeip). | ||
|
|
||
| 6. Feedback and Contributions: Your feedback is valuable! If you encounter any issues, or if you have suggestions for improvements, please feel free to open an issue or contribute to the project on GitHub. | ||
|
|
||
| Enjoy the enhanced stability and connectivity that KubeIP brings to your Kubernetes cluster! 🚀 | ||
| {{- end }} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,90 @@ | ||
| {{/* vim: set filetype=mustache: */}} | ||
| {{/* | ||
| Expand the name of the chart. | ||
| */}} | ||
| {{- define "kubeip.name" -}} | ||
| {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} | ||
| {{- end }} | ||
|
|
||
| {{/* | ||
| Create a default fully qualified app name. | ||
| */}} | ||
| {{- define "kubeip.fullname" -}} | ||
| {{- if .Values.fullnameOverride }} | ||
| {{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} | ||
| {{- else }} | ||
| {{- $name := default .Chart.Name .Values.nameOverride }} | ||
| {{- if contains $name .Release.Name }} | ||
| {{- .Release.Name | trunc 63 | trimSuffix "-" }} | ||
| {{- else }} | ||
| {{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} | ||
| {{- end }} | ||
| {{- end }} | ||
| {{- end }} | ||
|
|
||
| {{/* | ||
| Create chart name and version as used by the chart label. | ||
| */}} | ||
| {{- define "kubeip.chart" -}} | ||
| {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} | ||
| {{- end }} | ||
|
|
||
| {{/* | ||
| Common labels | ||
| */}} | ||
| {{- define "kubeip.labels" -}} | ||
| helm.sh/chart: {{ include "kubeip.chart" . }} | ||
| {{ include "kubeip.selectorLabels" . }} | ||
| {{- with .Chart.AppVersion }} | ||
| app.kubernetes.io/version: {{ . | quote }} | ||
| {{- end }} | ||
| app.kubernetes.io/managed-by: {{ .Release.Service }} | ||
| {{- end }} | ||
|
|
||
| {{/* | ||
| Selector labels | ||
| */}} | ||
| {{- define "kubeip.selectorLabels" -}} | ||
| app.kubernetes.io/name: {{ include "kubeip.name" . }} | ||
| app.kubernetes.io/instance: {{ .Release.Name }} | ||
| {{- end }} | ||
|
|
||
| {{/* | ||
| Create the name of the service account to use | ||
| */}} | ||
| {{- define "kubeip.serviceAccountName" -}} | ||
| {{- if .Values.serviceAccount.create }} | ||
| {{- default (include "kubeip.fullname" .) .Values.serviceAccount.name }} | ||
| {{- else }} | ||
| {{- default "default" .Values.serviceAccount.name }} | ||
| {{- end }} | ||
| {{- end }} | ||
|
|
||
| {{/* | ||
| Define Ingress apiVersion | ||
| */}} | ||
| {{- define "kubeip.ingress.apiVersion" -}} | ||
| {{- printf "networking.k8s.io/v1" }} | ||
| {{- end }} | ||
|
|
||
| {{/* | ||
| Define Pdb apiVersion | ||
| */}} | ||
| {{- define "kubeip.pdb.apiVersion" -}} | ||
| {{- if $.Capabilities.APIVersions.Has "policy/v1/PodDisruptionBudget" }} | ||
| {{- printf "policy/v1" }} | ||
| {{- else }} | ||
| {{- printf "policy/v1beta1" }} | ||
| {{- end }} | ||
| {{- end }} | ||
|
|
||
| {{/* | ||
| Allow overriding kubeip namespace | ||
| */}} | ||
| {{- define "kubeip.namespace" -}} | ||
| {{- if .Values.namespaceOverride -}} | ||
| {{- .Values.namespaceOverride -}} | ||
| {{- else -}} | ||
| {{- .Release.Namespace -}} | ||
| {{- end -}} | ||
| {{- end -}} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,12 @@ | ||
| {{- if .Values.rbac.create }} | ||
| apiVersion: rbac.authorization.k8s.io/v1 | ||
| kind: ClusterRole | ||
| metadata: | ||
| name: {{ include "kubeip.fullname" . }}-cluster-role | ||
| labels: | ||
| {{- include "kubeip.labels" . | nindent 4 }} | ||
| rules: | ||
| - apiGroups: [ "" ] | ||
| resources: [ "nodes" ] | ||
| verbs: [ "get" ] | ||
| {{- end }} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,16 @@ | ||
| {{- if .Values.rbac.create }} | ||
| apiVersion: rbac.authorization.k8s.io/v1 | ||
| kind: ClusterRoleBinding | ||
| metadata: | ||
| name: {{ include "kubeip.fullname" . }}-cluster-role-binding | ||
| labels: | ||
| {{- include "kubeip.labels" . | nindent 4 }} | ||
| subjects: | ||
| - kind: ServiceAccount | ||
| name: {{ include "kubeip.serviceAccountName" . }} | ||
| namespace: {{ include "kubeip.namespace" . }} | ||
| roleRef: | ||
| kind: ClusterRole | ||
| name: {{ include "kubeip.fullname" . }}-cluster-role | ||
| apiGroup: rbac.authorization.k8s.io | ||
| {{- end }} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,39 @@ | ||
| apiVersion: apps/v1 | ||
| kind: DaemonSet | ||
| metadata: | ||
| name: {{ include "kubeip.fullname" . }} | ||
| labels: | ||
| {{- include "kubeip.labels" . | nindent 4 }} | ||
| spec: | ||
| selector: | ||
| matchLabels: | ||
| app.kubernetes.io/name: {{ include "kubeip.name" . }} | ||
| template: | ||
| metadata: | ||
| labels: | ||
| app.kubernetes.io/name: {{ include "kubeip.name" . }} | ||
| spec: | ||
| serviceAccountName: {{ include "kubeip.serviceAccountName" . | quote }} | ||
| terminationGracePeriodSeconds: {{ .Values.daemonSet.terminationGracePeriodSeconds }} | ||
| priorityClassName: {{ .Values.daemonSet.priorityClassName | quote }} | ||
| nodeSelector: | ||
| {{- if .Values.daemonSet.nodeSelector }} | ||
| {{- toYaml .Values.daemonSet.nodeSelector | nindent 8 }} | ||
| {{- end }} | ||
| containers: | ||
| - name: kubeip | ||
| image: "{{ .Values.image.repository }}" | ||
| imagePullPolicy: Always | ||
| resources: | ||
| {{- toYaml .Values.daemonSet.resources | nindent 12 }} | ||
| env: | ||
| - name: NODE_NAME | ||
| valueFrom: | ||
| fieldRef: | ||
| fieldPath: spec.nodeName | ||
| - name: FILTER | ||
| value: {{ .Values.daemonSet.env.FILTER | quote }} | ||
| - name: LOG_LEVEL | ||
| value: {{ .Values.daemonSet.env.LOG_LEVEL | quote }} | ||
| - name: LOG_JSON | ||
| value: {{ .Values.daemonSet.env.LOG_JSON | quote }} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,13 @@ | ||
| {{- if .Values.serviceAccount.create }} | ||
| apiVersion: v1 | ||
| kind: ServiceAccount | ||
| metadata: | ||
| name: {{ include "kubeip.serviceAccountName" . }} | ||
| namespace: {{ include "kubeip.namespace" . }} | ||
| annotations: | ||
| {{- if eq .Values.cloudProvider "gcp" }} | ||
| iam.gke.io/gcp-service-account: {{ required "A valid .Values.serviceAccount.annotations.gcpServiceAccountEmail entry required when cloudProvider is gcp" .Values.serviceAccount.annotations.gcpServiceAccountEmail }} | ||
| {{- else if eq .Values.cloudProvider "aws" }} | ||
| eks.amazonaws.com/role-arn: {{ required "A valid .Values.serviceAccount.annotations.awsRoleArn entry required when cloudProvider is aws" .Values.serviceAccount.annotations.awsRoleArn }} | ||
| {{- end }} | ||
| {{- end }} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,42 @@ | ||
| # The cloud provider where your Kubernetes cluster is running. | ||
| # This value determines the appropriate annotations for the Service Account. | ||
| # Currently acceptable values are 'gcp' or 'aws'. | ||
| cloudProvider: gcp | ||
|
|
||
| # The namespace where the kubeip-agent will be deployed. | ||
| namespaceOverride: kube-system | ||
|
|
||
| # Configuration settings for the container image. | ||
| image: | ||
| repository: doitintl/kubeip-agent | ||
| tag: latest | ||
|
|
||
| # Configuration for the Kubernetes Service Account. | ||
| serviceAccount: | ||
| create: true | ||
| name: kubeip-service-account | ||
| annotations: | ||
| gcpServiceAccountEmail: kubeip-service-account@workload-id-117715.iam.gserviceaccount.com | ||
| # annotations: | ||
| # awsRoleArn: "your-aws-role-arn" | ||
| # gcpServiceAccountEmail: "your-google-service-account-email" | ||
|
|
||
|
|
||
| # Role-Based Access Control (RBAC) configuration. | ||
| rbac: | ||
| create: true | ||
|
|
||
| # DaemonSet configuration. | ||
| daemonSet: | ||
| terminationGracePeriodSeconds: 30 | ||
| priorityClassName: system-node-critical | ||
| nodeSelector: | ||
| nodegroup: public | ||
| kubeip: use | ||
| env: | ||
| FILTER: labels.kubeip=reserved;labels.environment=demo | ||
| LOG_LEVEL: debug | ||
| LOG_JSON: true | ||
| resources: | ||
| requests: | ||
| cpu: 100m |