diff --git a/.github/dependabot.yml b/.github/dependabot.yml new file mode 100644 index 0000000..a7fae86 --- /dev/null +++ b/.github/dependabot.yml @@ -0,0 +1,9 @@ +# Set update schedule for GitHub Actions +version: 2 +updates: + - package-ecosystem: "github-actions" + directory: "/" + schedule: + # Check for updates to GitHub Actions every week + interval: "weekly" + day: monday diff --git a/.github/pull_request_template.md b/.github/pull_request_template.md new file mode 100644 index 0000000..1e7629e --- /dev/null +++ b/.github/pull_request_template.md @@ -0,0 +1,23 @@ + +#### Why is this pull request needed and what does it do? + +#### Which issues (if any) are related? + + +Checklist: + +* [ ] I have bumped the chart version according to [versioning](https://github.com/coredns/helm/blob/master/CONTRIBUTING.md#versioning). +* [ ] I have updated the chart changelog with all the changes that come with this pull request according to [changelog](https://github.com/coredns/helm/blob/master/CONTRIBUTING.md#changelog). +* [ ] Any new values are backwards compatible and/or have sensible default. +* [ ] I have signed off all my commits as required by [DCO](https://github.com/coredns/helm/blob/master/CONTRIBUTING.md#developer-certificate-of-origin). + +Changes are automatically published when merged to `main`. They are not published on branches. + +
+ Note on DCO + + If the DCO action in the integration test fails, one or more of your commits are not signed off. Please click on the *Details* link next to the DCO action for instructions on how to resolve this. + diff --git a/.github/workflows/lint-test.yaml b/.github/workflows/lint-test.yaml index b4bc0f7..989dbd1 100644 --- a/.github/workflows/lint-test.yaml +++ b/.github/workflows/lint-test.yaml @@ -7,36 +7,42 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@v2 + uses: actions/checkout@v4 with: fetch-depth: 0 - name: Set up Helm - uses: azure/setup-helm@v1 + uses: azure/setup-helm@v4 with: - version: v3.6.3 + version: v3.13.1 - - uses: actions/setup-python@v2 + - name: Add Helm repo + run: | + helm repo add cpa https://kubernetes-sigs.github.io/cluster-proportional-autoscaler + helm repo update + + - uses: actions/setup-python@v5 with: - python-version: 3.7 + python-version: '3.10' - name: Set up chart-testing - uses: helm/chart-testing-action@v2.1.0 + uses: helm/chart-testing-action@v2.6.1 - name: Run chart-testing (list-changed) id: list-changed run: | - changed=$(ct list-changed) + changed=$(ct list-changed --target-branch ${{ github.event.repository.default_branch }}) if [[ -n "$changed" ]]; then - echo "::set-output name=changed::true" + echo "changed=true" >> $GITHUB_OUTPUT fi - name: Run chart-testing (lint) - run: ct lint + run: ct lint --target-branch ${{ github.event.repository.default_branch }} - name: Create kind cluster - uses: helm/kind-action@v1.2.0 + uses: helm/kind-action@v1.10.0 if: steps.list-changed.outputs.changed == 'true' - name: Run chart-testing (install) - run: ct install + run: ct install --target-branch ${{ github.event.repository.default_branch }} + if: steps.list-changed.outputs.changed == 'true' diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 77a1dd6..86b04ce 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -10,7 +10,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@v2 + uses: actions/checkout@v4 with: fetch-depth: 0 @@ -21,11 +21,11 @@ jobs: - name: Set up Helm - uses: azure/setup-helm@v1 + uses: azure/setup-helm@v4 with: - version: v3.6.3 + version: v3.13.1 - name: Run chart-releaser - uses: helm/chart-releaser-action@v1.2.1 + uses: helm/chart-releaser-action@v1.6.0 env: CR_TOKEN: "${{ secrets.GITHUB_TOKEN }}" diff --git a/AUTHORS.md b/AUTHORS.md index b4e2de8..b3f7040 100644 --- a/AUTHORS.md +++ b/AUTHORS.md @@ -4,6 +4,8 @@ - Manuel RĂ¼ger - Adam Hamsik +- Hagai Barel +- Shubham Gupta ## Original Helm Chart Contributors diff --git a/CODE_OF_CONDUCT.md b/CODE_OF_CONDUCT.md new file mode 100644 index 0000000..7d0c3a6 --- /dev/null +++ b/CODE_OF_CONDUCT.md @@ -0,0 +1,3 @@ +## Coredns Community Code of Conduct + +Coredns follows the [CNCF Code of Conduct](https://github.com/cncf/foundation/blob/master/code-of-conduct.md). diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md new file mode 100644 index 0000000..d7be08b --- /dev/null +++ b/CONTRIBUTING.md @@ -0,0 +1,77 @@ +# Contributing to CoreDNS Helm Chart + +Welcome! Our community focuses on helping others and making CoreDNS the best it can be. We gladly accept contributions and encourage you to get involved! + +## Issues + +Before opening a new issue please search the [issue list](https://github.com/coredns/helm/issues) to ensure the issue hasn't been already reported. + +If not, [open an issue](https://github.com/coredns/coredns/issues) and answer the questions so we can understand and reproduce the problematic behavior. + +Please be aware that CoreDNS can be extremely flexible and offered as an add-on by many distros. While we strive to keep an open mind about supporting as many use cases as possible, we want to focus on things that fit *this* chart's use cases and not on a specific vendor installation or offering of CoreDNS. + +## Pull Requests + +Submit minor improvements or changes any time. For larger changes please raise an issue beforehand so we can coordinate the work and make sure the change is aligned with the chart's purpose. + +When submitting a pull request, please be mindful of the following: + +### Versioning + +We follow the [semver standard](https://semver.org/) for versioning. + +Please ensure chart version changes adhere to semantic versioning standards: + +* Major: Large chart rewrites, major non-backwards compatible or destructive changes +* Minor: New chart functionality (sidecars), major application updates or minor non-backwards compatible changes +* Patch: App version patch updates, backwards compatible optional chart features + +### Changelog + +As the chart is also published on Artifact Hub, we require a changelog per new chart release. Changes on a chart must be documented in a chart specific changelog in the `Chart.yaml` [Annotation Section](https://helm.sh/docs/topics/charts/#the-chartyaml-file). + +A new `artifacthub.io/changes` needs to be written covering only the changes since the previous release. Each change requires a new bullet point following the pattern. See more information [Artifact Hub annotations in Helm Chart.yaml file](https://artifacthub.io/docs/topics/annotations/helm/). + +```yaml +- kind: {type} + description: {description} +``` + +You can use the following template: + +```yaml +name: coredns +version: 1.19.6 +... +annotations: + artifacthub.io/changes: | + - kind: added + description: Something New was added + - kind: changed + description: Changed Something within this chart + - kind: changed + description: Changed Something else within this chart + - kind: deprecated + description: Something deprecated + - kind: removed + description: Something was removed + - kind: fixed + description: Something was fixed + - kind: security + description: Some Security Patch was included +``` + +### Developer Certificate of Origin + +As required by the CNCF's [charter](https://github.com/cncf/foundation/blob/master/charter.md#11-ip-policy), +all new code contributions must be accompanied by a [Developer Certificate of Origin (DCO)](https://developercertificate.org/). CoreDNS uses [Probot](https://github.com/probot/dco#how-it-works) to enforce the DCO on pull requests. + +You may use git option `-s` to append automatically to the `Sign-off-by` line to your commit messages: + +``` +$ git commit -s -m 'This is my commit message' +``` + +# Thank You + +Thanks for your help! CoreDNS would not be what it is today without your contributions. diff --git a/charts/coredns/Chart.yaml b/charts/coredns/Chart.yaml index ebd9637..9dd9aaf 100644 --- a/charts/coredns/Chart.yaml +++ b/charts/coredns/Chart.yaml @@ -1,7 +1,7 @@ apiVersion: v2 name: coredns -version: 1.16.4 -appVersion: 1.8.4 +version: 1.30.0 +appVersion: 1.11.1 home: https://coredns.io icon: https://coredns.io/images/CoreDNS_Colour_Horizontal.png description: CoreDNS is a DNS server that chains plugins and provides Kubernetes DNS Services @@ -14,8 +14,12 @@ sources: maintainers: - name: mrueg - name: haad -engine: gotpl + - name: hagaibarel + - name: shubham-cmyk type: application annotations: artifacthub.io/changes: | - - Initial helm chart changelog + - kind: changed + description: Ignore duplicate strings in the fullname helper template + - kind: removed + description: Removed deprecated "engine: gotpl" from the Chart.yaml diff --git a/charts/coredns/README.md b/charts/coredns/README.md index 39c6d9c..b98c4a2 100644 --- a/charts/coredns/README.md +++ b/charts/coredns/README.md @@ -13,13 +13,13 @@ $ helm --namespace=kube-system install coredns coredns/coredns This chart bootstraps a [CoreDNS](https://github.com/coredns/coredns) deployment on a [Kubernetes](http://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager. This chart will provide DNS Services and can be deployed in multiple configuration to support various scenarios listed below: - - CoreDNS as a cluster dns service and a drop-in replacement for Kube/SkyDNS. This is the default mode and CoreDNS is deployed as cluster-service in kube-system namespace. This mode is chosen by setting `isClusterService` to true. - - CoreDNS as an external dns service. In this mode CoreDNS is deployed as any kubernetes app in user specified namespace. The CoreDNS service can be exposed outside the cluster by using using either the NodePort or LoadBalancer type of service. This mode is chosen by setting `isClusterService` to false. - - CoreDNS as an external dns provider for kubernetes federation. This is a sub case of 'external dns service' which uses etcd plugin for CoreDNS backend. This deployment mode as a dependency on `etcd-operator` chart, which needs to be pre-installed. +- CoreDNS as a cluster dns service and a drop-in replacement for Kube/SkyDNS. This is the default mode and CoreDNS is deployed as cluster-service in kube-system namespace. This mode is chosen by setting `isClusterService` to true. +- CoreDNS as an external dns service. In this mode CoreDNS is deployed as any kubernetes app in user specified namespace. The CoreDNS service can be exposed outside the cluster by using using either the NodePort or LoadBalancer type of service. This mode is chosen by setting `isClusterService` to false. +- CoreDNS as an external dns provider for kubernetes federation. This is a sub case of 'external dns service' which uses etcd plugin for CoreDNS backend. This deployment mode as a dependency on `etcd-operator` chart, which needs to be pre-installed. ## Prerequisites -- Kubernetes 1.10 or later +- Kubernetes 1.10 or later ## Installing the Chart @@ -46,93 +46,101 @@ The command removes all the Kubernetes components associated with the chart and ## Configuration -| Parameter | Description | Default | -|:------------------------------------------------|:------------------------------------------------------------------------------------------------------------------------------------------|:------------------------------------------------------------| -| `image.repository` | The image repository to pull from | coredns/coredns | -| `image.tag` | The image tag to pull from | `1.8.4` | -| `image.pullPolicy` | Image pull policy | IfNotPresent | -| `image.pullSecrets` | Specify container image pull secrets | `[]` | -| `replicaCount` | Number of replicas | 1 | -| `resources.limits.cpu` | Container maximum CPU | `100m` | -| `resources.limits.memory` | Container maximum memory | `128Mi` | -| `resources.requests.cpu` | Container requested CPU | `100m` | -| `resources.requests.memory` | Container requested memory | `128Mi` | -| `serviceType` | Kubernetes Service type | `ClusterIP` | -| `prometheus.service.enabled` | Set this to `true` to create Service for Prometheus metrics | `false` | -| `prometheus.service.annotations` | Annotations to add to the metrics Service | `{prometheus.io/scrape: "true", prometheus.io/port: "9153"}`| -| `prometheus.monitor.enabled` | Set this to `true` to create ServiceMonitor for Prometheus operator | `false` | -| `prometheus.monitor.additionalLabels` | Additional labels that can be used so ServiceMonitor will be discovered by Prometheus | {} | -| `prometheus.monitor.namespace` | Selector to select which namespaces the Endpoints objects are discovered from. | `""` | -| `service.clusterIP` | IP address to assign to service | `""` | -| `service.loadBalancerIP` | IP address to assign to load balancer (if supported) | `""` | -| `service.externalIPs` | External IP addresses | [] | -| `service.externalTrafficPolicy` | Enable client source IP preservation | [] | -| `service.annotations` | Annotations to add to service | {} | -| `serviceAccount.create` | If true, create & use serviceAccount | false | -| `serviceAccount.name` | If not set & create is true, use template fullname | | -| `rbac.create` | If true, create & use RBAC resources | true | -| `rbac.pspEnable` | Specifies whether a PodSecurityPolicy should be created. | `false` | -| `isClusterService` | Specifies whether chart should be deployed as cluster-service or normal k8s app. | true | -| `priorityClassName` | Name of Priority Class to assign pods | `""` | -| `servers` | Configuration for CoreDNS and plugins | See values.yml | -| `livenessProbe.enabled` | Enable/disable the Liveness probe | `true` | -| `livenessProbe.initialDelaySeconds` | Delay before liveness probe is initiated | `60` | -| `livenessProbe.periodSeconds` | How often to perform the probe | `10` | -| `livenessProbe.timeoutSeconds` | When the probe times out | `5` | -| `livenessProbe.failureThreshold` | Minimum consecutive failures for the probe to be considered failed after having succeeded. | `5` | -| `livenessProbe.successThreshold` | Minimum consecutive successes for the probe to be considered successful after having failed. | `1` | -| `readinessProbe.enabled` | Enable/disable the Readiness probe | `true` | -| `readinessProbe.initialDelaySeconds` | Delay before readiness probe is initiated | `30` | -| `readinessProbe.periodSeconds` | How often to perform the probe | `10` | -| `readinessProbe.timeoutSeconds` | When the probe times out | `5` | -| `readinessProbe.failureThreshold` | Minimum consecutive failures for the probe to be considered failed after having succeeded. | `5` | -| `readinessProbe.successThreshold` | Minimum consecutive successes for the probe to be considered successful after having failed. | `1` | -| `affinity` | Affinity settings for pod assignment | {} | -| `nodeSelector` | Node labels for pod assignment | {} | -| `tolerations` | Tolerations for pod assignment | [] | -| `zoneFiles` | Configure custom Zone files | [] | -| `extraVolumes` | Optional array of volumes to create | [] | -| `extraVolumeMounts` | Optional array of volumes to mount inside the CoreDNS container | [] | -| `extraSecrets` | Optional array of secrets to mount inside the CoreDNS container | [] | -| `customLabels` | Optional labels for Deployment(s), Pod, Service, ServiceMonitor objects | {} | -| `rollingUpdate.maxUnavailable` | Maximum number of unavailable replicas during rolling update | `1` | -| `rollingUpdate.maxSurge` | Maximum number of pods created above desired number of pods | `25%` | -| `podDisruptionBudget` | Optional PodDisruptionBudget | {} | -| `podAnnotations` | Optional Pod only Annotations | {} | -| `terminationGracePeriodSeconds` | Optional duration in seconds the pod needs to terminate gracefully. | 30 | -| `preStopSleep` | Definition of Kubernetes preStop hook executed before Pod termination | {} | -| `hpa.enabled` | Enable Hpa autoscaler instead of proportional one | `false` | -| `hpa.minReplicas` | Hpa minimum number of CoreDNS replicas | `1` | -| `hpa.maxReplicas` | Hpa maximum number of CoreDNS replicas | `2` | -| `hpa.metrics` | Metrics definitions used by Hpa to scale up and down | {} | -| `autoscaler.enabled` | Optionally enabled a cluster-proportional-autoscaler for CoreDNS | `false` | -| `autoscaler.coresPerReplica` | Number of cores in the cluster per CoreDNS replica | `256` | -| `autoscaler.nodesPerReplica` | Number of nodes in the cluster per CoreDNS replica | `16` | -| `autoscaler.min` | Min size of replicaCount | 0 | -| `autoscaler.max` | Max size of replicaCount | 0 (aka no max) | -| `autoscaler.includeUnschedulableNodes` | Should the replicas scale based on the total number or only schedulable nodes | `false` | -| `autoscaler.preventSinglePointFailure` | If true does not allow single points of failure to form | `true` | -| `autoscaler.image.repository` | The image repository to pull autoscaler from | k8s.gcr.io/cluster-proportional-autoscaler-amd64 | -| `autoscaler.image.tag` | The image tag to pull autoscaler from | `1.8.1` | -| `autoscaler.image.pullPolicy` | Image pull policy for the autoscaler | IfNotPresent | -| `autoscaler.image.pullSecrets` | Specify container image pull secrets | `[]` | -| `autoscaler.priorityClassName` | Optional priority class for the autoscaler pod. `priorityClassName` used if not set. | `""` | -| `autoscaler.affinity` | Affinity settings for pod assignment for autoscaler | {} | -| `autoscaler.nodeSelector` | Node labels for pod assignment for autoscaler | {} | -| `autoscaler.tolerations` | Tolerations for pod assignment for autoscaler | [] | -| `autoscaler.resources.limits.cpu` | Container maximum CPU for cluster-proportional-autoscaler | `20m` | -| `autoscaler.resources.limits.memory` | Container maximum memory for cluster-proportional-autoscaler | `10Mi` | -| `autoscaler.resources.requests.cpu` | Container requested CPU for cluster-proportional-autoscaler | `20m` | -| `autoscaler.resources.requests.memory` | Container requested memory for cluster-proportional-autoscaler | `10Mi` | -| `autoscaler.configmap.annotations` | Annotations to add to autoscaler config map. For example to stop CI renaming them | {} | -| `autoscaler.livenessProbe.enabled` | Enable/disable the Liveness probe | `true` | -| `autoscaler.livenessProbe.initialDelaySeconds` | Delay before liveness probe is initiated | `10` | -| `autoscaler.livenessProbe.periodSeconds` | How often to perform the probe | `5` | -| `autoscaler.livenessProbe.timeoutSeconds` | When the probe times out | `5` | -| `autoscaler.livenessProbe.failureThreshold` | Minimum consecutive failures for the probe to be considered failed after having succeeded. | `3` | -| `autoscaler.livenessProbe.successThreshold` | Minimum consecutive successes for the probe to be considered successful after having failed. | `1` | -| `deployment.enabled` | Optionally disable the main deployment and its respective resources. | `true` | -| `deployment.name` | Name of the deployment if `deployment.enabled` is true. Otherwise the name of an existing deployment for the autoscaler or HPA to target. | `""` | +| Parameter | Description | Default | +| :--------------------------------------------- | :---------------------------------------------------------------------------------------------------------------------------------------- | :----------------------------------------------------------- | +| `image.repository` | The image repository to pull from | coredns/coredns | +| `image.tag` | The image tag to pull from (derived from Chart.yaml) | `` | +| `image.pullPolicy` | Image pull policy | IfNotPresent | +| `image.pullSecrets` | Specify container image pull secrets | `[]` | +| `replicaCount` | Number of replicas | 1 | +| `resources.limits.cpu` | Container maximum CPU | `100m` | +| `resources.limits.memory` | Container maximum memory | `128Mi` | +| `resources.requests.cpu` | Container requested CPU | `100m` | +| `resources.requests.memory` | Container requested memory | `128Mi` | +| `serviceType` | Kubernetes Service type | `ClusterIP` | +| `prometheus.service.enabled` | Set this to `true` to create Service for Prometheus metrics | `false` | +| `prometheus.service.annotations` | Annotations to add to the metrics Service | `{prometheus.io/scrape: "true", prometheus.io/port: "9153"}` | +| `prometheus.monitor.enabled` | Set this to `true` to create ServiceMonitor for Prometheus operator | `false` | +| `prometheus.monitor.additionalLabels` | Additional labels that can be used so ServiceMonitor will be discovered by Prometheus | {} | +| `prometheus.monitor.namespace` | Selector to select which namespaces the Endpoints objects are discovered from. | `""` | +| `prometheus.monitor.interval` | Scrape interval for polling the metrics endpoint. (E.g. "30s") | `""` | +| `service.clusterIP` | IP address to assign to service | `""` | +| `service.clusterIPs` | IP addresses to assign to service | `[]` | +| `service.loadBalancerIP` | IP address to assign to load balancer (if supported) | `""` | +| `service.externalIPs` | External IP addresses | [] | +| `service.externalTrafficPolicy` | Enable client source IP preservation | [] | +| `service.ipFamilyPolicy` | Service dual-stack policy | `""` | +| `service.annotations` | Annotations to add to service | {} | +| `serviceAccount.create` | If true, create & use serviceAccount | false | +| `serviceAccount.name` | If not set & create is true, use template fullname | | +| `rbac.create` | If true, create & use RBAC resources | true | +| `rbac.pspEnable` | Specifies whether a PodSecurityPolicy should be created. | `false` | +| `isClusterService` | Specifies whether chart should be deployed as cluster-service or normal k8s app. | true | +| `priorityClassName` | Name of Priority Class to assign pods | `""` | +| `securityContext` | securityContext definition for pods | capabilities.add.NET_BIND_SERVICE | +| `servers` | Configuration for CoreDNS and plugins | See values.yml | +| `livenessProbe.enabled` | Enable/disable the Liveness probe | `true` | +| `livenessProbe.initialDelaySeconds` | Delay before liveness probe is initiated | `60` | +| `livenessProbe.periodSeconds` | How often to perform the probe | `10` | +| `livenessProbe.timeoutSeconds` | When the probe times out | `5` | +| `livenessProbe.failureThreshold` | Minimum consecutive failures for the probe to be considered failed after having succeeded. | `5` | +| `livenessProbe.successThreshold` | Minimum consecutive successes for the probe to be considered successful after having failed. | `1` | +| `readinessProbe.enabled` | Enable/disable the Readiness probe | `true` | +| `readinessProbe.initialDelaySeconds` | Delay before readiness probe is initiated | `30` | +| `readinessProbe.periodSeconds` | How often to perform the probe | `10` | +| `readinessProbe.timeoutSeconds` | When the probe times out | `5` | +| `readinessProbe.failureThreshold` | Minimum consecutive failures for the probe to be considered failed after having succeeded. | `5` | +| `readinessProbe.successThreshold` | Minimum consecutive successes for the probe to be considered successful after having failed. | `1` | +| `affinity` | Affinity settings for pod assignment | {} | +| `nodeSelector` | Node labels for pod assignment | {} | +| `tolerations` | Tolerations for pod assignment | [] | +| `zoneFiles` | Configure custom Zone files | [] | +| `extraContainers` | Optional array of sidecar containers | [] | +| `extraVolumes` | Optional array of volumes to create | [] | +| `extraVolumeMounts` | Optional array of volumes to mount inside the CoreDNS container | [] | +| `extraSecrets` | Optional array of secrets to mount inside the CoreDNS container | [] | +| `customLabels` | Optional labels for Deployment(s), Pod, Service, ServiceMonitor objects | {} | +| `customAnnotations` | Optional annotations for Deployment(s), Pod, Service, ServiceMonitor objects | +| `rollingUpdate.maxUnavailable` | Maximum number of unavailable replicas during rolling update | `1` | +| `rollingUpdate.maxSurge` | Maximum number of pods created above desired number of pods | `25%` | +| `podDisruptionBudget` | Optional PodDisruptionBudget | {} | +| `podAnnotations` | Optional Pod only Annotations | {} | +| `terminationGracePeriodSeconds` | Optional duration in seconds the pod needs to terminate gracefully. | 30 | +| `hpa.enabled` | Enable Hpa autoscaler instead of proportional one | `false` | +| `hpa.minReplicas` | Hpa minimum number of CoreDNS replicas | `1` | +| `hpa.maxReplicas` | Hpa maximum number of CoreDNS replicas | `2` | +| `hpa.metrics` | Metrics definitions used by Hpa to scale up and down | {} | +| `autoscaler.enabled` | Optionally enabled a cluster-proportional-autoscaler for CoreDNS | `false` | +| `autoscaler.coresPerReplica` | Number of cores in the cluster per CoreDNS replica | `256` | +| `autoscaler.nodesPerReplica` | Number of nodes in the cluster per CoreDNS replica | `16` | +| `autoscaler.min` | Min size of replicaCount | 0 | +| `autoscaler.max` | Max size of replicaCount | 0 (aka no max) | +| `autoscaler.includeUnschedulableNodes` | Should the replicas scale based on the total number or only schedulable nodes | `false` | +| `autoscaler.preventSinglePointFailure` | If true does not allow single points of failure to form | `true` | +| `autoscaler.customFlags` | A list of custom flags to pass into cluster-proportional-autoscaler | (no args) | +| `autoscaler.image.repository` | The image repository to pull autoscaler from | registry.k8s.io/cpa/cluster-proportional-autoscaler | +| `autoscaler.image.tag` | The image tag to pull autoscaler from | `1.8.5` | +| `autoscaler.image.pullPolicy` | Image pull policy for the autoscaler | IfNotPresent | +| `autoscaler.image.pullSecrets` | Specify container image pull secrets | `[]` | +| `autoscaler.priorityClassName` | Optional priority class for the autoscaler pod. `priorityClassName` used if not set. | `""` | +| `autoscaler.affinity` | Affinity settings for pod assignment for autoscaler | {} | +| `autoscaler.nodeSelector` | Node labels for pod assignment for autoscaler | {} | +| `autoscaler.tolerations` | Tolerations for pod assignment for autoscaler | [] | +| `autoscaler.resources.limits.cpu` | Container maximum CPU for cluster-proportional-autoscaler | `20m` | +| `autoscaler.resources.limits.memory` | Container maximum memory for cluster-proportional-autoscaler | `10Mi` | +| `autoscaler.resources.requests.cpu` | Container requested CPU for cluster-proportional-autoscaler | `20m` | +| `autoscaler.resources.requests.memory` | Container requested memory for cluster-proportional-autoscaler | `10Mi` | +| `autoscaler.configmap.annotations` | Annotations to add to autoscaler config map. For example to stop CI renaming them | {} | +| `autoscaler.livenessProbe.enabled` | Enable/disable the Liveness probe | `true` | +| `autoscaler.livenessProbe.initialDelaySeconds` | Delay before liveness probe is initiated | `10` | +| `autoscaler.livenessProbe.periodSeconds` | How often to perform the probe | `5` | +| `autoscaler.livenessProbe.timeoutSeconds` | When the probe times out | `5` | +| `autoscaler.livenessProbe.failureThreshold` | Minimum consecutive failures for the probe to be considered failed after having succeeded. | `3` | +| `autoscaler.livenessProbe.successThreshold` | Minimum consecutive successes for the probe to be considered successful after having failed. | `1` | +| `autoscaler.extraContainers` | Optional array of sidecar containers | [] | +| `deployment.enabled` | Optionally disable the main deployment and its respective resources. | `true` | +| `deployment.name` | Name of the deployment if `deployment.enabled` is true. Otherwise the name of an existing deployment for the autoscaler or HPA to target. | `""` | +| `deployment.annotations` | Annotations to add to the main deployment | `{}` | See `values.yaml` for configuration notes. Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. For example, @@ -150,8 +158,7 @@ Alternatively, a YAML file that specifies the values for the above parameters ca $ helm install coredns coredns/coredns -f values.yaml ``` -> **Tip**: You can use the default [values.yaml](values.yaml) - +> **Tip**: You can use the default [values.yaml](/charts/coredns/values.yaml) ## Caveats @@ -182,3 +189,60 @@ the autoscaler deployment. By setting `hpa.enabled = true` a [Horizontal Pod Autoscaler](https://kubernetes.io/docs/tasks/run-application/horizontal-pod-autoscale/) is enabled for Coredns deployment. This can scale number of replicas based on meitrics like CpuUtilization, MemoryUtilization or Custom ones. + +## Adopting existing CoreDNS resources + +If you do not want to delete the existing CoreDNS resources in your cluster, you can adopt the resources into a release as of Helm 3.2.0. + +You will also need to annotate and label your existing resources to allow Helm to assume control of them. See: https://github.com/helm/helm/pull/7649 + +``` +annotations: + meta.helm.sh/release-name: your-release-name + meta.helm.sh/release-namespace: your-release-namespace +label: + app.kubernetes.io/managed-by: Helm +``` + +Once you have annotated and labeled all the resources this chart specifies, you may need to locally template the chart and compare against existing manifest to ensure there are no changes/diffs.s If +you have been careful this should not diff and leave all the resources unmodified and now under management of helm. + +Some values to investigate to help adopt your existing manifests to the Helm release are: + +- k8sAppLabelOverride +- service.name +- customLabels + +In some cases, you will need to orphan delete your existing deployment since selector labels are immutable. + +``` +kubectl delete deployment coredns --cascade=orphan +``` + +This will delete the deployment and leave the replicaset to ensure no downtime in the cluster. You will need to manually delete the replicaset AFTER Helm has released a new deployment. + +Here is an example script to modify the annotations and labels of existing resources: + +WARNING: Substitute YOUR_HELM_RELEASE_NAME_HERE with the name of your helm release. + +``` +#!/usr/bin/env bash + +set -euo pipefail + +for kind in config service serviceAccount; do + echo "setting annotations and labels on $kind/coredns" + kubectl -n kube-system annotate --overwrite $kind coredns meta.helm.sh/release-name=YOUR_HELM_RELEASE_NAME_HERE + kubectl -n kube-system annotate --overwrite $kind coredns meta.helm.sh/release-namespace=kube-system + kubectl -n kube-system label --overwrite $kind coredns app.kubernetes.io/managed-by=Helm +done +``` + +NOTE: Sometimes, previous deployments of kube-dns that have been migrated to CoreDNS still use kube-dns for the service name as well. + +``` +echo "setting annotations and labels on service/kube-dns" +kubectl -n kube-system annotate --overwrite service kube-dns meta.helm.sh/release-name=YOUR_HELM_RELEASE_NAME_HERE +kubectl -n kube-system annotate --overwrite service kube-dns meta.helm.sh/release-namespace=kube-system +kubectl -n kube-system label --overwrite service kube-dns app.kubernetes.io/managed-by=Helm +``` diff --git a/charts/coredns/templates/_helpers.tpl b/charts/coredns/templates/_helpers.tpl index 1554dde..6dc6833 100644 --- a/charts/coredns/templates/_helpers.tpl +++ b/charts/coredns/templates/_helpers.tpl @@ -15,9 +15,50 @@ We truncate at 63 chars because some Kubernetes name fields are limited to this {{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} {{- else -}} {{- $name := default .Chart.Name .Values.nameOverride -}} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} {{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} {{- end -}} {{- end -}} +{{- end -}} + +{{/* +Common labels +*/}} +{{- define "coredns.labels" -}} +app.kubernetes.io/managed-by: {{ .Release.Service | quote }} +app.kubernetes.io/instance: {{ .Release.Name | quote }} +helm.sh/chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" +{{- if .Values.isClusterService }} +k8s-app: {{ template "coredns.k8sapplabel" . }} +kubernetes.io/cluster-service: "true" +kubernetes.io/name: "CoreDNS" +{{- end }} +app.kubernetes.io/name: {{ template "coredns.name" . }} +{{- end -}} + +{{/* +Common labels with autoscaler +*/}} +{{- define "coredns.labels.autoscaler" -}} +app.kubernetes.io/managed-by: {{ .Release.Service | quote }} +app.kubernetes.io/instance: {{ .Release.Name | quote }} +helm.sh/chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" +{{- if .Values.isClusterService }} +k8s-app: {{ template "coredns.k8sapplabel" . }}-autoscaler +kubernetes.io/cluster-service: "true" +kubernetes.io/name: "CoreDNS" +{{- end }} +app.kubernetes.io/name: {{ template "coredns.name" . }}-autoscaler +{{- end -}} + +{{/* +Allow k8s-app label to be overridden +*/}} +{{- define "coredns.k8sapplabel" -}} +{{- default .Chart.Name .Values.k8sAppLabelOverride | trunc 63 | trimSuffix "-" -}} +{{- end -}} {{/* Generate the list of ports automatically from the server definitions @@ -63,17 +104,30 @@ Generate the list of ports automatically from the server definitions {{- $innerdict := set $innerdict "istcp" true -}} {{- end -}} + {{- if .nodePort -}} + {{- $innerdict := set $innerdict "nodePort" .nodePort -}} + {{- end -}} + {{/* Write the dict back into the outer dict */}} {{- $ports := set $ports $port $innerdict -}} {{- end -}} {{/* Write out the ports according to the info collected above */}} {{- range $port, $innerdict := $ports -}} + {{- $portList := list -}} {{- if index $innerdict "isudp" -}} - {{- printf "- {port: %v, protocol: UDP, name: udp-%s}\n" $port $port -}} + {{- $portList = append $portList (dict "port" ($port | int) "protocol" "UDP" "name" (printf "udp-%s" $port)) -}} {{- end -}} {{- if index $innerdict "istcp" -}} - {{- printf "- {port: %v, protocol: TCP, name: tcp-%s}\n" $port $port -}} + {{- $portList = append $portList (dict "port" ($port | int) "protocol" "TCP" "name" (printf "tcp-%s" $port)) -}} + {{- end -}} + + {{- range $portDict := $portList -}} + {{- if index $innerdict "nodePort" -}} + {{- $portDict := set $portDict "nodePort" (get $innerdict "nodePort" | int) -}} + {{- end -}} + + {{- printf "- %s\n" (toJson $portDict) -}} {{- end -}} {{- end -}} {{- end -}} @@ -122,17 +176,40 @@ Generate the list of ports automatically from the server definitions {{- $innerdict := set $innerdict "istcp" true -}} {{- end -}} + {{- if .hostPort -}} + {{- $innerdict := set $innerdict "hostPort" .hostPort -}} + {{- end -}} + {{/* Write the dict back into the outer dict */}} {{- $ports := set $ports $port $innerdict -}} + + {{/* Fetch port from the configuration if the prometheus section exists */}} + {{- range .plugins -}} + {{- if eq .name "prometheus" -}} + {{- $prometheus_addr := toString .parameters -}} + {{- $prometheus_addr_list := regexSplit ":" $prometheus_addr -1 -}} + {{- $prometheus_port := index $prometheus_addr_list 1 -}} + {{- $ports := set $ports $prometheus_port (dict "istcp" true "isudp" false) -}} + {{- end -}} + {{- end -}} {{- end -}} {{/* Write out the ports according to the info collected above */}} {{- range $port, $innerdict := $ports -}} + {{- $portList := list -}} {{- if index $innerdict "isudp" -}} - {{- printf "- {containerPort: %v, protocol: UDP, name: udp-%s}\n" $port $port -}} + {{- $portList = append $portList (dict "containerPort" ($port | int) "protocol" "UDP" "name" (printf "udp-%s" $port)) -}} {{- end -}} {{- if index $innerdict "istcp" -}} - {{- printf "- {containerPort: %v, protocol: TCP, name: tcp-%s}\n" $port $port -}} + {{- $portList = append $portList (dict "containerPort" ($port | int) "protocol" "TCP" "name" (printf "tcp-%s" $port)) -}} + {{- end -}} + + {{- range $portDict := $portList -}} + {{- if index $innerdict "hostPort" -}} + {{- $portDict := set $portDict "hostPort" (get $innerdict "hostPort" | int) -}} + {{- end -}} + + {{- printf "- %s\n" (toJson $portDict) -}} {{- end -}} {{- end -}} {{- end -}} diff --git a/charts/coredns/templates/clusterrole-autoscaler.yaml b/charts/coredns/templates/clusterrole-autoscaler.yaml index 748c62b..9bf57d2 100644 --- a/charts/coredns/templates/clusterrole-autoscaler.yaml +++ b/charts/coredns/templates/clusterrole-autoscaler.yaml @@ -4,19 +4,14 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: name: {{ template "coredns.fullname" . }}-autoscaler - labels: - app.kubernetes.io/managed-by: {{ .Release.Service | quote }} - app.kubernetes.io/instance: {{ .Release.Name | quote }} - helm.sh/chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" - {{- if .Values.isClusterService }} - k8s-app: {{ .Chart.Name }}-autoscaler - kubernetes.io/cluster-service: "true" - kubernetes.io/name: "CoreDNS" - {{- end }} - app.kubernetes.io/name: {{ template "coredns.name" . }}-autoscaler + labels: {{- include "coredns.labels.autoscaler" . | nindent 4 }} {{- if .Values.customLabels }} {{ toYaml .Values.customLabels | indent 4 }} {{- end }} +{{- with .Values.customAnnotations }} + annotations: +{{- toYaml . | nindent 4 }} +{{- end }} rules: - apiGroups: [""] resources: ["nodes"] diff --git a/charts/coredns/templates/clusterrole.yaml b/charts/coredns/templates/clusterrole.yaml index 8544681..c33762c 100644 --- a/charts/coredns/templates/clusterrole.yaml +++ b/charts/coredns/templates/clusterrole.yaml @@ -3,16 +3,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: name: {{ template "coredns.fullname" . }} - labels: - app.kubernetes.io/managed-by: {{ .Release.Service | quote }} - app.kubernetes.io/instance: {{ .Release.Name | quote }} - helm.sh/chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" - {{- if .Values.isClusterService }} - k8s-app: {{ .Chart.Name | quote }} - kubernetes.io/cluster-service: "true" - kubernetes.io/name: "CoreDNS" - {{- end }} - app.kubernetes.io/name: {{ template "coredns.name" . }} + labels: {{- include "coredns.labels" . | nindent 4 }} rules: - apiGroups: - "" diff --git a/charts/coredns/templates/clusterrolebinding-autoscaler.yaml b/charts/coredns/templates/clusterrolebinding-autoscaler.yaml index eafb38f..ef32306 100644 --- a/charts/coredns/templates/clusterrolebinding-autoscaler.yaml +++ b/charts/coredns/templates/clusterrolebinding-autoscaler.yaml @@ -4,19 +4,14 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: name: {{ template "coredns.fullname" . }}-autoscaler - labels: - app.kubernetes.io/managed-by: {{ .Release.Service | quote }} - app.kubernetes.io/instance: {{ .Release.Name | quote }} - helm.sh/chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" - {{- if .Values.isClusterService }} - k8s-app: {{ .Chart.Name }}-autoscaler - kubernetes.io/cluster-service: "true" - kubernetes.io/name: "CoreDNS" - {{- end }} - app.kubernetes.io/name: {{ template "coredns.name" . }}-autoscaler + labels: {{- include "coredns.labels.autoscaler" . | nindent 4 }} {{- if .Values.customLabels }} {{ toYaml .Values.customLabels | indent 4 }} {{- end }} +{{- with .Values.customAnnotations }} + annotations: +{{- toYaml . | nindent 4 }} +{{- end }} roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole diff --git a/charts/coredns/templates/clusterrolebinding.yaml b/charts/coredns/templates/clusterrolebinding.yaml index 1d3cb53..36fa21c 100644 --- a/charts/coredns/templates/clusterrolebinding.yaml +++ b/charts/coredns/templates/clusterrolebinding.yaml @@ -3,16 +3,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: name: {{ template "coredns.fullname" . }} - labels: - app.kubernetes.io/managed-by: {{ .Release.Service | quote }} - app.kubernetes.io/instance: {{ .Release.Name | quote }} - helm.sh/chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" - {{- if .Values.isClusterService }} - k8s-app: {{ .Chart.Name | quote }} - kubernetes.io/cluster-service: "true" - kubernetes.io/name: "CoreDNS" - {{- end }} - app.kubernetes.io/name: {{ template "coredns.name" . }} + labels: {{- include "coredns.labels" . | nindent 4 }} roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole diff --git a/charts/coredns/templates/configmap-autoscaler.yaml b/charts/coredns/templates/configmap-autoscaler.yaml index 12210c2..b10eb59 100644 --- a/charts/coredns/templates/configmap-autoscaler.yaml +++ b/charts/coredns/templates/configmap-autoscaler.yaml @@ -5,22 +5,18 @@ apiVersion: v1 metadata: name: {{ template "coredns.fullname" . }}-autoscaler namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/managed-by: {{ .Release.Service | quote }} - app.kubernetes.io/instance: {{ .Release.Name | quote }} - helm.sh/chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" - {{- if .Values.isClusterService }} - k8s-app: {{ .Chart.Name }}-autoscaler - kubernetes.io/cluster-service: "true" - kubernetes.io/name: "CoreDNS" - {{- end }} - app.kubernetes.io/name: {{ template "coredns.name" . }}-autoscaler + labels: {{- include "coredns.labels.autoscaler" . | nindent 4 }} {{- if .Values.customLabels }} {{- toYaml .Values.customLabels | nindent 4 }} {{- end }} - {{- if .Values.autoscaler.configmap.annotations }} + {{- if or .Values.autoscaler.configmap.annotations .Values.customAnnotations }} annotations: - {{- toYaml .Values.autoscaler.configmap.annotations | nindent 4 }} + {{- if .Values.customAnnotations }} + {{- toYaml .Values.customAnnotations | nindent 4 }} + {{- end }} + {{- if .Values.autoscaler.configmap.annotations -}} + {{ toYaml .Values.autoscaler.configmap.annotations | nindent 4 }} + {{- end }} {{- end }} data: # When cluster is using large nodes(with more cores), "coresPerReplica" should dominate. diff --git a/charts/coredns/templates/configmap.yaml b/charts/coredns/templates/configmap.yaml index 4aa9498..2154b76 100644 --- a/charts/coredns/templates/configmap.yaml +++ b/charts/coredns/templates/configmap.yaml @@ -5,21 +5,20 @@ apiVersion: v1 kind: ConfigMap metadata: name: {{ template "coredns.fullname" . }} - labels: - app.kubernetes.io/managed-by: {{ .Release.Service | quote }} - app.kubernetes.io/instance: {{ .Release.Name | quote }} - helm.sh/chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" - {{- if .Values.isClusterService }} - k8s-app: {{ .Chart.Name | quote }} - kubernetes.io/cluster-service: "true" - kubernetes.io/name: "CoreDNS" - {{- end }} - app.kubernetes.io/name: {{ template "coredns.name" . }} + namespace: {{ .Release.Namespace }} + labels: {{- include "coredns.labels" . | nindent 4 }} {{- if .Values.customLabels }} {{ toYaml .Values.customLabels | indent 4 }} {{- end }} +{{- with .Values.customAnnotations }} + annotations: +{{- toYaml . | nindent 4 }} +{{- end }} data: Corefile: |- + {{- range $name, $conf := .Values.extraConfig }} + {{ $name }}{{ if $conf.parameters }} {{ $conf.parameters }}{{ end }} + {{- end }} {{ range .Values.servers }} {{- range $idx, $zone := .zones }}{{ if $idx }} {{ else }}{{ end }}{{ default "" $zone.scheme }}{{ default "." $zone.zone }}{{ else }}.{{ end -}} {{- if .port }}:{{ .port }} {{ end -}} diff --git a/charts/coredns/templates/deployment-autoscaler.yaml b/charts/coredns/templates/deployment-autoscaler.yaml index 517bb37..7de5c06 100644 --- a/charts/coredns/templates/deployment-autoscaler.yaml +++ b/charts/coredns/templates/deployment-autoscaler.yaml @@ -5,32 +5,29 @@ kind: Deployment metadata: name: {{ template "coredns.fullname" . }}-autoscaler namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/managed-by: {{ .Release.Service | quote }} - app.kubernetes.io/instance: {{ .Release.Name | quote }} - helm.sh/chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" - {{- if .Values.isClusterService }} - k8s-app: {{ .Chart.Name }}-autoscaler - kubernetes.io/cluster-service: "true" - kubernetes.io/name: "CoreDNS" - {{- end }} - app.kubernetes.io/name: {{ template "coredns.name" . }}-autoscaler + labels: {{- include "coredns.labels.autoscaler" . | nindent 4 }} {{- if .Values.customLabels }} {{ toYaml .Values.customLabels | indent 4 }} {{- end }} +{{- with .Values.customAnnotations }} + annotations: +{{- toYaml . | nindent 4 }} +{{- end }} spec: selector: matchLabels: app.kubernetes.io/instance: {{ .Release.Name | quote }} {{- if .Values.isClusterService }} - k8s-app: {{ .Chart.Name }}-autoscaler + k8s-app: {{ template "coredns.k8sapplabel" . }}-autoscaler {{- end }} app.kubernetes.io/name: {{ template "coredns.name" . }}-autoscaler template: metadata: labels: {{- if .Values.isClusterService }} - k8s-app: {{ .Chart.Name }}-autoscaler + {{- if not (hasKey .Values.customLabels "k8s-app")}} + k8s-app: {{ template "coredns.k8sapplabel" . }}-autoscaler + {{- end }} {{- end }} app.kubernetes.io/name: {{ template "coredns.name" . }}-autoscaler app.kubernetes.io/instance: {{ .Release.Name | quote }} @@ -40,9 +37,11 @@ spec: annotations: checksum/configmap: {{ include (print $.Template.BasePath "/configmap-autoscaler.yaml") . | sha256sum }} {{- if .Values.isClusterService }} - scheduler.alpha.kubernetes.io/critical-pod: '' scheduler.alpha.kubernetes.io/tolerations: '[{"key":"CriticalAddonsOnly", "operator":"Exists"}]' {{- end }} + {{- with .Values.autoscaler.podAnnotations }} + {{- toYaml . | nindent 8 }} + {{- end }} spec: serviceAccountName: {{ template "coredns.fullname" . }}-autoscaler {{- $priorityClassName := default .Values.priorityClassName .Values.autoscaler.priorityClassName }} @@ -60,6 +59,10 @@ spec: {{- if .Values.autoscaler.nodeSelector }} nodeSelector: {{ toYaml .Values.autoscaler.nodeSelector | indent 8 }} + {{- end }} + {{- if not (empty .Values.autoscaler.image.pullSecrets) }} + imagePullSecrets: +{{ toYaml .Values.autoscaler.image.pullSecrets | indent 8 }} {{- end }} containers: - name: autoscaler @@ -86,4 +89,10 @@ spec: - --target=Deployment/{{ default (include "coredns.fullname" .) .Values.deployment.name }} - --logtostderr=true - --v=2 + {{- if .Values.autoscaler.customFlags }} +{{ toYaml .Values.autoscaler.customFlags | indent 10 }} + {{- end }} +{{- if .Values.autoscaler.extraContainers }} +{{ toYaml .Values.autoscaler.extraContainers | indent 6 }} +{{- end }} {{- end }} diff --git a/charts/coredns/templates/deployment.yaml b/charts/coredns/templates/deployment.yaml index 7ac0bbc..1b3f86f 100644 --- a/charts/coredns/templates/deployment.yaml +++ b/charts/coredns/templates/deployment.yaml @@ -4,22 +4,23 @@ apiVersion: apps/v1 kind: Deployment metadata: name: {{ default (include "coredns.fullname" .) .Values.deployment.name }} - labels: - app.kubernetes.io/managed-by: {{ .Release.Service | quote }} - app.kubernetes.io/instance: {{ .Release.Name | quote }} - helm.sh/chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" - {{- if .Values.isClusterService }} - k8s-app: {{ .Chart.Name | quote }} - kubernetes.io/cluster-service: "true" - kubernetes.io/name: "CoreDNS" - {{- end }} - app.kubernetes.io/name: {{ template "coredns.name" . }} + namespace: {{ .Release.Namespace }} + labels: {{- include "coredns.labels" . | nindent 4 }} app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} {{- if .Values.customLabels }} {{ toYaml .Values.customLabels | indent 4 }} {{- end }} + {{- if or .Values.deployment.annotations .Values.customAnnotations }} + annotations: + {{- if .Values.customAnnotations }} + {{- toYaml .Values.customAnnotations | nindent 4 }} + {{- end }} + {{- if .Values.deployment.annotations }} + {{- toYaml .Values.deployment.annotations | nindent 4 }} + {{- end }} + {{- end }} spec: - {{- if not .Values.autoscaler.enabled }} + {{- if and (not .Values.autoscaler.enabled) (not .Values.hpa.enabled) }} replicas: {{ .Values.replicaCount }} {{- end }} strategy: @@ -31,14 +32,14 @@ spec: matchLabels: app.kubernetes.io/instance: {{ .Release.Name | quote }} {{- if .Values.isClusterService }} - k8s-app: {{ .Chart.Name | quote }} + k8s-app: {{ template "coredns.k8sapplabel" . }} {{- end }} app.kubernetes.io/name: {{ template "coredns.name" . }} template: metadata: labels: {{- if .Values.isClusterService }} - k8s-app: {{ .Chart.Name | quote }} + k8s-app: {{ template "coredns.k8sapplabel" . }} {{- end }} app.kubernetes.io/name: {{ template "coredns.name" . }} app.kubernetes.io/instance: {{ .Release.Name | quote }} @@ -48,13 +49,15 @@ spec: annotations: checksum/config: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }} {{- if .Values.isClusterService }} - scheduler.alpha.kubernetes.io/critical-pod: '' scheduler.alpha.kubernetes.io/tolerations: '[{"key":"CriticalAddonsOnly", "operator":"Exists"}]' {{- end }} {{- if .Values.podAnnotations }} {{ toYaml .Values.podAnnotations | indent 8 }} {{- end }} spec: + {{- if .Values.podSecurityContext }} + securityContext: {{ toYaml .Values.podSecurityContext | nindent 8 }} + {{- end }} {{- if .Values.terminationGracePeriodSeconds }} terminationGracePeriodSeconds: {{ .Values.terminationGracePeriodSeconds }} {{- end }} @@ -68,6 +71,10 @@ spec: {{- if .Values.affinity }} affinity: {{ toYaml .Values.affinity | indent 8 }} + {{- end }} + {{- if .Values.topologySpreadConstraints }} + topologySpreadConstraints: +{{ tpl (toYaml .Values.topologySpreadConstraints) $ | indent 8 }} {{- end }} {{- if .Values.tolerations }} tolerations: @@ -76,10 +83,14 @@ spec: {{- if .Values.nodeSelector }} nodeSelector: {{ toYaml .Values.nodeSelector | indent 8 }} + {{- end }} + {{- if not (empty .Values.image.pullSecrets) }} + imagePullSecrets: +{{ toYaml .Values.image.pullSecrets | indent 8 }} {{- end }} containers: - name: "coredns" - image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" + image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" imagePullPolicy: {{ .Values.image.pullPolicy }} args: [ "-conf", "/etc/coredns/Corefile" ] volumeMounts: @@ -121,15 +132,12 @@ spec: successThreshold: {{ .Values.readinessProbe.successThreshold }} failureThreshold: {{ .Values.readinessProbe.failureThreshold }} {{- end }} - {{- if .Values.preStopSleep }} - lifecycle: - preStop: - exec: - command: ["/usr/bin/sleep", "{{ .Values.preStopSleep }}"] - {{- end }} {{- if .Values.securityContext }} securityContext: {{- toYaml .Values.securityContext | nindent 10 }} +{{- end }} +{{- if .Values.extraContainers }} +{{ toYaml .Values.extraContainers | indent 6 }} {{- end }} volumes: - name: config-volume @@ -146,7 +154,7 @@ spec: - name: {{ .name }} secret: secretName: {{ .name }} - defaultMode: 400 + defaultMode: {{ default 400 .defaultMode }} {{- end }} {{- if .Values.extraVolumes }} {{ toYaml .Values.extraVolumes | indent 8 }} diff --git a/charts/coredns/templates/hpa.yaml b/charts/coredns/templates/hpa.yaml index 068b9fb..7fcc993 100644 --- a/charts/coredns/templates/hpa.yaml +++ b/charts/coredns/templates/hpa.yaml @@ -1,22 +1,22 @@ {{- if and (.Values.hpa.enabled) (not .Values.autoscaler.enabled) }} --- +{{- if .Capabilities.APIVersions.Has "autoscaling/v2" }} +apiVersion: autoscaling/v2 +{{- else }} apiVersion: autoscaling/v2beta2 +{{- end }} kind: HorizontalPodAutoscaler metadata: name: {{ template "coredns.fullname" . }} - labels: - app.kubernetes.io/managed-by: {{ .Release.Service | quote }} - app.kubernetes.io/instance: {{ .Release.Name | quote }} - helm.sh/chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" - {{- if .Values.isClusterService }} - k8s-app: {{ .Chart.Name | quote }} - kubernetes.io/cluster-service: "true" - kubernetes.io/name: "CoreDNS" - {{- end }} - app.kubernetes.io/name: {{ template "coredns.name" . }} + namespace: {{ .Release.Namespace }} + labels: {{- include "coredns.labels" . | nindent 4 }} {{- if .Values.customLabels }} {{ toYaml .Values.customLabels | indent 4 }} {{- end }} +{{- with .Values.customAnnotations }} + annotations: +{{- toYaml . | nindent 4 }} +{{- end }} spec: scaleTargetRef: apiVersion: apps/v1 diff --git a/charts/coredns/templates/poddisruptionbudget.yaml b/charts/coredns/templates/poddisruptionbudget.yaml index 7754896..9cc62c1 100644 --- a/charts/coredns/templates/poddisruptionbudget.yaml +++ b/charts/coredns/templates/poddisruptionbudget.yaml @@ -1,27 +1,23 @@ {{- if and .Values.deployment.enabled .Values.podDisruptionBudget -}} -apiVersion: policy/v1beta1 +apiVersion: policy/v1 kind: PodDisruptionBudget metadata: name: {{ template "coredns.fullname" . }} - labels: - app.kubernetes.io/managed-by: {{ .Release.Service | quote }} - app.kubernetes.io/instance: {{ .Release.Name | quote }} - helm.sh/chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" - {{- if .Values.isClusterService }} - k8s-app: {{ .Chart.Name | quote }} - kubernetes.io/cluster-service: "true" - kubernetes.io/name: "CoreDNS" - {{- end }} - app.kubernetes.io/name: {{ template "coredns.name" . }} + namespace: {{ .Release.Namespace }} + labels: {{- include "coredns.labels" . | nindent 4 }} {{- if .Values.customLabels }} {{ toYaml .Values.customLabels | indent 4 }} {{- end }} +{{- with .Values.customAnnotations }} + annotations: +{{- toYaml . | nindent 4 }} +{{- end }} spec: selector: matchLabels: app.kubernetes.io/instance: {{ .Release.Name | quote }} {{- if .Values.isClusterService }} - k8s-app: {{ .Chart.Name | quote }} + k8s-app: {{ template "coredns.k8sapplabel" . }} {{- end }} app.kubernetes.io/name: {{ template "coredns.name" . }} {{ toYaml .Values.podDisruptionBudget | indent 2 }} diff --git a/charts/coredns/templates/podsecuritypolicy.yaml b/charts/coredns/templates/podsecuritypolicy.yaml index 8a5d727..6e02e00 100644 --- a/charts/coredns/templates/podsecuritypolicy.yaml +++ b/charts/coredns/templates/podsecuritypolicy.yaml @@ -7,25 +7,15 @@ apiVersion: extensions/v1beta1 kind: PodSecurityPolicy metadata: name: {{ template "coredns.fullname" . }} - labels: - app.kubernetes.io/managed-by: {{ .Release.Service | quote }} - app.kubernetes.io/instance: {{ .Release.Name | quote }} - helm.sh/chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" - {{- if .Values.isClusterService }} - k8s-app: {{ .Chart.Name | quote }} - kubernetes.io/cluster-service: "true" - kubernetes.io/name: "CoreDNS" - {{- else }} - app.kubernetes.io/name: {{ template "coredns.name" . }} - {{- end }} + labels: {{- include "coredns.labels" . | nindent 4 }} spec: privileged: false # Required to prevent escalations to root. allowPrivilegeEscalation: false # Add back CAP_NET_BIND_SERVICE so that coredns can run on port 53 allowedCapabilities: - - CAP_NET_BIND_SERVICE - # Allow core volume types. + - NET_BIND_SERVICE + # Allow core volume types. volumes: - 'configMap' - 'emptyDir' diff --git a/charts/coredns/templates/service-metrics.yaml b/charts/coredns/templates/service-metrics.yaml index b91922d..1fc7b2d 100644 --- a/charts/coredns/templates/service-metrics.yaml +++ b/charts/coredns/templates/service-metrics.yaml @@ -3,27 +3,29 @@ apiVersion: v1 kind: Service metadata: name: {{ template "coredns.fullname" . }}-metrics - labels: - app.kubernetes.io/managed-by: {{ .Release.Service | quote }} - app.kubernetes.io/instance: {{ .Release.Name | quote }} - helm.sh/chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" - {{- if .Values.isClusterService }} - k8s-app: {{ .Chart.Name | quote }} - kubernetes.io/cluster-service: "true" - kubernetes.io/name: "CoreDNS" - {{- end }} - app.kubernetes.io/name: {{ template "coredns.name" . }} + namespace: {{ .Release.Namespace }} + labels: {{- include "coredns.labels" . | nindent 4 }} app.kubernetes.io/component: metrics {{- if .Values.customLabels }} {{ toYaml .Values.customLabels | indent 4 }} {{- end }} + {{- if or .Values.prometheus.service.annotations .Values.service.annotations .Values.customAnnotations }} annotations: -{{ toYaml .Values.prometheus.service.annotations | indent 4 }} + {{- if .Values.prometheus.service.annotations }} + {{- toYaml .Values.prometheus.service.annotations | nindent 4 }} + {{- end }} + {{- if .Values.service.annotations }} + {{- toYaml .Values.service.annotations | nindent 4 }} + {{- end }} + {{- if .Values.customAnnotations }} + {{- toYaml .Values.customAnnotations | nindent 4 }} + {{- end }} + {{- end }} spec: selector: app.kubernetes.io/instance: {{ .Release.Name | quote }} {{- if .Values.isClusterService }} - k8s-app: {{ .Chart.Name | quote }} + k8s-app: {{ template "coredns.k8sapplabel" . }} {{- end }} app.kubernetes.io/name: {{ template "coredns.name" . }} ports: diff --git a/charts/coredns/templates/service.yaml b/charts/coredns/templates/service.yaml index 58d2b15..e9c5b96 100644 --- a/charts/coredns/templates/service.yaml +++ b/charts/coredns/templates/service.yaml @@ -4,34 +4,37 @@ apiVersion: v1 kind: Service metadata: name: {{ default (include "coredns.fullname" .) .Values.service.name }} - labels: - app.kubernetes.io/managed-by: {{ .Release.Service | quote }} - app.kubernetes.io/instance: {{ .Release.Name | quote }} - helm.sh/chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" - {{- if .Values.isClusterService }} - k8s-app: {{ .Chart.Name | quote }} - kubernetes.io/cluster-service: "true" - kubernetes.io/name: "CoreDNS" - {{- end }} - app.kubernetes.io/name: {{ template "coredns.name" . }} + namespace: {{ .Release.Namespace }} + labels: {{- include "coredns.labels" . | nindent 4 }} {{- if .Values.customLabels }} {{ toYaml .Values.customLabels | indent 4 }} {{- end }} + {{- if or .Values.service.annotations .Values.customAnnotations }} annotations: -{{ toYaml .Values.service.annotations | indent 4 }} + {{- if .Values.service.annotations }} + {{- toYaml .Values.service.annotations | nindent 4 }} + {{- end }} + {{- if .Values.customAnnotations }} + {{- toYaml .Values.customAnnotations | nindent 4 }} + {{- end }} + {{- end }} spec: selector: app.kubernetes.io/instance: {{ .Release.Name | quote }} {{- if .Values.isClusterService }} - k8s-app: {{ .Chart.Name | quote }} + k8s-app: {{ template "coredns.k8sapplabel" . }} {{- end }} app.kubernetes.io/name: {{ template "coredns.name" . }} {{- if .Values.service.clusterIP }} clusterIP: {{ .Values.service.clusterIP }} {{- end }} + {{- if .Values.service.clusterIPs }} + clusterIPs: + {{ toYaml .Values.service.clusterIPs | nindent 4 }} + {{- end }} {{- if .Values.service.externalIPs }} externalIPs: - {{ toYaml .Values.service.externalIPs | indent 4 }} + {{- toYaml .Values.service.externalIPs | nindent 4 }} {{- end }} {{- if .Values.service.externalTrafficPolicy }} externalTrafficPolicy: {{ .Values.service.externalTrafficPolicy }} @@ -42,4 +45,7 @@ spec: ports: {{ include "coredns.servicePorts" . | indent 2 -}} type: {{ default "ClusterIP" .Values.serviceType }} + {{- if .Values.service.ipFamilyPolicy }} + ipFamilyPolicy: {{ .Values.service.ipFamilyPolicy }} + {{- end }} {{- end }} diff --git a/charts/coredns/templates/serviceaccount-autoscaler.yaml b/charts/coredns/templates/serviceaccount-autoscaler.yaml index 64f74fa..8b0e9c7 100644 --- a/charts/coredns/templates/serviceaccount-autoscaler.yaml +++ b/charts/coredns/templates/serviceaccount-autoscaler.yaml @@ -5,19 +5,14 @@ kind: ServiceAccount metadata: name: {{ template "coredns.fullname" . }}-autoscaler namespace: {{ .Release.Namespace }} - labels: - app.kubernetes.io/managed-by: {{ .Release.Service | quote }} - app.kubernetes.io/instance: {{ .Release.Name | quote }} - helm.sh/chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" - {{- if .Values.isClusterService }} - k8s-app: {{ .Chart.Name }}-autoscaler - kubernetes.io/cluster-service: "true" - kubernetes.io/name: "CoreDNS" - {{- end }} - app.kubernetes.io/name: {{ template "coredns.name" . }}-autoscaler + labels: {{- include "coredns.labels.autoscaler" . | nindent 4 }} {{- if .Values.customLabels }} {{ toYaml .Values.customLabels | indent 4 }} {{- end }} +{{- with .Values.customAnnotations }} + annotations: +{{- toYaml . | nindent 4 }} +{{- end }} {{- if .Values.autoscaler.image.pullSecrets }} imagePullSecrets: {{- range .Values.autoscaler.image.pullSecrets }} diff --git a/charts/coredns/templates/serviceaccount.yaml b/charts/coredns/templates/serviceaccount.yaml index 0b1a1b0..e4ee52c 100644 --- a/charts/coredns/templates/serviceaccount.yaml +++ b/charts/coredns/templates/serviceaccount.yaml @@ -3,19 +3,16 @@ apiVersion: v1 kind: ServiceAccount metadata: name: {{ template "coredns.serviceAccountName" . }} - labels: - app.kubernetes.io/managed-by: {{ .Release.Service | quote }} - app.kubernetes.io/instance: {{ .Release.Name | quote }} - helm.sh/chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" - {{- if .Values.isClusterService }} - k8s-app: {{ .Chart.Name | quote }} - kubernetes.io/cluster-service: "true" - kubernetes.io/name: "CoreDNS" - {{- end }} - app.kubernetes.io/name: {{ template "coredns.name" . }} - {{- with .Values.serviceAccount.annotations }} + namespace: {{ .Release.Namespace }} + labels: {{- include "coredns.labels" . | nindent 4 }} + {{- if or .Values.serviceAccount.annotations .Values.customAnnotations }} annotations: - {{- toYaml . | nindent 4 }} + {{- if .Values.customAnnotations }} + {{- toYaml .Values.customAnnotations | nindent 4 }} + {{- end }} + {{- if .Values.serviceAccount.annotations }} + {{- toYaml .Values.serviceAccount.annotations | nindent 4 }} + {{- end }} {{- end }} {{- if .Values.image.pullSecrets }} imagePullSecrets: diff --git a/charts/coredns/templates/servicemonitor.yaml b/charts/coredns/templates/servicemonitor.yaml index 7f53fdf..b5fc642 100644 --- a/charts/coredns/templates/servicemonitor.yaml +++ b/charts/coredns/templates/servicemonitor.yaml @@ -6,28 +6,31 @@ metadata: {{- if .Values.prometheus.monitor.namespace }} namespace: {{ .Values.prometheus.monitor.namespace }} {{- end }} - labels: - app.kubernetes.io/managed-by: {{ .Release.Service | quote }} - app.kubernetes.io/instance: {{ .Release.Name | quote }} - helm.sh/chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" - {{- if .Values.isClusterService }} - k8s-app: {{ .Chart.Name | quote }} - kubernetes.io/cluster-service: "true" - kubernetes.io/name: "CoreDNS" - {{- end }} - app.kubernetes.io/name: {{ template "coredns.name" . }} + labels: {{- include "coredns.labels" . | nindent 4 }} {{- if .Values.prometheus.monitor.additionalLabels }} {{ toYaml .Values.prometheus.monitor.additionalLabels | indent 4 }} {{- end }} +{{- with .Values.customAnnotations }} + annotations: +{{- toYaml . | nindent 4 }} +{{- end }} spec: + {{- if ne .Values.prometheus.monitor.namespace .Release.Namespace }} + namespaceSelector: + matchNames: + - {{ .Release.Namespace }} + {{- end }} selector: matchLabels: app.kubernetes.io/instance: {{ .Release.Name | quote }} {{- if .Values.isClusterService }} - k8s-app: {{ .Chart.Name | quote }} + k8s-app: {{ template "coredns.k8sapplabel" . }} {{- end }} app.kubernetes.io/name: {{ template "coredns.name" . }} app.kubernetes.io/component: metrics endpoints: - port: metrics + {{- if .Values.prometheus.monitor.interval }} + interval: {{ .Values.prometheus.monitor.interval }} + {{- end }} {{- end }} diff --git a/charts/coredns/values.yaml b/charts/coredns/values.yaml index c690339..aa9ec71 100644 --- a/charts/coredns/values.yaml +++ b/charts/coredns/values.yaml @@ -4,14 +4,16 @@ image: repository: coredns/coredns - tag: "1.8.4" + # Overrides the image tag whose default is the chart appVersion. + tag: "" pullPolicy: IfNotPresent ## Optionally specify an array of imagePullSecrets. ## Secrets must be manually created in the namespace. ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ ## + pullSecrets: [] # pullSecrets: - # - myRegistryKeySecretName + # - name: myRegistryKeySecretName replicaCount: 1 @@ -23,29 +25,10 @@ resources: cpu: 100m memory: 128Mi -## Create HorizontalPodAutoscaler object. -## -# autoscaling: -# minReplicas: 1 -# maxReplicas: 10 -# metrics: -# - type: Resource -# resource: -# name: cpu -# targetAverageUtilization: 60 -# - type: Resource -# resource: -# name: memory -# targetAverageUtilization: 60 - rollingUpdate: maxUnavailable: 1 maxSurge: 25% -# Under heavy load it takes more that standard time to remove Pod endpoint from a cluster. -# This will delay termination of our pod by `preStopSleep`. To make sure kube-proxy has -# enough time to catch up. -# preStopSleep: 5 terminationGracePeriodSeconds: 30 podAnnotations: {} @@ -63,12 +46,15 @@ prometheus: enabled: false additionalLabels: {} namespace: "" + interval: "" service: # clusterIP: "" +# clusterIPs: [] # loadBalancerIP: "" # externalIPs: [] # externalTrafficPolicy: "" +# ipFamilyPolicy: "" # The name of the Service # If not set, a name is generated using the fullname template name: "" @@ -96,12 +82,25 @@ isClusterService: true # Optional priority class to be used for the coredns pods. Used for autoscaler if autoscaler.priorityClassName not set. priorityClassName: "" +# Configure the pod level securityContext. +podSecurityContext: {} + +# Configure SecurityContext for Pod. +# Ensure that required linux capability to bind port number below 1024 is assigned (`CAP_NET_BIND_SERVICE`). +securityContext: + capabilities: + add: + - NET_BIND_SERVICE + # Default zone is what Kubernetes recommends: # https://kubernetes.io/docs/tasks/administer-cluster/dns-custom-nameservers/#coredns-configmap-options servers: - zones: - zone: . port: 53 + # If serviceType is nodePort you can specify nodePort here + # nodePort: 30053 + # hostPort: 53 plugins: - name: errors # Serves a /health endpoint on :8080, required for livenessProbe @@ -144,6 +143,13 @@ servers: # hello world # foo bar +# Extra configuration that is applied outside of the default zone block. +# Example to include additional config files, which may come from extraVolumes: +# extraConfig: +# import: +# parameters: /opt/coredns/*.conf +extraConfig: {} + # To use the livenessProbe, the health plugin needs to be enabled in CoreDNS' server config livenessProbe: enabled: true @@ -174,6 +180,26 @@ readinessProbe: # - master affinity: {} +# expects input structure as per specification https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.21/#topologyspreadconstraint-v1-core +# and supports Helm templating. +# For example: +# topologySpreadConstraints: +# - labelSelector: +# matchLabels: +# app.kubernetes.io/name: '{{ template "coredns.name" . }}' +# app.kubernetes.io/instance: '{{ .Release.Name }}' +# topologyKey: topology.kubernetes.io/zone +# maxSkew: 1 +# whenUnsatisfiable: ScheduleAnyway +# - labelSelector: +# matchLabels: +# app.kubernetes.io/name: '{{ template "coredns.name" . }}' +# app.kubernetes.io/instance: '{{ .Release.Name }}' +# topologyKey: kubernetes.io/hostname +# maxSkew: 1 +# whenUnsatisfiable: ScheduleAnyway +topologySpreadConstraints: [] + # Node labels for pod assignment # Ref: https://kubernetes.io/docs/user-guide/node-selection/ nodeSelector: {} @@ -201,6 +227,11 @@ zoneFiles: [] # example.com. IN A 192.168.99.102 # *.example.com. IN A 192.168.99.102 +# optional array of sidecar containers +extraContainers: [] +# - name: some-container-name +# image: some-image:latest +# imagePullPolicy: Always # optional array of extra volumes to create extraVolumes: [] # - name: some-volume-name @@ -215,19 +246,48 @@ extraVolumeMounts: [] extraSecrets: [] # - name: etcd-client-certs # mountPath: /etc/coredns/tls/etcd +# defaultMode: 420 # - name: some-fancy-secret # mountPath: /etc/wherever +# defaultMode: 440 + +# To support legacy deployments using CoreDNS with the "k8s-app: kube-dns" label selectors. +# See https://github.com/coredns/helm/blob/master/charts/coredns/README.md#adopting-existing-coredns-resources +# k8sAppLabelOverride: "kube-dns" # Custom labels to apply to Deployment, Pod, Configmap, Service, ServiceMonitor. Including autoscaler if enabled. customLabels: {} +# Custom annotations to apply to Deployment, Pod, Configmap, Service, ServiceMonitor. Including autoscaler if enabled. +customAnnotations: {} + ## Alternative configuration for HPA deployment if wanted -# +## Create HorizontalPodAutoscaler object. +## +# hpa: +# enabled: false +# minReplicas: 1 +# maxReplicas: 10 +# metrics: +# metrics: +# - type: Resource +# resource: +# name: memory +# target: +# type: Utilization +# averageUtilization: 60 +# - type: Resource +# resource: +# name: cpu +# target: +# type: Utilization +# averageUtilization: 60 + hpa: enabled: false minReplicas: 1 maxReplicas: 2 - metrics: {} + metrics: [] ## Configue a cluster-proportional-autoscaler for coredns # See https://github.com/kubernetes-incubator/cluster-proportional-autoscaler @@ -248,16 +308,25 @@ autoscaler: # If true does not allow single points of failure to form preventSinglePointFailure: true + # Annotations for the coredns proportional autoscaler pods + podAnnotations: {} + + ## Optionally specify some extra flags to pass to cluster-proprtional-autoscaler. + ## Useful for e.g. the nodelabels flag. + # customFlags: + # - --nodelabels=topology.kubernetes.io/zone=us-east-1a + image: - repository: k8s.gcr.io/cluster-proportional-autoscaler-amd64 - tag: "1.8.1" + repository: registry.k8s.io/cpa/cluster-proportional-autoscaler + tag: "1.8.5" pullPolicy: IfNotPresent ## Optionally specify an array of imagePullSecrets. ## Secrets must be manually created in the namespace. ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ ## + pullSecrets: [] # pullSecrets: - # - myRegistryKeySecretName + # - name: myRegistryKeySecretName # Optional priority class to be used for the autoscaler pods. priorityClassName used if not set. priorityClassName: "" @@ -296,7 +365,15 @@ autoscaler: failureThreshold: 3 successThreshold: 1 + # optional array of sidecar containers + extraContainers: [] + # - name: some-container-name + # image: some-image:latest + # imagePullPolicy: Always + deployment: skipConfig: false enabled: true name: "" + ## Annotations for the coredns deployment + annotations: {}