karmada-io
/
karmada
mirror of https://github.com/karmada-io/karmada.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

support helm chart 

Signed-off-by: jrkeen <jrkeen@hotmail.com>
This commit is contained in:
jrkeen 2021-08-27 17:31:42 +08:00
parent f8fc597d7b
commit f679846a1f
28 changed files with 5461 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
charts/Chart.yaml Normal file
View File

@ -0,0 +1,28 @@
apiVersion: v2
name: karmada
description: A Helm chart for karmada
# A chart can be either an 'application' or a 'library' chart.
#
# Application charts are a collection of templates that can be packaged into versioned archives
# to be deployed.
#
# Library charts provide useful utilities or functions for the chart developer. They're included as
# a dependency of application charts to inject those utilities and functions into the rendering
# pipeline. Library charts do not define any templates and therefore cannot be deployed.
type: application
# The optional kubeVersion field can define semver constraints on supported Kubernetes versions.
# Helm will validate the version constraints when installing the chart and fail if the cluster
# runs an unsupported Kubernetes version.
kubeVersion: ">=1.16.0"
# This is the chart version. This version number should be incremented each time you make changes
# to the chart and its templates, including the app version.
# Versions are expected to follow Semantic Versioning (https://semver.org/)
version: 0.0.1
# This is the version number of the application being deployed. This version number should be
# incremented each time you make changes to the application. Versions are not expected to
# follow Semantic Versioning. They should reflect the version the application is using.
appVersion: v0.8.0

141
charts/README.md Normal file
View File

@ -0,0 +1,141 @@
# Karmada
Karmada (Kubernetes Armada) is a Kubernetes management system that enables you to run your cloud-native applications across multiple Kubernetes clusters and clouds, with no changes to your applications. By speaking Kubernetes-native APIs and providing advanced scheduling capabilities, Karmada enables truly open, multi-cloud Kubernetes.
Karmada aims to provide turnkey automation for multi-cluster application management in multi-cloud and hybrid cloud scenarios, with key features such as centralized multi-cloud management, high availability, failure recovery, and traffic scheduling.
## TL;DR
Switch to the `root` directory of the repo.
```console
$ helm install karmada -n karmada-system --create-namespace ./charts
```
## Prerequisites
- Kubernetes 1.16+
- helm v3+
## Installing the Chart
To install the chart with the release name `karmada` in namespace `karmada-system`:
Switch to the `root` directory of the repo.
```console
$ helm install karmada -n karmada-system --create-namespace ./charts
```
Get kubeconfig from the cluster:
```console
$ kubectl get secret -n karmada-system karmada-kubeconfig -o jsonpath={.data.kubeconfig} | base64 -d
```
> **Tip**: List all releases using `helm list`
## Uninstalling the Chart
To uninstall/delete the `karmada` helm release in namespace `karmada-system`:
```console
$ helm uninstall karmada -n karmada-system
```
The command removes all the Kubernetes components associated with the chart and deletes the release.
## Configuration
| Name | Description | Value |
| ------------------------- | ----------------------------------------------- | ----- |
| `installMode` | InstallMode "host" and "agent" are provided, "host" means install karmada in the control-cluster, "agent" means install agent client in the member cluster | `"host"`|
| `clusterDomain` | Default cluster domain for karmada | `"cluster.local"` |
|`certs.mode`| Mode "auto" and "custom" are provided, "auto" means auto generate certificate, "custom" means use user certificate |`"auto"`|
|`certs.auto.expiry`| Expiry of the certificate |`"43800h"`|
|`certs.auto.hosts`| Hosts of the certificate |`["kubernetes.default.svc","*.etcd.karmada-system.svc.cluster.local","*.karmada-system.svc.cluster.local","*.karmada-system.svc","localhost","127.0.0.1"]`|
|`certs.custom.caCrt`|CA CRT of the certificate|`""`|
|`certs.custom.crt`|CRT of the certificate|`""`|
|`certs.custom.key`|KEY of the certificate|`""`|
|`etcd.mode`| Mode "external" and "internal" are provided, "external" means use external ectd, "internal" means install a etcd in the cluster |`"internal"`|
|`etcd.external.servers`| Servers of etcd |`""`|
|`etcd.external.registryPrefix`| Use to registry prefix of etcd |`"/registry/karmada"`|
|`etcd.external.certs.caCrt`| CA CRT of the etcd certificate |`""`|
|`etcd.external.certs.crt`| CRT of the etcd certificate |`""`|
|`etcd.external.certs.key`| KEY of the etcd certificate |`""`|
|`etcd.internal.replicaCount`| Target replicas of the etcd |`1`|
|`etcd.internal.image.repository`| Image of the etcd |`"k8s.gcr.io/etcd"`|
|`etcd.internal.image.pullPolicy`| Image pull policy of the etcd |`"IfNotPresent"`|
|`etcd.internal.image.tag`| Image tag of the etcd |`"3.4.13-0"`|
|`agent.clusterName`| Name of the member cluster |`""`|
|`agent.kubeconfig.caCrt`| CA CRT of the karmada certificate |`""`|
|`agent.kubeconfig.crt`| CRT of the karmada certificate |`""`|
|`agent.kubeconfig.key`| KEY of the karmada certificate |`""`|
|`agent.kubeconfig.server`| API-server of the karmada |`""`|
|`agent.labels`| Labels of the agent deployment |`{"app": "karmada-agent"}`|
|`agent.replicaCount`| Target replicas of the agent |`1`|
|`agent.podLabels`| Labels of the agent pods |`{}`|
|`agent.podAnnotations`| Annotaions of the agent pods |`{}`|
|`agent.imagePullSecrets`| Image pull secret of the agent |`[]`|
|`agent.image.repository`| Image of the agent |`"swr.ap-southeast-1.myhuaweicloud.com/karmada/karmada-agent"`|
|`agent.image.tag`| Image tag of the agent |`"latest"`|
|`agent.image.pullPolicy`| Image pull policy of the agent |`"IfNotPresent"`|
|`agent.resources`| Resource quota of the agent |`{}`|
|`agent.nodeSelector`| Node selector of the agent |`{}`|
|`agent.affinity`| Affinity of the agent |`{}`|
|`agent.tolerations`| Tolerations of the agent |`[]`|
|`scheduler.labels`| Labels of the schedeler deployment |`{"app": "karmada-scheduler"}`|
|`scheduler.replicaCount`| Target replicas of the scheduler |`1`|
|`scheduler.podLabels`| Labels of the scheduler pods |`{}`|
|`scheduler.podAnnotations`| Annotaions of the scheduler pods |`{}`|
|`scheduler.imagePullSecrets`| Image pull secret of the scheduler |`[]`|
|`scheduler.image.repository`| Image of the scheduler |`"swr.ap-southeast-1.myhuaweicloud.com/karmada/karmada-scheduler"`|
|`scheduler.image.tag`| Image tag of the scheduler |`"latest"`|
|`scheduler.image.pullPolicy`| Image pull policy of the scheduler |`"IfNotPresent"`|
|`scheduler.resources`| Resource quota of the scheduler |`{}`|
|`scheduler.nodeSelector`| Node selector of the scheduler |`{}`|
|`scheduler.affinity`| Affinity of the scheduler |`{}`|
|`scheduler.tolerations`| Tolerations of the scheduler |`[]`|
|`webhook.labels`| Labels of the webhook deployment |`{"app": "karmada-webhook"}`|
|`webhook.replicaCount`| Target replicas of the webhook |`1`|
|`webhook.podLabels`| Labels of the webhook pods |`{}`|
|`webhook.podAnnotations`| Annotaions of the webhook pods |`{}`|
|`webhook.imagePullSecrets`| Image pull secret of the webhook |`[]`|
|`webhook.image.repository`| Image of the webhook |`"swr.ap-southeast-1.myhuaweicloud.com/karmada/karmada-webhook"`|
|`webhook.image.tag`| Image tag of the webhook |`"latest"`|
|`webhook.image.pullPolicy`| Image pull policy of the webhook |`"IfNotPresent"`|
|`webhook.resources`| Resource quota of the webhook |`{}`|
|`webhook.nodeSelector`| Node selector of the webhook |`{}`|
|`webhook.affinity`| Affinity of the webhook |`{}`|
|`webhook.tolerations`| Tolerations of the webhook |`[]`|
|`controllerManager.labels`| Labels of the karmada-controller-manager deployment |`{"app": "karmada-controller-manager"}`|
|`controllerManager.replicaCount`| Target replicas of the karmada-controller-manager |`1`|
|`controllerManager.podLabels`| Labels of the karmada-controller-manager pods |`{}`|
|`controllerManager.podAnnotations`| Annotaions of the karmada-controller-manager pods |`{}`|
|`controllerManager.imagePullSecrets`| Image pull secret of the karmada-controller-manager |`[]`|
|`controllerManager.image.repository`| Image of the karmada-controller-manager |`"swr.ap-southeast-1.myhuaweicloud.com/karmada/karmada-controller-manager"`|
|`controllerManager.image.tag`| Image tag of the karmada-controller-manager |`"latest"`|
|`controllerManager.image.pullPolicy`| Image pull policy of the karmada-controller-manager |`"IfNotPresent"`|
|`controllerManager.resources`| Resource quota of the karmada-controller-manager |`{}`|
|`controllerManager.nodeSelector`| Node selector of the karmada-controller-manager |`{}`|
|`controllerManager.affinity`| Affinity of the karmada-controller-manager |`{}`|
|`controllerManager.tolerations`| Tolerations of the karmada-controller-manager |`[]`|
|`apiServer.labels`| Labels of the karmada-apiserver deployment |`{"app": "karmada-apiserver"}`|
|`apiServer.replicaCount`| Target replicas of the karmada-apiserver |`1`|
|`apiServer.podLabels`| Labels of the karmada-apiserver pods |`{}`|
|`apiServer.podAnnotations`| Annotaions of the karmada-apiserver pods |`{}`|
|`apiServer.imagePullSecrets`| Image pull secret of the karmada-apiserver |`[]`|
|`apiServer.image.repository`| Image of the karmada-apiserver |`"k8s.gcr.io/kube-apiserver"`|
|`apiServer.image.tag`| Image tag of the karmada-apiserver |`"v1.19.1"`|
|`apiServer.image.pullPolicy`| Image pull policy of the karmada-apiserver |`"IfNotPresent"`|
|`apiServer.resources`| Resource quota of the karmada-apiserver |`{}`|
|`apiServer.nodeSelector`| Node selector of the karmada-apiserver |`{}`|
|`apiServer.affinity`| Affinity of the karmada-apiserver |`{}`|
|`apiServer.tolerations`| Tolerations of the karmada-apiserver |`[]`|
|`kubeControllerManager.labels`| Labels of the kube-controller-manager deployment |`{"app": "kube-controller-manager"}`|
|`kubeControllerManager.replicaCount`| Target replicas of the kube-controller-manager |`1`|
|`kubeControllerManager.podLabels`| Labels of the kube-controller-manager pods |`{}`|
|`kubeControllerManager.podAnnotations`| Annotaions of the kube-controller-manager pods |`{}`|
|`kubeControllerManager.imagePullSecrets`| Image pull secret of the kube-controller-manager |`[]`|
|`kubeControllerManager.image.repository`| Image of the kube-controller-manager |`"k8s.gcr.io/kube-controller-manager"`|
|`kubeControllerManager.image.tag`| Image tag of the kube-controller-manager |`"v1.19.1"`|
|`kubeControllerManager.image.pullPolicy`| Image pull policy of the kube-controller-manager |`"IfNotPresent"`|
|`kubeControllerManager.resources`| Resource quota of the kube-controller-manager |`{}`|
|`kubeControllerManager.nodeSelector`| Node selector of the kube-controller-manager |`{}`|
|`kubeControllerManager.affinity`| Affinity of the kube-controller-manager |`{}`|
|`kubeControllerManager.tolerations`| Tolerations of the kube-controller-manager |`[]`|

310
charts/_crds/cluster.karmada.io_clusters.yaml Normal file
View File

@ -0,0 +1,310 @@
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.4.1
creationTimestamp: null
name: clusters.cluster.karmada.io
spec:
group: cluster.karmada.io
names:
kind: Cluster
listKind: ClusterList
plural: clusters
singular: cluster
scope: Cluster
versions:
- additionalPrinterColumns:
- jsonPath: .status.kubernetesVersion
name: Version
type: string
- jsonPath: .spec.syncMode
name: Mode
type: string
- jsonPath: .status.conditions[?(@.type=="Ready")].status
name: Ready
type: string
- jsonPath: .metadata.creationTimestamp
name: Age
type: date
name: v1alpha1
schema:
openAPIV3Schema:
description: Cluster represents the desire state and status of a member cluster.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: Spec represents the specification of the desired behavior
of member cluster.
properties:
apiEndpoint:
description: The API endpoint of the member cluster. This can be a
hostname, hostname:port, IP or IP:port.
type: string
insecureSkipTLSVerification:
description: InsecureSkipTLSVerification indicates that the karmada
control plane should not confirm the validity of the serving certificate
of the cluster it is connecting to. This will make the HTTPS connection
between the karmada control plane and the member cluster insecure.
Defaults to false.
type: boolean
provider:
description: Provider represents the cloud provider name of the member
cluster.
type: string
proxyURL:
description: 'ProxyURL is the proxy URL for the cluster. If not empty,
the karmada control plane will use this proxy to talk to the cluster.
More details please refer to: https://github.com/kubernetes/client-go/issues/351'
type: string
region:
description: Region represents the region of the member cluster locate
in.
type: string
secretRef:
description: 'SecretRef represents the secret contains mandatory credentials
to access the member cluster. The secret should hold credentials
as follows: - secret.data.token - secret.data.caBundle'
properties:
name:
description: Name is the name of resource being referenced.
type: string
namespace:
description: Namespace is the namespace for the resource being
referenced.
type: string
required:
- name
- namespace
type: object
syncMode:
description: SyncMode describes how a cluster sync resources from
karmada control plane.
enum:
- Push
- Pull
type: string
taints:
description: Taints attached to the member cluster. Taints on the
cluster have the "effect" on any resource that does not tolerate
the Taint.
items:
description: The node this Taint is attached to has the "effect"
on any pod that does not tolerate the Taint.
properties:
effect:
description: Required. The effect of the taint on pods that
do not tolerate the taint. Valid effects are NoSchedule, PreferNoSchedule
and NoExecute.
type: string
key:
description: Required. The taint key to be applied to a node.
type: string
timeAdded:
description: TimeAdded represents the time at which the taint
was added. It is only written for NoExecute taints.
format: date-time
type: string
value:
description: The taint value corresponding to the taint key.
type: string
required:
- effect
- key
type: object
type: array
zone:
description: Zone represents the zone of the member cluster locate
in.
type: string
required:
- syncMode
type: object
status:
description: Status represents the status of member cluster.
properties:
apiEnablements:
description: APIEnablements represents the list of APIs installed
in the member cluster.
items:
description: APIEnablement is a list of API resource, it is used
to expose the name of the resources supported in a specific group
and version.
properties:
groupVersion:
description: GroupVersion is the group and version this APIEnablement
is for.
type: string
resources:
description: Resources is a list of APIResource.
items:
description: APIResource specifies the name and kind names
for the resource.
properties:
kind:
description: Kind is the kind for the resource (e.g. 'Deployment'
is the kind for resource 'deployments')
type: string
name:
description: Name is the plural name of the resource.
type: string
required:
- kind
- name
type: object
type: array
required:
- groupVersion
type: object
type: array
conditions:
description: Conditions is an array of current cluster conditions.
items:
description: "Condition contains details for one aspect of the current
state of this API Resource. --- This struct is intended for direct
use as an array at the field path .status.conditions. For example,
type FooStatus struct{ // Represents the observations of a
foo's current state. // Known .status.conditions.type are:
\"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type
\ // +patchStrategy=merge // +listType=map // +listMapKey=type
\ Conditions []metav1.Condition `json:\"conditions,omitempty\"
patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`
\n // other fields }"
properties:
lastTransitionTime:
description: lastTransitionTime is the last time the condition
transitioned from one status to another. This should be when
the underlying condition changed. If that is not known, then
using the time when the API field changed is acceptable.
format: date-time
type: string
message:
description: message is a human readable message indicating
details about the transition. This may be an empty string.
maxLength: 32768
type: string
observedGeneration:
description: observedGeneration represents the .metadata.generation
that the condition was set based upon. For instance, if .metadata.generation
is currently 12, but the .status.conditions[x].observedGeneration
is 9, the condition is out of date with respect to the current
state of the instance.
format: int64
minimum: 0
type: integer
reason:
description: reason contains a programmatic identifier indicating
the reason for the condition's last transition. Producers
of specific condition types may define expected values and
meanings for this field, and whether the values are considered
a guaranteed API. The value should be a CamelCase string.
This field may not be empty.
maxLength: 1024
minLength: 1
pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
type: string
status:
description: status of the condition, one of True, False, Unknown.
enum:
- "True"
- "False"
- Unknown
type: string
type:
description: type of condition in CamelCase or in foo.example.com/CamelCase.
--- Many .condition.type values are consistent across resources
like Available, but because arbitrary conditions can be useful
(see .node.status.conditions), the ability to deconflict is
important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
maxLength: 316
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
type: string
required:
- lastTransitionTime
- message
- reason
- status
- type
type: object
type: array
kubernetesVersion:
description: KubernetesVersion represents version of the member cluster.
type: string
nodeSummary:
description: NodeSummary represents the summary of nodes status in
the member cluster.
properties:
readyNum:
description: ReadyNum is the number of ready nodes in the cluster.
format: int32
type: integer
totalNum:
description: TotalNum is the total number of nodes in the cluster.
format: int32
type: integer
type: object
resourceSummary:
description: ResourceSummary represents the summary of resources in
the member cluster.
properties:
allocatable:
additionalProperties:
anyOf:
- type: integer
- type: string
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
description: Allocatable represents the resources of a cluster
that are available for scheduling. Total amount of allocatable
resources on all nodes.
type: object
allocated:
additionalProperties:
anyOf:
- type: integer
- type: string
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
description: Allocated represents the resources of a cluster that
have been scheduled. Total amount of required resources of all
Pods that have been scheduled to nodes.
type: object
allocating:
additionalProperties:
anyOf:
- type: integer
- type: string
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
description: Allocating represents the resources of a cluster
that are pending for scheduling. Total amount of required resources
of all Pods that are waiting for scheduling.
type: object
type: object
type: object
required:
- spec
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []

133
charts/_crds/multicluster.x-k8s.io_serviceexports.yaml Normal file
View File

@ -0,0 +1,133 @@
# Copyright 2020 The Kubernetes Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
name: serviceexports.multicluster.x-k8s.io
spec:
group: multicluster.x-k8s.io
scope: Namespaced
names:
plural: serviceexports
singular: serviceexport
kind: ServiceExport
shortNames:
- svcex
versions:
- name: v1alpha1
served: true
storage: true
subresources:
status: {}
additionalPrinterColumns:
- name: Age
type: date
jsonPath: .metadata.creationTimestamp
"schema":
"openAPIV3Schema":
description: ServiceExport declares that the Service with the same name and
namespace as this export should be consumable from other clusters.
type: object
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
status:
description: status describes the current state of an exported service.
Service configuration comes from the Service that had the same name
and namespace as this ServiceExport. Populated by the multi-cluster
service implementation's controller.
type: object
properties:
conditions:
type: array
items:
description: "Condition contains details for one aspect of the current
state of this API Resource. --- This struct is intended for direct
use as an array at the field path .status.conditions. For example,
type FooStatus struct{ // Represents the observations of a
foo's current state. // Known .status.conditions.type are:
\"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type
\ // +patchStrategy=merge // +listType=map // +listMapKey=type
\ Conditions []metav1.Condition `json:\"conditions,omitempty\"
patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`
\n // other fields }"
type: object
required:
- lastTransitionTime
- message
- reason
- status
- type
properties:
lastTransitionTime:
description: lastTransitionTime is the last time the condition
transitioned from one status to another. This should be when
the underlying condition changed. If that is not known, then
using the time when the API field changed is acceptable.
type: string
format: date-time
message:
description: message is a human readable message indicating
details about the transition. This may be an empty string.
type: string
maxLength: 32768
observedGeneration:
description: observedGeneration represents the .metadata.generation
that the condition was set based upon. For instance, if .metadata.generation
is currently 12, but the .status.conditions[x].observedGeneration
is 9, the condition is out of date with respect to the current
state of the instance.
type: integer
format: int64
minimum: 0
reason:
description: reason contains a programmatic identifier indicating
the reason for the condition's last transition. Producers
of specific condition types may define expected values and
meanings for this field, and whether the values are considered
a guaranteed API. The value should be a CamelCase string.
This field may not be empty.
type: string
maxLength: 1024
minLength: 1
pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
status:
description: status of the condition, one of True, False, Unknown.
type: string
enum:
- "True"
- "False"
- Unknown
type:
description: type of condition in CamelCase or in foo.example.com/CamelCase.
--- Many .condition.type values are consistent across resources
like Available, but because arbitrary conditions can be useful
(see .node.status.conditions), the ability to deconflict is
important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
type: string
maxLength: 316
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
x-kubernetes-list-map-keys:
- type
x-kubernetes-list-type: map

161
charts/_crds/multicluster.x-k8s.io_serviceimports.yaml Normal file
View File

@ -0,0 +1,161 @@
# Copyright 2020 The Kubernetes Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
name: serviceimports.multicluster.x-k8s.io
spec:
group: multicluster.x-k8s.io
scope: Namespaced
names:
plural: serviceimports
singular: serviceimport
kind: ServiceImport
shortNames:
- svcim
versions:
- name: v1alpha1
served: true
storage: true
subresources:
status: {}
additionalPrinterColumns:
- name: Type
type: string
description: The type of this ServiceImport
jsonPath: .spec.type
- name: IP
type: string
description: The VIP for this ServiceImport
jsonPath: .spec.ips
- name: Age
type: date
jsonPath: .metadata.creationTimestamp
"schema":
"openAPIV3Schema":
description: ServiceImport describes a service imported from clusters in a
ClusterSet.
type: object
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: spec defines the behavior of a ServiceImport.
type: object
required:
- ports
- type
properties:
ips:
description: ip will be used as the VIP for this service when type
is ClusterSetIP.
type: array
maxItems: 1
items:
type: string
ports:
type: array
items:
description: ServicePort represents the port on which the service
is exposed
type: object
required:
- port
properties:
appProtocol:
description: The application protocol for this port. This field
follows standard Kubernetes label syntax. Un-prefixed names
are reserved for IANA standard service names (as per RFC-6335
and http://www.iana.org/assignments/service-names). Non-standard
protocols should use prefixed names such as mycompany.com/my-custom-protocol.
Field can be enabled with ServiceAppProtocol feature gate.
type: string
name:
description: The name of this port within the service. This
must be a DNS_LABEL. All ports within a ServiceSpec must have
unique names. When considering the endpoints for a Service,
this must match the 'name' field in the EndpointPort. Optional
if only one ServicePort is defined on this service.
type: string
port:
description: The port that will be exposed by this service.
type: integer
format: int32
protocol:
description: The IP protocol for this port. Supports "TCP",
"UDP", and "SCTP". Default is TCP.
type: string
x-kubernetes-list-type: atomic
sessionAffinity:
description: 'Supports "ClientIP" and "None". Used to maintain session
affinity. Enable client IP based session affinity. Must be ClientIP
or None. Defaults to None. Ignored when type is Headless More info:
https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies'
type: string
sessionAffinityConfig:
description: sessionAffinityConfig contains session affinity configuration.
type: object
properties:
clientIP:
description: clientIP contains the configurations of Client IP
based session affinity.
type: object
properties:
timeoutSeconds:
description: timeoutSeconds specifies the seconds of ClientIP
type session sticky time. The value must be >0 && <=86400(for
1 day) if ServiceAffinity == "ClientIP". Default value is
10800(for 3 hours).
type: integer
format: int32
type:
description: type defines the type of this service. Must be ClusterSetIP
or Headless.
type: string
enum:
- ClusterSetIP
- Headless
status:
description: status contains information about the exported services that
form the multi-cluster service referenced by this ServiceImport.
type: object
properties:
clusters:
description: clusters is the list of exporting clusters from which
this service was derived.
type: array
items:
description: ClusterStatus contains service configuration mapped
to a specific source cluster
type: object
required:
- cluster
properties:
cluster:
description: cluster is the name of the exporting cluster. Must
be a valid RFC-1123 DNS label.
type: string
x-kubernetes-list-map-keys:
- cluster
x-kubernetes-list-type: map

375
charts/_crds/policy.karmada.io_clusteroverridepolicies.yaml Normal file
View File

@ -0,0 +1,375 @@
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.4.1
creationTimestamp: null
name: clusteroverridepolicies.policy.karmada.io
spec:
group: policy.karmada.io
names:
kind: ClusterOverridePolicy
listKind: ClusterOverridePolicyList
plural: clusteroverridepolicies
shortNames:
- cop
singular: clusteroverridepolicy
scope: Cluster
versions:
- name: v1alpha1
schema:
openAPIV3Schema:
description: ClusterOverridePolicy represents the cluster-wide policy that
overrides a group of resources to one or more clusters.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: Spec represents the desired behavior of ClusterOverridePolicy.
properties:
overriders:
description: Overriders represents the override rules that would apply
on resources
properties:
argsOverrider:
description: ArgsOverrider represents the rules dedicated to handling
container args
items:
description: CommandArgsOverrider represents the rules dedicated
to handling command/args overrides.
properties:
containerName:
description: The name of container
type: string
operator:
description: Operator represents the operator which will
apply on the command/args.
enum:
- add
- remove
type: string
value:
description: Value to be applied to command/args. Items
in Value which will be appended after command/args when
Operator is 'add'. Items in Value which match in command/args
will be deleted when Operator is 'remove'. If Value is
empty, then the command/args will remain the same.
items:
type: string
type: array
required:
- containerName
- operator
type: object
type: array
commandOverrider:
description: CommandOverrider represents the rules dedicated to
handling container command
items:
description: CommandArgsOverrider represents the rules dedicated
to handling command/args overrides.
properties:
containerName:
description: The name of container
type: string
operator:
description: Operator represents the operator which will
apply on the command/args.
enum:
- add
- remove
type: string
value:
description: Value to be applied to command/args. Items
in Value which will be appended after command/args when
Operator is 'add'. Items in Value which match in command/args
will be deleted when Operator is 'remove'. If Value is
empty, then the command/args will remain the same.
items:
type: string
type: array
required:
- containerName
- operator
type: object
type: array
imageOverrider:
description: ImageOverrider represents the rules dedicated to
handling image overrides.
items:
description: ImageOverrider represents the rules dedicated to
handling image overrides.
properties:
component:
description: 'Component is part of image name. Basically
we presume an image can be made of ''[registry/]repository[:tag]''.
The registry could be: - k8s.gcr.io - fictional.registry.example:10443
The repository could be: - kube-apiserver - fictional/nginx
The tag cloud be: - latest - v1.19.1 - @sha256:dbcc1c35ac38df41fd2f5e4130b32ffdb93ebae8b3dbe638c23575912276fc9c'
enum:
- Registry
- Repository
- Tag
type: string
operator:
description: Operator represents the operator which will
apply on the image.
enum:
- add
- remove
- replace
type: string
predicate:
description: "Predicate filters images before applying the
rule. \n Defaults to nil, in that case, the system will
automatically detect image fields if the resource type
is Pod, ReplicaSet, Deployment or StatefulSet by following
rule: - Pod: spec/containers/<N>/image - ReplicaSet:
spec/template/spec/containers/<N>/image - Deployment:
spec/template/spec/containers/<N>/image - StatefulSet:
spec/template/spec/containers/<N>/image In addition, all
images will be processed if the resource object has more
than one containers. \n If not nil, only images matches
the filters will be processed."
properties:
path:
description: Path indicates the path of target field
type: string
required:
- path
type: object
value:
description: Value to be applied to image. Must not be empty
when operator is 'add' or 'replace'. Defaults to empty
and ignored when operator is 'remove'.
type: string
required:
- component
- operator
type: object
type: array
plaintext:
description: Plaintext represents override rules defined with
plaintext overriders.
items:
description: PlaintextOverrider is a simple overrider that overrides
target fields according to path, operator and value.
properties:
operator:
description: 'Operator indicates the operation on target
field. Available operators are: add, update and remove.'
enum:
- add
- remove
- replace
type: string
path:
description: Path indicates the path of target field
type: string
value:
description: Value to be applied to target field. Must be
empty when operator is Remove.
x-kubernetes-preserve-unknown-fields: true
required:
- operator
- path
type: object
type: array
type: object
resourceSelectors:
description: ResourceSelectors restricts resource types that this
override policy applies to. nil means matching all resources.
items:
description: ResourceSelector the resources will be selected.
properties:
apiVersion:
description: APIVersion represents the API version of the target
resources.
type: string
kind:
description: Kind represents the Kind of the target resources.
type: string
labelSelector:
description: A label query over a set of resources. If name
is not empty, labelSelector will be ignored.
properties:
matchExpressions:
description: matchExpressions is a list of label selector
requirements. The requirements are ANDed.
items:
description: A label selector requirement is a selector
that contains values, a key, and an operator that relates
the key and values.
properties:
key:
description: key is the label key that the selector
applies to.
type: string
operator:
description: operator represents a key's relationship
to a set of values. Valid operators are In, NotIn,
Exists and DoesNotExist.
type: string
values:
description: values is an array of string values.
If the operator is In or NotIn, the values array
must be non-empty. If the operator is Exists or
DoesNotExist, the values array must be empty. This
array is replaced during a strategic merge patch.
items:
type: string
type: array
required:
- key
- operator
type: object
type: array
matchLabels:
additionalProperties:
type: string
description: matchLabels is a map of {key,value} pairs.
A single {key,value} in the matchLabels map is equivalent
to an element of matchExpressions, whose key field is
"key", the operator is "In", and the values array contains
only "value". The requirements are ANDed.
type: object
type: object
name:
description: Name of the target resource. Default is empty,
which means selecting all resources.
type: string
namespace:
description: Namespace of the target resource. Default is empty,
which means inherit from the parent object scope.
type: string
required:
- apiVersion
- kind
type: object
type: array
targetCluster:
description: TargetCluster defines restrictions on this override policy
that only applies to resources propagated to the matching clusters.
nil means matching all clusters.
properties:
clusterNames:
description: ClusterNames is the list of clusters to be selected.
items:
type: string
type: array
exclude:
description: ExcludedClusters is the list of clusters to be ignored.
items:
type: string
type: array
fieldSelector:
description: FieldSelector is a filter to select member clusters
by fields. If non-nil and non-empty, only the clusters match
this filter will be selected.
properties:
matchExpressions:
description: A list of field selector requirements.
items:
description: A node selector requirement is a selector that
contains values, a key, and an operator that relates the
key and values.
properties:
key:
description: The label key that the selector applies
to.
type: string
operator:
description: Represents a key's relationship to a set
of values. Valid operators are In, NotIn, Exists,
DoesNotExist. Gt, and Lt.
type: string
values:
description: An array of string values. If the operator
is In or NotIn, the values array must be non-empty.
If the operator is Exists or DoesNotExist, the values
array must be empty. If the operator is Gt or Lt,
the values array must have a single element, which
will be interpreted as an integer. This array is replaced
during a strategic merge patch.
items:
type: string
type: array
required:
- key
- operator
type: object
type: array
type: object
labelSelector:
description: LabelSelector is a filter to select member clusters
by labels. If non-nil and non-empty, only the clusters match
this filter will be selected.
properties:
matchExpressions:
description: matchExpressions is a list of label selector
requirements. The requirements are ANDed.
items:
description: A label selector requirement is a selector
that contains values, a key, and an operator that relates
the key and values.
properties:
key:
description: key is the label key that the selector
applies to.
type: string
operator:
description: operator represents a key's relationship
to a set of values. Valid operators are In, NotIn,
Exists and DoesNotExist.
type: string
values:
description: values is an array of string values. If
the operator is In or NotIn, the values array must
be non-empty. If the operator is Exists or DoesNotExist,
the values array must be empty. This array is replaced
during a strategic merge patch.
items:
type: string
type: array
required:
- key
- operator
type: object
type: array
matchLabels:
additionalProperties:
type: string
description: matchLabels is a map of {key,value} pairs. A
single {key,value} in the matchLabels map is equivalent
to an element of matchExpressions, whose key field is "key",
the operator is "In", and the values array contains only
"value". The requirements are ANDed.
type: object
type: object
type: object
required:
- overriders
type: object
required:
- spec
type: object
served: true
storage: true
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []

512
charts/_crds/policy.karmada.io_clusterpropagationpolicies.yaml Normal file
View File

@ -0,0 +1,512 @@
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.4.1
creationTimestamp: null
name: clusterpropagationpolicies.policy.karmada.io
spec:
group: policy.karmada.io
names:
kind: ClusterPropagationPolicy
listKind: ClusterPropagationPolicyList
plural: clusterpropagationpolicies
shortNames:
- cpp
singular: clusterpropagationpolicy
scope: Cluster
versions:
- name: v1alpha1
schema:
openAPIV3Schema:
description: 'ClusterPropagationPolicy represents the cluster-wide policy
that propagates a group of resources to one or more clusters. Different
with PropagationPolicy that could only propagate resources in its own namespace,
ClusterPropagationPolicy is able to propagate cluster level resources and
resources in any namespace other than system reserved ones. System reserved
namespaces are: karmada-system, karmada-cluster, karmada-es-*.'
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: Spec represents the desired behavior of ClusterPropagationPolicy.
properties:
association:
description: Association tells if relevant resources should be selected
automatically. e.g. a ConfigMap referred by a Deployment. default
false.
type: boolean
dependentOverrides:
description: "DependentOverrides represents the list of overrides(OverridePolicy)
which must present before the current PropagationPolicy takes effect.
\n It used to explicitly specify overrides which current PropagationPolicy
rely on. A typical scenario is the users create OverridePolicy(ies)
and resources at the same time, they want to ensure the new-created
policies would be adopted. \n Note: For the overrides, OverridePolicy(ies)
in current namespace and ClusterOverridePolicy(ies), which not present
in this list will still be applied if they matches the resources."
items:
type: string
type: array
placement:
description: Placement represents the rule for select clusters to
propagate resources.
properties:
clusterAffinity:
description: ClusterAffinity represents scheduling restrictions
to a certain set of clusters. If not set, any cluster can be
scheduling candidate.
properties:
clusterNames:
description: ClusterNames is the list of clusters to be selected.
items:
type: string
type: array
exclude:
description: ExcludedClusters is the list of clusters to be
ignored.
items:
type: string
type: array
fieldSelector:
description: FieldSelector is a filter to select member clusters
by fields. If non-nil and non-empty, only the clusters match
this filter will be selected.
properties:
matchExpressions:
description: A list of field selector requirements.
items:
description: A node selector requirement is a selector
that contains values, a key, and an operator that
relates the key and values.
properties:
key:
description: The label key that the selector applies
to.
type: string
operator:
description: Represents a key's relationship to
a set of values. Valid operators are In, NotIn,
Exists, DoesNotExist. Gt, and Lt.
type: string
values:
description: An array of string values. If the operator
is In or NotIn, the values array must be non-empty.
If the operator is Exists or DoesNotExist, the
values array must be empty. If the operator is
Gt or Lt, the values array must have a single
element, which will be interpreted as an integer.
This array is replaced during a strategic merge
patch.
items:
type: string
type: array
required:
- key
- operator
type: object
type: array
type: object
labelSelector:
description: LabelSelector is a filter to select member clusters
by labels. If non-nil and non-empty, only the clusters match
this filter will be selected.
properties:
matchExpressions:
description: matchExpressions is a list of label selector
requirements. The requirements are ANDed.
items:
description: A label selector requirement is a selector
that contains values, a key, and an operator that
relates the key and values.
properties:
key:
description: key is the label key that the selector
applies to.
type: string
operator:
description: operator represents a key's relationship
to a set of values. Valid operators are In, NotIn,
Exists and DoesNotExist.
type: string
values:
description: values is an array of string values.
If the operator is In or NotIn, the values array
must be non-empty. If the operator is Exists or
DoesNotExist, the values array must be empty.
This array is replaced during a strategic merge
patch.
items:
type: string
type: array
required:
- key
- operator
type: object
type: array
matchLabels:
additionalProperties:
type: string
description: matchLabels is a map of {key,value} pairs.
A single {key,value} in the matchLabels map is equivalent
to an element of matchExpressions, whose key field is
"key", the operator is "In", and the values array contains
only "value". The requirements are ANDed.
type: object
type: object
type: object
clusterTolerations:
description: ClusterTolerations represents the tolerations.
items:
description: The pod this Toleration is attached to tolerates
any taint that matches the triple <key,value,effect> using
the matching operator <operator>.
properties:
effect:
description: Effect indicates the taint effect to match.
Empty means match all taint effects. When specified, allowed
values are NoSchedule, PreferNoSchedule and NoExecute.
type: string
key:
description: Key is the taint key that the toleration applies
to. Empty means match all taint keys. If the key is empty,
operator must be Exists; this combination means to match
all values and all keys.
type: string
operator:
description: Operator represents a key's relationship to
the value. Valid operators are Exists and Equal. Defaults
to Equal. Exists is equivalent to wildcard for value,
so that a pod can tolerate all taints of a particular
category.
type: string
tolerationSeconds:
description: TolerationSeconds represents the period of
time the toleration (which must be of effect NoExecute,
otherwise this field is ignored) tolerates the taint.
By default, it is not set, which means tolerate the taint
forever (do not evict). Zero and negative values will
be treated as 0 (evict immediately) by the system.
format: int64
type: integer
value:
description: Value is the taint value the toleration matches
to. If the operator is Exists, the value should be empty,
otherwise just a regular string.
type: string
type: object
type: array
replicaScheduling:
description: ReplicaScheduling represents the scheduling policy
on dealing with the number of replicas when propagating resources
that have replicas in spec (e.g. deployments, statefulsets)
to member clusters.
properties:
replicaDivisionPreference:
description: ReplicaDivisionPreference determines how the
replicas is divided when ReplicaSchedulingType is "Divided".
Valid options are Aggregated and Weighted. "Aggregated"
divides replicas into clusters as few as possible, while
respecting clusters' resource availabilities during the
division. "Weighted" divides replicas by weight according
to WeightPreference.
enum:
- Aggregated
- Weighted
type: string
replicaSchedulingType:
description: ReplicaSchedulingType determines how the replicas
is scheduled when karmada propagating a resource. Valid
options are Duplicated and Divided. "Duplicated" duplicates
the same replicas to each candidate member cluster from
resource. "Divided" divides replicas into parts according
to number of valid candidate member clusters, and exact
replicas for each cluster are determined by ReplicaDivisionPreference.
enum:
- Duplicated
- Divided
type: string
weightPreference:
description: WeightPreference describes weight for each cluster
or for each group of cluster If ReplicaDivisionPreference
is set to "Weighted", and WeightPreference is not set, scheduler
will weight all clusters the same.
properties:
staticWeightList:
description: StaticWeightList defines the static cluster
weight.
items:
description: StaticClusterWeight defines the static
cluster weight.
properties:
targetCluster:
description: TargetCluster describes the filter
to select clusters.
properties:
clusterNames:
description: ClusterNames is the list of clusters
to be selected.
items:
type: string
type: array
exclude:
description: ExcludedClusters is the list of
clusters to be ignored.
items:
type: string
type: array
fieldSelector:
description: FieldSelector is a filter to select
member clusters by fields. If non-nil and
non-empty, only the clusters match this filter
will be selected.
properties:
matchExpressions:
description: A list of field selector requirements.
items:
description: A node selector requirement
is a selector that contains values,
a key, and an operator that relates
the key and values.
properties:
key:
description: The label key that the
selector applies to.
type: string
operator:
description: Represents a key's relationship
to a set of values. Valid operators
are In, NotIn, Exists, DoesNotExist.
Gt, and Lt.
type: string
values:
description: An array of string values.
If the operator is In or NotIn,
the values array must be non-empty.
If the operator is Exists or DoesNotExist,
the values array must be empty.
If the operator is Gt or Lt, the
values array must have a single
element, which will be interpreted
as an integer. This array is replaced
during a strategic merge patch.
items:
type: string
type: array
required:
- key
- operator
type: object
type: array
type: object
labelSelector:
description: LabelSelector is a filter to select
member clusters by labels. If non-nil and
non-empty, only the clusters match this filter
will be selected.
properties:
matchExpressions:
description: matchExpressions is a list
of label selector requirements. The requirements
are ANDed.
items:
description: A label selector requirement
is a selector that contains values,
a key, and an operator that relates
the key and values.
properties:
key:
description: key is the label key
that the selector applies to.
type: string
operator:
description: operator represents a
key's relationship to a set of values.
Valid operators are In, NotIn, Exists
and DoesNotExist.
type: string
values:
description: values is an array of
string values. If the operator is
In or NotIn, the values array must
be non-empty. If the operator is
Exists or DoesNotExist, the values
array must be empty. This array
is replaced during a strategic merge
patch.
items:
type: string
type: array
required:
- key
- operator
type: object
type: array
matchLabels:
additionalProperties:
type: string
description: matchLabels is a map of {key,value}
pairs. A single {key,value} in the matchLabels
map is equivalent to an element of matchExpressions,
whose key field is "key", the operator
is "In", and the values array contains
only "value". The requirements are ANDed.
type: object
type: object
type: object
weight:
description: Weight expressing the preference to
the cluster(s) specified by 'TargetCluster'.
format: int64
minimum: 1
type: integer
required:
- targetCluster
- weight
type: object
type: array
required:
- staticWeightList
type: object
type: object
spreadConstraints:
description: SpreadConstraints represents a list of the scheduling
constraints.
items:
description: SpreadConstraint represents the spread constraints
on resources.
properties:
maxGroups:
description: MaxGroups restricts the maximum number of cluster
groups to be selected.
type: integer
minGroups:
description: MinGroups restricts the minimum number of cluster
groups to be selected. Defaults to 1.
type: integer
spreadByField:
description: 'SpreadByField represents the fields on Karmada
cluster API used for dynamically grouping member clusters
into different groups. Resources will be spread among
different cluster groups. Available fields for spreading
are: cluster, region, zone, and provider. SpreadByField
should not co-exist with SpreadByLabel. If both SpreadByField
and SpreadByLabel are empty, SpreadByField will be set
to "cluster" by system.'
enum:
- cluster
- region
- zone
- provider
type: string
spreadByLabel:
description: SpreadByLabel represents the label key used
for grouping member clusters into different groups. Resources
will be spread among different cluster groups. SpreadByLabel
should not co-exist with SpreadByField.
type: string
type: object
type: array
type: object
resourceSelectors:
description: ResourceSelectors used to select resources.
items:
description: ResourceSelector the resources will be selected.
properties:
apiVersion:
description: APIVersion represents the API version of the target
resources.
type: string
kind:
description: Kind represents the Kind of the target resources.
type: string
labelSelector:
description: A label query over a set of resources. If name
is not empty, labelSelector will be ignored.
properties:
matchExpressions:
description: matchExpressions is a list of label selector
requirements. The requirements are ANDed.
items:
description: A label selector requirement is a selector
that contains values, a key, and an operator that relates
the key and values.
properties:
key:
description: key is the label key that the selector
applies to.
type: string
operator:
description: operator represents a key's relationship
to a set of values. Valid operators are In, NotIn,
Exists and DoesNotExist.
type: string
values:
description: values is an array of string values.
If the operator is In or NotIn, the values array
must be non-empty. If the operator is Exists or
DoesNotExist, the values array must be empty. This
array is replaced during a strategic merge patch.
items:
type: string
type: array
required:
- key
- operator
type: object
type: array
matchLabels:
additionalProperties:
type: string
description: matchLabels is a map of {key,value} pairs.
A single {key,value} in the matchLabels map is equivalent
to an element of matchExpressions, whose key field is
"key", the operator is "In", and the values array contains
only "value". The requirements are ANDed.
type: object
type: object
name:
description: Name of the target resource. Default is empty,
which means selecting all resources.
type: string
namespace:
description: Namespace of the target resource. Default is empty,
which means inherit from the parent object scope.
type: string
required:
- apiVersion
- kind
type: object
type: array
schedulerName:
description: SchedulerName represents which scheduler to proceed the
scheduling. If specified, the policy will be dispatched by specified
scheduler. If not specified, the policy will be dispatched by default
scheduler.
type: string
required:
- resourceSelectors
type: object
required:
- spec
type: object
served: true
storage: true
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []

375
charts/_crds/policy.karmada.io_overridepolicies.yaml Normal file
View File

@ -0,0 +1,375 @@
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.4.1
creationTimestamp: null
name: overridepolicies.policy.karmada.io
spec:
group: policy.karmada.io
names:
kind: OverridePolicy
listKind: OverridePolicyList
plural: overridepolicies
shortNames:
- op
singular: overridepolicy
scope: Namespaced
versions:
- name: v1alpha1
schema:
openAPIV3Schema:
description: OverridePolicy represents the policy that overrides a group of
resources to one or more clusters.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: Spec represents the desired behavior of OverridePolicy.
properties:
overriders:
description: Overriders represents the override rules that would apply
on resources
properties:
argsOverrider:
description: ArgsOverrider represents the rules dedicated to handling
container args
items:
description: CommandArgsOverrider represents the rules dedicated
to handling command/args overrides.
properties:
containerName:
description: The name of container
type: string
operator:
description: Operator represents the operator which will
apply on the command/args.
enum:
- add
- remove
type: string
value:
description: Value to be applied to command/args. Items
in Value which will be appended after command/args when
Operator is 'add'. Items in Value which match in command/args
will be deleted when Operator is 'remove'. If Value is
empty, then the command/args will remain the same.
items:
type: string
type: array
required:
- containerName
- operator
type: object
type: array
commandOverrider:
description: CommandOverrider represents the rules dedicated to
handling container command
items:
description: CommandArgsOverrider represents the rules dedicated
to handling command/args overrides.
properties:
containerName:
description: The name of container
type: string
operator:
description: Operator represents the operator which will
apply on the command/args.
enum:
- add
- remove
type: string
value:
description: Value to be applied to command/args. Items
in Value which will be appended after command/args when
Operator is 'add'. Items in Value which match in command/args
will be deleted when Operator is 'remove'. If Value is
empty, then the command/args will remain the same.
items:
type: string
type: array
required:
- containerName
- operator
type: object
type: array
imageOverrider:
description: ImageOverrider represents the rules dedicated to
handling image overrides.
items:
description: ImageOverrider represents the rules dedicated to
handling image overrides.
properties:
component:
description: 'Component is part of image name. Basically
we presume an image can be made of ''[registry/]repository[:tag]''.
The registry could be: - k8s.gcr.io - fictional.registry.example:10443
The repository could be: - kube-apiserver - fictional/nginx
The tag cloud be: - latest - v1.19.1 - @sha256:dbcc1c35ac38df41fd2f5e4130b32ffdb93ebae8b3dbe638c23575912276fc9c'
enum:
- Registry
- Repository
- Tag
type: string
operator:
description: Operator represents the operator which will
apply on the image.
enum:
- add
- remove
- replace
type: string
predicate:
description: "Predicate filters images before applying the
rule. \n Defaults to nil, in that case, the system will
automatically detect image fields if the resource type
is Pod, ReplicaSet, Deployment or StatefulSet by following
rule: - Pod: spec/containers/<N>/image - ReplicaSet:
spec/template/spec/containers/<N>/image - Deployment:
spec/template/spec/containers/<N>/image - StatefulSet:
spec/template/spec/containers/<N>/image In addition, all
images will be processed if the resource object has more
than one containers. \n If not nil, only images matches
the filters will be processed."
properties:
path:
description: Path indicates the path of target field
type: string
required:
- path
type: object
value:
description: Value to be applied to image. Must not be empty
when operator is 'add' or 'replace'. Defaults to empty
and ignored when operator is 'remove'.
type: string
required:
- component
- operator
type: object
type: array
plaintext:
description: Plaintext represents override rules defined with
plaintext overriders.
items:
description: PlaintextOverrider is a simple overrider that overrides
target fields according to path, operator and value.
properties:
operator:
description: 'Operator indicates the operation on target
field. Available operators are: add, update and remove.'
enum:
- add
- remove
- replace
type: string
path:
description: Path indicates the path of target field
type: string
value:
description: Value to be applied to target field. Must be
empty when operator is Remove.
x-kubernetes-preserve-unknown-fields: true
required:
- operator
- path
type: object
type: array
type: object
resourceSelectors:
description: ResourceSelectors restricts resource types that this
override policy applies to. nil means matching all resources.
items:
description: ResourceSelector the resources will be selected.
properties:
apiVersion:
description: APIVersion represents the API version of the target
resources.
type: string
kind:
description: Kind represents the Kind of the target resources.
type: string
labelSelector:
description: A label query over a set of resources. If name
is not empty, labelSelector will be ignored.
properties:
matchExpressions:
description: matchExpressions is a list of label selector
requirements. The requirements are ANDed.
items:
description: A label selector requirement is a selector
that contains values, a key, and an operator that relates
the key and values.
properties:
key:
description: key is the label key that the selector
applies to.
type: string
operator:
description: operator represents a key's relationship
to a set of values. Valid operators are In, NotIn,
Exists and DoesNotExist.
type: string
values:
description: values is an array of string values.
If the operator is In or NotIn, the values array
must be non-empty. If the operator is Exists or
DoesNotExist, the values array must be empty. This
array is replaced during a strategic merge patch.
items:
type: string
type: array
required:
- key
- operator
type: object
type: array
matchLabels:
additionalProperties:
type: string
description: matchLabels is a map of {key,value} pairs.
A single {key,value} in the matchLabels map is equivalent
to an element of matchExpressions, whose key field is
"key", the operator is "In", and the values array contains
only "value". The requirements are ANDed.
type: object
type: object
name:
description: Name of the target resource. Default is empty,
which means selecting all resources.
type: string
namespace:
description: Namespace of the target resource. Default is empty,
which means inherit from the parent object scope.
type: string
required:
- apiVersion
- kind
type: object
type: array
targetCluster:
description: TargetCluster defines restrictions on this override policy
that only applies to resources propagated to the matching clusters.
nil means matching all clusters.
properties:
clusterNames:
description: ClusterNames is the list of clusters to be selected.
items:
type: string
type: array
exclude:
description: ExcludedClusters is the list of clusters to be ignored.
items:
type: string
type: array
fieldSelector:
description: FieldSelector is a filter to select member clusters
by fields. If non-nil and non-empty, only the clusters match
this filter will be selected.
properties:
matchExpressions:
description: A list of field selector requirements.
items:
description: A node selector requirement is a selector that
contains values, a key, and an operator that relates the
key and values.
properties:
key:
description: The label key that the selector applies
to.
type: string
operator:
description: Represents a key's relationship to a set
of values. Valid operators are In, NotIn, Exists,
DoesNotExist. Gt, and Lt.
type: string
values:
description: An array of string values. If the operator
is In or NotIn, the values array must be non-empty.
If the operator is Exists or DoesNotExist, the values
array must be empty. If the operator is Gt or Lt,
the values array must have a single element, which
will be interpreted as an integer. This array is replaced
during a strategic merge patch.
items:
type: string
type: array
required:
- key
- operator
type: object
type: array
type: object
labelSelector:
description: LabelSelector is a filter to select member clusters
by labels. If non-nil and non-empty, only the clusters match
this filter will be selected.
properties:
matchExpressions:
description: matchExpressions is a list of label selector
requirements. The requirements are ANDed.
items:
description: A label selector requirement is a selector
that contains values, a key, and an operator that relates
the key and values.
properties:
key:
description: key is the label key that the selector
applies to.
type: string
operator:
description: operator represents a key's relationship
to a set of values. Valid operators are In, NotIn,
Exists and DoesNotExist.
type: string
values:
description: values is an array of string values. If
the operator is In or NotIn, the values array must
be non-empty. If the operator is Exists or DoesNotExist,
the values array must be empty. This array is replaced
during a strategic merge patch.
items:
type: string
type: array
required:
- key
- operator
type: object
type: array
matchLabels:
additionalProperties:
type: string
description: matchLabels is a map of {key,value} pairs. A
single {key,value} in the matchLabels map is equivalent
to an element of matchExpressions, whose key field is "key",
the operator is "In", and the values array contains only
"value". The requirements are ANDed.
type: object
type: object
type: object
required:
- overriders
type: object
required:
- spec
type: object
served: true
storage: true
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []

508
charts/_crds/policy.karmada.io_propagationpolicies.yaml Normal file
View File

@ -0,0 +1,508 @@
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.4.1
creationTimestamp: null
name: propagationpolicies.policy.karmada.io
spec:
group: policy.karmada.io
names:
kind: PropagationPolicy
listKind: PropagationPolicyList
plural: propagationpolicies
shortNames:
- pp
singular: propagationpolicy
scope: Namespaced
versions:
- name: v1alpha1
schema:
openAPIV3Schema:
description: PropagationPolicy represents the policy that propagates a group
of resources to one or more clusters.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: Spec represents the desired behavior of PropagationPolicy.
properties:
association:
description: Association tells if relevant resources should be selected
automatically. e.g. a ConfigMap referred by a Deployment. default
false.
type: boolean
dependentOverrides:
description: "DependentOverrides represents the list of overrides(OverridePolicy)
which must present before the current PropagationPolicy takes effect.
\n It used to explicitly specify overrides which current PropagationPolicy
rely on. A typical scenario is the users create OverridePolicy(ies)
and resources at the same time, they want to ensure the new-created
policies would be adopted. \n Note: For the overrides, OverridePolicy(ies)
in current namespace and ClusterOverridePolicy(ies), which not present
in this list will still be applied if they matches the resources."
items:
type: string
type: array
placement:
description: Placement represents the rule for select clusters to
propagate resources.
properties:
clusterAffinity:
description: ClusterAffinity represents scheduling restrictions
to a certain set of clusters. If not set, any cluster can be
scheduling candidate.
properties:
clusterNames:
description: ClusterNames is the list of clusters to be selected.
items:
type: string
type: array
exclude:
description: ExcludedClusters is the list of clusters to be
ignored.
items:
type: string
type: array
fieldSelector:
description: FieldSelector is a filter to select member clusters
by fields. If non-nil and non-empty, only the clusters match
this filter will be selected.
properties:
matchExpressions:
description: A list of field selector requirements.
items:
description: A node selector requirement is a selector
that contains values, a key, and an operator that
relates the key and values.
properties:
key:
description: The label key that the selector applies
to.
type: string
operator:
description: Represents a key's relationship to
a set of values. Valid operators are In, NotIn,
Exists, DoesNotExist. Gt, and Lt.
type: string
values:
description: An array of string values. If the operator
is In or NotIn, the values array must be non-empty.
If the operator is Exists or DoesNotExist, the
values array must be empty. If the operator is
Gt or Lt, the values array must have a single
element, which will be interpreted as an integer.
This array is replaced during a strategic merge
patch.
items:
type: string
type: array
required:
- key
- operator
type: object
type: array
type: object
labelSelector:
description: LabelSelector is a filter to select member clusters
by labels. If non-nil and non-empty, only the clusters match
this filter will be selected.
properties:
matchExpressions:
description: matchExpressions is a list of label selector
requirements. The requirements are ANDed.
items:
description: A label selector requirement is a selector
that contains values, a key, and an operator that
relates the key and values.
properties:
key:
description: key is the label key that the selector
applies to.
type: string
operator:
description: operator represents a key's relationship
to a set of values. Valid operators are In, NotIn,
Exists and DoesNotExist.
type: string
values:
description: values is an array of string values.
If the operator is In or NotIn, the values array
must be non-empty. If the operator is Exists or
DoesNotExist, the values array must be empty.
This array is replaced during a strategic merge
patch.
items:
type: string
type: array
required:
- key
- operator
type: object
type: array
matchLabels:
additionalProperties:
type: string
description: matchLabels is a map of {key,value} pairs.
A single {key,value} in the matchLabels map is equivalent
to an element of matchExpressions, whose key field is
"key", the operator is "In", and the values array contains
only "value". The requirements are ANDed.
type: object
type: object
type: object
clusterTolerations:
description: ClusterTolerations represents the tolerations.
items:
description: The pod this Toleration is attached to tolerates
any taint that matches the triple <key,value,effect> using
the matching operator <operator>.
properties:
effect:
description: Effect indicates the taint effect to match.
Empty means match all taint effects. When specified, allowed
values are NoSchedule, PreferNoSchedule and NoExecute.
type: string
key:
description: Key is the taint key that the toleration applies
to. Empty means match all taint keys. If the key is empty,
operator must be Exists; this combination means to match
all values and all keys.
type: string
operator:
description: Operator represents a key's relationship to
the value. Valid operators are Exists and Equal. Defaults
to Equal. Exists is equivalent to wildcard for value,
so that a pod can tolerate all taints of a particular
category.
type: string
tolerationSeconds:
description: TolerationSeconds represents the period of
time the toleration (which must be of effect NoExecute,
otherwise this field is ignored) tolerates the taint.
By default, it is not set, which means tolerate the taint
forever (do not evict). Zero and negative values will
be treated as 0 (evict immediately) by the system.
format: int64
type: integer
value:
description: Value is the taint value the toleration matches
to. If the operator is Exists, the value should be empty,
otherwise just a regular string.
type: string
type: object
type: array
replicaScheduling:
description: ReplicaScheduling represents the scheduling policy
on dealing with the number of replicas when propagating resources
that have replicas in spec (e.g. deployments, statefulsets)
to member clusters.
properties:
replicaDivisionPreference:
description: ReplicaDivisionPreference determines how the
replicas is divided when ReplicaSchedulingType is "Divided".
Valid options are Aggregated and Weighted. "Aggregated"
divides replicas into clusters as few as possible, while
respecting clusters' resource availabilities during the
division. "Weighted" divides replicas by weight according
to WeightPreference.
enum:
- Aggregated
- Weighted
type: string
replicaSchedulingType:
description: ReplicaSchedulingType determines how the replicas
is scheduled when karmada propagating a resource. Valid
options are Duplicated and Divided. "Duplicated" duplicates
the same replicas to each candidate member cluster from
resource. "Divided" divides replicas into parts according
to number of valid candidate member clusters, and exact
replicas for each cluster are determined by ReplicaDivisionPreference.
enum:
- Duplicated
- Divided
type: string
weightPreference:
description: WeightPreference describes weight for each cluster
or for each group of cluster If ReplicaDivisionPreference
is set to "Weighted", and WeightPreference is not set, scheduler
will weight all clusters the same.
properties:
staticWeightList:
description: StaticWeightList defines the static cluster
weight.
items:
description: StaticClusterWeight defines the static
cluster weight.
properties:
targetCluster:
description: TargetCluster describes the filter
to select clusters.
properties:
clusterNames:
description: ClusterNames is the list of clusters
to be selected.
items:
type: string
type: array
exclude:
description: ExcludedClusters is the list of
clusters to be ignored.
items:
type: string
type: array
fieldSelector:
description: FieldSelector is a filter to select
member clusters by fields. If non-nil and
non-empty, only the clusters match this filter
will be selected.
properties:
matchExpressions:
description: A list of field selector requirements.
items:
description: A node selector requirement
is a selector that contains values,
a key, and an operator that relates
the key and values.
properties:
key:
description: The label key that the
selector applies to.
type: string
operator:
description: Represents a key's relationship
to a set of values. Valid operators
are In, NotIn, Exists, DoesNotExist.
Gt, and Lt.
type: string
values:
description: An array of string values.
If the operator is In or NotIn,
the values array must be non-empty.
If the operator is Exists or DoesNotExist,
the values array must be empty.
If the operator is Gt or Lt, the
values array must have a single
element, which will be interpreted
as an integer. This array is replaced
during a strategic merge patch.
items:
type: string
type: array
required:
- key
- operator
type: object
type: array
type: object
labelSelector:
description: LabelSelector is a filter to select
member clusters by labels. If non-nil and
non-empty, only the clusters match this filter
will be selected.
properties:
matchExpressions:
description: matchExpressions is a list
of label selector requirements. The requirements
are ANDed.
items:
description: A label selector requirement
is a selector that contains values,
a key, and an operator that relates
the key and values.
properties:
key:
description: key is the label key
that the selector applies to.
type: string
operator:
description: operator represents a
key's relationship to a set of values.
Valid operators are In, NotIn, Exists
and DoesNotExist.
type: string
values:
description: values is an array of
string values. If the operator is
In or NotIn, the values array must
be non-empty. If the operator is
Exists or DoesNotExist, the values
array must be empty. This array
is replaced during a strategic merge
patch.
items:
type: string
type: array
required:
- key
- operator
type: object
type: array
matchLabels:
additionalProperties:
type: string
description: matchLabels is a map of {key,value}
pairs. A single {key,value} in the matchLabels
map is equivalent to an element of matchExpressions,
whose key field is "key", the operator
is "In", and the values array contains
only "value". The requirements are ANDed.
type: object
type: object
type: object
weight:
description: Weight expressing the preference to
the cluster(s) specified by 'TargetCluster'.
format: int64
minimum: 1
type: integer
required:
- targetCluster
- weight
type: object
type: array
required:
- staticWeightList
type: object
type: object
spreadConstraints:
description: SpreadConstraints represents a list of the scheduling
constraints.
items:
description: SpreadConstraint represents the spread constraints
on resources.
properties:
maxGroups:
description: MaxGroups restricts the maximum number of cluster
groups to be selected.
type: integer
minGroups:
description: MinGroups restricts the minimum number of cluster
groups to be selected. Defaults to 1.
type: integer
spreadByField:
description: 'SpreadByField represents the fields on Karmada
cluster API used for dynamically grouping member clusters
into different groups. Resources will be spread among
different cluster groups. Available fields for spreading
are: cluster, region, zone, and provider. SpreadByField
should not co-exist with SpreadByLabel. If both SpreadByField
and SpreadByLabel are empty, SpreadByField will be set
to "cluster" by system.'
enum:
- cluster
- region
- zone
- provider
type: string
spreadByLabel:
description: SpreadByLabel represents the label key used
for grouping member clusters into different groups. Resources
will be spread among different cluster groups. SpreadByLabel
should not co-exist with SpreadByField.
type: string
type: object
type: array
type: object
resourceSelectors:
description: ResourceSelectors used to select resources.
items:
description: ResourceSelector the resources will be selected.
properties:
apiVersion:
description: APIVersion represents the API version of the target
resources.
type: string
kind:
description: Kind represents the Kind of the target resources.
type: string
labelSelector:
description: A label query over a set of resources. If name
is not empty, labelSelector will be ignored.
properties:
matchExpressions:
description: matchExpressions is a list of label selector
requirements. The requirements are ANDed.
items:
description: A label selector requirement is a selector
that contains values, a key, and an operator that relates
the key and values.
properties:
key:
description: key is the label key that the selector
applies to.
type: string
operator:
description: operator represents a key's relationship
to a set of values. Valid operators are In, NotIn,
Exists and DoesNotExist.
type: string
values:
description: values is an array of string values.
If the operator is In or NotIn, the values array
must be non-empty. If the operator is Exists or
DoesNotExist, the values array must be empty. This
array is replaced during a strategic merge patch.
items:
type: string
type: array
required:
- key
- operator
type: object
type: array
matchLabels:
additionalProperties:
type: string
description: matchLabels is a map of {key,value} pairs.
A single {key,value} in the matchLabels map is equivalent
to an element of matchExpressions, whose key field is
"key", the operator is "In", and the values array contains
only "value". The requirements are ANDed.
type: object
type: object
name:
description: Name of the target resource. Default is empty,
which means selecting all resources.
type: string
namespace:
description: Namespace of the target resource. Default is empty,
which means inherit from the parent object scope.
type: string
required:
- apiVersion
- kind
type: object
type: array
schedulerName:
description: SchedulerName represents which scheduler to proceed the
scheduling. If specified, the policy will be dispatched by specified
scheduler. If not specified, the policy will be dispatched by default
scheduler.
type: string
required:
- resourceSelectors
type: object
required:
- spec
type: object
served: true
storage: true
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []

263
charts/_crds/policy.karmada.io_replicaschedulingpolicies.yaml Normal file
View File

@ -0,0 +1,263 @@
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.4.1
creationTimestamp: null
name: replicaschedulingpolicies.policy.karmada.io
spec:
group: policy.karmada.io
names:
kind: ReplicaSchedulingPolicy
listKind: ReplicaSchedulingPolicyList
plural: replicaschedulingpolicies
shortNames:
- rsp
singular: replicaschedulingpolicy
scope: Namespaced
versions:
- name: v1alpha1
schema:
openAPIV3Schema:
description: ReplicaSchedulingPolicy represents the policy that propagates
total number of replicas for deployment.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: Spec represents the desired behavior of ReplicaSchedulingPolicy.
properties:
preferences:
description: Preferences describes weight for each cluster or for
each group of cluster.
properties:
staticWeightList:
description: StaticWeightList defines the static cluster weight.
items:
description: StaticClusterWeight defines the static cluster
weight.
properties:
targetCluster:
description: TargetCluster describes the filter to select
clusters.
properties:
clusterNames:
description: ClusterNames is the list of clusters to
be selected.
items:
type: string
type: array
exclude:
description: ExcludedClusters is the list of clusters
to be ignored.
items:
type: string
type: array
fieldSelector:
description: FieldSelector is a filter to select member
clusters by fields. If non-nil and non-empty, only
the clusters match this filter will be selected.
properties:
matchExpressions:
description: A list of field selector requirements.
items:
description: A node selector requirement is a
selector that contains values, a key, and an
operator that relates the key and values.
properties:
key:
description: The label key that the selector
applies to.
type: string
operator:
description: Represents a key's relationship
to a set of values. Valid operators are
In, NotIn, Exists, DoesNotExist. Gt, and
Lt.
type: string
values:
description: An array of string values. If
the operator is In or NotIn, the values
array must be non-empty. If the operator
is Exists or DoesNotExist, the values array
must be empty. If the operator is Gt or
Lt, the values array must have a single
element, which will be interpreted as an
integer. This array is replaced during a
strategic merge patch.
items:
type: string
type: array
required:
- key
- operator
type: object
type: array
type: object
labelSelector:
description: LabelSelector is a filter to select member
clusters by labels. If non-nil and non-empty, only
the clusters match this filter will be selected.
properties:
matchExpressions:
description: matchExpressions is a list of label
selector requirements. The requirements are ANDed.
items:
description: A label selector requirement is a
selector that contains values, a key, and an
operator that relates the key and values.
properties:
key:
description: key is the label key that the
selector applies to.
type: string
operator:
description: operator represents a key's relationship
to a set of values. Valid operators are
In, NotIn, Exists and DoesNotExist.
type: string
values:
description: values is an array of string
values. If the operator is In or NotIn,
the values array must be non-empty. If the
operator is Exists or DoesNotExist, the
values array must be empty. This array is
replaced during a strategic merge patch.
items:
type: string
type: array
required:
- key
- operator
type: object
type: array
matchLabels:
additionalProperties:
type: string
description: matchLabels is a map of {key,value}
pairs. A single {key,value} in the matchLabels
map is equivalent to an element of matchExpressions,
whose key field is "key", the operator is "In",
and the values array contains only "value". The
requirements are ANDed.
type: object
type: object
type: object
weight:
description: Weight expressing the preference to the cluster(s)
specified by 'TargetCluster'.
format: int64
minimum: 1
type: integer
required:
- targetCluster
- weight
type: object
type: array
required:
- staticWeightList
type: object
resourceSelectors:
description: ResourceSelectors used to select resources.
items:
description: ResourceSelector the resources will be selected.
properties:
apiVersion:
description: APIVersion represents the API version of the target
resources.
type: string
kind:
description: Kind represents the Kind of the target resources.
type: string
labelSelector:
description: A label query over a set of resources. If name
is not empty, labelSelector will be ignored.
properties:
matchExpressions:
description: matchExpressions is a list of label selector
requirements. The requirements are ANDed.
items:
description: A label selector requirement is a selector
that contains values, a key, and an operator that relates
the key and values.
properties:
key:
description: key is the label key that the selector
applies to.
type: string
operator:
description: operator represents a key's relationship
to a set of values. Valid operators are In, NotIn,
Exists and DoesNotExist.
type: string
values:
description: values is an array of string values.
If the operator is In or NotIn, the values array
must be non-empty. If the operator is Exists or
DoesNotExist, the values array must be empty. This
array is replaced during a strategic merge patch.
items:
type: string
type: array
required:
- key
- operator
type: object
type: array
matchLabels:
additionalProperties:
type: string
description: matchLabels is a map of {key,value} pairs.
A single {key,value} in the matchLabels map is equivalent
to an element of matchExpressions, whose key field is
"key", the operator is "In", and the values array contains
only "value". The requirements are ANDed.
type: object
type: object
name:
description: Name of the target resource. Default is empty,
which means selecting all resources.
type: string
namespace:
description: Namespace of the target resource. Default is empty,
which means inherit from the parent object scope.
type: string
required:
- apiVersion
- kind
type: object
type: array
totalReplicas:
description: TotalReplicas represents the total number of replicas
across member clusters. The replicas(spec.replicas) specified for
deployment template will be discarded.
format: int32
type: integer
required:
- preferences
- resourceSelectors
- totalReplicas
type: object
required:
- spec
type: object
served: true
storage: true
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []

375
charts/_crds/work.karmada.io_clusterresourcebindings.yaml Normal file
View File

@ -0,0 +1,375 @@
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.4.1
creationTimestamp: null
name: clusterresourcebindings.work.karmada.io
spec:
group: work.karmada.io
names:
kind: ClusterResourceBinding
listKind: ClusterResourceBindingList
plural: clusterresourcebindings
shortNames:
- crb
singular: clusterresourcebinding
scope: Cluster
versions:
- name: v1alpha1
schema:
openAPIV3Schema:
description: ClusterResourceBinding represents a binding of a kubernetes resource
with a ClusterPropagationPolicy.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: Spec represents the desired behavior.
properties:
clusters:
description: Clusters represents target member clusters where the
resource to be deployed.
items:
description: TargetCluster represents the identifier of a member
cluster.
properties:
name:
description: Name of target cluster.
type: string
replicas:
description: Replicas in target cluster
format: int32
type: integer
required:
- name
type: object
type: array
replicaRequirements:
description: ReplicaRequirements represents the requirements required
by each replica.
properties:
nodeClaim:
description: NodeClaim represents the node claim HardNodeAffinity,
NodeSelector and Tolerations required by each replica.
properties:
hardNodeAffinity:
description: A node selector represents the union of the results
of one or more label queries over a set of nodes; that is,
it represents the OR of the selectors represented by the
node selector terms. Note that only PodSpec.Affinity.NodeAffinity.RequiredDuringSchedulingIgnoredDuringExecution
is included here because it has a hard limit on pod scheduling.
properties:
nodeSelectorTerms:
description: Required. A list of node selector terms.
The terms are ORed.
items:
description: A null or empty node selector term matches
no objects. The requirements of them are ANDed. The
TopologySelectorTerm type implements a subset of the
NodeSelectorTerm.
properties:
matchExpressions:
description: A list of node selector requirements
by node's labels.
items:
description: A node selector requirement is a
selector that contains values, a key, and an
operator that relates the key and values.
properties:
key:
description: The label key that the selector
applies to.
type: string
operator:
description: Represents a key's relationship
to a set of values. Valid operators are
In, NotIn, Exists, DoesNotExist. Gt, and
Lt.
type: string
values:
description: An array of string values. If
the operator is In or NotIn, the values
array must be non-empty. If the operator
is Exists or DoesNotExist, the values array
must be empty. If the operator is Gt or
Lt, the values array must have a single
element, which will be interpreted as an
integer. This array is replaced during a
strategic merge patch.
items:
type: string
type: array
required:
- key
- operator
type: object
type: array
matchFields:
description: A list of node selector requirements
by node's fields.
items:
description: A node selector requirement is a
selector that contains values, a key, and an
operator that relates the key and values.
properties:
key:
description: The label key that the selector
applies to.
type: string
operator:
description: Represents a key's relationship
to a set of values. Valid operators are
In, NotIn, Exists, DoesNotExist. Gt, and
Lt.
type: string
values:
description: An array of string values. If
the operator is In or NotIn, the values
array must be non-empty. If the operator
is Exists or DoesNotExist, the values array
must be empty. If the operator is Gt or
Lt, the values array must have a single
element, which will be interpreted as an
integer. This array is replaced during a
strategic merge patch.
items:
type: string
type: array
required:
- key
- operator
type: object
type: array
type: object
type: array
required:
- nodeSelectorTerms
type: object
nodeSelector:
additionalProperties:
type: string
description: NodeSelector is a selector which must be true
for the pod to fit on a node. Selector which must match
a node's labels for the pod to be scheduled on that node.
type: object
tolerations:
description: If specified, the pod's tolerations.
items:
description: The pod this Toleration is attached to tolerates
any taint that matches the triple <key,value,effect> using
the matching operator <operator>.
properties:
effect:
description: Effect indicates the taint effect to match.
Empty means match all taint effects. When specified,
allowed values are NoSchedule, PreferNoSchedule and
NoExecute.
type: string
key:
description: Key is the taint key that the toleration
applies to. Empty means match all taint keys. If the
key is empty, operator must be Exists; this combination
means to match all values and all keys.
type: string
operator:
description: Operator represents a key's relationship
to the value. Valid operators are Exists and Equal.
Defaults to Equal. Exists is equivalent to wildcard
for value, so that a pod can tolerate all taints of
a particular category.
type: string
tolerationSeconds:
description: TolerationSeconds represents the period
of time the toleration (which must be of effect NoExecute,
otherwise this field is ignored) tolerates the taint.
By default, it is not set, which means tolerate the
taint forever (do not evict). Zero and negative values
will be treated as 0 (evict immediately) by the system.
format: int64
type: integer
value:
description: Value is the taint value the toleration
matches to. If the operator is Exists, the value should
be empty, otherwise just a regular string.
type: string
type: object
type: array
type: object
resourceRequest:
additionalProperties:
anyOf:
- type: integer
- type: string
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
description: ResourceRequest represents the resources required
by each replica.
type: object
type: object
replicas:
description: Replicas represents the replica number of the referencing
resource.
format: int32
type: integer
resource:
description: Resource represents the Kubernetes resource to be propagated.
properties:
apiVersion:
description: APIVersion represents the API version of the referent.
type: string
kind:
description: Kind represents the Kind of the referent.
type: string
name:
description: Name represents the name of the referent.
type: string
namespace:
description: Namespace represents the namespace for the referent.
For non-namespace scoped resources(e.g. 'ClusterRole')do not
need specify Namespace, and for namespace scoped resources,
Namespace is required. If Namespace is not specified, means
the resource is non-namespace scoped.
type: string
resourceVersion:
description: ResourceVersion represents the internal version of
the referenced object, that can be used by clients to determine
when object has changed.
type: string
required:
- apiVersion
- kind
- name
type: object
required:
- resource
type: object
status:
description: Status represents the most recently observed status of the
ResourceBinding.
properties:
aggregatedStatus:
description: AggregatedStatus represents status list of the resource
running in each member cluster.
items:
description: AggregatedStatusItem represents status of the resource
running in a member cluster.
properties:
applied:
description: Applied represents if the resource referencing
by ResourceBinding or ClusterResourceBinding is successfully
applied on the cluster.
type: boolean
appliedMessage:
description: AppliedMessage is a human readable message indicating
details about the applied status. This is usually holds the
error message in case of apply failed.
type: string
clusterName:
description: ClusterName represents the member cluster name
which the resource deployed on.
type: string
status:
description: Status reflects running status of current manifest.
type: object
x-kubernetes-preserve-unknown-fields: true
required:
- clusterName
type: object
type: array
conditions:
description: Conditions contain the different condition statuses.
items:
description: "Condition contains details for one aspect of the current
state of this API Resource. --- This struct is intended for direct
use as an array at the field path .status.conditions. For example,
type FooStatus struct{ // Represents the observations of a
foo's current state. // Known .status.conditions.type are:
\"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type
\ // +patchStrategy=merge // +listType=map // +listMapKey=type
\ Conditions []metav1.Condition `json:\"conditions,omitempty\"
patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`
\n // other fields }"
properties:
lastTransitionTime:
description: lastTransitionTime is the last time the condition
transitioned from one status to another. This should be when
the underlying condition changed. If that is not known, then
using the time when the API field changed is acceptable.
format: date-time
type: string
message:
description: message is a human readable message indicating
details about the transition. This may be an empty string.
maxLength: 32768
type: string
observedGeneration:
description: observedGeneration represents the .metadata.generation
that the condition was set based upon. For instance, if .metadata.generation
is currently 12, but the .status.conditions[x].observedGeneration
is 9, the condition is out of date with respect to the current
state of the instance.
format: int64
minimum: 0
type: integer
reason:
description: reason contains a programmatic identifier indicating
the reason for the condition's last transition. Producers
of specific condition types may define expected values and
meanings for this field, and whether the values are considered
a guaranteed API. The value should be a CamelCase string.
This field may not be empty.
maxLength: 1024
minLength: 1
pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
type: string
status:
description: status of the condition, one of True, False, Unknown.
enum:
- "True"
- "False"
- Unknown
type: string
type:
description: type of condition in CamelCase or in foo.example.com/CamelCase.
--- Many .condition.type values are consistent across resources
like Available, but because arbitrary conditions can be useful
(see .node.status.conditions), the ability to deconflict is
important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
maxLength: 316
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
type: string
required:
- lastTransitionTime
- message
- reason
- status
- type
type: object
type: array
type: object
required:
- spec
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []

375
charts/_crds/work.karmada.io_resourcebindings.yaml Normal file
View File

@ -0,0 +1,375 @@
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.4.1
creationTimestamp: null
name: resourcebindings.work.karmada.io
spec:
group: work.karmada.io
names:
kind: ResourceBinding
listKind: ResourceBindingList
plural: resourcebindings
shortNames:
- rb
singular: resourcebinding
scope: Namespaced
versions:
- name: v1alpha1
schema:
openAPIV3Schema:
description: ResourceBinding represents a binding of a kubernetes resource
with a propagation policy.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: Spec represents the desired behavior.
properties:
clusters:
description: Clusters represents target member clusters where the
resource to be deployed.
items:
description: TargetCluster represents the identifier of a member
cluster.
properties:
name:
description: Name of target cluster.
type: string
replicas:
description: Replicas in target cluster
format: int32
type: integer
required:
- name
type: object
type: array
replicaRequirements:
description: ReplicaRequirements represents the requirements required
by each replica.
properties:
nodeClaim:
description: NodeClaim represents the node claim HardNodeAffinity,
NodeSelector and Tolerations required by each replica.
properties:
hardNodeAffinity:
description: A node selector represents the union of the results
of one or more label queries over a set of nodes; that is,
it represents the OR of the selectors represented by the
node selector terms. Note that only PodSpec.Affinity.NodeAffinity.RequiredDuringSchedulingIgnoredDuringExecution
is included here because it has a hard limit on pod scheduling.
properties:
nodeSelectorTerms:
description: Required. A list of node selector terms.
The terms are ORed.
items:
description: A null or empty node selector term matches
no objects. The requirements of them are ANDed. The
TopologySelectorTerm type implements a subset of the
NodeSelectorTerm.
properties:
matchExpressions:
description: A list of node selector requirements
by node's labels.
items:
description: A node selector requirement is a
selector that contains values, a key, and an
operator that relates the key and values.
properties:
key:
description: The label key that the selector
applies to.
type: string
operator:
description: Represents a key's relationship
to a set of values. Valid operators are
In, NotIn, Exists, DoesNotExist. Gt, and
Lt.
type: string
values:
description: An array of string values. If
the operator is In or NotIn, the values
array must be non-empty. If the operator
is Exists or DoesNotExist, the values array
must be empty. If the operator is Gt or
Lt, the values array must have a single
element, which will be interpreted as an
integer. This array is replaced during a
strategic merge patch.
items:
type: string
type: array
required:
- key
- operator
type: object
type: array
matchFields:
description: A list of node selector requirements
by node's fields.
items:
description: A node selector requirement is a
selector that contains values, a key, and an
operator that relates the key and values.
properties:
key:
description: The label key that the selector
applies to.
type: string
operator:
description: Represents a key's relationship
to a set of values. Valid operators are
In, NotIn, Exists, DoesNotExist. Gt, and
Lt.
type: string
values:
description: An array of string values. If
the operator is In or NotIn, the values
array must be non-empty. If the operator
is Exists or DoesNotExist, the values array
must be empty. If the operator is Gt or
Lt, the values array must have a single
element, which will be interpreted as an
integer. This array is replaced during a
strategic merge patch.
items:
type: string
type: array
required:
- key
- operator
type: object
type: array
type: object
type: array
required:
- nodeSelectorTerms
type: object
nodeSelector:
additionalProperties:
type: string
description: NodeSelector is a selector which must be true
for the pod to fit on a node. Selector which must match
a node's labels for the pod to be scheduled on that node.
type: object
tolerations:
description: If specified, the pod's tolerations.
items:
description: The pod this Toleration is attached to tolerates
any taint that matches the triple <key,value,effect> using
the matching operator <operator>.
properties:
effect:
description: Effect indicates the taint effect to match.
Empty means match all taint effects. When specified,
allowed values are NoSchedule, PreferNoSchedule and
NoExecute.
type: string
key:
description: Key is the taint key that the toleration
applies to. Empty means match all taint keys. If the
key is empty, operator must be Exists; this combination
means to match all values and all keys.
type: string
operator:
description: Operator represents a key's relationship
to the value. Valid operators are Exists and Equal.
Defaults to Equal. Exists is equivalent to wildcard
for value, so that a pod can tolerate all taints of
a particular category.
type: string
tolerationSeconds:
description: TolerationSeconds represents the period
of time the toleration (which must be of effect NoExecute,
otherwise this field is ignored) tolerates the taint.
By default, it is not set, which means tolerate the
taint forever (do not evict). Zero and negative values
will be treated as 0 (evict immediately) by the system.
format: int64
type: integer
value:
description: Value is the taint value the toleration
matches to. If the operator is Exists, the value should
be empty, otherwise just a regular string.
type: string
type: object
type: array
type: object
resourceRequest:
additionalProperties:
anyOf:
- type: integer
- type: string
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
description: ResourceRequest represents the resources required
by each replica.
type: object
type: object
replicas:
description: Replicas represents the replica number of the referencing
resource.
format: int32
type: integer
resource:
description: Resource represents the Kubernetes resource to be propagated.
properties:
apiVersion:
description: APIVersion represents the API version of the referent.
type: string
kind:
description: Kind represents the Kind of the referent.
type: string
name:
description: Name represents the name of the referent.
type: string
namespace:
description: Namespace represents the namespace for the referent.
For non-namespace scoped resources(e.g. 'ClusterRole')do not
need specify Namespace, and for namespace scoped resources,
Namespace is required. If Namespace is not specified, means
the resource is non-namespace scoped.
type: string
resourceVersion:
description: ResourceVersion represents the internal version of
the referenced object, that can be used by clients to determine
when object has changed.
type: string
required:
- apiVersion
- kind
- name
type: object
required:
- resource
type: object
status:
description: Status represents the most recently observed status of the
ResourceBinding.
properties:
aggregatedStatus:
description: AggregatedStatus represents status list of the resource
running in each member cluster.
items:
description: AggregatedStatusItem represents status of the resource
running in a member cluster.
properties:
applied:
description: Applied represents if the resource referencing
by ResourceBinding or ClusterResourceBinding is successfully
applied on the cluster.
type: boolean
appliedMessage:
description: AppliedMessage is a human readable message indicating
details about the applied status. This is usually holds the
error message in case of apply failed.
type: string
clusterName:
description: ClusterName represents the member cluster name
which the resource deployed on.
type: string
status:
description: Status reflects running status of current manifest.
type: object
x-kubernetes-preserve-unknown-fields: true
required:
- clusterName
type: object
type: array
conditions:
description: Conditions contain the different condition statuses.
items:
description: "Condition contains details for one aspect of the current
state of this API Resource. --- This struct is intended for direct
use as an array at the field path .status.conditions. For example,
type FooStatus struct{ // Represents the observations of a
foo's current state. // Known .status.conditions.type are:
\"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type
\ // +patchStrategy=merge // +listType=map // +listMapKey=type
\ Conditions []metav1.Condition `json:\"conditions,omitempty\"
patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`
\n // other fields }"
properties:
lastTransitionTime:
description: lastTransitionTime is the last time the condition
transitioned from one status to another. This should be when
the underlying condition changed. If that is not known, then
using the time when the API field changed is acceptable.
format: date-time
type: string
message:
description: message is a human readable message indicating
details about the transition. This may be an empty string.
maxLength: 32768
type: string
observedGeneration:
description: observedGeneration represents the .metadata.generation
that the condition was set based upon. For instance, if .metadata.generation
is currently 12, but the .status.conditions[x].observedGeneration
is 9, the condition is out of date with respect to the current
state of the instance.
format: int64
minimum: 0
type: integer
reason:
description: reason contains a programmatic identifier indicating
the reason for the condition's last transition. Producers
of specific condition types may define expected values and
meanings for this field, and whether the values are considered
a guaranteed API. The value should be a CamelCase string.
This field may not be empty.
maxLength: 1024
minLength: 1
pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
type: string
status:
description: status of the condition, one of True, False, Unknown.
enum:
- "True"
- "False"
- Unknown
type: string
type:
description: type of condition in CamelCase or in foo.example.com/CamelCase.
--- Many .condition.type values are consistent across resources
like Available, but because arbitrary conditions can be useful
(see .node.status.conditions), the ability to deconflict is
important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
maxLength: 316
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
type: string
required:
- lastTransitionTime
- message
- reason
- status
- type
type: object
type: array
type: object
required:
- spec
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []

197
charts/_crds/work.karmada.io_works.yaml Normal file
View File

@ -0,0 +1,197 @@
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.4.1
creationTimestamp: null
name: works.work.karmada.io
spec:
group: work.karmada.io
names:
kind: Work
listKind: WorkList
plural: works
singular: work
scope: Namespaced
versions:
- name: v1alpha1
schema:
openAPIV3Schema:
description: Work defines a list of resources to be deployed on the member
cluster.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: Spec represents the desired behavior of Work.
properties:
workload:
description: Workload represents the manifest workload to be deployed
on managed cluster.
properties:
manifests:
description: Manifests represents a list of Kubernetes resources
to be deployed on the managed cluster.
items:
description: Manifest represents a resource to be deployed on
managed cluster.
type: object
x-kubernetes-preserve-unknown-fields: true
type: array
type: object
type: object
status:
description: Status represents the status of PropagationStatus.
properties:
conditions:
description: 'Conditions contain the different condition statuses
for this work. Valid condition types are: 1. Applied represents
workload in Work is applied successfully on a managed cluster. 2.
Progressing represents workload in Work is being applied on a managed
cluster. 3. Available represents workload in Work exists on the
managed cluster. 4. Degraded represents the current state of workload
does not match the desired state for a certain period.'
items:
description: "Condition contains details for one aspect of the current
state of this API Resource. --- This struct is intended for direct
use as an array at the field path .status.conditions. For example,
type FooStatus struct{ // Represents the observations of a
foo's current state. // Known .status.conditions.type are:
\"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type
\ // +patchStrategy=merge // +listType=map // +listMapKey=type
\ Conditions []metav1.Condition `json:\"conditions,omitempty\"
patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`
\n // other fields }"
properties:
lastTransitionTime:
description: lastTransitionTime is the last time the condition
transitioned from one status to another. This should be when
the underlying condition changed. If that is not known, then
using the time when the API field changed is acceptable.
format: date-time
type: string
message:
description: message is a human readable message indicating
details about the transition. This may be an empty string.
maxLength: 32768
type: string
observedGeneration:
description: observedGeneration represents the .metadata.generation
that the condition was set based upon. For instance, if .metadata.generation
is currently 12, but the .status.conditions[x].observedGeneration
is 9, the condition is out of date with respect to the current
state of the instance.
format: int64
minimum: 0
type: integer
reason:
description: reason contains a programmatic identifier indicating
the reason for the condition's last transition. Producers
of specific condition types may define expected values and
meanings for this field, and whether the values are considered
a guaranteed API. The value should be a CamelCase string.
This field may not be empty.
maxLength: 1024
minLength: 1
pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
type: string
status:
description: status of the condition, one of True, False, Unknown.
enum:
- "True"
- "False"
- Unknown
type: string
type:
description: type of condition in CamelCase or in foo.example.com/CamelCase.
--- Many .condition.type values are consistent across resources
like Available, but because arbitrary conditions can be useful
(see .node.status.conditions), the ability to deconflict is
important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
maxLength: 316
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
type: string
required:
- lastTransitionTime
- message
- reason
- status
- type
type: object
type: array
manifestStatuses:
description: ManifestStatuses contains running status of manifests
in spec.
items:
description: ManifestStatus contains running status of a specific
manifest in spec.
properties:
identifier:
description: Identifier represents the identity of a resource
linking to manifests in spec.
properties:
group:
description: Group is the group of the resource.
type: string
kind:
description: Kind is the kind of the resource.
type: string
name:
description: Name is the name of the resource
type: string
namespace:
description: Namespace is the namespace of the resource,
the resource is cluster scoped if the value is empty
type: string
ordinal:
description: Ordinal represents an index in manifests list,
so the condition can still be linked to a manifest even
though manifest cannot be parsed successfully.
type: integer
resource:
description: Resource is the resource type of the resource
type: string
version:
description: Version is the version of the resource.
type: string
required:
- kind
- name
- ordinal
- resource
- version
type: object
status:
description: Status reflects running status of current manifest.
type: object
x-kubernetes-preserve-unknown-fields: true
required:
- identifier
type: object
type: array
type: object
required:
- spec
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []

151
charts/templates/_helpers.tpl Normal file
View File

@ -0,0 +1,151 @@
{{/* vim: set filetype=mustache: */}}
{{- define "karmada.name" -}}
{{- default .Release.Name -}}
{{- end -}}
{{- define "karmada.namespace" -}}
{{- default .Release.Namespace -}}
{{- end -}}
{{- define "karmada.apiserver.labels" -}}
{{- if .Values.apiServer.labels }}
{{- range $key, $value := .Values.apiServer.labels}}
{{ $key }}: {{ $value }}
{{- end}}
{{- else}}
app: {{- include "karmada.name" .}}-apiserver
{{- end }}
{{- end -}}
{{- define "karmada.apiserver.podLabels" -}}
{{- if .Values.apiServer.podLabels }}
{{- range $key, $value := .Values.apiServer.podLabels}}
{{ $key }}: {{ $value }}
{{- end}}
{{- end }}
{{- end -}}
{{- define "karmada.kube-cm.labels" -}}
{{- if .Values.kubeControllerManager.labels }}
{{- range $key, $value := .Values.kubeControllerManager.labels}}
{{ $key }}: {{ $value }}
{{- end}}
{{- else}}
app: {{- include "karmada.name" .}}-kube-controller-manager
{{- end }}
{{- end -}}
{{- define "karmada.kube-cm.podLabels" -}}
{{- if .Values.kubeControllerManager.podLabels }}
{{- range $key, $value := .Values.kubeControllerManager.podLabels}}
{{ $key }}: {{ $value }}
{{- end}}
{{- end }}
{{- end -}}
{{- define "karmada.kubeconfig.volume" -}}
{{- $name := include "karmada.name" . -}}
- name: kubeconfig-secret
secret:
secretName: {{ $name }}-kubeconfig
{{- end -}}
{{- define "karmada.kubeconfig.volumeMount" -}}
{{- $name := include "karmada.name" . -}}
- name: kubeconfig-secret
subPath: kubeconfig
mountPath: /etc/kubeconfig
{{- end -}}
{{- define "karmada.cm.labels" -}}
{{ $name := include "karmada.name" . }}
{{- if .Values.controllerManager.labels -}}
{{- range $key, $value := .Values.controllerManager.labels}}
{{ $key }}: {{ $value }}
{{- end -}}
{{- else -}}
app: {{$name}}-controller-manager
{{- end -}}
{{- end -}}
{{- define "karmada.cm.podLabels" -}}
{{ $name := include "karmada.name" .}}
{{- if .Values.controllerManager.podLabels }}
{{- range $key, $value := .Values.controllerManager.podLabels}}
{{ $key }}: {{ $value }}
{{- end}}
{{- end }}
{{- end -}}
{{- define "karmada.scheduler.labels" -}}
{{ $name := include "karmada.name" . }}
{{- if .Values.scheduler.labels -}}
{{- range $key, $value := .Values.scheduler.labels}}
{{ $key }}: {{ $value }}
{{- end -}}
{{- else -}}
app: {{$name}}-scheduler
{{- end -}}
{{- end -}}
{{- define "karmada.scheduler.podLabels" -}}
{{ $name := include "karmada.name" .}}
{{- if .Values.scheduler.podLabels }}
{{- range $key, $value := .Values.scheduler.podLabels}}
{{ $key }}: {{ $value }}
{{- end}}
{{- end }}
{{- end -}}
{{- define "karmada.webhook.labels" -}}
{{ $name := include "karmada.name" .}}
{{- if .Values.webhook.labels }}
{{- range $key, $value := .Values.webhook.labels}}
{{ $key }}: {{ $value }}
{{- end}}
{{- else}}
app: {{$name}}-webhook
{{- end }}
{{- end -}}
{{- define "karmada.webhook.podLabels" -}}
{{ $name := include "karmada.name" .}}
{{- if .Values.webhook.podLabels }}
{{- range $key, $value := .Values.webhook.podLabels}}
{{ $key }}: {{ $value }}
{{- end}}
{{- end }}
{{- end -}}
{{- define "karmada.agent.labels" -}}
{{ $name := include "karmada.name" .}}
{{- if .Values.agent.labels }}
{{- range $key, $value := .Values.agent.labels}}
{{ $key }}: {{ $value }}
{{- end}}
{{- else}}
app: {{$name}}
{{- end }}
{{- end -}}
{{- define "karmada.agent.podLabels" -}}
{{ $name := include "karmada.name" .}}
{{- if .Values.agent.podLabels }}
{{- range $key, $value := .Values.agent.podLabels }}
{{ $key }}: {{ $value }}
{{- end}}
{{- end }}
{{- end -}}
{{- define "karmada.webhook.caBundle" -}}
{{- if eq .Values.certs.mode "auto" }}
caBundle: {{ print "{{ ca_crt }}" }}
{{- end }}
{{- if eq .Values.certs.mode "custom" }}
caBundle: {{ b64enc .Values.certs.custom.caCrt }}
{{- end }}
{{- end -}}

12
charts/templates/_karmada_system_namespace.tpl Normal file
View File

@ -0,0 +1,12 @@
{{- define "karmada.systemNamespace" -}}
---
apiVersion: v1
kind: Namespace
metadata:
name: karmada-system
---
apiVersion: v1
kind: Namespace
metadata:
name: karmada-cluster
{{- end -}}

118
charts/templates/_karmada_webhook_configuration.tpl Normal file
View File

@ -0,0 +1,118 @@
{{- define "karmada.webhook.configuration" -}}
{{ $name := include "karmada.name" .}}
{{ $namespace := include "karmada.namespace" .}}
---
apiVersion: admissionregistration.k8s.io/v1
kind: MutatingWebhookConfiguration
metadata:
name: mutating-config
labels:
app: mutating-config
webhooks:
- name: propagationpolicy.karmada.io
rules:
- operations: ["CREATE", "UPDATE"]
apiGroups: ["policy.karmada.io"]
apiVersions: ["*"]
resources: ["propagationpolicies"]
scope: "Namespaced"
clientConfig:
url: https://{{ $name }}-webhook.{{ $namespace }}.svc:443/mutate-propagationpolicy
{{- include "karmada.webhook.caBundle" . | nindent 6 }}
failurePolicy: Fail
sideEffects: None
admissionReviewVersions: ["v1"]
timeoutSeconds: 3
- name: clusterpropagationpolicy.karmada.io
rules:
- operations: ["CREATE", "UPDATE"]
apiGroups: ["policy.karmada.io"]
apiVersions: ["*"]
resources: ["clusterpropagationpolicies"]
scope: "Cluster"
clientConfig:
url: https://{{ $name }}-webhook.{{ $namespace }}.svc:443/mutate-clusterpropagationpolicy
{{- include "karmada.webhook.caBundle" . | nindent 6 }}
failurePolicy: Fail
sideEffects: None
admissionReviewVersions: ["v1"]
timeoutSeconds: 3
- name: overridepolicy.karmada.io
rules:
- operations: ["CREATE", "UPDATE"]
apiGroups: ["policy.karmada.io"]
apiVersions: ["*"]
resources: ["overridepolicies"]
scope: "Namespaced"
clientConfig:
url: https://{{ $name }}-webhook.{{ $namespace }}.svc:443/mutate-overridepolicy
{{- include "karmada.webhook.caBundle" . | nindent 6 }}
failurePolicy: Fail
sideEffects: None
admissionReviewVersions: ["v1"]
timeoutSeconds: 3
- name: work.karmada.io
rules:
- operations: ["CREATE", "UPDATE"]
apiGroups: ["work.karmada.io"]
apiVersions: ["*"]
resources: ["works"]
scope: "Namespaced"
clientConfig:
url: https://{{ $name }}-webhook.{{ $namespace }}.svc:443/mutate-work
{{- include "karmada.webhook.caBundle" . | nindent 6 }}
failurePolicy: Fail
sideEffects: None
admissionReviewVersions: ["v1"]
timeoutSeconds: 3
---
apiVersion: admissionregistration.k8s.io/v1
kind: ValidatingWebhookConfiguration
metadata:
name: validating-config
labels:
app: validating-config
webhooks:
- name: cluster.karmada.io
rules:
- operations: ["CREATE", "UPDATE"]
apiGroups: ["cluster.karmada.io"]
apiVersions: ["*"]
resources: ["clusters"]
scope: "Cluster"
clientConfig:
url: https://{{ $name }}-webhook.{{ $namespace }}.svc:443/validate-cluster
{{- include "karmada.webhook.caBundle" . | nindent 6 }}
failurePolicy: Fail
sideEffects: None
admissionReviewVersions: ["v1"]
timeoutSeconds: 3
- name: propagationpolicy.karmada.io
rules:
- operations: ["CREATE", "UPDATE"]
apiGroups: ["policy.karmada.io"]
apiVersions: ["*"]
resources: ["propagationpolicies"]
scope: "Namespaced"
clientConfig:
url: https://{{ $name }}-webhook.{{ $namespace }}.svc:443/validate-propagationpolicy
{{- include "karmada.webhook.caBundle" . | nindent 6 }}
failurePolicy: Fail
sideEffects: None
admissionReviewVersions: ["v1"]
timeoutSeconds: 3
- name: clusterpropagationpolicy.karmada.io
rules:
- operations: ["CREATE", "UPDATE"]
apiGroups: ["policy.karmada.io"]
apiVersions: ["*"]
resources: ["clusterpropagationpolicies"]
scope: "Cluster"
clientConfig:
url: https://{{ $name }}-webhook.{{ $namespace }}.svc:443/validate-clusterpropagationpolicy
{{- include "karmada.webhook.caBundle" . | nindent 6 }}
failurePolicy: Fail
sideEffects: None
admissionReviewVersions: ["v1"]
timeoutSeconds: 3
{{- end -}}

127
charts/templates/etcd.yaml Normal file
View File

@ -0,0 +1,127 @@
{{- if and (eq .Values.etcd.mode "internal") (eq .Values.installMode "host")}}
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: etcd
namespace: {{ include "karmada.namespace" . }}
labels:
app: etcd
spec:
replicas: {{ .Values.etcd.internal.replicaCount }}
serviceName: etcd
selector:
matchLabels:
app: etcd
updateStrategy:
type: RollingUpdate
template:
metadata:
labels:
app: etcd
spec:
affinity:
podAntiAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
- labelSelector:
matchExpressions:
- key: app
operator: In
values:
- etcd
topologyKey: kubernetes.io/hostname
tolerations:
- operator: Exists
containers:
- name: etcd
image: "{{ .Values.etcd.internal.image.repository }}:{{ .Values.etcd.internal.image.tag | default "latest" }}"
imagePullPolicy: {{ .Values.etcd.internal.image.pullPolicy }}
livenessProbe:
exec:
command:
- /bin/sh
- -ec
- 'etcdctl get /registry --prefix --keys-only --endpoints https://127.0.0.1:2379 --cacert /etc/kubernetes/pki/etcd/server-ca.crt --cert /etc/kubernetes/pki/etcd/karmada.crt --key /etc/kubernetes/pki/etcd/karmada.key'
failureThreshold: 3
initialDelaySeconds: 600
periodSeconds: 60
successThreshold: 1
timeoutSeconds: 10
ports:
- containerPort: 2369
name: client
protocol: TCP
- containerPort: 2370
name: server
protocol: TCP
volumeMounts:
- mountPath: /var/lib/etcd
name: etcd-data
- name: etcd-cert
mountPath: /etc/kubernetes/pki/etcd
readOnly: true
command:
- /usr/local/bin/etcd
- --name
- etcd0
- --listen-peer-urls
- http://0.0.0.0:2380
- --listen-client-urls
- https://0.0.0.0:2379
- --advertise-client-urls
- https://etcd-client.{{ include "karmada.namespace" . }}.svc.{{ .Values.clusterDomain }}:2379
- --initial-cluster
- etcd0=http://etcd-0.etcd.{{ include "karmada.namespace" . }}.svc.{{ .Values.clusterDomain }}:2380
- --initial-cluster-state
- new
- --cert-file=/etc/kubernetes/pki/etcd/karmada.crt
- --client-cert-auth=true
- --key-file=/etc/kubernetes/pki/etcd/karmada.key
- --trusted-ca-file=/etc/kubernetes/pki/etcd/server-ca.crt
- --data-dir=/var/lib/etcd
volumes:
- name: etcd-cert
secret:
secretName: {{ include "karmada.name" . }}-cert
- hostPath:
path: /var/lib/karmada-etcd
type: DirectoryOrCreate
name: etcd-data
---
apiVersion: v1
kind: Service
metadata:
labels:
app: etcd
name: etcd-client
namespace: {{ include "karmada.namespace" . }}
spec:
ports:
- name: etcd-client-port
port: 2379
protocol: TCP
targetPort: 2379
selector:
app: etcd
---
apiVersion: v1
kind: Service
metadata:
labels:
app: etcd
name: etcd
namespace: {{ include "karmada.namespace" . }}
spec:
ports:
- name: client
port: 2379
protocol: TCP
targetPort: 2379
- name: server
port: 2380
protocol: TCP
targetPort: 2380
clusterIP: None
selector:
app: etcd
{{- end }}

117
charts/templates/karmada_agent.yaml Normal file
View File

@ -0,0 +1,117 @@
{{- if eq .Values.installMode "agent" }}
{{- $name := include "karmada.name" . -}}
apiVersion: v1
kind: ServiceAccount
metadata:
name: {{ $name }}
namespace: {{ include "karmada.namespace" . }}
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: {{ $name }}
rules:
- apiGroups: ['*']
resources: ['*']
verbs: ["get", "watch", "list", "create", "update", "delete"]
- nonResourceURLs: ['*']
verbs: ["get"]
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: {{ $name }}
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: {{ $name }}
subjects:
- kind: ServiceAccount
name: {{ $name }}
namespace: {{ include "karmada.namespace" . }}
---
apiVersion: v1
kind: Secret
metadata:
name: {{ $name }}-kubeconfig
namespace: {{ include "karmada.namespace" . }}
stringData:
kubeconfig: |-
apiVersion: v1
kind: Config
clusters:
- cluster:
certificate-authority-data: {{ b64enc .Values.agent.kubeconfig.caCrt }}
insecure-skip-tls-verify: false
server: {{ .Values.agent.kubeconfig.server }}
name: {{ $name }}-apiserver
users:
- user:
client-certificate-data: {{ b64enc .Values.agent.kubeconfig.crt }}
client-key-data: {{ b64enc .Values.agent.kubeconfig.key }}
name: {{ $name }}-apiserver
contexts:
- context:
cluster: {{ $name }}-apiserver
user: {{ $name }}-apiserver
name: {{ $name }}-apiserver
current-context: {{ $name }}-apiserver
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ $name }}
namespace: {{ include "karmada.namespace" . }}
labels:
{{- include "karmada.agent.labels" . | indent 4}}
spec:
replicas: {{ .Values.agent.replicaCount }}
selector:
matchLabels:
{{- include "karmada.agent.labels" . | indent 6}}
template:
metadata:
{{- with .Values.agent.podAnnotations}}
annotations:
{{- toYaml . | nindent 8 }}
{{- end }}
labels:
{{- include "karmada.agent.labels" . | indent 8}}
{{- include "karmada.agent.podLabels" . | indent 8}}
spec:
{{- with .Values.agent.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.agent.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.agent.affinity }}
affinity:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.agent.tolerations}}
tolerations:
{{- toYaml . | nindent 8 }}
{{- end }}
serviceAccountName: {{ $name }}
containers:
- name: {{ $name }}
image: {{ .Values.agent.image.repository}}:{{ .Values.agent.image.tag | default "latest" }}
imagePullPolicy: {{ .Values.agent.image.pullPolicy }}
command:
- /bin/karmada-agent
- --karmada-kubeconfig=/etc/kubeconfig/kubeconfig
- --cluster-name={{ .Values.agent.clusterName }}
- --cluster-status-update-frequency=10s
- --v=4
volumeMounts:
- name: kubeconfig
mountPath: /etc/kubeconfig
volumes:
- name: kubeconfig
secret:
secretName: {{ $name }}-kubeconfig
{{- end }}

155
charts/templates/karmada_apiserver.yaml Normal file
View File

@ -0,0 +1,155 @@
{{- if eq .Values.installMode "host" }}
{{- $name := include "karmada.name" . -}}
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ $name }}-apiserver
namespace: {{ include "karmada.namespace" . }}
labels:
{{- include "karmada.apiserver.labels" . | nindent 4}}
spec:
replicas: {{ .Values.apiServer.replicaCount }}
selector:
matchLabels:
{{- include "karmada.apiserver.labels" . | nindent 6}}
template:
metadata:
{{- with .Values.apiServer.podAnnotations }}
annotations:
{{- toYaml . | nindent 8 }}
{{- end }}
labels:
{{- include "karmada.apiserver.labels" . | nindent 8}}
{{- include "karmada.apiserver.podLabels" . | nindent 8}}
spec:
{{- with .Values.apiServer.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 8 }}
{{- end }}
containers:
- name: {{ $name }}-apiserver
image: "{{ .Values.apiServer.image.repository }}:{{ .Values.apiServer.image.tag | default "latest" }}"
imagePullPolicy: {{ .Values.apiServer.image.pullPolicy }}
command:
- kube-apiserver
- --allow-privileged=true
- --authorization-mode=Node,RBAC
- --client-ca-file=/etc/kubernetes/pki/server-ca.crt
- --enable-admission-plugins=NodeRestriction
- --enable-bootstrap-token-auth=true
{{- if eq .Values.etcd.mode "external" }}
- --etcd-cafile=/etc/etcd/pki/ca.crt
- --etcd-certfile=/etc/etcd/pki/tls.crt
- --etcd-keyfile=/etc/etcd/pki/tls.key
- --etcd-servers={{ .Values.etcd.external.servers }}
- --etcd-prefix={{ .Values.etcd.external.registryPrefix }}
{{- end }}
{{- if eq .Values.etcd.mode "internal" }}
- --etcd-cafile=/etc/etcd/pki/server-ca.crt
- --etcd-certfile=/etc/etcd/pki/karmada.crt
- --etcd-keyfile=/etc/etcd/pki/karmada.key
- --etcd-servers=https://etcd-client.{{ include "karmada.namespace" . }}.svc.{{ .Values.clusterDomain }}:2379
{{- end }}
- --bind-address=0.0.0.0
- --insecure-port=8080
- --kubelet-client-certificate=/etc/kubernetes/pki/karmada.crt
- --kubelet-client-key=/etc/kubernetes/pki/karmada.key
- --kubelet-preferred-address-types=InternalIP,ExternalIP,Hostname
- --runtime-config=
- --secure-port=5443
- --service-cluster-ip-range=10.96.0.0/12
- --proxy-client-cert-file=/etc/kubernetes/pki/karmada.crt
- --proxy-client-key-file=/etc/kubernetes/pki/karmada.key
- --requestheader-allowed-names=front-proxy-client
- --requestheader-client-ca-file=/etc/kubernetes/pki/server-ca.crt
- --requestheader-extra-headers-prefix=X-Remote-Extra-
- --requestheader-group-headers=X-Remote-Group
- --requestheader-username-headers=X-Remote-User
- --tls-cert-file=/etc/kubernetes/pki/karmada.crt
- --tls-private-key-file=/etc/kubernetes/pki/karmada.key
ports:
- name: http
containerPort: 5443
protocol: TCP
livenessProbe:
failureThreshold: 8
httpGet:
path: /livez
port: 5443
scheme: HTTPS
initialDelaySeconds: 10
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 15
readinessProbe:
failureThreshold: 3
httpGet:
path: /readyz
port: 5443
scheme: HTTPS
periodSeconds: 1
successThreshold: 1
timeoutSeconds: 15
resources:
{{- toYaml .Values.apiServer.resources | nindent 12 }}
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
volumeMounts:
- name: apiserver-cert
mountPath: /etc/kubernetes/pki
readOnly: true
- name: etcd-cert
mountPath: /etc/etcd/pki
readOnly: true
dnsPolicy: ClusterFirstWithHostNet
enableServiceLinks: true
hostNetwork: true
preemptionPolicy: PreemptLowerPriority
priority: 2000001000
priorityClassName: system-node-critical
restartPolicy: Always
schedulerName: default-scheduler
terminationGracePeriodSeconds: 30
{{- with .Values.apiServer.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.apiServer.affinity }}
affinity:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.apiServer.tolerations }}
tolerations:
{{- toYaml . | nindent 8 }}
{{- end }}
volumes:
- name: apiserver-cert
secret:
secretName: {{ $name }}-cert
- name: etcd-cert
secret:
{{- if eq .Values.etcd.mode "internal" }}
secretName: {{ $name }}-cert
{{- end }}
{{- if eq .Values.etcd.mode "external" }}
secretName: external-etcd-cert
{{- end }}
---
apiVersion: v1
kind: Service
metadata:
name: {{ $name }}-apiserver
namespace: {{ include "karmada.namespace" . }}
labels:
{{- include "karmada.apiserver.labels" . | nindent 4}}
spec:
type: ClusterIP
ports:
- name: {{ $name }}-apiserver
port: 5443
protocol: TCP
targetPort: 5443
selector:
{{- include "karmada.apiserver.labels" . | nindent 4}}
{{- end}}

45
charts/templates/karmada_cert.yaml Normal file
View File

@ -0,0 +1,45 @@
{{- if and (eq .Values.installMode "host") (eq .Values.certs.mode "custom") }}
apiVersion: v1
kind: Secret
metadata:
name: {{ include "karmada.name" . }}-cert
namespace: {{ include "karmada.namespace" . }}
type: Opaque
data:
server-ca.crt: |
{{ b64enc .Values.certs.custom.caCrt }}
karmada.crt: |
{{ b64enc .Values.certs.custom.crt }}
karmada.key: |
{{ b64enc .Values.certs.custom.key }}
---
apiVersion: v1
kind: Secret
metadata:
name: {{ include "karmada.name" . }}-webhook-cert
namespace: {{ include "karmada.namespace" . }}
type: kubernetes.io/tls
data:
tls.crt: |
{{ b64enc .Values.certs.custom.crt }}
tls.key: |
{{ b64enc .Values.certs.custom.key }}
---
{{- end }}
{{- if and (eq .Values.installMode "host") (eq .Values.etcd.mode "external")}}
apiVersion: v1
kind: Secret
metadata:
name: external-etcd-cert
namespace: {{ include "karmada.namespace" . }}
type: Opaque
data:
ca.crt: |
{{ b64enc .Values.etcd.external.certs.caCrt }}
tls.crt: |
{{ b64enc .Values.etcd.external.certs.crt }}
tls.key: |
{{ b64enc .Values.etcd.external.certs.key }}
---
{{- end }}

90
charts/templates/karmada_controller_manager.yaml Normal file
View File

@ -0,0 +1,90 @@
{{- if eq .Values.installMode "host" }}
{{- $name := include "karmada.name" . -}}
apiVersion: v1
kind: ServiceAccount
metadata:
name: {{ $name }}-controller-manager
namespace: {{ include "karmada.namespace" . }}
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ $name }}-controller-manager
namespace: {{ include "karmada.namespace" . }}
labels:
{{- include "karmada.cm.labels" . | nindent 4}}
spec:
replicas: {{ .Values.controllerManager.replicaCount }}
selector:
matchLabels:
{{- include "karmada.cm.labels" . | nindent 6}}
template:
metadata:
{{- with .Values.controllerManager.podAnnotations }}
annotations:
{{- toYaml . | nindent 8 }}
{{- end }}
labels:
{{- include "karmada.cm.labels" . | nindent 8}}
{{- include "karmada.cm.podLabels" . | nindent 8}}
spec:
{{- with .Values.controllerManager.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 8 }}
{{- end }}
serviceAccountName: {{ $name }}-controller-manager
{{- with .Values.controllerManager.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.controllerManager.affinity }}
affinity:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.controllerManager.tolerations}}
tolerations:
{{- toYaml . | nindent 8 }}
{{- end }}
volumes:
{{- include "karmada.kubeconfig.volume" . | nindent 8}}
containers:
- name: {{ $name }}-controller-manager
image: "{{ .Values.controllerManager.image.repository }}:{{ .Values.controllerManager.image.tag | default "latest" }}"
imagePullPolicy: {{ .Values.controllerManager.image.pullPolicy }}
command:
- /bin/karmada-controller-manager
- --kubeconfig=/etc/kubeconfig
- --bind-address=0.0.0.0
- --cluster-status-update-frequency=10s
- --secure-port=10357
- --v=2
volumeMounts:
{{- include "karmada.kubeconfig.volumeMount" . | nindent 12}}
resources:
{{- toYaml .Values.controllerManager.resources | nindent 12 }}
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: {{ $name }}-controller-manager
rules:
- apiGroups: ['*']
resources: ['*']
verbs: ["get", "watch", "list", "create", "patch", "update", "delete"]
- nonResourceURLs: ['*']
verbs: ["get"]
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: {{ $name }}-controller-manager
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: {{ $name }}-controller-manager
subjects:
- kind: ServiceAccount
name: {{ $name }}-controller-manager
namespace: {{ include "karmada.namespace" . }}
---
{{- end }}

29
charts/templates/karmada_kubeconfig.yaml Normal file
View File

@ -0,0 +1,29 @@
{{- if and (eq .Values.installMode "host") (eq .Values.certs.mode "custom") }}
{{- $name := include "karmada.name" . -}}
apiVersion: v1
kind: Secret
metadata:
name: {{ $name }}-kubeconfig
namespace: {{ include "karmada.namespace" . }}
stringData:
kubeconfig: |-
apiVersion: v1
kind: Config
clusters:
- cluster:
certificate-authority-data: {{ b64enc .Values.certs.custom.caCrt }}
insecure-skip-tls-verify: false
server: https://{{ $name }}-apiserver.{{ include "karmada.namespace" . }}.svc.{{ .Values.clusterDomain }}:5443
name: {{ $name }}-apiserver
users:
- user:
client-certificate-data: {{ b64enc .Values.certs.custom.crt }}
client-key-data: {{ b64enc .Values.certs.custom.key }}
name: {{ $name }}-apiserver
contexts:
- context:
cluster: {{ $name }}-apiserver
user: {{ $name }}-apiserver
name: {{ $name }}-apiserver
current-context: {{ $name }}-apiserver
{{- end }}

67
charts/templates/karmada_scheduler.yaml Normal file
View File

@ -0,0 +1,67 @@
{{- $name := include "karmada.name" . -}}
{{- if eq .Values.installMode "host" }}
apiVersion: v1
kind: ServiceAccount
metadata:
name: {{ $name}}-scheduler
namespace: {{ include "karmada.namespace" . }}
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ $name }}-scheduler
namespace: {{ include "karmada.namespace" . }}
labels:
{{- include "karmada.scheduler.labels" . | nindent 4}}
spec:
replicas: {{ .Values.scheduler.replicaCount }}
selector:
matchLabels:
{{- include "karmada.scheduler.labels" . | nindent 6}}
template:
metadata:
{{- with .Values.scheduler.podAnnotations}}
annotations:
{{- toYaml . | nindent 8 }}
{{- end }}
labels:
{{- include "karmada.scheduler.labels" . | nindent 8}}
{{- include "karmada.scheduler.podLabels" . | nindent 8}}
spec:
{{- with .Values.scheduler.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.scheduler.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.scheduler.affinity }}
affinity:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.scheduler.tolerations}}
tolerations:
{{- toYaml . | nindent 8 }}
{{- end }}
serviceAccountName: {{ $name}}-scheduler
containers:
- name: {{ $name }}-scheduler
image: {{ .Values.scheduler.image.repository}}:{{ .Values.scheduler.image.tag | default "latest" }}
imagePullPolicy: {{ .Values.scheduler.image.pullPolicy }}
command:
- /bin/karmada-scheduler
- --kubeconfig=/etc/kubeconfig
- --bind-address=0.0.0.0
- --secure-port=10351
- --failover=true
volumeMounts:
{{- include "karmada.kubeconfig.volumeMount" . | nindent 12 }}
resources:
{{- toYaml .Values.scheduler.resources | nindent 12 }}
volumes:
{{- include "karmada.kubeconfig.volume" . | nindent 8}}
---
{{- end }}

91
charts/templates/karmada_webhook.yaml Normal file
View File

@ -0,0 +1,91 @@
{{- $name := include "karmada.name" . -}}
{{- if eq .Values.installMode "host" }}
apiVersion: v1
kind: ServiceAccount
metadata:
name: {{ $name }}-webhook
namespace: {{ include "karmada.namespace" . }}
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ $name }}-webhook
namespace: {{ include "karmada.namespace" . }}
labels:
{{- include "karmada.webhook.labels" . | nindent 4}}
spec:
replicas: {{ .Values.webhook.replicaCount }}
selector:
matchLabels:
{{- include "karmada.webhook.labels" . | nindent 6}}
template:
metadata:
{{- with .Values.webhook.podAnnotations}}
annotations:
{{- toYaml . | nindent 8 }}
{{- end }}
labels:
{{- include "karmada.webhook.labels" . | nindent 8}}
{{- include "karmada.webhook.podLabels" . | nindent 8}}
spec:
{{- with .Values.webhook.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 8 }}
{{- end }}
serviceAccountName: {{ $name }}-webhook
{{- with .Values.webhook.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.webhook.affinity }}
affinity:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.webhook.tolerations}}
tolerations:
{{- toYaml . | nindent 8 }}
{{- end }}
containers:
- name: {{ $name }}-webhook
image: {{ .Values.webhook.image.repository}}:{{ .Values.webhook.image.tag | default "latest" }}
imagePullPolicy: {{ .Values.webhook.image.pullPolicy }}
command:
- /bin/karmada-webhook
- --kubeconfig=/etc/kubeconfig
- --bind-address=0.0.0.0
- --secure-port=8443
- --cert-dir=/var/serving-cert
ports:
- containerPort: 8443
volumeMounts:
{{- include "karmada.kubeconfig.volumeMount" . | nindent 12 }}
- name: {{ $name }}-webhook-cert-secret
mountPath: /var/serving-cert
readOnly: true
readinessProbe:
httpGet:
path: /readyz
port: 8443
scheme: HTTPS
volumes:
{{- include "karmada.kubeconfig.volume" . | nindent 8}}
- name: {{ $name }}-webhook-cert-secret
secret:
secretName: {{ $name }}-webhook-cert
---
apiVersion: v1
kind: Service
metadata:
name: {{ $name }}-webhook
namespace: {{ include "karmada.namespace" . }}
spec:
selector:
{{- include "karmada.webhook.podLabels" . | nindent 8}}
app: {{ $name }}-webhook
ports:
- port: 443
targetPort: 8443
{{- end }}

92
charts/templates/kube_controller_manager.yaml Normal file
View File

@ -0,0 +1,92 @@
{{- $name := include "karmada.name" . -}}
{{- if eq .Values.installMode "host" }}
apiVersion: v1
kind: ServiceAccount
metadata:
name: {{ $name }}-kube-controller-manager
namespace: {{ include "karmada.namespace" . }}
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ $name }}-kube-controller-manager
namespace: {{ include "karmada.namespace" . }}
labels:
{{- include "karmada.kube-cm.labels" . | nindent 4}}
spec:
replicas: {{ .Values.kubeControllerManager.replicaCount }}
selector:
matchLabels:
{{- include "karmada.kube-cm.labels" . | nindent 6}}
strategy:
rollingUpdate:
maxSurge: 1
maxUnavailable: 1
type: RollingUpdate
template:
metadata:
{{- with .Values.kubeControllerManager.podAnnotations }}
annotations:
{{- toYaml . | nindent 8 }}
{{- end }}
labels:
{{- include "karmada.kube-cm.labels" . | nindent 8}}
{{- include "karmada.kube-cm.podLabels" . | nindent 8}}
spec:
{{- with .Values.kubeControllerManager.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 8 }}
{{- end }}
serviceAccountName: {{ $name }}-kube-controller-manager
{{- with .Values.kubeControllerManager.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.kubeControllerManager.affinity }}
affinity:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.kubeControllerManager.tolerations}}
tolerations:
{{- toYaml . | nindent 8 }}
{{- end }}
containers:
- command:
- kube-controller-manager
- --allocate-node-cidrs=true
- --authentication-kubeconfig=/etc/kubeconfig
- --authorization-kubeconfig=/etc/kubeconfig
- --bind-address=0.0.0.0
- --client-ca-file=/etc/karmada/pki/server-ca.crt
- --cluster-cidr=10.244.0.0/16
- --cluster-name=karmada
- --cluster-signing-cert-file=/etc/karmada/pki/karmada.crt
- --cluster-signing-key-file=/etc/karmada/pki/karmada.key
- --controllers=namespace,garbagecollector,serviceaccount-token
- --kubeconfig=/etc/kubeconfig
- --leader-elect=true
- --node-cidr-mask-size=24
- --port=0
- --root-ca-file=/etc/karmada/pki/server-ca.crt
- --service-account-private-key-file=/etc/karmada/pki/karmada.key
- --service-cluster-ip-range=10.96.0.0/12
- --use-service-account-credentials=true
- --v=5
image: {{ .Values.kubeControllerManager.image.repository}}:{{ .Values.kubeControllerManager.image.tag | default "latest" }}
imagePullPolicy: {{ .Values.kubeControllerManager.image.pullPolicy }}
name: kube-controller-manager
resources:
{{- toYaml .Values.kubeControllerManager.resources | nindent 12 }}
volumeMounts:
- mountPath: /etc/karmada/pki
name: apisever-cert
readOnly: true
{{- include "karmada.kubeconfig.volumeMount" . | nindent 12}}
priorityClassName: system-node-critical
volumes:
- name: apisever-cert
secret:
secretName: {{ $name }}-cert
{{- include "karmada.kubeconfig.volume" . | nindent 8}}
{{- end }}

68
charts/templates/post-install-job.yaml Normal file
View File

@ -0,0 +1,68 @@
{{- $name := include "karmada.name" . -}}
{{- if eq .Values.installMode "host" }}
{{- if eq .Values.certs.mode "custom" }}
apiVersion: v1
kind: ConfigMap
metadata:
name: {{ $name }}-crds
namespace: {{ include "karmada.namespace" . }}
data:
{{- print "webhook-configuration.yaml: " | nindent 2 }} |-
{{- include "karmada.webhook.configuration" . | nindent 4 }}
{{- print "system-namespace.yaml: " | nindent 2 }} |-
{{- include "karmada.systemNamespace" . | nindent 4 }}
{{ range $path, $bytes := .Files.Glob (printf "_crds/**")}}
{{ $name := base $path }}
{{- (printf "%s: " $name) | nindent 2 }} |-
{{- $.Files.Get $path | nindent 4 }}
{{ end }}
---
{{- end }}
apiVersion: batch/v1
kind: Job
metadata:
name: "{{ $name }}-install-crds"
labels:
app.kubernetes.io/managed-by: {{ .Release.Service | quote }}
app.kubernetes.io/instance: {{ $name | quote }}
app.kubernetes.io/version: {{ .Chart.AppVersion }}
helm.sh/chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
annotations:
# This is what defines this resource as a hook. Without this line, the
# job is considered part of the release.
"helm.sh/hook": post-install
"helm.sh/hook-weight": "0"
"helm.sh/hook-delete-policy": hook-succeeded
spec:
parallelism: 1
completions: 1
template:
metadata:
name: {{ $name }}
labels:
app.kubernetes.io/managed-by: {{ .Release.Service | quote }}
app.kubernetes.io/instance: {{ $name | quote }}
helm.sh/chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
spec:
restartPolicy: Never
containers:
- name: post-install-job
image: bitnami/kubectl:latest
command:
- "kubectl"
- "apply"
- "-f"
- "/crds"
- "--kubeconfig"
- "/etc/kubeconfig"
volumeMounts:
- name: {{ $name }}-crds
mountPath: /crds
{{ include "karmada.kubeconfig.volumeMount" . | nindent 10 }}
volumes:
- name: {{ $name }}-crds
configMap:
name: {{ $name }}-crds
{{ include "karmada.kubeconfig.volume" . | nindent 8 }}
{{- end }}

207
charts/templates/pre-install-job.yaml Normal file
View File

@ -0,0 +1,207 @@
{{- if and (eq .Values.installMode "host") (eq .Values.certs.mode "auto") }}
{{- $name := include "karmada.name" . -}}
{{- $namespace := include "karmada.namespace" . -}}
apiVersion: v1
kind: ConfigMap
metadata:
name: {{ $name }}-config
namespace: {{ $namespace }}
annotations:
"helm.sh/hook": pre-install
"helm.sh/hook-weight": "2"
data:
install.sh: |-
#!/bin/bash
set -ex
function join() {
local IFS=$1
shift
echo "$*"
}
kubectl apply -f $(join ',' /opt/configs/*.yaml)
generator.sh: |-
#!/bin/bash
set -ex
mkdir -p /opt/configs
mkdir -p /opt/certs
cp -r -L /opt/mount/* /opt/configs/
openssl req -x509 -sha256 -new -nodes -days 365 -newkey rsa:2048 -keyout "/opt/certs/server-ca.key" -out "/opt/certs/server-ca.crt" -subj "/C=xx/ST=x/L=x/O=x/OU=x/CN=ca/emailAddress=x/"
echo '{"signing":{"default":{"expiry":{{ printf `"%s"` .Values.certs.auto.expiry }},"usages":["signing","key encipherment","client auth","server auth"]}}}' > "/opt/certs/server-ca-config.json"
echo '{"CN":"system:admin","hosts":{{ toJson .Values.certs.auto.hosts }},"names":[{"O":"system:masters"}],"key":{"algo":"rsa","size":2048}}' | cfssl gencert -ca=/opt/certs/server-ca.crt -ca-key=/opt/certs/server-ca.key -config=/opt/certs/server-ca-config.json - | cfssljson -bare /opt/certs/karmada
karmada_ca=$(base64 /opt/certs/server-ca.crt | tr -d '\r\n')
karmada_crt=$(base64 /opt/certs/karmada.pem | tr -d '\r\n')
karmada_key=$(base64 /opt/certs/karmada-key.pem | tr -d '\r\n')
sed -i'' -e "s/{{ print "{{ ca_crt }}" }}/${karmada_ca}/g" /opt/configs/cert.yaml
sed -i'' -e "s/{{ print "{{ crt }}" }}/${karmada_crt}/g" /opt/configs/cert.yaml
sed -i'' -e "s/{{ print "{{ key }}" }}/${karmada_key}/g" /opt/configs/cert.yaml
sed -i'' -e "s/{{ print "{{ ca_crt }}" }}/${karmada_ca}/g" /opt/configs/kubeconfig.yaml
sed -i'' -e "s/{{ print "{{ crt }}" }}/${karmada_crt}/g" /opt/configs/kubeconfig.yaml
sed -i'' -e "s/{{ print "{{ key }}" }}/${karmada_key}/g" /opt/configs/kubeconfig.yaml
sed -i'' -e "s/{{ print "{{ crt }}" }}/${karmada_crt}/g" /opt/configs/webhook-cert.yaml
sed -i'' -e "s/{{ print "{{ key }}" }}/${karmada_key}/g" /opt/configs/webhook-cert.yaml
sed -i'' -e "s/{{ print "{{ ca_crt }}" }}/${karmada_ca}/g" /opt/configs/crds-configmap.yaml
cert.yaml: |-
apiVersion: v1
kind: Secret
metadata:
name: {{ $name }}-cert
namespace: {{ $namespace }}
type: Opaque
data:
server-ca.crt: |-
{{ print "{{ ca_crt }}" }}
karmada.crt: |-
{{ print "{{ crt }}" }}
karmada.key: |-
{{ print "{{ key }}" }}
webhook-cert.yaml: |-
apiVersion: v1
kind: Secret
metadata:
name: {{ $name }}-webhook-cert
namespace: {{ include "karmada.namespace" . }}
type: kubernetes.io/tls
data:
tls.crt: |-
{{ print "{{ crt }}" }}
tls.key: |-
{{ print "{{ key }}" }}
kubeconfig.yaml: |-
apiVersion: v1
kind: Secret
metadata:
name: {{ $name }}-kubeconfig
namespace: {{ include "karmada.namespace" . }}
stringData:
kubeconfig: |-
apiVersion: v1
kind: Config
clusters:
- cluster:
certificate-authority-data: {{ print "{{ ca_crt }}" }}
insecure-skip-tls-verify: false
server: https://{{ $name }}-apiserver.{{ include "karmada.namespace" . }}.svc.{{ .Values.clusterDomain }}:5443
name: {{ $name }}-apiserver
users:
- user:
client-certificate-data: {{ print "{{ crt }}" }}
client-key-data: {{ print "{{ key }}" }}
name: {{ $name }}-apiserver
contexts:
- context:
cluster: {{ $name }}-apiserver
user: {{ $name }}-apiserver
name: {{ $name }}-apiserver
current-context: {{ $name }}-apiserver
crds-configmap.yaml: |-
apiVersion: v1
kind: ConfigMap
metadata:
name: {{ $name }}-crds
namespace: {{ include "karmada.namespace" . }}
data:
{{- print "webhook-configuration.yaml: " | nindent 6 }} |-
{{- include "karmada.webhook.configuration" . | nindent 8 }}
{{- print "system-namespace.yaml: " | nindent 6 }} |-
{{- include "karmada.systemNamespace" . | nindent 8 }}
{{ range $path, $bytes := .Files.Glob (printf "_crds/**")}}
{{ $name := base $path }}
{{- (printf "%s: " $name) | nindent 6 }} |-
{{- $.Files.Get $path | nindent 8 }}
{{ end }}
---
apiVersion: batch/v1
kind: Job
metadata:
name: "{{ $name }}-config-generator"
annotations:
# This is what defines this resource as a hook. Without this line, the
# job is considered part of the release.
"helm.sh/hook": pre-install
"helm.sh/hook-weight": "3"
"helm.sh/hook-delete-policy": hook-succeeded
spec:
parallelism: 1
completions: 1
template:
metadata:
name: {{ $name }}
labels:
app.kubernetes.io/managed-by: {{ .Release.Service | quote }}
app.kubernetes.io/instance: {{ $name | quote }}
helm.sh/chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
spec:
serviceAccountName: {{ $name }}-pre-job
restartPolicy: Never
initContainers:
- name: generator
image: cfssl/cfssl
workingDir: /opt/mount
command:
- "./generator.sh"
volumeMounts:
- name: mount
mountPath: /opt/mount
- name: configs
mountPath: /opt/configs
containers:
- name: pre-install-job
image: bitnami/kubectl:latest
workingDir: /opt/mount
command:
- "./install.sh"
volumeMounts:
- name: mount
mountPath: /opt/mount
- name: configs
mountPath: /opt/configs
volumes:
- name: mount
configMap:
name: {{ $name }}-config
defaultMode: 0777
- name: configs
emptyDir: {}
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: {{ $name }}-pre-job
annotations:
"helm.sh/hook": pre-install
"helm.sh/hook-weight": "1"
namespace: {{ include "karmada.namespace" . }}
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: {{ $name }}-pre-job
annotations:
"helm.sh/hook": pre-install
"helm.sh/hook-weight": "1"
rules:
- apiGroups: ['*']
resources: ['*']
verbs: ["get", "watch", "list", "create", "update", "patch", "delete"]
- nonResourceURLs: ['*']
verbs: ["get"]
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: {{ $name }}-pre-job
annotations:
"helm.sh/hook": pre-install
"helm.sh/hook-weight": "1"
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: {{ $name }}-pre-job
subjects:
- kind: ServiceAccount
name: {{ $name }}-pre-job
namespace: {{ include "karmada.namespace" . }}
---
{{- end }}

339
charts/values.yaml Normal file
View File

@ -0,0 +1,339 @@
## Default values for charts.
## This is a YAML-formatted file.
## Declare variables to be passed into your templates.
## @param installMode "host" and "agent" are provided
## "host" means install karmada in the control-cluster
## "agent" means install agent client in the member cluster
installMode: "host"
## @param clusterDomain default domain for karmada
clusterDomain: "cluster.local"
## karmada certificate config
certs:
## @param certs.mode "auto" and "custom" are provided
## "auto" means auto generate certificate
## "custom" means use user certificate
mode: auto
auto:
## @param certs.auto.expiry expiry of the certificate
expiry: 43800h
## @param certs.auto.hosts hosts of the certificate
hosts: [
"kubernetes.default.svc",
"*.etcd.karmada-system.svc.cluster.local",
"*.karmada-system.svc.cluster.local",
"*.karmada-system.svc",
"localhost",
"127.0.0.1"
]
custom:
## @param certs.custom.caCrt ca of the certificate
caCrt: |
-----BEGIN CERTIFICATE-----
XXXXXXXXXXXXXXXXXXXXXXXXXXX
-----END CERTIFICATE-----
## @param certs.custom.crt crt of the certificate
crt: |
-----BEGIN CERTIFICATE-----
XXXXXXXXXXXXXXXXXXXXXXXXXXX
-----END CERTIFICATE-----
## @param certs.custom.key key of the certificate
key: |
-----BEGIN RSA PRIVATE KEY-----
XXXXXXXXXXXXXXXXXXXXXXXXXXX
-----END RSA PRIVATE KEY-----
## scheduler config
scheduler:
## @param scheduler.labels
labels:
app: karmada-scheduler
## @param scheduler.replicaCount target replicas
replicaCount: 1
## @param scheduler.podAnnotations
podAnnotations: { }
## @param scheduler.podLabels
podLabels: { }
## @param scheduler.imagePullSecrets
imagePullSecrets: [ ]
image:
## @param scheduler.image.repository image of the scheduler
repository: swr.ap-southeast-1.myhuaweicloud.com/karmada/karmada-scheduler
## @param scheduler.image.pullPolicy pull policy of image
pullPolicy: IfNotPresent
## @param scheduler.image.tag verrides the image tag whose default is the latest
tag: latest
## @param scheduler.resources
resources: { }
# If you do want to specify resources, uncomment the following
# lines, adjust them as necessary, and remove the curly braces after 'resources:'.
# limits:
# cpu: 100m
# memory: 128Mi
# requests:
# cpu: 100m
# memory: 128Mi
## @param scheduler.nodeSelector
nodeSelector: { }
## @param scheduler.affinity
affinity: { }
## @param scheduler.tolerations
tolerations: [ ]
# - key: node-role.kubernetes.io/master
# operator: Exists
## webhook config
webhook:
## @param webhook.labels
labels:
app: karmada-webhook
## @param webhook.replicaCount target replicas
replicaCount: 1
## @param webhook.podAnnotations
podAnnotations: { }
## @param webhook.podLabels
podLabels: { }
## @param webhook.imagePullSecrets
imagePullSecrets: [ ]
image:
## @param webhook.image.repository image of the webhook
repository: swr.ap-southeast-1.myhuaweicloud.com/karmada/karmada-webhook
## @param webhook.image.pullPolicy pull policy of image
pullPolicy: IfNotPresent
## @param webhook.image.tag verrides the image tag whose default is the latest
tag: latest
## @param webhook.resources
resources: { }
# If you do want to specify resources, uncomment the following
# lines, adjust them as necessary, and remove the curly braces after 'resources:'.
# limits:
# cpu: 100m
# memory: 128Mi
# requests:
# cpu: 100m
# memory: 128Mi
## @param webhook.nodeSelector
nodeSelector: { }
## @param webhook.affinity
affinity: { }
## @param webhook.tolerations
tolerations: [ ]
# - key: node-role.kubernetes.io/master
# operator: Exists
## controller manager config
controllerManager:
## @param controllerManager.labels
labels:
app: karmada-controller-manager
## @param controllerManager.replicaCount target replicas
replicaCount: 1
## @param controllerManager.podAnnotations
podAnnotations: { }
## @param controllerManager.podLabels
podLabels: { }
## @param controllerManager.imagePullSecrets
imagePullSecrets: [ ]
image:
## @param controllerManager.image.repository image of the controller manager
repository: swr.ap-southeast-1.myhuaweicloud.com/karmada/karmada-controller-manager
## @param controllerManager.image.pullPolicy pull policy of image
pullPolicy: IfNotPresent
## @param controllerManager.image.tag verrides the image tag whose default is the latest
tag: latest
## @param controllerManager.resources
resources: { }
# If you do want to specify resources, uncomment the following
# lines, adjust them as necessary, and remove the curly braces after 'resources:'.
# limits:
# cpu: 100m
# memory: 128Mi
# requests:
# cpu: 100m
# memory: 128Mi
## @param controllerManager.nodeSelector
nodeSelector: { }
## @param controllerManager.affinity
affinity: { }
## @param controllerManager.tolerations
tolerations: [ ]
# - key: node-role.kubernetes.io/master
# operator: Exists
## karmada apiserver config
apiServer:
## @param apiServer.labels
labels:
app: karmada-apiserver
## @param apiServer.replicaCount target replicas
replicaCount: 1
## @param apiServer.podAnnotations
podAnnotations: { }
## @param apiServer.podLabels
podLabels: { }
## @param apiServer.imagePullSecrets
imagePullSecrets: []
image:
## @param apiServer.image.repository image of the apiserver
repository: k8s.gcr.io/kube-apiserver
## @param apiServer.image.pullPolicy pull policy of image
pullPolicy: IfNotPresent
## @param apiServer.image.tag verrides the image tag whose default is the latest
tag: "v1.19.1"
## @param apiServer.resources
resources: { }
# If you do want to specify resources, uncomment the following
# lines, adjust them as necessary, and remove the curly braces after 'resources:'.
# limits:
# cpu: 100m
# memory: 128Mi
# requests:
# cpu: 100m
# memory: 128Mi
## @param apiServer.nodeSelector
nodeSelector: { }
## @param apiServer.affinity
affinity: { }
## @param apiServer.tolerations
tolerations: [ ]
# - key: node-role.kubernetes.io/master
# operator: Exists
## kubernetes controller manager config
kubeControllerManager:
## @param kubeControllerManager.labels
labels:
app: kube-controller-manager
## @param kubeControllerManager.replicaCount target replicas
replicaCount: 1
## @param kubeControllerManager.podAnnotations
podAnnotations: {}
## @param kubeControllerManager.podLabels
podLabels: {}
## @param kubeControllerManager.imagePullSecrets
imagePullSecrets: []
image:
## @param kubeControllerManager.image.repository image of the kube controller manager
repository: k8s.gcr.io/kube-controller-manager
## @param kubeControllerManager.image.pullPolicy pull policy of image
pullPolicy: IfNotPresent
## @param kubeControllerManager.image.tag verrides the image tag whose default is the latest
tag: "v1.19.1"
## @param kubeControllerManager.resources
resources:
# If you do want to specify resources, uncomment the following
# lines, adjust them as necessary, and remove the curly braces after 'resources:'.
# limits:
# cpu: 100m
# memory: 128Mi
# requests:
# cpu: 100m
# memory: 128Mi
## @param kubeControllerManager.nodeSelector
nodeSelector: {}
## @param kubeControllerManager.affinity
affinity: {}
## @param kubeControllerManager.tolerations
tolerations: [ ]
# - key: node-role.kubernetes.io/master
# operator: Exists
## etcd config
etcd:
## @param etcd.mode "external" and "internal" are provided
## "external" means use external ectd
## "internal" means install a etcd in the cluster
mode: "internal"
external:
## @param etcd.external.servers servers of etcd
## such as "https://192.168.1.1:2379,https://192.168.1.2:2379,https://192.168.1.3:2379"
servers: ""
## @param etcd.external.registryPrefix use to registry prefix of etcd
registryPrefix: "/registry/karmada"
certs:
## @param etcd.external.certs.caCrt ca of the certificate
caCrt: |
-----BEGIN CERTIFICATE-----
XXXXXXXXXXXXXXXXXXXXXXXXXXX
-----END CERTIFICATE-----
## @param etcd.external.certs.crt crt of the certificate
crt: |
-----BEGIN CERTIFICATE-----
XXXXXXXXXXXXXXXXXXXXXXXXXXX
-----END CERTIFICATE-----
## @param etcd.external.certs.key key of the certificate
key: |
-----BEGIN RSA PRIVATE KEY-----
XXXXXXXXXXXXXXXXXXXXXXXXXXX
-----END RSA PRIVATE KEY-----
internal:
## @param etcd.internal.replicaCount target replicas
replicaCount: 1
image:
## @param etcd.internal.image.repository image of the etcd
repository: k8s.gcr.io/etcd
## @param etcd.internal.image.pullPolicy pull policy of image
pullPolicy: IfNotPresent
## @param etcd.internal.image.tag verrides the image tag whose default is the latest
tag: "3.4.13-0"
## agent client config
agent:
## @param agent.clusterName name of the member cluster
clusterName: ""
kubeconfig:
## @param agent.kubeconfig.caCrt ca of the certificate
caCrt: |
-----BEGIN CERTIFICATE-----
XXXXXXXXXXXXXXXXXXXXXXXXXXX
-----END CERTIFICATE-----
## @param agent.kubeconfig.crt crt of the certificate
crt: |
-----BEGIN CERTIFICATE-----
XXXXXXXXXXXXXXXXXXXXXXXXXXX
-----END CERTIFICATE-----
## @param agent.kubeconfig.key key of the certificate
key: |
-----BEGIN RSA PRIVATE KEY-----
XXXXXXXXXXXXXXXXXXXXXXXXXXX
-----END RSA PRIVATE KEY-----
## @param agent.kubeconfig.server apiserver of the karmada
server: ""
## @param agent.labels
labels:
app: karmada-agent
## @param agent.replicaCount target replicas
replicaCount: 1
## @param agent.podAnnotations
podAnnotations: { }
## @param agent.podLabels
podLabels: { }
## @param agent.imagePullSecrets
imagePullSecrets: [ ]
image:
## @param agent.image.repository image of the agent
repository: swr.ap-southeast-1.myhuaweicloud.com/karmada/karmada-agent
## @param agent.image.pullPolicy pull policy of image
pullPolicy: IfNotPresent
## @param agent.image.tag verrides the image tag whose default is the latest
tag: latest
## @param agent.resources
resources: { }
# If you do want to specify resources, uncomment the following
# lines, adjust them as necessary, and remove the curly braces after 'resources:'.
# limits:
# cpu: 100m
# memory: 128Mi
# requests:
# cpu: 100m
# memory: 128Mi
## @param agent.nodeSelector
nodeSelector: { }
## @param agent.affinity
affinity: { }
## @param agent.tolerations
tolerations: { }
# - key: node-role.kubernetes.io/master
# operator: Exists