openkruise
/
charts
mirror of https://github.com/openkruise/charts.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

kruise-game v1.0.0-rc release (#151) 

Signed-off-by: ChrisLiu <chrisliu1995@163.com>
This commit is contained in:
ChrisLiu 2025-07-10 19:39:42 +08:00 committed by GitHub
parent 2b75a2f7db
commit 1259df091a
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
21 changed files with 3836 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
charts/kruise-game
View File

@ -1 +1 @@
../versions/kruise-game/0.10 ../versions/kruise-game/1.0.0-rc

23
versions/kruise-game/1.0.0-rc/.helmignore Normal file
View File

@ -0,0 +1,23 @@
# Patterns to ignore when building packages.
# This supports shell glob matching, relative path matching, and
# negation (prefixed with !). Only one pattern per line.
.DS_Store
# Common VCS dirs
.git/
.gitignore
.bzr/
.bzrignore
.hg/
.hgignore
.svn/
# Common backup files
*.swp
*.bak
*.tmp
*.orig
*~
# Various IDEs
.project
.idea/
*.tmproj
.vscode/

11
versions/kruise-game/1.0.0-rc/Chart.yaml Normal file
View File

@ -0,0 +1,11 @@
apiVersion: v1
name: kruise-game
description: Helm chart for kruise-game components
version: 1.0.0-rc
appVersion: 1.0.0-rc
kubeVersion: ">= 1.18.0-0"
sources:
- https://github.com/openkruise/kruise-game
annotations:
artifacthub.io/changes: |
- "[Changed]: https://github.com/openkruise/kruise-game/blob/master/CHANGELOG.md"

61
versions/kruise-game/1.0.0-rc/README.md Normal file
View File

@ -0,0 +1,61 @@
# Kruise Game v1.0.0
## Configuration
The following table lists the configurable parameters of the kruise-game chart and their default values.
| Parameter | Description | Default |
|--------------------------------------------|-----------------------------------------------------------------------------|----------------------------------|
| `installation.namespace` | Namespace for kruise-game operation installation | `kruise-game-system` |
| `installation.createNamespace` | Whether to create the installation.namespace | `true` |
| `kruiseGame.fullname` | Nick name for kruise-game deployment and other configurations | `kruise-game-controller-manager` |
| `kruiseGame.healthBindPort` | Port for checking health of kruise-game container | `8082` |
| `kruiseGame.webhook.port` | Port of webhook served by kruise-game container | `443` |
| `kruiseGame.webhook.targetPort` | ObjectSelector for workloads in MutatingWebhookConfigurations | `9876` |
| `kruiseGame.apiServerQps` | Indicates the maximum QPS to the master from kruise-game-controller-manager | `5` |
| `kruiseGame.apiServerQpsBurst` | Maximum burst for throttle of kruise-game-controller-manager | `10` |
| `kruiseGame.gameserverWorkers` | Max concurrent workers for GameServer controller | `10` |
| `kruiseGame.gameserversetWorkers` | Max concurrent workers for GameServerSet controller | `10` |
| `replicaCount` | Replicas of kruise-game deployment | `1` |
| `image.repository` | Repository for kruise-game image | `openkruise/kruise-game-manager` |
| `image.tag` | Tag for kruise-game image | `v1.0.0` |
| `image.pullPolicy` | ImagePullPolicy for kruise-game container | `Always` |
| `serviceAccount.annotations` | The annotations for serviceAccount of kruise-game | ` ` |
| `service.port` | Port of kruise-game service | `8443` |
| `resources.limits.cpu` | CPU resource limit of kruise-game container | `500m` |
| `resources.limits.memory` | Memory resource limit of kruise-game container | `1Gi` |
| `resources.requests.cpu` | CPU resource request of kruise-game container | `10m` |
| `resources.requests.memory` | Memory resource request of kruise-game container | `64Mi` |
| `prometheus.enabled` | Whether to bind metric endpoint | `true` |
| `prometheus.monitorService.port` | Port of the monitorservice bind to | `8080` |
| `scale.service.port` | Port of the external scaler server binds to | `6000` |
| `scale.service.targetPort` | TargetPort of the external scaler server binds to | `6000` |
| `network.totalWaitTime` | Maximum time to wait for network ready, the unit is seconds | `60` |
| `network.probeIntervalTime` | Time interval for detecting network status, the unit is seconds | `5` |
| `cloudProvider.installCRD` | Whether to install CloudProvider CRD | `true` |
| `indexOffsetScheduler.enabled` | Whether to install index-offset-scheduler | `false` |
| `certificates.autoGenerated` | Whether to auto-generate webhook certificates | `true` |
| `certificates.secretName` | Name of the secret containing webhook certificates | `kruise-game-certs` |
| `certificates.mountPath` | Path to mount webhook certificates in container | `/tmp/webhook-certs/` |
| `certificates.certManager.enabled` | Whether to use cert-manager for certificate management | `false` |
| `certificates.certManager.duration` | Certificate validity duration | `8760h0m0s` |
| `certificates.certManager.renewBefore` | Time before expiry to renew certificate | `5840h0m0s` |
| `certificates.certManager.generateCA` | Whether to generate a Certificate Authority | `true` |
| `certificates.certManager.caSecretName` | Name of the secret containing the CA certificate | `kruise-game-ca` |
| `certificates.certManager.issuer.generate` | Whether to generate the issuer automatically | `true` |
| `certificates.certManager.issuer.name` | Name of the certificate issuer | `kruise-ca` |
| `certificates.certManager.issuer.kind` | Type of the certificate issuer | `ClusterIssuer` |
| `certificates.certManager.issuer.group` | API group of the certificate issuer | `cert-manager.io` |
Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. For example,
### Optional: the local image for China
If you are in China and have problem to pull image from official DockerHub, you can use the registry hosted on Alibaba Cloud:
```bash
$ helm install kruise-game https://... --set image.repository=registry.cn-hangzhou.aliyuncs.com/acs/kruise-game-manager
...
```

62
versions/kruise-game/1.0.0-rc/templates/_helpers.tpl Normal file
View File

@ -0,0 +1,62 @@
{{/*
Expand the name of the chart.
*/}}
{{- define "kruise-game.name" -}}
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
{{- end }}
{{/*
Create a default fully qualified app name.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
If release name contains chart name it will be used as a full name.
*/}}
{{- define "kruise-game.fullname" -}}
{{- if .Values.fullnameOverride }}
{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
{{- else }}
{{- $name := default .Chart.Name .Values.nameOverride }}
{{- if contains $name .Release.Name }}
{{- .Release.Name | trunc 63 | trimSuffix "-" }}
{{- else }}
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
{{- end }}
{{- end }}
{{- end }}
{{/*
Create chart name and version as used by the chart label.
*/}}
{{- define "kruise-game.chart" -}}
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
{{- end }}
{{/*
Common labels
*/}}
{{- define "kruise-game.labels" -}}
helm.sh/chart: {{ include "kruise-game.chart" . }}
{{ include "kruise-game.selectorLabels" . }}
{{- if .Chart.AppVersion }}
app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
{{- end }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
{{- end }}
{{/*
Selector labels
*/}}
{{- define "kruise-game.selectorLabels" -}}
app.kubernetes.io/name: {{ include "kruise-game.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
{{- end }}
{{/*
Create the name of the service account to use
*/}}
{{- define "kruise-game.serviceAccountName" -}}
{{- if .Values.serviceAccount.create }}
{{- default (include "kruise-game.fullname" .) .Values.serviceAccount.name }}
{{- else }}
{{- default "default" .Values.serviceAccount.name }}
{{- end }}
{{- end }}

10
versions/kruise-game/1.0.0-rc/templates/cert-manager/okg-issuer.yaml Normal file
View File

@ -0,0 +1,10 @@
{{- if and .Values.certificates.certManager.enabled .Values.certificates.certManager.issuer.generate }}
apiVersion: cert-manager.io/v1
kind: Issuer
metadata:
name: {{ .Values.kruiseGame.fullname }}-issuer
namespace: {{ .Values.installation.namespace }}
spec:
ca:
secretName: {{ .Values.certificates.certManager.caSecretName }}
{{- end }}

39
versions/kruise-game/1.0.0-rc/templates/cert-manager/okg-tls-certificate.yaml Normal file
View File

@ -0,0 +1,39 @@
{{- if .Values.certificates.certManager.enabled }}
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
name: {{ .Values.kruiseGame.fullname }}-cert
namespace: {{ .Values.installation.namespace }}
spec:
commonName: {{ .Values.kruiseGame.fullname }}
dnsNames:
- {{ .Values.kruiseGame.webhook.serviceName }}.{{ .Values.installation.namespace }}
- {{ .Values.kruiseGame.webhook.serviceName }}.{{ .Values.installation.namespace }}.svc
- {{ .Values.kruiseGame.webhook.serviceName }}.{{ .Values.installation.namespace }}.svc.{{ .Values.clusterDomain }}
secretName: {{ .Values.certificates.secretName }}
usages:
- server auth
- client auth
privateKey:
rotationPolicy: Always
algorithm: RSA
size: 2048
duration: {{ .Values.certificates.certManager.duration }}
renewBefore: {{ .Values.certificates.certManager.renewBefore }}
issuerRef:
{{- if .Values.certificates.certManager.issuer.generate }}
name: {{ .Values.kruiseGame.fullname }}-issuer
kind: Issuer
group: cert-manager.io
{{- else }}
{{- if .Values.certificates.certManager.issuer.name }}
name: {{ .Values.certificates.certManager.issuer.name }}
{{- end }}
{{- if .Values.certificates.certManager.issuer.kind }}
kind: {{ .Values.certificates.certManager.issuer.kind }}
{{- end }}
{{- if .Values.certificates.certManager.issuer.group }}
group: {{ .Values.certificates.certManager.issuer.group }}
{{- end }}
{{- end }}
{{- end }}

21
versions/kruise-game/1.0.0-rc/templates/cert-manager/self-ca.yaml Normal file
View File

@ -0,0 +1,21 @@
{{- if and .Values.certificates.certManager.enabled .Values.certificates.certManager.generateCA .Values.certificates.certManager.issuer.generate }}
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
name: {{ .Values.kruiseGame.fullname }}-ca
namespace: {{ .Values.installation.namespace }}
spec:
isCA: true
commonName: {{ .Values.kruiseGame.fullname }}
secretName: {{ .Values.certificates.certManager.caSecretName }}
privateKey:
rotationPolicy: Always
algorithm: RSA
size: 2048
duration: 8760h0m0s # 1 year
renewBefore: 720h0m0s # 1 month
issuerRef:
name: {{ .Values.kruiseGame.fullname }}-selfsigned-issuer
kind: Issuer
group: cert-manager.io
{{- end }}

13
versions/kruise-game/1.0.0-rc/templates/cert-manager/self-issuer.yaml Normal file
View File

@ -0,0 +1,13 @@
{{- if and .Values.certificates.certManager.enabled .Values.certificates.certManager.generateCA .Values.certificates.certManager.issuer.generate }}
apiVersion: cert-manager.io/v1
kind: Issuer
metadata:
{{- with .Values.additionalAnnotations }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
name: {{ .Values.kruiseGame.fullname }}-selfsigned-issuer
namespace: {{ .Values.installation.namespace }}
spec:
selfSigned: {}
{{- end }}

77
versions/kruise-game/1.0.0-rc/templates/controller_manager_config.yaml Normal file
View File

@ -0,0 +1,77 @@
apiVersion: v1
kind: ConfigMap
metadata:
name: kruise-game-manager-config
namespace: {{ .Values.installation.namespace }}
data:
config.toml: |
[kubernetes]
enable = true
[kubernetes.hostPort]
max_port = 9000
min_port = 8000
[alibabacloud]
enable = true
[alibabacloud.slb]
max_port = 700
min_port = 500
block_ports = [593]
[alibabacloud.nlb]
max_port = 1502
min_port = 1000
block_ports = [1025, 1434, 1068]
[volcengine]
enable = true
[volcengine.clb]
max_port = 600
min_port = 550
block_ports = [593]
[aws]
enable = false
[aws.nlb]
max_port = 30050
min_port = 30001
[jdcloud]
enable = false
[jdcloud.nlb]
max_port = 700
min_port = 500
[tencentcloud]
enable = true
[hwcloud]
enable = false
[hwcloud.elb]
max_port = 700
min_port = 500
block_ports = []
controller_manager_config.yaml: |
apiVersion: controller-runtime.sigs.k8s.io/v1alpha1
kind: ControllerManagerConfig
health:
healthProbeBindAddress: :8081
metrics:
bindAddress: 127.0.0.1:8080
webhook:
port: 9443
leaderElection:
leaderElect: true
resourceName: c637bb1e.my.domain
# leaderElectionReleaseOnCancel defines if the leader should step down volume
# when the Manager ends. This requires the binary to immediately end when the
# Manager is stopped, otherwise, this setting is unsafe. Setting this significantly
# speeds up voluntary leader transitions as the new leader don't have to wait
# LeaseDuration time first.
# In the default scaffold provided, the program ends immediately after
# the manager stops, so would be fine to enable this option. However,
# if you are doing or is intended to do any operation such as perform cleanups
# after the manager stops then its usage might be unsafe.
# leaderElectionReleaseOnCancel: true

1411
versions/kruise-game/1.0.0-rc/templates/game.kruise.io_gameservers.yaml Normal file
View File

File diff suppressed because it is too large Load Diff

1060
versions/kruise-game/1.0.0-rc/templates/game.kruise.io_gameserversets.yaml Normal file
View File

File diff suppressed because it is too large Load Diff

298
versions/kruise-game/1.0.0-rc/templates/index-offset-scheduler.yaml Normal file
View File

@ -0,0 +1,298 @@
{{- if .Values.indexOffsetScheduler.enabled }}
# service account
apiVersion: v1
kind: ServiceAccount
metadata:
name: index-offset-scheduler
namespace: kruise-game-system
---
# clusterRole
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
annotations:
rbac.authorization.kubernetes.io/autoupdate: 'true'
name: index-offset-scheduler
rules:
- apiGroups:
- ''
- events.k8s.io
resources:
- events
verbs:
- create
- patch
- update
- apiGroups:
- coordination.k8s.io
resources:
- leases
verbs:
- create
- apiGroups:
- coordination.k8s.io
resourceNames:
- kube-scheduler
- index-offset-scheduler
resources:
- leases
verbs:
- get
- list
- update
- watch
- apiGroups:
- coordination.k8s.io
resources:
- leasecandidates
verbs:
- create
- delete
- deletecollection
- get
- list
- patch
- update
- watch
- apiGroups:
- ''
resources:
- nodes
verbs:
- get
- list
- watch
- apiGroups:
- ''
resources:
- pods
verbs:
- delete
- get
- list
- watch
- apiGroups:
- ''
resources:
- bindings
- pods/binding
verbs:
- create
- apiGroups:
- ''
resources:
- pods/status
verbs:
- patch
- update
- apiGroups:
- ''
resources:
- replicationcontrollers
- services
verbs:
- get
- list
- watch
- apiGroups:
- apps
- extensions
resources:
- replicasets
verbs:
- get
- list
- watch
- apiGroups:
- apps
resources:
- statefulsets
verbs:
- get
- list
- watch
- apiGroups:
- policy
resources:
- poddisruptionbudgets
verbs:
- get
- list
- watch
- apiGroups:
- ''
resources:
- persistentvolumeclaims
- persistentvolumes
verbs:
- get
- list
- watch
- apiGroups:
- authentication.k8s.io
resources:
- tokenreviews
verbs:
- create
- apiGroups:
- authorization.k8s.io
resources:
- subjectaccessreviews
verbs:
- create
- apiGroups:
- storage.k8s.io
resources:
- csinodes
verbs:
- get
- list
- watch
- apiGroups:
- ''
resources:
- namespaces
verbs:
- get
- list
- watch
- apiGroups:
- storage.k8s.io
resources:
- csidrivers
verbs:
- get
- list
- watch
- apiGroups:
- storage.k8s.io
resources:
- csistoragecapacities
verbs:
- get
- list
- watch
- apiGroups:
- ""
resourceNames:
- kube-scheduler
- index-offset-scheduler
resources:
- endpoints
verbs:
- delete
- get
- patch
- update
---
# ClusterRoleBinding: index-offset-scheduler
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: index-offset-scheduler-as-kube-scheduler
subjects:
- kind: ServiceAccount
name: index-offset-scheduler
namespace: kruise-game-system
roleRef:
kind: ClusterRole
name: index-offset-scheduler
apiGroup: rbac.authorization.k8s.io
---
# ClusterRoleBinding: system:volume-scheduler
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: index-offset-scheduler-as-volume-scheduler
subjects:
- kind: ServiceAccount
name: index-offset-scheduler
namespace: kruise-game-system
roleRef:
kind: ClusterRole
name: system:volume-scheduler
apiGroup: rbac.authorization.k8s.io
---
# RoleBinding: apiserver
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
name: index-offset-scheduler-extension-apiserver-authentication-reader
namespace: kube-system
roleRef:
kind: Role
name: extension-apiserver-authentication-reader
apiGroup: rbac.authorization.k8s.io
subjects:
- kind: ServiceAccount
name: index-offset-scheduler
namespace: kruise-game-system
---
# configmap
apiVersion: v1
kind: ConfigMap
metadata:
name: index-offset-scheduler-config
namespace: kruise-game-system
data:
scheduler-config.yaml: |
# stable v1 after version 1.25
apiVersion: kubescheduler.config.k8s.io/v1
kind: KubeSchedulerConfiguration
leaderElection:
leaderElect: false
resourceNamespace: kruise-game-system
resourceName: index-offset-scheduler
profiles:
- schedulerName: index-offset-scheduler
plugins:
score:
enabled:
- name: index-offset-scheduler
---
# deployment
apiVersion: apps/v1
kind: Deployment
metadata:
name: index-offset-scheduler
namespace: kruise-game-system
labels:
app: index-offset-scheduler
spec:
replicas: 1
selector:
matchLabels:
app: index-offset-scheduler
template:
metadata:
labels:
app: index-offset-scheduler
spec:
serviceAccountName: index-offset-scheduler
containers:
- name: scheduler
# change your image
image: openkruise/kruise-game-scheduler-index-offset:v1.0
imagePullPolicy: Always
command:
- /app/index-offset-scheduler
- --config=/etc/kubernetes/scheduler-config.yaml
- --v=5
resources:
requests:
cpu: 100m
memory: 50Mi
limits:
cpu: 500m
memory: 512Mi
volumeMounts:
- name: config
mountPath: /etc/kubernetes
# imagePullSecrets:
# - name: <your image pull secret>
volumes:
- name: config
configMap:
name: index-offset-scheduler-config
{{- end }}

126
versions/kruise-game/1.0.0-rc/templates/manager.yaml Normal file
View File

@ -0,0 +1,126 @@
{{- if .Values.installation.createNamespace }}
apiVersion: v1
kind: Namespace
metadata:
labels:
control-plane: {{ .Values.kruiseGame.fullname }}
name: {{ .Values.installation.namespace }}
{{- end }}
---
apiVersion: v1
kind: Service
metadata:
name: kruise-game-controller-manager-metrics-service
namespace: {{ .Values.installation.namespace }}
labels:
control-plane: {{ .Values.kruiseGame.fullname }}
spec:
ports:
- name: https
port: {{ .Values.service.port }}
protocol: TCP
targetPort: https
selector:
control-plane: {{ .Values.kruiseGame.fullname }}
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ .Values.kruiseGame.fullname }}
namespace: {{ .Values.installation.namespace }}
labels:
control-plane: {{ .Values.kruiseGame.fullname }}
spec:
selector:
matchLabels:
control-plane: {{ .Values.kruiseGame.fullname }}
replicas: {{ .Values.replicaCount }}
template:
metadata:
annotations:
kubectl.kubernetes.io/default-container: manager
labels:
control-plane: {{ .Values.kruiseGame.fullname }}
spec:
# securityContext:
# runAsNonRoot: true
# TODO(user): For common cases that do not require escalating privileges
# it is recommended to ensure that all your Pods/Containers are restrictive.
# More info: https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted
# Please uncomment the following code if your project does NOT have to work on old Kubernetes
# versions < 1.19 or on vendors versions which do NOT support this field by default (i.e. Openshift < 4.11 ).
# seccompProfile:
# type: RuntimeDefault
containers:
- command:
- /manager
args:
- --leader-elect=false
- --provider-config=/etc/kruise-game/config.toml
- --api-server-qps={{ .Values.kruiseGame.apiServerQps }}
- --api-server-qps-burst={{ .Values.kruiseGame.apiServerQpsBurst }}
- --gameserver-workers={{ .Values.kruiseGame.gameserverWorkers }}
- --gameserverset-workers={{ .Values.kruiseGame.gameserversetWorkers }}
- --scale-server-bind-address=:{{ .Values.scale.service.targetPort }}
{{- if .Values.prometheus.enabled }}
- --metrics-bind-address=:{{ .Values.prometheus.monitorService.port }}
{{- end }}
{{- if not .Values.certificates.autoGenerated }}
- --enable-cert-generation={{ .Values.certificates.autoGenerated }}
{{- end }}
image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
imagePullPolicy: {{ .Values.image.pullPolicy }}
name: manager
env:
- name: "NETWORK_TOTAL_WAIT_TIME"
value: {{ .Values.network.totalWaitTime | quote }}
- name: "NETWORK_PROBE_INTERVAL_TIME"
value: {{ .Values.network.probeIntervalTime | quote }}
ports:
- name: https
containerPort: {{ .Values.prometheus.monitorService.port }}
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- "ALL"
livenessProbe:
httpGet:
path: /healthz
port: {{ .Values.kruiseGame.healthBindPort }}
initialDelaySeconds: 5
periodSeconds: 5
readinessProbe:
httpGet:
path: /readyz
port: {{ .Values.kruiseGame.healthBindPort }}
initialDelaySeconds: 5
periodSeconds: 5
# TODO(user): Configure the resources accordingly based on the project requirements.
# More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
resources:
{{- toYaml .Values.resources | nindent 12 }}
volumeMounts:
- mountPath: /etc/kruise-game
name: provider-config
{{- if not .Values.certificates.autoGenerated }}
- mountPath: {{ .Values.certificates.mountPath }}
name: certificates
{{- end }}
serviceAccountName: {{ .Values.kruiseGame.fullname }}
terminationGracePeriodSeconds: 10
volumes:
- configMap:
defaultMode: 420
items:
- key: config.toml
path: config.toml
name: kruise-game-manager-config
name: provider-config
{{- if not .Values.certificates.autoGenerated }}
- name: certificates
secret:
defaultMode: 420
secretName: {{ .Values.certificates.secretName}}
optional: {{ and .Values.certificates.autoGenerated ( not .Values.certificates.certManager.enabled ) }}
{{- end }}

17
versions/kruise-game/1.0.0-rc/templates/prometheus-monitor.yaml Normal file
View File

@ -0,0 +1,17 @@
{{- if .Values.prometheus.enabled }}
# Prometheus Monitor Service (Metrics)
apiVersion: monitoring.coreos.com/v1
kind: ServiceMonitor
metadata:
labels:
control-plane: {{ .Values.kruiseGame.fullname }}
name: kruise-game-controller-manager-metrics-monitor
namespace: {{ .Values.installation.namespace }}
spec:
endpoints:
- path: /metrics
port: https
selector:
matchLabels:
control-plane: {{ .Values.kruiseGame.fullname }}
{{- end }}

404
versions/kruise-game/1.0.0-rc/templates/rbac_role.yaml Normal file
View File

@ -0,0 +1,404 @@
apiVersion: v1
kind: ServiceAccount
metadata:
name: {{ .Values.kruiseGame.fullname }}
namespace: {{ .Values.installation.namespace }}
---
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
name: kruise-game-leader-election-role
namespace: {{ .Values.installation.namespace }}
rules:
- apiGroups:
- ""
resources:
- configmaps
verbs:
- get
- list
- watch
- create
- update
- patch
- delete
- apiGroups:
- coordination.k8s.io
resources:
- leases
verbs:
- get
- list
- watch
- create
- update
- patch
- delete
- apiGroups:
- ""
resources:
- events
verbs:
- create
- patch
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
creationTimestamp: null
name: kruise-game-manager-role
rules:
- apiGroups:
- ""
resources:
- events
verbs:
- create
- patch
- apiGroups:
- admissionregistration.k8s.io
resources:
- mutatingwebhookconfigurations
verbs:
- create
- get
- list
- patch
- update
- watch
- apiGroups:
- admissionregistration.k8s.io
resources:
- validatingwebhookconfigurations
verbs:
- create
- get
- list
- patch
- update
- watch
- apiGroups:
- alibabacloud.com
resources:
- poddnats
verbs:
- get
- list
- watch
- apiGroups:
- alibabacloud.com
resources:
- poddnats/status
verbs:
- get
- apiGroups:
- alibabacloud.com
resources:
- podeips
verbs:
- get
- list
- watch
- apiGroups:
- alibabacloud.com
resources:
- podeips/status
verbs:
- get
- apiGroups:
- apiextensions.k8s.io
resources:
- customresourcedefinitions
verbs:
- get
- list
- patch
- update
- watch
- apiGroups:
- apps.kruise.io
resources:
- podprobemarkers
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- apps.kruise.io
resources:
- statefulsets
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- apps.kruise.io
resources:
- statefulsets/status
verbs:
- get
- patch
- update
- apiGroups:
- ""
resources:
- nodes
verbs:
- get
- list
- watch
- apiGroups:
- ""
resources:
- nodes/status
verbs:
- get
- apiGroups:
- ""
resources:
- persistentvolumeclaims
verbs:
- get
- list
- watch
- apiGroups:
- ""
resources:
- persistentvolumeclaims/status
verbs:
- get
- apiGroups:
- ""
resources:
- persistentvolumes
verbs:
- get
- list
- watch
- apiGroups:
- ""
resources:
- persistentvolumes/status
verbs:
- get
- apiGroups:
- ""
resources:
- pods
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- ""
resources:
- pods/status
verbs:
- get
- patch
- update
- apiGroups:
- ""
resources:
- services
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- ""
resources:
- services/status
verbs:
- get
- patch
- update
- apiGroups:
- elbv2.k8s.aws
resources:
- targetgroupbindings
verbs:
- create
- get
- list
- patch
- update
- watch
- apiGroups:
- elbv2.services.k8s.aws
resources:
- listeners
verbs:
- create
- get
- list
- patch
- update
- watch
- apiGroups:
- elbv2.services.k8s.aws
resources:
- targetgroups
verbs:
- create
- get
- list
- patch
- update
- watch
- apiGroups:
- game.kruise.io
resources:
- gameservers
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- game.kruise.io
resources:
- gameservers/finalizers
verbs:
- update
- apiGroups:
- game.kruise.io
resources:
- gameservers/status
verbs:
- get
- patch
- update
- apiGroups:
- game.kruise.io
resources:
- gameserversets
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- game.kruise.io
resources:
- gameserversets/finalizers
verbs:
- update
- apiGroups:
- game.kruise.io
resources:
- gameserversets/status
verbs:
- get
- patch
- update
- apiGroups:
- networking.k8s.io
resources:
- ingresses
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- networking.k8s.io
resources:
- ingresses/status
verbs:
- get
- patch
- update
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: kruise-game-metrics-reader
rules:
- nonResourceURLs:
- "/metrics"
verbs:
- get
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: kruise-game-proxy-role
rules:
- apiGroups:
- authentication.k8s.io
resources:
- tokenreviews
verbs:
- create
- apiGroups:
- authorization.k8s.io
resources:
- subjectaccessreviews
verbs:
- create
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
name: kruise-game-leader-election-rolebinding
namespace: {{ .Values.installation.namespace }}
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: kruise-game-leader-election-role
subjects:
- kind: ServiceAccount
name: {{ .Values.kruiseGame.fullname }}
namespace: {{ .Values.installation.namespace }}
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: kruise-game-manager-rolebinding
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: kruise-game-manager-role
subjects:
- kind: ServiceAccount
name: {{ .Values.kruiseGame.fullname }}
namespace: {{ .Values.installation.namespace }}
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: kruise-game-proxy-rolebinding
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: proxy-role
subjects:
- kind: ServiceAccount
name: {{ .Values.kruiseGame.fullname }}
namespace: {{ .Values.installation.namespace }}

11
versions/kruise-game/1.0.0-rc/templates/scaler-service.yaml Normal file
View File

@ -0,0 +1,11 @@
apiVersion: v1
kind: Service
metadata:
name: kruise-game-external-scaler
namespace: {{ .Values.installation.namespace }}
spec:
ports:
- port: {{ .Values.scale.service.port }}
targetPort: {{ .Values.scale.service.targetPort }}
selector:
control-plane: {{ .Values.kruiseGame.fullname }}

44
versions/kruise-game/1.0.0-rc/templates/webhooks/mutatingconfiguration.yaml Normal file
View File

@ -0,0 +1,44 @@
{{- if not .Values.certificates.autoGenerated }}
apiVersion: admissionregistration.k8s.io/v1
kind: MutatingWebhookConfiguration
metadata:
annotations:
{{- if .Values.certificates.certManager.enabled }}
{{- if and (not .Values.certificates.certManager.generateCA) .Values.certificates.certManager.issuer.generate }}
cert-manager.io/inject-ca-from-secret: {{ .Values.installation.namespace }}/{{ .Values.certificates.certManager.caSecretName }}
{{- else }}
cert-manager.io/inject-ca-from: {{ .Values.installation.namespace }}/{{ .Values.kruiseGame.fullname }}-cert
{{- end }}
{{- end }}
labels:
app.kubernetes.io/name: {{ .Values.kruiseGame.fullname }}
name: kruise-game-mutating-webhook
webhooks:
- admissionReviewVersions:
- v1
- v1beta1
clientConfig:
service:
name: {{ .Values.kruiseGame.webhook.serviceName }}
namespace: {{ .Values.installation.namespace }}
path: /mutate-v1-pod
failurePolicy: {{ .Values.kruiseGame.webhook.failurePolicy }}
matchPolicy: Equivalent
name: mgameserverset.kb.io
rules:
- operations:
- CREATE
- UPDATE
- DELETE
apiGroups:
- ""
apiVersions:
- v1
resources:
- pods
objectSelector:
matchExpressions:
- key: game.kruise.io/owner-gss
operator: Exists
sideEffects: None
{{- end }}

12
versions/kruise-game/1.0.0-rc/templates/webhooks/service.yaml Normal file
View File

@ -0,0 +1,12 @@
---
apiVersion: v1
kind: Service
metadata:
name: {{ .Values.kruiseGame.webhook.serviceName }}
namespace: {{ .Values.installation.namespace }}
spec:
ports:
- port: {{ .Values.kruiseGame.webhook.port }}
targetPort: {{ .Values.kruiseGame.webhook.targetPort }}
selector:
control-plane: {{ .Values.kruiseGame.fullname }}

42
versions/kruise-game/1.0.0-rc/templates/webhooks/validatingconfiguration.yaml Normal file
View File

@ -0,0 +1,42 @@
{{- if not .Values.certificates.autoGenerated }}
apiVersion: admissionregistration.k8s.io/v1
kind: ValidatingWebhookConfiguration
metadata:
annotations:
{{- if .Values.certificates.certManager.enabled }}
{{- if and (not .Values.certificates.certManager.generateCA) .Values.certificates.certManager.issuer.generate }}
cert-manager.io/inject-ca-from-secret: {{ .Values.installation.namespace }}/{{ .Values.certificates.certManager.caSecretName }}
{{- else }}
cert-manager.io/inject-ca-from: {{ .Values.installation.namespace }}/{{ .Values.kruiseGame.fullname }}-cert
{{- end }}
{{- end }}
labels:
app.kubernetes.io/name: {{ .Values.kruiseGame.fullname }}
name: kruise-game-validating-webhook
webhooks:
- admissionReviewVersions:
- v1
- v1beta1
clientConfig:
service:
name: {{ .Values.kruiseGame.webhook.serviceName }}
namespace: {{ .Values.installation.namespace }}
path: /validate-v1alpha1-gss
failurePolicy: {{ .Values.kruiseGame.webhook.failurePolicy }}
matchPolicy: Equivalent
name: vgameserverset.kb.io
namespaceSelector: {}
objectSelector: {}
rules:
- apiGroups:
- game.kruise.io
apiVersions:
- v1alpha1
operations:
- CREATE
- UPDATE
resources:
- gameserversets
sideEffects: None
timeoutSeconds: 10
{{- end }}

93
versions/kruise-game/1.0.0-rc/values.yaml Normal file
View File

@ -0,0 +1,93 @@
# Default values for kruise-game.
# This is a YAML-formatted file.
# Declare variables to be passed into your templates.
# values for kruise-game installation
installation:
namespace: kruise-game-system
createNamespace: true
kruiseGame:
fullname: kruise-game-controller-manager
healthBindPort: "8082"
webhook:
serviceName: kruise-game-webhook-service
port: 443
targetPort: 9876
failurePolicy: Fail
apiServerQps: 5
apiServerQpsBurst: 10
gameserverWorkers: 10
gameserversetWorkers: 10
replicaCount: 1
image:
repository: openkruise/kruise-game-manager
tag: v1.0.0
pullPolicy: Always
# Overrides the image tag whose default is the chart appVersion.
serviceAccount:
# Annotations to add to the service account
annotations: {}
service:
port: 8443
resources:
limits:
cpu: 500m
memory: 1024Mi
requests:
cpu: 10m
memory: 64Mi
# We usually recommend not to specify default resources and to leave this as a conscious
# choice for the user. This also increases chances charts run on environments with little
# resources, such as Minikube. If you do want to specify resources, uncomment the following
# lines, adjust them as necessary, and remove the curly braces after 'resources:'.
# limits:
# cpu: 100m
# memory: 128Mi
# requests:
# cpu: 100m
# memory: 128Mi
prometheus:
enabled: false
monitorService:
port: 8080
scale:
service:
port: 6000
targetPort: 6000
network:
totalWaitTime: 60
probeIntervalTime: 5
cloudProvider:
installCRD: true
indexOffsetScheduler:
enabled: false
# Kubernetes cluster domain
clusterDomain: cluster.local
certificates:
autoGenerated: true
secretName: kruise-game-certs
mountPath: /tmp/webhook-certs/
certManager:
enabled: false
duration: 8760h0m0s # 1 year
renewBefore: 5840h0m0s # 8 months
generateCA: true
caSecretName: "kruise-game-ca"
# -- Reference to custom Issuer. If issuer.generate is false, then issuer.group, issuer.kind and issuer.name are required
issuer:
generate: true
name: kruise-ca
kind: ClusterIssuer
group: cert-manager.io