openkruise
/
charts
mirror of https://github.com/openkruise/charts.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

add next version for preparing next major version 

Signed-off-by: 守辰 <shouchen.zz@alibaba-inc.com>
This commit is contained in:
守辰 2025-05-23 13:53:11 +08:00
parent 7f740cf127
commit 308a43028c
61 changed files with 17311 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
CONTRIBUTING.md
View File

@ -16,6 +16,19 @@ Any breaking changes to a chart (backwards incompatible) require:
* Bump of the current Major version of the chart
* State possible manual changes for this chart version in the `Upgrading` section of the chart's `README.md.gotmpl` ([See Upgrade](#upgrades))
A pseudo version called `next` is used to prepare changes for the next major release, any fix and optimization of the chart can be made in the next version. Before creating the actual new major version, one should copy the content of `next` version and make changes accordingly. As an example, when preparing for the new major release of kruise 1.8.0, the operations is as follows:
```
cd <repo-root>/versions/kruise/
cp -r next 1.8.0
```
Before creating a new minor version, one should copy the latest version of corresponding major version. As an example. when preparing for the next minor release of kruise 1.7.x, and the latest version of 1.7.x is 1.7.3, then the operation is as follows:
```
cd <repo-root>/versions/kruise/
cp -r 1.7.3 1.7.4
```
### Immutability
Each release for each chart must be immutable. Any change to a chart (even just documentation) requires a version bump. Trying to release the same version twice will result in an error.
@ -88,4 +101,11 @@ The linting can be invoked manually with the following command:
## Publishing Changes
Before actually publish new releases, one should link the chart directory to the corresponding version directory. As an example, if one is about to release kruise 1.7.4, the operation is as follows:
```
cd <repo-root>/charts
ln -sf ../versions/kruise/1.7.4 kruise
```
Changes are automatically publish whenever a commit is merged to master. The CI job (see `./.github/workflows/publish.yml`).

23
versions/kruise-game/next/.helmignore Normal file
View File

@ -0,0 +1,23 @@
# Patterns to ignore when building packages.
# This supports shell glob matching, relative path matching, and
# negation (prefixed with !). Only one pattern per line.
.DS_Store
# Common VCS dirs
.git/
.gitignore
.bzr/
.bzrignore
.hg/
.hgignore
.svn/
# Common backup files
*.swp
*.bak
*.tmp
*.orig
*~
# Various IDEs
.project
.idea/
*.tmproj
.vscode/

11
versions/kruise-game/next/Chart.yaml Normal file
View File

@ -0,0 +1,11 @@
apiVersion: v1
name: kruise-game
description: Helm chart for kruise-game components
version: 0.9.0
appVersion: 0.9.0
kubeVersion: ">= 1.16.0-0"
sources:
- https://github.com/openkruise/kruise-game
annotations:
artifacthub.io/changes: |
- "[Changed]: https://github.com/openkruise/kruise-game/blob/master/CHANGELOG.md"

45
versions/kruise-game/next/README.md Normal file
View File

@ -0,0 +1,45 @@
# Kruise Game v0.9.0
## Configuration
The following table lists the configurable parameters of the kruise-game chart and their default values.
| Parameter | Description | Default |
|----------------------------------|-----------------------------------------------------------------------------|----------------------------------|
| `installation.namespace` | Namespace for kruise-game operation installation | `kruise-game-system` |
| `installation.createNamespace` | Whether to create the installation.namespace | `true` |
| `kruiseGame.fullname` | Nick name for kruise-game deployment and other configurations | `kruise-game-controller-manager` |
| `kruiseGame.healthBindPort` | Port for checking health of kruise-game container | `8082` |
| `kruiseGame.webhook.port` | Port of webhook served by kruise-game container | `443` |
| `kruiseGame.webhook.targetPort` | ObjectSelector for workloads in MutatingWebhookConfigurations | `9876` |
| `kruiseGame.apiServerQps` | Indicates the maximum QPS to the master from kruise-game-controller-manager | `5` |
| `kruiseGame.apiServerQpsBurst` | Maximum burst for throttle of kruise-game-controller-manager | `10` |
| `replicaCount` | Replicas of kruise-game deployment | `1` |
| `image.repository` | Repository for kruise-game image | `openkruise/kruise-game-manager` |
| `image.tag` | Tag for kruise-game image | `v0.9.0` |
| `image.pullPolicy` | ImagePullPolicy for kruise-game container | `Always` |
| `serviceAccount.annotations` | The annotations for serviceAccount of kruise-game | ` ` |
| `service.port` | Port of kruise-game service | `8443` |
| `resources.limits.cpu` | CPU resource limit of kruise-game container | `500m` |
| `resources.limits.memory` | Memory resource limit of kruise-game container | `1Gi` |
| `resources.requests.cpu` | CPU resource request of kruise-game container | `10m` |
| `resources.requests.memory` | Memory resource request of kruise-game container | `64Mi` |
| `prometheus.enabled` | Whether to bind metric endpoint | `true` |
| `prometheus.monitorService.port` | Port of the monitorservice bind to | `8080` |
| `scale.service.port` | Port of the external scaler server binds to | `6000` |
| `scale.service.targetPort` | TargetPort of the external scaler server binds to | `6000` |
| `network.totalWaitTime` | Maximum time to wait for network ready, the unit is seconds | `60` |
| `network.probeIntervalTime` | Time interval for detecting network status, the unit is seconds | `5` |
| `cloudProvider.installCRD` | Whether to install CloudProvider CRD | `true` |
Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. For example,
### Optional: the local image for China
If you are in China and have problem to pull image from official DockerHub, you can use the registry hosted on Alibaba Cloud:
```bash
$ helm install kruise-game https://... --set image.repository=registry.cn-hangzhou.aliyuncs.com/acs/kruise-game-manager
...
```

62
versions/kruise-game/next/templates/_helpers.tpl Normal file
View File

@ -0,0 +1,62 @@
{{/*
Expand the name of the chart.
*/}}
{{- define "kruise-game.name" -}}
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
{{- end }}
{{/*
Create a default fully qualified app name.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
If release name contains chart name it will be used as a full name.
*/}}
{{- define "kruise-game.fullname" -}}
{{- if .Values.fullnameOverride }}
{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
{{- else }}
{{- $name := default .Chart.Name .Values.nameOverride }}
{{- if contains $name .Release.Name }}
{{- .Release.Name | trunc 63 | trimSuffix "-" }}
{{- else }}
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
{{- end }}
{{- end }}
{{- end }}
{{/*
Create chart name and version as used by the chart label.
*/}}
{{- define "kruise-game.chart" -}}
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
{{- end }}
{{/*
Common labels
*/}}
{{- define "kruise-game.labels" -}}
helm.sh/chart: {{ include "kruise-game.chart" . }}
{{ include "kruise-game.selectorLabels" . }}
{{- if .Chart.AppVersion }}
app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
{{- end }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
{{- end }}
{{/*
Selector labels
*/}}
{{- define "kruise-game.selectorLabels" -}}
app.kubernetes.io/name: {{ include "kruise-game.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
{{- end }}
{{/*
Create the name of the service account to use
*/}}
{{- define "kruise-game.serviceAccountName" -}}
{{- if .Values.serviceAccount.create }}
{{- default (include "kruise-game.fullname" .) .Values.serviceAccount.name }}
{{- else }}
{{- default "default" .Values.serviceAccount.name }}
{{- end }}
{{- end }}

99
versions/kruise-game/next/templates/alibabacloud.com_poddnats.yaml Normal file
View File

@ -0,0 +1,99 @@
{{- if .Values.cloudProvider.installCRD }}
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.9.0
creationTimestamp: null
name: poddnats.alibabacloud.com
spec:
group: alibabacloud.com
names:
kind: PodDNAT
listKind: PodDNATList
plural: poddnats
singular: poddnat
scope: Namespaced
versions:
- name: v1beta1
schema:
openAPIV3Schema:
description: PodDNAT is the Schema for the poddnats API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: PodDNATSpec defines the desired state of PodDNAT
properties:
eni:
type: string
entryId:
type: string
externalIP:
type: string
externalPort:
type: string
internalIP:
type: string
internalPort:
type: string
portMapping:
items:
properties:
externalPort:
type: string
internalPort:
type: string
type: object
type: array
protocol:
type: string
tableId:
type: string
vswitch:
type: string
zoneID:
type: string
type: object
status:
description: PodDNATStatus defines the observed state of PodDNAT
properties:
created:
description: created create status
type: string
entries:
description: entries
items:
description: Entry record for forwardEntry
properties:
externalIP:
type: string
externalPort:
type: string
forwardEntryId:
type: string
internalIP:
type: string
internalPort:
type: string
ipProtocol:
type: string
type: object
type: array
type: object
type: object
served: true
storage: true
subresources:
status: {}
{{- end }}

57
versions/kruise-game/next/templates/controller_manager_config.yaml Normal file
View File

@ -0,0 +1,57 @@
apiVersion: v1
kind: ConfigMap
metadata:
name: kruise-game-manager-config
namespace: {{ .Values.installation.namespace }}
data:
config.toml: |
[kubernetes]
enable = true
[kubernetes.hostPort]
max_port = 9000
min_port = 8000
[alibabacloud]
enable = true
[alibabacloud.slb]
max_port = 700
min_port = 500
[alibabacloud.nlb]
max_port = 1500
min_port = 1000
[volcengine]
enable = true
[volcengine.clb]
max_port = 700
min_port = 500
[aws]
enable = false
[aws.nlb]
max_port = 30050
min_port = 30001
controller_manager_config.yaml: |
apiVersion: controller-runtime.sigs.k8s.io/v1alpha1
kind: ControllerManagerConfig
health:
healthProbeBindAddress: :8081
metrics:
bindAddress: 127.0.0.1:8080
webhook:
port: 9443
leaderElection:
leaderElect: true
resourceName: c637bb1e.my.domain
# leaderElectionReleaseOnCancel defines if the leader should step down volume
# when the Manager ends. This requires the binary to immediately end when the
# Manager is stopped, otherwise, this setting is unsafe. Setting this significantly
# speeds up voluntary leader transitions as the new leader don't have to wait
# LeaseDuration time first.
# In the default scaffold provided, the program ends immediately after
# the manager stops, so would be fine to enable this option. However,
# if you are doing or is intended to do any operation such as perform cleanups
# after the manager stops then its usage might be unsafe.
# leaderElectionReleaseOnCancel: true

928
versions/kruise-game/next/templates/game.kruise.io_gameservers.yaml Normal file
View File

@ -0,0 +1,928 @@
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.9.0
creationTimestamp: null
name: gameservers.game.kruise.io
spec:
group: game.kruise.io
names:
kind: GameServer
listKind: GameServerList
plural: gameservers
shortNames:
- gs
singular: gameserver
scope: Namespaced
versions:
- additionalPrinterColumns:
- description: The current state of GameServer
jsonPath: .status.currentState
name: STATE
type: string
- description: The operations state of GameServer
jsonPath: .spec.opsState
name: OPSSTATE
type: string
- description: The current deletionPriority of GameServer
jsonPath: .status.deletionPriority
name: DP
type: string
- description: The current updatePriority of GameServer
jsonPath: .status.updatePriority
name: UP
type: string
- description: The age of GameServer
jsonPath: .metadata.creationTimestamp
name: AGE
type: date
name: v1alpha1
schema:
openAPIV3Schema:
description: GameServer is the Schema for the gameservers API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: GameServerSpec defines the desired state of GameServer
properties:
containers:
description: Containers can be used to make the corresponding GameServer
container fields different from the fields defined by GameServerTemplate
in GameServerSetSpec.
items:
properties:
image:
description: Image indicates the image of the container to update.
When Image updated, pod.spec.containers[*].image will be updated
immediately.
type: string
name:
description: Name indicates the name of the container to update.
type: string
resources:
description: Resources indicates the resources of the container
to update. When Resources updated, pod.spec.containers[*].Resources
will be not updated immediately, which will be updated when
pod recreate.
properties:
limits:
additionalProperties:
anyOf:
- type: integer
- type: string
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
description: 'Limits describes the maximum amount of compute
resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
type: object
requests:
additionalProperties:
anyOf:
- type: integer
- type: string
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
description: 'Requests describes the minimum amount of compute
resources required. If Requests is omitted for a container,
it defaults to Limits if that is explicitly specified,
otherwise to an implementation-defined value. More info:
https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
type: object
type: object
required:
- name
type: object
type: array
deletionPriority:
anyOf:
- type: integer
- type: string
x-kubernetes-int-or-string: true
networkDisabled:
type: boolean
opsState:
type: string
updatePriority:
anyOf:
- type: integer
- type: string
x-kubernetes-int-or-string: true
type: object
status:
description: GameServerStatus defines the observed state of GameServer
properties:
conditions:
description: Conditions is an array of current observed GameServer
conditions.
items:
properties:
lastProbeTime:
description: Last time we probed the condition.
format: date-time
type: string
lastTransitionTime:
description: Last time the condition transitioned from one status
to another.
format: date-time
type: string
message:
description: Human-readable message indicating details about
last transition.
type: string
reason:
description: Unique, one-word, CamelCase reason for the condition's
last transition.
type: string
status:
description: Status is the status of the condition. Can be True,
False, Unknown.
type: string
type:
description: Type is the type of the condition.
type: string
required:
- status
- type
type: object
type: array
currentState:
type: string
deletionPriority:
anyOf:
- type: integer
- type: string
x-kubernetes-int-or-string: true
desiredState:
description: 'INSERT ADDITIONAL STATUS FIELD - define observed state
of cluster Important: Run "make" to regenerate code after modifying
this file'
type: string
lastTransitionTime:
format: date-time
type: string
networkStatus:
properties:
createTime:
format: date-time
type: string
currentNetworkState:
type: string
desiredNetworkState:
type: string
externalAddresses:
items:
properties:
endPoint:
type: string
ip:
type: string
portRange:
properties:
portRange:
type: string
protocol:
default: TCP
type: string
type: object
ports:
description: TODO add IPv6
items:
properties:
name:
type: string
port:
anyOf:
- type: integer
- type: string
x-kubernetes-int-or-string: true
protocol:
default: TCP
type: string
required:
- name
type: object
type: array
required:
- ip
type: object
type: array
internalAddresses:
items:
properties:
endPoint:
type: string
ip:
type: string
portRange:
properties:
portRange:
type: string
protocol:
default: TCP
type: string
type: object
ports:
description: TODO add IPv6
items:
properties:
name:
type: string
port:
anyOf:
- type: integer
- type: string
x-kubernetes-int-or-string: true
protocol:
default: TCP
type: string
required:
- name
type: object
type: array
required:
- ip
type: object
type: array
lastTransitionTime:
format: date-time
type: string
networkType:
type: string
type: object
podStatus:
description: PodStatus represents information about the status of
a pod. Status may trail the actual state of a system, especially
if the node that hosts the pod cannot contact the control plane.
properties:
conditions:
description: 'Current service state of pod. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-conditions'
items:
description: PodCondition contains details for the current condition
of this pod.
properties:
lastProbeTime:
description: Last time we probed the condition.
format: date-time
type: string
lastTransitionTime:
description: Last time the condition transitioned from one
status to another.
format: date-time
type: string
message:
description: Human-readable message indicating details about
last transition.
type: string
reason:
description: Unique, one-word, CamelCase reason for the
condition's last transition.
type: string
status:
description: 'Status is the status of the condition. Can
be True, False, Unknown. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-conditions'
type: string
type:
description: 'Type is the type of the condition. More info:
https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-conditions'
type: string
required:
- status
- type
type: object
type: array
containerStatuses:
description: 'The list has one entry per container in the manifest.
More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-and-container-status'
items:
description: ContainerStatus contains details for the current
status of this container.
properties:
containerID:
description: Container's ID in the format '<type>://<container_id>'.
type: string
image:
description: 'The image the container is running. More info:
https://kubernetes.io/docs/concepts/containers/images.'
type: string
imageID:
description: ImageID of the container's image.
type: string
lastState:
description: Details about the container's last termination
condition.
properties:
running:
description: Details about a running container
properties:
startedAt:
description: Time at which the container was last
(re-)started
format: date-time
type: string
type: object
terminated:
description: Details about a terminated container
properties:
containerID:
description: Container's ID in the format '<type>://<container_id>'
type: string
exitCode:
description: Exit status from the last termination
of the container
format: int32
type: integer
finishedAt:
description: Time at which the container last terminated
format: date-time
type: string
message:
description: Message regarding the last termination
of the container
type: string
reason:
description: (brief) reason from the last termination
of the container
type: string
signal:
description: Signal from the last termination of
the container
format: int32
type: integer
startedAt:
description: Time at which previous execution of
the container started
format: date-time
type: string
required:
- exitCode
type: object
waiting:
description: Details about a waiting container
properties:
message:
description: Message regarding why the container
is not yet running.
type: string
reason:
description: (brief) reason the container is not
yet running.
type: string
type: object
type: object
name:
description: This must be a DNS_LABEL. Each container in
a pod must have a unique name. Cannot be updated.
type: string
ready:
description: Specifies whether the container has passed
its readiness probe.
type: boolean
restartCount:
description: The number of times the container has been
restarted.
format: int32
type: integer
started:
description: Specifies whether the container has passed
its startup probe. Initialized as false, becomes true
after startupProbe is considered successful. Resets to
false when the container is restarted, or if kubelet loses
state temporarily. Is always true when no startupProbe
is defined.
type: boolean
state:
description: Details about the container's current condition.
properties:
running:
description: Details about a running container
properties:
startedAt:
description: Time at which the container was last
(re-)started
format: date-time
type: string
type: object
terminated:
description: Details about a terminated container
properties:
containerID:
description: Container's ID in the format '<type>://<container_id>'
type: string
exitCode:
description: Exit status from the last termination
of the container
format: int32
type: integer
finishedAt:
description: Time at which the container last terminated
format: date-time
type: string
message:
description: Message regarding the last termination
of the container
type: string
reason:
description: (brief) reason from the last termination
of the container
type: string
signal:
description: Signal from the last termination of
the container
format: int32
type: integer
startedAt:
description: Time at which previous execution of
the container started
format: date-time
type: string
required:
- exitCode
type: object
waiting:
description: Details about a waiting container
properties:
message:
description: Message regarding why the container
is not yet running.
type: string
reason:
description: (brief) reason the container is not
yet running.
type: string
type: object
type: object
required:
- image
- imageID
- name
- ready
- restartCount
type: object
type: array
ephemeralContainerStatuses:
description: Status for any ephemeral containers that have run
in this pod. This field is beta-level and available on clusters
that haven't disabled the EphemeralContainers feature gate.
items:
description: ContainerStatus contains details for the current
status of this container.
properties:
containerID:
description: Container's ID in the format '<type>://<container_id>'.
type: string
image:
description: 'The image the container is running. More info:
https://kubernetes.io/docs/concepts/containers/images.'
type: string
imageID:
description: ImageID of the container's image.
type: string
lastState:
description: Details about the container's last termination
condition.
properties:
running:
description: Details about a running container
properties:
startedAt:
description: Time at which the container was last
(re-)started
format: date-time
type: string
type: object
terminated:
description: Details about a terminated container
properties:
containerID:
description: Container's ID in the format '<type>://<container_id>'
type: string
exitCode:
description: Exit status from the last termination
of the container
format: int32
type: integer
finishedAt:
description: Time at which the container last terminated
format: date-time
type: string
message:
description: Message regarding the last termination
of the container
type: string
reason:
description: (brief) reason from the last termination
of the container
type: string
signal:
description: Signal from the last termination of
the container
format: int32
type: integer
startedAt:
description: Time at which previous execution of
the container started
format: date-time
type: string
required:
- exitCode
type: object
waiting:
description: Details about a waiting container
properties:
message:
description: Message regarding why the container
is not yet running.
type: string
reason:
description: (brief) reason the container is not
yet running.
type: string
type: object
type: object
name:
description: This must be a DNS_LABEL. Each container in
a pod must have a unique name. Cannot be updated.
type: string
ready:
description: Specifies whether the container has passed
its readiness probe.
type: boolean
restartCount:
description: The number of times the container has been
restarted.
format: int32
type: integer
started:
description: Specifies whether the container has passed
its startup probe. Initialized as false, becomes true
after startupProbe is considered successful. Resets to
false when the container is restarted, or if kubelet loses
state temporarily. Is always true when no startupProbe
is defined.
type: boolean
state:
description: Details about the container's current condition.
properties:
running:
description: Details about a running container
properties:
startedAt:
description: Time at which the container was last
(re-)started
format: date-time
type: string
type: object
terminated:
description: Details about a terminated container
properties:
containerID:
description: Container's ID in the format '<type>://<container_id>'
type: string
exitCode:
description: Exit status from the last termination
of the container
format: int32
type: integer
finishedAt:
description: Time at which the container last terminated
format: date-time
type: string
message:
description: Message regarding the last termination
of the container
type: string
reason:
description: (brief) reason from the last termination
of the container
type: string
signal:
description: Signal from the last termination of
the container
format: int32
type: integer
startedAt:
description: Time at which previous execution of
the container started
format: date-time
type: string
required:
- exitCode
type: object
waiting:
description: Details about a waiting container
properties:
message:
description: Message regarding why the container
is not yet running.
type: string
reason:
description: (brief) reason the container is not
yet running.
type: string
type: object
type: object
required:
- image
- imageID
- name
- ready
- restartCount
type: object
type: array
hostIP:
description: IP address of the host to which the pod is assigned.
Empty if not yet scheduled.
type: string
initContainerStatuses:
description: 'The list has one entry per init container in the
manifest. The most recent successful init container will have
ready = true, the most recently started container will have
startTime set. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-and-container-status'
items:
description: ContainerStatus contains details for the current
status of this container.
properties:
containerID:
description: Container's ID in the format '<type>://<container_id>'.
type: string
image:
description: 'The image the container is running. More info:
https://kubernetes.io/docs/concepts/containers/images.'
type: string
imageID:
description: ImageID of the container's image.
type: string
lastState:
description: Details about the container's last termination
condition.
properties:
running:
description: Details about a running container
properties:
startedAt:
description: Time at which the container was last
(re-)started
format: date-time
type: string
type: object
terminated:
description: Details about a terminated container
properties:
containerID:
description: Container's ID in the format '<type>://<container_id>'
type: string
exitCode:
description: Exit status from the last termination
of the container
format: int32
type: integer
finishedAt:
description: Time at which the container last terminated
format: date-time
type: string
message:
description: Message regarding the last termination
of the container
type: string
reason:
description: (brief) reason from the last termination
of the container
type: string
signal:
description: Signal from the last termination of
the container
format: int32
type: integer
startedAt:
description: Time at which previous execution of
the container started
format: date-time
type: string
required:
- exitCode
type: object
waiting:
description: Details about a waiting container
properties:
message:
description: Message regarding why the container
is not yet running.
type: string
reason:
description: (brief) reason the container is not
yet running.
type: string
type: object
type: object
name:
description: This must be a DNS_LABEL. Each container in
a pod must have a unique name. Cannot be updated.
type: string
ready:
description: Specifies whether the container has passed
its readiness probe.
type: boolean
restartCount:
description: The number of times the container has been
restarted.
format: int32
type: integer
started:
description: Specifies whether the container has passed
its startup probe. Initialized as false, becomes true
after startupProbe is considered successful. Resets to
false when the container is restarted, or if kubelet loses
state temporarily. Is always true when no startupProbe
is defined.
type: boolean
state:
description: Details about the container's current condition.
properties:
running:
description: Details about a running container
properties:
startedAt:
description: Time at which the container was last
(re-)started
format: date-time
type: string
type: object
terminated:
description: Details about a terminated container
properties:
containerID:
description: Container's ID in the format '<type>://<container_id>'
type: string
exitCode:
description: Exit status from the last termination
of the container
format: int32
type: integer
finishedAt:
description: Time at which the container last terminated
format: date-time
type: string
message:
description: Message regarding the last termination
of the container
type: string
reason:
description: (brief) reason from the last termination
of the container
type: string
signal:
description: Signal from the last termination of
the container
format: int32
type: integer
startedAt:
description: Time at which previous execution of
the container started
format: date-time
type: string
required:
- exitCode
type: object
waiting:
description: Details about a waiting container
properties:
message:
description: Message regarding why the container
is not yet running.
type: string
reason:
description: (brief) reason the container is not
yet running.
type: string
type: object
type: object
required:
- image
- imageID
- name
- ready
- restartCount
type: object
type: array
message:
description: A human readable message indicating details about
why the pod is in this condition.
type: string
nominatedNodeName:
description: nominatedNodeName is set only when this pod preempts
other pods on the node, but it cannot be scheduled right away
as preemption victims receive their graceful termination periods.
This field does not guarantee that the pod will be scheduled
on this node. Scheduler may decide to place the pod elsewhere
if other nodes become available sooner. Scheduler may also decide
to give the resources on this node to a higher priority pod
that is created after preemption. As a result, this field may
be different than PodSpec.nodeName when the pod is scheduled.
type: string
phase:
description: "The phase of a Pod is a simple, high-level summary
of where the Pod is in its lifecycle. The conditions array,
the reason and message fields, and the individual container
status arrays contain more detail about the pod's status. There
are five possible phase values: \n Pending: The pod has been
accepted by the Kubernetes system, but one or more of the container
images has not been created. This includes time before being
scheduled as well as time spent downloading images over the
network, which could take a while. Running: The pod has been
bound to a node, and all of the containers have been created.
At least one container is still running, or is in the process
of starting or restarting. Succeeded: All containers in the
pod have terminated in success, and will not be restarted. Failed:
All containers in the pod have terminated, and at least one
container has terminated in failure. The container either exited
with non-zero status or was terminated by the system. Unknown:
For some reason the state of the pod could not be obtained,
typically due to an error in communicating with the host of
the pod. \n More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-phase"
type: string
podIP:
description: IP address allocated to the pod. Routable at least
within the cluster. Empty if not yet allocated.
type: string
podIPs:
description: podIPs holds the IP addresses allocated to the pod.
If this field is specified, the 0th entry must match the podIP
field. Pods may be allocated at most 1 value for each of IPv4
and IPv6. This list is empty if no IPs have been allocated yet.
items:
description: 'IP address information for entries in the (plural)
PodIPs field. Each entry includes: IP: An IP address allocated
to the pod. Routable at least within the cluster.'
properties:
ip:
description: ip is an IP address (IPv4 or IPv6) assigned
to the pod
type: string
type: object
type: array
qosClass:
description: 'The Quality of Service (QOS) classification assigned
to the pod based on resource requirements See PodQOSClass type
for available QOS classes More info: https://git.k8s.io/community/contributors/design-proposals/node/resource-qos.md'
type: string
reason:
description: A brief CamelCase message indicating details about
why the pod is in this state. e.g. 'Evicted'
type: string
startTime:
description: RFC 3339 date and time at which the object was acknowledged
by the Kubelet. This is before the Kubelet pulled the container
image(s) for the pod.
format: date-time
type: string
type: object
serviceQualitiesConditions:
items:
properties:
lastActionTransitionTime:
format: date-time
type: string
lastProbeTime:
format: date-time
type: string
lastTransitionTime:
format: date-time
type: string
name:
type: string
result:
description: Result indicate the probe message returned by the
script
type: string
status:
type: string
required:
- name
type: object
type: array
updatePriority:
anyOf:
- type: integer
- type: string
description: Lifecycle defines the lifecycle hooks for Pods pre-delete,
in-place update.
x-kubernetes-int-or-string: true
type: object
type: object
served: true
storage: true
subresources:
status: {}

838
versions/kruise-game/next/templates/game.kruise.io_gameserversets.yaml Normal file
View File

@ -0,0 +1,838 @@
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.9.0
creationTimestamp: null
name: gameserversets.game.kruise.io
spec:
group: game.kruise.io
names:
kind: GameServerSet
listKind: GameServerSetList
plural: gameserversets
shortNames:
- gss
singular: gameserverset
scope: Namespaced
versions:
- additionalPrinterColumns:
- description: The desired number of GameServers.
jsonPath: .spec.replicas
name: DESIRED
type: integer
- description: The number of currently all GameServers.
jsonPath: .status.replicas
name: CURRENT
type: integer
- description: The number of GameServers updated.
jsonPath: .status.updatedReplicas
name: UPDATED
type: integer
- description: The number of GameServers ready.
jsonPath: .status.readyReplicas
name: READY
type: integer
- description: The number of GameServers Maintaining.
jsonPath: .status.maintainingReplicas
name: Maintaining
type: integer
- description: The number of GameServers WaitToBeDeleted.
jsonPath: .status.waitToBeDeletedReplicas
name: WaitToBeDeleted
type: integer
- description: The age of GameServerSet.
jsonPath: .metadata.creationTimestamp
name: AGE
type: date
name: v1alpha1
schema:
openAPIV3Schema:
description: GameServerSet is the Schema for the gameserversets API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: GameServerSetSpec defines the desired state of GameServerSet
properties:
gameServerTemplate:
description: 'INSERT ADDITIONAL SPEC FIELDS - desired state of cluster
Important: Run "make" to regenerate code after modifying this file'
properties:
reclaimPolicy:
description: ReclaimPolicy indicates the reclaim policy for GameServer.
Default is Cascade.
type: string
volumeClaimTemplates:
items:
description: PersistentVolumeClaim is a user's request for and
claim to a persistent volume
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of
this representation of an object. Servers should convert
recognized schemas to the latest internal value, and may
reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST
resource this object represents. Servers may infer this
from the endpoint the client submits requests to. Cannot
be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
description: 'Standard object''s metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata'
properties:
annotations:
additionalProperties:
type: string
type: object
finalizers:
items:
type: string
type: array
labels:
additionalProperties:
type: string
type: object
name:
type: string
namespace:
type: string
type: object
spec:
description: 'spec defines the desired characteristics of
a volume requested by a pod author. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
properties:
accessModes:
description: 'accessModes contains the desired access
modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1'
items:
type: string
type: array
dataSource:
description: 'dataSource field can be used to specify
either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot)
* An existing PVC (PersistentVolumeClaim) If the provisioner
or an external controller can support the specified
data source, it will create a new volume based on
the contents of the specified data source. If the
AnyVolumeDataSource feature gate is enabled, this
field will always have the same contents as the DataSourceRef
field.'
properties:
apiGroup:
description: APIGroup is the group for the resource
being referenced. If APIGroup is not specified,
the specified Kind must be in the core API group.
For any other third-party types, APIGroup is required.
type: string
kind:
description: Kind is the type of resource being
referenced
type: string
name:
description: Name is the name of resource being
referenced
type: string
required:
- kind
- name
type: object
dataSourceRef:
description: 'dataSourceRef specifies the object from
which to populate the volume with data, if a non-empty
volume is desired. This may be any local object from
a non-empty API group (non core object) or a PersistentVolumeClaim
object. When this field is specified, volume binding
will only succeed if the type of the specified object
matches some installed volume populator or dynamic
provisioner. This field will replace the functionality
of the DataSource field and as such if both fields
are non-empty, they must have the same value. For
backwards compatibility, both fields (DataSource and
DataSourceRef) will be set to the same value automatically
if one of them is empty and the other is non-empty.
There are two important differences between DataSource
and DataSourceRef: * While DataSource only allows
two specific types of objects, DataSourceRef allows
any non-core object, as well as PersistentVolumeClaim
objects. * While DataSource ignores disallowed values
(dropping them), DataSourceRef preserves all values,
and generates an error if a disallowed value is specified.
(Beta) Using this field requires the AnyVolumeDataSource
feature gate to be enabled.'
properties:
apiGroup:
description: APIGroup is the group for the resource
being referenced. If APIGroup is not specified,
the specified Kind must be in the core API group.
For any other third-party types, APIGroup is required.
type: string
kind:
description: Kind is the type of resource being
referenced
type: string
name:
description: Name is the name of resource being
referenced
type: string
required:
- kind
- name
type: object
resources:
description: 'resources represents the minimum resources
the volume should have. If RecoverVolumeExpansionFailure
feature is enabled users are allowed to specify resource
requirements that are lower than previous value but
must still be higher than capacity recorded in the
status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources'
properties:
limits:
additionalProperties:
anyOf:
- type: integer
- type: string
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
description: 'Limits describes the maximum amount
of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
type: object
requests:
additionalProperties:
anyOf:
- type: integer
- type: string
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
description: 'Requests describes the minimum amount
of compute resources required. If Requests is
omitted for a container, it defaults to Limits
if that is explicitly specified, otherwise to
an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
type: object
type: object
selector:
description: selector is a label query over volumes
to consider for binding.
properties:
matchExpressions:
description: matchExpressions is a list of label
selector requirements. The requirements are ANDed.
items:
description: A label selector requirement is a
selector that contains values, a key, and an
operator that relates the key and values.
properties:
key:
description: key is the label key that the
selector applies to.
type: string
operator:
description: operator represents a key's relationship
to a set of values. Valid operators are
In, NotIn, Exists and DoesNotExist.
type: string
values:
description: values is an array of string
values. If the operator is In or NotIn,
the values array must be non-empty. If the
operator is Exists or DoesNotExist, the
values array must be empty. This array is
replaced during a strategic merge patch.
items:
type: string
type: array
required:
- key
- operator
type: object
type: array
matchLabels:
additionalProperties:
type: string
description: matchLabels is a map of {key,value}
pairs. A single {key,value} in the matchLabels
map is equivalent to an element of matchExpressions,
whose key field is "key", the operator is "In",
and the values array contains only "value". The
requirements are ANDed.
type: object
type: object
storageClassName:
description: 'storageClassName is the name of the StorageClass
required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1'
type: string
volumeMode:
description: volumeMode defines what type of volume
is required by the claim. Value of Filesystem is implied
when not included in claim spec.
type: string
volumeName:
description: volumeName is the binding reference to
the PersistentVolume backing this claim.
type: string
type: object
status:
description: 'status represents the current information/status
of a persistent volume claim. Read-only. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims'
properties:
accessModes:
description: 'accessModes contains the actual access
modes the volume backing the PVC has. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1'
items:
type: string
type: array
allocatedResources:
additionalProperties:
anyOf:
- type: integer
- type: string
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
description: allocatedResources is the storage resource
within AllocatedResources tracks the capacity allocated
to a PVC. It may be larger than the actual capacity
when a volume expansion operation is requested. For
storage quota, the larger value from allocatedResources
and PVC.spec.resources is used. If allocatedResources
is not set, PVC.spec.resources alone is used for quota
calculation. If a volume expansion capacity request
is lowered, allocatedResources is only lowered if
there are no expansion operations in progress and
if the actual volume capacity is equal or lower than
the requested capacity. This is an alpha field and
requires enabling RecoverVolumeExpansionFailure feature.
type: object
capacity:
additionalProperties:
anyOf:
- type: integer
- type: string
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
description: capacity represents the actual resources
of the underlying volume.
type: object
conditions:
description: conditions is the current Condition of
persistent volume claim. If underlying persistent
volume is being resized then the Condition will be
set to 'ResizeStarted'.
items:
description: PersistentVolumeClaimCondition contails
details about state of pvc
properties:
lastProbeTime:
description: lastProbeTime is the time we probed
the condition.
format: date-time
type: string
lastTransitionTime:
description: lastTransitionTime is the time the
condition transitioned from one status to another.
format: date-time
type: string
message:
description: message is the human-readable message
indicating details about last transition.
type: string
reason:
description: reason is a unique, this should be
a short, machine understandable string that
gives the reason for condition's last transition.
If it reports "ResizeStarted" that means the
underlying persistent volume is being resized.
type: string
status:
type: string
type:
description: PersistentVolumeClaimConditionType
is a valid value of PersistentVolumeClaimCondition.Type
type: string
required:
- status
- type
type: object
type: array
phase:
description: phase represents the current phase of PersistentVolumeClaim.
type: string
resizeStatus:
description: resizeStatus stores status of resize operation.
ResizeStatus is not set by default but when expansion
is complete resizeStatus is set to empty string by
resize controller or kubelet. This is an alpha field
and requires enabling RecoverVolumeExpansionFailure
feature.
type: string
type: object
type: object
type: array
type: object
x-kubernetes-preserve-unknown-fields: true
lifecycle:
description: Lifecycle contains the hooks for Pod lifecycle.
properties:
inPlaceUpdate:
description: InPlaceUpdate is the hook before Pod to update and
after Pod has been updated.
properties:
finalizersHandler:
items:
type: string
type: array
labelsHandler:
additionalProperties:
type: string
type: object
markPodNotReady:
description: 'MarkPodNotReady = true means: - Pod will be
set to ''NotReady'' at preparingDelete/preparingUpdate state.
- Pod will be restored to ''Ready'' at Updated state if
it was set to ''NotReady'' at preparingUpdate state. Default
to false.'
type: boolean
type: object
preDelete:
description: PreDelete is the hook before Pod to be deleted.
properties:
finalizersHandler:
items:
type: string
type: array
labelsHandler:
additionalProperties:
type: string
type: object
markPodNotReady:
description: 'MarkPodNotReady = true means: - Pod will be
set to ''NotReady'' at preparingDelete/preparingUpdate state.
- Pod will be restored to ''Ready'' at Updated state if
it was set to ''NotReady'' at preparingUpdate state. Default
to false.'
type: boolean
type: object
type: object
network:
properties:
networkConf:
items:
properties:
name:
type: string
value:
type: string
type: object
type: array
networkType:
type: string
type: object
replicas:
description: replicas is the desired number of replicas of the given
Template. These are replicas in the sense that they are instantiations
of the same Template, but individual replicas also have a consistent
identity.
format: int32
minimum: 0
type: integer
reserveGameServerIds:
items:
type: integer
type: array
scaleStrategy:
properties:
maxUnavailable:
anyOf:
- type: integer
- type: string
description: 'The maximum number of pods that can be unavailable
during scaling. Value can be an absolute number (ex: 5) or a
percentage of desired pods (ex: 10%). Absolute number is calculated
from percentage by rounding down. It can just be allowed to
work with Parallel podManagementPolicy.'
x-kubernetes-int-or-string: true
scaleDownStrategyType:
description: ScaleDownStrategyType indicates the scaling down
strategy. Default is GeneralScaleDownStrategyType
type: string
type: object
serviceName:
type: string
serviceQualities:
items:
properties:
containerName:
type: string
exec:
description: Exec specifies the action to take.
properties:
command:
description: Command is the command line to execute inside
the container, the working directory for the command is
root ('/') in the container's filesystem. The command
is simply exec'd, it is not run inside a shell, so traditional
shell instructions ('|', etc) won't work. To use a shell,
you need to explicitly call out to that shell. Exit status
of 0 is treated as live/healthy and non-zero is unhealthy.
items:
type: string
type: array
type: object
failureThreshold:
description: Minimum consecutive failures for the probe to be
considered failed after having succeeded. Defaults to 3. Minimum
value is 1.
format: int32
type: integer
grpc:
description: GRPC specifies an action involving a GRPC port.
This is a beta field and requires enabling GRPCContainerProbe
feature gate.
properties:
port:
description: Port number of the gRPC service. Number must
be in the range 1 to 65535.
format: int32
type: integer
service:
description: "Service is the name of the service to place
in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).
\n If this is not specified, the default behavior is defined
by gRPC."
type: string
required:
- port
type: object
httpGet:
description: HTTPGet specifies the http request to perform.
properties:
host:
description: Host name to connect to, defaults to the pod
IP. You probably want to set "Host" in httpHeaders instead.
type: string
httpHeaders:
description: Custom headers to set in the request. HTTP
allows repeated headers.
items:
description: HTTPHeader describes a custom header to be
used in HTTP probes
properties:
name:
description: The header field name
type: string
value:
description: The header field value
type: string
required:
- name
- value
type: object
type: array
path:
description: Path to access on the HTTP server.
type: string
port:
anyOf:
- type: integer
- type: string
description: Name or number of the port to access on the
container. Number must be in the range 1 to 65535. Name
must be an IANA_SVC_NAME.
x-kubernetes-int-or-string: true
scheme:
description: Scheme to use for connecting to the host. Defaults
to HTTP.
type: string
required:
- port
type: object
initialDelaySeconds:
description: 'Number of seconds after the container has started
before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
format: int32
type: integer
name:
type: string
periodSeconds:
description: How often (in seconds) to perform the probe. Default
to 10 seconds. Minimum value is 1.
format: int32
type: integer
permanent:
description: Whether to make GameServerSpec not change after
the ServiceQualityAction is executed. When Permanent is true,
regardless of the detection results, ServiceQualityAction
will only be executed once. When Permanent is false, ServiceQualityAction
can be executed again even though ServiceQualityAction has
been executed.
type: boolean
serviceQualityAction:
items:
properties:
annotations:
additionalProperties:
type: string
type: object
containers:
description: Containers can be used to make the corresponding
GameServer container fields different from the fields
defined by GameServerTemplate in GameServerSetSpec.
items:
properties:
image:
description: Image indicates the image of the container
to update. When Image updated, pod.spec.containers[*].image
will be updated immediately.
type: string
name:
description: Name indicates the name of the container
to update.
type: string
resources:
description: Resources indicates the resources of
the container to update. When Resources updated,
pod.spec.containers[*].Resources will be not updated
immediately, which will be updated when pod recreate.
properties:
limits:
additionalProperties:
anyOf:
- type: integer
- type: string
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
description: 'Limits describes the maximum amount
of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
type: object
requests:
additionalProperties:
anyOf:
- type: integer
- type: string
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
x-kubernetes-int-or-string: true
description: 'Requests describes the minimum
amount of compute resources required. If Requests
is omitted for a container, it defaults to
Limits if that is explicitly specified, otherwise
to an implementation-defined value. More info:
https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
type: object
type: object
required:
- name
type: object
type: array
deletionPriority:
anyOf:
- type: integer
- type: string
x-kubernetes-int-or-string: true
labels:
additionalProperties:
type: string
type: object
networkDisabled:
type: boolean
opsState:
type: string
result:
description: Result indicate the probe message returned
by the script. When Result is defined, it would exec
action only when the according Result is actually returns.
type: string
state:
type: boolean
updatePriority:
anyOf:
- type: integer
- type: string
x-kubernetes-int-or-string: true
required:
- state
type: object
type: array
successThreshold:
description: Minimum consecutive successes for the probe to
be considered successful after having failed. Defaults to
1. Must be 1 for liveness and startup. Minimum value is 1.
format: int32
type: integer
tcpSocket:
description: TCPSocket specifies an action involving a TCP port.
properties:
host:
description: 'Optional: Host name to connect to, defaults
to the pod IP.'
type: string
port:
anyOf:
- type: integer
- type: string
description: Number or name of the port to access on the
container. Number must be in the range 1 to 65535. Name
must be an IANA_SVC_NAME.
x-kubernetes-int-or-string: true
required:
- port
type: object
terminationGracePeriodSeconds:
description: Optional duration in seconds the pod needs to terminate
gracefully upon probe failure. The grace period is the duration
in seconds after the processes running in the pod are sent
a termination signal and the time when the processes are forcibly
halted with a kill signal. Set this value longer than the
expected cleanup time for your process. If this value is nil,
the pod's terminationGracePeriodSeconds will be used. Otherwise,
this value overrides the value provided by the pod spec. Value
must be non-negative integer. The value zero indicates stop
immediately via the kill signal (no opportunity to shut down).
This is a beta field and requires enabling ProbeTerminationGracePeriod
feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds
is used if unset.
format: int64
type: integer
timeoutSeconds:
description: 'Number of seconds after which the probe times
out. Defaults to 1 second. Minimum value is 1. More info:
https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes'
format: int32
type: integer
required:
- name
- permanent
type: object
type: array
updateStrategy:
properties:
rollingUpdate:
description: RollingUpdate is used to communicate parameters when
Type is RollingUpdateStatefulSetStrategyType.
properties:
inPlaceUpdateStrategy:
description: UnorderedUpdate contains strategies for non-ordered
update. If it is not nil, pods will be updated with non-ordered
sequence. Noted that UnorderedUpdate can only be allowed
to work with Parallel podManagementPolicy UnorderedUpdate
*kruiseV1beta1.UnorderedUpdateStrategy `json:"unorderedUpdate,omitempty"`
InPlaceUpdateStrategy contains strategies for in-place update.
properties:
gracePeriodSeconds:
description: GracePeriodSeconds is the timespan between
set Pod status to not-ready and update images in Pod
spec when in-place update a Pod.
format: int32
type: integer
type: object
maxUnavailable:
anyOf:
- type: integer
- type: string
description: 'The maximum number of pods that can be unavailable
during the update. Value can be an absolute number (ex:
5) or a percentage of desired pods (ex: 10%). Absolute number
is calculated from percentage by rounding down. Also, maxUnavailable
can just be allowed to work with Parallel podManagementPolicy.
Defaults to 1.'
x-kubernetes-int-or-string: true
minReadySeconds:
description: MinReadySeconds indicates how long will the pod
be considered ready after it's updated. MinReadySeconds
works with both OrderedReady and Parallel podManagementPolicy.
It affects the pod scale up speed when the podManagementPolicy
is set to be OrderedReady. Combined with MaxUnavailable,
it affects the pod update speed regardless of podManagementPolicy.
Default value is 0, max is 300.
format: int32
type: integer
partition:
description: 'Partition indicates the ordinal at which the
StatefulSet should be partitioned by default. But if unorderedUpdate
has been set: - Partition indicates the number of pods with
non-updated revisions when rolling update. - It means controller
will update $(replicas - partition) number of pod. Default
value is 0.'
format: int32
type: integer
paused:
description: Paused indicates that the StatefulSet is paused.
Default value is false
type: boolean
podUpdatePolicy:
description: PodUpdatePolicy indicates how pods should be
updated Default value is "ReCreate"
type: string
type: object
type:
description: Type indicates the type of the StatefulSetUpdateStrategy.
Default is RollingUpdate.
type: string
type: object
required:
- replicas
type: object
status:
description: GameServerSetStatus defines the observed state of GameServerSet
properties:
availableReplicas:
format: int32
type: integer
currentReplicas:
format: int32
type: integer
labelSelector:
description: LabelSelector is label selectors for query over pods
that should match the replica count used by HPA.
type: string
maintainingReplicas:
format: int32
type: integer
observedGeneration:
description: The generation observed by the controller.
format: int64
type: integer
readyReplicas:
format: int32
type: integer
replicas:
description: replicas from advancedStatefulSet
format: int32
type: integer
updatedReadyReplicas:
format: int32
type: integer
updatedReplicas:
format: int32
type: integer
waitToBeDeletedReplicas:
format: int32
type: integer
required:
- availableReplicas
- currentReplicas
- readyReplicas
- replicas
- updatedReplicas
type: object
type: object
served: true
storage: true
subresources:
scale:
labelSelectorPath: .status.labelSelector
specReplicasPath: .spec.replicas
statusReplicasPath: .status.replicas
status: {}

121
versions/kruise-game/next/templates/manager.yaml Normal file
View File

@ -0,0 +1,121 @@
{{- if .Values.installation.createNamespace }}
apiVersion: v1
kind: Namespace
metadata:
labels:
control-plane: {{ .Values.kruiseGame.fullname }}
name: {{ .Values.installation.namespace }}
{{- end }}
---
apiVersion: v1
kind: Service
metadata:
name: kruise-game-controller-manager-metrics-service
namespace: {{ .Values.installation.namespace }}
labels:
control-plane: {{ .Values.kruiseGame.fullname }}
spec:
ports:
- name: https
port: {{ .Values.service.port }}
protocol: TCP
targetPort: https
selector:
control-plane: {{ .Values.kruiseGame.fullname }}
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ .Values.kruiseGame.fullname }}
namespace: {{ .Values.installation.namespace }}
labels:
control-plane: {{ .Values.kruiseGame.fullname }}
spec:
selector:
matchLabels:
control-plane: {{ .Values.kruiseGame.fullname }}
replicas: {{ .Values.replicaCount }}
template:
metadata:
annotations:
kubectl.kubernetes.io/default-container: manager
labels:
control-plane: {{ .Values.kruiseGame.fullname }}
spec:
# securityContext:
# runAsNonRoot: true
# TODO(user): For common cases that do not require escalating privileges
# it is recommended to ensure that all your Pods/Containers are restrictive.
# More info: https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted
# Please uncomment the following code if your project does NOT have to work on old Kubernetes
# versions < 1.19 or on vendors versions which do NOT support this field by default (i.e. Openshift < 4.11 ).
# seccompProfile:
# type: RuntimeDefault
containers:
- command:
- /manager
args:
- --leader-elect=false
- --provider-config=/etc/kruise-game/config.toml
- --api-server-qps={{ .Values.kruiseGame.apiServerQps }}
- --api-server-qps-burst={{ .Values.kruiseGame.apiServerQpsBurst }}
- --scale-server-bind-address=:{{ .Values.scale.service.targetPort }}
{{- if .Values.prometheus.enabled }}
- --metrics-bind-address=:{{ .Values.prometheus.monitorService.port }}
{{- end }}
image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
imagePullPolicy: {{ .Values.image.pullPolicy }}
name: manager
env:
- name: "NETWORK_TOTAL_WAIT_TIME"
value: {{ .Values.network.totalWaitTime | quote }}
- name: "NETWORK_PROBE_INTERVAL_TIME"
value: {{ .Values.network.probeIntervalTime | quote }}
ports:
- name: https
containerPort: {{ .Values.prometheus.monitorService.port }}
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- "ALL"
livenessProbe:
httpGet:
path: /healthz
port: {{ .Values.kruiseGame.healthBindPort }}
initialDelaySeconds: 5
periodSeconds: 5
readinessProbe:
httpGet:
path: /readyz
port: {{ .Values.kruiseGame.healthBindPort }}
initialDelaySeconds: 5
periodSeconds: 5
# TODO(user): Configure the resources accordingly based on the project requirements.
# More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
resources:
{{- toYaml .Values.resources | nindent 12 }}
volumeMounts:
- mountPath: /etc/kruise-game
name: provider-config
topologySpreadConstraints:
- labelSelector:
matchLabels:
control-plane: {{ .Values.kruiseGame.fullname }}
{{- if and ( eq (int .Capabilities.KubeVersion.Major) 1) ( gt (int .Capabilities.KubeVersion.Minor) 26 ) }}
matchLabelKeys:
- pod-template-hash
{{- end }}
maxSkew: 1
topologyKey: topology.kubernetes.io/zone
whenUnsatisfiable: ScheduleAnyway
serviceAccountName: {{ .Values.kruiseGame.fullname }}
terminationGracePeriodSeconds: 10
volumes:
- configMap:
defaultMode: 420
items:
- key: config.toml
path: config.toml
name: kruise-game-manager-config
name: provider-config

17
versions/kruise-game/next/templates/prometheus-monitor.yaml Normal file
View File

@ -0,0 +1,17 @@
{{- if .Values.prometheus.enabled }}
# Prometheus Monitor Service (Metrics)
apiVersion: monitoring.coreos.com/v1
kind: ServiceMonitor
metadata:
labels:
control-plane: {{ .Values.kruiseGame.fullname }}
name: kruise-game-controller-manager-metrics-monitor
namespace: {{ .Values.installation.namespace }}
spec:
endpoints:
- path: /metrics
port: https
selector:
matchLabels:
control-plane: {{ .Values.kruiseGame.fullname }}
{{- end }}

404
versions/kruise-game/next/templates/rbac_role.yaml Normal file
View File

@ -0,0 +1,404 @@
apiVersion: v1
kind: ServiceAccount
metadata:
name: {{ .Values.kruiseGame.fullname }}
namespace: {{ .Values.installation.namespace }}
---
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
name: kruise-game-leader-election-role
namespace: {{ .Values.installation.namespace }}
rules:
- apiGroups:
- ""
resources:
- configmaps
verbs:
- get
- list
- watch
- create
- update
- patch
- delete
- apiGroups:
- coordination.k8s.io
resources:
- leases
verbs:
- get
- list
- watch
- create
- update
- patch
- delete
- apiGroups:
- ""
resources:
- events
verbs:
- create
- patch
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
creationTimestamp: null
name: kruise-game-manager-role
rules:
- apiGroups:
- ""
resources:
- events
verbs:
- create
- patch
- apiGroups:
- admissionregistration.k8s.io
resources:
- mutatingwebhookconfigurations
verbs:
- create
- get
- list
- patch
- update
- watch
- apiGroups:
- admissionregistration.k8s.io
resources:
- validatingwebhookconfigurations
verbs:
- create
- get
- list
- patch
- update
- watch
- apiGroups:
- alibabacloud.com
resources:
- poddnats
verbs:
- get
- list
- watch
- apiGroups:
- alibabacloud.com
resources:
- poddnats/status
verbs:
- get
- apiGroups:
- alibabacloud.com
resources:
- podeips
verbs:
- get
- list
- watch
- apiGroups:
- alibabacloud.com
resources:
- podeips/status
verbs:
- get
- apiGroups:
- apiextensions.k8s.io
resources:
- customresourcedefinitions
verbs:
- get
- list
- patch
- update
- watch
- apiGroups:
- apps.kruise.io
resources:
- podprobemarkers
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- apps.kruise.io
resources:
- statefulsets
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- apps.kruise.io
resources:
- statefulsets/status
verbs:
- get
- patch
- update
- apiGroups:
- ""
resources:
- nodes
verbs:
- get
- list
- watch
- apiGroups:
- ""
resources:
- nodes/status
verbs:
- get
- apiGroups:
- ""
resources:
- persistentvolumeclaims
verbs:
- get
- list
- watch
- apiGroups:
- ""
resources:
- persistentvolumeclaims/status
verbs:
- get
- apiGroups:
- ""
resources:
- persistentvolumes
verbs:
- get
- list
- watch
- apiGroups:
- ""
resources:
- persistentvolumes/status
verbs:
- get
- apiGroups:
- ""
resources:
- pods
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- ""
resources:
- pods/status
verbs:
- get
- patch
- update
- apiGroups:
- ""
resources:
- services
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- ""
resources:
- services/status
verbs:
- get
- patch
- update
- apiGroups:
- elbv2.k8s.aws
resources:
- targetgroupbindings
verbs:
- create
- get
- list
- patch
- update
- watch
- apiGroups:
- elbv2.services.k8s.aws
resources:
- listeners
verbs:
- create
- get
- list
- patch
- update
- watch
- apiGroups:
- elbv2.services.k8s.aws
resources:
- targetgroups
verbs:
- create
- get
- list
- patch
- update
- watch
- apiGroups:
- game.kruise.io
resources:
- gameservers
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- game.kruise.io
resources:
- gameservers/finalizers
verbs:
- update
- apiGroups:
- game.kruise.io
resources:
- gameservers/status
verbs:
- get
- patch
- update
- apiGroups:
- game.kruise.io
resources:
- gameserversets
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- game.kruise.io
resources:
- gameserversets/finalizers
verbs:
- update
- apiGroups:
- game.kruise.io
resources:
- gameserversets/status
verbs:
- get
- patch
- update
- apiGroups:
- networking.k8s.io
resources:
- ingresses
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- networking.k8s.io
resources:
- ingresses/status
verbs:
- get
- patch
- update
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: kruise-game-metrics-reader
rules:
- nonResourceURLs:
- "/metrics"
verbs:
- get
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: kruise-game-proxy-role
rules:
- apiGroups:
- authentication.k8s.io
resources:
- tokenreviews
verbs:
- create
- apiGroups:
- authorization.k8s.io
resources:
- subjectaccessreviews
verbs:
- create
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
name: kruise-game-leader-election-rolebinding
namespace: {{ .Values.installation.namespace }}
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: kruise-game-leader-election-role
subjects:
- kind: ServiceAccount
name: {{ .Values.kruiseGame.fullname }}
namespace: {{ .Values.installation.namespace }}
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: kruise-game-manager-rolebinding
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: kruise-game-manager-role
subjects:
- kind: ServiceAccount
name: {{ .Values.kruiseGame.fullname }}
namespace: {{ .Values.installation.namespace }}
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: kruise-game-proxy-rolebinding
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: proxy-role
subjects:
- kind: ServiceAccount
name: {{ .Values.kruiseGame.fullname }}
namespace: {{ .Values.installation.namespace }}

11
versions/kruise-game/next/templates/scaler-service.yaml Normal file
View File

@ -0,0 +1,11 @@
apiVersion: v1
kind: Service
metadata:
name: kruise-game-external-scaler
namespace: {{ .Values.installation.namespace }}
spec:
ports:
- port: {{ .Values.scale.service.port }}
targetPort: {{ .Values.scale.service.targetPort }}
selector:
control-plane: {{ .Values.kruiseGame.fullname }}

12
versions/kruise-game/next/templates/webhook_service.yaml Normal file
View File

@ -0,0 +1,12 @@
---
apiVersion: v1
kind: Service
metadata:
name: kruise-game-webhook-service
namespace: {{ .Values.installation.namespace }}
spec:
ports:
- port: {{ .Values.kruiseGame.webhook.port }}
targetPort: {{ .Values.kruiseGame.webhook.targetPort }}
selector:
control-plane: {{ .Values.kruiseGame.fullname }}

66
versions/kruise-game/next/values.yaml Normal file
View File

@ -0,0 +1,66 @@
# Default values for kruise-game.
# This is a YAML-formatted file.
# Declare variables to be passed into your templates.
# values for kruise-game installation
installation:
namespace: kruise-game-system
createNamespace: true
kruiseGame:
fullname: kruise-game-controller-manager
healthBindPort: "8082"
webhook:
port: 443
targetPort: 9876
apiServerQps: 5
apiServerQpsBurst: 10
replicaCount: 1
image:
repository: openkruise/kruise-game-manager
tag: v0.9.0
pullPolicy: Always
# Overrides the image tag whose default is the chart appVersion.
serviceAccount:
# Annotations to add to the service account
annotations: {}
service:
port: 8443
resources:
limits:
cpu: 500m
memory: 1024Mi
requests:
cpu: 10m
memory: 64Mi
# We usually recommend not to specify default resources and to leave this as a conscious
# choice for the user. This also increases chances charts run on environments with little
# resources, such as Minikube. If you do want to specify resources, uncomment the following
# lines, adjust them as necessary, and remove the curly braces after 'resources:'.
# limits:
# cpu: 100m
# memory: 128Mi
# requests:
# cpu: 100m
# memory: 128Mi
prometheus:
enabled: false
monitorService:
port: 8080
scale:
service:
port: 6000
targetPort: 6000
network:
totalWaitTime: 60
probeIntervalTime: 5
cloudProvider:
installCRD: true

23
versions/kruise-rollout/next/.helmignore Normal file
View File

@ -0,0 +1,23 @@
# Patterns to ignore when building packages.
# This supports shell glob matching, relative path matching, and
# negation (prefixed with !). Only one pattern per line.
.DS_Store
# Common VCS dirs
.git/
.gitignore
.bzr/
.bzrignore
.hg/
.hgignore
.svn/
# Common backup files
*.swp
*.bak
*.tmp
*.orig
*~
# Various IDEs
.project
.idea/
*.tmproj
.vscode/

12
versions/kruise-rollout/next/Chart.yaml Normal file
View File

@ -0,0 +1,12 @@
apiVersion: v1
name: kruise-rollout
description: Helm chart for kruise-rollout components
version: 0.6.1
appVersion: 0.6.1
kubeVersion: ">= 1.19.0-0"
icon: https://openkruise.io/img/openkruise-logo-bg.jpg
keywords:
- rollout
home: https://openkruise.io
sources:
- https://github.com/openkruise/rollouts

47
versions/kruise-rollout/next/README.md Normal file
View File

@ -0,0 +1,47 @@
# Kruise Rollout v0.6.1
## Configuration
The following table lists the configurable parameters of the kruise chart and their default values.
| Parameter | Description | Default |
|----------------------------------|-------------------------------------------------------------------|-------------------------------------|
| `installation.namespace` | Namespace for kruise-rollout operation installation | `kruise-rollout` |
| `installation.createNamespace` | Whether to create the installation.namespace | `true` |
| `rollout.fullname` | Nick name for kruise-rollout deployment and other configurations | `kruise-rollout-controller-manager` |
| `rollout.featureGates` | Feature gates for kruise-rollout, empty string means all disabled | `AdvancedDeployment=true` |
| `rollout.healthBindPort` | Port for checking health of kruise-rollout container | `8081` |
| `rollout.metricsBindAddr` | Port of metrics served by kruise-rollout container | `127.0.0.1:8080` |
| `rollout.log.level` | Log level that kruise-rollout printed | `4` |
| `rollout.webhook.port` | Port of webhook served by kruise-rollout container | `9876` |
| `rollout.webhook.objectSelector` | ObjectSelector for workloads in MutatingWebhookConfigurations | ` ` |
| `image.repository` | Repository for kruise-rollout image | `openkruise/kruise-rollout` |
| `image.tag` | Tag for kruise-rollout image | `v0.6.1` |
| `image.pullPolicy` | ImagePullPolicy for kruise-rollout container | `Always` |
| `imagePullSecrets` | The list of image pull secrets for kruise-rollout image | ` ` |
| `resources.limits.cpu` | CPU resource limit of kruise-rollout container | `500m` |
| `resources.limits.memory` | Memory resource limit of kruise-rollout container | `1Gi` |
| `resources.requests.cpu` | CPU resource request of kruise-rollout container | `100m` |
| `resources.requests.memory` | Memory resource request of kruise-rollout container | `256Mi` |
| `replicaCount` | Replicas of kruise-rollout deployment | `2` |
| `service.port` | Port of webhook served by kruise-rollout webhook service | `443` |
| `serviceAccount.annotations` | The annotations for serviceAccount of kruise-rollout | ` ` |
Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. For example,
### Optional: feature-gate
Feature-gate controls some influential features in Kruise:
| Name | Description | Default | Effect (if closed) |
|-----------------------|--------------------------------------------------------------------------------------------------------|----------|-----------------------------------------|
| `AdvancedDeployment` | Whether to enable the ability to rolling update deployment in batches without extra canary deployment | `true` | advanced deployment controller disabled |
### Optional: the local image for China
If you are in China and have problem to pull image from official DockerHub, you can use the registry hosted on Alibaba Cloud:
```bash
$ helm install kruise https://... --set image.repository=openkruise-registry.cn-shanghai.cr.aliyuncs.com/openkruise/kruise-rollout
...
```

62
versions/kruise-rollout/next/templates/_helpers.tpl Normal file
View File

@ -0,0 +1,62 @@
{{/*
Expand the name of the chart.
*/}}
{{- define "rollout.name" -}}
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
{{- end }}
{{/*
Create a default fully qualified app name.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
If release name contains chart name it will be used as a full name.
*/}}
{{- define "rollout.fullname" -}}
{{- if .Values.fullnameOverride }}
{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
{{- else }}
{{- $name := default .Chart.Name .Values.nameOverride }}
{{- if contains $name .Release.Name }}
{{- .Release.Name | trunc 63 | trimSuffix "-" }}
{{- else }}
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
{{- end }}
{{- end }}
{{- end }}
{{/*
Create chart name and version as used by the chart label.
*/}}
{{- define "rollout.chart" -}}
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
{{- end }}
{{/*
Common labels
*/}}
{{- define "rollout.labels" -}}
helm.sh/chart: {{ include "rollout.chart" . }}
{{ include "rollout.selectorLabels" . }}
{{- if .Chart.AppVersion }}
app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
{{- end }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
{{- end }}
{{/*
Selector labels
*/}}
{{- define "rollout.selectorLabels" -}}
app.kubernetes.io/name: {{ include "rollout.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
{{- end }}
{{/*
Create the name of the service account to use
*/}}
{{- define "rollout.serviceAccountName" -}}
{{- if .Values.serviceAccount.create }}
{{- default (include "rollout.fullname" .) .Values.serviceAccount.name }}
{{- else }}
{{- default "default" .Values.serviceAccount.name }}
{{- end }}
{{- end }}

113
versions/kruise-rollout/next/templates/manager.yaml Normal file
View File

@ -0,0 +1,113 @@
{{- if .Values.installation.createNamespace }}
apiVersion: v1
kind: Namespace
metadata:
labels:
control-plane: {{ .Values.rollout.fullname }}
name: {{ .Values.installation.namespace }}
{{- end }}
---
apiVersion: v1
kind: Service
metadata:
name: kruise-rollout-webhook-service
namespace: {{ .Values.installation.namespace }}
spec:
ports:
- port: {{ .Values.service.port }}
targetPort: {{ .Values.rollout.webhook.port }}
selector:
control-plane: {{ .Values.rollout.fullname }}
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ .Values.rollout.fullname }}
namespace: {{ .Values.installation.namespace }}
labels:
control-plane: {{ .Values.rollout.fullname }}
spec:
replicas: {{ .Values.replicaCount }}
selector:
matchLabels:
control-plane: {{ .Values.rollout.fullname }}
minReadySeconds: 3
strategy:
type: RollingUpdate
rollingUpdate:
maxUnavailable: 0
maxSurge: 100%
template:
metadata:
labels:
control-plane: {{ .Values.rollout.fullname }}
spec:
{{- with .Values.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 8 }}
{{- end }}
serviceAccountName: {{ .Values.rollout.fullname }}
containers:
- name: {{ .Chart.Name }}
args:
- --leader-elect
- --health-probe-bind-address=:{{ .Values.rollout.healthBindPort }}
- --metrics-bind-address={{ .Values.rollout.metricsBindAddr }}
- --v={{ .Values.rollout.log.level }}
{{- if .Values.rollout.featureGates }}
- --feature-gates={{ .Values.rollout.featureGates }}
{{- end }}
command:
- /manager
image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
imagePullPolicy: {{ .Values.image.pullPolicy }}
env:
- name: POD_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
ports:
- containerPort: {{ .Values.rollout.webhook.port }}
name: webhook-server
protocol: TCP
livenessProbe:
httpGet:
path: /healthz
port: {{ .Values.rollout.healthBindPort }}
initialDelaySeconds: 15
periodSeconds: 20
readinessProbe:
httpGet:
path: /readyz
port: {{ .Values.rollout.healthBindPort }}
initialDelaySeconds: 5
periodSeconds: 10
resources:
{{- toYaml .Values.resources | nindent 12 }}
affinity:
podAntiAffinity:
preferredDuringSchedulingIgnoredDuringExecution:
- podAffinityTerm:
labelSelector:
matchExpressions:
- key: control-plane
operator: In
values:
- {{ .Values.rollout.fullname }}
topologyKey: kubernetes.io/hostname
weight: 100
topologySpreadConstraints:
- labelSelector:
matchLabels:
control-plane: {{ .Values.rollout.fullname }}
{{- if and ( eq (int .Capabilities.KubeVersion.Major) 1) ( gt (int .Capabilities.KubeVersion.Minor) 26 ) }}
matchLabelKeys:
- pod-template-hash
{{- end }}
maxSkew: 1
topologyKey: topology.kubernetes.io/zone
whenUnsatisfiable: ScheduleAnyway
{{- with .Values.tolerations }}
tolerations:
{{- toYaml . | nindent 8 }}
{{- end }}

478
versions/kruise-rollout/next/templates/rbac_role.yaml Normal file
View File

@ -0,0 +1,478 @@
apiVersion: v1
kind: ServiceAccount
metadata:
name: {{ template "rollout.name" . }}-controller-manager
namespace: {{ .Values.installation.namespace }}
---
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
name: kruise-rollout-manager-role
namespace: {{ .Values.installation.namespace }}
rules:
- apiGroups:
- ""
resources:
- secrets
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
---
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
name: {{ template "rollout.name" . }}-leader-election-role
namespace: {{ .Values.installation.namespace }}
rules:
- apiGroups:
- ""
resources:
- configmaps
verbs:
- get
- list
- watch
- create
- update
- patch
- delete
- apiGroups:
- coordination.k8s.io
resources:
- leases
verbs:
- get
- list
- watch
- create
- update
- patch
- delete
- apiGroups:
- ""
resources:
- events
verbs:
- create
- patch
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
creationTimestamp: null
name: kruise-rollout-manager-role
rules:
- apiGroups:
- '*'
resources:
- events
verbs:
- create
- patch
- update
- apiGroups:
- admissionregistration.k8s.io
resources:
- mutatingwebhookconfigurations
verbs:
- get
- list
- patch
- update
- watch
- apiGroups:
- admissionregistration.k8s.io
resources:
- validatingwebhookconfigurations
verbs:
- get
- list
- patch
- update
- watch
- apiGroups:
- apiextensions.k8s.io
resources:
- customresourcedefinitions
verbs:
- get
- list
- patch
- update
- watch
- apiGroups:
- apps
resources:
- deployments
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- apps
resources:
- deployments/status
verbs:
- get
- patch
- update
- apiGroups:
- apps
resources:
- replicasets
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- apps
resources:
- replicasets/status
verbs:
- get
- patch
- update
- apiGroups:
- apps
resources:
- statefulsets
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- apps
resources:
- statefulsets/status
verbs:
- get
- patch
- update
- apiGroups:
- apps.kruise.io
resources:
- clonesets
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- apps.kruise.io
resources:
- clonesets/status
verbs:
- get
- patch
- update
- apiGroups:
- apps.kruise.io
resources:
- daemonsets
verbs:
- get
- list
- patch
- update
- watch
- apiGroups:
- apps.kruise.io
resources:
- daemonsets/status
verbs:
- get
- patch
- update
- apiGroups:
- apps.kruise.io
resources:
- statefulsets
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- apps.kruise.io
resources:
- statefulsets/status
verbs:
- get
- patch
- update
- apiGroups:
- autoscaling
resources:
- horizontalpodautoscalers
verbs:
- get
- list
- patch
- update
- watch
- apiGroups:
- ""
resources:
- configmaps
verbs:
- get
- list
- watch
- apiGroups:
- ""
resources:
- pods
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- ""
resources:
- pods/finalizers
verbs:
- update
- apiGroups:
- ""
resources:
- pods/status
verbs:
- get
- patch
- update
- apiGroups:
- ""
resources:
- services
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- ""
resources:
- services/status
verbs:
- get
- patch
- update
- apiGroups:
- gateway.networking.k8s.io
resources:
- httproutes
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- gateway.networking.k8s.io
resources:
- httproutes/status
verbs:
- get
- patch
- update
- apiGroups:
- networking.istio.io
resources:
- destinationrules
- virtualservices
verbs:
- get
- list
- patch
- update
- watch
- apiGroups:
- networking.k8s.io
resources:
- ingresses
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- networking.k8s.io
resources:
- ingresses/status
verbs:
- get
- patch
- update
- apiGroups:
- rollouts.kruise.io
resources:
- batchreleases
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- rollouts.kruise.io
resources:
- batchreleases/status
verbs:
- get
- patch
- update
- apiGroups:
- rollouts.kruise.io
resources:
- rollouthistories
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- rollouts.kruise.io
resources:
- rollouthistories/finalizers
verbs:
- update
- apiGroups:
- rollouts.kruise.io
resources:
- rollouthistories/status
verbs:
- get
- patch
- update
- apiGroups:
- rollouts.kruise.io
resources:
- rollouts
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- rollouts.kruise.io
resources:
- rollouts/finalizers
verbs:
- update
- apiGroups:
- rollouts.kruise.io
resources:
- rollouts/status
verbs:
- get
- patch
- update
- apiGroups:
- rollouts.kruise.io
resources:
- trafficroutings
verbs:
- create
- get
- list
- patch
- update
- watch
- apiGroups:
- rollouts.kruise.io
resources:
- trafficroutings/finalizers
verbs:
- update
- apiGroups:
- rollouts.kruise.io
resources:
- trafficroutings/status
verbs:
- get
- patch
- update
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
name: kruise-rollout-manager-rolebinding
namespace: {{ .Values.installation.namespace }}
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: kruise-rollout-manager-role
subjects:
- kind: ServiceAccount
name: kruise-rollout-controller-manager
namespace: {{ .Values.installation.namespace }}
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
name: {{ template "rollout.name" . }}-leader-election-rolebinding
namespace: {{ .Values.installation.namespace }}
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: {{ template "rollout.name" . }}-leader-election-role
subjects:
- kind: ServiceAccount
name: {{ template "rollout.name" . }}-controller-manager
namespace: {{ .Values.installation.namespace }}
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: {{ template "rollout.name" . }}-manager-rolebinding
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: {{ template "rollout.name" . }}-manager-role
subjects:
- kind: ServiceAccount
name: {{ template "rollout.name" . }}-controller-manager
namespace: {{ .Values.installation.namespace }}

569
versions/kruise-rollout/next/templates/rollouts.kruise.io_batchreleases.yaml Normal file
View File

@ -0,0 +1,569 @@
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.11.0
name: batchreleases.rollouts.kruise.io
spec:
conversion:
strategy: Webhook
webhook:
clientConfig:
service:
name: kruise-rollout-webhook-service
namespace: {{ .Values.installation.namespace }}
path: /convert
conversionReviewVersions:
- v1beta1
group: rollouts.kruise.io
names:
kind: BatchRelease
listKind: BatchReleaseList
plural: batchreleases
singular: batchrelease
scope: Namespaced
versions:
- additionalPrinterColumns:
- jsonPath: .spec.targetReference.workloadRef.kind
name: KIND
type: string
- jsonPath: .status.phase
name: PHASE
type: string
- jsonPath: .status.canaryStatus.currentBatch
name: BATCH
type: integer
- jsonPath: .status.canaryStatus.batchState
name: BATCH-STATE
type: string
- jsonPath: .metadata.creationTimestamp
name: AGE
type: date
name: v1alpha1
schema:
openAPIV3Schema:
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: BatchReleaseSpec defines how to describe an update between
different compRevision
properties:
releasePlan:
description: ReleasePlan is the details on how to rollout the resources
properties:
batchPartition:
description: All pods in the batches up to the batchPartition
(included) will have the target resource specification while
the rest still is the stable revision. This is designed for
the operators to manually rollout. Default is nil, which means
no partition and will release all batches. BatchPartition start
from 0.
format: int32
type: integer
batches:
description: 'Batches is the details on each batch of the ReleasePlan.
Users can specify their batch plan in this field, such as: batches:
- canaryReplicas: 1 # batches 0 - canaryReplicas: 2 # batches
1 - canaryReplicas: 5 # batches 2 Not that these canaryReplicas
should be a non-decreasing sequence.'
items:
description: ReleaseBatch is used to describe how each batch
release should be
properties:
canaryReplicas:
anyOf:
- type: integer
- type: string
description: 'CanaryReplicas is the number of upgraded pods
that should have in this batch. it can be an absolute
number (ex: 5) or a percentage of workload replicas. batches[i].canaryReplicas
should less than or equal to batches[j].canaryReplicas
if i < j.'
x-kubernetes-int-or-string: true
required:
- canaryReplicas
type: object
type: array
enableExtraWorkloadForCanary:
description: EnableExtraWorkloadForCanary indicates whether to
create extra workload for canary True corresponds to RollingStyle
"Canary". False corresponds to RollingStyle "Partiton". Ignored
in BlueGreen-style. This field is about to deprecate, use RollingStyle
instead. If both of them are set, controller will only consider
this filed when RollingStyle is empty
type: boolean
failureThreshold:
anyOf:
- type: integer
- type: string
description: FailureThreshold indicates how many failed pods can
be tolerated in all upgraded pods. Only when FailureThreshold
are satisfied, Rollout can enter ready state. If FailureThreshold
is nil, Rollout will use the MaxUnavailable of workload as its
FailureThreshold. Defaults to nil.
x-kubernetes-int-or-string: true
finalizingPolicy:
description: FinalizingPolicy define the behavior of controller
when phase enter Finalizing Defaults to "Immediate"
type: string
patchPodTemplateMetadata:
description: PatchPodTemplateMetadata indicates patch configuration(e.g.
labels, annotations) to the canary deployment podTemplateSpec.metadata
only support for canary deployment
properties:
annotations:
additionalProperties:
type: string
description: annotations
type: object
labels:
additionalProperties:
type: string
description: labels
type: object
type: object
rollingStyle:
description: RollingStyle can be "Canary", "Partiton" or "BlueGreen"
type: string
rolloutID:
description: RolloutID indicates an id for each rollout progress
type: string
required:
- enableExtraWorkloadForCanary
type: object
targetReference:
description: TargetRef contains the GVK and name of the workload that
we need to upgrade to.
properties:
workloadRef:
description: WorkloadRef contains enough information to let you
identify a workload for Rollout Batch release of the bypass
properties:
apiVersion:
description: API Version of the referent
type: string
kind:
description: Kind of the referent
type: string
name:
description: Name of the referent
type: string
required:
- apiVersion
- kind
- name
type: object
type: object
required:
- releasePlan
- targetReference
type: object
status:
description: BatchReleaseStatus defines the observed state of a release
plan
properties:
canaryStatus:
description: CanaryStatus describes the state of the canary rollout.
properties:
batchReadyTime:
description: BatchReadyTime is the ready timestamp of the current
batch or the last batch. This field is updated once a batch
ready, and the batches[x].pausedSeconds relies on this field
to calculate the real-time duration.
format: date-time
type: string
batchState:
description: CurrentBatchState indicates the release state of
the current batch.
type: string
currentBatch:
description: The current batch the rollout is working on/blocked,
it starts from 0
format: int32
type: integer
noNeedUpdateReplicas:
description: the number of pods that no need to rollback in rollback
scene.
format: int32
type: integer
updatedReadyReplicas:
description: UpdatedReadyReplicas is the number upgraded Pods
that have a Ready Condition.
format: int32
type: integer
updatedReplicas:
description: UpdatedReplicas is the number of upgraded Pods.
format: int32
type: integer
required:
- currentBatch
type: object
collisionCount:
description: Count of hash collisions for creating canary Deployment.
The controller uses this field as a collision avoidance mechanism
when it needs to create the name for the newest canary Deployment.
format: int32
type: integer
conditions:
description: Conditions represents the observed process state of each
phase during executing the release plan.
items:
description: RolloutCondition describes the state of a rollout at
a certain point.
properties:
lastTransitionTime:
description: Last time the condition transitioned from one status
to another.
format: date-time
type: string
lastUpdateTime:
description: The last time this condition was updated.
format: date-time
type: string
message:
description: A human readable message indicating details about
the transition.
type: string
reason:
description: The reason for the condition's last transition.
type: string
status:
description: Phase of the condition, one of True, False, Unknown.
type: string
type:
description: Type of rollout condition.
type: string
required:
- message
- reason
- status
- type
type: object
type: array
observedGeneration:
description: ObservedGeneration is the most recent generation observed
for this BatchRelease. It corresponds to this BatchRelease's generation,
which is updated on mutation by the API Server, and only if BatchRelease
Spec was changed, its generation will increase 1.
format: int64
type: integer
observedReleasePlanHash:
description: ObservedReleasePlanHash is a hash code of observed itself
spec.releasePlan.
type: string
observedRolloutID:
description: ObservedRolloutID is the most recent rollout-id observed
for this BatchRelease. If RolloutID was changed, we will restart
to roll out from batch 0, to ensure the batch-id and rollout-id
labels of Pods are correct.
type: string
observedWorkloadReplicas:
description: ObservedWorkloadReplicas is observed replicas of target
referenced workload. This field is designed to deal with scaling
event during rollout, if this field changed, it means that the workload
is scaling during rollout.
format: int32
type: integer
phase:
description: Phase is the release plan phase, which indicates the
current state of release plan state machine in BatchRelease controller.
type: string
stableRevision:
description: StableRevision is the pod-template-hash of stable revision
pod template.
type: string
updateRevision:
description: UpdateRevision is the pod-template-hash of update revision
pod template.
type: string
type: object
type: object
served: true
storage: false
subresources:
status: {}
- additionalPrinterColumns:
- jsonPath: .spec.targetReference.workloadRef.kind
name: KIND
type: string
- jsonPath: .status.phase
name: PHASE
type: string
- jsonPath: .status.canaryStatus.currentBatch
name: BATCH
type: integer
- jsonPath: .status.canaryStatus.batchState
name: BATCH-STATE
type: string
- jsonPath: .metadata.creationTimestamp
name: AGE
type: date
name: v1beta1
schema:
openAPIV3Schema:
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: BatchReleaseSpec defines how to describe an update between
different compRevision
properties:
releasePlan:
description: ReleasePlan is the details on how to rollout the resources
properties:
batchPartition:
description: All pods in the batches up to the batchPartition
(included) will have the target resource specification while
the rest still is the stable revision. This is designed for
the operators to manually rollout. Default is nil, which means
no partition and will release all batches. BatchPartition start
from 0.
format: int32
type: integer
batches:
description: 'Batches is the details on each batch of the ReleasePlan.
Users can specify their batch plan in this field, such as: batches:
- canaryReplicas: 1 # batches 0 - canaryReplicas: 2 # batches
1 - canaryReplicas: 5 # batches 2 Not that these canaryReplicas
should be a non-decreasing sequence.'
items:
description: ReleaseBatch is used to describe how each batch
release should be
properties:
canaryReplicas:
anyOf:
- type: integer
- type: string
description: 'CanaryReplicas is the number of upgraded pods
that should have in this batch. it can be an absolute
number (ex: 5) or a percentage of workload replicas. batches[i].canaryReplicas
should less than or equal to batches[j].canaryReplicas
if i < j.'
x-kubernetes-int-or-string: true
required:
- canaryReplicas
type: object
type: array
enableExtraWorkloadForCanary:
description: EnableExtraWorkloadForCanary indicates whether to
create extra workload for canary True corresponds to RollingStyle
"Canary". False corresponds to RollingStyle "Partiton". Ignored
in BlueGreen-style. This field is about to deprecate, use RollingStyle
instead. If both of them are set, controller will only consider
this filed when RollingStyle is empty
type: boolean
failureThreshold:
anyOf:
- type: integer
- type: string
description: FailureThreshold indicates how many failed pods can
be tolerated in all upgraded pods. Only when FailureThreshold
are satisfied, Rollout can enter ready state. If FailureThreshold
is nil, Rollout will use the MaxUnavailable of workload as its
FailureThreshold. Defaults to nil.
x-kubernetes-int-or-string: true
finalizingPolicy:
description: FinalizingPolicy define the behavior of controller
when phase enter Finalizing Defaults to "Immediate"
type: string
patchPodTemplateMetadata:
description: PatchPodTemplateMetadata indicates patch configuration(e.g.
labels, annotations) to the canary deployment podTemplateSpec.metadata
only support for canary deployment
properties:
annotations:
additionalProperties:
type: string
description: annotations
type: object
labels:
additionalProperties:
type: string
description: labels
type: object
type: object
rollingStyle:
description: RollingStyle can be "Canary", "Partiton" or "BlueGreen"
type: string
rolloutID:
description: RolloutID indicates an id for each rollout progress
type: string
required:
- enableExtraWorkloadForCanary
type: object
workloadRef:
description: WorkloadRef contains enough information to let you identify
a workload for Rollout Batch release of the bypass
properties:
apiVersion:
description: API Version of the referent
type: string
kind:
description: Kind of the referent
type: string
name:
description: Name of the referent
type: string
required:
- apiVersion
- kind
- name
type: object
required:
- releasePlan
type: object
status:
description: BatchReleaseStatus defines the observed state of a release
plan
properties:
canaryStatus:
description: CanaryStatus describes the state of the canary rollout.
properties:
batchReadyTime:
description: BatchReadyTime is the ready timestamp of the current
batch or the last batch. This field is updated once a batch
ready, and the batches[x].pausedSeconds relies on this field
to calculate the real-time duration.
format: date-time
type: string
batchState:
description: CurrentBatchState indicates the release state of
the current batch.
type: string
currentBatch:
description: The current batch the rollout is working on/blocked,
it starts from 0
format: int32
type: integer
noNeedUpdateReplicas:
description: the number of pods that no need to rollback in rollback
scene.
format: int32
type: integer
updatedReadyReplicas:
description: UpdatedReadyReplicas is the number upgraded Pods
that have a Ready Condition.
format: int32
type: integer
updatedReplicas:
description: UpdatedReplicas is the number of upgraded Pods.
format: int32
type: integer
required:
- currentBatch
type: object
collisionCount:
description: Count of hash collisions for creating canary Deployment.
The controller uses this field as a collision avoidance mechanism
when it needs to create the name for the newest canary Deployment.
format: int32
type: integer
conditions:
description: Conditions represents the observed process state of each
phase during executing the release plan.
items:
description: RolloutCondition describes the state of a rollout at
a certain point.
properties:
lastTransitionTime:
description: Last time the condition transitioned from one status
to another.
format: date-time
type: string
lastUpdateTime:
description: The last time this condition was updated.
format: date-time
type: string
message:
description: A human readable message indicating details about
the transition.
type: string
reason:
description: The reason for the condition's last transition.
type: string
status:
description: Phase of the condition, one of True, False, Unknown.
type: string
type:
description: Type of rollout condition.
type: string
required:
- message
- reason
- status
- type
type: object
type: array
message:
description: Message provides details on why the rollout is in its
current phase
type: string
observedGeneration:
description: ObservedGeneration is the most recent generation observed
for this BatchRelease. It corresponds to this BatchRelease's generation,
which is updated on mutation by the API Server, and only if BatchRelease
Spec was changed, its generation will increase 1.
format: int64
type: integer
observedReleasePlanHash:
description: ObservedReleasePlanHash is a hash code of observed itself
spec.releasePlan.
type: string
observedRolloutID:
description: ObservedRolloutID is the most recent rollout-id observed
for this BatchRelease. If RolloutID was changed, we will restart
to roll out from batch 0, to ensure the batch-id and rollout-id
labels of Pods are correct.
type: string
observedWorkloadReplicas:
description: ObservedWorkloadReplicas is observed replicas of target
referenced workload. This field is designed to deal with scaling
event during rollout, if this field changed, it means that the workload
is scaling during rollout.
format: int32
type: integer
phase:
description: Phase is the release plan phase, which indicates the
current state of release plan state machine in BatchRelease controller.
type: string
stableRevision:
description: StableRevision is the pod-template-hash of stable revision
pod template.
type: string
updateRevision:
description: UpdateRevision is the pod-template-hash of update revision
pod template.
type: string
type: object
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []

174
versions/kruise-rollout/next/templates/rollouts.kruise.io_rollouthistories.yaml Normal file
View File

@ -0,0 +1,174 @@
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.11.0
creationTimestamp: null
name: rollouthistories.rollouts.kruise.io
spec:
group: rollouts.kruise.io
names:
kind: RolloutHistory
listKind: RolloutHistoryList
plural: rollouthistories
singular: rollouthistory
scope: Namespaced
versions:
- name: v1alpha1
schema:
openAPIV3Schema:
description: RolloutHistory is the Schema for the rollouthistories API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: RolloutHistorySpec defines the desired state of RolloutHistory
properties:
rollout:
description: Rollout indicates information of the rollout related
with rollouthistory
properties:
data:
description: Data indecates the spec of object ref
x-kubernetes-preserve-unknown-fields: true
name:
description: Name indicates the name of object ref, such as rollout
name, workload name, ingress name, etc.
type: string
rolloutID:
description: RolloutID indicates the new rollout if there is no
new RolloutID this time, ignore it and not execute RolloutHistory
type: string
required:
- name
- rolloutID
type: object
service:
description: Service indicates information of the service related
with workload
properties:
data:
description: Data indecates the spec of object ref
x-kubernetes-preserve-unknown-fields: true
name:
description: Name indicates the name of object ref, such as rollout
name, workload name, ingress name, etc.
type: string
required:
- name
type: object
trafficRouting:
description: TrafficRouting indicates information of traffic route
related with workload
properties:
httpRoute:
description: HTTPRouteRef indacates information of Gateway API
properties:
data:
description: Data indecates the spec of object ref
x-kubernetes-preserve-unknown-fields: true
name:
description: Name indicates the name of object ref, such as
rollout name, workload name, ingress name, etc.
type: string
required:
- name
type: object
ingress:
description: IngressRef indicates information of ingress
properties:
data:
description: Data indecates the spec of object ref
x-kubernetes-preserve-unknown-fields: true
name:
description: Name indicates the name of object ref, such as
rollout name, workload name, ingress name, etc.
type: string
required:
- name
type: object
type: object
workload:
description: Workload indicates information of the workload, such
as cloneset, deployment, advanced statefulset
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this
representation of an object. Servers should convert recognized
schemas to the latest internal value, and may reject unrecognized
values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
data:
description: Data indecates the spec of object ref
x-kubernetes-preserve-unknown-fields: true
kind:
description: 'Kind is a string value representing the REST resource
this object represents. Servers may infer this from the endpoint
the client submits requests to. Cannot be updated. In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
name:
description: Name indicates the name of object ref, such as rollout
name, workload name, ingress name, etc.
type: string
required:
- name
type: object
type: object
status:
description: RolloutHistoryStatus defines the observed state of RolloutHistory
properties:
canarySteps:
description: CanarySteps indicates the pods released each step
items:
description: CanaryStepInfo indicates the pods for a revision
properties:
canaryStepIndex:
description: CanaryStepIndex indicates step this revision
format: int32
type: integer
pods:
description: Pods indicates the pods information
items:
description: Pod indicates the information of a pod, including
name, ip, node_name.
properties:
ip:
description: IP indicates the pod ip
type: string
name:
description: Name indicates the node name
type: string
nodeName:
description: NodeName indicates the node which pod is
located at
type: string
type: object
type: array
type: object
type: array
phase:
description: Phase indicates phase of RolloutHistory, just "" or "completed"
type: string
type: object
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []

1670
versions/kruise-rollout/next/templates/rollouts.kruise.io_rollouts.yaml Normal file
View File

File diff suppressed because it is too large Load Diff

314
versions/kruise-rollout/next/templates/rollouts.kruise.io_trafficroutings.yaml Normal file
View File

@ -0,0 +1,314 @@
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.11.0
creationTimestamp: null
name: trafficroutings.rollouts.kruise.io
spec:
group: rollouts.kruise.io
names:
kind: TrafficRouting
listKind: TrafficRoutingList
plural: trafficroutings
singular: trafficrouting
scope: Namespaced
versions:
- additionalPrinterColumns:
- description: The TrafficRouting status phase
jsonPath: .status.phase
name: STATUS
type: string
- description: The TrafficRouting canary status message
jsonPath: .status.message
name: MESSAGE
type: string
- jsonPath: .metadata.creationTimestamp
name: AGE
type: date
name: v1alpha1
schema:
openAPIV3Schema:
description: TrafficRouting is the Schema for the TrafficRoutings API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
properties:
objectRef:
description: ObjectRef indicates trafficRouting ref
items:
description: TrafficRoutingRef hosts all the different configuration
for supported service meshes to enable more fine-grained traffic
routing
properties:
customNetworkRefs:
description: CustomNetworkRefs hold a list of custom providers
to route traffic
items:
properties:
apiVersion:
type: string
kind:
type: string
name:
type: string
required:
- apiVersion
- kind
- name
type: object
type: array
gateway:
description: Gateway holds Gateway specific configuration to
route traffic Gateway configuration only supports >= v0.4.0
(v1alpha2).
properties:
httpRouteName:
description: HTTPRouteName refers to the name of an `HTTPRoute`
resource in the same namespace as the `Rollout`
type: string
type: object
gracePeriodSeconds:
default: 3
description: Optional duration in seconds the traffic provider(e.g.
nginx ingress controller) consumes the service, ingress configuration
changes gracefully.
format: int32
type: integer
ingress:
description: Ingress holds Ingress specific configuration to
route traffic, e.g. Nginx, Alb.
properties:
classType:
description: ClassType refers to the type of `Ingress`.
current support nginx, aliyun-alb. default is nginx.
type: string
name:
description: Name refers to the name of an `Ingress` resource
in the same namespace as the `Rollout`
type: string
required:
- name
type: object
service:
description: Service holds the name of a service which selects
pods with stable version and don't select any pods with canary
version.
type: string
required:
- service
type: object
type: array
strategy:
description: trafficrouting strategy
properties:
matches:
description: Matches define conditions used for matching the incoming
HTTP requests to canary service. Each match is independent,
i.e. this rule will be matched if **any** one of the matches
is satisfied. If Gateway API, current only support one match.
And cannot support both weight and matches, if both are configured,
then matches takes precedence.
items:
properties:
headers:
description: Headers specifies HTTP request header matchers.
Multiple match values are ANDed together, meaning, a request
must match all the specified headers to select the route.
items:
description: HTTPHeaderMatch describes how to select a
HTTP route by matching HTTP request headers.
properties:
name:
description: "Name is the name of the HTTP Header
to be matched. Name matching MUST be case insensitive.
(See https://tools.ietf.org/html/rfc7230#section-3.2).
\n If multiple entries specify equivalent header
names, only the first entry with an equivalent name
MUST be considered for a match. Subsequent entries
with an equivalent header name MUST be ignored.
Due to the case-insensitivity of header names, \"foo\"
and \"Foo\" are considered equivalent. \n When a
header is repeated in an HTTP request, it is implementation-specific
behavior as to how this is represented. Generally,
proxies should follow the guidance from the RFC:
https://www.rfc-editor.org/rfc/rfc7230.html#section-3.2.2
regarding processing a repeated header, with special
handling for \"Set-Cookie\"."
maxLength: 256
minLength: 1
pattern: ^[A-Za-z0-9!#$%&'*+\-.^_\x60|~]+$
type: string
type:
default: Exact
description: "Type specifies how to match against
the value of the header. \n Support: Core (Exact)
\n Support: Implementation-specific (RegularExpression)
\n Since RegularExpression HeaderMatchType has implementation-specific
conformance, implementations can support POSIX,
PCRE or any other dialects of regular expressions.
Please read the implementation's documentation to
determine the supported dialect."
enum:
- Exact
- RegularExpression
type: string
value:
description: Value is the value of HTTP Header to
be matched.
maxLength: 4096
minLength: 1
type: string
required:
- name
- value
type: object
maxItems: 16
type: array
type: object
type: array
requestHeaderModifier:
description: "Set overwrites the request with the given header
(name, value) before the action. \n Input: GET /foo HTTP/1.1
my-header: foo \n requestHeaderModifier: set: - name: \"my-header\"
value: \"bar\" \n Output: GET /foo HTTP/1.1 my-header: bar"
properties:
add:
description: "Add adds the given header(s) (name, value) to
the request before the action. It appends to any existing
values associated with the header name. \n Input: GET /foo
HTTP/1.1 my-header: foo \n Config: add: - name: \"my-header\"
value: \"bar,baz\" \n Output: GET /foo HTTP/1.1 my-header:
foo,bar,baz"
items:
description: HTTPHeader represents an HTTP Header name and
value as defined by RFC 7230.
properties:
name:
description: "Name is the name of the HTTP Header to
be matched. Name matching MUST be case insensitive.
(See https://tools.ietf.org/html/rfc7230#section-3.2).
\n If multiple entries specify equivalent header names,
the first entry with an equivalent name MUST be considered
for a match. Subsequent entries with an equivalent
header name MUST be ignored. Due to the case-insensitivity
of header names, \"foo\" and \"Foo\" are considered
equivalent."
maxLength: 256
minLength: 1
pattern: ^[A-Za-z0-9!#$%&'*+\-.^_\x60|~]+$
type: string
value:
description: Value is the value of HTTP Header to be
matched.
maxLength: 4096
minLength: 1
type: string
required:
- name
- value
type: object
maxItems: 16
type: array
x-kubernetes-list-map-keys:
- name
x-kubernetes-list-type: map
remove:
description: "Remove the given header(s) from the HTTP request
before the action. The value of Remove is a list of HTTP
header names. Note that the header names are case-insensitive
(see https://datatracker.ietf.org/doc/html/rfc2616#section-4.2).
\n Input: GET /foo HTTP/1.1 my-header1: foo my-header2:
bar my-header3: baz \n Config: remove: [\"my-header1\",
\"my-header3\"] \n Output: GET /foo HTTP/1.1 my-header2:
bar"
items:
type: string
maxItems: 16
type: array
set:
description: "Set overwrites the request with the given header
(name, value) before the action. \n Input: GET /foo HTTP/1.1
my-header: foo \n Config: set: - name: \"my-header\" value:
\"bar\" \n Output: GET /foo HTTP/1.1 my-header: bar"
items:
description: HTTPHeader represents an HTTP Header name and
value as defined by RFC 7230.
properties:
name:
description: "Name is the name of the HTTP Header to
be matched. Name matching MUST be case insensitive.
(See https://tools.ietf.org/html/rfc7230#section-3.2).
\n If multiple entries specify equivalent header names,
the first entry with an equivalent name MUST be considered
for a match. Subsequent entries with an equivalent
header name MUST be ignored. Due to the case-insensitivity
of header names, \"foo\" and \"Foo\" are considered
equivalent."
maxLength: 256
minLength: 1
pattern: ^[A-Za-z0-9!#$%&'*+\-.^_\x60|~]+$
type: string
value:
description: Value is the value of HTTP Header to be
matched.
maxLength: 4096
minLength: 1
type: string
required:
- name
- value
type: object
maxItems: 16
type: array
x-kubernetes-list-map-keys:
- name
x-kubernetes-list-type: map
type: object
weight:
description: Weight indicate how many percentage of traffic the
canary pods should receive
format: int32
type: integer
type: object
required:
- objectRef
- strategy
type: object
status:
properties:
message:
description: Message provides details on why the rollout is in its
current phase
type: string
observedGeneration:
description: observedGeneration is the most recent generation observed
for this Rollout.
format: int64
type: integer
phase:
description: Phase is the trafficRouting phase.
type: string
type: object
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []

258
versions/kruise-rollout/next/templates/webhookconfiguration.yaml Normal file
View File

@ -0,0 +1,258 @@
---
apiVersion: admissionregistration.k8s.io/v1
kind: MutatingWebhookConfiguration
metadata:
name: kruise-rollout-mutating-webhook-configuration
webhooks:
- admissionReviewVersions:
- v1
- v1beta1
clientConfig:
service:
name: kruise-rollout-webhook-service
namespace: {{ .Values.installation.namespace }}
path: /mutate-unified-workload
failurePolicy: Fail
name: munifiedworload.kb.io
objectSelector:
matchExpressions:
- key: rollouts.kruise.io/workload-type
operator: Exists
{{- if .Values.rollout.webhook.objectSelector }}
{{- range $label := .Values.rollout.webhook.objectSelector }}
- key: {{ $label.key }}
operator: {{ $label.operator }}
{{- if $label.values}}
values:
{{- range $value := $label.values }}
- {{ $value }}
{{- end }}
{{- end}}
{{- end }}
{{- end }}
rules:
- apiGroups:
- '*'
apiVersions:
- '*'
operations:
- CREATE
- UPDATE
resources:
- '*'
sideEffects: None
- admissionReviewVersions:
- v1
- v1beta1
clientConfig:
service:
name: kruise-rollout-webhook-service
namespace: {{ .Values.installation.namespace }}
path: /mutate-apps-v1-deployment
failurePolicy: Fail
name: mdeployment.kb.io
objectSelector:
matchExpressions:
- key: control-plane
operator: NotIn
values:
- {{ .Values.rollout.fullname }}
- key: rollouts.kruise.io/workload-type
operator: Exists
{{- if .Values.rollout.webhook.objectSelector }}
{{- range $label := .Values.rollout.webhook.objectSelector }}
- key: {{ $label.key }}
operator: {{ $label.operator }}
{{- if $label.values}}
values:
{{- range $value := $label.values }}
- {{ $value }}
{{- end }}
{{- end}}
{{- end }}
{{- end }}
rules:
- apiGroups:
- apps
apiVersions:
- v1
operations:
- UPDATE
resources:
- deployments
sideEffects: None
- admissionReviewVersions:
- v1
- v1beta1
clientConfig:
service:
name: kruise-rollout-webhook-service
namespace: {{ .Values.installation.namespace }}
path: /mutate-apps-kruise-io-v1alpha1-cloneset
failurePolicy: Fail
name: mcloneset.kb.io
objectSelector:
matchExpressions:
- key: rollouts.kruise.io/workload-type
operator: Exists
{{- if .Values.rollout.webhook.objectSelector }}
{{- range $label := .Values.rollout.webhook.objectSelector }}
- key: {{ $label.key }}
operator: {{ $label.operator }}
{{- if $label.values}}
values:
{{- range $value := $label.values }}
- {{ $value }}
{{- end }}
{{- end}}
{{- end }}
{{- end }}
rules:
- apiGroups:
- apps.kruise.io
apiVersions:
- v1alpha1
operations:
- UPDATE
resources:
- clonesets
sideEffects: None
- admissionReviewVersions:
- v1
- v1beta1
clientConfig:
service:
name: kruise-rollout-webhook-service
namespace: {{ .Values.installation.namespace }}
path: /mutate-apps-v1-statefulset
failurePolicy: Fail
name: mstatefulset.kb.io
objectSelector:
matchExpressions:
- key: rollouts.kruise.io/workload-type
operator: Exists
{{- if .Values.rollout.webhook.objectSelector }}
{{- range $label := .Values.rollout.webhook.objectSelector }}
- key: {{ $label.key }}
operator: {{ $label.operator }}
{{- if $label.values}}
values:
{{- range $value := $label.values }}
- {{ $value }}
{{- end }}
{{- end}}
{{- end }}
{{- end }}
rules:
- apiGroups:
- apps
apiVersions:
- v1
operations:
- UPDATE
resources:
- statefulsets
sideEffects: None
- admissionReviewVersions:
- v1
- v1beta1
clientConfig:
service:
name: kruise-rollout-webhook-service
namespace: {{ .Values.installation.namespace }}
path: /mutate-apps-kruise-io-statefulset
failurePolicy: Fail
name: madvancedstatefulset.kb.io
objectSelector:
matchExpressions:
- key: rollouts.kruise.io/workload-type
operator: Exists
{{- if .Values.rollout.webhook.objectSelector }}
{{- range $label := .Values.rollout.webhook.objectSelector }}
- key: {{ $label.key }}
operator: {{ $label.operator }}
{{- if $label.values}}
values:
{{- range $value := $label.values }}
- {{ $value }}
{{- end }}
{{- end}}
{{- end }}
{{- end }}
rules:
- apiGroups:
- apps.kruise.io
apiVersions:
- v1alpha1
- v1beta1
operations:
- CREATE
- UPDATE
resources:
- statefulsets
sideEffects: None
- admissionReviewVersions:
- v1
- v1beta1
clientConfig:
service:
name: kruise-rollout-webhook-service
namespace: {{ .Values.installation.namespace }}
path: /mutate-apps-kruise-io-v1alpha1-daemonset
failurePolicy: Fail
name: mdaemonset.kb.io
objectSelector:
matchExpressions:
- key: rollouts.kruise.io/workload-type
operator: Exists
{{- if .Values.rollout.webhook.objectSelector }}
{{- range $label := .Values.rollout.webhook.objectSelector }}
- key: {{ $label.key }}
operator: {{ $label.operator }}
{{- if $label.values }}
values:
{{- range $value := $label.values }}
- {{ $value }}
{{- end }}
{{- end }}
{{- end }}
{{- end }}
rules:
- apiGroups:
- apps.kruise.io
apiVersions:
- v1alpha1
operations:
- UPDATE
resources:
- daemonsets
sideEffects: None
---
apiVersion: admissionregistration.k8s.io/v1
kind: ValidatingWebhookConfiguration
metadata:
creationTimestamp: null
name: kruise-rollout-validating-webhook-configuration
webhooks:
- admissionReviewVersions:
- v1
- v1beta1
clientConfig:
service:
name: kruise-rollout-webhook-service
namespace: {{ .Values.installation.namespace }}
path: /validate-rollouts-kruise-io-rollout
failurePolicy: Fail
name: vrollout.kb.io
rules:
- apiGroups:
- rollouts.kruise.io
apiVersions:
- v1alpha1
- v1beta1
operations:
- CREATE
- UPDATE
resources:
- rollouts
sideEffects: None

71
versions/kruise-rollout/next/values.yaml Normal file
View File

@ -0,0 +1,71 @@
# Default values for rollout.
# This is a YAML-formatted file.
# Declare variables to be passed into your templates.
# values for rollout installation
installation:
namespace: kruise-rollout
createNamespace: true
rollout:
fullname: kruise-rollout-controller-manager
healthBindPort: "8081"
metricsBindAddr: "127.0.0.1:8080"
webhook:
port: 9876
# ObjectSelector for workloads in MutatingWebhookConfiguration, which
# allow Rollout operator focuses on the workloads that users really care.
objectSelector:
# - key: <your-focused-workload-label-key>
# operator: In # Exists DoesNotExist NotIn
# values:
# - <your-focused-workload-label-values>
log:
level: 4
featureGates: AdvancedDeployment=true
replicaCount: 2
image:
repository: openkruise/kruise-rollout
pullPolicy: Always
# Overrides the image tag whose default is the chart appVersion.
tag: v0.6.1
imagePullSecrets:
# - name: for-your-secret-name
serviceAccount:
# Annotations to add to the service account
annotations: {}
service:
port: 443
resources:
limits:
cpu: 500m
memory: 1Gi
requests:
cpu: 100m
memory: 256Mi
# We usually recommend not to specify default resources and to leave this as a conscious
# choice for the user. This also increases chances charts run on environments with little
# resources, such as Minikube. If you do want to specify resources, uncomment the following
# lines, adjust them as necessary, and remove the curly braces after 'resources:'.
# limits:
# cpu: 100m
# memory: 128Mi
# requests:
# cpu: 100m
# memory: 128Mi
tolerations:
# Toleration represents the toleration object that can be attached to a pod.
# The pod this Toleration is attached to tolerates any taint that matches
# the triple <key,value,effect> using the matching operator <operator>.
# you could find more info at https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/
# - effect: NoSchedule
# key: test
# operator: Equal
# value: hello

23
versions/kruise-state-metrics/next/.helmignore Normal file
View File

@ -0,0 +1,23 @@
# Patterns to ignore when building packages.
# This supports shell glob matching, relative path matching, and
# negation (prefixed with !). Only one pattern per line.
.DS_Store
# Common VCS dirs
.git/
.gitignore
.bzr/
.bzrignore
.hg/
.hgignore
.svn/
# Common backup files
*.swp
*.bak
*.tmp
*.orig
*~
# Various IDEs
.project
.idea/
*.tmproj
.vscode/

17
versions/kruise-state-metrics/next/Chart.yaml Normal file
View File

@ -0,0 +1,17 @@
apiVersion: v2
name: kruise-state-metrics
description: Install kruise-state-metrics to generate and expose kruise metrics
type: application
version: 0.2.0
appVersion: "1.16.0"
icon: https://openkruise.io/img/logo_white.png
keywords:
- metric
- monitoring
- prometheus
- kubernetes
- openkruise
- workload
home: https://openkruise.io
sources:
- https://github.com/openkruise/kruise-state-metrics

56
versions/kruise-state-metrics/next/templates/_helpers.tpl Normal file
View File

@ -0,0 +1,56 @@
{{/*
Expand the name of the chart.
*/}}
{{- define "kruise-state-metrics.name" -}}
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
{{- end }}
{{/*
Create a default fully qualified app name.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
If release name contains chart name it will be used as a full name.
*/}}
{{- define "kruise-state-metrics.fullname" -}}
{{- if .Values.fullnameOverride }}
{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
{{- else }}
{{- $name := default .Chart.Name .Values.nameOverride }}
{{- if contains $name .Release.Name }}
{{- .Release.Name | trunc 63 | trimSuffix "-" }}
{{- else }}
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
{{- end }}
{{- end }}
{{- end }}
{{/*
Create chart name and version as used by the chart label.
*/}}
{{- define "kruise-state-metrics.chart" -}}
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
{{- end }}
{{/*
Common labels
*/}}
{{- define "kruise-state-metrics.labels" -}}
control-plane: {{ .Values.fullnameOverride }}
{{- end }}
{{/*
Selector labels
*/}}
{{- define "kruise-state-metrics.selectorLabels" -}}
control-plane: {{ .Values.fullnameOverride }}
{{- end }}
{{/*
Create the name of the service account to use
*/}}
{{- define "kruise-state-metrics.serviceAccountName" -}}
{{- if .Values.serviceAccount.create }}
{{- default (include "kruise-state-metrics.fullname" .) .Values.serviceAccount.name }}
{{- else }}
{{- default "default" .Values.serviceAccount.name }}
{{- end }}
{{- end }}

82
versions/kruise-state-metrics/next/templates/deployment.yaml Normal file
View File

@ -0,0 +1,82 @@
{{- if .Values.installation.createNamespace }}
apiVersion: v1
kind: Namespace
metadata:
labels:
{{- include "kruise-state-metrics.labels" . | nindent 4 }}
name: {{ .Values.installation.namespace }}
{{- end }}
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ include "kruise-state-metrics.fullname" . }}
namespace: {{ .Values.installation.namespace }}
labels:
{{- include "kruise-state-metrics.labels" . | nindent 4 }}
spec:
replicas: {{ .Values.replicaCount }}
selector:
matchLabels:
{{- include "kruise-state-metrics.selectorLabels" . | nindent 6 }}
template:
metadata:
{{- with .Values.podAnnotations }}
annotations:
{{- toYaml . | nindent 8 }}
{{- end }}
labels:
{{- include "kruise-state-metrics.selectorLabels" . | nindent 8 }}
spec:
{{- with .Values.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 8 }}
{{- end }}
serviceAccountName: {{ include "kruise-state-metrics.serviceAccountName" . }}
containers:
- name: {{ .Chart.Name }}
command:
- /kruise-state-metrics
args:
- --logtostderr=true
- --v=5
image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
imagePullPolicy: {{ .Values.image.pullPolicy }}
ports:
- name: http-metrics
containerPort: 8080
- name: telemetry
containerPort: 8081
livenessProbe:
httpGet:
path: /healthz
port: 8080
readinessProbe:
httpGet:
path: /
port: 8081
resources:
{{- toYaml .Values.resources | nindent 12 }}
topologySpreadConstraints:
- labelSelector:
matchLabels:
{{- include "kruise-state-metrics.selectorLabels" . | nindent 12 }}
{{- if and ( eq (int .Capabilities.KubeVersion.Major) 1) ( gt (int .Capabilities.KubeVersion.Minor) 26 ) }}
matchLabelKeys:
- pod-template-hash
{{- end }}
maxSkew: 1
topologyKey: topology.kubernetes.io/zone
whenUnsatisfiable: ScheduleAnyway
{{- with .Values.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.affinity }}
affinity:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.tolerations }}
tolerations:
{{- toYaml . | nindent 8 }}
{{- end }}

34
versions/kruise-state-metrics/next/templates/service.yaml Normal file
View File

@ -0,0 +1,34 @@
apiVersion: v1
kind: Service
metadata:
name: {{ include "kruise-state-metrics.fullname" . }}
namespace: {{ .Values.installation.namespace }}
labels:
{{- include "kruise-state-metrics.labels" . | nindent 4 }}
spec:
type: {{ .Values.service.type }}
ports:
- name: http-metrics
port: 8080
targetPort: http-metrics
- name: telemetry
port: 8081
targetPort: telemetry
selector:
{{- include "kruise-state-metrics.selectorLabels" . | nindent 4 }}
---
{{- if .Values.installation.installServiceMonitor }}
apiVersion: monitoring.coreos.com/v1
kind: ServiceMonitor
metadata:
name: {{ include "kruise-state-metrics.fullname" . }}
namespace: {{ .Values.installation.namespace }}
labels:
{{- include "kruise-state-metrics.labels" . | nindent 4 }}
spec:
selector:
matchLabels:
{{- include "kruise-state-metrics.labels" . | nindent 6 }}
endpoints:
- port: http-metrics
{{- end}}

40
versions/kruise-state-metrics/next/templates/serviceaccount.yaml Normal file
View File

@ -0,0 +1,40 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: kruise-state-metrics-role
rules:
- apiGroups:
- apps.kruise.io
resources:
- '*'
verbs:
- get
- list
- watch
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: kruise-state-metrics-rolebinding
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: kruise-state-metrics-role
subjects:
- kind: ServiceAccount
name: {{ include "kruise-state-metrics.serviceAccountName" . }}
namespace: {{ .Values.installation.namespace }}
---
{{- if .Values.serviceAccount.create -}}
apiVersion: v1
kind: ServiceAccount
metadata:
name: {{ include "kruise-state-metrics.serviceAccountName" . }}
namespace: {{ .Values.installation.namespace }}
labels:
{{- include "kruise-state-metrics.labels" . | nindent 4 }}
{{- with .Values.serviceAccount.annotations }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
{{- end }}

58
versions/kruise-state-metrics/next/values.yaml Normal file
View File

@ -0,0 +1,58 @@
# Default values for kruise-state-metrics.
# This is a YAML-formatted file.
# Declare variables to be passed into your templates.
installation:
namespace: kruise-system
createNamespace: false
installServiceMonitor: true
replicaCount: 1
image:
repository: openkruise/kruise-state-metrics
pullPolicy: Always
# Overrides the image tag whose default is the chart appVersion.
tag: "v0.2.0"
imagePullSecrets: []
nameOverride: ""
fullnameOverride: "kruise-state-metrics"
serviceAccount:
# Specifies whether a service account should be created
create: true
# Annotations to add to the service account
annotations: {}
# The name of the service account to use.
# If not set and create is true, a name is generated using the fullname template
name: ""
podAnnotations: {}
service:
type: ClusterIP
resources:
limits:
cpu: 100m
memory: 100Mi
requests:
cpu: 100m
memory: 100Mi
# We usually recommend not to specify default resources and to leave this as a conscious
# choice for the user. This also increases chances charts run on environments with little
# resources, such as Minikube. If you do want to specify resources, uncomment the following
# lines, adjust them as necessary, and remove the curly braces after 'resources:'.
# limits:
# cpu: 100m
# memory: 128Mi
# requests:
# cpu: 100m
# memory: 128Mi
nodeSelector: {}
tolerations: []
affinity: {}

21
versions/kruise/next/.helmignore Normal file
View File

@ -0,0 +1,21 @@
# Patterns to ignore when building packages.
# This supports shell glob matching, relative path matching, and
# negation (prefixed with !). Only one pattern per line.
.DS_Store
# Common VCS dirs
.git/
.gitignore
.bzr/
.bzrignore
.hg/
.hgignore
.svn/
# Common backup files
*.swp
*.bak
*.tmp
*~
# Various IDEs
.project
.idea/
*.tmproj

24
versions/kruise/next/Chart.yaml Normal file
View File

@ -0,0 +1,24 @@
apiVersion: v1
name: kruise
description: Helm chart for kruise components
version: 1.8.1
appVersion: 1.8.0
kubeVersion: ">= 1.18.0-0"
icon: https://openkruise.io/img/openkruise-logo-bg.jpg
keywords:
- openkruise
- kubernetes
- kruise
- workload
- statefulset
- sidecar
- job
- deployment
- cloneset
home: https://openkruise.io
sources:
- https://github.com/openkruise/kruise
annotations:
artifacthub.io/changes: |
- "[Changed]: https://github.com/openkruise/kruise/blob/master/CHANGELOG.md"
- "[Security]: Fix potential security issues of dependent packages"

174
versions/kruise/next/README.md Normal file
View File

@ -0,0 +1,174 @@
# Kruise v1.8.0
## Configuration
The following table lists the configurable parameters of the kruise chart and their default values.
## setup parameters
| Parameter | Description | Default |
|--------------------------------|-----------------------------------------------------------------|-----------------|
| `featureGates` | Feature gates for Kruise, empty string means all enabled | `""` |
| `installation.namespace` | Namespace for kruise installation | `kruise-system` |
| `installation.createNamespace` | Whether to create the installation.namespace | `true` |
| `installation.roleListGroups` | ApiGroups which kruise is permit to list, default set to be all | `*` |
| `crds.managed` | Kruise will not install CRDs with chart if this is false | `true` |
| `imagePullSecrets` | The list of image pull secrets for kruise image | `[]` |
#### manager parameters
| Parameter | Description | Default |
|-------------------------------------|----------------------------------------------------------------|-----------------------------|
| `manager.log.level` | Log level that kruise-manager printed | `4` |
| `manager.replicas` | Replicas of kruise-controller-manager deployment | `2` |
| `manager.image.repository` | Repository for kruise-manager image | `openkruise/kruise-manager` |
| `manager.image.tag` | Tag for kruise-manager image | `v1.8.0` |
| `manager.resources.limits.cpu` | CPU resource limit of kruise-manager container | `200m` |
| `manager.resources.limits.memory` | Memory resource limit of kruise-manager container | `512Mi` |
| `manager.resources.requests.cpu` | CPU resource request of kruise-manager container | `100m` |
| `manager.resources.requests.memory` | Memory resource request of kruise-manager container | `256Mi` |
| `manager.metrics.port` | Port of metrics served | `8080` |
| `manager.webhook.port` | Port of webhook served | `9443` |
| `manager.pprofAddr` | Address of pprof served | `localhost:8090` |
| `manager.nodeAffinity` | Node affinity policy for kruise-manager pod | `{}` |
| `manager.nodeSelector` | Node labels for kruise-manager pod | `{}` |
| `manager.tolerations` | Tolerations for kruise-manager pod | `[]` |
| `manager.resyncPeriod` | Resync period of informer kruise-manager, defaults no resync | `0` |
| `manager.hostNetwork` | Whether kruise-manager pod should run with hostnetwork | `false` |
| `manager.loggingFormat` | Logging format, valid formats includes ` `(plain text), `json` | ` ` |
#### daemon parameters
| Parameter | Description | Default |
|-----------------------------------------------|-------------------------------------------------------------------------------------------------------|------------------------------|
| `daemon.extraEnvs` | Extra environment variables that will be pass onto pods | `[]` |
| `daemon.log.level` | Log level that kruise-daemon printed | `4` |
| `daemon.port` | Port of metrics and healthz that kruise-daemon served | `10221` |
| `daemon.pprofAddr` | Address of pprof served | `localhost:10222` |
| `daemon.resources.limits.cpu` | CPU resource limit of kruise-daemon container | `50m` |
| `daemon.resources.limits.memory` | Memory resource limit of kruise-daemon container | `128Mi` |
| `daemon.resources.requests.cpu` | CPU resource request of kruise-daemon container | `0` |
| `daemon.resources.requests.memory` | Memory resource request of kruise-daemon container | `0` |
| `daemon.affinity` | Affinity policy for kruise-daemon pod | `{}` |
| `daemon.socketLocation` | Location of the container manager control socket | `/var/run` |
| `daemon.socketFile` | Specify the socket file name in `socketLocation` (if you are not using containerd/docker/pouch/cri-o) | ` ` |
| `daemon.credentialProvider.enable` | Whether to enable credential provider for image pull job | `false` |
| `daemon.credentialProvider.hostPath` | node dir of the credential provider plugin, kruise-daemon will mount the dir as a hostpath volume | `credential-provider-plugin` |
| `daemon.credentialProvider.configmap` | configmap name of the credential provider in kruise-system ns | `credential-provider-config` |
| `daemon.credentialProvider.awsCredentialsDir` | aws credentials dir if using AWS, for example: `/root/.aws` | ` ` |
### other parameters
| Parameter | Description | Default |
|---------------------------------------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|---------|
| `enableKubeCacheMutationDetector` | Whether to enable KUBE_CACHE_MUTATION_DETECTOR | `false` |
| `webhookConfiguration.timeoutSeconds` | The timeoutSeconds for all webhook configuration | `30` |
| `serviceAccount.annotations` | Annotations to patch for serviceAccounts | `{}` |
| `externalCerts.annotations` | Annotations to patch for webhook configuration and crd when featuregate `EnableExternalCerts` is enabled. For example, `cert-manager.io/inject-ca-from: kruise-system/kruise-webhook-certs`. | `{}` |
Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. For example,
`helm install kruise https://... --set featureGates="AllAlpha=true"`.
### Optional: feature-gate
Feature-gate controls some influential features in Kruise:
| Name | Description | Default | Effect (if closed) |
|---------------------------------------------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------|---------|-------------------------------------------------------------------------------------------------------------------------|
| `PodWebhook` | Whether to open a webhook for Pod **create** | `true` | SidecarSet/KruisePodReadinessGate disabled |
| `KruiseDaemon` | Whether to deploy `kruise-daemon` DaemonSet | `true` | ImagePulling/ContainerRecreateRequest disabled |
| `DaemonWatchingPod` | Should each `kruise-daemon` watch pods on the same node | `true` | For in-place update with same imageID or env from labels/annotations |
| `CloneSetShortHash` | Enables CloneSet controller only set revision hash name to pod label | `false` | CloneSet name can not be longer than 54 characters |
| `KruisePodReadinessGate` | Enables Kruise webhook to inject 'KruisePodReady' readiness-gate to all Pods during creation | `false` | The readiness-gate will only be injected to Pods created by Kruise workloads |
| `PreDownloadImageForInPlaceUpdate` | Enables CloneSet controller to create ImagePullJobs to pre-download images for in-place update | `true` | No image pre-download for in-place update |
| `CloneSetPartitionRollback` | Enables CloneSet controller to rollback Pods to currentRevision when number of updateRevision pods is bigger than (replicas - partition) | `false` | CloneSet will only update Pods to updateRevision |
| `ResourcesDeletionProtection` | Enables protection for resources deletion | `false` | No protection for resources deletion |
| `TemplateNoDefaults` | Whether to disable defaults injection for pod/pvc template in workloads | `false` | Should not close this feature if it has open |
| `PodUnavailableBudgetDeleteGate` | Enables PodUnavailableBudget for pod deletion, eviction | `true` | No protection for pod deletion, eviction |
| `PodUnavailableBudgetUpdateGate` | Enables PodUnavailableBudget for pod.Spec update | `false` | No protection for in-place update |
| `WorkloadSpread` | Enables WorkloadSpread to manage multi-domain and elastic deploy | `true` | WorkloadSpread disabled |
| `InPlaceUpdateEnvFromMetadata` | Enables Kruise to in-place update a container in Pod when its env from labels/annotations changed and pod is in-place updating | `true` | Only container image can be in-place update |
| `StatefulSetAutoDeletePVC` | Enables policies controlling deletion of PVCs created by a StatefulSet | `true` | No deletion of PVCs by StatefulSet |
| `PreDownloadImageForDaemonSetUpdate` | Enables DaemonSet controller to create ImagePullJobs to pre-download images for in-place update | `false` | No image pre-download for in-place update |
| `PodProbeMarkerGate` | Whether to turn on PodProbeMarker ability | `true` | PodProbeMarker disabled |
| `SidecarSetPatchPodMetadataDefaultsAllowed` | Allow SidecarSet patch any annotations to Pod Object | `false` | Annotations are not allowed to patch randomly and need to be configured via SidecarSet_PatchPodMetadata_WhiteList |
| `SidecarTerminator` | SidecarTerminator enables SidecarTerminator to stop sidecar containers when all main containers exited | `false` | SidecarTerminator disabled |
| `CloneSetEventHandlerOptimization` | CloneSetEventHandlerOptimization enable optimization for cloneset-controller to reduce the queuing frequency cased by pod update | `false` | optimization for cloneset-controller to reduce the queuing frequency cased by pod update disabled |
| `PreparingUpdateAsUpdate` | PreparingUpdateAsUpdate enable CloneSet/Advanced StatefulSet controller to regard preparing-update Pod as updated when calculating update/current revision during scaling. | `false` | Pods at preparing update state will be regarded as current revision instead of update revision |
| `ImagePullJobGate` | ImagePullJobGate enable imagepulljob-controller execute ImagePullJob | `false` | ImagePullJob and PreDownloadImageForInPlaceUpdate are disabled |
| `ResourceDistributionGate` | ResourceDistributionGate enable resourcedistribution-controller execute ResourceDistribution. | `false` | ResourceDistribution disabled |
| `DeletionProtectionForCRDCascadingGate` | DeletionProtectionForCRDCascadingGate enable deletionProtection for crd Cascading | `false` | CustomResourceDefinition deletion protection disabled |
| `EnableExternalCerts` | Using certs generated externally, cert-manager e.g., for webhook server | `false` | kruise-manager will generate self-signed certs for webhook server |
| `RecreatePodWhenChangeVCTInCloneSetGate` | Recreate the pod upon changing volume claim templates in a clone set to ensure PVC consistency | `false` | kruise-manager will recreate the pod upon changing volume claim templates in a clone set to ensure PVC consistency |
| `StatefulSetStartOrdinal` | Enables a StatefulSet to start from an arbitrary non zero ordinal | `false` | kruise-manager will enables a StatefulSet to start from an arbitrary non zero ordinal |
| `PodIndexLabel` | Set pod completion index as a pod label for Indexed Jobs. | `true` | kruise-manager will set pod completion index as a pod label for Indexed Jobs. |
| `StatefulSetAutoResizePVCGate` | Enables policies auto resizing PVCs created by a StatefulSet when user expands volumeClaimTemplates. | `false` | kruise-manager will enable policies auto resizing PVCs created by a StatefulSet when user expands volumeClaimTemplates. |
| `InPlaceWorkloadVerticalScaling` | Enables CloneSet/Advanced StatefulSet controller to support vertical scaling of managed Pods. | `false` | kruise-manager will enable CloneSet/Advanced StatefulSet controller to support vertical scaling of managed Pods. |
| `EnablePodProbeMarkerOnServerless` | Enables PodProbeMarker on Serverless Pod. | `false` | kruise-manager will enable PodProbeMarker on Serverless Pod. |
| `ForceDeleteTimeoutExpectationFeatureGate` | Enables delete timeout expectation, for example: cloneSet ScaleExpectation | `false` | kruise-manager will enable delete timeout expectation, for example: cloneSet ScaleExpectation |
If you want to configure the feature-gate, just set the parameter when install or upgrade. Such as:
```bash
$ helm install kruise https://... --set featureGates="ResourcesDeletionProtection=true\,PreDownloadImageForInPlaceUpdate=true"
...
```
If you want to enable all feature-gates, set the parameter as `featureGates=AllAlpha=true`.
### Optional: the local image for China
If you are in China and have problem to pull image from official DockerHub, you can use the registry hosted on Alibaba
Cloud:
```bash
$ helm install kruise https://... --set manager.image.repository=openkruise-registry.cn-hangzhou.cr.aliyuncs.com/openkruise/kruise-manager
...
```
### Optional: Support webhook CA injection using external certification management tool
Kruise needs certificates to enable mutating, validating and conversion webhooks. By default, kruise will generate
self-signed certificates for webhook server.
If you want to use external certification management tool, e.g. cert-manager, you can follow these steps when install or
upgrade:
1. Install external certification management tool, e.g. [cert-manager](https://cert-manager.io/docs/installation/helm/).
2. Create issuer and certificate resources if you have not done this before.
```yaml
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
name: kruise-webhook-certs
# consistent with installation.namespace
namespace: kruise-system
spec:
# where to store the certificates
# cert-manager would generate a secret kruise-system/kruise-webhook-certs with the certificates
# DO NOT CHANGE THE SECRET NAME SINCE KRUISE READ CERTS FROM THIS SECRET
secretName: kruise-webhook-certs
dnsNames:
- kruise-webhook-service.kruise-system.svc
- localhost
issuerRef:
name: selfsigned-kruise
kind: Issuer
---
apiVersion: cert-manager.io/v1
kind: Issuer
metadata:
name: selfsigned-kruise
namespace: kruise-system
spec:
selfSigned: { }
```
3. During installation and upgrade, enable external certs support by setting featureGates=EnableExternalCerts=true and
specify extra annotations that should be added to webhookconfiguration and CRD.
```
helm install kruise https://... --set featureGates="EnableExternalCerts=true" --set-json externalCerts.annotations='{"cert-manager.io/inject-ca-from":"kruise-system/kruise-webhook-certs"}'
```
Visit [CA Injector - cert manager](https://cert-manager.io/docs/concepts/ca-injector/) for more details.

1
versions/kruise/next/ci/default-values.yaml Normal file
View File

@ -0,0 +1 @@
# Test with default values

96
versions/kruise/next/templates/_helpers.tpl Normal file
View File

@ -0,0 +1,96 @@
{{/* vim: set filetype=mustache: */}}
{{/*
Expand the name of the chart.
*/}}
{{- define "kruise.name" -}}
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{/*
Create a default fully qualified app name.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
If release name contains chart name it will be used as a full name.
*/}}
{{- define "kruise.fullname" -}}
{{- if .Values.fullnameOverride -}}
{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
{{- else -}}
{{- $name := default .Chart.Name .Values.nameOverride -}}
{{- if contains $name .Release.Name -}}
{{- .Release.Name | trunc 63 | trimSuffix "-" -}}
{{- else -}}
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{- end -}}
{{- end -}}
{{/*
Create chart name and version as used by the chart label.
*/}}
{{- define "kruise.chart" -}}
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{/*
Lookup existing immutatble resources
*/}}
{{- define "webhookServiceSpec" -}}
{{- $service := lookup "v1" "Service" .Values.installation.namespace "kruise-webhook-service" -}}
{{- if $service -}}
{{ if $service.spec.clusterIP -}}
clusterIP: {{ $service.spec.clusterIP }}
{{- end }}
{{ if $service.spec.clusterIPs -}}
clusterIPs:
{{ $service.spec.clusterIPs }}
{{- end }}
{{ if $service.spec.ipFamilyPolicy -}}
ipFamilyPolicy: {{ $service.spec.ipFamilyPolicy }}
{{- end }}
{{ if $service.spec.ipFamilies -}}
ipFamilies:
{{ $service.spec.ipFamilies }}
{{- end }}
{{ if $service.spec.type -}}
type: {{ $service.spec.type }}
{{- end }}
{{ if $service.spec.ipFamily -}}
ipFamily: {{ $service.spec.ipFamily }}
{{- end }}
{{- end -}}
ports:
- port: 443
targetPort: {{ .Values.manager.webhook.port }}
selector:
control-plane: controller-manager
{{- end -}}
{{- define "webhookSecretData" -}}
{{- $secret := lookup "v1" "Secret" .Values.installation.namespace "kruise-webhook-certs" -}}
{{- if $secret -}}
data:
{{- range $k, $v := $secret.data }}
{{ $k }}: {{ $v }}
{{- end }}
{{- end }}
{{- end -}}
{{- define "serviceAccountManager" -}}
{{- $sa := lookup "v1" "ServiceAccount" .Values.installation.namespace "kruise-manager" -}}
{{- if $sa -}}
secrets:
{{- range $v := $sa.secrets }}
- name: {{ $v.name }}
{{- end }}
{{- end }}
{{- end -}}
{{- define "serviceAccountDaemon" -}}
{{- $sa := lookup "v1" "ServiceAccount" .Values.installation.namespace "kruise-daemon" -}}
{{- if $sa -}}
secrets:
{{- range $v := $sa.secrets }}
- name: {{ $v.name }}
{{- end }}
{{- end }}
{{- end -}}

281
versions/kruise/next/templates/apps.kruise.io_advancedcronjobs.yaml Normal file
View File

@ -0,0 +1,281 @@
{{- if .Values.crds.managed }}
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.14.0
name: advancedcronjobs.apps.kruise.io
spec:
group: apps.kruise.io
names:
kind: AdvancedCronJob
listKind: AdvancedCronJobList
plural: advancedcronjobs
shortNames:
- acj
singular: advancedcronjob
scope: Namespaced
versions:
- additionalPrinterColumns:
- description: The schedule of advanced cron job.
jsonPath: .spec.schedule
name: Schedule
type: string
- description: Type of cron job.
jsonPath: .status.type
name: Type
type: string
- description: The last time at which job was scheduled.
jsonPath: .status.lastScheduleTime
name: LastScheduleTime
type: date
- description: CreationTimestamp is a timestamp representing the server time when
this object was created. It is not guaranteed to be set in happens-before
order across separate operations. Clients may not set this value. It is represented
in RFC3339 form and is in UTC.
jsonPath: .metadata.creationTimestamp
name: AGE
type: date
name: v1alpha1
schema:
openAPIV3Schema:
description: AdvancedCronJob is the Schema for the advancedcronjobs API
properties:
apiVersion:
description: |-
APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
type: string
kind:
description: |-
Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string
metadata:
type: object
spec:
description: AdvancedCronJobSpec defines the desired state of AdvancedCronJob
properties:
concurrencyPolicy:
description: |-
Specifies how to treat concurrent executions of a Job.
Valid values are:
- "Allow" (default): allows CronJobs to run concurrently;
- "Forbid": forbids concurrent runs, skipping next run if previous run hasn't finished yet;
- "Replace": cancels currently running job and replaces it with a new one
enum:
- Allow
- Forbid
- Replace
type: string
failedJobsHistoryLimit:
description: |-
The number of failed finished jobs to retain.
This is a pointer to distinguish between explicit zero and not specified.
format: int32
type: integer
paused:
description: Paused will pause the cron job.
type: boolean
schedule:
description: The schedule in Cron format, see https://en.wikipedia.org/wiki/Cron.
minLength: 0
type: string
startingDeadlineSeconds:
description: |-
Optional deadline in seconds for starting the job if it misses scheduled
time for any reason. Missed jobs executions will be counted as failed ones.
format: int64
type: integer
successfulJobsHistoryLimit:
description: |-
The number of successful finished jobs to retain.
This is a pointer to distinguish between explicit zero and not specified.
format: int32
type: integer
template:
description: Specifies the job that will be created when executing
a CronJob.
properties:
broadcastJobTemplate:
description: Specifies the broadcastjob that will be created when
executing a BroadcastCronJob.
properties:
metadata:
description: Standard object's metadata of the jobs created
from this template.
type: object
spec:
description: Specification of the desired behavior of the
broadcastjob.
properties:
completionPolicy:
description: |-
CompletionPolicy indicates the completion policy of the job.
Default is Always CompletionPolicyType.
properties:
activeDeadlineSeconds:
description: |-
ActiveDeadlineSeconds specifies the duration in seconds relative to the startTime that the job may be active
before the system tries to terminate it; value must be positive integer.
Only works for Always type.
format: int64
type: integer
ttlSecondsAfterFinished:
description: |-
ttlSecondsAfterFinished limits the lifetime of a Job that has finished
execution (either Complete or Failed). If this field is set,
ttlSecondsAfterFinished after the Job finishes, it is eligible to be
automatically deleted. When the Job is being deleted, its lifecycle
guarantees (e.g. finalizers) will be honored. If this field is unset,
the Job won't be automatically deleted. If this field is set to zero,
the Job becomes eligible to be deleted immediately after it finishes.
This field is alpha-level and is only honored by servers that enable the
TTLAfterFinished feature.
Only works for Always type
format: int32
type: integer
type:
description: |-
Type indicates the type of the CompletionPolicy.
Default is Always.
type: string
type: object
failurePolicy:
description: FailurePolicy indicates the behavior of the
job, when failed pod is found.
properties:
restartLimit:
description: RestartLimit specifies the number of
retries before marking the pod failed.
format: int32
type: integer
type:
description: |-
Type indicates the type of FailurePolicyType.
Default is FailurePolicyTypeFailFast.
type: string
type: object
parallelism:
anyOf:
- type: integer
- type: string
description: |-
Parallelism specifies the maximum desired number of pods the job should
run at any given time. The actual number of pods running in steady state will
be less than this number when the work left to do is less than max parallelism.
Not setting this value means no limit.
x-kubernetes-int-or-string: true
paused:
description: Paused will pause the job.
type: boolean
template:
description: Template describes the pod that will be created
when executing a job.
x-kubernetes-preserve-unknown-fields: true
required:
- template
type: object
type: object
jobTemplate:
description: Specifies the job that will be created when executing
a CronJob.
x-kubernetes-preserve-unknown-fields: true
type: object
timeZone:
description: |-
The time zone name for the given schedule, see https://en.wikipedia.org/wiki/List_of_tz_database_time_zones.
If not specified, this will default to the time zone of the kruise-controller-manager process.
type: string
required:
- schedule
- template
type: object
status:
description: AdvancedCronJobStatus defines the observed state of AdvancedCronJob
properties:
active:
description: A list of pointers to currently running jobs.
items:
description: |-
ObjectReference contains enough information to let you inspect or modify the referred object.
---
New uses of this type are discouraged because of difficulty describing its usage when embedded in APIs.
1. Ignored fields. It includes many fields which are not generally honored. For instance, ResourceVersion and FieldPath are both very rarely valid in actual usage.
2. Invalid usage help. It is impossible to add specific help for individual usage. In most embedded usages, there are particular
restrictions like, "must refer only to types A and B" or "UID not honored" or "name must be restricted".
Those cannot be well described when embedded.
3. Inconsistent validation. Because the usages are different, the validation rules are different by usage, which makes it hard for users to predict what will happen.
4. The fields are both imprecise and overly precise. Kind is not a precise mapping to a URL. This can produce ambiguity
during interpretation and require a REST mapping. In most cases, the dependency is on the group,resource tuple
and the version of the actual struct is irrelevant.
5. We cannot easily change it. Because this type is embedded in many locations, updates to this type
will affect numerous schemas. Don't make new APIs embed an underspecified API type they do not control.
Instead of using this type, create a locally provided and used type that is well-focused on your reference.
For example, ServiceReferences for admission registration: https://github.com/kubernetes/api/blob/release-1.17/admissionregistration/v1/types.go#L533 .
properties:
apiVersion:
description: API version of the referent.
type: string
fieldPath:
description: |-
If referring to a piece of an object instead of an entire object, this string
should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2].
For example, if the object reference is to a container within a pod, this would take on a value like:
"spec.containers{name}" (where "name" refers to the name of the container that triggered
the event) or if no container name is specified "spec.containers[2]" (container with
index 2 in this pod). This syntax is chosen only to have some well-defined way of
referencing a part of an object.
TODO: this design is not final and this field is subject to change in the future.
type: string
kind:
description: |-
Kind of the referent.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string
name:
description: |-
Name of the referent.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
type: string
namespace:
description: |-
Namespace of the referent.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/
type: string
resourceVersion:
description: |-
Specific resourceVersion to which this reference is made, if any.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
type: string
uid:
description: |-
UID of the referent.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids
type: string
type: object
x-kubernetes-map-type: atomic
type: array
lastScheduleTime:
description: Information when was the last time the job was successfully
scheduled.
format: date-time
type: string
type:
type: string
type: object
type: object
served: true
storage: true
subresources:
status: {}
{{- end }}

214
versions/kruise/next/templates/apps.kruise.io_broadcastjobs.yaml Normal file
View File

@ -0,0 +1,214 @@
{{- if .Values.crds.managed }}
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.14.0
name: broadcastjobs.apps.kruise.io
spec:
group: apps.kruise.io
names:
kind: BroadcastJob
listKind: BroadcastJobList
plural: broadcastjobs
shortNames:
- bcj
singular: broadcastjob
scope: Namespaced
versions:
- additionalPrinterColumns:
- description: The desired number of pods. This is typically equal to the number
of nodes satisfied to run pods.
jsonPath: .status.desired
name: Desired
type: integer
- description: The number of actively running pods.
jsonPath: .status.active
name: Active
type: integer
- description: The number of pods which reached phase Succeeded.
jsonPath: .status.succeeded
name: Succeeded
type: integer
- description: The number of pods which reached phase Failed.
jsonPath: .status.failed
name: Failed
type: integer
- description: CreationTimestamp is a timestamp representing the server time when
this object was created. It is not guaranteed to be set in happens-before
order across separate operations. Clients may not set this value. It is represented
in RFC3339 form and is in UTC.
jsonPath: .metadata.creationTimestamp
name: AGE
type: date
name: v1alpha1
schema:
openAPIV3Schema:
description: BroadcastJob is the Schema for the broadcastjobs API
properties:
apiVersion:
description: |-
APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
type: string
kind:
description: |-
Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string
metadata:
type: object
spec:
description: BroadcastJobSpec defines the desired state of BroadcastJob
properties:
completionPolicy:
description: |-
CompletionPolicy indicates the completion policy of the job.
Default is Always CompletionPolicyType.
properties:
activeDeadlineSeconds:
description: |-
ActiveDeadlineSeconds specifies the duration in seconds relative to the startTime that the job may be active
before the system tries to terminate it; value must be positive integer.
Only works for Always type.
format: int64
type: integer
ttlSecondsAfterFinished:
description: |-
ttlSecondsAfterFinished limits the lifetime of a Job that has finished
execution (either Complete or Failed). If this field is set,
ttlSecondsAfterFinished after the Job finishes, it is eligible to be
automatically deleted. When the Job is being deleted, its lifecycle
guarantees (e.g. finalizers) will be honored. If this field is unset,
the Job won't be automatically deleted. If this field is set to zero,
the Job becomes eligible to be deleted immediately after it finishes.
This field is alpha-level and is only honored by servers that enable the
TTLAfterFinished feature.
Only works for Always type
format: int32
type: integer
type:
description: |-
Type indicates the type of the CompletionPolicy.
Default is Always.
type: string
type: object
failurePolicy:
description: FailurePolicy indicates the behavior of the job, when
failed pod is found.
properties:
restartLimit:
description: RestartLimit specifies the number of retries before
marking the pod failed.
format: int32
type: integer
type:
description: |-
Type indicates the type of FailurePolicyType.
Default is FailurePolicyTypeFailFast.
type: string
type: object
parallelism:
anyOf:
- type: integer
- type: string
description: |-
Parallelism specifies the maximum desired number of pods the job should
run at any given time. The actual number of pods running in steady state will
be less than this number when the work left to do is less than max parallelism.
Not setting this value means no limit.
x-kubernetes-int-or-string: true
paused:
description: Paused will pause the job.
type: boolean
template:
description: Template describes the pod that will be created when
executing a job.
x-kubernetes-preserve-unknown-fields: true
required:
- template
type: object
status:
description: BroadcastJobStatus defines the observed state of BroadcastJob
properties:
active:
description: The number of actively running pods.
format: int32
type: integer
completionTime:
description: |-
Represents time when the job was completed. It is not guaranteed to
be set in happens-before order across separate operations.
It is represented in RFC3339 form and is in UTC.
format: date-time
type: string
conditions:
description: The latest available observations of an object's current
state.
items:
description: JobCondition describes current state of a job.
properties:
lastProbeTime:
description: Last time the condition was checked.
format: date-time
type: string
lastTransitionTime:
description: Last time the condition transit from one status
to another.
format: date-time
type: string
message:
description: Human readable message indicating details about
last transition.
type: string
reason:
description: (brief) reason for the condition's last transition.
type: string
status:
description: Status of the condition, one of True, False, Unknown.
type: string
type:
description: Type of job condition, Complete or Failed.
type: string
required:
- status
- type
type: object
type: array
desired:
description: The desired number of pods, this is typically equal to
the number of nodes satisfied to run pods.
format: int32
type: integer
failed:
description: The number of pods which reached phase Failed.
format: int32
type: integer
phase:
description: The phase of the job.
type: string
startTime:
description: |-
Represents time when the job was acknowledged by the job controller.
It is not guaranteed to be set in happens-before order across separate operations.
It is represented in RFC3339 form and is in UTC.
format: date-time
type: string
succeeded:
description: The number of pods which reached phase Succeeded.
format: int32
type: integer
type: object
type: object
served: true
storage: true
subresources:
status: {}
{{- end }}

553
versions/kruise/next/templates/apps.kruise.io_clonesets.yaml Normal file
View File

@ -0,0 +1,553 @@
{{- if .Values.crds.managed }}
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.14.0
name: clonesets.apps.kruise.io
spec:
group: apps.kruise.io
names:
kind: CloneSet
listKind: CloneSetList
plural: clonesets
shortNames:
- clone
singular: cloneset
scope: Namespaced
versions:
- additionalPrinterColumns:
- description: The desired number of pods.
jsonPath: .spec.replicas
name: DESIRED
type: integer
- description: The number of pods updated.
jsonPath: .status.updatedReplicas
name: UPDATED
type: integer
- description: The number of pods updated and ready.
jsonPath: .status.updatedReadyReplicas
name: UPDATED_READY
type: integer
- description: The number of pods updated and available.
jsonPath: .status.updatedAvailableReplicas
name: UPDATED_AVAILABLE
type: integer
- description: The number of pods ready.
jsonPath: .status.readyReplicas
name: READY
type: integer
- description: The number of currently all pods.
jsonPath: .status.replicas
name: TOTAL
type: integer
- description: CreationTimestamp is a timestamp representing the server time when
this object was created. It is not guaranteed to be set in happens-before
order across separate operations. Clients may not set this value. It is represented
in RFC3339 form and is in UTC.
jsonPath: .metadata.creationTimestamp
name: AGE
type: date
- description: The containers of currently cloneset.
jsonPath: .spec.template.spec.containers[*].name
name: CONTAINERS
priority: 1
type: string
- description: The images of currently cloneset.
jsonPath: .spec.template.spec.containers[*].image
name: IMAGES
priority: 1
type: string
- description: The selector of currently cloneset.
jsonPath: .status.labelSelector
name: SELECTOR
priority: 1
type: string
name: v1alpha1
schema:
openAPIV3Schema:
description: CloneSet is the Schema for the clonesets API
properties:
apiVersion:
description: |-
APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
type: string
kind:
description: |-
Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string
metadata:
type: object
spec:
description: CloneSetSpec defines the desired state of CloneSet
properties:
lifecycle:
description: Lifecycle defines the lifecycle hooks for Pods pre-available(pre-normal),
pre-delete, in-place update.
properties:
inPlaceUpdate:
description: InPlaceUpdate is the hook before Pod to update and
after Pod has been updated.
properties:
finalizersHandler:
items:
type: string
type: array
labelsHandler:
additionalProperties:
type: string
type: object
markPodNotReady:
description: |-
MarkPodNotReady = true means:
- Pod will be set to 'NotReady' at preparingDelete/preparingUpdate state.
- Pod will be restored to 'Ready' at Updated state if it was set to 'NotReady' at preparingUpdate state.
Currently, MarkPodNotReady only takes effect on InPlaceUpdate & PreDelete hook.
Default to false.
type: boolean
type: object
preDelete:
description: PreDelete is the hook before Pod to be deleted.
properties:
finalizersHandler:
items:
type: string
type: array
labelsHandler:
additionalProperties:
type: string
type: object
markPodNotReady:
description: |-
MarkPodNotReady = true means:
- Pod will be set to 'NotReady' at preparingDelete/preparingUpdate state.
- Pod will be restored to 'Ready' at Updated state if it was set to 'NotReady' at preparingUpdate state.
Currently, MarkPodNotReady only takes effect on InPlaceUpdate & PreDelete hook.
Default to false.
type: boolean
type: object
preNormal:
description: PreNormal is the hook after Pod to be created and
ready to be Normal.
properties:
finalizersHandler:
items:
type: string
type: array
labelsHandler:
additionalProperties:
type: string
type: object
markPodNotReady:
description: |-
MarkPodNotReady = true means:
- Pod will be set to 'NotReady' at preparingDelete/preparingUpdate state.
- Pod will be restored to 'Ready' at Updated state if it was set to 'NotReady' at preparingUpdate state.
Currently, MarkPodNotReady only takes effect on InPlaceUpdate & PreDelete hook.
Default to false.
type: boolean
type: object
type: object
minReadySeconds:
description: |-
Minimum number of seconds for which a newly created pod should be ready
without any of its container crashing, for it to be considered available.
Defaults to 0 (pod will be considered available as soon as it is ready)
format: int32
type: integer
replicas:
description: |-
Replicas is the desired number of replicas of the given Template.
These are replicas in the sense that they are instantiations of the
same Template.
If unspecified, defaults to 1.
format: int32
type: integer
revisionHistoryLimit:
description: |-
RevisionHistoryLimit is the maximum number of revisions that will
be maintained in the CloneSet's revision history. The revision history
consists of all revisions not represented by a currently applied
CloneSetSpec version. The default value is 10.
format: int32
type: integer
scaleStrategy:
description: |-
ScaleStrategy indicates the ScaleStrategy that will be employed to
create and delete Pods in the CloneSet.
properties:
disablePVCReuse:
description: |-
Indicate if cloneSet will reuse already existed pvc to
rebuild a new pod
type: boolean
maxUnavailable:
anyOf:
- type: integer
- type: string
description: |-
The maximum number of pods that can be unavailable for scaled pods.
This field can control the changes rate of replicas for CloneSet so as to minimize the impact for users' service.
The scale will fail if the number of unavailable pods were greater than this MaxUnavailable at scaling up.
MaxUnavailable works only when scaling up.
x-kubernetes-int-or-string: true
podsToDelete:
description: |-
PodsToDelete is the names of Pod should be deleted.
Note that this list will be truncated for non-existing pod names.
items:
type: string
type: array
type: object
selector:
description: |-
Selector is a label query over pods that should match the replica count.
It must match the pod template's labels.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#label-selectors
properties:
matchExpressions:
description: matchExpressions is a list of label selector requirements.
The requirements are ANDed.
items:
description: |-
A label selector requirement is a selector that contains values, a key, and an operator that
relates the key and values.
properties:
key:
description: key is the label key that the selector applies
to.
type: string
operator:
description: |-
operator represents a key's relationship to a set of values.
Valid operators are In, NotIn, Exists and DoesNotExist.
type: string
values:
description: |-
values is an array of string values. If the operator is In or NotIn,
the values array must be non-empty. If the operator is Exists or DoesNotExist,
the values array must be empty. This array is replaced during a strategic
merge patch.
items:
type: string
type: array
required:
- key
- operator
type: object
type: array
matchLabels:
additionalProperties:
type: string
description: |-
matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
map is equivalent to an element of matchExpressions, whose key field is "key", the
operator is "In", and the values array contains only "value". The requirements are ANDed.
type: object
type: object
x-kubernetes-map-type: atomic
template:
description: Template describes the pods that will be created.
x-kubernetes-preserve-unknown-fields: true
updateStrategy:
description: |-
UpdateStrategy indicates the UpdateStrategy that will be employed to
update Pods in the CloneSet when a revision is made to Template.
properties:
inPlaceUpdateStrategy:
description: InPlaceUpdateStrategy contains strategies for in-place
update.
properties:
gracePeriodSeconds:
description: |-
GracePeriodSeconds is the timespan between set Pod status to not-ready and update images in Pod spec
when in-place update a Pod.
format: int32
type: integer
type: object
maxSurge:
anyOf:
- type: integer
- type: string
description: |-
The maximum number of pods that can be scheduled above the desired replicas during update or specified delete.
Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%).
Absolute number is calculated from percentage by rounding up.
Defaults to 0.
x-kubernetes-int-or-string: true
maxUnavailable:
anyOf:
- type: integer
- type: string
description: |-
The maximum number of pods that can be unavailable during update or scale.
Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%).
Absolute number is calculated from percentage by rounding up by default.
When maxSurge > 0, absolute number is calculated from percentage by rounding down.
Defaults to 20%.
x-kubernetes-int-or-string: true
partition:
anyOf:
- type: integer
- type: string
description: |-
Partition is the desired number of pods in old revisions.
Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%).
Absolute number is calculated from percentage by rounding up by default.
It means when partition is set during pods updating, (replicas - partition value) number of pods will be updated.
Default value is 0.
x-kubernetes-int-or-string: true
paused:
description: |-
Paused indicates that the CloneSet is paused.
Default value is false
type: boolean
priorityStrategy:
description: |-
Priorities are the rules for calculating the priority of updating pods.
Each pod to be updated, will pass through these terms and get a sum of weights.
properties:
orderPriority:
description: |-
Order priority terms, pods will be sorted by the value of orderedKey.
For example:
```
orderPriority:
- orderedKey: key1
- orderedKey: key2
```
First, all pods which have key1 in labels will be sorted by the value of key1.
Then, the left pods which have no key1 but have key2 in labels will be sorted by
the value of key2 and put behind those pods have key1.
items:
description: UpdatePriorityOrderTerm defines order priority.
properties:
orderedKey:
description: |-
Calculate priority by value of this key.
Values of this key, will be sorted by GetInt(val). GetInt method will find the last int in value,
such as getting 5 in value '5', getting 10 in value 'sts-10'.
type: string
required:
- orderedKey
type: object
type: array
weightPriority:
description: Weight priority terms, pods will be sorted by
the sum of all terms weight.
items:
description: UpdatePriorityWeightTerm defines weight priority.
properties:
matchSelector:
description: MatchSelector is used to select by pod's
labels.
properties:
matchExpressions:
description: matchExpressions is a list of label
selector requirements. The requirements are ANDed.
items:
description: |-
A label selector requirement is a selector that contains values, a key, and an operator that
relates the key and values.
properties:
key:
description: key is the label key that the
selector applies to.
type: string
operator:
description: |-
operator represents a key's relationship to a set of values.
Valid operators are In, NotIn, Exists and DoesNotExist.
type: string
values:
description: |-
values is an array of string values. If the operator is In or NotIn,
the values array must be non-empty. If the operator is Exists or DoesNotExist,
the values array must be empty. This array is replaced during a strategic
merge patch.
items:
type: string
type: array
required:
- key
- operator
type: object
type: array
matchLabels:
additionalProperties:
type: string
description: |-
matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
map is equivalent to an element of matchExpressions, whose key field is "key", the
operator is "In", and the values array contains only "value". The requirements are ANDed.
type: object
type: object
x-kubernetes-map-type: atomic
weight:
description: Weight associated with matching the corresponding
matchExpressions, in the range 1-100.
format: int32
type: integer
required:
- matchSelector
- weight
type: object
type: array
type: object
scatterStrategy:
description: |-
ScatterStrategy defines the scatter rules to make pods been scattered when update.
This will avoid pods with the same key-value to be updated in one batch.
- Note that pods will be scattered after priority sort. So, although priority strategy and scatter strategy can be applied together, we suggest to use either one of them.
- If scatterStrategy is used, we suggest to just use one term. Otherwise, the update order can be hard to understand.
items:
properties:
key:
type: string
value:
type: string
required:
- key
- value
type: object
type: array
type:
description: |-
Type indicates the type of the CloneSetUpdateStrategy.
Default is ReCreate.
type: string
type: object
volumeClaimTemplates:
description: |-
VolumeClaimTemplates is a list of claims that pods are allowed to reference.
Note that PVC will be deleted when its pod has been deleted.
x-kubernetes-preserve-unknown-fields: true
required:
- selector
- template
type: object
status:
description: CloneSetStatus defines the observed state of CloneSet
properties:
availableReplicas:
description: AvailableReplicas is the number of Pods created by the
CloneSet controller that have a Ready Condition for at least minReadySeconds.
format: int32
type: integer
collisionCount:
description: |-
CollisionCount is the count of hash collisions for the CloneSet. The CloneSet controller
uses this field as a collision avoidance mechanism when it needs to create the name for the
newest ControllerRevision.
format: int32
type: integer
conditions:
description: Conditions represents the latest available observations
of a CloneSet's current state.
items:
description: CloneSetCondition describes the state of a CloneSet
at a certain point.
properties:
lastTransitionTime:
description: Last time the condition transitioned from one status
to another.
format: date-time
type: string
message:
description: A human readable message indicating details about
the transition.
type: string
reason:
description: The reason for the condition's last transition.
type: string
status:
description: Status of the condition, one of True, False, Unknown.
type: string
type:
description: Type of CloneSet condition.
type: string
required:
- status
- type
type: object
type: array
currentRevision:
description: currentRevision, if not empty, indicates the current
revision version of the CloneSet.
type: string
expectedUpdatedReplicas:
description: |-
ExpectedUpdatedReplicas is the number of Pods that should be updated by CloneSet controller.
This field is calculated via Replicas - Partition.
format: int32
type: integer
labelSelector:
description: LabelSelector is label selectors for query over pods
that should match the replica count used by HPA.
type: string
observedGeneration:
description: |-
ObservedGeneration is the most recent generation observed for this CloneSet. It corresponds to the
CloneSet's generation, which is updated on mutation by the API Server.
format: int64
type: integer
readyReplicas:
description: ReadyReplicas is the number of Pods created by the CloneSet
controller that have a Ready Condition.
format: int32
type: integer
replicas:
description: Replicas is the number of Pods created by the CloneSet
controller.
format: int32
type: integer
updateRevision:
description: UpdateRevision, if not empty, indicates the latest revision
of the CloneSet.
type: string
updatedAvailableReplicas:
description: |-
UpdatedAvailableReplicas is the number of Pods created by the CloneSet controller from the CloneSet version
indicated by updateRevision and have a Ready Condition for at least minReadySeconds.
Notice: when enable InPlaceWorkloadVerticalScaling, pod during resource resizing will also be unavailable.
This means these pod will be counted in maxUnavailable.
format: int32
type: integer
updatedReadyReplicas:
description: |-
UpdatedReadyReplicas is the number of Pods created by the CloneSet controller from the CloneSet version
indicated by updateRevision and have a Ready Condition.
format: int32
type: integer
updatedReplicas:
description: |-
UpdatedReplicas is the number of Pods created by the CloneSet controller from the CloneSet version
indicated by updateRevision.
format: int32
type: integer
required:
- availableReplicas
- readyReplicas
- replicas
- updatedReadyReplicas
- updatedReplicas
type: object
type: object
served: true
storage: true
subresources:
scale:
labelSelectorPath: .status.labelSelector
specReplicasPath: .spec.replicas
statusReplicasPath: .status.replicas
status: {}
{{- end }}

345
versions/kruise/next/templates/apps.kruise.io_containerrecreaterequests.yaml Normal file
View File

@ -0,0 +1,345 @@
{{- if .Values.crds.managed }}
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.14.0
name: containerrecreaterequests.apps.kruise.io
spec:
group: apps.kruise.io
names:
kind: ContainerRecreateRequest
listKind: ContainerRecreateRequestList
plural: containerrecreaterequests
shortNames:
- crr
singular: containerrecreaterequest
scope: Namespaced
versions:
- additionalPrinterColumns:
- description: Phase of this ContainerRecreateRequest.
jsonPath: .status.phase
name: PHASE
type: string
- description: Pod name of this ContainerRecreateRequest.
jsonPath: .spec.podName
name: POD
type: string
- description: Pod name of this ContainerRecreateRequest.
jsonPath: .metadata.labels.crr\.apps\.kruise\.io/node-name
name: NODE
type: string
- description: CreationTimestamp is a timestamp representing the server time when
this object was created. It is not guaranteed to be set in happens-before
order across separate operations. Clients may not set this value. It is represented
in RFC3339 form and is in UTC.
jsonPath: .metadata.creationTimestamp
name: AGE
type: date
name: v1alpha1
schema:
openAPIV3Schema:
description: ContainerRecreateRequest is the Schema for the containerrecreaterequests
API
properties:
apiVersion:
description: |-
APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
type: string
kind:
description: |-
Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string
metadata:
type: object
spec:
description: ContainerRecreateRequestSpec defines the desired state of
ContainerRecreateRequest
properties:
activeDeadlineSeconds:
description: ActiveDeadlineSeconds is the deadline duration of this
ContainerRecreateRequest.
format: int64
type: integer
containers:
description: Containers contains the containers that need to recreate
in the Pod.
items:
description: ContainerRecreateRequestContainer defines the container
that need to recreate.
properties:
name:
description: |-
Name of the container that need to recreate.
It must be existing in the real pod.Spec.Containers.
type: string
ports:
description: |-
Ports is synced from the real container in Pod spec during this ContainerRecreateRequest creating.
Populated by the system.
Read-only.
items:
description: ContainerPort represents a network port in a
single container.
properties:
containerPort:
description: |-
Number of port to expose on the pod's IP address.
This must be a valid port number, 0 < x < 65536.
format: int32
type: integer
hostIP:
description: What host IP to bind the external port to.
type: string
hostPort:
description: |-
Number of port to expose on the host.
If specified, this must be a valid port number, 0 < x < 65536.
If HostNetwork is specified, this must match ContainerPort.
Most containers do not need this.
format: int32
type: integer
name:
description: |-
If specified, this must be an IANA_SVC_NAME and unique within the pod. Each
named port in a pod must have a unique name. Name for the port that can be
referred to by services.
type: string
protocol:
default: TCP
description: |-
Protocol for port. Must be UDP, TCP, or SCTP.
Defaults to "TCP".
type: string
required:
- containerPort
type: object
type: array
preStop:
description: |-
PreStop is synced from the real container in Pod spec during this ContainerRecreateRequest creating.
Populated by the system.
Read-only.
properties:
exec:
description: |-
One and only one of the following should be specified.
Exec specifies the action to take.
properties:
command:
description: |-
Command is the command line to execute inside the container, the working directory for the
command is root ('/') in the container's filesystem. The command is simply exec'd, it is
not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use
a shell, you need to explicitly call out to that shell.
Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
items:
type: string
type: array
type: object
httpGet:
description: HTTPGet specifies the http request to perform.
properties:
host:
description: |-
Host name to connect to, defaults to the pod IP. You probably want to set
"Host" in httpHeaders instead.
type: string
httpHeaders:
description: Custom headers to set in the request. HTTP
allows repeated headers.
items:
description: HTTPHeader describes a custom header
to be used in HTTP probes
properties:
name:
description: |-
The header field name.
This will be canonicalized upon output, so case-variant names will be understood as the same header.
type: string
value:
description: The header field value
type: string
required:
- name
- value
type: object
type: array
path:
description: Path to access on the HTTP server.
type: string
port:
anyOf:
- type: integer
- type: string
description: |-
Name or number of the port to access on the container.
Number must be in the range 1 to 65535.
Name must be an IANA_SVC_NAME.
x-kubernetes-int-or-string: true
scheme:
description: |-
Scheme to use for connecting to the host.
Defaults to HTTP.
type: string
required:
- port
type: object
tcpSocket:
description: |-
TCPSocket specifies an action involving a TCP port.
TCP hooks not yet supported
TODO: implement a realistic TCP lifecycle hook
properties:
host:
description: 'Optional: Host name to connect to, defaults
to the pod IP.'
type: string
port:
anyOf:
- type: integer
- type: string
description: |-
Number or name of the port to access on the container.
Number must be in the range 1 to 65535.
Name must be an IANA_SVC_NAME.
x-kubernetes-int-or-string: true
required:
- port
type: object
type: object
statusContext:
description: |-
StatusContext is synced from the real Pod status during this ContainerRecreateRequest creating.
Populated by the system.
Read-only.
properties:
containerID:
description: Container's ID in the format 'docker://<container_id>'.
type: string
restartCount:
description: |-
The number of times the container has been restarted, currently based on
the number of dead containers that have not yet been removed.
Note that this is calculated from dead containers. But those containers are subject to
garbage collection. This value will get capped at 5 by GC.
format: int32
type: integer
required:
- containerID
- restartCount
type: object
required:
- name
type: object
type: array
podName:
description: PodName is name of the Pod that owns the recreated containers.
type: string
strategy:
description: Strategy defines strategies for containers recreation.
properties:
failurePolicy:
description: FailurePolicy decides whether to continue if one
container fails to recreate
type: string
forceRecreate:
description: ForceRecreate indicates whether to force kill the
container even if the previous container is starting.
type: boolean
minStartedSeconds:
description: |-
Minimum number of seconds for which a newly created container should be started and ready
without any of its container crashing, for it to be considered Succeeded.
Defaults to 0 (container will be considered Succeeded as soon as it is started and ready)
format: int32
type: integer
orderedRecreate:
description: OrderedRecreate indicates whether to recreate the
next container only if the previous one has recreated completely.
type: boolean
terminationGracePeriodSeconds:
description: |-
TerminationGracePeriodSeconds is the optional duration in seconds to wait the container terminating gracefully.
Value must be non-negative integer. The value zero indicates delete immediately.
If this value is nil, we will use pod.Spec.TerminationGracePeriodSeconds as default value.
format: int64
type: integer
unreadyGracePeriodSeconds:
description: |-
UnreadyGracePeriodSeconds is the optional duration in seconds to mark Pod as not ready over this duration before
executing preStop hook and stopping the container.
format: int64
type: integer
type: object
ttlSecondsAfterFinished:
description: TTLSecondsAfterFinished is the TTL duration after this
ContainerRecreateRequest has completed.
format: int32
type: integer
required:
- containers
- podName
type: object
status:
description: ContainerRecreateRequestStatus defines the observed state
of ContainerRecreateRequest
properties:
completionTime:
description: |-
Represents time when the ContainerRecreateRequest was completed. It is not guaranteed to
be set in happens-before order across separate operations.
It is represented in RFC3339 form and is in UTC.
format: date-time
type: string
containerRecreateStates:
description: ContainerRecreateStates contains the recreation states
of the containers.
items:
description: ContainerRecreateRequestContainerRecreateState contains
the recreation state of the container.
properties:
isKilled:
description: Containers are killed by kruise daemon
type: boolean
message:
description: A human readable message indicating details about
this state.
type: string
name:
description: Name of the container.
type: string
phase:
description: Phase indicates the recreation phase of the container.
type: string
required:
- name
- phase
type: object
type: array
message:
description: A human readable message indicating details about this
ContainerRecreateRequest.
type: string
phase:
description: Phase of this ContainerRecreateRequest, e.g. Pending,
Recreating, Completed
type: string
required:
- phase
type: object
type: object
served: true
storage: true
subresources:
status: {}
{{- end }}

465
versions/kruise/next/templates/apps.kruise.io_daemonsets.yaml Normal file
View File

@ -0,0 +1,465 @@
{{- if .Values.crds.managed }}
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.14.0
name: daemonsets.apps.kruise.io
spec:
group: apps.kruise.io
names:
kind: DaemonSet
listKind: DaemonSetList
plural: daemonsets
shortNames:
- daemon
- ads
singular: daemonset
scope: Namespaced
versions:
- additionalPrinterColumns:
- description: The desired number of pods.
jsonPath: .status.desiredNumberScheduled
name: DESIRED
type: integer
- description: The current number of pods.
jsonPath: .status.currentNumberScheduled
name: CURRENT
type: integer
- description: The ready number of pods.
jsonPath: .status.numberReady
name: READY
type: integer
- description: The updated number of pods.
jsonPath: .status.updatedNumberScheduled
name: UP-TO-DATE
type: integer
- description: The updated number of pods.
jsonPath: .status.numberAvailable
name: AVAILABLE
type: integer
- description: CreationTimestamp is a timestamp representing the server time when
this object was created. It is not guaranteed to be set in happens-before
order across separate operations. Clients may not set this value. It is represented
in RFC3339 form and is in UTC.
jsonPath: .metadata.creationTimestamp
name: AGE
type: date
- description: The containers of currently daemonset.
jsonPath: .spec.template.spec.containers[*].name
name: CONTAINERS
priority: 1
type: string
- description: The images of currently advanced daemonset.
jsonPath: .spec.template.spec.containers[*].image
name: IMAGES
priority: 1
type: string
name: v1alpha1
schema:
openAPIV3Schema:
description: DaemonSet is the Schema for the daemonsets API
properties:
apiVersion:
description: |-
APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
type: string
kind:
description: |-
Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string
metadata:
type: object
spec:
description: DaemonSetSpec defines the desired state of DaemonSet
properties:
burstReplicas:
anyOf:
- type: integer
- type: string
description: |-
BurstReplicas is a rate limiter for booting pods on a lot of pods.
The default value is 250
x-kubernetes-int-or-string: true
lifecycle:
description: |-
Lifecycle defines the lifecycle hooks for Pods pre-delete, in-place update.
Currently, we only support pre-delete hook for Advanced DaemonSet.
properties:
inPlaceUpdate:
description: InPlaceUpdate is the hook before Pod to update and
after Pod has been updated.
properties:
finalizersHandler:
items:
type: string
type: array
labelsHandler:
additionalProperties:
type: string
type: object
markPodNotReady:
description: |-
MarkPodNotReady = true means:
- Pod will be set to 'NotReady' at preparingDelete/preparingUpdate state.
- Pod will be restored to 'Ready' at Updated state if it was set to 'NotReady' at preparingUpdate state.
Currently, MarkPodNotReady only takes effect on InPlaceUpdate & PreDelete hook.
Default to false.
type: boolean
type: object
preDelete:
description: PreDelete is the hook before Pod to be deleted.
properties:
finalizersHandler:
items:
type: string
type: array
labelsHandler:
additionalProperties:
type: string
type: object
markPodNotReady:
description: |-
MarkPodNotReady = true means:
- Pod will be set to 'NotReady' at preparingDelete/preparingUpdate state.
- Pod will be restored to 'Ready' at Updated state if it was set to 'NotReady' at preparingUpdate state.
Currently, MarkPodNotReady only takes effect on InPlaceUpdate & PreDelete hook.
Default to false.
type: boolean
type: object
preNormal:
description: PreNormal is the hook after Pod to be created and
ready to be Normal.
properties:
finalizersHandler:
items:
type: string
type: array
labelsHandler:
additionalProperties:
type: string
type: object
markPodNotReady:
description: |-
MarkPodNotReady = true means:
- Pod will be set to 'NotReady' at preparingDelete/preparingUpdate state.
- Pod will be restored to 'Ready' at Updated state if it was set to 'NotReady' at preparingUpdate state.
Currently, MarkPodNotReady only takes effect on InPlaceUpdate & PreDelete hook.
Default to false.
type: boolean
type: object
type: object
minReadySeconds:
description: |-
The minimum number of seconds for which a newly created DaemonSet pod should
be ready without any of its container crashing, for it to be considered
available. Defaults to 0 (pod will be considered available as soon as it
is ready).
format: int32
type: integer
revisionHistoryLimit:
description: |-
The number of old history to retain to allow rollback.
This is a pointer to distinguish between explicit zero and not specified.
Defaults to 10.
format: int32
type: integer
selector:
description: |-
A label query over pods that are managed by the daemon set.
Must match in order to be controlled.
It must match the pod template's labels.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#label-selectors
properties:
matchExpressions:
description: matchExpressions is a list of label selector requirements.
The requirements are ANDed.
items:
description: |-
A label selector requirement is a selector that contains values, a key, and an operator that
relates the key and values.
properties:
key:
description: key is the label key that the selector applies
to.
type: string
operator:
description: |-
operator represents a key's relationship to a set of values.
Valid operators are In, NotIn, Exists and DoesNotExist.
type: string
values:
description: |-
values is an array of string values. If the operator is In or NotIn,
the values array must be non-empty. If the operator is Exists or DoesNotExist,
the values array must be empty. This array is replaced during a strategic
merge patch.
items:
type: string
type: array
required:
- key
- operator
type: object
type: array
matchLabels:
additionalProperties:
type: string
description: |-
matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
map is equivalent to an element of matchExpressions, whose key field is "key", the
operator is "In", and the values array contains only "value". The requirements are ANDed.
type: object
type: object
x-kubernetes-map-type: atomic
template:
description: |-
An object that describes the pod that will be created.
The DaemonSet will create exactly one copy of this pod on every node
that matches the template's node selector (or on every node if no node
selector is specified).
More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#pod-template
x-kubernetes-preserve-unknown-fields: true
updateStrategy:
description: An update strategy to replace existing DaemonSet pods
with new pods.
properties:
rollingUpdate:
description: Rolling update config params. Present only if type
= "RollingUpdate".
properties:
maxSurge:
anyOf:
- type: integer
- type: string
description: |-
The maximum number of nodes with an existing available DaemonSet pod that
can have an updated DaemonSet pod during during an update.
Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%).
This can not be 0 if MaxUnavailable is 0.
Absolute number is calculated from percentage by rounding up to a minimum of 1.
Default value is 0.
Example: when this is set to 30%, at most 30% of the total number of nodes
that should be running the daemon pod (i.e. status.desiredNumberScheduled)
can have their a new pod created before the old pod is marked as deleted.
The update starts by launching new pods on 30% of nodes. Once an updated
pod is available (Ready for at least minReadySeconds) the old DaemonSet pod
on that node is marked deleted. If the old pod becomes unavailable for any
reason (Ready transitions to false, is evicted, or is drained) an updated
pod is immediately created on that node without considering surge limits.
Allowing surge implies the possibility that the resources consumed by the
daemonset on any given node can double if the readiness check fails, and
so resource intensive daemonsets should take into account that they may
cause evictions during disruption.
This is beta field and enabled/disabled by DaemonSetUpdateSurge feature gate.
x-kubernetes-int-or-string: true
maxUnavailable:
anyOf:
- type: integer
- type: string
description: |-
The maximum number of DaemonSet pods that can be unavailable during the
update. Value can be an absolute number (ex: 5) or a percentage of total
number of DaemonSet pods at the start of the update (ex: 10%). Absolute
number is calculated from percentage by rounding up.
This cannot be 0 if MaxSurge is 0
Default value is 1.
Example: when this is set to 30%, at most 30% of the total number of nodes
that should be running the daemon pod (i.e. status.desiredNumberScheduled)
can have their pods stopped for an update at any given time. The update
starts by stopping at most 30% of those DaemonSet pods and then brings
up new DaemonSet pods in their place. Once the new pods are available,
it then proceeds onto other DaemonSet pods, thus ensuring that at least
70% of original number of DaemonSet pods are available at all times during
the update.
x-kubernetes-int-or-string: true
partition:
description: |-
The number of DaemonSet pods remained to be old version.
Default value is 0.
Maximum value is status.DesiredNumberScheduled, which means no pod will be updated.
format: int32
type: integer
paused:
description: |-
Indicates that the daemon set is paused and will not be processed by the
daemon set controller.
type: boolean
rollingUpdateType:
description: Type is to specify which kind of rollingUpdate.
type: string
selector:
description: |-
A label query over nodes that are managed by the daemon set RollingUpdate.
Must match in order to be controlled.
It must match the node's labels.
properties:
matchExpressions:
description: matchExpressions is a list of label selector
requirements. The requirements are ANDed.
items:
description: |-
A label selector requirement is a selector that contains values, a key, and an operator that
relates the key and values.
properties:
key:
description: key is the label key that the selector
applies to.
type: string
operator:
description: |-
operator represents a key's relationship to a set of values.
Valid operators are In, NotIn, Exists and DoesNotExist.
type: string
values:
description: |-
values is an array of string values. If the operator is In or NotIn,
the values array must be non-empty. If the operator is Exists or DoesNotExist,
the values array must be empty. This array is replaced during a strategic
merge patch.
items:
type: string
type: array
required:
- key
- operator
type: object
type: array
matchLabels:
additionalProperties:
type: string
description: |-
matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
map is equivalent to an element of matchExpressions, whose key field is "key", the
operator is "In", and the values array contains only "value". The requirements are ANDed.
type: object
type: object
x-kubernetes-map-type: atomic
type: object
type:
description: Type of daemon set update. Can be "RollingUpdate"
or "OnDelete". Default is RollingUpdate.
type: string
type: object
required:
- selector
- template
type: object
status:
description: DaemonSetStatus defines the observed state of DaemonSet
properties:
collisionCount:
description: |-
Count of hash collisions for the DaemonSet. The DaemonSet controller
uses this field as a collision avoidance mechanism when it needs to
create the name for the newest ControllerRevision.
format: int32
type: integer
conditions:
description: Represents the latest available observations of a DaemonSet's
current state.
items:
description: DaemonSetCondition describes the state of a DaemonSet
at a certain point.
properties:
lastTransitionTime:
description: Last time the condition transitioned from one status
to another.
format: date-time
type: string
message:
description: A human readable message indicating details about
the transition.
type: string
reason:
description: The reason for the condition's last transition.
type: string
status:
description: Status of the condition, one of True, False, Unknown.
type: string
type:
description: Type of DaemonSet condition.
type: string
required:
- status
- type
type: object
type: array
currentNumberScheduled:
description: |-
The number of nodes that are running at least 1
daemon pod and are supposed to run the daemon pod.
More info: https://kubernetes.io/docs/concepts/workloads/controllers/daemonset/
format: int32
type: integer
daemonSetHash:
description: DaemonSetHash is the controller-revision-hash, which
represents the latest version of the DaemonSet.
type: string
desiredNumberScheduled:
description: |-
The total number of nodes that should be running the daemon
pod (including nodes correctly running the daemon pod).
More info: https://kubernetes.io/docs/concepts/workloads/controllers/daemonset/
format: int32
type: integer
numberAvailable:
description: |-
The number of nodes that should be running the
daemon pod and have one or more of the daemon pod running and
available (ready for at least spec.minReadySeconds)
format: int32
type: integer
numberMisscheduled:
description: |-
The number of nodes that are running the daemon pod, but are
not supposed to run the daemon pod.
More info: https://kubernetes.io/docs/concepts/workloads/controllers/daemonset/
format: int32
type: integer
numberReady:
description: |-
The number of nodes that should be running the daemon pod and have one
or more of the daemon pod running and ready.
format: int32
type: integer
numberUnavailable:
description: |-
The number of nodes that should be running the
daemon pod and have none of the daemon pod running and available
(ready for at least spec.minReadySeconds)
format: int32
type: integer
observedGeneration:
description: The most recent generation observed by the daemon set
controller.
format: int64
type: integer
updatedNumberScheduled:
description: The total number of nodes that are running updated daemon
pod
format: int32
type: integer
required:
- currentNumberScheduled
- daemonSetHash
- desiredNumberScheduled
- numberMisscheduled
- numberReady
- updatedNumberScheduled
type: object
type: object
served: true
storage: true
subresources:
status: {}
{{- end }}

315
versions/kruise/next/templates/apps.kruise.io_imagelistpulljobs.yaml Normal file
View File

@ -0,0 +1,315 @@
{{- if .Values.crds.managed }}
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.14.0
name: imagelistpulljobs.apps.kruise.io
spec:
group: apps.kruise.io
names:
kind: ImageListPullJob
listKind: ImageListPullJobList
plural: imagelistpulljobs
singular: imagelistpulljob
scope: Namespaced
versions:
- additionalPrinterColumns:
- description: Number of image pull job
jsonPath: .status.desired
name: TOTAL
type: integer
- description: Number of image pull job succeeded
jsonPath: .status.succeeded
name: SUCCEEDED
type: integer
- description: Number of ImagePullJobs which are finished
jsonPath: .status.completed
name: COMPLETED
type: integer
- description: CreationTimestamp is a timestamp representing the server time when
this object was created. It is not guaranteed to be set in happens-before
order across separate operations. Clients may not set this value. It is represented
in RFC3339 form and is in UTC.
jsonPath: .metadata.creationTimestamp
name: AGE
type: date
name: v1alpha1
schema:
openAPIV3Schema:
description: ImageListPullJob is the Schema for the imagelistpulljobs API
properties:
apiVersion:
description: |-
APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
type: string
kind:
description: |-
Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string
metadata:
type: object
spec:
description: ImageListPullJobSpec defines the desired state of ImageListPullJob
properties:
completionPolicy:
description: |-
CompletionPolicy indicates the completion policy of the job.
Default is Always CompletionPolicyType.
properties:
activeDeadlineSeconds:
description: |-
ActiveDeadlineSeconds specifies the duration in seconds relative to the startTime that the job may be active
before the system tries to terminate it; value must be positive integer.
Only works for Always type.
format: int64
type: integer
ttlSecondsAfterFinished:
description: |-
ttlSecondsAfterFinished limits the lifetime of a Job that has finished
execution (either Complete or Failed). If this field is set,
ttlSecondsAfterFinished after the Job finishes, it is eligible to be
automatically deleted. When the Job is being deleted, its lifecycle
guarantees (e.g. finalizers) will be honored. If this field is unset,
the Job won't be automatically deleted. If this field is set to zero,
the Job becomes eligible to be deleted immediately after it finishes.
This field is alpha-level and is only honored by servers that enable the
TTLAfterFinished feature.
Only works for Always type
format: int32
type: integer
type:
description: |-
Type indicates the type of the CompletionPolicy.
Default is Always.
type: string
type: object
imagePullPolicy:
description: |-
Image pull policy.
One of Always, IfNotPresent. Defaults to IfNotPresent.
type: string
images:
description: Images is the image list to be pulled by the job
items:
type: string
type: array
parallelism:
anyOf:
- type: integer
- type: string
description: |-
Parallelism is the requested parallelism, it can be set to any non-negative value. If it is unspecified,
it defaults to 1. If it is specified as 0, then the Job is effectively paused until it is increased.
x-kubernetes-int-or-string: true
podSelector:
description: |-
PodSelector is a query over pods that should pull image on nodes of these pods.
Mutually exclusive with Selector.
properties:
matchExpressions:
description: matchExpressions is a list of label selector requirements.
The requirements are ANDed.
items:
description: |-
A label selector requirement is a selector that contains values, a key, and an operator that
relates the key and values.
properties:
key:
description: key is the label key that the selector applies
to.
type: string
operator:
description: |-
operator represents a key's relationship to a set of values.
Valid operators are In, NotIn, Exists and DoesNotExist.
type: string
values:
description: |-
values is an array of string values. If the operator is In or NotIn,
the values array must be non-empty. If the operator is Exists or DoesNotExist,
the values array must be empty. This array is replaced during a strategic
merge patch.
items:
type: string
type: array
required:
- key
- operator
type: object
type: array
matchLabels:
additionalProperties:
type: string
description: |-
matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
map is equivalent to an element of matchExpressions, whose key field is "key", the
operator is "In", and the values array contains only "value". The requirements are ANDed.
type: object
type: object
x-kubernetes-map-type: atomic
pullPolicy:
description: |-
PullPolicy is an optional field to set parameters of the pulling task. If not specified,
the system will use the default values.
properties:
backoffLimit:
description: |-
Specifies the number of retries before marking the pulling task failed.
Defaults to 3
format: int32
type: integer
timeoutSeconds:
description: |-
Specifies the timeout of the pulling task.
Defaults to 600
format: int32
type: integer
type: object
pullSecrets:
description: |-
ImagePullSecrets is an optional list of references to secrets in the same namespace to use for pulling the image.
If specified, these secrets will be passed to individual puller implementations for them to use. For example,
in the case of docker, only DockerConfig type secrets are honored.
items:
type: string
type: array
sandboxConfig:
description: SandboxConfig support attach metadata in PullImage CRI
interface during ImagePulljobs
properties:
annotations:
additionalProperties:
type: string
type: object
labels:
additionalProperties:
type: string
type: object
type: object
selector:
description: |-
Selector is a query over nodes that should match the job.
nil to match all nodes.
properties:
matchExpressions:
description: matchExpressions is a list of label selector requirements.
The requirements are ANDed.
items:
description: |-
A label selector requirement is a selector that contains values, a key, and an operator that
relates the key and values.
properties:
key:
description: key is the label key that the selector applies
to.
type: string
operator:
description: |-
operator represents a key's relationship to a set of values.
Valid operators are In, NotIn, Exists and DoesNotExist.
type: string
values:
description: |-
values is an array of string values. If the operator is In or NotIn,
the values array must be non-empty. If the operator is Exists or DoesNotExist,
the values array must be empty. This array is replaced during a strategic
merge patch.
items:
type: string
type: array
required:
- key
- operator
type: object
type: array
matchLabels:
additionalProperties:
type: string
description: |-
matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
map is equivalent to an element of matchExpressions, whose key field is "key", the
operator is "In", and the values array contains only "value". The requirements are ANDed.
type: object
names:
description: Names specify a set of nodes to execute the job.
items:
type: string
type: array
type: object
x-kubernetes-map-type: atomic
required:
- completionPolicy
- images
type: object
status:
description: ImageListPullJobStatus defines the observed state of ImageListPullJob
properties:
active:
description: The number of running ImagePullJobs which are acknowledged
by the imagepulljob controller.
format: int32
type: integer
completed:
description: The number of ImagePullJobs which are finished
format: int32
type: integer
completionTime:
description: |-
Represents time when the all the image pull job was completed. It is not guaranteed to
be set in happens-before order across separate operations.
It is represented in RFC3339 form and is in UTC.
format: date-time
type: string
desired:
description: The desired number of ImagePullJobs, this is typically
equal to the number of len(spec.Images).
format: int32
type: integer
failedImageStatuses:
description: The status of ImagePullJob which has the failed nodes(status.Failed>0)
.
items:
description: FailedImageStatus the state of ImagePullJob which has
the failed nodes(status.Failed>0)
properties:
imagePullJob:
description: The name of ImagePullJob which has the failed nodes(status.Failed>0)
type: string
message:
description: The text prompt for job running status.
type: string
name:
description: Name of the image
type: string
type: object
type: array
startTime:
description: |-
Represents time when the job was acknowledged by the job controller.
It is not guaranteed to be set in happens-before order across separate operations.
It is represented in RFC3339 form and is in UTC.
format: date-time
type: string
succeeded:
description: The number of image pull job which are finished and status.Succeeded==status.Desired.
format: int32
type: integer
required:
- desired
type: object
type: object
served: true
storage: true
subresources:
status: {}
{{- end }}

310
versions/kruise/next/templates/apps.kruise.io_imagepulljobs.yaml Normal file
View File

@ -0,0 +1,310 @@
{{- if .Values.crds.managed }}
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.14.0
name: imagepulljobs.apps.kruise.io
spec:
group: apps.kruise.io
names:
kind: ImagePullJob
listKind: ImagePullJobList
plural: imagepulljobs
singular: imagepulljob
scope: Namespaced
versions:
- additionalPrinterColumns:
- description: Number of all nodes matched by this job
jsonPath: .status.desired
name: TOTAL
type: integer
- description: Number of image pull task active
jsonPath: .status.active
name: ACTIVE
type: integer
- description: Number of image pull task succeeded
jsonPath: .status.succeeded
name: SUCCEED
type: integer
- description: Number of image pull tasks failed
jsonPath: .status.failed
name: FAILED
type: integer
- description: CreationTimestamp is a timestamp representing the server time when
this object was created. It is not guaranteed to be set in happens-before
order across separate operations. Clients may not set this value. It is represented
in RFC3339 form and is in UTC.
jsonPath: .metadata.creationTimestamp
name: AGE
type: date
- description: Summary of status when job is failed
jsonPath: .status.message
name: MESSAGE
type: string
name: v1alpha1
schema:
openAPIV3Schema:
description: ImagePullJob is the Schema for the imagepulljobs API
properties:
apiVersion:
description: |-
APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
type: string
kind:
description: |-
Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string
metadata:
type: object
spec:
description: ImagePullJobSpec defines the desired state of ImagePullJob
properties:
completionPolicy:
description: |-
CompletionPolicy indicates the completion policy of the job.
Default is Always CompletionPolicyType.
properties:
activeDeadlineSeconds:
description: |-
ActiveDeadlineSeconds specifies the duration in seconds relative to the startTime that the job may be active
before the system tries to terminate it; value must be positive integer.
Only works for Always type.
format: int64
type: integer
ttlSecondsAfterFinished:
description: |-
ttlSecondsAfterFinished limits the lifetime of a Job that has finished
execution (either Complete or Failed). If this field is set,
ttlSecondsAfterFinished after the Job finishes, it is eligible to be
automatically deleted. When the Job is being deleted, its lifecycle
guarantees (e.g. finalizers) will be honored. If this field is unset,
the Job won't be automatically deleted. If this field is set to zero,
the Job becomes eligible to be deleted immediately after it finishes.
This field is alpha-level and is only honored by servers that enable the
TTLAfterFinished feature.
Only works for Always type
format: int32
type: integer
type:
description: |-
Type indicates the type of the CompletionPolicy.
Default is Always.
type: string
type: object
image:
description: Image is the image to be pulled by the job
type: string
imagePullPolicy:
description: |-
Image pull policy.
One of Always, IfNotPresent. Defaults to IfNotPresent.
type: string
parallelism:
anyOf:
- type: integer
- type: string
description: |-
Parallelism is the requested parallelism, it can be set to any non-negative value. If it is unspecified,
it defaults to 1. If it is specified as 0, then the Job is effectively paused until it is increased.
x-kubernetes-int-or-string: true
podSelector:
description: |-
PodSelector is a query over pods that should pull image on nodes of these pods.
Mutually exclusive with Selector.
properties:
matchExpressions:
description: matchExpressions is a list of label selector requirements.
The requirements are ANDed.
items:
description: |-
A label selector requirement is a selector that contains values, a key, and an operator that
relates the key and values.
properties:
key:
description: key is the label key that the selector applies
to.
type: string
operator:
description: |-
operator represents a key's relationship to a set of values.
Valid operators are In, NotIn, Exists and DoesNotExist.
type: string
values:
description: |-
values is an array of string values. If the operator is In or NotIn,
the values array must be non-empty. If the operator is Exists or DoesNotExist,
the values array must be empty. This array is replaced during a strategic
merge patch.
items:
type: string
type: array
required:
- key
- operator
type: object
type: array
matchLabels:
additionalProperties:
type: string
description: |-
matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
map is equivalent to an element of matchExpressions, whose key field is "key", the
operator is "In", and the values array contains only "value". The requirements are ANDed.
type: object
type: object
x-kubernetes-map-type: atomic
pullPolicy:
description: |-
PullPolicy is an optional field to set parameters of the pulling task. If not specified,
the system will use the default values.
properties:
backoffLimit:
description: |-
Specifies the number of retries before marking the pulling task failed.
Defaults to 3
format: int32
type: integer
timeoutSeconds:
description: |-
Specifies the timeout of the pulling task.
Defaults to 600
format: int32
type: integer
type: object
pullSecrets:
description: |-
ImagePullSecrets is an optional list of references to secrets in the same namespace to use for pulling the image.
If specified, these secrets will be passed to individual puller implementations for them to use. For example,
in the case of docker, only DockerConfig type secrets are honored.
items:
type: string
type: array
sandboxConfig:
description: SandboxConfig support attach metadata in PullImage CRI
interface during ImagePulljobs
properties:
annotations:
additionalProperties:
type: string
type: object
labels:
additionalProperties:
type: string
type: object
type: object
selector:
description: |-
Selector is a query over nodes that should match the job.
nil to match all nodes.
properties:
matchExpressions:
description: matchExpressions is a list of label selector requirements.
The requirements are ANDed.
items:
description: |-
A label selector requirement is a selector that contains values, a key, and an operator that
relates the key and values.
properties:
key:
description: key is the label key that the selector applies
to.
type: string
operator:
description: |-
operator represents a key's relationship to a set of values.
Valid operators are In, NotIn, Exists and DoesNotExist.
type: string
values:
description: |-
values is an array of string values. If the operator is In or NotIn,
the values array must be non-empty. If the operator is Exists or DoesNotExist,
the values array must be empty. This array is replaced during a strategic
merge patch.
items:
type: string
type: array
required:
- key
- operator
type: object
type: array
matchLabels:
additionalProperties:
type: string
description: |-
matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
map is equivalent to an element of matchExpressions, whose key field is "key", the
operator is "In", and the values array contains only "value". The requirements are ANDed.
type: object
names:
description: Names specify a set of nodes to execute the job.
items:
type: string
type: array
type: object
x-kubernetes-map-type: atomic
required:
- completionPolicy
- image
type: object
status:
description: ImagePullJobStatus defines the observed state of ImagePullJob
properties:
active:
description: The number of actively running pulling tasks.
format: int32
type: integer
completionTime:
description: |-
Represents time when the job was completed. It is not guaranteed to
be set in happens-before order across separate operations.
It is represented in RFC3339 form and is in UTC.
format: date-time
type: string
desired:
description: The desired number of pulling tasks, this is typically
equal to the number of nodes satisfied.
format: int32
type: integer
failed:
description: The number of pulling tasks which reached phase Failed.
format: int32
type: integer
failedNodes:
description: The nodes that failed to pull the image.
items:
type: string
type: array
message:
description: The text prompt for job running status.
type: string
startTime:
description: |-
Represents time when the job was acknowledged by the job controller.
It is not guaranteed to be set in happens-before order across separate operations.
It is represented in RFC3339 form and is in UTC.
format: date-time
type: string
succeeded:
description: The number of pulling tasks which reached phase Succeeded.
format: int32
type: integer
required:
- desired
type: object
type: object
served: true
storage: true
subresources:
status: {}
{{- end }}

343
versions/kruise/next/templates/apps.kruise.io_nodeimages.yaml Normal file
View File

@ -0,0 +1,343 @@
{{- if .Values.crds.managed }}
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.14.0
name: nodeimages.apps.kruise.io
spec:
group: apps.kruise.io
names:
kind: NodeImage
listKind: NodeImageList
plural: nodeimages
singular: nodeimage
scope: Cluster
versions:
- additionalPrinterColumns:
- description: Number of all images on this node
jsonPath: .status.desired
name: DESIRED
type: integer
- description: Number of image pull task active
jsonPath: .status.pulling
name: PULLING
type: integer
- description: Number of image pull task succeeded
jsonPath: .status.succeeded
name: SUCCEED
type: integer
- description: Number of image pull tasks failed
jsonPath: .status.failed
name: FAILED
type: integer
- description: CreationTimestamp is a timestamp representing the server time when
this object was created. It is not guaranteed to be set in happens-before
order across separate operations. Clients may not set this value. It is represented
in RFC3339 form and is in UTC.
jsonPath: .metadata.creationTimestamp
name: AGE
type: date
name: v1alpha1
schema:
openAPIV3Schema:
description: NodeImage is the Schema for the nodeimages API
properties:
apiVersion:
description: |-
APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
type: string
kind:
description: |-
Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string
metadata:
type: object
spec:
description: NodeImageSpec defines the desired state of NodeImage
properties:
images:
additionalProperties:
description: ImageSpec defines the pulling spec of an image
properties:
pullSecrets:
description: |-
PullSecrets is an optional list of references to secrets in the same namespace to use for pulling the image.
If specified, these secrets will be passed to individual puller implementations for them to use. For example,
in the case of docker, only DockerConfig type secrets are honored.
items:
description: |-
ReferenceObject comprises a resource name, with a mandatory namespace,
rendered as "<namespace>/<name>".
properties:
name:
type: string
namespace:
type: string
type: object
type: array
sandboxConfig:
description: SandboxConfig support attach metadata in PullImage
CRI interface during ImagePulljobs
properties:
annotations:
additionalProperties:
type: string
type: object
labels:
additionalProperties:
type: string
type: object
type: object
tags:
description: Tags is a list of versions of this image
items:
description: ImageTagSpec defines the pulling spec of an image
tag
properties:
createdAt:
description: Specifies the create time of this tag
format: date-time
type: string
imagePullPolicy:
description: |-
Image pull policy.
One of Always, IfNotPresent. Defaults to IfNotPresent.
type: string
ownerReferences:
description: |-
List of objects depended by this object. If this image is managed by a controller,
then an entry in this list will point to this controller.
items:
description: |-
ObjectReference contains enough information to let you inspect or modify the referred object.
---
New uses of this type are discouraged because of difficulty describing its usage when embedded in APIs.
1. Ignored fields. It includes many fields which are not generally honored. For instance, ResourceVersion and FieldPath are both very rarely valid in actual usage.
2. Invalid usage help. It is impossible to add specific help for individual usage. In most embedded usages, there are particular
restrictions like, "must refer only to types A and B" or "UID not honored" or "name must be restricted".
Those cannot be well described when embedded.
3. Inconsistent validation. Because the usages are different, the validation rules are different by usage, which makes it hard for users to predict what will happen.
4. The fields are both imprecise and overly precise. Kind is not a precise mapping to a URL. This can produce ambiguity
during interpretation and require a REST mapping. In most cases, the dependency is on the group,resource tuple
and the version of the actual struct is irrelevant.
5. We cannot easily change it. Because this type is embedded in many locations, updates to this type
will affect numerous schemas. Don't make new APIs embed an underspecified API type they do not control.
Instead of using this type, create a locally provided and used type that is well-focused on your reference.
For example, ServiceReferences for admission registration: https://github.com/kubernetes/api/blob/release-1.17/admissionregistration/v1/types.go#L533 .
properties:
apiVersion:
description: API version of the referent.
type: string
fieldPath:
description: |-
If referring to a piece of an object instead of an entire object, this string
should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2].
For example, if the object reference is to a container within a pod, this would take on a value like:
"spec.containers{name}" (where "name" refers to the name of the container that triggered
the event) or if no container name is specified "spec.containers[2]" (container with
index 2 in this pod). This syntax is chosen only to have some well-defined way of
referencing a part of an object.
TODO: this design is not final and this field is subject to change in the future.
type: string
kind:
description: |-
Kind of the referent.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string
name:
description: |-
Name of the referent.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
type: string
namespace:
description: |-
Namespace of the referent.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/
type: string
resourceVersion:
description: |-
Specific resourceVersion to which this reference is made, if any.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
type: string
uid:
description: |-
UID of the referent.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids
type: string
type: object
x-kubernetes-map-type: atomic
type: array
pullPolicy:
description: |-
PullPolicy is an optional field to set parameters of the pulling task. If not specified,
the system will use the default values.
properties:
activeDeadlineSeconds:
description: |-
ActiveDeadlineSeconds specifies the duration in seconds relative to the startTime that the task may be active
before the system tries to terminate it; value must be positive integer.
if not specified, the system will never terminate it.
format: int64
type: integer
backoffLimit:
description: |-
Specifies the number of retries before marking the pulling task failed.
Defaults to 3
format: int32
type: integer
timeoutSeconds:
description: |-
Specifies the timeout of the pulling task.
Defaults to 600
format: int32
type: integer
ttlSecondsAfterFinished:
description: |-
TTLSecondsAfterFinished limits the lifetime of a pulling task that has finished execution (either Complete or Failed).
If this field is set, ttlSecondsAfterFinished after the task finishes, it is eligible to be automatically deleted.
If this field is unset, the task won't be automatically deleted.
If this field is set to zero, the task becomes eligible to be deleted immediately after it finishes.
format: int32
type: integer
type: object
tag:
description: Specifies the image tag
type: string
version:
description: |-
An opaque value that represents the internal version of this tag that can
be used by clients to determine when objects have changed. May be used for optimistic
concurrency, change detection, and the watch operation on a resource or set of resources.
Clients must treat these values as opaque and passed unmodified back to the server.
Populated by the system.
Read-only.
Value must be treated as opaque by clients and .
format: int64
type: integer
required:
- tag
type: object
type: array
required:
- tags
type: object
description: |-
Specifies images to be pulled on this node
It can not be more than 256 for each NodeImage
type: object
type: object
status:
description: NodeImageStatus defines the observed state of NodeImage
properties:
desired:
description: The desired number of pulling tasks, this is typically
equal to the number of images in spec.
format: int32
type: integer
failed:
description: The number of pulling tasks which reached phase Failed.
format: int32
type: integer
firstSyncStatus:
description: |-
The first of all job has finished on this node. When a node is added to the cluster, we want to know
the time when the node's image pulling is completed, and use it to trigger the operation of the upper system.
properties:
message:
type: string
status:
description: SyncStatusPhase defines the node status
type: string
syncAt:
format: date-time
type: string
type: object
imageStatuses:
additionalProperties:
description: ImageStatus defines the pulling status of an image
properties:
tags:
description: Represents statuses of pulling tasks on this node
items:
description: ImageTagStatus defines the pulling status of
an image tag
properties:
completionTime:
description: |-
Represents time when the pulling task was completed. It is not guaranteed to
be set in happens-before order across separate operations.
It is represented in RFC3339 form and is in UTC.
format: date-time
type: string
imageID:
description: Represents the ID of this image.
type: string
message:
description: Represents the summary information of this
node
type: string
phase:
description: Represents the image pulling task phase.
type: string
progress:
description: |-
Represents the pulling progress of this tag, which is between 0-100. There is no guarantee
of monotonic consistency, and it may be a rollback due to retry during pulling.
format: int32
type: integer
startTime:
description: |-
Represents time when the pulling task was acknowledged by the image puller.
It is not guaranteed to be set in happens-before order across separate operations.
It is represented in RFC3339 form and is in UTC.
format: date-time
type: string
tag:
description: Represents the image tag.
type: string
version:
description: Represents the internal version of this tag
that the daemon handled.
format: int64
type: integer
required:
- phase
- tag
type: object
type: array
required:
- tags
type: object
description: all statuses of active image pulling tasks
type: object
pulling:
description: The number of pulling tasks which are not finished.
format: int32
type: integer
succeeded:
description: The number of pulling tasks which reached phase Succeeded.
format: int32
type: integer
required:
- desired
type: object
type: object
served: true
storage: true
subresources:
status: {}
{{- end }}

292
versions/kruise/next/templates/apps.kruise.io_nodepodprobes.yaml Normal file
View File

@ -0,0 +1,292 @@
{{- if .Values.crds.managed }}
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.14.0
name: nodepodprobes.apps.kruise.io
spec:
group: apps.kruise.io
names:
kind: NodePodProbe
listKind: NodePodProbeList
plural: nodepodprobes
singular: nodepodprobe
scope: Cluster
versions:
- name: v1alpha1
schema:
openAPIV3Schema:
description: NodePodProbe is the Schema for the NodePodProbe API
properties:
apiVersion:
description: |-
APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
type: string
kind:
description: |-
Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string
metadata:
type: object
spec:
description: NodePodProbeSpec defines the desired state of NodePodProbe
properties:
podProbes:
items:
properties:
IP:
description: pod ip
type: string
name:
description: pod name
type: string
namespace:
description: pod namespace
type: string
probes:
description: Custom container probe, supports Exec, Tcp, and
returns the result to Pod yaml
items:
properties:
containerName:
description: container name
type: string
name:
description: Name is podProbeMarker.Name#probe.Name
type: string
probe:
description: container probe spec
properties:
exec:
description: Exec specifies the action to take.
properties:
command:
description: |-
Command is the command line to execute inside the container, the working directory for the
command is root ('/') in the container's filesystem. The command is simply exec'd, it is
not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use
a shell, you need to explicitly call out to that shell.
Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
items:
type: string
type: array
type: object
failureThreshold:
description: |-
Minimum consecutive failures for the probe to be considered failed after having succeeded.
Defaults to 3. Minimum value is 1.
format: int32
type: integer
grpc:
description: GRPC specifies an action involving a
GRPC port.
properties:
port:
description: Port number of the gRPC service.
Number must be in the range 1 to 65535.
format: int32
type: integer
service:
description: |-
Service is the name of the service to place in the gRPC HealthCheckRequest
(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).
If this is not specified, the default behavior is defined by gRPC.
type: string
required:
- port
type: object
httpGet:
description: HTTPGet specifies the http request to
perform.
properties:
host:
description: |-
Host name to connect to, defaults to the pod IP. You probably want to set
"Host" in httpHeaders instead.
type: string
httpHeaders:
description: Custom headers to set in the request.
HTTP allows repeated headers.
items:
description: HTTPHeader describes a custom header
to be used in HTTP probes
properties:
name:
description: |-
The header field name.
This will be canonicalized upon output, so case-variant names will be understood as the same header.
type: string
value:
description: The header field value
type: string
required:
- name
- value
type: object
type: array
path:
description: Path to access on the HTTP server.
type: string
port:
anyOf:
- type: integer
- type: string
description: |-
Name or number of the port to access on the container.
Number must be in the range 1 to 65535.
Name must be an IANA_SVC_NAME.
x-kubernetes-int-or-string: true
scheme:
description: |-
Scheme to use for connecting to the host.
Defaults to HTTP.
type: string
required:
- port
type: object
initialDelaySeconds:
description: |-
Number of seconds after the container has started before liveness probes are initiated.
More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
format: int32
type: integer
periodSeconds:
description: |-
How often (in seconds) to perform the probe.
Default to 10 seconds. Minimum value is 1.
format: int32
type: integer
successThreshold:
description: |-
Minimum consecutive successes for the probe to be considered successful after having failed.
Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.
format: int32
type: integer
tcpSocket:
description: TCPSocket specifies an action involving
a TCP port.
properties:
host:
description: 'Optional: Host name to connect to,
defaults to the pod IP.'
type: string
port:
anyOf:
- type: integer
- type: string
description: |-
Number or name of the port to access on the container.
Number must be in the range 1 to 65535.
Name must be an IANA_SVC_NAME.
x-kubernetes-int-or-string: true
required:
- port
type: object
terminationGracePeriodSeconds:
description: |-
Optional duration in seconds the pod needs to terminate gracefully upon probe failure.
The grace period is the duration in seconds after the processes running in the pod are sent
a termination signal and the time when the processes are forcibly halted with a kill signal.
Set this value longer than the expected cleanup time for your process.
If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this
value overrides the value provided by the pod spec.
Value must be non-negative integer. The value zero indicates stop immediately via
the kill signal (no opportunity to shut down).
This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.
Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.
format: int64
type: integer
timeoutSeconds:
description: |-
Number of seconds after which the probe times out.
Defaults to 1 second. Minimum value is 1.
More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
format: int32
type: integer
type: object
required:
- containerName
- name
- probe
type: object
type: array
uid:
description: pod uid
type: string
required:
- IP
- name
- namespace
- uid
type: object
type: array
type: object
status:
properties:
podProbeStatuses:
description: pod probe results
items:
properties:
name:
description: pod name
type: string
namespace:
description: pod namespace
type: string
probeStates:
description: pod probe result
items:
properties:
lastProbeTime:
description: Last time we probed the condition.
format: date-time
type: string
lastTransitionTime:
description: Last time the condition transitioned from
one status to another.
format: date-time
type: string
message:
description: |-
If Status=True, Message records the return result of Probe.
If Status=False, Message records Probe's error message
type: string
name:
description: Name is podProbeMarker.Name#probe.Name
type: string
state:
description: container probe exec state, True or False
type: string
required:
- name
- state
type: object
type: array
uid:
description: pod uid
type: string
required:
- name
- namespace
- uid
type: object
type: array
type: object
type: object
served: true
storage: true
subresources:
status: {}
{{- end }}

160
versions/kruise/next/templates/apps.kruise.io_persistentpodstates.yaml Normal file
View File

@ -0,0 +1,160 @@
{{- if .Values.crds.managed }}
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.14.0
name: persistentpodstates.apps.kruise.io
spec:
group: apps.kruise.io
names:
kind: PersistentPodState
listKind: PersistentPodStateList
plural: persistentpodstates
singular: persistentpodstate
scope: Namespaced
versions:
- name: v1alpha1
schema:
openAPIV3Schema:
description: PersistentPodState is the Schema for the PersistentPodState API
properties:
apiVersion:
description: |-
APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
type: string
kind:
description: |-
Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string
metadata:
type: object
spec:
description: PersistentPodStateSpec defines the desired state of PersistentPodState
properties:
persistentPodAnnotations:
description: Persist the annotations information of the pods that
need to be saved
items:
properties:
key:
type: string
required:
- key
type: object
type: array
persistentPodStateRetentionPolicy:
description: |-
PersistentPodStateRetentionPolicy describes the policy used for PodState.
The default policy of 'WhenScaled' causes when scale down statefulSet, deleting it.
type: string
preferredPersistentTopology:
description: |-
Pod rebuilt topology preferred for node labels, with xx weight
for example kubernetes.io/hostname, failure-domain.beta.kubernetes.io/zone
items:
properties:
preference:
properties:
nodeTopologyKeys:
description: A list of node selector requirements by node's
labels.
items:
type: string
type: array
required:
- nodeTopologyKeys
type: object
weight:
format: int32
type: integer
required:
- preference
- weight
type: object
type: array
requiredPersistentTopology:
description: |-
Pod rebuilt topology required for node labels
for example kubernetes.io/hostname, failure-domain.beta.kubernetes.io/zone
properties:
nodeTopologyKeys:
description: A list of node selector requirements by node's labels.
items:
type: string
type: array
required:
- nodeTopologyKeys
type: object
targetRef:
description: |-
TargetReference contains enough information to let you identify an workload for PersistentPodState
Selector and TargetReference are mutually exclusive, TargetReference is priority to take effect
current only support StatefulSet
properties:
apiVersion:
description: API version of the referent.
type: string
kind:
description: Kind of the referent.
type: string
name:
description: Name of the referent.
type: string
required:
- apiVersion
- kind
- name
type: object
required:
- targetRef
type: object
status:
properties:
observedGeneration:
description: |-
observedGeneration is the most recent generation observed for this PersistentPodState. It corresponds to the
PersistentPodState's generation, which is updated on mutation by the API Server.
format: int64
type: integer
podStates:
additionalProperties:
properties:
annotations:
additionalProperties:
type: string
description: pod persistent annotations
type: object
nodeName:
description: pod.spec.nodeName
type: string
nodeTopologyLabels:
additionalProperties:
type: string
description: |-
node topology labels key=value
for example kubernetes.io/hostname=node-1
type: object
type: object
description: |-
When the pod is ready, record some status information of the pod, such as: labels, annotations, topologies, etc.
map[string]PodState -> map[Pod.Name]PodState
type: object
required:
- observedGeneration
type: object
type: object
served: true
storage: true
subresources:
status: {}
{{- end }}

321
versions/kruise/next/templates/apps.kruise.io_podprobemarkers.yaml Normal file
View File

@ -0,0 +1,321 @@
{{- if .Values.crds.managed }}
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.14.0
name: podprobemarkers.apps.kruise.io
spec:
group: apps.kruise.io
names:
kind: PodProbeMarker
listKind: PodProbeMarkerList
plural: podprobemarkers
singular: podprobemarker
scope: Namespaced
versions:
- name: v1alpha1
schema:
openAPIV3Schema:
description: PodProbeMarker is the Schema for the PodProbeMarker API
properties:
apiVersion:
description: |-
APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
type: string
kind:
description: |-
Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string
metadata:
type: object
spec:
description: PodProbeMarkerSpec defines the desired state of PodProbeMarker
properties:
probes:
description: |-
Custom container probe, current only support Exec().
Probe Result will record in Pod.Status.Conditions, and condition.type=probe.name.
condition.status=True indicates probe success
condition.status=False indicates probe fails
items:
properties:
containerName:
description: container name
type: string
markerPolicy:
description: |-
According to the execution result of ContainerProbe, perform specific actions,
such as: patch Pod labels, annotations, ReadinessGate Condition
It cannot be null at the same time as PodConditionType.
items:
properties:
annotations:
additionalProperties:
type: string
description: Patch annotations pod.annotations
type: object
labels:
additionalProperties:
type: string
description: Patch Labels pod.labels
type: object
state:
description: |-
probe status, True or False
For example: State=Succeeded, annotations[controller.kubernetes.io/pod-deletion-cost] = '10'.
State=Failed, annotations[controller.kubernetes.io/pod-deletion-cost] = '-10'.
In addition, if State=Failed is not defined, Exec execution fails, and the annotations[controller.kubernetes.io/pod-deletion-cost] will be Deleted
type: string
required:
- state
type: object
type: array
name:
description: probe name, unique within the Pod(Even between
different containers, they cannot be the same)
type: string
podConditionType:
description: |-
If it is not empty, the Probe execution result will be recorded on the Pod condition.
It cannot be null at the same time as MarkerPolicy.
For example PodConditionType=game.kruise.io/healthy, pod.status.condition.type = game.kruise.io/healthy.
When probe is Succeeded, pod.status.condition.status = True. Otherwise, when the probe fails to execute, pod.status.condition.status = False.
type: string
probe:
description: container probe spec
properties:
exec:
description: Exec specifies the action to take.
properties:
command:
description: |-
Command is the command line to execute inside the container, the working directory for the
command is root ('/') in the container's filesystem. The command is simply exec'd, it is
not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use
a shell, you need to explicitly call out to that shell.
Exit status of 0 is treated as live/healthy and non-zero is unhealthy.
items:
type: string
type: array
type: object
failureThreshold:
description: |-
Minimum consecutive failures for the probe to be considered failed after having succeeded.
Defaults to 3. Minimum value is 1.
format: int32
type: integer
grpc:
description: GRPC specifies an action involving a GRPC port.
properties:
port:
description: Port number of the gRPC service. Number
must be in the range 1 to 65535.
format: int32
type: integer
service:
description: |-
Service is the name of the service to place in the gRPC HealthCheckRequest
(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).
If this is not specified, the default behavior is defined by gRPC.
type: string
required:
- port
type: object
httpGet:
description: HTTPGet specifies the http request to perform.
properties:
host:
description: |-
Host name to connect to, defaults to the pod IP. You probably want to set
"Host" in httpHeaders instead.
type: string
httpHeaders:
description: Custom headers to set in the request. HTTP
allows repeated headers.
items:
description: HTTPHeader describes a custom header
to be used in HTTP probes
properties:
name:
description: |-
The header field name.
This will be canonicalized upon output, so case-variant names will be understood as the same header.
type: string
value:
description: The header field value
type: string
required:
- name
- value
type: object
type: array
path:
description: Path to access on the HTTP server.
type: string
port:
anyOf:
- type: integer
- type: string
description: |-
Name or number of the port to access on the container.
Number must be in the range 1 to 65535.
Name must be an IANA_SVC_NAME.
x-kubernetes-int-or-string: true
scheme:
description: |-
Scheme to use for connecting to the host.
Defaults to HTTP.
type: string
required:
- port
type: object
initialDelaySeconds:
description: |-
Number of seconds after the container has started before liveness probes are initiated.
More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
format: int32
type: integer
periodSeconds:
description: |-
How often (in seconds) to perform the probe.
Default to 10 seconds. Minimum value is 1.
format: int32
type: integer
successThreshold:
description: |-
Minimum consecutive successes for the probe to be considered successful after having failed.
Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1.
format: int32
type: integer
tcpSocket:
description: TCPSocket specifies an action involving a TCP
port.
properties:
host:
description: 'Optional: Host name to connect to, defaults
to the pod IP.'
type: string
port:
anyOf:
- type: integer
- type: string
description: |-
Number or name of the port to access on the container.
Number must be in the range 1 to 65535.
Name must be an IANA_SVC_NAME.
x-kubernetes-int-or-string: true
required:
- port
type: object
terminationGracePeriodSeconds:
description: |-
Optional duration in seconds the pod needs to terminate gracefully upon probe failure.
The grace period is the duration in seconds after the processes running in the pod are sent
a termination signal and the time when the processes are forcibly halted with a kill signal.
Set this value longer than the expected cleanup time for your process.
If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this
value overrides the value provided by the pod spec.
Value must be non-negative integer. The value zero indicates stop immediately via
the kill signal (no opportunity to shut down).
This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.
Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset.
format: int64
type: integer
timeoutSeconds:
description: |-
Number of seconds after which the probe times out.
Defaults to 1 second. Minimum value is 1.
More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
format: int32
type: integer
type: object
required:
- containerName
- name
- probe
type: object
type: array
selector:
description: |-
Selector is a label query over pods that should exec custom probe
It must match the pod template's labels.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#label-selectors
properties:
matchExpressions:
description: matchExpressions is a list of label selector requirements.
The requirements are ANDed.
items:
description: |-
A label selector requirement is a selector that contains values, a key, and an operator that
relates the key and values.
properties:
key:
description: key is the label key that the selector applies
to.
type: string
operator:
description: |-
operator represents a key's relationship to a set of values.
Valid operators are In, NotIn, Exists and DoesNotExist.
type: string
values:
description: |-
values is an array of string values. If the operator is In or NotIn,
the values array must be non-empty. If the operator is Exists or DoesNotExist,
the values array must be empty. This array is replaced during a strategic
merge patch.
items:
type: string
type: array
required:
- key
- operator
type: object
type: array
matchLabels:
additionalProperties:
type: string
description: |-
matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
map is equivalent to an element of matchExpressions, whose key field is "key", the
operator is "In", and the values array contains only "value". The requirements are ANDed.
type: object
type: object
x-kubernetes-map-type: atomic
required:
- probes
- selector
type: object
status:
properties:
matchedPods:
description: matched Pods
format: int64
type: integer
observedGeneration:
description: |-
observedGeneration is the most recent generation observed for this PodProbeMarker. It corresponds to the
PodProbeMarker's generation, which is updated on mutation by the API Server.
format: int64
type: integer
required:
- observedGeneration
type: object
type: object
served: true
storage: true
subresources:
status: {}
{{- end }}

217
versions/kruise/next/templates/apps.kruise.io_resourcedistributions.yaml Normal file
View File

@ -0,0 +1,217 @@
{{- if .Values.crds.managed }}
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.14.0
name: resourcedistributions.apps.kruise.io
spec:
group: apps.kruise.io
names:
kind: ResourceDistribution
listKind: ResourceDistributionList
plural: resourcedistributions
shortNames:
- distributor
singular: resourcedistribution
scope: Cluster
versions:
- additionalPrinterColumns:
- description: The desired number of desired distribution and syncs.
jsonPath: .status.desired
name: TOTAL
type: integer
- description: The number of successful distribution and syncs.
jsonPath: .status.succeeded
name: SUCCEED
type: integer
- description: The number of failed distributions and syncs.
jsonPath: .status.failed
name: FAILED
type: integer
name: v1alpha1
schema:
openAPIV3Schema:
description: ResourceDistribution is the Schema for the resourcedistributions
API.
properties:
apiVersion:
description: |-
APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
type: string
kind:
description: |-
Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string
metadata:
type: object
spec:
description: ResourceDistributionSpec defines the desired state of ResourceDistribution.
properties:
resource:
description: Resource must be the complete yaml that users want to
distribute.
type: object
x-kubernetes-embedded-resource: true
x-kubernetes-preserve-unknown-fields: true
targets:
description: Targets defines the namespaces that users want to distribute
to.
properties:
allNamespaces:
description: |-
If AllNamespaces is true, Resource will be distributed to the all namespaces
(except some forbidden namespaces, such as "kube-system" and "kube-public").
type: boolean
excludedNamespaces:
description: |-
If ExcludedNamespaces is not empty, Resource will never be distributed to the listed namespaces.
ExcludedNamespaces has the highest priority.
properties:
list:
items:
description: ResourceDistributionNamespace contains a namespace
name
properties:
name:
description: Namespace name
type: string
type: object
type: array
type: object
includedNamespaces:
description: If IncludedNamespaces is not empty, Resource will
be distributed to the listed namespaces.
properties:
list:
items:
description: ResourceDistributionNamespace contains a namespace
name
properties:
name:
description: Namespace name
type: string
type: object
type: array
type: object
namespaceLabelSelector:
description: If NamespaceLabelSelector is not empty, Resource
will be distributed to the matched namespaces.
properties:
matchExpressions:
description: matchExpressions is a list of label selector
requirements. The requirements are ANDed.
items:
description: |-
A label selector requirement is a selector that contains values, a key, and an operator that
relates the key and values.
properties:
key:
description: key is the label key that the selector
applies to.
type: string
operator:
description: |-
operator represents a key's relationship to a set of values.
Valid operators are In, NotIn, Exists and DoesNotExist.
type: string
values:
description: |-
values is an array of string values. If the operator is In or NotIn,
the values array must be non-empty. If the operator is Exists or DoesNotExist,
the values array must be empty. This array is replaced during a strategic
merge patch.
items:
type: string
type: array
required:
- key
- operator
type: object
type: array
matchLabels:
additionalProperties:
type: string
description: |-
matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
map is equivalent to an element of matchExpressions, whose key field is "key", the
operator is "In", and the values array contains only "value". The requirements are ANDed.
type: object
type: object
x-kubernetes-map-type: atomic
type: object
required:
- resource
- targets
type: object
status:
description: |-
ResourceDistributionStatus defines the observed state of ResourceDistribution.
ResourceDistributionStatus is recorded by kruise, users' modification is invalid and meaningless.
properties:
conditions:
description: Conditions describe the condition when Resource creating,
updating and deleting.
items:
description: ResourceDistributionCondition allows a row to be marked
with additional information.
properties:
failedNamespace:
description: FailedNamespaces describe all failed namespaces
when Status is False
items:
type: string
type: array
lastTransitionTime:
description: LastTransitionTime is the last time the condition
transitioned from one status to another.
format: date-time
type: string
reason:
description: Reason describe human readable message indicating
details about last transition.
type: string
status:
description: Status of the condition, one of True, False, Unknown.
type: string
type:
description: Type of ResourceDistributionCondition.
type: string
required:
- status
- type
type: object
type: array
desired:
description: Desired represents the number of total target namespaces.
format: int32
type: integer
failed:
description: Failed represents the number of failed distributions.
format: int32
type: integer
observedGeneration:
description: ObservedGeneration represents the .metadata.generation
that the condition was set based upon.
format: int64
type: integer
succeeded:
description: Succeeded represents the number of successful distributions.
format: int32
type: integer
type: object
type: object
served: true
storage: true
subresources:
status: {}
{{- end }}

646
versions/kruise/next/templates/apps.kruise.io_sidecarsets.yaml Normal file
View File

@ -0,0 +1,646 @@
{{- if .Values.crds.managed }}
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.14.0
name: sidecarsets.apps.kruise.io
spec:
group: apps.kruise.io
names:
kind: SidecarSet
listKind: SidecarSetList
plural: sidecarsets
singular: sidecarset
scope: Cluster
versions:
- additionalPrinterColumns:
- description: The number of pods matched.
jsonPath: .status.matchedPods
name: MATCHED
type: integer
- description: The number of pods matched and updated.
jsonPath: .status.updatedPods
name: UPDATED
type: integer
- description: The number of pods matched and ready.
jsonPath: .status.readyPods
name: READY
type: integer
- description: CreationTimestamp is a timestamp representing the server time when
this object was created. It is not guaranteed to be set in happens-before
order across separate operations. Clients may not set this value. It is represented
in RFC3339 form and is in UTC.
jsonPath: .metadata.creationTimestamp
name: AGE
type: date
name: v1alpha1
schema:
openAPIV3Schema:
description: SidecarSet is the Schema for the sidecarsets API
properties:
apiVersion:
description: |-
APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
type: string
kind:
description: |-
Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string
metadata:
type: object
spec:
description: SidecarSetSpec defines the desired state of SidecarSet
properties:
containers:
description: Containers is the list of sidecar containers to be injected
into the selected pod
items:
description: SidecarContainer defines the container of Sidecar
properties:
podInjectPolicy:
description: |-
The rules that injected SidecarContainer into Pod.spec.containers,
not takes effect in initContainers
If BeforeAppContainer, the SidecarContainer will be injected in front of the pod.spec.containers
otherwise it will be injected into the back.
default BeforeAppContainerType
type: string
shareVolumePolicy:
description: |-
If ShareVolumePolicy is enabled, the sidecar container will share the other container's VolumeMounts
in the pod(don't contains the injected sidecar container).
properties:
type:
type: string
type: object
transferEnv:
description: |-
TransferEnv will transfer env info from other container
SourceContainerName is pod.spec.container[x].name; EnvName is pod.spec.container[x].Env.name
items:
properties:
envName:
type: string
envNames:
items:
type: string
type: array
sourceContainerName:
type: string
sourceContainerNameFrom:
properties:
fieldRef:
description: 'Selects a field of the pod: supports
metadata.name, `metadata.labels[''<KEY>'']`, `metadata.annotations[''<KEY>'']`,'
properties:
apiVersion:
description: Version of the schema the FieldPath
is written in terms of, defaults to "v1".
type: string
fieldPath:
description: Path of the field to select in the
specified API version.
type: string
required:
- fieldPath
type: object
x-kubernetes-map-type: atomic
type: object
type: object
type: array
upgradeStrategy:
description: 'sidecarContainer upgrade strategy, include: ColdUpgrade,
HotUpgrade'
properties:
hotUpgradeEmptyImage:
description: |-
when HotUpgrade, HotUpgradeEmptyImage is used to complete the hot upgrading process
HotUpgradeEmptyImage is consistent of sidecar container in Command, Args, Liveness probe, etc.
but it does no actual work.
type: string
upgradeType:
description: |-
when sidecar container is stateless, use ColdUpgrade
otherwise HotUpgrade are more HotUpgrade.
examples for istio envoy container is suitable for HotUpgrade
default is ColdUpgrade
type: string
type: object
type: object
x-kubernetes-preserve-unknown-fields: true
type: array
imagePullSecrets:
description: List of the names of secrets required by pulling sidecar
container images
items:
description: |-
LocalObjectReference contains enough information to let you locate the
referenced object inside the same namespace.
properties:
name:
description: |-
Name of the referent.
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind, uid?
type: string
type: object
x-kubernetes-map-type: atomic
type: array
initContainers:
description: |-
InitContainers is the list of init containers to be injected into the selected pod
We will inject those containers by their name in ascending order
We only inject init containers when a new pod is created, it does not apply to any existing pod
items:
description: SidecarContainer defines the container of Sidecar
properties:
podInjectPolicy:
description: |-
The rules that injected SidecarContainer into Pod.spec.containers,
not takes effect in initContainers
If BeforeAppContainer, the SidecarContainer will be injected in front of the pod.spec.containers
otherwise it will be injected into the back.
default BeforeAppContainerType
type: string
shareVolumePolicy:
description: |-
If ShareVolumePolicy is enabled, the sidecar container will share the other container's VolumeMounts
in the pod(don't contains the injected sidecar container).
properties:
type:
type: string
type: object
transferEnv:
description: |-
TransferEnv will transfer env info from other container
SourceContainerName is pod.spec.container[x].name; EnvName is pod.spec.container[x].Env.name
items:
properties:
envName:
type: string
envNames:
items:
type: string
type: array
sourceContainerName:
type: string
sourceContainerNameFrom:
properties:
fieldRef:
description: 'Selects a field of the pod: supports
metadata.name, `metadata.labels[''<KEY>'']`, `metadata.annotations[''<KEY>'']`,'
properties:
apiVersion:
description: Version of the schema the FieldPath
is written in terms of, defaults to "v1".
type: string
fieldPath:
description: Path of the field to select in the
specified API version.
type: string
required:
- fieldPath
type: object
x-kubernetes-map-type: atomic
type: object
type: object
type: array
upgradeStrategy:
description: 'sidecarContainer upgrade strategy, include: ColdUpgrade,
HotUpgrade'
properties:
hotUpgradeEmptyImage:
description: |-
when HotUpgrade, HotUpgradeEmptyImage is used to complete the hot upgrading process
HotUpgradeEmptyImage is consistent of sidecar container in Command, Args, Liveness probe, etc.
but it does no actual work.
type: string
upgradeType:
description: |-
when sidecar container is stateless, use ColdUpgrade
otherwise HotUpgrade are more HotUpgrade.
examples for istio envoy container is suitable for HotUpgrade
default is ColdUpgrade
type: string
type: object
type: object
x-kubernetes-preserve-unknown-fields: true
type: array
injectionStrategy:
description: InjectionStrategy describe the strategy when sidecarset
is injected into pods
properties:
paused:
description: |-
Paused indicates that SidecarSet will suspend injection into Pods
If Paused is true, the sidecarSet will not be injected to newly created Pods,
but the injected sidecar container remains updating and running.
default is false
type: boolean
revision:
description: |-
Revision can help users rolling update SidecarSet safely. If users set
this filed, SidecarSet will try to inject specific revision according to
different policies.
properties:
customVersion:
description: |-
CustomVersion corresponds to label 'apps.kruise.io/sidecarset-custom-version' of (History) SidecarSet.
SidecarSet will select the specific ControllerRevision via this CustomVersion, and then restore the
history SidecarSet to inject specific version of the sidecar to pods.
type: string
policy:
default: Always
description: Policy describes the behavior of revision injection.
enum:
- Always
- Partial
type: string
revisionName:
description: RevisionName corresponds to a specific ControllerRevision
name of SidecarSet that you want to inject to Pods.
type: string
type: object
type: object
namespace:
description: |-
Namespace sidecarSet will only match the pods in the namespace
otherwise, match pods in all namespaces(in cluster)
type: string
namespaceSelector:
description: |-
NamespaceSelector select which namespaces to inject sidecar containers.
Default to the empty LabelSelector, which matches everything.
properties:
matchExpressions:
description: matchExpressions is a list of label selector requirements.
The requirements are ANDed.
items:
description: |-
A label selector requirement is a selector that contains values, a key, and an operator that
relates the key and values.
properties:
key:
description: key is the label key that the selector applies
to.
type: string
operator:
description: |-
operator represents a key's relationship to a set of values.
Valid operators are In, NotIn, Exists and DoesNotExist.
type: string
values:
description: |-
values is an array of string values. If the operator is In or NotIn,
the values array must be non-empty. If the operator is Exists or DoesNotExist,
the values array must be empty. This array is replaced during a strategic
merge patch.
items:
type: string
type: array
required:
- key
- operator
type: object
type: array
matchLabels:
additionalProperties:
type: string
description: |-
matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
map is equivalent to an element of matchExpressions, whose key field is "key", the
operator is "In", and the values array contains only "value". The requirements are ANDed.
type: object
type: object
x-kubernetes-map-type: atomic
patchPodMetadata:
description: SidecarSet support to inject & in-place update metadata
in pod.
items:
properties:
annotations:
additionalProperties:
type: string
description: annotations
type: object
patchPolicy:
description: |-
labels map[string]string `json:"labels,omitempty"`
patch pod metadata policy, Default is "Retain"
type: string
type: object
type: array
revisionHistoryLimit:
description: |-
RevisionHistoryLimit indicates the maximum quantity of stored revisions about the SidecarSet.
default value is 10
format: int32
type: integer
selector:
description: selector is a label query over pods that should be injected
properties:
matchExpressions:
description: matchExpressions is a list of label selector requirements.
The requirements are ANDed.
items:
description: |-
A label selector requirement is a selector that contains values, a key, and an operator that
relates the key and values.
properties:
key:
description: key is the label key that the selector applies
to.
type: string
operator:
description: |-
operator represents a key's relationship to a set of values.
Valid operators are In, NotIn, Exists and DoesNotExist.
type: string
values:
description: |-
values is an array of string values. If the operator is In or NotIn,
the values array must be non-empty. If the operator is Exists or DoesNotExist,
the values array must be empty. This array is replaced during a strategic
merge patch.
items:
type: string
type: array
required:
- key
- operator
type: object
type: array
matchLabels:
additionalProperties:
type: string
description: |-
matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
map is equivalent to an element of matchExpressions, whose key field is "key", the
operator is "In", and the values array contains only "value". The requirements are ANDed.
type: object
type: object
x-kubernetes-map-type: atomic
updateStrategy:
description: The sidecarset updateStrategy to use to replace existing
pods with new ones.
properties:
maxUnavailable:
anyOf:
- type: integer
- type: string
description: |-
The maximum number of SidecarSet pods that can be unavailable during the
update. Value can be an absolute number (ex: 5) or a percentage of total
number of SidecarSet pods at the start of the update (ex: 10%). Absolute
number is calculated from percentage by rounding up.
This cannot be 0.
Default value is 1.
x-kubernetes-int-or-string: true
partition:
anyOf:
- type: integer
- type: string
description: |-
Partition is the desired number of pods in old revisions. It means when partition
is set during pods updating, (replicas - partition) number of pods will be updated.
Default value is 0.
x-kubernetes-int-or-string: true
paused:
description: |-
Paused indicates that the SidecarSet is paused to update the injected pods,
For the impact on the injection behavior for newly created Pods, please refer to the comments of Selector.
type: boolean
priorityStrategy:
description: |-
Priorities are the rules for calculating the priority of updating pods.
Each pod to be updated, will pass through these terms and get a sum of weights.
properties:
orderPriority:
description: |-
Order priority terms, pods will be sorted by the value of orderedKey.
For example:
```
orderPriority:
- orderedKey: key1
- orderedKey: key2
```
First, all pods which have key1 in labels will be sorted by the value of key1.
Then, the left pods which have no key1 but have key2 in labels will be sorted by
the value of key2 and put behind those pods have key1.
items:
description: UpdatePriorityOrderTerm defines order priority.
properties:
orderedKey:
description: |-
Calculate priority by value of this key.
Values of this key, will be sorted by GetInt(val). GetInt method will find the last int in value,
such as getting 5 in value '5', getting 10 in value 'sts-10'.
type: string
required:
- orderedKey
type: object
type: array
weightPriority:
description: Weight priority terms, pods will be sorted by
the sum of all terms weight.
items:
description: UpdatePriorityWeightTerm defines weight priority.
properties:
matchSelector:
description: MatchSelector is used to select by pod's
labels.
properties:
matchExpressions:
description: matchExpressions is a list of label
selector requirements. The requirements are ANDed.
items:
description: |-
A label selector requirement is a selector that contains values, a key, and an operator that
relates the key and values.
properties:
key:
description: key is the label key that the
selector applies to.
type: string
operator:
description: |-
operator represents a key's relationship to a set of values.
Valid operators are In, NotIn, Exists and DoesNotExist.
type: string
values:
description: |-
values is an array of string values. If the operator is In or NotIn,
the values array must be non-empty. If the operator is Exists or DoesNotExist,
the values array must be empty. This array is replaced during a strategic
merge patch.
items:
type: string
type: array
required:
- key
- operator
type: object
type: array
matchLabels:
additionalProperties:
type: string
description: |-
matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
map is equivalent to an element of matchExpressions, whose key field is "key", the
operator is "In", and the values array contains only "value". The requirements are ANDed.
type: object
type: object
x-kubernetes-map-type: atomic
weight:
description: Weight associated with matching the corresponding
matchExpressions, in the range 1-100.
format: int32
type: integer
required:
- matchSelector
- weight
type: object
type: array
type: object
scatterStrategy:
description: |-
ScatterStrategy defines the scatter rules to make pods been scattered when update.
This will avoid pods with the same key-value to be updated in one batch.
- Note that pods will be scattered after priority sort. So, although priority strategy and scatter strategy can be applied together, we suggest to use either one of them.
- If scatterStrategy is used, we suggest to just use one term. Otherwise, the update order can be hard to understand.
items:
properties:
key:
type: string
value:
type: string
required:
- key
- value
type: object
type: array
selector:
description: |-
If selector is not nil, this upgrade will only update the selected pods.
Starting from Kruise 1.8.0, the updateStrategy.Selector affects the version of the Sidecar container
injected into newly created Pods by a SidecarSet configured with an injectionStrategy.
In most cases, all newly created Pods are injected with the specified Sidecar version as configured in injectionStrategy.revision,
which is consistent with previous versions.
properties:
matchExpressions:
description: matchExpressions is a list of label selector
requirements. The requirements are ANDed.
items:
description: |-
A label selector requirement is a selector that contains values, a key, and an operator that
relates the key and values.
properties:
key:
description: key is the label key that the selector
applies to.
type: string
operator:
description: |-
operator represents a key's relationship to a set of values.
Valid operators are In, NotIn, Exists and DoesNotExist.
type: string
values:
description: |-
values is an array of string values. If the operator is In or NotIn,
the values array must be non-empty. If the operator is Exists or DoesNotExist,
the values array must be empty. This array is replaced during a strategic
merge patch.
items:
type: string
type: array
required:
- key
- operator
type: object
type: array
matchLabels:
additionalProperties:
type: string
description: |-
matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
map is equivalent to an element of matchExpressions, whose key field is "key", the
operator is "In", and the values array contains only "value". The requirements are ANDed.
type: object
type: object
x-kubernetes-map-type: atomic
type:
description: |-
Type is NotUpdate, the SidecarSet don't update the injected pods,
it will only inject sidecar container into the newly created pods.
Type is RollingUpdate, the SidecarSet will update the injected pods to the latest version on RollingUpdate Strategy.
default is RollingUpdate
type: string
type: object
volumes:
description: List of volumes that can be mounted by sidecar containers
x-kubernetes-preserve-unknown-fields: true
type: object
status:
description: SidecarSetStatus defines the observed state of SidecarSet
properties:
collisionCount:
description: |-
CollisionCount is the count of hash collisions for the SidecarSet. The SidecarSet controller
uses this field as a collision avoidance mechanism when it needs to create the name for the
newest ControllerRevision.
format: int32
type: integer
latestRevision:
description: LatestRevision, if not empty, indicates the latest controllerRevision
name of the SidecarSet.
type: string
matchedPods:
description: matchedPods is the number of Pods whose labels are matched
with this SidecarSet's selector and are created after sidecarset
creates
format: int32
type: integer
observedGeneration:
description: |-
observedGeneration is the most recent generation observed for this SidecarSet. It corresponds to the
SidecarSet's generation, which is updated on mutation by the API Server.
format: int64
type: integer
readyPods:
description: readyPods is the number of matched Pods that have a ready
condition
format: int32
type: integer
updatedPods:
description: updatedPods is the number of matched Pods that are injected
with the latest SidecarSet's containers
format: int32
type: integer
updatedReadyPods:
description: updatedReadyPods is the number of matched pods that updated
and ready
format: int32
type: integer
required:
- matchedPods
- readyPods
- updatedPods
type: object
type: object
served: true
storage: true
subresources:
status: {}
{{- end }}

1110
versions/kruise/next/templates/apps.kruise.io_statefulsets.yaml Normal file
View File

File diff suppressed because it is too large Load Diff

1329
versions/kruise/next/templates/apps.kruise.io_uniteddeployments.yaml Normal file
View File

File diff suppressed because it is too large Load Diff

584
versions/kruise/next/templates/apps.kruise.io_workloadspreads.yaml Normal file
View File

@ -0,0 +1,584 @@
{{- if .Values.crds.managed }}
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.14.0
name: workloadspreads.apps.kruise.io
spec:
group: apps.kruise.io
names:
kind: WorkloadSpread
listKind: WorkloadSpreadList
plural: workloadspreads
shortNames:
- ws
singular: workloadspread
scope: Namespaced
versions:
- additionalPrinterColumns:
- jsonPath: .spec.targetRef.name
name: WorkloadName
type: string
- jsonPath: .spec.targetRef.kind
name: WorkloadKind
type: string
- description: Whether use the adaptive reschedule strategy
jsonPath: .spec.scheduleStrategy.type[?(@ == "Adaptive")]
name: Adaptive
type: boolean
- jsonPath: .metadata.creationTimestamp
name: Age
type: date
name: v1alpha1
schema:
openAPIV3Schema:
description: WorkloadSpread is the Schema for the WorkloadSpread API
properties:
apiVersion:
description: |-
APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
type: string
kind:
description: |-
Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string
metadata:
type: object
spec:
description: WorkloadSpreadSpec defines the desired state of WorkloadSpread.
properties:
scheduleStrategy:
description: ScheduleStrategy indicates the strategy the WorkloadSpread
used to preform the schedule between each of subsets.
properties:
adaptive:
description: Adaptive is used to communicate parameters when Type
is AdaptiveWorkloadSpreadScheduleStrategyType.
properties:
disableSimulationSchedule:
description: |-
DisableSimulationSchedule indicates whether to disable the feature of simulation schedule.
Default is false.
Webhook can take a simple general predicates to check whether Pod can be scheduled into this subset,
but it just considers the Node resource and cannot replace scheduler to do richer predicates practically.
type: boolean
rescheduleCriticalSeconds:
description: |-
RescheduleCriticalSeconds indicates how long controller will reschedule a schedule failed Pod to the subset that has
redundant capacity after the subset where the Pod lives. If a Pod was scheduled failed and still in a unschedulabe status
over RescheduleCriticalSeconds duration, the controller will reschedule it to a suitable subset.
format: int32
type: integer
type: object
type:
description: |-
Type indicates the type of the WorkloadSpreadScheduleStrategy.
Default is Fixed
enum:
- Adaptive
- Fixed
- ""
type: string
type: object
subsets:
description: Subsets describes the pods distribution details between
each of subsets.
items:
description: WorkloadSpreadSubset defines the details of a subset.
properties:
maxReplicas:
anyOf:
- type: integer
- type: string
description: MaxReplicas indicates the desired max replicas
of this subset.
x-kubernetes-int-or-string: true
name:
description: Name should be unique between all of the subsets
under one WorkloadSpread.
type: string
patch:
description: Patch indicates patching podTemplate to the Pod.
x-kubernetes-preserve-unknown-fields: true
preferredNodeSelectorTerms:
description: Indicates the node preferred selector to form the
subset.
items:
description: |-
An empty preferred scheduling term matches all objects with implicit weight 0
(i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op).
properties:
preference:
description: A node selector term, associated with the
corresponding weight.
properties:
matchExpressions:
description: A list of node selector requirements
by node's labels.
items:
description: |-
A node selector requirement is a selector that contains values, a key, and an operator
that relates the key and values.
properties:
key:
description: The label key that the selector
applies to.
type: string
operator:
description: |-
Represents a key's relationship to a set of values.
Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.
type: string
values:
description: |-
An array of string values. If the operator is In or NotIn,
the values array must be non-empty. If the operator is Exists or DoesNotExist,
the values array must be empty. If the operator is Gt or Lt, the values
array must have a single element, which will be interpreted as an integer.
This array is replaced during a strategic merge patch.
items:
type: string
type: array
required:
- key
- operator
type: object
type: array
matchFields:
description: A list of node selector requirements
by node's fields.
items:
description: |-
A node selector requirement is a selector that contains values, a key, and an operator
that relates the key and values.
properties:
key:
description: The label key that the selector
applies to.
type: string
operator:
description: |-
Represents a key's relationship to a set of values.
Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.
type: string
values:
description: |-
An array of string values. If the operator is In or NotIn,
the values array must be non-empty. If the operator is Exists or DoesNotExist,
the values array must be empty. If the operator is Gt or Lt, the values
array must have a single element, which will be interpreted as an integer.
This array is replaced during a strategic merge patch.
items:
type: string
type: array
required:
- key
- operator
type: object
type: array
type: object
x-kubernetes-map-type: atomic
weight:
description: Weight associated with matching the corresponding
nodeSelectorTerm, in the range 1-100.
format: int32
type: integer
required:
- preference
- weight
type: object
type: array
requiredNodeSelectorTerm:
description: Indicates the node required selector to form the
subset.
properties:
matchExpressions:
description: A list of node selector requirements by node's
labels.
items:
description: |-
A node selector requirement is a selector that contains values, a key, and an operator
that relates the key and values.
properties:
key:
description: The label key that the selector applies
to.
type: string
operator:
description: |-
Represents a key's relationship to a set of values.
Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.
type: string
values:
description: |-
An array of string values. If the operator is In or NotIn,
the values array must be non-empty. If the operator is Exists or DoesNotExist,
the values array must be empty. If the operator is Gt or Lt, the values
array must have a single element, which will be interpreted as an integer.
This array is replaced during a strategic merge patch.
items:
type: string
type: array
required:
- key
- operator
type: object
type: array
matchFields:
description: A list of node selector requirements by node's
fields.
items:
description: |-
A node selector requirement is a selector that contains values, a key, and an operator
that relates the key and values.
properties:
key:
description: The label key that the selector applies
to.
type: string
operator:
description: |-
Represents a key's relationship to a set of values.
Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.
type: string
values:
description: |-
An array of string values. If the operator is In or NotIn,
the values array must be non-empty. If the operator is Exists or DoesNotExist,
the values array must be empty. If the operator is Gt or Lt, the values
array must have a single element, which will be interpreted as an integer.
This array is replaced during a strategic merge patch.
items:
type: string
type: array
required:
- key
- operator
type: object
type: array
type: object
x-kubernetes-map-type: atomic
tolerations:
description: Indicates the tolerations the pods under this subset
have.
items:
description: |-
The pod this Toleration is attached to tolerates any taint that matches
the triple <key,value,effect> using the matching operator <operator>.
properties:
effect:
description: |-
Effect indicates the taint effect to match. Empty means match all taint effects.
When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute.
type: string
key:
description: |-
Key is the taint key that the toleration applies to. Empty means match all taint keys.
If the key is empty, operator must be Exists; this combination means to match all values and all keys.
type: string
operator:
description: |-
Operator represents a key's relationship to the value.
Valid operators are Exists and Equal. Defaults to Equal.
Exists is equivalent to wildcard for value, so that a pod can
tolerate all taints of a particular category.
type: string
tolerationSeconds:
description: |-
TolerationSeconds represents the period of time the toleration (which must be
of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default,
it is not set, which means tolerate the taint forever (do not evict). Zero and
negative values will be treated as 0 (evict immediately) by the system.
format: int64
type: integer
value:
description: |-
Value is the taint value the toleration matches to.
If the operator is Exists, the value should be empty, otherwise just a regular string.
type: string
type: object
type: array
required:
- name
type: object
type: array
targetFilter:
description: |-
TargetFilter allows WorkloadSpread to manage only a portion of the Pods in the TargetReference:
by specifying the criteria for the Pods to be managed through a label selector,
and by specifying how to obtain the total number of these selected Pods from the workload using replicasPaths.
properties:
replicasPathList:
description: |-
ReplicasPathList is a list of resource paths used to specify how to determine the total number of replicas of
the target workload after filtering. If this list is not empty, WorkloadSpread will look for the corresponding
values in the target resource according to each path, and treat the sum of these values as the total number of replicas after filtering.
The replicas path is a dot-separated path, similar to "spec.replicas". If there are arrays, you can use numbers to denote indexes, like "subsets.1.replicas".
The real values of these paths must be integers.
items:
type: string
type: array
selector:
description: Selector is used to filter the Pods to be managed.
properties:
matchExpressions:
description: matchExpressions is a list of label selector
requirements. The requirements are ANDed.
items:
description: |-
A label selector requirement is a selector that contains values, a key, and an operator that
relates the key and values.
properties:
key:
description: key is the label key that the selector
applies to.
type: string
operator:
description: |-
operator represents a key's relationship to a set of values.
Valid operators are In, NotIn, Exists and DoesNotExist.
type: string
values:
description: |-
values is an array of string values. If the operator is In or NotIn,
the values array must be non-empty. If the operator is Exists or DoesNotExist,
the values array must be empty. This array is replaced during a strategic
merge patch.
items:
type: string
type: array
required:
- key
- operator
type: object
type: array
matchLabels:
additionalProperties:
type: string
description: |-
matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
map is equivalent to an element of matchExpressions, whose key field is "key", the
operator is "In", and the values array contains only "value". The requirements are ANDed.
type: object
type: object
x-kubernetes-map-type: atomic
type: object
targetRef:
description: TargetReference is the target workload that WorkloadSpread
want to control.
properties:
apiVersion:
description: API version of the referent.
type: string
kind:
description: Kind of the referent.
type: string
name:
description: Name of the referent.
type: string
required:
- apiVersion
- kind
- name
type: object
required:
- subsets
- targetRef
type: object
status:
description: WorkloadSpreadStatus defines the observed state of WorkloadSpread.
properties:
observedGeneration:
description: |-
ObservedGeneration is the most recent generation observed for this WorkloadSpread. It corresponds to the
WorkloadSpread's generation, which is updated on mutation by the API Server.
format: int64
type: integer
subsetStatuses:
description: Contains the status of each subset. Each element in this
array represents one subset
items:
description: WorkloadSpreadSubsetStatus defines the observed state
of subset
properties:
conditions:
description: Conditions is an array of current observed subset
conditions.
items:
properties:
lastTransitionTime:
description: Last time the condition transitioned from
one status to another.
format: date-time
type: string
message:
description: A human readable message indicating details
about the transition.
type: string
reason:
description: The reason for the condition's last transition.
type: string
status:
description: Status of the condition, one of True, False,
Unknown.
type: string
type:
description: Type of in place set condition.
type: string
required:
- status
- type
type: object
type: array
creatingPods:
additionalProperties:
format: date-time
type: string
description: |-
CreatingPods contains information about pods whose creation was processed by
the webhook handler but not yet been observed by the WorkloadSpread controller.
A pod will be in this map from the time when the webhook handler processed the
creation request to the time when the pod is seen by controller.
The key in the map is the name of the pod and the value is the time when the webhook
handler process the creation request. If the real creation didn't happen and a pod is
still in this map, it will be removed from the list automatically by WorkloadSpread controller
after some time.
If everything goes smooth this map should be empty for the most of the time.
Large number of entries in the map may indicate problems with pod creations.
type: object
deletingPods:
additionalProperties:
format: date-time
type: string
description: DeletingPods is similar with CreatingPods and it
contains information about pod deletion.
type: object
missingReplicas:
description: |-
MissingReplicas is the number of active replicas belong to this subset not be found.
MissingReplicas > 0 indicates the subset is still missing MissingReplicas pods to create
MissingReplicas = 0 indicates the subset already has enough pods, there is no need to create
MissingReplicas = -1 indicates the subset's MaxReplicas not set, then there is no limit for pods number
format: int32
type: integer
name:
description: Name should be unique between all of the subsets
under one WorkloadSpread.
type: string
replicas:
description: Replicas is the most recently observed number of
active replicas for subset.
format: int32
type: integer
required:
- missingReplicas
- name
- replicas
type: object
type: array
versionedSubsetStatuses:
additionalProperties:
items:
description: WorkloadSpreadSubsetStatus defines the observed state
of subset
properties:
conditions:
description: Conditions is an array of current observed subset
conditions.
items:
properties:
lastTransitionTime:
description: Last time the condition transitioned from
one status to another.
format: date-time
type: string
message:
description: A human readable message indicating details
about the transition.
type: string
reason:
description: The reason for the condition's last transition.
type: string
status:
description: Status of the condition, one of True, False,
Unknown.
type: string
type:
description: Type of in place set condition.
type: string
required:
- status
- type
type: object
type: array
creatingPods:
additionalProperties:
format: date-time
type: string
description: |-
CreatingPods contains information about pods whose creation was processed by
the webhook handler but not yet been observed by the WorkloadSpread controller.
A pod will be in this map from the time when the webhook handler processed the
creation request to the time when the pod is seen by controller.
The key in the map is the name of the pod and the value is the time when the webhook
handler process the creation request. If the real creation didn't happen and a pod is
still in this map, it will be removed from the list automatically by WorkloadSpread controller
after some time.
If everything goes smooth this map should be empty for the most of the time.
Large number of entries in the map may indicate problems with pod creations.
type: object
deletingPods:
additionalProperties:
format: date-time
type: string
description: DeletingPods is similar with CreatingPods and
it contains information about pod deletion.
type: object
missingReplicas:
description: |-
MissingReplicas is the number of active replicas belong to this subset not be found.
MissingReplicas > 0 indicates the subset is still missing MissingReplicas pods to create
MissingReplicas = 0 indicates the subset already has enough pods, there is no need to create
MissingReplicas = -1 indicates the subset's MaxReplicas not set, then there is no limit for pods number
format: int32
type: integer
name:
description: Name should be unique between all of the subsets
under one WorkloadSpread.
type: string
replicas:
description: Replicas is the most recently observed number
of active replicas for subset.
format: int32
type: integer
required:
- missingReplicas
- name
- replicas
type: object
type: array
description: |-
VersionedSubsetStatuses is to solve rolling-update problems, where the creation of new-version pod
may be earlier than deletion of old-version pod. We have to calculate the pod subset distribution for
each version.
type: object
type: object
type: object
served: true
storage: true
subresources:
status: {}
{{- end }}

305
versions/kruise/next/templates/manager.yaml Normal file
View File

@ -0,0 +1,305 @@
{{- if .Values.installation.createNamespace }}
apiVersion: v1
kind: Namespace
metadata:
labels:
control-plane: openkruise
name: {{ .Values.installation.namespace }}
{{- end }}
---
apiVersion: v1
kind: Namespace
metadata:
name: kruise-daemon-config
---
apiVersion: v1
kind: Service
metadata:
name: kruise-webhook-service
namespace: {{ .Values.installation.namespace }}
spec:
{{ ( include "webhookServiceSpec" . ) | indent 2 }}
{{- if and (not (contains "EnableExternalCerts=true" .Values.featureGates)) (not (contains "AllAlpha=true" .Values.featureGates)) }}
---
apiVersion: v1
kind: Secret
metadata:
name: kruise-webhook-certs
namespace: {{ .Values.installation.namespace }}
{{ ( include "webhookSecretData" . ) }}
{{- end }}
---
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
control-plane: controller-manager
name: kruise-controller-manager
namespace: {{ .Values.installation.namespace }}
spec:
replicas: {{ .Values.manager.replicas }}
selector:
matchLabels:
control-plane: controller-manager
minReadySeconds: 3
strategy:
type: RollingUpdate
rollingUpdate:
maxUnavailable: 0
maxSurge: 100%
template:
metadata:
labels:
control-plane: controller-manager
spec:
{{- with .Values.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 8 }}
{{- end }}
containers:
- args:
- --enable-leader-election
- --metrics-addr=:{{ .Values.manager.metrics.port }}
- --health-probe-addr=:{{ .Values.manager.healthProbe.port }}
- --logtostderr=true
- --leader-election-namespace={{ .Values.installation.namespace }}
- --v={{ .Values.manager.log.level }}
- --feature-gates={{ .Values.featureGates }}
- --sync-period={{ .Values.manager.resyncPeriod }}
{{- if .Values.manager.loggingFormat }}
- --logging-format={{ .Values.manager.loggingFormat }}
{{- end }}
command:
- /manager
image: {{ .Values.manager.image.repository }}:{{ .Values.manager.image.tag }}
imagePullPolicy: Always
securityContext:
capabilities:
drop:
- all
add: [ 'NET_BIND_SERVICE' ]
allowPrivilegeEscalation: false
runAsNonRoot: true
runAsUser: 65534
name: manager
env:
{{- if .Values.enableKubeCacheMutationDetector }}
- name: KUBE_CACHE_MUTATION_DETECTOR
value: "true"
{{- end }}
- name: POD_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
- name: WEBHOOK_PORT
value: "{{ .Values.manager.webhook.port }}"
ports:
- containerPort: {{ .Values.manager.webhook.port }}
name: webhook-server
protocol: TCP
- containerPort: {{ .Values.manager.metrics.port }}
name: metrics
protocol: TCP
- containerPort: {{ .Values.manager.healthProbe.port }}
name: health
protocol: TCP
readinessProbe:
httpGet:
path: readyz
port: {{ .Values.manager.healthProbe.port }}
resources:
{{- toYaml .Values.manager.resources | nindent 12 }}
hostNetwork: {{ .Values.manager.hostNetwork }}
terminationGracePeriodSeconds: 10
serviceAccountName: kruise-manager
affinity:
podAntiAffinity:
preferredDuringSchedulingIgnoredDuringExecution:
- podAffinityTerm:
labelSelector:
matchExpressions:
- key: control-plane
operator: In
values:
- controller-manager
topologyKey: kubernetes.io/hostname
weight: 100
{{- with .Values.manager.nodeAffinity }}
nodeAffinity:
{{ toYaml . | indent 10 }}
{{- end }}
topologySpreadConstraints:
- labelSelector:
matchLabels:
control-plane: controller-manager
{{- if and ( eq (int .Capabilities.KubeVersion.Major) 1) ( gt (int .Capabilities.KubeVersion.Minor) 26 ) }}
matchLabelKeys:
- pod-template-hash
{{- end }}
maxSkew: 1
topologyKey: topology.kubernetes.io/zone
whenUnsatisfiable: ScheduleAnyway
{{- if .Values.manager.nodeSelector }}
nodeSelector:
{{ toYaml .Values.manager.nodeSelector | indent 8 }}
{{- end }}
{{- if .Values.manager.tolerations }}
tolerations:
{{ toYaml .Values.manager.tolerations | indent 8 }}
{{- end }}
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: kruise-manager
{{- if .Values.serviceAccount.annotations }}
annotations:
{{ toYaml .Values.serviceAccount.annotations | indent 4 }}
{{- end }}
namespace: {{ .Values.installation.namespace }}
{{ ( include "serviceAccountManager" . ) }}
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: kruise-daemon
{{- if .Values.serviceAccount.annotations }}
annotations:
{{ toYaml .Values.serviceAccount.annotations | indent 4 }}
{{- end }}
namespace: {{ .Values.installation.namespace }}
{{ ( include "serviceAccountDaemon" . ) }}
---
{{ if contains "KruiseDaemon=false" .Values.featureGates }}{{ else }}
apiVersion: apps/v1
kind: DaemonSet
metadata:
name: kruise-daemon
namespace: {{ .Values.installation.namespace }}
labels:
control-plane: daemon
spec:
selector:
matchLabels:
control-plane: daemon
minReadySeconds: 3
updateStrategy:
type: RollingUpdate
rollingUpdate:
maxUnavailable: 10%
template:
metadata:
labels:
control-plane: daemon
spec:
{{- with .Values.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- if .Values.daemon.affinity }}
affinity:
{{ toYaml .Values.daemon.affinity | indent 8 }}
{{- end }}
{{- if .Values.daemon.nodeSelector }}
nodeSelector:
{{ toYaml .Values.daemon.nodeSelector | indent 8 }}
{{- end }}
containers:
- command:
- /kruise-daemon
args:
- --logtostderr=true
- --v=4
- --addr=:{{ .Values.daemon.port }}
- --feature-gates={{ .Values.featureGates }}
- --socket-file={{ .Values.daemon.socketFile }}
{{- if not .Values.daemon.enablePprof }}
- --enable-pprof=false
{{- else }}
- --enable-pprof=true
- --pprof-addr={{ .Values.daemon.pprofAddr }}
{{- end }}
{{- if .Values.daemon.credentialProvider.enable }}
- --plugin-config-file=/credential-provider-config/CredentialProviderPlugin.yaml
- --plugin-bin-dir=/credential-provider-plugin
{{- end }}
image: {{ .Values.manager.image.repository }}:{{ .Values.manager.image.tag }}
imagePullPolicy: Always
securityContext:
capabilities:
drop:
- all
add: [ 'NET_BIND_SERVICE' ]
allowPrivilegeEscalation: false
name: daemon
env:
{{- if .Values.enableKubeCacheMutationDetector }}
- name: KUBE_CACHE_MUTATION_DETECTOR
value: "true"
{{- end }}
- name: NODE_NAME
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: spec.nodeName
{{- if .Values.daemon.extraEnvs }}
{{- toYaml .Values.daemon.extraEnvs | nindent 8 }}
{{- end }}
livenessProbe:
failureThreshold: 3
httpGet:
path: /healthz
port: {{ .Values.daemon.port }}
scheme: HTTP
initialDelaySeconds: 60
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 1
resources:
{{- toYaml .Values.daemon.resources | nindent 12 }}
volumeMounts:
- mountPath: /hostvarrun
name: runtime-socket
readOnly: true
{{- if .Values.daemon.credentialProvider.enable }}
- name: credential-provider-plugin-config
mountPath: /credential-provider-config
readOnly: true
- name: credential-provider-plugin
mountPath: /credential-provider-plugin
readOnly: true
{{- if ne .Values.daemon.credentialProvider.awsCredentialsDir "" }}
- name: aws-credentials-dir
mountPath: /root/.aws
readOnly: true
{{- end }}
{{- end }}
tolerations:
- operator: Exists
hostNetwork: true
dnsPolicy: ClusterFirstWithHostNet
terminationGracePeriodSeconds: 10
serviceAccountName: kruise-daemon
volumes:
- hostPath:
path: {{ .Values.daemon.socketLocation }}
type: ""
name: runtime-socket
{{- if .Values.daemon.credentialProvider.enable }}
- name: credential-provider-plugin-config
configMap:
name: {{ .Values.daemon.credentialProvider.configmap }}
- hostPath:
path: {{ .Values.daemon.credentialProvider.hostPath }}
type: ""
name: credential-provider-plugin
{{- if ne .Values.daemon.credentialProvider.awsCredentialsDir "" }}
- hostPath:
path: {{ .Values.daemon.credentialProvider.awsCredentialsDir }}
type: ""
name: aws-credentials-dir
{{- end }}
{{- end }}
{{- end }}

198
versions/kruise/next/templates/policy.kruise.io_podunavailablebudgets.yaml Normal file
View File

@ -0,0 +1,198 @@
{{- if .Values.crds.managed }}
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.14.0
name: podunavailablebudgets.policy.kruise.io
spec:
group: policy.kruise.io
names:
kind: PodUnavailableBudget
listKind: PodUnavailableBudgetList
plural: podunavailablebudgets
shortNames:
- pub
singular: podunavailablebudget
scope: Namespaced
versions:
- additionalPrinterColumns:
- description: UnavailableAllowed number of pod unavailable that are currently
allowed
jsonPath: .status.unavailableAllowed
name: Allowed
type: integer
- description: CurrentAvailable current number of available pods
jsonPath: .status.currentAvailable
name: Current
type: integer
- description: DesiredAvailable minimum desired number of available pods
jsonPath: .status.desiredAvailable
name: Desired
type: integer
- description: TotalReplicas total number of pods counted by this budget
jsonPath: .status.totalReplicas
name: Total
type: integer
name: v1alpha1
schema:
openAPIV3Schema:
description: PodUnavailableBudget is the Schema for the podunavailablebudgets
API
properties:
apiVersion:
description: |-
APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
type: string
kind:
description: |-
Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string
metadata:
type: object
spec:
description: PodUnavailableBudgetSpec defines the desired state of PodUnavailableBudget
properties:
maxUnavailable:
anyOf:
- type: integer
- type: string
description: |-
Delete pod, evict pod or update pod specification is allowed if at most "maxUnavailable" pods selected by
"selector" or "targetRef" are unavailable after the above operation for pod.
MaxUnavailable and MinAvailable are mutually exclusive, MaxUnavailable is priority to take effect
x-kubernetes-int-or-string: true
minAvailable:
anyOf:
- type: integer
- type: string
description: |-
Delete pod, evict pod or update pod specification is allowed if at least "minAvailable" pods selected by
"selector" or "targetRef" will still be available after the above operation for pod.
x-kubernetes-int-or-string: true
selector:
description: Selector label query over pods managed by the budget
properties:
matchExpressions:
description: matchExpressions is a list of label selector requirements.
The requirements are ANDed.
items:
description: |-
A label selector requirement is a selector that contains values, a key, and an operator that
relates the key and values.
properties:
key:
description: key is the label key that the selector applies
to.
type: string
operator:
description: |-
operator represents a key's relationship to a set of values.
Valid operators are In, NotIn, Exists and DoesNotExist.
type: string
values:
description: |-
values is an array of string values. If the operator is In or NotIn,
the values array must be non-empty. If the operator is Exists or DoesNotExist,
the values array must be empty. This array is replaced during a strategic
merge patch.
items:
type: string
type: array
required:
- key
- operator
type: object
type: array
matchLabels:
additionalProperties:
type: string
description: |-
matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
map is equivalent to an element of matchExpressions, whose key field is "key", the
operator is "In", and the values array contains only "value". The requirements are ANDed.
type: object
type: object
x-kubernetes-map-type: atomic
targetRef:
description: |-
TargetReference contains enough information to let you identify an workload for PodUnavailableBudget
Selector and TargetReference are mutually exclusive, TargetReference is priority to take effect
properties:
apiVersion:
description: API version of the referent.
type: string
kind:
description: Kind of the referent.
type: string
name:
description: Name of the referent.
type: string
type: object
type: object
status:
description: PodUnavailableBudgetStatus defines the observed state of
PodUnavailableBudget
properties:
currentAvailable:
description: CurrentAvailable current number of available pods
format: int32
type: integer
desiredAvailable:
description: DesiredAvailable minimum desired number of available
pods
format: int32
type: integer
disruptedPods:
additionalProperties:
format: date-time
type: string
description: |-
DisruptedPods contains information about pods whose eviction or deletion was
processed by the API handler but has not yet been observed by the PodUnavailableBudget.
type: object
observedGeneration:
description: |-
Most recent generation observed when updating this PUB status. UnavailableAllowed and other
status information is valid only if observedGeneration equals to PUB's object generation.
format: int64
type: integer
totalReplicas:
description: TotalReplicas total number of pods counted by this unavailable
budget
format: int32
type: integer
unavailableAllowed:
description: UnavailableAllowed number of pod unavailable that are
currently allowed
format: int32
type: integer
unavailablePods:
additionalProperties:
format: date-time
type: string
description: |-
UnavailablePods contains information about pods whose specification changed(inplace-update pod),
once pod is available(consistent and ready) again, it will be removed from the list.
type: object
required:
- currentAvailable
- desiredAvailable
- totalReplicas
- unavailableAllowed
type: object
type: object
served: true
storage: true
subresources:
status: {}
{{- end }}

92
versions/kruise/next/templates/pre_delete_hook_job.yaml Normal file
View File

@ -0,0 +1,92 @@
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
creationTimestamp: null
name: kruise-helm-hook-role
annotations:
"helm.sh/hook": pre-delete
"helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded
"helm.sh/hook-weight": "1"
rules:
- apiGroups:
- apps.kruise.io
resources:
- clonesets
verbs:
- list
- apiGroups:
- apps.kruise.io
resources:
- daemonsets
verbs:
- list
- apiGroups:
- apps.kruise.io
resources:
- statefulsets
verbs:
- list
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: kruise-helm-hook-rolebinding
annotations:
"helm.sh/hook": pre-delete
"helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded
"helm.sh/hook-weight": "2"
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: kruise-helm-hook-role
subjects:
- kind: ServiceAccount
name: kruise-helm-hook
namespace: {{ .Values.installation.namespace }}
---
apiVersion: batch/v1
kind: Job
metadata:
name: "{{ .Release.Name }}-finalizer"
namespace: {{ .Values.installation.namespace }}
labels:
app.kubernetes.io/managed-by: {{ .Release.Service | quote }}
app.kubernetes.io/instance: {{ .Release.Name | quote }}
app.kubernetes.io/version: {{ .Chart.AppVersion }}
helm.sh/chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
kruise: helm-finalizer
annotations:
# This is what defines this resource as a hook. Without this line, the
# job is considered part of the release.
"helm.sh/hook": pre-delete
"helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded
"helm.sh/hook-weight": "4"
spec:
backoffLimit: 0
template:
metadata:
name: "{{ .Release.Name }}-finalizer"
labels:
app.kubernetes.io/managed-by: {{ .Release.Service | quote }}
app.kubernetes.io/instance: {{ .Release.Name | quote }}
helm.sh/chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
kruise: helm-finalizer
spec:
restartPolicy: Never
serviceAccountName: kruise-helm-hook
containers:
- name: pre-delete-job
image: {{ .Values.helmHooks.image.repository }}:{{ .Values.helmHooks.image.tag }}
imagePullPolicy: IfNotPresent
---
# write a service account named kruise-helm-hook:
apiVersion: v1
kind: ServiceAccount
metadata:
name: kruise-helm-hook
namespace: {{ .Values.installation.namespace }}
annotations:
"helm.sh/hook": pre-delete
"helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded
"helm.sh/hook-weight": "3"

1064
versions/kruise/next/templates/rbac_role.yaml Normal file
View File

File diff suppressed because it is too large Load Diff

915
versions/kruise/next/templates/webhookconfiguration.yaml Normal file
View File

@ -0,0 +1,915 @@
apiVersion: admissionregistration.k8s.io/v1
kind: MutatingWebhookConfiguration
metadata:
name: kruise-mutating-webhook-configuration
annotations:
template: ""
{{- if .Values.externalCerts.annotations }}
{{ toYaml .Values.externalCerts.annotations | indent 4 }}
{{- end }}
webhooks:
{{- if not (contains "PodWebhook=false" .Values.featureGates) }}
- admissionReviewVersions:
- v1
- v1beta1
clientConfig:
service:
name: kruise-webhook-service
namespace: {{ .Values.installation.namespace }}
path: /mutate-pod
timeoutSeconds: {{ .Values.webhookConfiguration.timeoutSeconds }}
failurePolicy: Fail
name: mpod.kb.io
namespaceSelector:
matchExpressions:
- key: control-plane
operator: NotIn
values:
- openkruise
- key: kubernetes.io/metadata.name
operator: NotIn
values:
- kube-system
rules:
- apiGroups:
- ""
apiVersions:
- v1
operations:
- CREATE
resources:
- pods
sideEffects: None
{{- end }}
- admissionReviewVersions:
- v1
- v1beta1
clientConfig:
service:
name: kruise-webhook-service
namespace: {{ .Values.installation.namespace }}
path: /mutate-apps-kruise-io-v1alpha1-advancedcronjob
failurePolicy: Fail
timeoutSeconds: {{ .Values.webhookConfiguration.timeoutSeconds }}
name: madvancedcronjob.kb.io
rules:
- apiGroups:
- apps.kruise.io
apiVersions:
- v1alpha1
operations:
- CREATE
- UPDATE
resources:
- advancedcronjobs
sideEffects: None
- admissionReviewVersions:
- v1
- v1beta1
clientConfig:
service:
name: kruise-webhook-service
namespace: {{ .Values.installation.namespace }}
path: /mutate-apps-kruise-io-v1alpha1-broadcastjob
failurePolicy: Fail
timeoutSeconds: {{ .Values.webhookConfiguration.timeoutSeconds }}
name: mbroadcastjob.kb.io
rules:
- apiGroups:
- apps.kruise.io
apiVersions:
- v1alpha1
operations:
- CREATE
- UPDATE
resources:
- broadcastjobs
sideEffects: None
- admissionReviewVersions:
- v1
- v1beta1
clientConfig:
service:
name: kruise-webhook-service
namespace: {{ .Values.installation.namespace }}
path: /mutate-apps-kruise-io-v1alpha1-cloneset
failurePolicy: Fail
timeoutSeconds: {{ .Values.webhookConfiguration.timeoutSeconds }}
name: mcloneset.kb.io
rules:
- apiGroups:
- apps.kruise.io
apiVersions:
- v1alpha1
operations:
- CREATE
- UPDATE
resources:
- clonesets
sideEffects: None
- admissionReviewVersions:
- v1
- v1beta1
clientConfig:
service:
name: kruise-webhook-service
namespace: {{ .Values.installation.namespace }}
path: /mutate-apps-kruise-io-v1alpha1-containerrecreaterequest
failurePolicy: Fail
timeoutSeconds: {{ .Values.webhookConfiguration.timeoutSeconds }}
name: mcontainerrecreaterequest.kb.io
rules:
- apiGroups:
- apps.kruise.io
apiVersions:
- v1alpha1
operations:
- CREATE
- UPDATE
resources:
- containerrecreaterequests
sideEffects: None
- admissionReviewVersions:
- v1
- v1beta1
clientConfig:
service:
name: kruise-webhook-service
namespace: {{ .Values.installation.namespace }}
path: /mutate-apps-kruise-io-v1alpha1-daemonset
failurePolicy: Fail
timeoutSeconds: {{ .Values.webhookConfiguration.timeoutSeconds }}
name: mdaemonset.kb.io
rules:
- apiGroups:
- apps.kruise.io
apiVersions:
- v1alpha1
operations:
- CREATE
- UPDATE
resources:
- daemonsets
sideEffects: None
- admissionReviewVersions:
- v1
- v1beta1
clientConfig:
service:
name: kruise-webhook-service
namespace: {{ .Values.installation.namespace }}
path: /mutate-apps-kruise-io-v1alpha1-imagelistpulljob
failurePolicy: Fail
timeoutSeconds: {{ .Values.webhookConfiguration.timeoutSeconds }}
name: mimagelistpulljob.kb.io
rules:
- apiGroups:
- apps.kruise.io
apiVersions:
- v1alpha1
operations:
- CREATE
- UPDATE
resources:
- imagelistpulljobs
sideEffects: None
- admissionReviewVersions:
- v1
- v1beta1
clientConfig:
service:
name: kruise-webhook-service
namespace: {{ .Values.installation.namespace }}
path: /mutate-apps-kruise-io-v1alpha1-imagepulljob
failurePolicy: Fail
timeoutSeconds: {{ .Values.webhookConfiguration.timeoutSeconds }}
name: mimagepulljob.kb.io
rules:
- apiGroups:
- apps.kruise.io
apiVersions:
- v1alpha1
operations:
- CREATE
- UPDATE
resources:
- imagepulljobs
sideEffects: None
- admissionReviewVersions:
- v1
- v1beta1
clientConfig:
service:
name: kruise-webhook-service
namespace: {{ .Values.installation.namespace }}
path: /mutate-apps-kruise-io-v1alpha1-nodeimage
failurePolicy: Fail
timeoutSeconds: {{ .Values.webhookConfiguration.timeoutSeconds }}
name: mnodeimage.kb.io
rules:
- apiGroups:
- apps.kruise.io
apiVersions:
- v1alpha1
operations:
- CREATE
- UPDATE
resources:
- nodeimages
sideEffects: None
- admissionReviewVersions:
- v1
- v1beta1
clientConfig:
service:
name: kruise-webhook-service
namespace: {{ .Values.installation.namespace }}
path: /mutate-apps-kruise-io-v1alpha1-sidecarset
failurePolicy: Fail
timeoutSeconds: {{ .Values.webhookConfiguration.timeoutSeconds }}
name: msidecarset.kb.io
rules:
- apiGroups:
- apps.kruise.io
apiVersions:
- v1alpha1
operations:
- CREATE
- UPDATE
resources:
- sidecarsets
sideEffects: None
- admissionReviewVersions:
- v1
- v1beta1
clientConfig:
service:
name: kruise-webhook-service
namespace: {{ .Values.installation.namespace }}
path: /mutate-apps-kruise-io-statefulset
failurePolicy: Fail
timeoutSeconds: {{ .Values.webhookConfiguration.timeoutSeconds }}
name: mstatefulset.kb.io
rules:
- apiGroups:
- apps.kruise.io
apiVersions:
- v1alpha1
- v1beta1
operations:
- CREATE
- UPDATE
resources:
- statefulsets
sideEffects: None
- admissionReviewVersions:
- v1
- v1beta1
clientConfig:
service:
name: kruise-webhook-service
namespace: {{ .Values.installation.namespace }}
path: /mutate-apps-kruise-io-v1alpha1-uniteddeployment
failurePolicy: Fail
timeoutSeconds: {{ .Values.webhookConfiguration.timeoutSeconds }}
name: muniteddeployment.kb.io
rules:
- apiGroups:
- apps.kruise.io
apiVersions:
- v1alpha1
operations:
- CREATE
- UPDATE
resources:
- uniteddeployments
sideEffects: None
---
apiVersion: admissionregistration.k8s.io/v1
kind: ValidatingWebhookConfiguration
metadata:
name: kruise-validating-webhook-configuration
annotations:
template: ""
{{- if .Values.externalCerts.annotations }}
{{ toYaml .Values.externalCerts.annotations | indent 4 }}
{{- end }}
webhooks:
- admissionReviewVersions:
- v1
- v1beta1
clientConfig:
service:
name: kruise-webhook-service
namespace: {{ .Values.installation.namespace }}
path: /validate-apps-deployment
failurePolicy: Ignore
timeoutSeconds: {{ .Values.webhookConfiguration.timeoutSeconds }}
name: vbuiltindeployment.kb.io
objectSelector:
matchExpressions:
- key: policy.kruise.io/delete-protection
operator: Exists
namespaceSelector:
matchExpressions:
- key: kubernetes.io/metadata.name
operator: NotIn
values:
- kube-system
rules:
- apiGroups:
- apps
apiVersions:
- v1
operations:
- DELETE
resources:
- deployments
sideEffects: None
- admissionReviewVersions:
- v1
- v1beta1
clientConfig:
service:
name: kruise-webhook-service
namespace: {{ .Values.installation.namespace }}
path: /validate-apps-replicaset
failurePolicy: Ignore
timeoutSeconds: {{ .Values.webhookConfiguration.timeoutSeconds }}
name: vbuiltinreplicaset.kb.io
objectSelector:
matchExpressions:
- key: policy.kruise.io/delete-protection
operator: Exists
namespaceSelector:
matchExpressions:
- key: kubernetes.io/metadata.name
operator: NotIn
values:
- kube-system
rules:
- apiGroups:
- apps
apiVersions:
- v1
operations:
- DELETE
resources:
- replicasets
sideEffects: None
- admissionReviewVersions:
- v1
- v1beta1
clientConfig:
service:
name: kruise-webhook-service
namespace: {{ .Values.installation.namespace }}
path: /validate-apps-statefulset
failurePolicy: Ignore
timeoutSeconds: {{ .Values.webhookConfiguration.timeoutSeconds }}
name: vbuiltinstatefulset.kb.io
objectSelector:
matchExpressions:
- key: policy.kruise.io/delete-protection
operator: Exists
namespaceSelector:
matchExpressions:
- key: kubernetes.io/metadata.name
operator: NotIn
values:
- kube-system
rules:
- apiGroups:
- apps
apiVersions:
- v1
operations:
- DELETE
resources:
- statefulsets
sideEffects: None
- admissionReviewVersions:
- v1
- v1beta1
clientConfig:
service:
name: kruise-webhook-service
namespace: {{ .Values.installation.namespace }}
path: /validate-customresourcedefinition
failurePolicy: Ignore
timeoutSeconds: {{ .Values.webhookConfiguration.timeoutSeconds }}
name: vcustomresourcedefinition.kb.io
objectSelector:
matchExpressions:
- key: policy.kruise.io/delete-protection
operator: Exists
namespaceSelector:
matchExpressions:
- key: kubernetes.io/metadata.name
operator: NotIn
values:
- kube-system
rules:
- apiGroups:
- apiextensions.k8s.io
apiVersions:
- v1
- v1beta1
operations:
- DELETE
resources:
- customresourcedefinitions
sideEffects: None
- admissionReviewVersions:
- v1
- v1beta1
clientConfig:
service:
name: kruise-webhook-service
namespace: {{ .Values.installation.namespace }}
path: /validate-namespace
failurePolicy: Ignore
timeoutSeconds: {{ .Values.webhookConfiguration.timeoutSeconds }}
name: vnamespace.kb.io
objectSelector:
matchExpressions:
- key: policy.kruise.io/delete-protection
operator: Exists
namespaceSelector:
matchExpressions:
- key: kubernetes.io/metadata.name
operator: NotIn
values:
- kube-system
rules:
- apiGroups:
- ""
apiVersions:
- v1
operations:
- DELETE
resources:
- namespaces
sideEffects: None
- admissionReviewVersions:
- v1
- v1beta1
clientConfig:
service:
name: kruise-webhook-service
namespace: {{ .Values.installation.namespace }}
path: /validate-ingress
failurePolicy: Ignore
timeoutSeconds: {{ .Values.webhookConfiguration.timeoutSeconds }}
name: vingress.kb.io
objectSelector:
matchExpressions:
- key: policy.kruise.io/delete-protection
operator: Exists
namespaceSelector:
matchExpressions:
- key: kubernetes.io/metadata.name
operator: NotIn
values:
- kube-system
rules:
- apiGroups:
- networking.k8s.io
apiVersions:
- v1
- v1beta1
operations:
- DELETE
resources:
- ingresses
sideEffects: None
- admissionReviewVersions:
- v1
- v1beta1
clientConfig:
service:
name: kruise-webhook-service
namespace: {{ .Values.installation.namespace }}
path: /validate-service
failurePolicy: Ignore
timeoutSeconds: {{ .Values.webhookConfiguration.timeoutSeconds }}
name: vservice.kb.io
objectSelector:
matchExpressions:
- key: policy.kruise.io/delete-protection
operator: Exists
namespaceSelector:
matchExpressions:
- key: kubernetes.io/metadata.name
operator: NotIn
values:
- kube-system
rules:
- apiGroups:
- ""
apiVersions:
- v1
operations:
- DELETE
resources:
- services
sideEffects: None
{{- if not (contains "PodWebhook=false" .Values.featureGates) }}
- admissionReviewVersions:
- v1
- v1beta1
clientConfig:
service:
name: kruise-webhook-service
namespace: {{ .Values.installation.namespace }}
path: /validate-pod
failurePolicy: Fail
timeoutSeconds: {{ .Values.webhookConfiguration.timeoutSeconds }}
name: vpod.kb.io
namespaceSelector:
matchExpressions:
- key: control-plane
operator: NotIn
values:
- openkruise
- key: kubernetes.io/metadata.name
operator: NotIn
values:
- kube-system
rules:
- apiGroups:
- ""
apiVersions:
- v1
operations:
- UPDATE
- DELETE
resources:
- pods
sideEffects: None
- admissionReviewVersions:
- v1
- v1beta1
clientConfig:
service:
name: kruise-webhook-service
namespace: {{ .Values.installation.namespace }}
path: /validate-pod
failurePolicy: Fail
timeoutSeconds: {{ .Values.webhookConfiguration.timeoutSeconds }}
name: vpodeviction.kb.io
namespaceSelector:
matchExpressions:
- key: control-plane
operator: NotIn
values:
- openkruise
- key: kubernetes.io/metadata.name
operator: NotIn
values:
- kube-system
rules:
- apiGroups:
- ""
apiVersions:
- v1
operations:
- CREATE
resources:
- pods/eviction
sideEffects: None
{{- end }}
- admissionReviewVersions:
- v1
- v1beta1
clientConfig:
service:
name: kruise-webhook-service
namespace: {{ .Values.installation.namespace }}
path: /validate-apps-kruise-io-v1alpha1-resourcedistribution
failurePolicy: Fail
timeoutSeconds: {{ .Values.webhookConfiguration.timeoutSeconds }}
name: vresourcedistribution.kb.io
rules:
- apiGroups:
- apps.kruise.io
apiVersions:
- v1alpha1
operations:
- CREATE
- UPDATE
resources:
- resourcedistributions
sideEffects: None
- admissionReviewVersions:
- v1
- v1beta1
clientConfig:
service:
name: kruise-webhook-service
namespace: {{ .Values.installation.namespace }}
path: /validate-apps-kruise-io-v1alpha1-workloadspread
failurePolicy: Fail
timeoutSeconds: {{ .Values.webhookConfiguration.timeoutSeconds }}
name: vworkloadspread.kb.io
rules:
- apiGroups:
- apps.kruise.io
apiVersions:
- v1alpha1
operations:
- CREATE
- UPDATE
resources:
- workloadspreads
sideEffects: None
- admissionReviewVersions:
- v1
- v1beta1
clientConfig:
service:
name: kruise-webhook-service
namespace: {{ .Values.installation.namespace }}
path: /validate-apps-kruise-io-v1alpha1-advancedcronjob
failurePolicy: Fail
timeoutSeconds: {{ .Values.webhookConfiguration.timeoutSeconds }}
name: vadvancedcronjob.kb.io
rules:
- apiGroups:
- apps.kruise.io
apiVersions:
- v1alpha1
operations:
- CREATE
- UPDATE
resources:
- advancedcronjobs
sideEffects: None
- admissionReviewVersions:
- v1
- v1beta1
clientConfig:
service:
name: kruise-webhook-service
namespace: {{ .Values.installation.namespace }}
path: /validate-apps-kruise-io-v1alpha1-broadcastjob
failurePolicy: Fail
timeoutSeconds: {{ .Values.webhookConfiguration.timeoutSeconds }}
name: vbroadcastjob.kb.io
rules:
- apiGroups:
- apps.kruise.io
apiVersions:
- v1alpha1
operations:
- CREATE
- UPDATE
resources:
- broadcastjobs
sideEffects: None
- admissionReviewVersions:
- v1
- v1beta1
clientConfig:
service:
name: kruise-webhook-service
namespace: {{ .Values.installation.namespace }}
path: /validate-apps-kruise-io-v1alpha1-cloneset
failurePolicy: Fail
timeoutSeconds: {{ .Values.webhookConfiguration.timeoutSeconds }}
name: vcloneset.kb.io
rules:
- apiGroups:
- apps.kruise.io
apiVersions:
- v1alpha1
operations:
- CREATE
- UPDATE
- DELETE
resources:
- clonesets
sideEffects: None
- admissionReviewVersions:
- v1
- v1beta1
clientConfig:
service:
name: kruise-webhook-service
namespace: {{ .Values.installation.namespace }}
path: /validate-apps-kruise-io-v1alpha1-daemonset
failurePolicy: Fail
timeoutSeconds: {{ .Values.webhookConfiguration.timeoutSeconds }}
name: vdaemonset.kb.io
rules:
- apiGroups:
- apps.kruise.io
apiVersions:
- v1alpha1
operations:
- CREATE
- UPDATE
resources:
- daemonsets
sideEffects: None
- admissionReviewVersions:
- v1
- v1beta1
clientConfig:
service:
name: kruise-webhook-service
namespace: {{ .Values.installation.namespace }}
path: /validate-apps-kruise-io-v1alpha1-imagelistpulljob
failurePolicy: Fail
timeoutSeconds: {{ .Values.webhookConfiguration.timeoutSeconds }}
name: vimagelistpulljob.kb.io
rules:
- apiGroups:
- apps.kruise.io
apiVersions:
- v1alpha1
operations:
- CREATE
- UPDATE
resources:
- imagelistpulljobs
sideEffects: None
- admissionReviewVersions:
- v1
- v1beta1
clientConfig:
service:
name: kruise-webhook-service
namespace: {{ .Values.installation.namespace }}
path: /validate-apps-kruise-io-v1alpha1-imagepulljob
failurePolicy: Fail
timeoutSeconds: {{ .Values.webhookConfiguration.timeoutSeconds }}
name: vimagepulljob.kb.io
rules:
- apiGroups:
- apps.kruise.io
apiVersions:
- v1alpha1
operations:
- CREATE
- UPDATE
resources:
- imagepulljobs
sideEffects: None
- admissionReviewVersions:
- v1
- v1beta1
clientConfig:
service:
name: kruise-webhook-service
namespace: {{ .Values.installation.namespace }}
path: /validate-apps-kruise-io-v1alpha1-nodeimage
failurePolicy: Fail
timeoutSeconds: {{ .Values.webhookConfiguration.timeoutSeconds }}
name: vnodeimage.kb.io
rules:
- apiGroups:
- apps.kruise.io
apiVersions:
- v1alpha1
operations:
- CREATE
- UPDATE
resources:
- nodeimages
sideEffects: None
- admissionReviewVersions:
- v1
- v1beta1
clientConfig:
service:
name: kruise-webhook-service
namespace: {{ .Values.installation.namespace }}
path: /validate-apps-kruise-io-persistentpodstate
failurePolicy: Fail
timeoutSeconds: {{ .Values.webhookConfiguration.timeoutSeconds }}
name: vpersistentpodstate.kb.io
rules:
- apiGroups:
- apps.kruise.io
apiVersions:
- v1alpha1
operations:
- CREATE
- UPDATE
resources:
- persistentpodstates
sideEffects: None
- admissionReviewVersions:
- v1
- v1beta1
clientConfig:
service:
name: kruise-webhook-service
namespace: {{ .Values.installation.namespace }}
path: /validate-apps-kruise-io-podprobemarker
failurePolicy: Fail
timeoutSeconds: {{ .Values.webhookConfiguration.timeoutSeconds }}
name: vpodprobemarker.kb.io
rules:
- apiGroups:
- apps.kruise.io
apiVersions:
- v1alpha1
operations:
- CREATE
- UPDATE
resources:
- podprobemarkers
sideEffects: None
- admissionReviewVersions:
- v1
- v1beta1
clientConfig:
service:
name: kruise-webhook-service
namespace: {{ .Values.installation.namespace }}
path: /validate-policy-kruise-io-podunavailablebudget
failurePolicy: Fail
timeoutSeconds: {{ .Values.webhookConfiguration.timeoutSeconds }}
name: vpodunavailablebudget.kb.io
rules:
- apiGroups:
- policy.kruise.io
apiVersions:
- v1alpha1
operations:
- CREATE
- UPDATE
resources:
- podunavailablebudgets
sideEffects: None
- admissionReviewVersions:
- v1
- v1beta1
clientConfig:
service:
name: kruise-webhook-service
namespace: {{ .Values.installation.namespace }}
path: /validate-apps-kruise-io-v1alpha1-sidecarset
failurePolicy: Fail
timeoutSeconds: {{ .Values.webhookConfiguration.timeoutSeconds }}
name: vsidecarset.kb.io
rules:
- apiGroups:
- apps.kruise.io
apiVersions:
- v1alpha1
operations:
- CREATE
- UPDATE
resources:
- sidecarsets
sideEffects: None
- admissionReviewVersions:
- v1
- v1beta1
clientConfig:
service:
name: kruise-webhook-service
namespace: {{ .Values.installation.namespace }}
path: /validate-apps-kruise-io-statefulset
failurePolicy: Fail
timeoutSeconds: {{ .Values.webhookConfiguration.timeoutSeconds }}
name: vstatefulset.kb.io
rules:
- apiGroups:
- apps.kruise.io
apiVersions:
- v1alpha1
- v1beta1
operations:
- CREATE
- UPDATE
- DELETE
resources:
- statefulsets
sideEffects: None
- admissionReviewVersions:
- v1
- v1beta1
clientConfig:
service:
name: kruise-webhook-service
namespace: {{ .Values.installation.namespace }}
path: /validate-apps-kruise-io-v1alpha1-uniteddeployment
failurePolicy: Fail
timeoutSeconds: {{ .Values.webhookConfiguration.timeoutSeconds }}
name: vuniteddeployment.kb.io
rules:
- apiGroups:
- apps.kruise.io
apiVersions:
- v1alpha1
operations:
- CREATE
- UPDATE
- DELETE
resources:
- uniteddeployments
sideEffects: None

120
versions/kruise/next/values.yaml Normal file
View File

@ -0,0 +1,120 @@
# Default values for kruise.
crds:
managed: true
# values for kruise installation
installation:
namespace: kruise-system
createNamespace: true
roleListGroups:
- '*'
featureGates: "ImagePullJobGate=true"
externalCerts:
# annotations to patch for webhook configuration and crd
# e.g. cert-manager.io/inject-ca-from: kruise-system/kruise-webhook
annotations: {}
# KUBE_CACHE_MUTATION_DETECTOR
enableKubeCacheMutationDetector: false
# imagePullSecrets to pull kruise images
imagePullSecrets: []
manager:
# settings for log print
log:
# log level for kruise-manager
level: "4"
replicas: 2
image:
repository: openkruise/kruise-manager
tag: v1.8.0
webhook:
port: 9876
metrics:
port: 8080
healthProbe:
port: 8000
pprofAddr: "localhost:8090"
resyncPeriod: "0"
loggingFormat: ""
# resources of kruise-manager container
resources:
limits:
cpu: 200m
memory: 512Mi
requests:
cpu: 100m
memory: 256Mi
hostNetwork: false
nodeAffinity: {}
nodeSelector: {}
tolerations: []
webhookConfiguration:
timeoutSeconds: 30
daemon:
log:
# log level for kruise-daemon
level: "4"
port: 10221
enablePprof: true
pprofAddr: "localhost:10222"
socketLocation: "/var/run"
socketFile: ""
nodeSelector: {}
affinity:
nodeAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
nodeSelectorTerms:
- matchExpressions:
- key: type
operator: NotIn
values:
- virtual-kubelet
resources:
limits:
cpu: 50m
memory: 128Mi
requests:
cpu: "0"
memory: "0"
# Extra environment variables that will be pass onto pods.
# For example, when the daemon is used behind a http proxy, you can set the proxy environment variables here.
# This will be appended to the current 'env:' key. You can use any of the kubernetes env
# syntax here.
extraEnvs: []
# - name: HTTP_PROXY
# value: http://my-proxy:8080/
# - name: HTTPS_PROXY
# value: http://my-proxy:8080/
# - name: NO_PROXY
# value: localhost,0.0.0.0,127.0.0.1,10.0.0.0/8,172.16.0.0/12,192.168.0.0/16,.svc,.cluster.local
credentialProvider:
enable: false
configmap: credential-provider-config
hostPath: credential-provider-plugin
awsCredentialsDir: ""
serviceAccount:
annotations: {}
helmHooks:
image:
repository: openkruise/kruise-helm-hook
tag: v0.1.0