fix(helm): namespace app-specific global values under global.seaweedfs (#8700)
* fix(helm): namespace app-specific values under global.seaweedfs Move all app-specific values from the global namespace to global.seaweedfs.* to avoid polluting the shared .Values.global namespace when the chart is used as a subchart. Standard Helm conventions (global.imageRegistry, global.imagePullSecrets) remain at the global level as they are designed to be shared across subcharts. Fixes seaweedfs/seaweedfs#8699 BREAKING CHANGE: global values have been restructured. Users must update their values files to use the new paths: - global.registry → global.imageRegistry - global.repository → global.seaweedfs.image.repository - global.imageName → global.seaweedfs.image.name - global.<key> → global.seaweedfs.<key> (for all other app-specific values) * fix(ci): update helm CI tests to use new global.seaweedfs.* value paths Update all --set flags in helm_ci.yml to use the new namespaced global.seaweedfs.* paths matching the values.yaml restructuring. * fix(ci): install Claude Code via npm to avoid install.sh 403 The claude-code-action's built-in installer uses `curl https://claude.ai/install.sh | bash` which can fail with 403. Due to the pipe, bash exits 0 on empty input, masking the curl failure and leaving the `claude` binary missing. Work around this by installing Claude Code via npm before invoking the action, and passing the executable path via path_to_claude_code_executable. * revert: remove claude-code-review.yml changes from this PR The claude-code-action OIDC token exchange validates that the workflow file matches the version on the default branch. Modifying it in a PR causes the review job to fail with "Workflow validation failed". The Claude Code install fix will need to be applied directly to master or in a separate PR. * fix: update stale references to old global.* value paths - admin-statefulset.yaml: fix fail message to reference global.seaweedfs.masterServer - values.yaml: fix comment to reference image.name instead of imageName - helm_ci.yml: fix diagnostic message to reference global.seaweedfs.enableSecurity * feat(helm): add backward-compat shim for old global.* value paths Add _compat.tpl with a seaweedfs.compat helper that detects old-style global.* keys (e.g. global.enableSecurity, global.registry) and merges them into the new global.seaweedfs.* namespace. Since the old keys no longer have defaults in values.yaml, their presence means the user explicitly provided them. The helper uses in-place mutation via `set` so all templates see the merged values. This ensures existing deployments using old value paths continue to work without changes after upgrading. * fix: update stale comment references in values.yaml Update comments referencing global.enableSecurity and global.masterServer to the new global.seaweedfs.* paths. --------- Co-authored-by: Copilot <copilot@github.com>
This commit is contained in:
Chris Lu
20
.github/workflows/helm_ci.yml
vendored
20
.github/workflows/helm_ci.yml
vendored
@@ -64,15 +64,15 @@ jobs:
|
|||||||
echo "✓ All-in-one deployment renders correctly"
|
echo "✓ All-in-one deployment renders correctly"
|
||||||
|
|
||||||
echo "=== Testing with security enabled ==="
|
echo "=== Testing with security enabled ==="
|
||||||
helm template test $CHART_DIR --set global.enableSecurity=true > /tmp/security.yaml
|
helm template test $CHART_DIR --set global.seaweedfs.enableSecurity=true > /tmp/security.yaml
|
||||||
grep -q "security-config" /tmp/security.yaml
|
grep -q "security-config" /tmp/security.yaml
|
||||||
echo "✓ Security configuration renders correctly"
|
echo "✓ Security configuration renders correctly"
|
||||||
|
|
||||||
echo "=== Testing with monitoring enabled ==="
|
echo "=== Testing with monitoring enabled ==="
|
||||||
helm template test $CHART_DIR \
|
helm template test $CHART_DIR \
|
||||||
--set global.monitoring.enabled=true \
|
--set global.seaweedfs.monitoring.enabled=true \
|
||||||
--set global.monitoring.gatewayHost=prometheus \
|
--set global.seaweedfs.monitoring.gatewayHost=prometheus \
|
||||||
--set global.monitoring.gatewayPort=9091 > /tmp/monitoring.yaml
|
--set global.seaweedfs.monitoring.gatewayPort=9091 > /tmp/monitoring.yaml
|
||||||
echo "✓ Monitoring configuration renders correctly"
|
echo "✓ Monitoring configuration renders correctly"
|
||||||
|
|
||||||
echo "=== Testing with PVC storage ==="
|
echo "=== Testing with PVC storage ==="
|
||||||
@@ -124,7 +124,7 @@ jobs:
|
|||||||
# --- Normal mode: master + filer-client services vs helper-produced addresses ---
|
# --- Normal mode: master + filer-client services vs helper-produced addresses ---
|
||||||
helm template "$LONG_RELEASE" $CHART_DIR \
|
helm template "$LONG_RELEASE" $CHART_DIR \
|
||||||
--set s3.enabled=true \
|
--set s3.enabled=true \
|
||||||
--set global.createBuckets[0].name=test > /tmp/longname.yaml
|
--set global.seaweedfs.createBuckets[0].name=test > /tmp/longname.yaml
|
||||||
|
|
||||||
# Extract Service names from metadata
|
# Extract Service names from metadata
|
||||||
MASTER_SVC=$(awk '/kind: Service/{found=1} found && /^ *name:/{print $2; found=0}' /tmp/longname.yaml \
|
MASTER_SVC=$(awk '/kind: Service/{found=1} found && /^ *name:/{print $2; found=0}' /tmp/longname.yaml \
|
||||||
@@ -161,7 +161,7 @@ jobs:
|
|||||||
# --- All-in-one mode: all-in-one service vs both helper addresses ---
|
# --- All-in-one mode: all-in-one service vs both helper addresses ---
|
||||||
helm template "$LONG_RELEASE" $CHART_DIR \
|
helm template "$LONG_RELEASE" $CHART_DIR \
|
||||||
--set allInOne.enabled=true \
|
--set allInOne.enabled=true \
|
||||||
--set global.createBuckets[0].name=test > /tmp/longname-aio.yaml
|
--set global.seaweedfs.createBuckets[0].name=test > /tmp/longname-aio.yaml
|
||||||
|
|
||||||
AIO_SVC=$(awk '/kind: Service/{found=1} found && /^ *name:/{print $2; found=0}' /tmp/longname-aio.yaml \
|
AIO_SVC=$(awk '/kind: Service/{found=1} found && /^ *name:/{print $2; found=0}' /tmp/longname-aio.yaml \
|
||||||
| grep -- '-all-in-one$')
|
| grep -- '-all-in-one$')
|
||||||
@@ -183,11 +183,11 @@ jobs:
|
|||||||
# Render the three manifests that include seaweedfs.s3.tlsArgs:
|
# Render the three manifests that include seaweedfs.s3.tlsArgs:
|
||||||
# filer-statefulset, s3-deployment, all-in-one-deployment
|
# filer-statefulset, s3-deployment, all-in-one-deployment
|
||||||
helm template test $CHART_DIR \
|
helm template test $CHART_DIR \
|
||||||
--set global.enableSecurity=true \
|
--set global.seaweedfs.enableSecurity=true \
|
||||||
--set filer.s3.enabled=true \
|
--set filer.s3.enabled=true \
|
||||||
--set s3.enabled=true > /tmp/security-s3.yaml
|
--set s3.enabled=true > /tmp/security-s3.yaml
|
||||||
helm template test $CHART_DIR \
|
helm template test $CHART_DIR \
|
||||||
--set global.enableSecurity=true \
|
--set global.seaweedfs.enableSecurity=true \
|
||||||
--set allInOne.enabled=true \
|
--set allInOne.enabled=true \
|
||||||
--set allInOne.s3.enabled=true > /tmp/security-aio.yaml
|
--set allInOne.s3.enabled=true > /tmp/security-aio.yaml
|
||||||
|
|
||||||
@@ -212,7 +212,7 @@ jobs:
|
|||||||
if errors:
|
if errors:
|
||||||
for e in errors:
|
for e in errors:
|
||||||
print(f"FAIL: {e}", file=sys.stderr)
|
print(f"FAIL: {e}", file=sys.stderr)
|
||||||
print("Rendered with: global.enableSecurity=true, filer.s3.enabled=true, s3.enabled=true, allInOne.enabled=true", file=sys.stderr)
|
print("Rendered with: global.seaweedfs.enableSecurity=true, filer.s3.enabled=true, s3.enabled=true, allInOne.enabled=true", file=sys.stderr)
|
||||||
sys.exit(1)
|
sys.exit(1)
|
||||||
print("✓ No blank lines in security+S3 command blocks")
|
print("✓ No blank lines in security+S3 command blocks")
|
||||||
PYEOF
|
PYEOF
|
||||||
|
|||||||
@@ -1,5 +1,6 @@
|
|||||||
|
{{- include "seaweedfs.compat" . -}}
|
||||||
{{- if .Values.admin.enabled }}
|
{{- if .Values.admin.enabled }}
|
||||||
{{- if .Values.global.monitoring.enabled }}
|
{{- if .Values.global.seaweedfs.monitoring.enabled }}
|
||||||
apiVersion: monitoring.coreos.com/v1
|
apiVersion: monitoring.coreos.com/v1
|
||||||
kind: ServiceMonitor
|
kind: ServiceMonitor
|
||||||
metadata:
|
metadata:
|
||||||
@@ -11,7 +12,7 @@ metadata:
|
|||||||
app.kubernetes.io/managed-by: {{ .Release.Service }}
|
app.kubernetes.io/managed-by: {{ .Release.Service }}
|
||||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
app.kubernetes.io/component: admin
|
app.kubernetes.io/component: admin
|
||||||
{{- with .Values.global.monitoring.additionalLabels }}
|
{{- with .Values.global.seaweedfs.monitoring.additionalLabels }}
|
||||||
{{- toYaml . | nindent 4 }}
|
{{- toYaml . | nindent 4 }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
{{- with .Values.admin.serviceMonitor.annotations }}
|
{{- with .Values.admin.serviceMonitor.annotations }}
|
||||||
|
|||||||
@@ -1,9 +1,10 @@
|
|||||||
|
{{- include "seaweedfs.compat" . -}}
|
||||||
{{- if .Values.admin.enabled }}
|
{{- if .Values.admin.enabled }}
|
||||||
{{- if gt (.Values.admin.replicas | int) 1 }}
|
{{- if gt (.Values.admin.replicas | int) 1 }}
|
||||||
{{- fail "admin.replicas must be 0 or 1" -}}
|
{{- fail "admin.replicas must be 0 or 1" -}}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
{{- if and (not .Values.admin.masters) (not .Values.global.masterServer) (not .Values.master.enabled) }}
|
{{- if and (not .Values.admin.masters) (not .Values.global.seaweedfs.masterServer) (not .Values.master.enabled) }}
|
||||||
{{- fail "admin.masters or global.masterServer must be set if master.enabled is false" -}}
|
{{- fail "admin.masters or global.seaweedfs.masterServer must be set if master.enabled is false" -}}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
apiVersion: apps/v1
|
apiVersion: apps/v1
|
||||||
kind: StatefulSet
|
kind: StatefulSet
|
||||||
@@ -50,7 +51,7 @@ spec:
|
|||||||
{{- toYaml . | nindent 8 }}
|
{{- toYaml . | nindent 8 }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
spec:
|
spec:
|
||||||
restartPolicy: {{ default .Values.global.restartPolicy .Values.admin.restartPolicy }}
|
restartPolicy: {{ default .Values.global.seaweedfs.restartPolicy .Values.admin.restartPolicy }}
|
||||||
{{- if .Values.admin.affinity }}
|
{{- if .Values.admin.affinity }}
|
||||||
affinity:
|
affinity:
|
||||||
{{ tpl .Values.admin.affinity . | nindent 8 | trim }}
|
{{ tpl .Values.admin.affinity . | nindent 8 | trim }}
|
||||||
@@ -82,7 +83,7 @@ spec:
|
|||||||
containers:
|
containers:
|
||||||
- name: seaweedfs
|
- name: seaweedfs
|
||||||
image: {{ template "admin.image" . }}
|
image: {{ template "admin.image" . }}
|
||||||
imagePullPolicy: {{ default "IfNotPresent" .Values.global.imagePullPolicy }}
|
imagePullPolicy: {{ default "IfNotPresent" .Values.global.seaweedfs.imagePullPolicy }}
|
||||||
{{- $adminAuthEnabled := or .Values.admin.secret.existingSecret .Values.admin.secret.adminPassword }}
|
{{- $adminAuthEnabled := or .Values.admin.secret.existingSecret .Values.admin.secret.adminPassword }}
|
||||||
{{- $urlPrefix := .Values.admin.urlPrefix }}
|
{{- $urlPrefix := .Values.admin.urlPrefix }}
|
||||||
{{- if and (not $urlPrefix) .Values.admin.ingress.enabled (ne .Values.admin.ingress.path "/") }}
|
{{- if and (not $urlPrefix) .Values.admin.ingress.enabled (ne .Values.admin.ingress.path "/") }}
|
||||||
@@ -123,7 +124,7 @@ spec:
|
|||||||
- name: SEAWEEDFS_FULLNAME
|
- name: SEAWEEDFS_FULLNAME
|
||||||
value: "{{ include "seaweedfs.fullname" . }}"
|
value: "{{ include "seaweedfs.fullname" . }}"
|
||||||
{{- $mergedExtraEnvironmentVars := dict }}
|
{{- $mergedExtraEnvironmentVars := dict }}
|
||||||
{{- include "seaweedfs.mergeExtraEnvironmentVars" (dict "global" .Values.global "component" .Values.admin "target" $mergedExtraEnvironmentVars) }}
|
{{- include "seaweedfs.mergeExtraEnvironmentVars" (dict "global" .Values.global.seaweedfs "component" .Values.admin "target" $mergedExtraEnvironmentVars) }}
|
||||||
{{- range $key := keys $mergedExtraEnvironmentVars | sortAlpha }}
|
{{- range $key := keys $mergedExtraEnvironmentVars | sortAlpha }}
|
||||||
{{- $value := index $mergedExtraEnvironmentVars $key }}
|
{{- $value := index $mergedExtraEnvironmentVars $key }}
|
||||||
- name: {{ $key }}
|
- name: {{ $key }}
|
||||||
@@ -147,7 +148,7 @@ spec:
|
|||||||
{{- if .Values.admin.loggingOverrideLevel }}
|
{{- if .Values.admin.loggingOverrideLevel }}
|
||||||
-v={{ .Values.admin.loggingOverrideLevel }} \
|
-v={{ .Values.admin.loggingOverrideLevel }} \
|
||||||
{{- else }}
|
{{- else }}
|
||||||
-v={{ .Values.global.loggingLevel }} \
|
-v={{ .Values.global.seaweedfs.loggingLevel }} \
|
||||||
{{- end }}
|
{{- end }}
|
||||||
admin \
|
admin \
|
||||||
-port={{ .Values.admin.port }} \
|
-port={{ .Values.admin.port }} \
|
||||||
@@ -159,8 +160,8 @@ spec:
|
|||||||
{{- end }}
|
{{- end }}
|
||||||
{{- if .Values.admin.masters }}
|
{{- if .Values.admin.masters }}
|
||||||
-masters={{ .Values.admin.masters }}{{- if or $urlPrefix .Values.admin.extraArgs }} \{{ end }}
|
-masters={{ .Values.admin.masters }}{{- if or $urlPrefix .Values.admin.extraArgs }} \{{ end }}
|
||||||
{{- else if .Values.global.masterServer }}
|
{{- else if .Values.global.seaweedfs.masterServer }}
|
||||||
-masters={{ .Values.global.masterServer }}{{- if or $urlPrefix .Values.admin.extraArgs }} \{{ end }}
|
-masters={{ .Values.global.seaweedfs.masterServer }}{{- if or $urlPrefix .Values.admin.extraArgs }} \{{ end }}
|
||||||
{{- else }}
|
{{- else }}
|
||||||
-masters={{ range $index := until (.Values.master.replicas | int) }}${SEAWEEDFS_FULLNAME}-master-{{ $index }}.${SEAWEEDFS_FULLNAME}-master.{{ $.Release.Namespace }}:{{ $.Values.master.port }}{{ if lt $index (sub ($.Values.master.replicas | int) 1) }},{{ end }}{{ end }}{{- if or $urlPrefix .Values.admin.extraArgs }} \{{ end }}
|
-masters={{ range $index := until (.Values.master.replicas | int) }}${SEAWEEDFS_FULLNAME}-master-{{ $index }}.${SEAWEEDFS_FULLNAME}-master.{{ $.Release.Namespace }}:{{ $.Values.master.port }}{{ if lt $index (sub ($.Values.master.replicas | int) 1) }},{{ end }}{{ end }}{{- if or $urlPrefix .Values.admin.extraArgs }} \{{ end }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
@@ -179,7 +180,7 @@ spec:
|
|||||||
- name: admin-logs
|
- name: admin-logs
|
||||||
mountPath: /logs
|
mountPath: /logs
|
||||||
{{- end }}
|
{{- end }}
|
||||||
{{- if .Values.global.enableSecurity }}
|
{{- if .Values.global.seaweedfs.enableSecurity }}
|
||||||
- name: security-config
|
- name: security-config
|
||||||
readOnly: true
|
readOnly: true
|
||||||
mountPath: /etc/seaweedfs/security.toml
|
mountPath: /etc/seaweedfs/security.toml
|
||||||
@@ -274,7 +275,7 @@ spec:
|
|||||||
persistentVolumeClaim:
|
persistentVolumeClaim:
|
||||||
claimName: {{ .Values.admin.logs.claimName }}
|
claimName: {{ .Values.admin.logs.claimName }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
{{- if .Values.global.enableSecurity }}
|
{{- if .Values.global.seaweedfs.enableSecurity }}
|
||||||
- name: security-config
|
- name: security-config
|
||||||
configMap:
|
configMap:
|
||||||
name: {{ include "seaweedfs.fullname" . }}-security-config
|
name: {{ include "seaweedfs.fullname" . }}-security-config
|
||||||
|
|||||||
@@ -1,3 +1,4 @@
|
|||||||
|
{{- include "seaweedfs.compat" . -}}
|
||||||
{{- if .Values.allInOne.enabled }}
|
{{- if .Values.allInOne.enabled }}
|
||||||
apiVersion: apps/v1
|
apiVersion: apps/v1
|
||||||
kind: Deployment
|
kind: Deployment
|
||||||
@@ -44,7 +45,7 @@ spec:
|
|||||||
{{- toYaml . | nindent 8 }}
|
{{- toYaml . | nindent 8 }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
spec:
|
spec:
|
||||||
restartPolicy: {{ default .Values.global.restartPolicy .Values.allInOne.restartPolicy }}
|
restartPolicy: {{ default .Values.global.seaweedfs.restartPolicy .Values.allInOne.restartPolicy }}
|
||||||
{{- if .Values.allInOne.affinity }}
|
{{- if .Values.allInOne.affinity }}
|
||||||
affinity:
|
affinity:
|
||||||
{{ tpl .Values.allInOne.affinity . | nindent 8 | trim }}
|
{{ tpl .Values.allInOne.affinity . | nindent 8 | trim }}
|
||||||
@@ -77,10 +78,10 @@ spec:
|
|||||||
containers:
|
containers:
|
||||||
- name: seaweedfs
|
- name: seaweedfs
|
||||||
image: {{ template "master.image" . }}
|
image: {{ template "master.image" . }}
|
||||||
imagePullPolicy: {{ default "IfNotPresent" .Values.global.imagePullPolicy }}
|
imagePullPolicy: {{ default "IfNotPresent" .Values.global.seaweedfs.imagePullPolicy }}
|
||||||
env:
|
env:
|
||||||
{{- /* Determine default cluster alias and the corresponding env var keys to avoid conflicts */}}
|
{{- /* Determine default cluster alias and the corresponding env var keys to avoid conflicts */}}
|
||||||
{{- $envMerged := merge (.Values.global.extraEnvironmentVars | default dict) (.Values.allInOne.extraEnvironmentVars | default dict) }}
|
{{- $envMerged := merge (.Values.global.seaweedfs.extraEnvironmentVars | default dict) (.Values.allInOne.extraEnvironmentVars | default dict) }}
|
||||||
{{- $clusterDefault := default "sw" (index $envMerged "WEED_CLUSTER_DEFAULT") }}
|
{{- $clusterDefault := default "sw" (index $envMerged "WEED_CLUSTER_DEFAULT") }}
|
||||||
{{- $clusterUpper := upper $clusterDefault }}
|
{{- $clusterUpper := upper $clusterDefault }}
|
||||||
{{- $clusterMasterKey := printf "WEED_CLUSTER_%s_MASTER" $clusterUpper }}
|
{{- $clusterMasterKey := printf "WEED_CLUSTER_%s_MASTER" $clusterUpper }}
|
||||||
@@ -112,8 +113,8 @@ spec:
|
|||||||
{{- end }}
|
{{- end }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
{{- if .Values.global.extraEnvironmentVars }}
|
{{- if .Values.global.seaweedfs.extraEnvironmentVars }}
|
||||||
{{- range $key, $value := .Values.global.extraEnvironmentVars }}
|
{{- range $key, $value := .Values.global.seaweedfs.extraEnvironmentVars }}
|
||||||
{{- if and (ne $key $clusterMasterKey) (ne $key $clusterFilerKey) }}
|
{{- if and (ne $key $clusterMasterKey) (ne $key $clusterFilerKey) }}
|
||||||
- name: {{ $key }}
|
- name: {{ $key }}
|
||||||
{{- if kindIs "string" $value }}
|
{{- if kindIs "string" $value }}
|
||||||
@@ -145,7 +146,7 @@ spec:
|
|||||||
{{- if .Values.allInOne.loggingOverrideLevel }}
|
{{- if .Values.allInOne.loggingOverrideLevel }}
|
||||||
-v={{ .Values.allInOne.loggingOverrideLevel }} \
|
-v={{ .Values.allInOne.loggingOverrideLevel }} \
|
||||||
{{- else }}
|
{{- else }}
|
||||||
-v={{ .Values.global.loggingLevel }} \
|
-v={{ .Values.global.seaweedfs.loggingLevel }} \
|
||||||
{{- end }}
|
{{- end }}
|
||||||
server \
|
server \
|
||||||
-dir=/data \
|
-dir=/data \
|
||||||
@@ -176,8 +177,8 @@ spec:
|
|||||||
{{- end }}
|
{{- end }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
-master.port={{ .Values.master.port }} \
|
-master.port={{ .Values.master.port }} \
|
||||||
{{- if .Values.global.enableReplication }}
|
{{- if .Values.global.seaweedfs.enableReplication }}
|
||||||
-master.defaultReplication={{ .Values.global.replicationPlacement }} \
|
-master.defaultReplication={{ .Values.global.seaweedfs.replicationPlacement }} \
|
||||||
{{- else }}
|
{{- else }}
|
||||||
-master.defaultReplication={{ .Values.master.defaultReplication }} \
|
-master.defaultReplication={{ .Values.master.defaultReplication }} \
|
||||||
{{- end }}
|
{{- end }}
|
||||||
@@ -215,8 +216,8 @@ spec:
|
|||||||
-filer.disableDirListing \
|
-filer.disableDirListing \
|
||||||
{{- end }}
|
{{- end }}
|
||||||
-filer.dirListLimit={{ .Values.filer.dirListLimit }} \
|
-filer.dirListLimit={{ .Values.filer.dirListLimit }} \
|
||||||
{{- if .Values.global.enableReplication }}
|
{{- if .Values.global.seaweedfs.enableReplication }}
|
||||||
-filer.defaultReplicaPlacement={{ .Values.global.replicationPlacement }} \
|
-filer.defaultReplicaPlacement={{ .Values.global.seaweedfs.replicationPlacement }} \
|
||||||
{{- else }}
|
{{- else }}
|
||||||
-filer.defaultReplicaPlacement={{ .Values.filer.defaultReplicaPlacement }} \
|
-filer.defaultReplicaPlacement={{ .Values.filer.defaultReplicaPlacement }} \
|
||||||
{{- end }}
|
{{- end }}
|
||||||
@@ -242,7 +243,7 @@ spec:
|
|||||||
{{- if $domainName }}
|
{{- if $domainName }}
|
||||||
-s3.domainName={{ $domainName }} \
|
-s3.domainName={{ $domainName }} \
|
||||||
{{- end }}
|
{{- end }}
|
||||||
{{- if .Values.global.enableSecurity }}
|
{{- if .Values.global.seaweedfs.enableSecurity }}
|
||||||
{{- $httpsPort := .Values.allInOne.s3.httpsPort | default .Values.s3.httpsPort }}
|
{{- $httpsPort := .Values.allInOne.s3.httpsPort | default .Values.s3.httpsPort }}
|
||||||
{{- if $httpsPort }}
|
{{- if $httpsPort }}
|
||||||
-s3.port.https={{ $httpsPort }} \
|
-s3.port.https={{ $httpsPort }} \
|
||||||
@@ -329,7 +330,7 @@ spec:
|
|||||||
mountPath: /etc/seaweedfs/master.toml
|
mountPath: /etc/seaweedfs/master.toml
|
||||||
subPath: master.toml
|
subPath: master.toml
|
||||||
readOnly: true
|
readOnly: true
|
||||||
{{- if .Values.global.enableSecurity }}
|
{{- if .Values.global.seaweedfs.enableSecurity }}
|
||||||
- name: security-config
|
- name: security-config
|
||||||
mountPath: /etc/seaweedfs/security.toml
|
mountPath: /etc/seaweedfs/security.toml
|
||||||
subPath: security.toml
|
subPath: security.toml
|
||||||
@@ -460,7 +461,7 @@ spec:
|
|||||||
- name: master-config
|
- name: master-config
|
||||||
configMap:
|
configMap:
|
||||||
name: {{ include "seaweedfs.fullname" . }}-master-config
|
name: {{ include "seaweedfs.fullname" . }}-master-config
|
||||||
{{- if .Values.global.enableSecurity }}
|
{{- if .Values.global.seaweedfs.enableSecurity }}
|
||||||
- name: security-config
|
- name: security-config
|
||||||
configMap:
|
configMap:
|
||||||
name: {{ include "seaweedfs.fullname" . }}-security-config
|
name: {{ include "seaweedfs.fullname" . }}-security-config
|
||||||
|
|||||||
@@ -1,5 +1,6 @@
|
|||||||
|
{{- include "seaweedfs.compat" . -}}
|
||||||
{{- if .Values.allInOne.enabled }}
|
{{- if .Values.allInOne.enabled }}
|
||||||
{{- if .Values.global.monitoring.enabled }}
|
{{- if .Values.global.seaweedfs.monitoring.enabled }}
|
||||||
apiVersion: monitoring.coreos.com/v1
|
apiVersion: monitoring.coreos.com/v1
|
||||||
kind: ServiceMonitor
|
kind: ServiceMonitor
|
||||||
metadata:
|
metadata:
|
||||||
@@ -11,7 +12,7 @@ metadata:
|
|||||||
app.kubernetes.io/managed-by: {{ .Release.Service }}
|
app.kubernetes.io/managed-by: {{ .Release.Service }}
|
||||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
app.kubernetes.io/component: all-in-one
|
app.kubernetes.io/component: all-in-one
|
||||||
{{- with .Values.global.monitoring.additionalLabels }}
|
{{- with .Values.global.seaweedfs.monitoring.additionalLabels }}
|
||||||
{{- toYaml . | nindent 4 }}
|
{{- toYaml . | nindent 4 }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
spec:
|
spec:
|
||||||
|
|||||||
@@ -1,5 +1,6 @@
|
|||||||
{{- if and .Values.global.enableSecurity (not .Values.certificates.externalCertificates.enabled)}}
|
{{- include "seaweedfs.compat" . -}}
|
||||||
apiVersion: cert-manager.io/v1{{ if .Values.global.certificates.alphacrds }}alpha1{{ end }}
|
{{- if and .Values.global.seaweedfs.enableSecurity (not .Values.certificates.externalCertificates.enabled)}}
|
||||||
|
apiVersion: cert-manager.io/v1{{ if .Values.global.seaweedfs.certificates.alphacrds }}alpha1{{ end }}
|
||||||
kind: Certificate
|
kind: Certificate
|
||||||
metadata:
|
metadata:
|
||||||
name: {{ include "seaweedfs.fullname" . }}-admin-cert
|
name: {{ include "seaweedfs.fullname" . }}-admin-cert
|
||||||
|
|||||||
@@ -1,5 +1,6 @@
|
|||||||
{{- if and .Values.global.enableSecurity (not .Values.certificates.externalCertificates.enabled)}}
|
{{- include "seaweedfs.compat" . -}}
|
||||||
apiVersion: cert-manager.io/v1{{ if .Values.global.certificates.alphacrds }}alpha1{{ end }}
|
{{- if and .Values.global.seaweedfs.enableSecurity (not .Values.certificates.externalCertificates.enabled)}}
|
||||||
|
apiVersion: cert-manager.io/v1{{ if .Values.global.seaweedfs.certificates.alphacrds }}alpha1{{ end }}
|
||||||
kind: Certificate
|
kind: Certificate
|
||||||
metadata:
|
metadata:
|
||||||
name: {{ include "seaweedfs.fullname" . }}-ca-cert
|
name: {{ include "seaweedfs.fullname" . }}-ca-cert
|
||||||
|
|||||||
@@ -1,5 +1,6 @@
|
|||||||
{{- if and .Values.global.enableSecurity (not .Values.certificates.externalCertificates.enabled)}}
|
{{- include "seaweedfs.compat" . -}}
|
||||||
apiVersion: cert-manager.io/v1{{ if .Values.global.certificates.alphacrds }}alpha1{{ end }}
|
{{- if and .Values.global.seaweedfs.enableSecurity (not .Values.certificates.externalCertificates.enabled)}}
|
||||||
|
apiVersion: cert-manager.io/v1{{ if .Values.global.seaweedfs.certificates.alphacrds }}alpha1{{ end }}
|
||||||
kind: Issuer
|
kind: Issuer
|
||||||
metadata:
|
metadata:
|
||||||
name: {{ include "seaweedfs.fullname" . }}-ca-issuer
|
name: {{ include "seaweedfs.fullname" . }}-ca-issuer
|
||||||
|
|||||||
@@ -1,5 +1,6 @@
|
|||||||
{{- if and .Values.global.enableSecurity (not .Values.certificates.externalCertificates.enabled)}}
|
{{- include "seaweedfs.compat" . -}}
|
||||||
apiVersion: cert-manager.io/v1{{ if .Values.global.certificates.alphacrds }}alpha1{{ end }}
|
{{- if and .Values.global.seaweedfs.enableSecurity (not .Values.certificates.externalCertificates.enabled)}}
|
||||||
|
apiVersion: cert-manager.io/v1{{ if .Values.global.seaweedfs.certificates.alphacrds }}alpha1{{ end }}
|
||||||
kind: Issuer
|
kind: Issuer
|
||||||
metadata:
|
metadata:
|
||||||
name: {{ include "seaweedfs.fullname" . }}-issuer
|
name: {{ include "seaweedfs.fullname" . }}-issuer
|
||||||
|
|||||||
@@ -1,5 +1,6 @@
|
|||||||
{{- if and .Values.global.enableSecurity (not .Values.certificates.externalCertificates.enabled)}}
|
{{- include "seaweedfs.compat" . -}}
|
||||||
apiVersion: cert-manager.io/v1{{ if .Values.global.certificates.alphacrds }}alpha1{{ end }}
|
{{- if and .Values.global.seaweedfs.enableSecurity (not .Values.certificates.externalCertificates.enabled)}}
|
||||||
|
apiVersion: cert-manager.io/v1{{ if .Values.global.seaweedfs.certificates.alphacrds }}alpha1{{ end }}
|
||||||
kind: Certificate
|
kind: Certificate
|
||||||
metadata:
|
metadata:
|
||||||
name: {{ include "seaweedfs.fullname" . }}-client-cert
|
name: {{ include "seaweedfs.fullname" . }}-client-cert
|
||||||
|
|||||||
@@ -1,5 +1,6 @@
|
|||||||
{{- if and .Values.global.enableSecurity (not .Values.certificates.externalCertificates.enabled)}}
|
{{- include "seaweedfs.compat" . -}}
|
||||||
apiVersion: cert-manager.io/v1{{ if .Values.global.certificates.alphacrds }}alpha1{{ end }}
|
{{- if and .Values.global.seaweedfs.enableSecurity (not .Values.certificates.externalCertificates.enabled)}}
|
||||||
|
apiVersion: cert-manager.io/v1{{ if .Values.global.seaweedfs.certificates.alphacrds }}alpha1{{ end }}
|
||||||
kind: Certificate
|
kind: Certificate
|
||||||
metadata:
|
metadata:
|
||||||
name: {{ include "seaweedfs.fullname" . }}-filer-cert
|
name: {{ include "seaweedfs.fullname" . }}-filer-cert
|
||||||
|
|||||||
@@ -1,5 +1,6 @@
|
|||||||
{{- if and .Values.global.enableSecurity (not .Values.certificates.externalCertificates.enabled)}}
|
{{- include "seaweedfs.compat" . -}}
|
||||||
apiVersion: cert-manager.io/v1{{ if .Values.global.certificates.alphacrds }}alpha1{{ end }}
|
{{- if and .Values.global.seaweedfs.enableSecurity (not .Values.certificates.externalCertificates.enabled)}}
|
||||||
|
apiVersion: cert-manager.io/v1{{ if .Values.global.seaweedfs.certificates.alphacrds }}alpha1{{ end }}
|
||||||
kind: Certificate
|
kind: Certificate
|
||||||
metadata:
|
metadata:
|
||||||
name: {{ include "seaweedfs.fullname" . }}-master-cert
|
name: {{ include "seaweedfs.fullname" . }}-master-cert
|
||||||
|
|||||||
@@ -1,5 +1,6 @@
|
|||||||
{{- if and .Values.global.enableSecurity (not .Values.certificates.externalCertificates.enabled)}}
|
{{- include "seaweedfs.compat" . -}}
|
||||||
apiVersion: cert-manager.io/v1{{ if .Values.global.certificates.alphacrds }}alpha1{{ end }}
|
{{- if and .Values.global.seaweedfs.enableSecurity (not .Values.certificates.externalCertificates.enabled)}}
|
||||||
|
apiVersion: cert-manager.io/v1{{ if .Values.global.seaweedfs.certificates.alphacrds }}alpha1{{ end }}
|
||||||
kind: Certificate
|
kind: Certificate
|
||||||
metadata:
|
metadata:
|
||||||
name: {{ include "seaweedfs.fullname" . }}-volume-cert
|
name: {{ include "seaweedfs.fullname" . }}-volume-cert
|
||||||
|
|||||||
@@ -1,5 +1,6 @@
|
|||||||
{{- if and .Values.global.enableSecurity (not .Values.certificates.externalCertificates.enabled)}}
|
{{- include "seaweedfs.compat" . -}}
|
||||||
apiVersion: cert-manager.io/v1{{ if .Values.global.certificates.alphacrds }}alpha1{{ end }}
|
{{- if and .Values.global.seaweedfs.enableSecurity (not .Values.certificates.externalCertificates.enabled)}}
|
||||||
|
apiVersion: cert-manager.io/v1{{ if .Values.global.seaweedfs.certificates.alphacrds }}alpha1{{ end }}
|
||||||
kind: Certificate
|
kind: Certificate
|
||||||
metadata:
|
metadata:
|
||||||
name: {{ include "seaweedfs.fullname" . }}-worker-cert
|
name: {{ include "seaweedfs.fullname" . }}-worker-cert
|
||||||
|
|||||||
@@ -1,3 +1,4 @@
|
|||||||
|
{{- include "seaweedfs.compat" . -}}
|
||||||
{{- if .Values.cosi.enabled }}
|
{{- if .Values.cosi.enabled }}
|
||||||
---
|
---
|
||||||
kind: ClusterRole
|
kind: ClusterRole
|
||||||
@@ -60,7 +61,7 @@ metadata:
|
|||||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
subjects:
|
subjects:
|
||||||
- kind: ServiceAccount
|
- kind: ServiceAccount
|
||||||
name: {{ .Values.global.serviceAccountName }}-objectstorage-provisioner
|
name: {{ .Values.global.seaweedfs.serviceAccountName }}-objectstorage-provisioner
|
||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ .Release.Namespace }}
|
||||||
roleRef:
|
roleRef:
|
||||||
kind: ClusterRole
|
kind: ClusterRole
|
||||||
|
|||||||
@@ -1,3 +1,4 @@
|
|||||||
|
{{- include "seaweedfs.compat" . -}}
|
||||||
{{- if .Values.cosi.enabled }}
|
{{- if .Values.cosi.enabled }}
|
||||||
apiVersion: apps/v1
|
apiVersion: apps/v1
|
||||||
kind: Deployment
|
kind: Deployment
|
||||||
@@ -38,7 +39,7 @@ spec:
|
|||||||
{{- toYaml . | nindent 8 }}
|
{{- toYaml . | nindent 8 }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
spec:
|
spec:
|
||||||
restartPolicy: {{ default .Values.global.restartPolicy .Values.cosi.restartPolicy }}
|
restartPolicy: {{ default .Values.global.seaweedfs.restartPolicy .Values.cosi.restartPolicy }}
|
||||||
{{- if .Values.cosi.affinity }}
|
{{- if .Values.cosi.affinity }}
|
||||||
affinity:
|
affinity:
|
||||||
{{ tpl .Values.cosi.affinity . | nindent 8 | trim }}
|
{{ tpl .Values.cosi.affinity . | nindent 8 | trim }}
|
||||||
@@ -68,7 +69,7 @@ spec:
|
|||||||
containers:
|
containers:
|
||||||
- name: seaweedfs-cosi-driver
|
- name: seaweedfs-cosi-driver
|
||||||
image: "{{ .Values.cosi.image }}"
|
image: "{{ .Values.cosi.image }}"
|
||||||
imagePullPolicy: {{ default "IfNotPresent" .Values.global.imagePullPolicy }}
|
imagePullPolicy: {{ default "IfNotPresent" .Values.global.seaweedfs.imagePullPolicy }}
|
||||||
env:
|
env:
|
||||||
- name: DRIVERNAME
|
- name: DRIVERNAME
|
||||||
value: "{{ .Values.cosi.driverName }}"
|
value: "{{ .Values.cosi.driverName }}"
|
||||||
@@ -88,7 +89,7 @@ spec:
|
|||||||
{{- end }}
|
{{- end }}
|
||||||
- name: SEAWEEDFS_FILER
|
- name: SEAWEEDFS_FILER
|
||||||
value: "{{ include "seaweedfs.componentName" (list . "filer") }}:{{ .Values.filer.grpcPort }}"
|
value: "{{ include "seaweedfs.componentName" (list . "filer") }}:{{ .Values.filer.grpcPort }}"
|
||||||
{{- if .Values.global.enableSecurity }}
|
{{- if .Values.global.seaweedfs.enableSecurity }}
|
||||||
- name: WEED_GRPC_CLIENT_KEY
|
- name: WEED_GRPC_CLIENT_KEY
|
||||||
value: /usr/local/share/ca-certificates/client/tls.key
|
value: /usr/local/share/ca-certificates/client/tls.key
|
||||||
- name: WEED_GRPC_CLIENT_CERT
|
- name: WEED_GRPC_CLIENT_CERT
|
||||||
@@ -97,7 +98,7 @@ spec:
|
|||||||
value: /usr/local/share/ca-certificates/client/ca.crt
|
value: /usr/local/share/ca-certificates/client/ca.crt
|
||||||
{{- end }}
|
{{- end }}
|
||||||
{{- $mergedExtraEnvironmentVars := dict }}
|
{{- $mergedExtraEnvironmentVars := dict }}
|
||||||
{{- include "seaweedfs.mergeExtraEnvironmentVars" (dict "global" .Values.global "component" .Values.cosi "target" $mergedExtraEnvironmentVars) }}
|
{{- include "seaweedfs.mergeExtraEnvironmentVars" (dict "global" .Values.global.seaweedfs "component" .Values.cosi "target" $mergedExtraEnvironmentVars) }}
|
||||||
{{- range $key := keys $mergedExtraEnvironmentVars | sortAlpha }}
|
{{- range $key := keys $mergedExtraEnvironmentVars | sortAlpha }}
|
||||||
{{- $value := index $mergedExtraEnvironmentVars $key }}
|
{{- $value := index $mergedExtraEnvironmentVars $key }}
|
||||||
- name: {{ $key }}
|
- name: {{ $key }}
|
||||||
@@ -116,7 +117,7 @@ spec:
|
|||||||
name: config-users
|
name: config-users
|
||||||
readOnly: true
|
readOnly: true
|
||||||
{{- end }}
|
{{- end }}
|
||||||
{{- if .Values.global.enableSecurity }}
|
{{- if .Values.global.seaweedfs.enableSecurity }}
|
||||||
- name: security-config
|
- name: security-config
|
||||||
readOnly: true
|
readOnly: true
|
||||||
mountPath: /etc/seaweedfs/security.toml
|
mountPath: /etc/seaweedfs/security.toml
|
||||||
@@ -144,7 +145,7 @@ spec:
|
|||||||
{{- end }}
|
{{- end }}
|
||||||
- name: seaweedfs-cosi-sidecar
|
- name: seaweedfs-cosi-sidecar
|
||||||
image: "{{ .Values.cosi.sidecar.image }}"
|
image: "{{ .Values.cosi.sidecar.image }}"
|
||||||
imagePullPolicy: {{ default "IfNotPresent" .Values.global.imagePullPolicy }}
|
imagePullPolicy: {{ default "IfNotPresent" .Values.global.seaweedfs.imagePullPolicy }}
|
||||||
args:
|
args:
|
||||||
- {{ printf "--v=%s" (default "5" .Values.cosi.sidecar.logLevel) }}
|
- {{ printf "--v=%s" (default "5" .Values.cosi.sidecar.logLevel) }}
|
||||||
env:
|
env:
|
||||||
@@ -178,7 +179,7 @@ spec:
|
|||||||
secretName: {{ include "seaweedfs.fullname" . }}-s3-secret
|
secretName: {{ include "seaweedfs.fullname" . }}-s3-secret
|
||||||
{{- end }}
|
{{- end }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
{{- if .Values.global.enableSecurity }}
|
{{- if .Values.global.seaweedfs.enableSecurity }}
|
||||||
- name: security-config
|
- name: security-config
|
||||||
configMap:
|
configMap:
|
||||||
name: {{ include "seaweedfs.fullname" . }}-security-config
|
name: {{ include "seaweedfs.fullname" . }}-security-config
|
||||||
|
|||||||
@@ -1,13 +1,14 @@
|
|||||||
|
{{- include "seaweedfs.compat" . -}}
|
||||||
{{- if .Values.cosi.enabled }}
|
{{- if .Values.cosi.enabled }}
|
||||||
apiVersion: v1
|
apiVersion: v1
|
||||||
kind: ServiceAccount
|
kind: ServiceAccount
|
||||||
metadata:
|
metadata:
|
||||||
name: {{ .Values.global.serviceAccountName }}-objectstorage-provisioner
|
name: {{ .Values.global.seaweedfs.serviceAccountName }}-objectstorage-provisioner
|
||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ .Release.Namespace }}
|
||||||
labels:
|
labels:
|
||||||
app.kubernetes.io/name: {{ template "seaweedfs.name" . }}
|
app.kubernetes.io/name: {{ template "seaweedfs.name" . }}
|
||||||
helm.sh/chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
|
helm.sh/chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
|
||||||
app.kubernetes.io/managed-by: {{ .Release.Service }}
|
app.kubernetes.io/managed-by: {{ .Release.Service }}
|
||||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
automountServiceAccountToken: {{ .Values.global.automountServiceAccountToken }}
|
automountServiceAccountToken: {{ .Values.global.seaweedfs.automountServiceAccountToken }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
|
|||||||
@@ -1,6 +1,7 @@
|
|||||||
|
{{- include "seaweedfs.compat" . -}}
|
||||||
{{- if .Values.filer.enabled }}
|
{{- if .Values.filer.enabled }}
|
||||||
{{- if .Values.filer.metricsPort }}
|
{{- if .Values.filer.metricsPort }}
|
||||||
{{- if .Values.global.monitoring.enabled }}
|
{{- if .Values.global.seaweedfs.monitoring.enabled }}
|
||||||
apiVersion: monitoring.coreos.com/v1
|
apiVersion: monitoring.coreos.com/v1
|
||||||
kind: ServiceMonitor
|
kind: ServiceMonitor
|
||||||
metadata:
|
metadata:
|
||||||
@@ -12,7 +13,7 @@ metadata:
|
|||||||
app.kubernetes.io/managed-by: {{ .Release.Service }}
|
app.kubernetes.io/managed-by: {{ .Release.Service }}
|
||||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
app.kubernetes.io/component: filer
|
app.kubernetes.io/component: filer
|
||||||
{{- with .Values.global.monitoring.additionalLabels }}
|
{{- with .Values.global.seaweedfs.monitoring.additionalLabels }}
|
||||||
{{- toYaml . | nindent 4 }}
|
{{- toYaml . | nindent 4 }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
{{- if .Values.filer.annotations }}
|
{{- if .Values.filer.annotations }}
|
||||||
|
|||||||
@@ -1,3 +1,4 @@
|
|||||||
|
{{- include "seaweedfs.compat" . -}}
|
||||||
{{- if .Values.filer.enabled }}
|
{{- if .Values.filer.enabled }}
|
||||||
apiVersion: apps/v1
|
apiVersion: apps/v1
|
||||||
kind: StatefulSet
|
kind: StatefulSet
|
||||||
@@ -56,7 +57,7 @@ spec:
|
|||||||
checksum/s3config: {{ include (print .Template.BasePath "/s3/s3-secret.yaml") . | sha256sum }}
|
checksum/s3config: {{ include (print .Template.BasePath "/s3/s3-secret.yaml") . | sha256sum }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
spec:
|
spec:
|
||||||
restartPolicy: {{ default .Values.global.restartPolicy .Values.filer.restartPolicy }}
|
restartPolicy: {{ default .Values.global.seaweedfs.restartPolicy .Values.filer.restartPolicy }}
|
||||||
{{- if .Values.filer.affinity }}
|
{{- if .Values.filer.affinity }}
|
||||||
affinity:
|
affinity:
|
||||||
{{ tpl .Values.filer.affinity . | nindent 8 | trim }}
|
{{ tpl .Values.filer.affinity . | nindent 8 | trim }}
|
||||||
@@ -86,7 +87,7 @@ spec:
|
|||||||
containers:
|
containers:
|
||||||
- name: seaweedfs
|
- name: seaweedfs
|
||||||
image: {{ template "filer.image" . }}
|
image: {{ template "filer.image" . }}
|
||||||
imagePullPolicy: {{ default "IfNotPresent" .Values.global.imagePullPolicy }}
|
imagePullPolicy: {{ default "IfNotPresent" .Values.global.seaweedfs.imagePullPolicy }}
|
||||||
env:
|
env:
|
||||||
- name: POD_IP
|
- name: POD_IP
|
||||||
valueFrom:
|
valueFrom:
|
||||||
@@ -115,7 +116,7 @@ spec:
|
|||||||
- name: SEAWEEDFS_FULLNAME
|
- name: SEAWEEDFS_FULLNAME
|
||||||
value: "{{ include "seaweedfs.fullname" . }}"
|
value: "{{ include "seaweedfs.fullname" . }}"
|
||||||
{{- $mergedExtraEnvironmentVars := dict }}
|
{{- $mergedExtraEnvironmentVars := dict }}
|
||||||
{{- include "seaweedfs.mergeExtraEnvironmentVars" (dict "global" .Values.global "component" .Values.filer "target" $mergedExtraEnvironmentVars) }}
|
{{- include "seaweedfs.mergeExtraEnvironmentVars" (dict "global" .Values.global.seaweedfs "component" .Values.filer "target" $mergedExtraEnvironmentVars) }}
|
||||||
{{- range $key := keys $mergedExtraEnvironmentVars | sortAlpha }}
|
{{- range $key := keys $mergedExtraEnvironmentVars | sortAlpha }}
|
||||||
{{- $value := index $mergedExtraEnvironmentVars $key }}
|
{{- $value := index $mergedExtraEnvironmentVars $key }}
|
||||||
- name: {{ $key }}
|
- name: {{ $key }}
|
||||||
@@ -145,7 +146,7 @@ spec:
|
|||||||
{{- if .Values.filer.loggingOverrideLevel }}
|
{{- if .Values.filer.loggingOverrideLevel }}
|
||||||
-v={{ .Values.filer.loggingOverrideLevel }} \
|
-v={{ .Values.filer.loggingOverrideLevel }} \
|
||||||
{{- else }}
|
{{- else }}
|
||||||
-v={{ .Values.global.loggingLevel }} \
|
-v={{ .Values.global.seaweedfs.loggingLevel }} \
|
||||||
{{- end }}
|
{{- end }}
|
||||||
filer \
|
filer \
|
||||||
-port={{ .Values.filer.port }} \
|
-port={{ .Values.filer.port }} \
|
||||||
@@ -165,8 +166,8 @@ spec:
|
|||||||
-disableDirListing \
|
-disableDirListing \
|
||||||
{{- end }}
|
{{- end }}
|
||||||
-dirListLimit={{ .Values.filer.dirListLimit }} \
|
-dirListLimit={{ .Values.filer.dirListLimit }} \
|
||||||
{{- if .Values.global.enableReplication }}
|
{{- if .Values.global.seaweedfs.enableReplication }}
|
||||||
-defaultReplicaPlacement={{ .Values.global.replicationPlacement }} \
|
-defaultReplicaPlacement={{ .Values.global.seaweedfs.replicationPlacement }} \
|
||||||
{{- else }}
|
{{- else }}
|
||||||
-defaultReplicaPlacement={{ .Values.filer.defaultReplicaPlacement }} \
|
-defaultReplicaPlacement={{ .Values.filer.defaultReplicaPlacement }} \
|
||||||
{{- end }}
|
{{- end }}
|
||||||
@@ -196,7 +197,7 @@ spec:
|
|||||||
{{- if .Values.filer.s3.domainName }}
|
{{- if .Values.filer.s3.domainName }}
|
||||||
-s3.domainName={{ .Values.filer.s3.domainName }} \
|
-s3.domainName={{ .Values.filer.s3.domainName }} \
|
||||||
{{- end }}
|
{{- end }}
|
||||||
{{- if .Values.global.enableSecurity }}
|
{{- if .Values.global.seaweedfs.enableSecurity }}
|
||||||
{{- if .Values.filer.s3.httpsPort }}
|
{{- if .Values.filer.s3.httpsPort }}
|
||||||
-s3.port.https={{ .Values.filer.s3.httpsPort }} \
|
-s3.port.https={{ .Values.filer.s3.httpsPort }} \
|
||||||
{{- end }}
|
{{- end }}
|
||||||
@@ -233,7 +234,7 @@ spec:
|
|||||||
mountPath: /etc/seaweedfs/notification.toml
|
mountPath: /etc/seaweedfs/notification.toml
|
||||||
subPath: notification.toml
|
subPath: notification.toml
|
||||||
{{- end }}
|
{{- end }}
|
||||||
{{- if .Values.global.enableSecurity }}
|
{{- if .Values.global.seaweedfs.enableSecurity }}
|
||||||
- name: security-config
|
- name: security-config
|
||||||
readOnly: true
|
readOnly: true
|
||||||
mountPath: /etc/seaweedfs/security.toml
|
mountPath: /etc/seaweedfs/security.toml
|
||||||
@@ -273,7 +274,7 @@ spec:
|
|||||||
name: swfs-s3-tls
|
name: swfs-s3-tls
|
||||||
{{- end }}
|
{{- end }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
{{- $isJwtEnabled := or .Values.global.securityConfig.jwtSigning.filerWrite .Values.global.securityConfig.jwtSigning.filerRead }}
|
{{- $isJwtEnabled := or .Values.global.seaweedfs.securityConfig.jwtSigning.filerWrite .Values.global.seaweedfs.securityConfig.jwtSigning.filerRead }}
|
||||||
{{- if .Values.filer.readinessProbe.enabled }}
|
{{- if .Values.filer.readinessProbe.enabled }}
|
||||||
readinessProbe:
|
readinessProbe:
|
||||||
{{- if or $isJwtEnabled .Values.filer.readinessProbe.tcpSocket }}
|
{{- if or $isJwtEnabled .Values.filer.readinessProbe.tcpSocket }}
|
||||||
@@ -367,7 +368,7 @@ spec:
|
|||||||
configMap:
|
configMap:
|
||||||
name: {{ include "seaweedfs.fullname" . }}-notification-config
|
name: {{ include "seaweedfs.fullname" . }}-notification-config
|
||||||
{{- end }}
|
{{- end }}
|
||||||
{{- if .Values.global.enableSecurity }}
|
{{- if .Values.global.seaweedfs.enableSecurity }}
|
||||||
- name: security-config
|
- name: security-config
|
||||||
configMap:
|
configMap:
|
||||||
name: {{ include "seaweedfs.fullname" . }}-security-config
|
name: {{ include "seaweedfs.fullname" . }}-security-config
|
||||||
|
|||||||
@@ -1,6 +1,7 @@
|
|||||||
|
{{- include "seaweedfs.compat" . -}}
|
||||||
{{- if .Values.master.enabled }}
|
{{- if .Values.master.enabled }}
|
||||||
{{- if .Values.master.metricsPort }}
|
{{- if .Values.master.metricsPort }}
|
||||||
{{- if .Values.global.monitoring.enabled }}
|
{{- if .Values.global.seaweedfs.monitoring.enabled }}
|
||||||
apiVersion: monitoring.coreos.com/v1
|
apiVersion: monitoring.coreos.com/v1
|
||||||
kind: ServiceMonitor
|
kind: ServiceMonitor
|
||||||
metadata:
|
metadata:
|
||||||
@@ -12,7 +13,7 @@ metadata:
|
|||||||
app.kubernetes.io/managed-by: {{ .Release.Service }}
|
app.kubernetes.io/managed-by: {{ .Release.Service }}
|
||||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
app.kubernetes.io/component: master
|
app.kubernetes.io/component: master
|
||||||
{{- with .Values.global.monitoring.additionalLabels }}
|
{{- with .Values.global.seaweedfs.monitoring.additionalLabels }}
|
||||||
{{- toYaml . | nindent 4 }}
|
{{- toYaml . | nindent 4 }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
{{- if .Values.master.annotations }}
|
{{- if .Values.master.annotations }}
|
||||||
|
|||||||
@@ -1,3 +1,4 @@
|
|||||||
|
{{- include "seaweedfs.compat" . -}}
|
||||||
{{- if .Values.master.enabled }}
|
{{- if .Values.master.enabled }}
|
||||||
apiVersion: apps/v1
|
apiVersion: apps/v1
|
||||||
kind: StatefulSet
|
kind: StatefulSet
|
||||||
@@ -50,7 +51,7 @@ spec:
|
|||||||
{{- toYaml . | nindent 8 }}
|
{{- toYaml . | nindent 8 }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
spec:
|
spec:
|
||||||
restartPolicy: {{ default .Values.global.restartPolicy .Values.master.restartPolicy }}
|
restartPolicy: {{ default .Values.global.seaweedfs.restartPolicy .Values.master.restartPolicy }}
|
||||||
{{- if .Values.master.affinity }}
|
{{- if .Values.master.affinity }}
|
||||||
affinity:
|
affinity:
|
||||||
{{ tpl .Values.master.affinity . | nindent 8 | trim }}
|
{{ tpl .Values.master.affinity . | nindent 8 | trim }}
|
||||||
@@ -80,7 +81,7 @@ spec:
|
|||||||
containers:
|
containers:
|
||||||
- name: seaweedfs
|
- name: seaweedfs
|
||||||
image: {{ template "master.image" . }}
|
image: {{ template "master.image" . }}
|
||||||
imagePullPolicy: {{ default "IfNotPresent" .Values.global.imagePullPolicy }}
|
imagePullPolicy: {{ default "IfNotPresent" .Values.global.seaweedfs.imagePullPolicy }}
|
||||||
env:
|
env:
|
||||||
- name: POD_IP
|
- name: POD_IP
|
||||||
valueFrom:
|
valueFrom:
|
||||||
@@ -97,7 +98,7 @@ spec:
|
|||||||
- name: SEAWEEDFS_FULLNAME
|
- name: SEAWEEDFS_FULLNAME
|
||||||
value: "{{ include "seaweedfs.fullname" . }}"
|
value: "{{ include "seaweedfs.fullname" . }}"
|
||||||
{{- $mergedExtraEnvironmentVars := dict }}
|
{{- $mergedExtraEnvironmentVars := dict }}
|
||||||
{{- include "seaweedfs.mergeExtraEnvironmentVars" (dict "global" .Values.global "component" .Values.master "target" $mergedExtraEnvironmentVars) }}
|
{{- include "seaweedfs.mergeExtraEnvironmentVars" (dict "global" .Values.global.seaweedfs "component" .Values.master "target" $mergedExtraEnvironmentVars) }}
|
||||||
{{- range $key := keys $mergedExtraEnvironmentVars | sortAlpha }}
|
{{- range $key := keys $mergedExtraEnvironmentVars | sortAlpha }}
|
||||||
{{- $value := index $mergedExtraEnvironmentVars $key }}
|
{{- $value := index $mergedExtraEnvironmentVars $key }}
|
||||||
- name: {{ $key }}
|
- name: {{ $key }}
|
||||||
@@ -121,23 +122,23 @@ spec:
|
|||||||
{{- if .Values.master.loggingOverrideLevel }}
|
{{- if .Values.master.loggingOverrideLevel }}
|
||||||
-v={{ .Values.master.loggingOverrideLevel }} \
|
-v={{ .Values.master.loggingOverrideLevel }} \
|
||||||
{{- else }}
|
{{- else }}
|
||||||
-v={{ .Values.global.loggingLevel }} \
|
-v={{ .Values.global.seaweedfs.loggingLevel }} \
|
||||||
{{- end }}
|
{{- end }}
|
||||||
master \
|
master \
|
||||||
-port={{ .Values.master.port }} \
|
-port={{ .Values.master.port }} \
|
||||||
-mdir=/data \
|
-mdir=/data \
|
||||||
-ip.bind={{ .Values.master.ipBind }} \
|
-ip.bind={{ .Values.master.ipBind }} \
|
||||||
{{- if .Values.global.enableReplication }}
|
{{- if .Values.global.seaweedfs.enableReplication }}
|
||||||
-defaultReplication={{ .Values.global.replicationPlacement }} \
|
-defaultReplication={{ .Values.global.seaweedfs.replicationPlacement }} \
|
||||||
{{- else }}
|
{{- else }}
|
||||||
-defaultReplication={{ .Values.master.defaultReplication }} \
|
-defaultReplication={{ .Values.master.defaultReplication }} \
|
||||||
{{- end }}
|
{{- end }}
|
||||||
{{- if .Values.master.volumePreallocate }}
|
{{- if .Values.master.volumePreallocate }}
|
||||||
-volumePreallocate \
|
-volumePreallocate \
|
||||||
{{- end }}
|
{{- end }}
|
||||||
{{- if .Values.global.monitoring.enabled }}
|
{{- if .Values.global.seaweedfs.monitoring.enabled }}
|
||||||
{{- if and .Values.global.monitoring.gatewayHost .Values.global.monitoring.gatewayPort }}
|
{{- if and .Values.global.seaweedfs.monitoring.gatewayHost .Values.global.seaweedfs.monitoring.gatewayPort }}
|
||||||
-metrics.address="{{ .Values.global.monitoring.gatewayHost }}:{{ .Values.global.monitoring.gatewayPort }}" \
|
-metrics.address="{{ .Values.global.seaweedfs.monitoring.gatewayHost }}:{{ .Values.global.seaweedfs.monitoring.gatewayPort }}" \
|
||||||
{{- if .Values.master.metricsIntervalSec }}
|
{{- if .Values.master.metricsIntervalSec }}
|
||||||
-metrics.intervalSeconds={{ .Values.master.metricsIntervalSec }} \
|
-metrics.intervalSeconds={{ .Values.master.metricsIntervalSec }} \
|
||||||
{{- end }}
|
{{- end }}
|
||||||
@@ -187,7 +188,7 @@ spec:
|
|||||||
readOnly: true
|
readOnly: true
|
||||||
mountPath: /etc/seaweedfs/master.toml
|
mountPath: /etc/seaweedfs/master.toml
|
||||||
subPath: master.toml
|
subPath: master.toml
|
||||||
{{- if .Values.global.enableSecurity }}
|
{{- if .Values.global.seaweedfs.enableSecurity }}
|
||||||
- name: security-config
|
- name: security-config
|
||||||
readOnly: true
|
readOnly: true
|
||||||
mountPath: /etc/seaweedfs/security.toml
|
mountPath: /etc/seaweedfs/security.toml
|
||||||
@@ -212,7 +213,7 @@ spec:
|
|||||||
ports:
|
ports:
|
||||||
- containerPort: {{ .Values.master.port }}
|
- containerPort: {{ .Values.master.port }}
|
||||||
name: swfs-master
|
name: swfs-master
|
||||||
{{- if and .Values.global.monitoring.enabled .Values.master.metricsPort }}
|
{{- if and .Values.global.seaweedfs.monitoring.enabled .Values.master.metricsPort }}
|
||||||
- containerPort: {{ .Values.master.metricsPort }}
|
- containerPort: {{ .Values.master.metricsPort }}
|
||||||
name: metrics
|
name: metrics
|
||||||
{{- end }}
|
{{- end }}
|
||||||
@@ -286,7 +287,7 @@ spec:
|
|||||||
- name: master-config
|
- name: master-config
|
||||||
configMap:
|
configMap:
|
||||||
name: {{ include "seaweedfs.fullname" . }}-master-config
|
name: {{ include "seaweedfs.fullname" . }}-master-config
|
||||||
{{- if .Values.global.enableSecurity }}
|
{{- if .Values.global.seaweedfs.enableSecurity }}
|
||||||
- name: security-config
|
- name: security-config
|
||||||
configMap:
|
configMap:
|
||||||
name: {{ include "seaweedfs.fullname" . }}-security-config
|
name: {{ include "seaweedfs.fullname" . }}-security-config
|
||||||
|
|||||||
@@ -1,3 +1,4 @@
|
|||||||
|
{{- include "seaweedfs.compat" . -}}
|
||||||
{{- if .Values.s3.enabled }}
|
{{- if .Values.s3.enabled }}
|
||||||
apiVersion: apps/v1
|
apiVersion: apps/v1
|
||||||
kind: Deployment
|
kind: Deployment
|
||||||
@@ -42,7 +43,7 @@ spec:
|
|||||||
{{- toYaml . | nindent 8 }}
|
{{- toYaml . | nindent 8 }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
spec:
|
spec:
|
||||||
restartPolicy: {{ default .Values.global.restartPolicy .Values.s3.restartPolicy }}
|
restartPolicy: {{ default .Values.global.seaweedfs.restartPolicy .Values.s3.restartPolicy }}
|
||||||
{{- if .Values.s3.affinity }}
|
{{- if .Values.s3.affinity }}
|
||||||
affinity:
|
affinity:
|
||||||
{{ tpl .Values.s3.affinity . | nindent 8 | trim }}
|
{{ tpl .Values.s3.affinity . | nindent 8 | trim }}
|
||||||
@@ -74,7 +75,7 @@ spec:
|
|||||||
containers:
|
containers:
|
||||||
- name: seaweedfs
|
- name: seaweedfs
|
||||||
image: {{ template "s3.image" . }}
|
image: {{ template "s3.image" . }}
|
||||||
imagePullPolicy: {{ default "IfNotPresent" .Values.global.imagePullPolicy }}
|
imagePullPolicy: {{ default "IfNotPresent" .Values.global.seaweedfs.imagePullPolicy }}
|
||||||
env:
|
env:
|
||||||
- name: POD_IP
|
- name: POD_IP
|
||||||
valueFrom:
|
valueFrom:
|
||||||
@@ -91,7 +92,7 @@ spec:
|
|||||||
- name: SEAWEEDFS_FULLNAME
|
- name: SEAWEEDFS_FULLNAME
|
||||||
value: "{{ include "seaweedfs.fullname" . }}"
|
value: "{{ include "seaweedfs.fullname" . }}"
|
||||||
{{- $mergedExtraEnvironmentVars := dict }}
|
{{- $mergedExtraEnvironmentVars := dict }}
|
||||||
{{- include "seaweedfs.mergeExtraEnvironmentVars" (dict "global" .Values.global "component" .Values.s3 "target" $mergedExtraEnvironmentVars) }}
|
{{- include "seaweedfs.mergeExtraEnvironmentVars" (dict "global" .Values.global.seaweedfs "component" .Values.s3 "target" $mergedExtraEnvironmentVars) }}
|
||||||
{{- range $key := keys $mergedExtraEnvironmentVars | sortAlpha }}
|
{{- range $key := keys $mergedExtraEnvironmentVars | sortAlpha }}
|
||||||
{{- $value := index $mergedExtraEnvironmentVars $key }}
|
{{- $value := index $mergedExtraEnvironmentVars $key }}
|
||||||
- name: {{ $key }}
|
- name: {{ $key }}
|
||||||
@@ -115,7 +116,7 @@ spec:
|
|||||||
{{- if .Values.s3.loggingOverrideLevel }}
|
{{- if .Values.s3.loggingOverrideLevel }}
|
||||||
-v={{ .Values.s3.loggingOverrideLevel }} \
|
-v={{ .Values.s3.loggingOverrideLevel }} \
|
||||||
{{- else }}
|
{{- else }}
|
||||||
-v={{ .Values.global.loggingLevel }} \
|
-v={{ .Values.global.seaweedfs.loggingLevel }} \
|
||||||
{{- end }}
|
{{- end }}
|
||||||
s3 \
|
s3 \
|
||||||
-ip.bind={{ .Values.s3.bindAddress }} \
|
-ip.bind={{ .Values.s3.bindAddress }} \
|
||||||
@@ -123,7 +124,7 @@ spec:
|
|||||||
{{- if .Values.s3.metricsPort }}
|
{{- if .Values.s3.metricsPort }}
|
||||||
-metricsPort {{ .Values.s3.metricsPort }} \
|
-metricsPort {{ .Values.s3.metricsPort }} \
|
||||||
{{- end }}
|
{{- end }}
|
||||||
{{- if .Values.global.enableSecurity }}
|
{{- if .Values.global.seaweedfs.enableSecurity }}
|
||||||
{{- if .Values.s3.httpsPort }}
|
{{- if .Values.s3.httpsPort }}
|
||||||
-port.https={{ .Values.s3.httpsPort }} \
|
-port.https={{ .Values.s3.httpsPort }} \
|
||||||
{{- end }}
|
{{- end }}
|
||||||
@@ -155,7 +156,7 @@ spec:
|
|||||||
name: config-users
|
name: config-users
|
||||||
readOnly: true
|
readOnly: true
|
||||||
{{- end }}
|
{{- end }}
|
||||||
{{- if .Values.global.enableSecurity }}
|
{{- if .Values.global.seaweedfs.enableSecurity }}
|
||||||
- name: security-config
|
- name: security-config
|
||||||
readOnly: true
|
readOnly: true
|
||||||
mountPath: /etc/seaweedfs/security.toml
|
mountPath: /etc/seaweedfs/security.toml
|
||||||
@@ -248,7 +249,7 @@ spec:
|
|||||||
- name: logs
|
- name: logs
|
||||||
emptyDir: {}
|
emptyDir: {}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
{{- if .Values.global.enableSecurity }}
|
{{- if .Values.global.seaweedfs.enableSecurity }}
|
||||||
- name: security-config
|
- name: security-config
|
||||||
configMap:
|
configMap:
|
||||||
name: {{ include "seaweedfs.fullname" . }}-security-config
|
name: {{ include "seaweedfs.fullname" . }}-security-config
|
||||||
|
|||||||
@@ -1,6 +1,7 @@
|
|||||||
|
{{- include "seaweedfs.compat" . -}}
|
||||||
{{- if or .Values.s3.enabled .Values.filer.s3.enabled }}
|
{{- if or .Values.s3.enabled .Values.filer.s3.enabled }}
|
||||||
{{- if .Values.s3.metricsPort }}
|
{{- if .Values.s3.metricsPort }}
|
||||||
{{- if .Values.global.monitoring.enabled }}
|
{{- if .Values.global.seaweedfs.monitoring.enabled }}
|
||||||
apiVersion: monitoring.coreos.com/v1
|
apiVersion: monitoring.coreos.com/v1
|
||||||
kind: ServiceMonitor
|
kind: ServiceMonitor
|
||||||
metadata:
|
metadata:
|
||||||
@@ -12,7 +13,7 @@ metadata:
|
|||||||
app.kubernetes.io/managed-by: {{ .Release.Service }}
|
app.kubernetes.io/managed-by: {{ .Release.Service }}
|
||||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
app.kubernetes.io/component: s3
|
app.kubernetes.io/component: s3
|
||||||
{{- with .Values.global.monitoring.additionalLabels }}
|
{{- with .Values.global.seaweedfs.monitoring.additionalLabels }}
|
||||||
{{- toYaml . | nindent 4 }}
|
{{- toYaml . | nindent 4 }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
{{- if .Values.s3.annotations }}
|
{{- if .Values.s3.annotations }}
|
||||||
|
|||||||
@@ -1,3 +1,4 @@
|
|||||||
|
{{- include "seaweedfs.compat" . -}}
|
||||||
{{- if .Values.sftp.enabled }}
|
{{- if .Values.sftp.enabled }}
|
||||||
apiVersion: apps/v1
|
apiVersion: apps/v1
|
||||||
kind: Deployment
|
kind: Deployment
|
||||||
@@ -42,7 +43,7 @@ spec:
|
|||||||
{{- toYaml . | nindent 8 }}
|
{{- toYaml . | nindent 8 }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
spec:
|
spec:
|
||||||
restartPolicy: {{ default .Values.global.restartPolicy .Values.sftp.restartPolicy }}
|
restartPolicy: {{ default .Values.global.seaweedfs.restartPolicy .Values.sftp.restartPolicy }}
|
||||||
{{- if .Values.sftp.affinity }}
|
{{- if .Values.sftp.affinity }}
|
||||||
affinity:
|
affinity:
|
||||||
{{ tpl .Values.sftp.affinity . | nindent 8 | trim }}
|
{{ tpl .Values.sftp.affinity . | nindent 8 | trim }}
|
||||||
@@ -74,7 +75,7 @@ spec:
|
|||||||
containers:
|
containers:
|
||||||
- name: seaweedfs
|
- name: seaweedfs
|
||||||
image: {{ template "sftp.image" . }}
|
image: {{ template "sftp.image" . }}
|
||||||
imagePullPolicy: {{ default "IfNotPresent" .Values.global.imagePullPolicy }}
|
imagePullPolicy: {{ default "IfNotPresent" .Values.global.seaweedfs.imagePullPolicy }}
|
||||||
env:
|
env:
|
||||||
- name: POD_IP
|
- name: POD_IP
|
||||||
valueFrom:
|
valueFrom:
|
||||||
@@ -91,7 +92,7 @@ spec:
|
|||||||
- name: SEAWEEDFS_FULLNAME
|
- name: SEAWEEDFS_FULLNAME
|
||||||
value: "{{ include "seaweedfs.fullname" . }}"
|
value: "{{ include "seaweedfs.fullname" . }}"
|
||||||
{{- $mergedExtraEnvironmentVars := dict }}
|
{{- $mergedExtraEnvironmentVars := dict }}
|
||||||
{{- include "seaweedfs.mergeExtraEnvironmentVars" (dict "global" .Values.global "component" .Values.sftp "target" $mergedExtraEnvironmentVars) }}
|
{{- include "seaweedfs.mergeExtraEnvironmentVars" (dict "global" .Values.global.seaweedfs "component" .Values.sftp "target" $mergedExtraEnvironmentVars) }}
|
||||||
{{- range $key := keys $mergedExtraEnvironmentVars | sortAlpha }}
|
{{- range $key := keys $mergedExtraEnvironmentVars | sortAlpha }}
|
||||||
{{- $value := index $mergedExtraEnvironmentVars $key }}
|
{{- $value := index $mergedExtraEnvironmentVars $key }}
|
||||||
- name: {{ $key }}
|
- name: {{ $key }}
|
||||||
@@ -115,7 +116,7 @@ spec:
|
|||||||
{{- if .Values.sftp.loggingOverrideLevel }}
|
{{- if .Values.sftp.loggingOverrideLevel }}
|
||||||
-v={{ .Values.sftp.loggingOverrideLevel }} \
|
-v={{ .Values.sftp.loggingOverrideLevel }} \
|
||||||
{{- else }}
|
{{- else }}
|
||||||
-v={{ .Values.global.loggingLevel }} \
|
-v={{ .Values.global.seaweedfs.loggingLevel }} \
|
||||||
{{- end }}
|
{{- end }}
|
||||||
sftp \
|
sftp \
|
||||||
-ip.bind={{ .Values.sftp.bindAddress }} \
|
-ip.bind={{ .Values.sftp.bindAddress }} \
|
||||||
@@ -156,7 +157,7 @@ spec:
|
|||||||
{{- if .Values.sftp.localSocket }}
|
{{- if .Values.sftp.localSocket }}
|
||||||
-localSocket={{ .Values.sftp.localSocket }} \
|
-localSocket={{ .Values.sftp.localSocket }} \
|
||||||
{{- end }}
|
{{- end }}
|
||||||
{{- if .Values.global.enableSecurity }}
|
{{- if .Values.global.seaweedfs.enableSecurity }}
|
||||||
-cert.file=/usr/local/share/ca-certificates/client/tls.crt \
|
-cert.file=/usr/local/share/ca-certificates/client/tls.crt \
|
||||||
-key.file=/usr/local/share/ca-certificates/client/tls.key \
|
-key.file=/usr/local/share/ca-certificates/client/tls.key \
|
||||||
{{- end }}
|
{{- end }}
|
||||||
@@ -175,7 +176,7 @@ spec:
|
|||||||
- mountPath: /etc/sw/ssh
|
- mountPath: /etc/sw/ssh
|
||||||
name: config-ssh
|
name: config-ssh
|
||||||
readOnly: true
|
readOnly: true
|
||||||
{{- if .Values.global.enableSecurity }}
|
{{- if .Values.global.seaweedfs.enableSecurity }}
|
||||||
- name: security-config
|
- name: security-config
|
||||||
readOnly: true
|
readOnly: true
|
||||||
mountPath: /etc/seaweedfs/security.toml
|
mountPath: /etc/seaweedfs/security.toml
|
||||||
@@ -263,7 +264,7 @@ spec:
|
|||||||
- name: logs
|
- name: logs
|
||||||
emptyDir: {}
|
emptyDir: {}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
{{- if .Values.global.enableSecurity }}
|
{{- if .Values.global.seaweedfs.enableSecurity }}
|
||||||
- name: security-config
|
- name: security-config
|
||||||
configMap:
|
configMap:
|
||||||
name: {{ include "seaweedfs.fullname" . }}-security-config
|
name: {{ include "seaweedfs.fullname" . }}-security-config
|
||||||
|
|||||||
@@ -1,6 +1,7 @@
|
|||||||
|
{{- include "seaweedfs.compat" . -}}
|
||||||
{{- if .Values.sftp.enabled }}
|
{{- if .Values.sftp.enabled }}
|
||||||
{{- if .Values.sftp.metricsPort }}
|
{{- if .Values.sftp.metricsPort }}
|
||||||
{{- if .Values.global.monitoring.enabled }}
|
{{- if .Values.global.seaweedfs.monitoring.enabled }}
|
||||||
apiVersion: monitoring.coreos.com/v1
|
apiVersion: monitoring.coreos.com/v1
|
||||||
kind: ServiceMonitor
|
kind: ServiceMonitor
|
||||||
metadata:
|
metadata:
|
||||||
@@ -12,7 +13,7 @@ metadata:
|
|||||||
app.kubernetes.io/managed-by: {{ .Release.Service }}
|
app.kubernetes.io/managed-by: {{ .Release.Service }}
|
||||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
app.kubernetes.io/component: sftp
|
app.kubernetes.io/component: sftp
|
||||||
{{- with .Values.global.monitoring.additionalLabels }}
|
{{- with .Values.global.seaweedfs.monitoring.additionalLabels }}
|
||||||
{{- toYaml . | nindent 4 }}
|
{{- toYaml . | nindent 4 }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
{{- if .Values.sftp.annotations }}
|
{{- if .Values.sftp.annotations }}
|
||||||
|
|||||||
59
k8s/charts/seaweedfs/templates/shared/_compat.tpl
Normal file
59
k8s/charts/seaweedfs/templates/shared/_compat.tpl
Normal file
@@ -0,0 +1,59 @@
|
|||||||
|
{{/*
|
||||||
|
Backward-compatibility shim for the global.* → global.seaweedfs.* migration.
|
||||||
|
|
||||||
|
When the chart is used as a subchart, .Values.global is shared with sibling
|
||||||
|
charts. To avoid namespace pollution, app-specific values were moved under
|
||||||
|
global.seaweedfs.* (and global.registry was renamed to global.imageRegistry).
|
||||||
|
|
||||||
|
If a user still passes the OLD key paths (e.g. --set global.enableSecurity=true),
|
||||||
|
those keys will no longer have defaults in values.yaml, so their mere presence in
|
||||||
|
.Values.global means the user explicitly provided them. This helper merges them
|
||||||
|
into global.seaweedfs.* so the rest of the templates see a single, canonical
|
||||||
|
location.
|
||||||
|
|
||||||
|
The helper mutates .Values.global.seaweedfs in-place via `set` and produces no
|
||||||
|
output. It is idempotent (safe to call more than once in the same render).
|
||||||
|
|
||||||
|
Usage: {{- include "seaweedfs.compat" . -}}
|
||||||
|
*/}}
|
||||||
|
{{- define "seaweedfs.compat" -}}
|
||||||
|
{{- $g := .Values.global -}}
|
||||||
|
{{- $sw := $g.seaweedfs | default dict -}}
|
||||||
|
|
||||||
|
{{/* --- image-related renames --- */}}
|
||||||
|
{{- if hasKey $g "registry" -}}
|
||||||
|
{{- $_ := set $g "imageRegistry" (default $g.imageRegistry $g.registry) -}}
|
||||||
|
{{- end -}}
|
||||||
|
{{- if hasKey $g "repository" -}}
|
||||||
|
{{- $img := $sw.image | default dict -}}
|
||||||
|
{{- $_ := set $img "repository" (default $img.repository $g.repository) -}}
|
||||||
|
{{- $_ := set $sw "image" $img -}}
|
||||||
|
{{- end -}}
|
||||||
|
{{- if hasKey $g "imageName" -}}
|
||||||
|
{{- $img := $sw.image | default dict -}}
|
||||||
|
{{- $_ := set $img "name" (default $img.name $g.imageName) -}}
|
||||||
|
{{- $_ := set $sw "image" $img -}}
|
||||||
|
{{- end -}}
|
||||||
|
|
||||||
|
{{/* --- scalar keys that moved 1:1 under global.seaweedfs --- */}}
|
||||||
|
{{- range $key := list "createClusterRole" "imagePullPolicy" "restartPolicy" "loggingLevel" "enableSecurity" "masterServer" "serviceAccountName" "automountServiceAccountToken" "enableReplication" "replicationPlacement" -}}
|
||||||
|
{{- if hasKey $g $key -}}
|
||||||
|
{{- $_ := set $sw $key (index $g $key) -}}
|
||||||
|
{{- end -}}
|
||||||
|
{{- end -}}
|
||||||
|
|
||||||
|
{{/* --- nested dict keys: deep-merge so partial overrides work --- */}}
|
||||||
|
{{- range $key := list "securityConfig" "certificates" "monitoring" "serviceAccountAnnotations" "extraEnvironmentVars" -}}
|
||||||
|
{{- if hasKey $g $key -}}
|
||||||
|
{{- $old := index $g $key | default dict -}}
|
||||||
|
{{- $new := index $sw $key | default dict -}}
|
||||||
|
{{- if and (kindIs "map" $old) (kindIs "map" $new) -}}
|
||||||
|
{{- $_ := set $sw $key (merge $old $new) -}}
|
||||||
|
{{- else -}}
|
||||||
|
{{- $_ := set $sw $key $old -}}
|
||||||
|
{{- end -}}
|
||||||
|
{{- end -}}
|
||||||
|
{{- end -}}
|
||||||
|
|
||||||
|
{{- $_ := set $g "seaweedfs" $sw -}}
|
||||||
|
{{- end -}}
|
||||||
@@ -143,9 +143,9 @@ Inject extra environment vars in the format key:value, if populated
|
|||||||
|
|
||||||
{{/* Computes the container image name for all components (if they are not overridden) */}}
|
{{/* Computes the container image name for all components (if they are not overridden) */}}
|
||||||
{{- define "common.image" -}}
|
{{- define "common.image" -}}
|
||||||
{{- $registryName := default .Values.image.registry .Values.global.registry | toString -}}
|
{{- $registryName := default .Values.image.registry .Values.global.imageRegistry | toString -}}
|
||||||
{{- $repositoryName := default .Values.image.repository .Values.global.repository | toString -}}
|
{{- $repositoryName := default .Values.image.repository .Values.global.seaweedfs.image.repository | toString -}}
|
||||||
{{- $name := .Values.global.imageName | toString -}}
|
{{- $name := .Values.global.seaweedfs.image.name | toString -}}
|
||||||
{{- $tag := default .Chart.AppVersion .Values.image.tag | toString -}}
|
{{- $tag := default .Chart.AppVersion .Values.image.tag | toString -}}
|
||||||
{{- if .Values.image.repository -}}
|
{{- if .Values.image.repository -}}
|
||||||
{{- $name = $repositoryName -}}
|
{{- $name = $repositoryName -}}
|
||||||
@@ -318,8 +318,8 @@ Generate master server argument value, using global.masterServer if set, otherwi
|
|||||||
Usage: {{ include "seaweedfs.masterServerArg" . }}
|
Usage: {{ include "seaweedfs.masterServerArg" . }}
|
||||||
*/}}
|
*/}}
|
||||||
{{- define "seaweedfs.masterServerArg" -}}
|
{{- define "seaweedfs.masterServerArg" -}}
|
||||||
{{- if .Values.global.masterServer -}}
|
{{- if .Values.global.seaweedfs.masterServer -}}
|
||||||
{{- .Values.global.masterServer -}}
|
{{- .Values.global.seaweedfs.masterServer -}}
|
||||||
{{- else -}}
|
{{- else -}}
|
||||||
{{- include "seaweedfs.masterServers" . -}}
|
{{- include "seaweedfs.masterServers" . -}}
|
||||||
{{- end -}}
|
{{- end -}}
|
||||||
@@ -329,7 +329,7 @@ Usage: {{ include "seaweedfs.masterServerArg" . }}
|
|||||||
Create the name of the service account to use
|
Create the name of the service account to use
|
||||||
*/}}
|
*/}}
|
||||||
{{- define "seaweedfs.serviceAccountName" -}}
|
{{- define "seaweedfs.serviceAccountName" -}}
|
||||||
{{- .Values.global.serviceAccountName | default "seaweedfs" -}}
|
{{- .Values.global.seaweedfs.serviceAccountName | default "seaweedfs" -}}
|
||||||
{{- end -}}
|
{{- end -}}
|
||||||
|
|
||||||
{{/* S3 TLS cert/key arguments, using custom secret if s3.tlsSecret is set */}}
|
{{/* S3 TLS cert/key arguments, using custom secret if s3.tlsSecret is set */}}
|
||||||
|
|||||||
@@ -1,4 +1,5 @@
|
|||||||
{{- if .Values.global.createClusterRole }}
|
{{- include "seaweedfs.compat" . -}}
|
||||||
|
{{- if .Values.global.seaweedfs.createClusterRole }}
|
||||||
#hack for delete pod master after migration
|
#hack for delete pod master after migration
|
||||||
---
|
---
|
||||||
kind: ClusterRole
|
kind: ClusterRole
|
||||||
|
|||||||
@@ -1,10 +1,11 @@
|
|||||||
|
{{- include "seaweedfs.compat" . -}}
|
||||||
{{- /* Support bucket creation for both standalone filer.s3 and allInOne modes */}}
|
{{- /* Support bucket creation for both standalone filer.s3 and allInOne modes */}}
|
||||||
{{- $createBuckets := list }}
|
{{- $createBuckets := list }}
|
||||||
{{- $s3Enabled := false }}
|
{{- $s3Enabled := false }}
|
||||||
{{- $enableAuth := false }}
|
{{- $enableAuth := false }}
|
||||||
{{- $existingConfigSecret := "" }}
|
{{- $existingConfigSecret := "" }}
|
||||||
{{- $bucketsFolder := "/buckets" }}
|
{{- $bucketsFolder := "/buckets" }}
|
||||||
{{- $bucketEnvVars := merge (dict) (.Values.global.extraEnvironmentVars | default dict) }}
|
{{- $bucketEnvVars := merge (dict) (.Values.global.seaweedfs.extraEnvironmentVars | default dict) }}
|
||||||
{{- if .Values.allInOne.enabled }}
|
{{- if .Values.allInOne.enabled }}
|
||||||
{{- $bucketEnvVars = merge (.Values.allInOne.extraEnvironmentVars | default dict) $bucketEnvVars }}
|
{{- $bucketEnvVars = merge (.Values.allInOne.extraEnvironmentVars | default dict) $bucketEnvVars }}
|
||||||
{{- else }}
|
{{- else }}
|
||||||
@@ -68,7 +69,7 @@ spec:
|
|||||||
containers:
|
containers:
|
||||||
- name: post-install-job
|
- name: post-install-job
|
||||||
image: {{ template "master.image" . }}
|
image: {{ template "master.image" . }}
|
||||||
imagePullPolicy: {{ $.Values.global.imagePullPolicy | default "IfNotPresent" }}
|
imagePullPolicy: {{ $.Values.global.seaweedfs.imagePullPolicy | default "IfNotPresent" }}
|
||||||
env:
|
env:
|
||||||
- name: WEED_CLUSTER_DEFAULT
|
- name: WEED_CLUSTER_DEFAULT
|
||||||
value: "sw"
|
value: "sw"
|
||||||
@@ -183,7 +184,7 @@ spec:
|
|||||||
ports:
|
ports:
|
||||||
- containerPort: {{ .Values.master.port }}
|
- containerPort: {{ .Values.master.port }}
|
||||||
name: swfs-master
|
name: swfs-master
|
||||||
{{- if and .Values.global.monitoring.enabled .Values.master.metricsPort }}
|
{{- if and .Values.global.seaweedfs.monitoring.enabled .Values.master.metricsPort }}
|
||||||
- containerPort: {{ .Values.master.metricsPort }}
|
- containerPort: {{ .Values.master.metricsPort }}
|
||||||
name: metrics
|
name: metrics
|
||||||
{{- end }}
|
{{- end }}
|
||||||
|
|||||||
@@ -1,4 +1,5 @@
|
|||||||
{{- if .Values.global.monitoring.enabled }}
|
{{- include "seaweedfs.compat" . -}}
|
||||||
|
{{- if .Values.global.seaweedfs.monitoring.enabled }}
|
||||||
{{- $files := .Files.Glob "dashboards/*.json" }}
|
{{- $files := .Files.Glob "dashboards/*.json" }}
|
||||||
{{- if $files }}
|
{{- if $files }}
|
||||||
{{- range $path, $file := $files }}
|
{{- range $path, $file := $files }}
|
||||||
|
|||||||
@@ -1,4 +1,5 @@
|
|||||||
{{- if .Values.global.enableSecurity }}
|
{{- include "seaweedfs.compat" . -}}
|
||||||
|
{{- if .Values.global.seaweedfs.enableSecurity }}
|
||||||
apiVersion: v1
|
apiVersion: v1
|
||||||
kind: ConfigMap
|
kind: ConfigMap
|
||||||
metadata:
|
metadata:
|
||||||
@@ -21,14 +22,14 @@ data:
|
|||||||
security.toml: |-
|
security.toml: |-
|
||||||
# this file is read by master, volume server, and filer
|
# this file is read by master, volume server, and filer
|
||||||
|
|
||||||
{{- if .Values.global.securityConfig.jwtSigning.volumeWrite }}
|
{{- if .Values.global.seaweedfs.securityConfig.jwtSigning.volumeWrite }}
|
||||||
# the jwt signing key is read by master and volume server
|
# the jwt signing key is read by master and volume server
|
||||||
# a jwt expires in 10 seconds
|
# a jwt expires in 10 seconds
|
||||||
[jwt.signing]
|
[jwt.signing]
|
||||||
key = "{{ dig "jwt" "signing" "key" (randAlphaNum 10 | b64enc) $securityConfig }}"
|
key = "{{ dig "jwt" "signing" "key" (randAlphaNum 10 | b64enc) $securityConfig }}"
|
||||||
{{- end }}
|
{{- end }}
|
||||||
|
|
||||||
{{- if .Values.global.securityConfig.jwtSigning.volumeRead }}
|
{{- if .Values.global.seaweedfs.securityConfig.jwtSigning.volumeRead }}
|
||||||
# this jwt signing key is read by master and volume server, and it is used for read operations:
|
# this jwt signing key is read by master and volume server, and it is used for read operations:
|
||||||
# - the Master server generates the JWT, which can be used to read a certain file on a volume server
|
# - the Master server generates the JWT, which can be used to read a certain file on a volume server
|
||||||
# - the Volume server validates the JWT on reading
|
# - the Volume server validates the JWT on reading
|
||||||
@@ -36,7 +37,7 @@ data:
|
|||||||
key = "{{ dig "jwt" "signing" "read" "key" (randAlphaNum 10 | b64enc) $securityConfig }}"
|
key = "{{ dig "jwt" "signing" "read" "key" (randAlphaNum 10 | b64enc) $securityConfig }}"
|
||||||
{{- end }}
|
{{- end }}
|
||||||
|
|
||||||
{{- if .Values.global.securityConfig.jwtSigning.filerWrite }}
|
{{- if .Values.global.seaweedfs.securityConfig.jwtSigning.filerWrite }}
|
||||||
# If this JWT key is configured, Filer only accepts writes over HTTP if they are signed with this JWT:
|
# If this JWT key is configured, Filer only accepts writes over HTTP if they are signed with this JWT:
|
||||||
# - f.e. the S3 API Shim generates the JWT
|
# - f.e. the S3 API Shim generates the JWT
|
||||||
# - the Filer server validates the JWT on writing
|
# - the Filer server validates the JWT on writing
|
||||||
@@ -45,7 +46,7 @@ data:
|
|||||||
key = "{{ dig "jwt" "filer_signing" "key" (randAlphaNum 10 | b64enc) $securityConfig }}"
|
key = "{{ dig "jwt" "filer_signing" "key" (randAlphaNum 10 | b64enc) $securityConfig }}"
|
||||||
{{- end }}
|
{{- end }}
|
||||||
|
|
||||||
{{- if .Values.global.securityConfig.jwtSigning.filerRead }}
|
{{- if .Values.global.seaweedfs.securityConfig.jwtSigning.filerRead }}
|
||||||
# If this JWT key is configured, Filer only accepts reads over HTTP if they are signed with this JWT:
|
# If this JWT key is configured, Filer only accepts reads over HTTP if they are signed with this JWT:
|
||||||
# - f.e. the S3 API Shim generates the JWT
|
# - f.e. the S3 API Shim generates the JWT
|
||||||
# - the Filer server validates the JWT on reading
|
# - the Filer server validates the JWT on reading
|
||||||
|
|||||||
@@ -1,9 +1,10 @@
|
|||||||
|
{{- include "seaweedfs.compat" . -}}
|
||||||
apiVersion: v1
|
apiVersion: v1
|
||||||
kind: ServiceAccount
|
kind: ServiceAccount
|
||||||
metadata:
|
metadata:
|
||||||
name: {{ include "seaweedfs.serviceAccountName" . }}
|
name: {{ include "seaweedfs.serviceAccountName" . }}
|
||||||
namespace: {{ .Release.Namespace }}
|
namespace: {{ .Release.Namespace }}
|
||||||
{{- with .Values.global.serviceAccountAnnotations }}
|
{{- with .Values.global.seaweedfs.serviceAccountAnnotations }}
|
||||||
annotations:
|
annotations:
|
||||||
{{- toYaml . | nindent 4 }}
|
{{- toYaml . | nindent 4 }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
@@ -12,4 +13,4 @@ metadata:
|
|||||||
helm.sh/chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
|
helm.sh/chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
|
||||||
app.kubernetes.io/managed-by: {{ .Release.Service }}
|
app.kubernetes.io/managed-by: {{ .Release.Service }}
|
||||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
automountServiceAccountToken: {{ .Values.global.automountServiceAccountToken }}
|
automountServiceAccountToken: {{ .Values.global.seaweedfs.automountServiceAccountToken }}
|
||||||
@@ -1,3 +1,4 @@
|
|||||||
|
{{- include "seaweedfs.compat" . -}}
|
||||||
{{ $volumes := deepCopy .Values.volumes | mergeOverwrite (dict "" .Values.volume) }}
|
{{ $volumes := deepCopy .Values.volumes | mergeOverwrite (dict "" .Values.volume) }}
|
||||||
{{- range $vname, $volume := $volumes }}
|
{{- range $vname, $volume := $volumes }}
|
||||||
{{- $volumeName := trimSuffix "-" (printf "volume-%s" $vname) }}
|
{{- $volumeName := trimSuffix "-" (printf "volume-%s" $vname) }}
|
||||||
@@ -5,7 +6,7 @@
|
|||||||
|
|
||||||
{{- if $volume.enabled }}
|
{{- if $volume.enabled }}
|
||||||
{{- if $volume.metricsPort }}
|
{{- if $volume.metricsPort }}
|
||||||
{{- if $.Values.global.monitoring.enabled }}
|
{{- if $.Values.global.seaweedfs.monitoring.enabled }}
|
||||||
---
|
---
|
||||||
apiVersion: monitoring.coreos.com/v1
|
apiVersion: monitoring.coreos.com/v1
|
||||||
kind: ServiceMonitor
|
kind: ServiceMonitor
|
||||||
@@ -18,7 +19,7 @@ metadata:
|
|||||||
app.kubernetes.io/managed-by: {{ $.Release.Service }}
|
app.kubernetes.io/managed-by: {{ $.Release.Service }}
|
||||||
app.kubernetes.io/instance: {{ $.Release.Name }}
|
app.kubernetes.io/instance: {{ $.Release.Name }}
|
||||||
app.kubernetes.io/component: {{ $volumeName }}
|
app.kubernetes.io/component: {{ $volumeName }}
|
||||||
{{- with $.Values.global.monitoring.additionalLabels }}
|
{{- with $.Values.global.seaweedfs.monitoring.additionalLabels }}
|
||||||
{{- toYaml . | nindent 4 }}
|
{{- toYaml . | nindent 4 }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
{{- with $volume.annotations }}
|
{{- with $volume.annotations }}
|
||||||
|
|||||||
@@ -1,3 +1,4 @@
|
|||||||
|
{{- include "seaweedfs.compat" . -}}
|
||||||
{{ $volumes := deepCopy .Values.volumes | mergeOverwrite (dict "" .Values.volume) }}
|
{{ $volumes := deepCopy .Values.volumes | mergeOverwrite (dict "" .Values.volume) }}
|
||||||
{{- range $vname, $volume := $volumes }}
|
{{- range $vname, $volume := $volumes }}
|
||||||
{{- $volumeName := trimSuffix "-" (printf "volume-%s" $vname) }}
|
{{- $volumeName := trimSuffix "-" (printf "volume-%s" $vname) }}
|
||||||
@@ -58,7 +59,7 @@ spec:
|
|||||||
topologySpreadConstraints:
|
topologySpreadConstraints:
|
||||||
{{ tpl (printf "{{ $volumeName := \"%s\" }}%s" $volumeName $volume.topologySpreadConstraints) $ | nindent 8 | trim }}
|
{{ tpl (printf "{{ $volumeName := \"%s\" }}%s" $volumeName $volume.topologySpreadConstraints) $ | nindent 8 | trim }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
restartPolicy: {{ default $.Values.global.restartPolicy $volume.restartPolicy }}
|
restartPolicy: {{ default $.Values.global.seaweedfs.restartPolicy $volume.restartPolicy }}
|
||||||
{{- if $volume.tolerations }}
|
{{- if $volume.tolerations }}
|
||||||
tolerations:
|
tolerations:
|
||||||
{{ tpl (printf "{{ $volumeName := \"%s\" }}%s" $volumeName $volume.tolerations) $ | indent 8 | trim }}
|
{{ tpl (printf "{{ $volumeName := \"%s\" }}%s" $volumeName $volume.tolerations) $ | indent 8 | trim }}
|
||||||
@@ -76,7 +77,7 @@ spec:
|
|||||||
{{- if $volume.idx }}
|
{{- if $volume.idx }}
|
||||||
- name: seaweedfs-vol-move-idx
|
- name: seaweedfs-vol-move-idx
|
||||||
image: {{ template "volume.image" $ }}
|
image: {{ template "volume.image" $ }}
|
||||||
imagePullPolicy: {{ $.Values.global.imagePullPolicy | default "IfNotPresent" }}
|
imagePullPolicy: {{ $.Values.global.seaweedfs.imagePullPolicy | default "IfNotPresent" }}
|
||||||
command: [ '/bin/sh', '-c' ]
|
command: [ '/bin/sh', '-c' ]
|
||||||
args: [ '{{range $dir := $volume.dataDirs }}if ls /{{$dir.name}}/*.idx >/dev/null 2>&1; then mv /{{$dir.name}}/*.idx /idx/ ; fi; {{end}}' ]
|
args: [ '{{range $dir := $volume.dataDirs }}if ls /{{$dir.name}}/*.idx >/dev/null 2>&1; then mv /{{$dir.name}}/*.idx /idx/ ; fi; {{end}}' ]
|
||||||
volumeMounts:
|
volumeMounts:
|
||||||
@@ -104,7 +105,7 @@ spec:
|
|||||||
containers:
|
containers:
|
||||||
- name: seaweedfs
|
- name: seaweedfs
|
||||||
image: {{ template "volume.image" $ }}
|
image: {{ template "volume.image" $ }}
|
||||||
imagePullPolicy: {{ default "IfNotPresent" $.Values.global.imagePullPolicy }}
|
imagePullPolicy: {{ default "IfNotPresent" $.Values.global.seaweedfs.imagePullPolicy }}
|
||||||
env:
|
env:
|
||||||
- name: POD_NAME
|
- name: POD_NAME
|
||||||
valueFrom:
|
valueFrom:
|
||||||
@@ -121,7 +122,7 @@ spec:
|
|||||||
- name: SEAWEEDFS_FULLNAME
|
- name: SEAWEEDFS_FULLNAME
|
||||||
value: "{{ include "seaweedfs.fullname" $ }}"
|
value: "{{ include "seaweedfs.fullname" $ }}"
|
||||||
{{- $mergedExtraEnvironmentVars := dict }}
|
{{- $mergedExtraEnvironmentVars := dict }}
|
||||||
{{- include "seaweedfs.mergeExtraEnvironmentVars" (dict "global" $.Values.global "component" $volume "target" $mergedExtraEnvironmentVars) }}
|
{{- include "seaweedfs.mergeExtraEnvironmentVars" (dict "global" $.Values.global.seaweedfs "component" $volume "target" $mergedExtraEnvironmentVars) }}
|
||||||
{{- range $key := keys $mergedExtraEnvironmentVars | sortAlpha }}
|
{{- range $key := keys $mergedExtraEnvironmentVars | sortAlpha }}
|
||||||
{{- $value := index $mergedExtraEnvironmentVars $key }}
|
{{- $value := index $mergedExtraEnvironmentVars $key }}
|
||||||
- name: {{ $key }}
|
- name: {{ $key }}
|
||||||
@@ -145,7 +146,7 @@ spec:
|
|||||||
{{- if $volume.loggingOverrideLevel }}
|
{{- if $volume.loggingOverrideLevel }}
|
||||||
-v={{ $volume.loggingOverrideLevel }} \
|
-v={{ $volume.loggingOverrideLevel }} \
|
||||||
{{- else }}
|
{{- else }}
|
||||||
-v={{ $.Values.global.loggingLevel }} \
|
-v={{ $.Values.global.seaweedfs.loggingLevel }} \
|
||||||
{{- end }}
|
{{- end }}
|
||||||
volume \
|
volume \
|
||||||
-port={{ $volume.port }} \
|
-port={{ $volume.port }} \
|
||||||
@@ -210,7 +211,7 @@ spec:
|
|||||||
- name: idx
|
- name: idx
|
||||||
mountPath: "/idx/"
|
mountPath: "/idx/"
|
||||||
{{- end }}
|
{{- end }}
|
||||||
{{- if $.Values.global.enableSecurity }}
|
{{- if $.Values.global.seaweedfs.enableSecurity }}
|
||||||
- name: security-config
|
- name: security-config
|
||||||
readOnly: true
|
readOnly: true
|
||||||
mountPath: /etc/seaweedfs/security.toml
|
mountPath: /etc/seaweedfs/security.toml
|
||||||
@@ -332,7 +333,7 @@ spec:
|
|||||||
emptyDir: {}
|
emptyDir: {}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
{{- if $.Values.global.enableSecurity }}
|
{{- if $.Values.global.seaweedfs.enableSecurity }}
|
||||||
- name: security-config
|
- name: security-config
|
||||||
configMap:
|
configMap:
|
||||||
name: {{ include "seaweedfs.fullname" $ }}-security-config
|
name: {{ include "seaweedfs.fullname" $ }}-security-config
|
||||||
|
|||||||
@@ -1,3 +1,4 @@
|
|||||||
|
{{- include "seaweedfs.compat" . -}}
|
||||||
{{- if .Values.worker.enabled }}
|
{{- if .Values.worker.enabled }}
|
||||||
{{- if and (not .Values.worker.adminServer) (not .Values.admin.enabled) }}
|
{{- if and (not .Values.worker.adminServer) (not .Values.admin.enabled) }}
|
||||||
{{- fail "worker.adminServer must be set if admin.enabled is false within the same release" -}}
|
{{- fail "worker.adminServer must be set if admin.enabled is false within the same release" -}}
|
||||||
@@ -45,7 +46,7 @@ spec:
|
|||||||
{{- toYaml . | nindent 8 }}
|
{{- toYaml . | nindent 8 }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
spec:
|
spec:
|
||||||
restartPolicy: {{ default .Values.global.restartPolicy .Values.worker.restartPolicy }}
|
restartPolicy: {{ default .Values.global.seaweedfs.restartPolicy .Values.worker.restartPolicy }}
|
||||||
{{- if .Values.worker.affinity }}
|
{{- if .Values.worker.affinity }}
|
||||||
affinity:
|
affinity:
|
||||||
{{ tpl .Values.worker.affinity . | nindent 8 | trim }}
|
{{ tpl .Values.worker.affinity . | nindent 8 | trim }}
|
||||||
@@ -77,7 +78,7 @@ spec:
|
|||||||
containers:
|
containers:
|
||||||
- name: seaweedfs
|
- name: seaweedfs
|
||||||
image: {{ template "worker.image" . }}
|
image: {{ template "worker.image" . }}
|
||||||
imagePullPolicy: {{ default "IfNotPresent" .Values.global.imagePullPolicy }}
|
imagePullPolicy: {{ default "IfNotPresent" .Values.global.seaweedfs.imagePullPolicy }}
|
||||||
env:
|
env:
|
||||||
- name: POD_IP
|
- name: POD_IP
|
||||||
valueFrom:
|
valueFrom:
|
||||||
@@ -94,7 +95,7 @@ spec:
|
|||||||
- name: SEAWEEDFS_FULLNAME
|
- name: SEAWEEDFS_FULLNAME
|
||||||
value: "{{ include "seaweedfs.fullname" . }}"
|
value: "{{ include "seaweedfs.fullname" . }}"
|
||||||
{{- $mergedExtraEnvironmentVars := dict }}
|
{{- $mergedExtraEnvironmentVars := dict }}
|
||||||
{{- include "seaweedfs.mergeExtraEnvironmentVars" (dict "global" .Values.global "component" .Values.worker "target" $mergedExtraEnvironmentVars) }}
|
{{- include "seaweedfs.mergeExtraEnvironmentVars" (dict "global" .Values.global.seaweedfs "component" .Values.worker "target" $mergedExtraEnvironmentVars) }}
|
||||||
{{- range $key := keys $mergedExtraEnvironmentVars | sortAlpha }}
|
{{- range $key := keys $mergedExtraEnvironmentVars | sortAlpha }}
|
||||||
{{- $value := index $mergedExtraEnvironmentVars $key }}
|
{{- $value := index $mergedExtraEnvironmentVars $key }}
|
||||||
- name: {{ $key }}
|
- name: {{ $key }}
|
||||||
@@ -118,7 +119,7 @@ spec:
|
|||||||
{{- if .Values.worker.loggingOverrideLevel }}
|
{{- if .Values.worker.loggingOverrideLevel }}
|
||||||
-v={{ .Values.worker.loggingOverrideLevel }} \
|
-v={{ .Values.worker.loggingOverrideLevel }} \
|
||||||
{{- else }}
|
{{- else }}
|
||||||
-v={{ .Values.global.loggingLevel }} \
|
-v={{ .Values.global.seaweedfs.loggingLevel }} \
|
||||||
{{- end }}
|
{{- end }}
|
||||||
worker \
|
worker \
|
||||||
{{- if .Values.worker.adminServer }}
|
{{- if .Values.worker.adminServer }}
|
||||||
@@ -148,7 +149,7 @@ spec:
|
|||||||
- name: worker-logs
|
- name: worker-logs
|
||||||
mountPath: /logs
|
mountPath: /logs
|
||||||
{{- end }}
|
{{- end }}
|
||||||
{{- if .Values.global.enableSecurity }}
|
{{- if .Values.global.seaweedfs.enableSecurity }}
|
||||||
- name: security-config
|
- name: security-config
|
||||||
readOnly: true
|
readOnly: true
|
||||||
mountPath: /etc/seaweedfs/security.toml
|
mountPath: /etc/seaweedfs/security.toml
|
||||||
@@ -251,7 +252,7 @@ spec:
|
|||||||
persistentVolumeClaim:
|
persistentVolumeClaim:
|
||||||
claimName: {{ .Values.worker.logs.claimName }}
|
claimName: {{ .Values.worker.logs.claimName }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
{{- if .Values.global.enableSecurity }}
|
{{- if .Values.global.seaweedfs.enableSecurity }}
|
||||||
- name: security-config
|
- name: security-config
|
||||||
configMap:
|
configMap:
|
||||||
name: {{ include "seaweedfs.fullname" . }}-security-config
|
name: {{ include "seaweedfs.fullname" . }}-security-config
|
||||||
|
|||||||
@@ -1,6 +1,7 @@
|
|||||||
|
{{- include "seaweedfs.compat" . -}}
|
||||||
{{- if .Values.worker.enabled }}
|
{{- if .Values.worker.enabled }}
|
||||||
{{- if .Values.worker.metricsPort }}
|
{{- if .Values.worker.metricsPort }}
|
||||||
{{- if .Values.global.monitoring.enabled }}
|
{{- if .Values.global.seaweedfs.monitoring.enabled }}
|
||||||
apiVersion: monitoring.coreos.com/v1
|
apiVersion: monitoring.coreos.com/v1
|
||||||
kind: ServiceMonitor
|
kind: ServiceMonitor
|
||||||
metadata:
|
metadata:
|
||||||
@@ -12,7 +13,7 @@ metadata:
|
|||||||
app.kubernetes.io/managed-by: {{ .Release.Service }}
|
app.kubernetes.io/managed-by: {{ .Release.Service }}
|
||||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||||
app.kubernetes.io/component: worker
|
app.kubernetes.io/component: worker
|
||||||
{{- with .Values.global.monitoring.additionalLabels }}
|
{{- with .Values.global.seaweedfs.monitoring.additionalLabels }}
|
||||||
{{- toYaml . | nindent 4 }}
|
{{- toYaml . | nindent 4 }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
{{- with .Values.worker.serviceMonitor.annotations }}
|
{{- with .Values.worker.serviceMonitor.annotations }}
|
||||||
|
|||||||
@@ -1,51 +1,57 @@
|
|||||||
# Available parameters and their default values for the SeaweedFS chart.
|
# Available parameters and their default values for the SeaweedFS chart.
|
||||||
|
|
||||||
global:
|
global:
|
||||||
createClusterRole: true
|
# global.imageRegistry and global.imagePullSecrets are standard Helm conventions
|
||||||
registry: ""
|
# shared across subcharts. See https://helm.sh/docs/chart_template_guide/subcharts_and_globals/
|
||||||
# if repository is set, it overrides the namespace part of imageName
|
imageRegistry: ""
|
||||||
repository: ""
|
|
||||||
imageName: chrislusf/seaweedfs
|
|
||||||
imagePullPolicy: IfNotPresent
|
|
||||||
imagePullSecrets: ""
|
imagePullSecrets: ""
|
||||||
restartPolicy: Always
|
# All app-specific global values are namespaced under global.seaweedfs
|
||||||
loggingLevel: 1
|
# to avoid polluting the shared global namespace when used as a subchart.
|
||||||
enableSecurity: false
|
seaweedfs:
|
||||||
masterServer: null
|
createClusterRole: true
|
||||||
securityConfig:
|
image:
|
||||||
jwtSigning:
|
# if repository is set, it overrides the namespace part of image.name
|
||||||
volumeWrite: true
|
repository: ""
|
||||||
volumeRead: false
|
name: chrislusf/seaweedfs
|
||||||
filerWrite: false
|
imagePullPolicy: IfNotPresent
|
||||||
filerRead: false
|
restartPolicy: Always
|
||||||
# we will use this serviceAccountName for all ClusterRoles/ClusterRoleBindings
|
loggingLevel: 1
|
||||||
serviceAccountName: "seaweedfs"
|
enableSecurity: false
|
||||||
serviceAccountAnnotations: {}
|
masterServer: null
|
||||||
automountServiceAccountToken: true
|
securityConfig:
|
||||||
certificates:
|
jwtSigning:
|
||||||
duration: 87600h
|
volumeWrite: true
|
||||||
renewBefore: 720h
|
volumeRead: false
|
||||||
alphacrds: false
|
filerWrite: false
|
||||||
monitoring:
|
filerRead: false
|
||||||
enabled: false
|
# we will use this serviceAccountName for all ClusterRoles/ClusterRoleBindings
|
||||||
gatewayHost: null
|
serviceAccountName: "seaweedfs"
|
||||||
gatewayPort: null
|
serviceAccountAnnotations: {}
|
||||||
additionalLabels: {}
|
automountServiceAccountToken: true
|
||||||
# if enabled will use global.replicationPlacement and override master & filer defaultReplicaPlacement config
|
certificates:
|
||||||
enableReplication: false
|
duration: 87600h
|
||||||
# replication type is XYZ:
|
renewBefore: 720h
|
||||||
# X number of replica in other data centers
|
alphacrds: false
|
||||||
# Y number of replica in other racks in the same data center
|
monitoring:
|
||||||
# Z number of replica in other servers in the same rack
|
enabled: false
|
||||||
replicationPlacement: "001"
|
gatewayHost: null
|
||||||
extraEnvironmentVars:
|
gatewayPort: null
|
||||||
WEED_CLUSTER_DEFAULT: "sw"
|
additionalLabels: {}
|
||||||
WEED_CLUSTER_SW_MASTER: "{{ include \"seaweedfs.cluster.masterAddress\" . }}"
|
# if enabled will use global.seaweedfs.replicationPlacement and override master & filer defaultReplicaPlacement config
|
||||||
WEED_CLUSTER_SW_FILER: "{{ include \"seaweedfs.cluster.filerAddress\" . }}"
|
enableReplication: false
|
||||||
# WEED_JWT_SIGNING_KEY:
|
# replication type is XYZ:
|
||||||
# secretKeyRef:
|
# X number of replica in other data centers
|
||||||
# name: seaweedfs-signing-key
|
# Y number of replica in other racks in the same data center
|
||||||
# key: signingKey
|
# Z number of replica in other servers in the same rack
|
||||||
|
replicationPlacement: "001"
|
||||||
|
extraEnvironmentVars:
|
||||||
|
WEED_CLUSTER_DEFAULT: "sw"
|
||||||
|
WEED_CLUSTER_SW_MASTER: "{{ include \"seaweedfs.cluster.masterAddress\" . }}"
|
||||||
|
WEED_CLUSTER_SW_FILER: "{{ include \"seaweedfs.cluster.filerAddress\" . }}"
|
||||||
|
# WEED_JWT_SIGNING_KEY:
|
||||||
|
# secretKeyRef:
|
||||||
|
# name: seaweedfs-signing-key
|
||||||
|
# key: signingKey
|
||||||
|
|
||||||
image:
|
image:
|
||||||
registry: ""
|
registry: ""
|
||||||
@@ -932,7 +938,7 @@ s3:
|
|||||||
# instead of the internal self-signed client certificate generated by cert-manager.
|
# instead of the internal self-signed client certificate generated by cert-manager.
|
||||||
# This allows using a publicly trusted certificate (e.g., from Let's Encrypt)
|
# This allows using a publicly trusted certificate (e.g., from Let's Encrypt)
|
||||||
# so that S3 clients don't need to trust the internal CA.
|
# so that S3 clients don't need to trust the internal CA.
|
||||||
# Requires global.enableSecurity to be true.
|
# Requires global.seaweedfs.enableSecurity to be true.
|
||||||
tlsSecret: null
|
tlsSecret: null
|
||||||
metricsPort: 9327
|
metricsPort: 9327
|
||||||
# Iceberg catalog REST port (Apache Iceberg REST Catalog API)
|
# Iceberg catalog REST port (Apache Iceberg REST Catalog API)
|
||||||
@@ -1203,7 +1209,7 @@ admin:
|
|||||||
dataDir: "" # If empty, configuration is kept in memory only
|
dataDir: "" # If empty, configuration is kept in memory only
|
||||||
|
|
||||||
# Master servers to connect to
|
# Master servers to connect to
|
||||||
# If empty, uses global.masterServer or auto-discovers from master statefulset
|
# If empty, uses global.seaweedfs.masterServer or auto-discovers from master statefulset
|
||||||
masters: ""
|
masters: ""
|
||||||
|
|
||||||
# URL path prefix when running behind a reverse proxy under a subdirectory
|
# URL path prefix when running behind a reverse proxy under a subdirectory
|
||||||
|
|||||||
Reference in New Issue
Block a user