diff --git a/README.md b/README.md index ce5989d8..e487f03f 100644 --- a/README.md +++ b/README.md @@ -18,40 +18,42 @@ The following command can be used to install kubenurse with Helm: `helm upgrade #### Configuration settings -| Setting | Description | Default | -| ---------------------------------- | -------------------------------------------------------------------------------------------------------------------- | ----------------------------- | -| daemonset.image.repository | The repository name | `postfinance/kubenurse` | -| daemonset.image.tag | The tag/ version of the image | `v1.4.0` | -| daemonset.podLabels | Additional labels to be added to the pods of the daemonset | `[]` | -| daemonset.podAnnotations | Additional annotations to be added to the pods of the daemonset | `[]` | -| daemonset.podSecurityContext | The security context of the daemonset | `{}` | -| daemonset.containerSecurityContext | The security context of the containers within the pods of the daemonset | `{}` | -| daemonset.tolerations | The tolerations of the daemonset | See Default tolerations below | -| daemonset.dnsConfig | Specifies the DNS parameters of the pods in the daemonset | `{}` | -| daemonset.volumeMounts | Additional volumeMounts to be added to the pods of the daemonset | `[]` | -| daemonset.volumes | Additional volumes to be added to the daemonset | `[]` | -| serviceMonitor.enabled | Adds a ServiceMonitor for use with [Prometheus-operator](https://github.com/prometheus-operator/prometheus-operator) | `false` | -| serviceMonitor.labels | Additional labels to be added to the ServiceMonitor | `{}` | -| serviceAccount.name | The name of the service account which is used | `Release.Name` | -| service.name | The name of service which exposes the kubenurse application | `8080-8080` | -| service.port | The port number of the service | `8080` | -| service.labels | Additional labels to be added to the Service | | -| ingress.enabled | Enable/ Disable the ingress | `true` | -| ingress.className | The classname of the ingress controller (e.g. the nginx ingress controller) | `nginx` | -| ingress.url | The url of the ingress; e.g. kubenurse.westeurope.cloudapp.example.com | `dummy-kubenurse.example.com` | -| insecure | Set `KUBENURSE_INSECURE` environment variable | `true` | -| allow_unschedulable | Sets `KUBENURSE_ALLOW_UNSCHEDULABLE` environment variable | `false` | -| neighbour_filter | Sets `KUBENURSE_NEIGHBOUR_FILTER` environment variable | `app=kubenurse` | -| extra_ca | Sets `KUBENURSE_EXTRA_CA` environment variable | | -| check_api_server_direct | Sets `KUBENURSE_CHECK_API_SERVER_DIRECT` environment variable | `true` | -| check_api_server_dns | Sets `KUBENURSE_CHECK_API_SERVER_DNS` environment variable | `true` | -| check_me_ingress | Sets `KUBENURSE_CHECK_ME_INGRESS` environment variable | `true` | -| check_me_service | Sets `KUBENURSE_CHECK_ME_SERVICE` environment variable | `true` | -| check_neighbourhood | Sets `KUBENURSE_CHECK_NEIGHBOURHOOD` environment variable | `true` | -| check_interval | Sets `KUBENURSE_CHECK_INTERVAL` environment variable | `5s` | -| use_tls | Sets `KUBENURSE_USE_TLS` environment variable | `false` | -| cert_file | Sets `KUBENURSE_CERT_FILE` environment variable | | -| cert_key | Sets `KUBENURSE_CERT_KEY` environment variable | | +| Setting | Description | Default | +|------------------------------------|----------------------------------------------------------------------------------------------------------------------|------------------------------------| +| daemonset.image.repository | The repository name | `postfinance/kubenurse` | +| daemonset.image.tag | The tag/ version of the image | `v1.4.0` | +| daemonset.podLabels | Additional labels to be added to the pods of the daemonset | `[]` | +| daemonset.podAnnotations | Additional annotations to be added to the pods of the daemonset | `[]` | +| daemonset.podSecurityContext | The security context of the daemonset | `{}` | +| daemonset.containerSecurityContext | The security context of the containers within the pods of the daemonset | `{}` | +| daemonset.containerResources | The container resources of the containers within the pods of the daemonset | `{}` | +| daemonset.containerImagePullPolicy | The container image pull policy the pods of the daemonset | `IfNotPresent` | +| daemonset.tolerations | The tolerations of the daemonset | See Default tolerations below | +| daemonset.dnsConfig | Specifies the DNS parameters of the pods in the daemonset | `{}` | +| daemonset.volumeMounts | Additional volumeMounts to be added to the pods of the daemonset | `[]` | +| daemonset.volumes | Additional volumes to be added to the daemonset | `[]` | +| serviceMonitor.enabled | Adds a ServiceMonitor for use with [Prometheus-operator](https://github.com/prometheus-operator/prometheus-operator) | `false` | +| serviceMonitor.labels | Additional labels to be added to the ServiceMonitor | `{}` | +| serviceAccount.name | The name of the service account which is used | `Release.Name` | +| service.name | The name of service which exposes the kubenurse application | `8080-8080` | +| service.port | The port number of the service | `8080` | +| service.labels | Additional labels to be added to the Service | | +| ingress.enabled | Enable/ Disable the ingress | `true` | +| ingress.className | The classname of the ingress controller (e.g. the nginx ingress controller) | `nginx` | +| ingress.url | The url of the ingress; e.g. kubenurse.westeurope.cloudapp.example.com | `dummy-kubenurse.example.com` | +| insecure | Set `KUBENURSE_INSECURE` environment variable | `true` | +| allow_unschedulable | Sets `KUBENURSE_ALLOW_UNSCHEDULABLE` environment variable | `false` | +| neighbour_filter | Sets `KUBENURSE_NEIGHBOUR_FILTER` environment variable | `app.kubernetes.io/name=kubenurse` | +| extra_ca | Sets `KUBENURSE_EXTRA_CA` environment variable | | +| check_api_server_direct | Sets `KUBENURSE_CHECK_API_SERVER_DIRECT` environment variable | `true` | +| check_api_server_dns | Sets `KUBENURSE_CHECK_API_SERVER_DNS` environment variable | `true` | +| check_me_ingress | Sets `KUBENURSE_CHECK_ME_INGRESS` environment variable | `true` | +| check_me_service | Sets `KUBENURSE_CHECK_ME_SERVICE` environment variable | `true` | +| check_neighbourhood | Sets `KUBENURSE_CHECK_NEIGHBOURHOOD` environment variable | `true` | +| check_interval | Sets `KUBENURSE_CHECK_INTERVAL` environment variable | `5s` | +| use_tls | Sets `KUBENURSE_USE_TLS` environment variable | `false` | +| cert_file | Sets `KUBENURSE_CERT_FILE` environment variable | | +| cert_key | Sets `KUBENURSE_CERT_KEY` environment variable | | Default tolerations: diff --git a/helm/kubenurse/templates/daemonset.yaml b/helm/kubenurse/templates/daemonset.yaml index 53241710..adc3f8eb 100644 --- a/helm/kubenurse/templates/daemonset.yaml +++ b/helm/kubenurse/templates/daemonset.yaml @@ -38,6 +38,11 @@ spec: {{- if .Values.daemonset.containerSecurityContext -}} {{ toYaml .Values.daemonset.containerSecurityContext | nindent 10 }} {{- end }} + resources: + {{- if .Values.daemonset.containerResources -}} + {{ toYaml .Values.daemonset.containerResources | nindent 10 }} + {{- end }} + imagePullPolicy: {{ .Values.daemonset.containerImagePullPolicy }} env: - name: KUBENURSE_INGRESS_URL value: https://{{ .Values.ingress.url }} @@ -93,6 +98,20 @@ spec: periodSeconds: 3 successThreshold: 1 timeoutSeconds: 1 + livenessProbe: + httpGet: + path: /ready + port: 8080 + scheme: HTTP + failureThreshold: 6 + periodSeconds: 10 + startupProbe: + httpGet: + path: /ready + port: 8080 + scheme: HTTP + failureThreshold: 60 + periodSeconds: 2 volumeMounts: {{- if .Values.daemonset.volumeMounts -}} {{- toYaml .Values.daemonset.volumeMounts | nindent 8 }} diff --git a/helm/kubenurse/values.yaml b/helm/kubenurse/values.yaml index 45a81863..850f01b0 100644 --- a/helm/kubenurse/values.yaml +++ b/helm/kubenurse/values.yaml @@ -7,6 +7,8 @@ daemonset: podAnnotations: {} podSecurityContext: {} containerSecurityContext: {} + containerResources: {} + containerImagePullPolicy: IfNotPresent tolerations: - effect: NoSchedule key: node-role.kubernetes.io/master