diff --git a/stable/ark/.helmignore b/stable/ark/.helmignore new file mode 100644 index 000000000000..f0c131944441 --- /dev/null +++ b/stable/ark/.helmignore @@ -0,0 +1,21 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj diff --git a/stable/ark/Chart.yaml b/stable/ark/Chart.yaml new file mode 100644 index 000000000000..15106f81b3e5 --- /dev/null +++ b/stable/ark/Chart.yaml @@ -0,0 +1,13 @@ +apiVersion: v1 +appVersion: 0.8.2 +description: A Helm chart for ark +name: ark +version: 1.0.0 +home: https://heptio.com/products/#heptio-ark +sources: +- https://github.com/heptio/ark +maintainers: + - name: domcar + email: d-caruso@hotmail.it + - name: unguiculus + email: unguiculus@gmail.com diff --git a/stable/ark/README.md b/stable/ark/README.md new file mode 100644 index 000000000000..ee76f36ad24d --- /dev/null +++ b/stable/ark/README.md @@ -0,0 +1,91 @@ +# Ark-server + +This helm chart install ark version v0.8.1 +https://github.com/heptio/ark/tree/v0.8.1 + +## Premise +In general, Helm cannot install CRDs and resources based on these CRDs in the same Helm chart because CRDs need to be installed before CRD +resources can be created and Helm cannot guarantee the correct ordering for this to work. + +As a workaround, the chart creates a Config resource via post-install hook. +Since resources created by hooks are not managed by Helm, a pre-delete hook removes the Config CRD when the release is deleted. + +At the same time the resources created with the hook are completely transparent to Helm, that is, when you delete the +chart those resources remain there. Hence we need a sencond hook for deleting them (see hook-delete.yaml) + +## ConfigMap customization +Since we want to have a customizable chart it's important that the configmap is a template and not a static file. +To do this we add the keyword `tpl` when reading the file +- {{ (tpl (.Files.Glob "configuration/").AsConfig .) | indent 2 }} + + +## Prerequisites + +### Secret for cloud provider credentials +Ark server needs a IAM service account in order to run, if you don't have it you must create it. +Please follow the official documentation: https://heptio.github.io/ark/v0.8.1/cloud-common + +Don't forget the step to create the secret +``` +kubectl create secret generic cloud-credentials --namespace --from-file cloud=credentials-ark +``` + +### Configuration +Please change the values.yaml according to your setup +See here for the official documentation https://heptio.github.io/ark/v0.8.1/config-definition + +Parameter | Description | Default | Required +--- | --- | --- | --- +`cloudprovider` | Cloud provider | `nil` | yes +`bucket` | Object storage where to store backups | `nil` | yes +`region` | AWS region | `nil` | only if using AWS +`apitimeout` | Api Timeout | `nil` | only if using Azure +`credentials` | Credentials | `nil` | Yes (not required for kube2iam) +`backupSyncPeriod` | How frequently Ark queries the object storage to make sure that the appropriate Backup resources have been created for existing backup files. | `60m` | yes +`gcSyncPeriod` | How frequently Ark queries the object storage to delete backup files that have passed their TTL. | `60m` | yes +`scheduleSyncPeriod` | How frequently Ark checks its Schedule resource objects to see if a backup needs to be initiated | `1m` | yes +`restoreOnlyMode` | When RestoreOnly mode is on, functionality for backups, schedules, and expired backup deletion is turned off. Restores are made from existing backup files in object storage. | `false` | yes +`kubectl.image` | A docker image with kubectl, required by hook-deploy.yaml and hook-delete.yaml | `docker pull claranet/gcloud-kubectl-docker` | yes + +Parameter | Description | Default +--- | --- | --- +`image.repository` | Image repository | `gcr.io/heptio-images/ark` +`image.tag` | Image tag | `v0.8.2` +`image.pullPolicy` | Image pull policy | `IfNotPresent` +`kubectl.image.repository` | Image repository | `gcr.io/heptio-images/ark` +`kubectl.image.tag` | Image tag | `v0.8.2` +`kubectl.image.pullPolicy` | Image pull policy | `IfNotPresent` +`podAnnotations` | Annotations for the Ark server pod | `{}` +`rbac.create` | If true, create and use RBAC resources | `true` +`rbac.server.serviceAccount.create` | Whether a new service account name that the server will use should be created | `true` +`rbac.server.serviceAccount.name` | Service account to be used for the server. If not set and `rbac.server.serviceAccount.create` is `true` a name is generated using the fullname template | `` +`rbac.hook.serviceAccount.create` | Whether a new service account name that the hook will use should be created | `true` +`rbac.hook.serviceAccount.name` | Service account to be used for the server. If not set and `rbac.hook.serviceAccount.create` is `true` a name is generated using the fullname template | `` +`tolerations` | List of node taints to tolerate | `[]` +`nodeSelector` | Node labels for pod assignment | `{}` +`configuration.persistentVolumeProvider.name` | The name of the cloud provider the cluster is using for persistent volumes, if any | `{}` +`configuration.persistentVolumeProvider.config.region` | The cloud provider region (AWS only) | `` +`configuration.persistentVolumeProvider.config.apiTimeout` | The API timeout (Azure only) | +`configuration.backupStorageProvider.nam` | The name of the cloud provider that will be used to actually store the backups (`aws`, `azure`, `gcp`) | `` +`configuration.backupStorageProvider.bucket` | The storage bucket where backups are to be uploaded | `` +`configuration.backupStorageProvider.config.regio`n | The cloud provider region (AWS only) | `` +`configuration.backupStorageProvider.config.s3ForcePathStyle` | Set to `true` for a local storage service like Minio | `` +`configuration.backupStorageProvider.config.s3Url` | S3 url (primarily used for local storage services like Minio) | `` +`configuration.backupStorageProvider.config.kmsKeyId` | KMS key for encryption (AWS only) | `` +`configuration.backupSyncPeriod` | How frequently Ark queries the object storage to make sure that the appropriate Backup resources have been created for existing backup files | `60m` +`configuration.gcSyncPeriod` | How frequently Ark queries the object storage to delete backup files that have passed their TTL | `60m` +`configuration.scheduleSyncPeriod` | How frequently Ark checks its Schedule resource objects to see if a backup needs to be initiated | `1m` +`configuration.resourcePriorities` | An ordered list that describes the order in which Kubernetes resource objects should be restored | `[]` +`configuration.restoreOnlyMode` | When RestoreOnly mode is on, functionality for backups, schedules, and expired backup deletion is turned off. Restores are made from existing backup files in object storage | `false` +`credentials.existingSecret` | If specified and `useSecret` is `true`, uses an existing secret with this name instead of creating one | `` +`credentials.useSecret` | Whether a secret should be used. Set this to `false` when using `kube2iam` | `true` +`credentials.secretContents` | Contents for the credentials secret | `{}` + + +## How to +``` +helm install --name ark --namespace heptio-ark ./ark +``` + +## Remove heptio/ark +Remember that when you remove ark all backups remain untouched diff --git a/stable/ark/templates/NOTES.txt b/stable/ark/templates/NOTES.txt new file mode 100644 index 000000000000..35f02949c7d3 --- /dev/null +++ b/stable/ark/templates/NOTES.txt @@ -0,0 +1,9 @@ +Check that the ark is up and running: + +Check that the secret has been created: + +Once ark server is up and running you need the client before you can use it +1. wget https://github.com/heptio/ark/releases/download/{{ .Values.image.tag }}/ark-{{ .Values.image.tag }}-darwin-amd64.tar.gz +2. tar -xvf ark-{{ .Values.image.tag }}-darwin-amd64.tar.gz -C ark-client + +More info on the official site: https://github.com/heptio/ark#install-client diff --git a/stable/ark/templates/_helpers.tpl b/stable/ark/templates/_helpers.tpl new file mode 100644 index 000000000000..2790ed86a99c --- /dev/null +++ b/stable/ark/templates/_helpers.tpl @@ -0,0 +1,65 @@ +{{/* vim: set filetype=mustache: */}} +{{/* +Expand the name of the chart. +*/}} +{{- define "ark.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "ark.fullname" -}} +{{- if .Values.fullnameOverride -}} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- $name := default .Chart.Name .Values.nameOverride -}} +{{- if contains $name .Release.Name -}} +{{- .Release.Name | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} +{{- end -}} +{{- end -}} +{{- end -}} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "ark.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Create the name of the service account to use for creating or deleting the ark config +*/}} +{{- define "ark.hookServiceAccount" -}} +{{- if .Values.serviceAccount.hook.create -}} + {{ default (printf "%s-%s" (include "ark.fullname" .) "hook") .Values.serviceAccount.hook.name }} +{{- else -}} + {{ default "default" .Values.serviceAccount.hook.name }} +{{- end -}} +{{- end -}} + +{{/* +Create the name of the service account to use for creating or deleting the ark server +*/}} +{{- define "ark.serverServiceAccount" -}} +{{- if .Values.serviceAccount.server.create -}} + {{ default (printf "%s-%s" (include "ark.fullname" .) "server") .Values.serviceAccount.server.name }} +{{- else -}} + {{ default "default" .Values.serviceAccount.server.name }} +{{- end -}} +{{- end -}} + +{{/* +Create the name for the credentials secret. +*/}} +{{- define "ark.secretName" -}} +{{- if .Values.credentials.existingSecret -}} + {{- .Values.credentials.existingSecret -}} +{{- else -}} + {{- template "ark.fullname" . -}} +{{- end -}} +{{- end -}} diff --git a/stable/ark/templates/backups.yaml b/stable/ark/templates/backups.yaml new file mode 100644 index 000000000000..46a5ef5befa7 --- /dev/null +++ b/stable/ark/templates/backups.yaml @@ -0,0 +1,16 @@ +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: backups.ark.heptio.com + labels: + chart: {{ template "ark.chart" . }} + heritage: {{ .Release.Service }} + release: {{ .Release.Name }} + app: {{ template "ark.name" . }} +spec: + group: ark.heptio.com + version: v1 + scope: Namespaced + names: + plural: backups + kind: Backup diff --git a/stable/ark/templates/configmap.yaml b/stable/ark/templates/configmap.yaml new file mode 100644 index 000000000000..7739930089db --- /dev/null +++ b/stable/ark/templates/configmap.yaml @@ -0,0 +1,54 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ template "ark.fullname" . }} + labels: + chart: {{ template "ark.chart" . }} + heritage: {{ .Release.Service }} + release: {{ .Release.Name }} + app: {{ template "ark.name" . }} +data: + ark-config.yaml: | + apiVersion: ark.heptio.com/v1 + kind: Config + metadata: + name: default +{{ with .Values.configuration }} + {{- with .persistentVolumeProvider }} + persistentVolumeProvider: + name: {{ .name }} + {{ with .config }} + config: + {{- with .region }} + region: {{ . }} + {{- end }} + {{- with .apitimeout }} + apiTimeout: {{ . }} + {{- end }} + {{- end }} + {{- end }} + {{- with .backupStorageProvider }} + backupStorageProvider: + name: {{ .name }} + bucket: {{ .bucket }} + {{- with .config }} + config: + {{- with .region }} + region: {{ . }} + {{- end }} + {{- with .s3ForcePathStyle }} + s3ForcePathStyle: {{ . }} + {{- end }} + {{- with .s3Url }} + s3Url: {{ . }} + {{- end }} + {{- with .kmsKeyId }} + kmsKeyId: {{ . }} + {{- end }} + {{- end }} + {{- end }} + backupSyncPeriod: {{ .backupSyncPeriod }} + gcSyncPeriod: {{ .gcSyncPeriod }} + scheduleSyncPeriod: {{ .scheduleSyncPeriod }} + restoreOnlyMode: {{ .restoreOnlyMode }} +{{- end }} diff --git a/stable/ark/templates/configs.yaml b/stable/ark/templates/configs.yaml new file mode 100644 index 000000000000..32925d6c4829 --- /dev/null +++ b/stable/ark/templates/configs.yaml @@ -0,0 +1,16 @@ +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: configs.ark.heptio.com + labels: + chart: {{ template "ark.chart" . }} + heritage: {{ .Release.Service }} + release: {{ .Release.Name }} + app: {{ template "ark.name" . }} +spec: + group: ark.heptio.com + version: v1 + scope: Namespaced + names: + plural: configs + kind: Config diff --git a/stable/ark/templates/deletebackuprequests.yaml b/stable/ark/templates/deletebackuprequests.yaml new file mode 100644 index 000000000000..eb0e0ac1463b --- /dev/null +++ b/stable/ark/templates/deletebackuprequests.yaml @@ -0,0 +1,16 @@ +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: deletebackuprequests.ark.heptio.com + labels: + chart: {{ template "ark.chart" . }} + heritage: {{ .Release.Service }} + release: {{ .Release.Name }} + app: {{ template "ark.name" . }} +spec: + group: ark.heptio.com + version: v1 + scope: Namespaced + names: + plural: deletebackuprequests + kind: DeleteBackupRequest diff --git a/stable/ark/templates/deployment.yaml b/stable/ark/templates/deployment.yaml new file mode 100644 index 000000000000..5be6c46c2498 --- /dev/null +++ b/stable/ark/templates/deployment.yaml @@ -0,0 +1,73 @@ +{{- if and .Values.configuration.backupStorageProvider.name .Values.configuration.backupStorageProvider.bucket -}} +{{- $provider := .Values.configuration.backupStorageProvider.name -}} +apiVersion: apps/v1beta2 +kind: Deployment +metadata: + name: {{ template "ark.fullname" . }} + labels: + release: {{ .Release.Name }} + app: {{ template "ark.name" . }} + chart: {{ template "ark.chart" . }} + heritage: {{ .Release.Service }} +spec: + replicas: 1 + selector: + matchLabels: + release: {{ .Release.Name }} + app: {{ template "ark.name" . }} + template: + metadata: + labels: + release: {{ .Release.Name }} + app: {{ template "ark.name" . }} + {{- with .Values.podAnnotations }} + annotations: +{{ toYaml . | indent 8 }} + {{- end }} + spec: + restartPolicy: Always + serviceAccountName: {{ template "ark.serverServiceAccount" . }} + containers: + - name: ark + image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + command: + - /ark + args: + - server + {{- if eq $provider "azure" }} + envFrom: + - secretRef: + name: {{ template "ark.secretName" . }} + {{- end }} + volumeMounts: + - name: plugins + mountPath: /plugins + {{- if and .Values.credentials.useSecret (or (eq $provider "aws") (eq $provider "gcp")) }} + - name: cloud-credentials + mountPath: /credentials + env: + {{- if eq $provider "aws" }} + - name: AWS_SHARED_CREDENTIALS_FILE + {{- else }} + - name: GOOGLE_APPLICATION_CREDENTIALS + {{- end }} + value: /credentials/cloud + {{- end }} + volumes: + {{- if and .Values.credentials.useSecret (or (eq $provider "aws") (eq $provider "gcp")) }} + - name: cloud-credentials + secret: + secretName: {{ template "ark.secretName" . }} + {{- end }} + - name: plugins + emptyDir: {} + {{- with .Values.nodeSelector }} + nodeSelector: +{{ toYaml . | indent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: +{{ toYaml . | indent 8 }} + {{- end }} +{{- end -}} diff --git a/stable/ark/templates/downloadrequests.yaml b/stable/ark/templates/downloadrequests.yaml new file mode 100644 index 000000000000..740650747b75 --- /dev/null +++ b/stable/ark/templates/downloadrequests.yaml @@ -0,0 +1,16 @@ +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: downloadrequests.ark.heptio.com + labels: + chart: {{ template "ark.chart" . }} + heritage: {{ .Release.Service }} + release: {{ .Release.Name }} + app: {{ template "ark.name" . }} +spec: + group: ark.heptio.com + version: v1 + scope: Namespaced + names: + plural: downloadrequests + kind: DownloadRequest diff --git a/stable/ark/templates/hook-delete.yaml b/stable/ark/templates/hook-delete.yaml new file mode 100644 index 000000000000..b71b5f7a024b --- /dev/null +++ b/stable/ark/templates/hook-delete.yaml @@ -0,0 +1,40 @@ +{{- if and .Values.configuration.backupStorageProvider.name .Values.configuration.backupStorageProvider.bucket -}} +apiVersion: batch/v1 +kind: Job +metadata: + name: {{ template "ark.fullname" . }}-delete-config + labels: + chart: {{ template "ark.chart" . }} + heritage: {{ .Release.Service }} + release: {{ .Release.Name }} + app: {{ template "ark.name" . }} + annotations: + "helm.sh/hook": pre-delete + "helm.sh/hook-delete-policy": hook-succeeded +spec: + template: + metadata: + labels: + release: {{ .Release.Name }} + app: {{ template "ark.name" . }} + spec: + restartPolicy: Never + containers: + - name: delete-ark-config + image: "{{ .Values.kubectl.image.repository }}:{{ .Values.kubectl.image.tag }}" + imagePullPolicy: {{ .Values.kubectl.image.pullPolicy }} + command: + - kubectl + args: + - delete + - -f + - /config + volumeMounts: + - name: ark-config + mountPath: /config + volumes: + - name: ark-config + configMap: + name: {{ template "ark.fullname" . }} + serviceAccountName: {{ template "ark.hookServiceAccount" . }} +{{- end -}} diff --git a/stable/ark/templates/hook-deploy.yaml b/stable/ark/templates/hook-deploy.yaml new file mode 100644 index 000000000000..3916b0ac0d87 --- /dev/null +++ b/stable/ark/templates/hook-deploy.yaml @@ -0,0 +1,40 @@ +{{- if and .Values.configuration.backupStorageProvider.name .Values.configuration.backupStorageProvider.bucket -}} +apiVersion: batch/v1 +kind: Job +metadata: + name: {{ template "ark.fullname" . }}-create-config + labels: + chart: {{ template "ark.chart" . }} + heritage: {{ .Release.Service }} + release: {{ .Release.Name }} + app: {{ template "ark.name" . }} + annotations: + "helm.sh/hook": post-install + "helm.sh/hook-delete-policy": hook-succeeded +spec: + template: + metadata: + labels: + release: {{ .Release.Name }} + app: {{ template "ark.name" . }} + spec: + restartPolicy: Never + containers: + - name: create-ark-config + image: "{{ .Values.kubectl.image.repository }}:{{ .Values.kubectl.image.tag }}" + imagePullPolicy: {{ .Values.kubectl.image.pullPolicy }} + command: + - kubectl + args: + - create + - -f + - /config + volumeMounts: + - name: ark-config + mountPath: /config + volumes: + - name: ark-config + configMap: + name: {{ template "ark.fullname" . }} + serviceAccountName: {{ template "ark.hookServiceAccount" . }} +{{- end -}} diff --git a/stable/ark/templates/rbac.yaml b/stable/ark/templates/rbac.yaml new file mode 100644 index 000000000000..b0a4a33b1763 --- /dev/null +++ b/stable/ark/templates/rbac.yaml @@ -0,0 +1,54 @@ +{{- if .Values.rbac.create }} +apiVersion: rbac.authorization.k8s.io/v1beta1 +kind: ClusterRoleBinding +metadata: + name: {{ template "ark.fullname" . }}-server + labels: + chart: {{ template "ark.chart" . }} + heritage: {{ .Release.Service }} + release: {{ .Release.Name }} + app: {{ template "ark.name" . }} +subjects: + - kind: ServiceAccount + namespace: {{ .Release.Namespace }} + name: {{ template "ark.serverServiceAccount" . }} +roleRef: + kind: ClusterRole + name: cluster-admin + apiGroup: rbac.authorization.k8s.io +--- +apiVersion: rbac.authorization.k8s.io/v1beta1 +kind: ClusterRole +metadata: + name: {{ template "ark.fullname" . }}-hook + labels: + kubernetes.io/bootstrapping: rbac-defaults + chart: {{ template "ark.chart" . }} + heritage: {{ .Release.Service }} + release: {{ .Release.Name }} + app: {{ template "ark.name" . }} + annotations: + rbac.authorization.kubernetes.io/autoupdate: "true" +rules: + - apiGroups: ['ark.heptio.com'] + verbs: ["*"] + resources: ["*"] +--- +apiVersion: rbac.authorization.k8s.io/v1beta1 +kind: ClusterRoleBinding +metadata: + name: {{ template "ark.fullname" . }}-hook + labels: + chart: {{ template "ark.chart" . }} + heritage: {{ .Release.Service }} + release: {{ .Release.Name }} + app: {{ template "ark.name" . }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: {{ template "ark.fullname" . }}-hook +subjects: + - kind: ServiceAccount + name: {{ template "ark.hookServiceAccount" . }} + namespace: {{ .Release.Namespace }} +{{- end }} diff --git a/stable/ark/templates/restores.yaml b/stable/ark/templates/restores.yaml new file mode 100644 index 000000000000..e2a20d4d4eba --- /dev/null +++ b/stable/ark/templates/restores.yaml @@ -0,0 +1,16 @@ +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: restores.ark.heptio.com + labels: + chart: {{ template "ark.chart" . }} + heritage: {{ .Release.Service }} + release: {{ .Release.Name }} + app: {{ template "ark.name" . }} +spec: + group: ark.heptio.com + version: v1 + scope: Namespaced + names: + plural: restores + kind: Restore diff --git a/stable/ark/templates/schedules.yaml b/stable/ark/templates/schedules.yaml new file mode 100644 index 000000000000..52d7bcf53f88 --- /dev/null +++ b/stable/ark/templates/schedules.yaml @@ -0,0 +1,16 @@ +apiVersion: apiextensions.k8s.io/v1beta1 +kind: CustomResourceDefinition +metadata: + name: schedules.ark.heptio.com + labels: + chart: {{ template "ark.chart" . }} + heritage: {{ .Release.Service }} + release: {{ .Release.Name }} + app: {{ template "ark.name" . }} +spec: + group: ark.heptio.com + version: v1 + scope: Namespaced + names: + plural: schedules + kind: Schedule diff --git a/stable/ark/templates/secret.yaml b/stable/ark/templates/secret.yaml new file mode 100644 index 000000000000..596770c2f1a4 --- /dev/null +++ b/stable/ark/templates/secret.yaml @@ -0,0 +1,16 @@ +{{- if and .Values.credentials.useSecret (not .Values.credentials.existingSecret) -}} +apiVersion: v1 +kind: Secret +metadata: + name: {{ template "ark.fullname" . }} + labels: + app: {{ template "ark.name" . }} + chart: {{ template "ark.chart" . }} + heritage: {{ .Release.Service }} + release: {{ .Release.Name }} +type: Opaque +data: +{{- range $key, $value := .Values.credentials.secretContents }} + {{ $key }}: {{ $value | b64enc | quote }} +{{- end }} +{{- end -}} diff --git a/stable/ark/templates/serviceaccount-hook.yaml b/stable/ark/templates/serviceaccount-hook.yaml new file mode 100644 index 000000000000..b47d60d58e18 --- /dev/null +++ b/stable/ark/templates/serviceaccount-hook.yaml @@ -0,0 +1,12 @@ +{{- if .Values.serviceAccount.hook.create }} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ template "ark.hookServiceAccount" . }} + labels: + chart: {{ template "ark.chart" . }} + heritage: {{ .Release.Service }} + release: {{ .Release.Name }} + app: {{ template "ark.name" . }} +{{- end }} + diff --git a/stable/ark/templates/serviceaccount-server.yaml b/stable/ark/templates/serviceaccount-server.yaml new file mode 100644 index 000000000000..2cd0610e06a9 --- /dev/null +++ b/stable/ark/templates/serviceaccount-server.yaml @@ -0,0 +1,11 @@ +{{- if .Values.serviceAccount.server.create }} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ template "ark.serverServiceAccount" . }} + labels: + chart: {{ template "ark.chart" . }} + heritage: {{ .Release.Service }} + release: {{ .Release.Name }} + app: {{ template "ark.name" . }} +{{- end }} diff --git a/stable/ark/values.yaml b/stable/ark/values.yaml new file mode 100644 index 000000000000..c769d03b18b9 --- /dev/null +++ b/stable/ark/values.yaml @@ -0,0 +1,59 @@ +image: + repository: gcr.io/heptio-images/ark + tag: v0.8.2 + pullPolicy: IfNotPresent + +# A docker image with kubectl installed +kubectl: + image: + repository: claranet/gcloud-kubectl-docker + tag: 1.0.0 + pullPolicy: IfNotPresent + +# Only kube2iam: change the AWS_ACCOUNT_ID and HEPTIO_ARK_ROLE_NAME +podAnnotations: {} +# iam.amazonaws.com/role: arn:aws:iam:::role/ + +rbac: + create: true + +serviceAccount: + hook: + create: true + name: + server: + create: true + name: + +tolerations: [] + +nodeSelector: {} + +## Parameters for the ' default' Config resource +## See https://heptio.github.io/ark/v0.8.1/config-definition +configuration: + persistentVolumeProvider: {} + # name: + # config: + # region: + # apiTimeout: + + backupStorageProvider: + name: + bucket: + config: {} + # region: + # s3ForcePathStyle: + # s3Url: + # kmsKeyId: + + backupSyncPeriod: 60m + gcSyncPeriod: 60m + scheduleSyncPeriod: 1m + resourcePriorities: [] + restoreOnlyMode: false + +credentials: + existingSecret: + useSecret: true + secretContents: {}