-
Notifications
You must be signed in to change notification settings - Fork 171
/
zarf.yaml
182 lines (155 loc) · 5.79 KB
/
zarf.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
kind: ZarfPackageConfig
metadata:
name: init-package-zarf-registry
variables:
- name: REGISTRY_EXISTING_PVC
description: "Optional: Use an existing PVC for the registry instead of creating a new one. If this is set, the REGISTRY_PVC_SIZE variable will be ignored."
default: ""
- name: REGISTRY_PVC_ENABLED
description: Toggle the creation and use of a PVC off/on
default: "true"
- name: REGISTRY_PVC_SIZE
description: The size of the persistent volume claim for the registry
default: 20Gi
- name: REGISTRY_PVC_ACCESS_MODE
description: The access mode of the persistent volume claim for the registry
default: ReadWriteOnce
- name: REGISTRY_CPU_REQ
description: The CPU request for the registry
default: 100m
- name: REGISTRY_MEM_REQ
description: The memory request for the registry
default: 256Mi
- name: REGISTRY_CPU_LIMIT
description: The CPU limit for the registry
default: "3"
- name: REGISTRY_MEM_LIMIT
description: The memory limit for the registry
default: "2Gi"
- name: REGISTRY_HPA_MIN
description: The minimum number of registry replicas
default: "1"
- name: REGISTRY_HPA_MAX
description: The maximum number of registry replicas
default: "5"
- name: REGISTRY_HPA_ENABLE
description: Enable the Horizontal Pod Autoscaler for the registry
default: "true"
- name: REGISTRY_CA_BUNDLE
description: Filepath to a bundle of trusted certificates to mount into the registry container
default: ""
autoIndent: true
type: file
- name: REGISTRY_EXTRA_ENVS
description: Array of additional environment variables passed to the registry container
default: ""
autoIndent: true
- name: REGISTRY_CREATE_SERVICE_ACCOUNT
description: Toggle the creation of a new service account for the registry
default: "false"
- name: REGISTRY_SERVICE_ACCOUNT_NAME
description: The name of the service account to use. If not set and create is true, a name is generated using fullname template
default: ""
- name: REGISTRY_SERVICE_ACCOUNT_ANNOTATIONS
description: Map of annotations to add to the created service account
default: ""
autoIndent: true
- name: REGISTRY_AFFINITY_ENABLE
description: Enable pod affinity for the registry
default: "true"
- name: REGISTRY_AFFINITY_CUSTOM
description: Custom pod affinity yaml block for the registry
default: ""
autoIndent: true
- name: REGISTRY_TOLERATIONS
description: Custom tolerations array for the registry
default: ""
autoIndent: true
- name: REGISTRY_HPA_AUTO_SIZE
description: Enable to set min and max replicas based on amount of nodes
default: "false"
- name: REGISTRY_HPA_TARGET_CPU
description: The target CPU utilization percentage for the registry
default: "80"
constants:
- name: REGISTRY_IMAGE
value: "###ZARF_PKG_TMPL_REGISTRY_IMAGE###"
- name: REGISTRY_IMAGE_TAG
value: "###ZARF_PKG_TMPL_REGISTRY_IMAGE_TAG###"
components:
- name: zarf-injector
description: |
Bootstraps a Kubernetes cluster by cloning a running pod in the cluster and hosting the registry image.
Removed and destroyed after the Zarf Registry is self-hosting the registry image.
required: true
only:
cluster:
architecture: amd64
files:
# Rust Injector Binary
- source: https://zarf-public.s3-us-gov-west-1.amazonaws.com/injector/###ZARF_PKG_TMPL_INJECTOR_VERSION###/zarf-injector-amd64
target: "###ZARF_TEMP###/zarf-injector"
shasum: "###ZARF_PKG_TMPL_INJECTOR_AMD64_SHASUM###"
executable: true
- name: zarf-injector
description: |
Bootstraps a Kubernetes cluster by cloning a running pod in the cluster and hosting the registry image.
Removed and destroyed after the Zarf Registry is self-hosting the registry image.
required: true
only:
cluster:
architecture: arm64
files:
# Rust Injector Binary
- source: https://zarf-public.s3-us-gov-west-1.amazonaws.com/injector/###ZARF_PKG_TMPL_INJECTOR_VERSION###/zarf-injector-arm64
target: "###ZARF_TEMP###/zarf-injector"
shasum: "###ZARF_PKG_TMPL_INJECTOR_ARM64_SHASUM###"
executable: true
- name: zarf-seed-registry
description: |
Deploys the Zarf Registry using the registry image provided by the Zarf Injector.
charts:
- name: docker-registry
releaseName: zarf-docker-registry
localPath: chart
version: 1.0.0
namespace: zarf
valuesFiles:
- registry-values.yaml
- registry-values-seed.yaml
images:
# The seed image (or images) that will be injected (see zarf-config.toml)
- "###ZARF_PKG_TMPL_REGISTRY_IMAGE_DOMAIN######ZARF_PKG_TMPL_REGISTRY_IMAGE###:###ZARF_PKG_TMPL_REGISTRY_IMAGE_TAG###"
- name: zarf-registry
description: |
Updates the Zarf Registry to use the self-hosted registry image.
Serves as the primary docker registry for the cluster.
manifests:
- name: registry-connect
namespace: zarf
files:
- connect.yaml
- name: kep-1755-registry-annotation
namespace: zarf
files:
- configmap.yaml
charts:
- name: docker-registry
releaseName: zarf-docker-registry
localPath: chart
version: 1.0.0
namespace: zarf
valuesFiles:
- registry-values.yaml
images:
# This image (or images) must match that used for injection (see zarf-config.toml)
- "###ZARF_PKG_TMPL_REGISTRY_IMAGE_DOMAIN######ZARF_PKG_TMPL_REGISTRY_IMAGE###:###ZARF_PKG_TMPL_REGISTRY_IMAGE_TAG###"
actions:
onDeploy:
after:
- wait:
cluster:
kind: deployment
namespace: zarf
name: app=docker-registry
condition: Available