diff --git a/charts/devtron-essentials/.helmignore b/charts/devtron-essentials/.helmignore new file mode 100644 index 00000000..0e8a0eb3 --- /dev/null +++ b/charts/devtron-essentials/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/charts/devtron-essentials/Chart.lock b/charts/devtron-essentials/Chart.lock new file mode 100644 index 00000000..15a2d96d --- /dev/null +++ b/charts/devtron-essentials/Chart.lock @@ -0,0 +1,45 @@ +dependencies: +- name: keda + repository: https://kedacore.github.io/charts + version: 2.6.0 +- name: rollout + repository: https://helm.devtron.ai + version: 0.14.5 +- name: winter-soldier + repository: https://helm.devtron.ai + version: 0.10.4 +- name: aws-ebs-csi-driver + repository: https://kubernetes-sigs.github.io/aws-ebs-csi-driver + version: 2.17.2 +- name: flagger + repository: https://flagger.app + version: 1.30.0 +- name: metrics-server + repository: https://kubernetes-sigs.github.io/metrics-server + version: 3.10.0 +- name: external-secrets + repository: https://external-secrets.io/ + version: 0.8.1 +- name: kyverno + repository: https://kyverno.github.io/kyverno/ + version: 3.0.0-alpha.2 +- name: aws-load-balancer-controller + repository: https://aws.github.io/eks-charts + version: 1.5.2 +- name: devtron-in-clustercd + repository: https://helm.devtron.ai + version: 0.10.0 +- name: clair + repository: https://helm.devtron.ai + version: 0.1.10 +- name: dt-postgresql + repository: https://devtron-charts.s3.us-east-2.amazonaws.com/charts + version: 5.3.3 +- name: ingress-nginx + repository: https://kubernetes.github.io/ingress-nginx + version: 4.6.1 +- name: cluster-autoscaler + repository: https://kubernetes.github.io/autoscaler/ + version: 9.28.0 +digest: sha256:7ef540a929698985cb5987b4fda6e5222d696e100df6e999b9f9415c648abf93 +generated: "2023-05-16T23:25:21.910799+05:30" diff --git a/charts/devtron-essentials/Chart.yaml b/charts/devtron-essentials/Chart.yaml new file mode 100644 index 00000000..1d9690ce --- /dev/null +++ b/charts/devtron-essentials/Chart.yaml @@ -0,0 +1,92 @@ +apiVersion: v2 +name: devtron +description: A Helm chart for Kubernetes +version: 0.1.0 +maintaintainers: + - name: Kamal Acharya + email: kamal@devtron.ai + +sources: + - https://github.com/kedacore/keda + - https://github.com/devtron-labs/charts/tree/main/charts/rollout + - https://github.com/devtron-labs/charts/tree/main/charts/winter-soldier + - https://github.com/kubernetes-sigs/metrics-server + - https://github.com/kubernetes-sigs/aws-ebs-csi-driver + - https://github.com/fluxcd/flagger/tree/main/charts/flagger + - https://kyverno.github.io/kyverno/ + - https://external-secrets.io/ + - https://helm.devtron.ai + - https://devtron-charts.s3.us-east-2.amazonaws.com/charts + - https://github.com/kubernetes/autoscaler/tree/master/cluster-autoscaler +appVersion: "1.16.0" + +dependencies: +- name: keda + version: "2.6.0" + repository: https://kedacore.github.io/charts + condition: keda.enabled +- name: rollout + version: "0.14.5" + repository: https://helm.devtron.ai + condition: rollout.enabled +- name: winter-soldier + version: "0.10.4" + repository: https://helm.devtron.ai + condition: winter-soldier.enabled +- name: aws-ebs-csi-driver + version: "2.17.2" + repository: https://kubernetes-sigs.github.io/aws-ebs-csi-driver + condition: aws-ebs-csi-driver.enabled +- name: flagger + version: "1.30.0" + repository: https://flagger.app + condition: flagger.enabled +- name: metrics-server + version: "3.10.0" + repository: https://kubernetes-sigs.github.io/metrics-server + condition: metrics-server.enabled +- name: external-secrets + version: "0.8.1" + repository: https://external-secrets.io/ + condition: external-secrets.enabled +- name: kyverno + version: "3.0.0-alpha.2" + repository: https://kyverno.github.io/kyverno/ + condition: kyverno.enabled +- name: aws-load-balancer-controller + version: "1.5.2" + repository: https://aws.github.io/eks-charts + condition: "aws-load-balancer-controller.enabled" +- name: devtron-in-clustercd + version: " 0.10.0" + repository: https://helm.devtron.ai + condition: devtron-in-clustercd.enabled +- name: clair + version: "0.1.10" + repository: https://helm.devtron.ai + condition: clair.enabled +- name: dt-postgresql + version: "5.3.3" + repository: https://devtron-charts.s3.us-east-2.amazonaws.com/charts + condition: dt-postgresql.enabled +- name: ingress-nginx + version: "4.6.1" + repository: https://kubernetes.github.io/ingress-nginx + condition: ingress-nginx.enabled +- name: cluster-autoscaler + version: "9.28.0" + repository: https://kubernetes.github.io/autoscaler/ + condition: cluster-autoscaler.enabled\ +- name: argo-workflow + version: "0.1.4" + repository: https://helm.devtron.ai + condition: argo-workflow.enabled + + + + + + + + + diff --git a/charts/devtron-essentials/readme.md b/charts/devtron-essentials/readme.md new file mode 100644 index 00000000..a7a8afa6 --- /dev/null +++ b/charts/devtron-essentials/readme.md @@ -0,0 +1,56 @@ +# Need of this Chart +While onboarding Devtron there are some essentials and required charts which are need to deployed on the cluster to use Devtron efficiently. So you can deployed this chart in one go. It will remove the extra efforts of deploying multiple charts. You just have to enable and disable the required chart which you want to deploy. + +## Here are the list of charts Devtron essentials chart contain:- + + 1. ### argo-rollouts controller + Argo Rollouts is a Kubernetes controller and set of CRDs which provide advanced deployment capabilities such as blue-green, canary, canary analysis, experimentation, and progressive delivery features to Kubernetes. + 2. ### keda + KEDA is a Kubernetes-based Event Driven Autoscaler. With KEDA, you can drive the scaling of any container in Kubernetes based on the number of events needing to be processed. + + 3. ### metrics-server + Metrics Server is a scalable, efficient source of container resource metrics for Kubernetes built-in autoscaling pipelines. It will help you monitor your application + + 4. ### ESO operator + External Secrets Operator is a Kubernetes operator that integrates external secret management systems like AWS Secrets Manager, HashiCorp Vault etc. + + 5. ### aws load balancer ingress controller + The AWS Load Balancer Controller manages AWS Elastic Load Balancers for a Kubernetes cluster.The controller provisions the following resources: + * Application Load Balancer + * Network Load Balancer + + + 6. ### CSI driver + The Amazon Elastic Block Store (Amazon EBS) Container Storage Interface (CSI) driver allows Amazon Elastic Kubernetes Service (Amazon EKS) clusters to manage the lifecycle of Amazon EBS volumes for persistent volumes. + + 7. ### flagger controller + Flagger is a progressive delivery tool that converts the release process for applications using Kubernetes to automatic operation. + 8. ### kyverno + Kyverno is a Policy Engine for Kubernetes. + Kyverno policies can validate, mutate, generate, and cleanup Kubernetes resources, and verify image signatures and artifacts to help secure the software supply chain + + 9. ### clair + Clair is an open source project which provides a tool to monitor the security of your containers through the static analysis of vulnerabilities in appc and docker containers + + 10. ### postgres + PostgreSQL, also known as Postgres, is a free and open-source relational database management system emphasizing extensibility and SQL compliance + + 11. ### cluster autoscaler + For autoscaling of nodes as per your workloads you can use this chart to manage your cluster. Cluster autoscaler helps to manage nodes. + 12. ### nginx ingress + The Ingress Controller is an application that runs in a cluster and configures an HTTP load balancer according to Ingress resources + + 13. ### argo workflow + Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes + 14. ### winter-solider + Winter Soilder is an open-source tool created by Devtron. + 1.Delete k8s resource based on conditions. + 2.Scale down the Workload to Zero at a Specific period of date & time. + +### Note : +If You enable in-cluster cd chart make sure you should create two namespace mention in values.yaml. + + + + + diff --git a/charts/devtron-essentials/values.yaml b/charts/devtron-essentials/values.yaml new file mode 100644 index 00000000..cbf91d68 --- /dev/null +++ b/charts/devtron-essentials/values.yaml @@ -0,0 +1,232 @@ +# KEDA is a Kubernetes-based Event Driven Autoscaler. With KEDA, you can drive the scaling of any container in Kubernetes based on the number of events needing to be processed. + +keda: + enabled: false + +# Metrics Server is a scalable, efficient source of container resource metrics for Kubernetes built-in autoscaling pipelines. It will help you monitor your application +metrics-server: + enabled: false + defaultArgs: + - --cert-dir=/tmp + - --kubelet-preferred-address-types=InternalIP,ExternalIP,Hostname + - --kubelet-use-node-status-port + - --metric-resolution=15s + - --kubelet-insecure-tls + +# Argo Rollouts is a Kubernetes controller and set of CRDs which provide advanced deployment capabilities such as blue-green, canary, canary analysis, experimentation, and progressive delivery features to Kubernetes. +# In Devtron most of our application deployed using Rollout template so Rollout controller must be present in the cluster. +rollout: + enabled: false + rollout: + image: "quay.io/devtron/rollout:v0.6.2" + resources: + limits: + memory: 200Mi + cpu: 250m + requests: + memory: 100Mi + cpu: 50m + +# Winter Soilder is an open-source tool created by Devtron. +# 1.Delete k8s resource based on conditions. +#2.Scale down the Workload to Zero at a Specific period of date & time. +winter-soldier: + enabled: false + replicaCount: 3 + resources: + limits: + cpu: 100m + memory: 128Mi + requests: + cpu: 100m + memory: 128Mi + +# The Amazon Elastic Block Store (Amazon EBS) Container Storage Interface (CSI) driver allows Amazon Elastic Kubernetes Service (Amazon EKS) clusters to manage the lifecycle of Amazon EBS volumes for persistent volumes. +aws-ebs-csi-driver: + enabled: false + region: "" #Specify your cluster region + image: + repository: public.ecr.aws/ebs-csi-driver/aws-ebs-csi-driver + tag: "1.17.2" + pullPolicy: IfNotPresent + serviceAccount: +# A service account will be created for you if set to true. Set to false if you want to use your own. + create: true + name: ebs-csi-controller-sa + annotations: {} + tolerations: [] + # - key: CriticalAddonsOnly + # operator: Exists + # - effect: NoExecute + # operator: Exists + # tolerationSeconds: 300 + + +# Flagger is a progressive delivery tool that converts the release process for applications using Kubernetes to automatic operation. +flagger: + enabled: false + crd: + create: true + + +#External Secrets Operator is a Kubernetes operator that integrates external secret management systems like AWS Secrets Manager, HashiCorp Vault etc. +external-secrets: + enabled: false + +#Kyverno is a Policy Engine for Kubernetes. +# Kyverno policies can validate, mutate, generate, and cleanup Kubernetes resources, and verify image signatures and artifacts to help secure the software supply chain +kyverno: + enabled: false + +aws-load-balancer-controller: + enabled: false + resources: {} + nodeSelector: {} + tolerations: [] +# affinity specifies a custom affinity for the controller pods + affinity: {} + region: +# The VPC ID for the Kubernetes cluster. Set this manually when your pods are unable to use the metadata service to determine this automatically + vpcId: "" + + +devtron-in-clustercd: + enabled: false + workflow: + config: + parallelism: 50 + artifactRepository: + archiveLogs: true + instanceID: devtron-runner + s3: + endpoint: s3.amazonaws.com + bucket: devtron-logs-test + region: us-east-1 + keyFormat: "logs-v1/{{workflow.name}}" + #keep it uncommented if logs will pushing through AWS node role permission(recommended) + # accessKeySecret: + # name: workflow-minio-cred + # key: accessKey + # secretKeySecret: + # name: workflow-minio-cred + # key: secretKey + containerRuntimeExecutor: pns + executor: + imagePullPolicy: Always + + # Access key and Secret key of AWS account to push logs to above S3 bucket if not provided it will use node role. + use_access_secret_key: false + #Keep it uncommented if logs will pushing through AWS node role permission , if you want to push logs using aws access and secret key please provide here access and secret key which is reflect on workflow-minio-cred secret . + # accesskey: XXXXXX + # secretkey: XXXXX + + image: quay.io/argoproj/workflow-controller:v3.0.7 + arguments: ["--configmap","workflow-controller-configmap","--executor-image","quay.io/argoproj/argoexec:v3.0.7"] + resources: + limits: + cpu: "0.3" + memory: "300Mi" + requests: + cpu: "0.3" + memory: "300Mi" + nodeSelector: {} + + tolerations: [] + + affinity: {} + + +#Namespaces to execute in application environments for pre/post deployment on target clusters + execute_in_application_env: + namespaces: + - abc + - xyz + +# Kubewatch configuration + kubewatch: + image: quay.io/devtron/kubewatch:b7c8b777-419-12558 + env: + - name: DEFAULT_NAMESPACE + value: "devtron-ci" + - name: CI_INFORMER + value: "true" + - name: ACD_NAMESPACE + value: "devtroncd" + - name: ACD_INFORMER + value: "true" + - name: CD_EXTERNAL_LISTENER_URL # Note:- There must be connectivity from target cluster to devtron cluster. + value: http://test.devtron.com/orchestrator/webhook/msg/nats # Here provide the ORCH_HOST(This host is used kubewatch which is running on target cluster to hit api call to nats which is running on devtron cluster) and test.devtron.com is host name where we are accessing devtron dashboard. + - name: CD_EXTERNAL_ORCHESTRATOR_TOKEN # This is devtron token to call nats api from kubewatch running on target cluster . # To get this just exec into devtron pod and run ``printenv | grep ORCH_TOKEN`` . Just copy this token and put here. + value: XXXXXXXXX + - name: CD_EXTERNAL_REST_LISTENER + value: "true" + resources: + requests: + memory: 128Mi + cpu: 100m + limits: + memory: 128Mi + cpu: 100m + nodeSelector: {} + tolerations: [] + affinity: {} + replicaCount: 1 + + # Kubewatch configuration + config: + handler: + webhook: + enabled: false + url: "" + resource: + daemonset: false + deployment: false + events: true + job: false + persistentvolume: false + pod: false + replicaset: false + replicationcontroller: false + services: false + +#Clair is an open source project which provides a tool to monitor the security of your containers through the static analysis of vulnerabilities in appc and docker containers + +clair: + enabled: false + config: + postgresServiceName: "" + postgresHost: "" + postgresPassword: "" + +# Devtron use postgres for database +dt-postgresql: + enabled: false + fullnameOverride: "" + postgresqlPassword: "" + +# Controller to create ingress resources and helps in load balancing the requests +ingress-nginx: + enabled: true + controller: + service: + annotations: + service.beta.kubernetes.io/aws-load-balancer-ssl-cert: "" + nginx.ingress.kubernetes.io/force-ssl-redirect: true + nginx.ingress.kubernetes.io/ssl-redirect: true + + +# For autoscaling of nodes as per your workloads you can use this chart to manage your cluster. Cluster autoscaler helps to manage nodes. +cluster-autoscaler: + enabled: false + awsRegion: "" + clusterName: "" + + +# Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes +argo-workflow: + enabled: false + bucket: "" + keyformat: "" + region: "" + +