Skip to content

Commit

Permalink
making requested changes
Browse files Browse the repository at this point in the history
  • Loading branch information
EJ Etherington committed Apr 1, 2019
1 parent c53f07a commit 6d9895c
Show file tree
Hide file tree
Showing 10 changed files with 93 additions and 54 deletions.
2 changes: 1 addition & 1 deletion charts/fairwinds/Chart.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
apiVersion: v1
description: Helm chart generated by https://github.com/appscode/chartify
description: Validation of best practices in your Kubernetes clusters
name: fairwinds
version: 0.1.0
1 change: 0 additions & 1 deletion charts/fairwinds/templates/fairwinds-dash.svc.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,6 @@ metadata:
heritage: '{{.Release.Service}}'
release: '{{.Release.Name}}'
name: '{{ template "fullname" . }}-dashboard'
namespace: '{{.Release.Namespace}}'
spec:
ports:
- name: dashboard
Expand Down
1 change: 0 additions & 1 deletion charts/fairwinds/templates/fairwinds.clusterrole.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,6 @@ metadata:
heritage: '{{.Release.Service}}'
release: '{{.Release.Name}}'
name: '{{ template "fullname" . }}'
namespace: '{{.Release.Namespace}}'
rules:
- apiGroups:
- ''
Expand Down
1 change: 0 additions & 1 deletion charts/fairwinds/templates/fairwinds.clusterrolebinding.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,6 @@ metadata:
heritage: '{{.Release.Service}}'
release: '{{.Release.Name}}'
name: '{{ template "fullname" . }}'
namespace: '{{.Release.Namespace}}'
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
Expand Down
1 change: 0 additions & 1 deletion charts/fairwinds/templates/fairwinds.configmap.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,5 @@ metadata:
heritage: '{{.Release.Service}}'
release: '{{.Release.Name}}'
name: '{{ template "fullname" . }}'
namespace: '{{.Release.Namespace}}'
data:
config.yml: {{- toYaml .Values.config | indent 2 -}}
16 changes: 7 additions & 9 deletions charts/fairwinds/templates/fairwinds.deployment-dashboard.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,6 @@ metadata:
heritage: '{{.Release.Service}}'
release: '{{.Release.Name}}'
name: '{{ template "fullname" . }}-dashboard'
namespace: '{{.Release.Namespace}}'
spec:
replicas: {{.Values.dashboard.replicas}}
selector:
Expand All @@ -32,21 +31,20 @@ spec:
- command:
- fairwinds
- --dashboard
image: '{{.Values.dashboard.image}}:{{.Values.dashboard.imageTag}}'
imagePullPolicy: '{{.Values.dashboard.imagePullPolicy}}'
image: '{{.Values.webhook.image.repository}}:{{.Values.webhook.image.tag}}'
imagePullPolicy: '{{.Values.webhook.image.pullPolicy}}'
name: dashboard
ports:
- containerPort: 8080
livenessProbe:
exec:
command:
- sh
- -c
- ps -ef | grep fairwinds
httpGet:
path: /
port: 8080
initialDelaySeconds: 5
periodSeconds: 5
readinessProbe:
tcpSocket:
httpGet:
path: /
port: 8080
initialDelaySeconds: 15
periodSeconds: 20
Expand Down
5 changes: 2 additions & 3 deletions charts/fairwinds/templates/fairwinds.deployment-webook.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,6 @@ metadata:
heritage: '{{.Release.Service}}'
release: '{{.Release.Name}}'
name: '{{ template "fullname" . }}-webhook'
namespace: '{{.Release.Namespace}}'
spec:
replicas: {{.Values.webhookreplicas}}
selector:
Expand All @@ -32,8 +31,8 @@ spec:
- command:
- fairwinds
- --webhook
image: '{{.Values.webhook.image}}:{{.Values.webhook.imageTag}}'
imagePullPolicy: '{{.Values.webhook.imagePullPolicy}}'
image: '{{.Values.webhook.image.repository}}:{{.Values.webhook.image.tag}}'
imagePullPolicy: '{{.Values.webhook.image.pullPolicy}}'
name: webhook
ports:
- containerPort: 9876
Expand Down
1 change: 0 additions & 1 deletion charts/fairwinds/templates/fairwinds.secret.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,5 @@ metadata:
heritage: '{{.Release.Service}}'
release: '{{.Release.Name}}'
name: '{{ template "fullname" . }}'
namespace: '{{.Release.Namespace}}'
type: opaque
data:
1 change: 0 additions & 1 deletion charts/fairwinds/templates/fairwinds.serviceaccount.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,4 +6,3 @@ metadata:
heritage: '{{.Release.Service}}'
release: '{{.Release.Name}}'
name: '{{ template "fullname" . }}'
namespace: '{{.Release.Namespace}}'
118 changes: 83 additions & 35 deletions charts/fairwinds/values.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,48 +1,96 @@
---
config: |
resources:
requests:
cpu:
require: true
memory:
require: true
limits:
cpu:
require: true
memory:
require: true
healthChecks:
readiness:
require: true
liveness:
require: true
cpuRequestsMissing: warning
cpuRequestRanges:
warning:
below: 50m
above: 1000m
error:
below: 500m
above: 2000m
cpuLimitsMissing: warning
cpuLimitRanges:
warning:
below: 50m
above: 1000m
error:
below: 500m
above: 2000m
memoryRequestsMissing: warning
memoryRequestRanges:
warning:
below: 50M
above: 2G
error:
below: 100M
above: 4G
memoryLimitsMissing: warning
memoryLimitRanges:
warning:
below: 50M
above: 2G
error:
below: 100M
above: 4G
images:
tagRequired: true
whitelistRepos:
- gcr.io
hostNetwork:
hostAlias:
require: true
hostIPC:
require: true
hostNetwork:
require: true
hostPID:
require: true
hostPort:
require: true
tagNotSpecified: error
pullPolicyNotAlways: warning
whitelist:
error:
- gcr.io/*
blacklist:
warning:
- docker.io/*
healthChecks:
readinessProbeMissing: warning
livenessProbeMissing: warning
networking:
hostAliasSet: error
hostIPCSet: error
hostNetworkSet: error
hostPIDSet: error
hostPortSet: error
security:
runAsPriviliged: warning
notReadOnlyRootFileSystem: warning
runAsNonRoot: warning
capabilities:
blacklist:
error:
- CHOWN
- SYS_CHROOT
- AUDIT_WRITE
whitelist:
warning:
- CHOWN
- DAC_OVERRIDE
- FSETID
- FOWNER
- MKNOD
- NET_RAW
- SETGID
- SETUID
- SETFCAP
- SETPCAP
- NET_BIND_SERVICE
- SYS_CHROOT
- KILL
- AUDIT_WRITE
dashboard:
enable: true
service:
type: ClusterIP
image: quay.io/reactiveops/fairwinds
imagePullPolicy: IfNotPresent
imageTag: dev-f16f12d0af38fd547918d394ce717037223b7f94
image:
repository: quay.io/reactiveops/fairwinds
tag: dev-80b331447bdaebe1cd0191a165e8d4c1cdaa2e60
pullPolicy: IfNotPresent
webhook:
enable: false
image: quay.io/reactiveops/fairwinds
imagePullPolicy: IfNotPresent
imageTag: dev-f16f12d0af38fd547918d394ce717037223b7f94
image:
repository: quay.io/reactiveops/fairwinds
tag: dev-80b331447bdaebe1cd0191a165e8d4c1cdaa2e60
pullPolicy: IfNotPresent
replicas: 1
rbac:
create: true

0 comments on commit 6d9895c

Please sign in to comment.