diff --git a/charts/nmaas/Chart.yaml b/charts/nmaas/Chart.yaml
index 22a551b5848dc880053bafb3c6d5c7b0272f678f..de5f32d968276fa299a5a30265e85aed181e29e4 100644
--- a/charts/nmaas/Chart.yaml
+++ b/charts/nmaas/Chart.yaml
@@ -1,8 +1,8 @@
apiVersion: v2
name: nmaas
description: GÉANT Network Management as a Service Helm chart for Kubernetes
-version: 2.0.2-alpha.1
-appVersion: 1.7.1
+version: 2.0.2-alpha.2
+appVersion: 1.8.0
keywords:
- Network Management
- Cloud Deployment
diff --git a/charts/nmaas/templates/nmaas-helm-clusterRoleBinding.yaml b/charts/nmaas/templates/nmaas-helm-clusterRoleBinding.yaml
deleted file mode 100644
index e92642b77159ab30d95f82a2ead20a2d9f0f915f..0000000000000000000000000000000000000000
--- a/charts/nmaas/templates/nmaas-helm-clusterRoleBinding.yaml
+++ /dev/null
@@ -1,12 +0,0 @@
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRoleBinding
-metadata:
- name: {{ .Values.helm.clusterRoleBindingName }}
-roleRef:
- apiGroup: rbac.authorization.k8s.io
- kind: ClusterRole
- name: {{ .Values.helm.clusterRoleName }}
-subjects:
-- kind: ServiceAccount
- name: {{ .Values.helm.serviceAccountName }}
- namespace: {{ .Release.Namespace }}
\ No newline at end of file
diff --git a/charts/nmaas/templates/nmaas-helm-deployment.yaml b/charts/nmaas/templates/nmaas-helm-deployment.yaml
deleted file mode 100644
index 3ebf9ebac5130df125491ec917ac74eb08b486ab..0000000000000000000000000000000000000000
--- a/charts/nmaas/templates/nmaas-helm-deployment.yaml
+++ /dev/null
@@ -1,59 +0,0 @@
-{{- if .Values.helm.enabled -}}
-apiVersion: apps/v1
-kind: Deployment
-metadata:
- name: {{ .Values.helm.name }}
- labels:
- app: {{ .Values.helm.name }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version }}
- heritage: {{ .Release.Service }}
- release: {{ .Release.Name }}
-spec:
- selector:
- matchLabels:
- app: {{ .Values.helm.name }}
- strategy:
- type: Recreate
- replicas: {{ .Values.replicaCount }}
- template:
- metadata:
- labels:
- app: {{ .Values.helm.name }}
- spec:
- volumes:
- - name: {{ .Values.helm.persistence.existingClaim | default (printf "%s-helm" (include "fullname" .)) | quote }}
- {{- if .Values.helm.persistence.enabled }}
- persistentVolumeClaim:
- claimName: {{ .Values.helm.persistence.existingClaim | default (printf "%s-helm" (include "fullname" .)) | quote }}
- {{- else }}
- emptyDir: {}
- {{- end }}
- - name: helm-access-key
- secret:
- secretName: {{ .Values.global.helmAccessKeyPublic }}
- {{- if .Values.helm.serviceAccountName }}
- serviceAccountName: {{ .Values.helm.serviceAccountName }}
- {{- end }}
- containers:
- - name: {{ .Chart.Name }}
- securityContext:
- capabilities:
- add:
- - SYS_CHROOT
- image: "{{ .Values.helm.image.repository }}:{{ .Values.helm.image.tag }}"
- imagePullPolicy: {{ .Values.helm.image.pullPolicy }}
- ports:
- - containerPort: {{ .Values.helm.port }}
- protocol: TCP
- env:
- - name: SSH_USERS
- value: {{ .Values.helm.properties.users }}
- volumeMounts:
- - name: helm-access-key
- mountPath: /keys
- - mountPath: /home/helm/.config/helm
- name: {{ .Values.helm.persistence.existingClaim | default (printf "%s-helm" (include "fullname" .)) | quote }}
- subPath: helm-config
- imagePullSecrets:
- - name: {{ .Values.global.registrysecret }}
-{{- end -}}
diff --git a/charts/nmaas/templates/nmaas-helm-pvc.yaml b/charts/nmaas/templates/nmaas-helm-pvc.yaml
deleted file mode 100644
index 806afbfb00e9e51a255353f1f65aab2f32d2cf41..0000000000000000000000000000000000000000
--- a/charts/nmaas/templates/nmaas-helm-pvc.yaml
+++ /dev/null
@@ -1,17 +0,0 @@
-{{- if and (.Values.helm.persistence.enabled) (not .Values.helm.persistence.existingClaim) }}
-kind: PersistentVolumeClaim
-apiVersion: v1
-metadata:
- name: "{{ template "fullname" . }}-helm"
- labels:
- app: nmaas-helm
-spec:
- accessModes:
- - "{{ .Values.helm.persistence.accessMode }}"
- {{- if .Values.helm.persistence.storageClass }}
- storageClassName: "{{ .Values.helm.persistence.storageClass }}"
- {{- end}}
- resources:
- requests:
- storage: "{{ .Values.helm.persistence.size }}"
-{{- end }}
\ No newline at end of file
diff --git a/charts/nmaas/templates/nmaas-helm-service.yaml b/charts/nmaas/templates/nmaas-helm-service.yaml
deleted file mode 100644
index c2a9956f8fa3c3ad1a890419707208e9c04228f1..0000000000000000000000000000000000000000
--- a/charts/nmaas/templates/nmaas-helm-service.yaml
+++ /dev/null
@@ -1,19 +0,0 @@
-{{- if .Values.helm.enabled -}}
-apiVersion: v1
-kind: Service
-metadata:
- name: {{ .Values.helm.name }}
- labels:
- app: {{ .Values.helm.name }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version }}
- heritage: {{ .Release.Service }}
- release: {{ .Release.Name }}
-spec:
- type: {{ .Values.helm.type }}
- ports:
- - port: {{ .Values.helm.port }}
- targetPort: {{ .Values.helm.targetPort }}
- protocol: TCP
- selector:
- app: {{ .Values.helm.name }}
-{{- end -}}
diff --git a/charts/nmaas/templates/nmaas-helm-serviceAccount.yaml b/charts/nmaas/templates/nmaas-helm-serviceAccount.yaml
deleted file mode 100644
index ed68363b92141150b960a6d9a8fae5c6060875e1..0000000000000000000000000000000000000000
--- a/charts/nmaas/templates/nmaas-helm-serviceAccount.yaml
+++ /dev/null
@@ -1,6 +0,0 @@
-apiVersion: v1
-kind: ServiceAccount
-automountServiceAccountToken: true
-metadata:
- name: {{ .Values.helm.serviceAccountName }}
- namespace: {{ .Release.Namespace }}
\ No newline at end of file
diff --git a/charts/nmaas/templates/nmaas-platform-clusterRole.yaml b/charts/nmaas/templates/nmaas-platform-clusterRole.yaml
deleted file mode 100644
index 790a32e7458d03e659390543d2ca27668658ccc4..0000000000000000000000000000000000000000
--- a/charts/nmaas/templates/nmaas-platform-clusterRole.yaml
+++ /dev/null
@@ -1,11 +0,0 @@
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
- name: {{ .Values.platform.clusterRoleName }}
-rules:
-- apiGroups: [""]
- resources: ["pods"]
- verbs: ["get", "list", "watch"]
-- apiGroups: [""]
- resources: ["pods/exec"]
- verbs: ["create", "get", "watch"]
diff --git a/charts/nmaas/templates/nmaas-platform-deployment.yaml b/charts/nmaas/templates/nmaas-platform-deployment.yaml
index 59be106caabcb4c2ff9f62a59b6439a5170e3333..5e0a77aa2db7b7bd984c89f47746631a8501d63a 100644
--- a/charts/nmaas/templates/nmaas-platform-deployment.yaml
+++ b/charts/nmaas/templates/nmaas-platform-deployment.yaml
@@ -53,8 +53,9 @@ spec:
- name: platform-data
mountPath: /nmaas/files
subPath: platform-logs
- - name: helm-access-key
- mountPath: /nmaas/.ssh
+ - name: platform-data
+ mountPath: /home/nmaas/.config/helm
+ subPath: helm
env:
- name: ENVIRONMENT
value: "{{ .Values.platform.properties.environment }}"
@@ -137,23 +138,11 @@ spec:
- name: USE_LOGIN_PASSWORD
value: {{ and .Values.platform.properties.smtp.login .Values.platform.properties.smtp.password }}
- name: USE_STARTTLS
- value: {{ .Values.platform.properties.smtp.useStartTLS | default "false" | quote}}
- - name: HELM_ADDRESS
- value: "{{ .Values.platform.properties.helm.address }}"
- - name: HELM_USERNAME
- value: "{{ .Values.platform.properties.helm.username }}"
- - name: HELM_USELOCALCHARTS
- value: "{{ .Values.platform.properties.helm.useLocalCharts }}"
+ value: {{ .Values.platform.properties.smtp.useStartTLS | default "false" | quote }}
- name: HELM_REPOSITORY
value: "{{ .Values.platform.properties.helm.repositoryName }}"
- name: HELM_REPOSITORY_URL
value: "{{ .Values.platform.properties.helm.repositoryUrl }}"
- - name: HELM_LOCALCHARTSDIR
- value: "{{ .Values.platform.properties.helm.chartsDirectory }}"
- - name: HELM_ENABLETLS
- value: "{{ .Values.platform.properties.helm.enableTls }}"
- - name: HELM_VERSION
- value: "{{ .Values.platform.properties.helm.version }}"
- name: HELM_UPDATE_ASYNC_ENABLED
value: "{{ .Values.platform.properties.helm.asyncUpdateEnabled }}"
- name: HELM_UPDATE_ASYNC_CRON
diff --git a/charts/nmaas/values.yaml b/charts/nmaas/values.yaml
index c8f1bbccc5a7c7e44a07b92c1d80100df30cdb8d..022346ec647d145b0064086956681c7f403f66b4 100644
--- a/charts/nmaas/values.yaml
+++ b/charts/nmaas/values.yaml
@@ -26,7 +26,8 @@ platform:
enabled: true
name: nmaas-platform
serviceAccountName: nmaas-platform
- clusterRoleName: nmaas-shell-role
+ # -- name of ClusterRole to associate to nmaas-platform. Must exist beforehand
+ clusterRoleName: cluster-admin
clusterRoleBindingName: nmaas-platform
ingress:
# -- defaults to .Values.platform.properties.k8s.ingress.controller.ingressClass if not set
@@ -61,7 +62,7 @@ platform:
timeoutSeconds: 10
image:
repository: artifactory.software.geant.org/nmaas-docker-local/nmaas-platform
- tag: "1.7.1"
+ tag: "latest"
pullPolicy: IfNotPresent
port: 9001
targetPort: 9001
@@ -121,14 +122,8 @@ platform:
name: nmaas-postgresql-secret
key: secret
helm:
- address: nmaas-helm
- username: helm
- useLocalCharts: false
repositoryName: nmaas
repositoryUrl: https://artifactory.software.geant.org/artifactory/nmaas-helm
- chartsDirectory: /home/nmaas/charts
- enableTls: true
- version: v3
asyncUpdateEnabled: true
asyncUpdateCron: "0 0 * * * ?"
smtp:
@@ -201,7 +196,7 @@ portal:
name: nmaas-portal
image:
repository: artifactory.software.geant.org/nmaas-docker-local/nmaas-portal
- tag: "1.7.1"
+ tag: "latest"
pullPolicy: IfNotPresent
ingress:
# -- defaults to .Values.platform.properties.k8s.ingress.controller.ingressClass if not set
@@ -255,29 +250,6 @@ postfix:
secret:
key: smtpPassword
-helm:
- enabled: true
- name: nmaas-helm
- serviceAccountName: nmaas-helm
- clusterRoleBindingName: nmaas-helm-admin
- clusterRoleName: cluster-admin
- image:
- repository: artifactory.software.geant.org/nmaas-docker-local/nmaas-helm-3
- tag: "3.9.3"
- pullPolicy: Always
- port: 22
- targetPort: 22
- type: ClusterIP
- properties:
- users: helm:1000:1000
- persistence:
- enabled: true
- # -- name of an existing claim to be used. If empty, a new one is provisioned.
- existingClaim: ""
- accessMode: ReadWriteOnce
- size: 1Gi
- storageClass: ""
-
janitor:
enabled: true
name: nmaas-janitor