typeable/octopod
1
0
Fork 0
mirror of https://github.com/typeable/octopod.git synced 2024-11-22 08:45:20 +03:00
Code Issues Projects Releases Wiki Activity

Add 'job-control' chart (#17)

Browse Source
This commit is contained in:
andor0 2021-01-15 19:37:55 +04:00 committed by iko
parent cd081ae4ae
commit ca5adf7786
6 changed files with 44 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
charts/job-control/Chart.yaml Normal file
View File

@ -0,0 +1,5 @@
apiVersion: v1
appVersion: "1.0"
description: A Helm chart for Kubernetes
name: job-control
version: 0.1.0

8
charts/job-control/templates/job-control-clusterrole.yaml Normal file
View File

@ -0,0 +1,8 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: job-control-clusterrole
rules:
- apiGroups: ["batch"]
resources: ["jobs"]
verbs: ["list", "delete", "deletecollection"]

13
charts/job-control/templates/job-control-rolebinding.yaml Normal file
View File

@ -0,0 +1,13 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
name: {{ .Values.serviceaccount }}-job-control-rolebinding
namespace: {{ .Values.namespace }}
roleRef:
kind: ClusterRole
apiGroup: rbac.authorization.k8s.io
name: job-control-clusterrole
subjects:
- kind: ServiceAccount
name: {{ .Values.serviceaccount }}
namespace: {{ .Values.octopod_namespace | default .Values.namespace }}

3
charts/job-control/values.yaml Normal file
View File

@ -0,0 +1,3 @@
namespace: deployment
octopod_namespace: octopod
serviceaccount: octopod

8
docs/en/Octopod_deployment_guide.md
View File

@ -135,6 +135,13 @@ kubectl create -n octopod serviceaccount octopod
helm install --name octopod-kubedog-access ./kubedog-access
```
5. If you are planning to delete [_Jobs_][kubernetes-job] in your [_Control scripts_](Control_scripts.md), you will need to give appropriate permissions to the `octopod` _Service Account_:
```bash
cd /tmp/octopod/charts
helm install --name octopod-job-control ./job-control
```
## Web UI authentication secrets
[Authentication](Security_model.md#web-ui-authentication) between _Octopod Server_ and the _Web UI_ is done through _Basic Auth_. This implies that there needs to be a username and password associated with it.
@ -392,6 +399,7 @@ helm upgrade --install octopod ./octopod \
[kubernetes-service-account]: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account
[kubernetes-pvc]: https://kubernetes.io/docs/concepts/storage/persistent-volumes/#expanding-persistent-volumes-claims
[kubernetes-storage-classes]: https://kubernetes.io/docs/concepts/storage/storage-classes
[kubernetes-job]: https://kubernetes.io/docs/concepts/workloads/controllers/job
[minikube]: https://kubernetes.io/ru/docs/tasks/tools/install-minikube/
[tiller]: https://v2.helm.sh/docs/install/
[kubedog]: https://github.com/werf/kubedog

7
docs/ru/Octopod_deployment_with_K8S.md
View File

@ -160,6 +160,12 @@
helm install --name octopod-kubedog-access ./kubedog-access
```
5. Eсли вы планируете из [_Control scripts_](Control_scripts.md) удалять [_Jobs_][kubernetes-job], то для этого необходимо выдать права [_Service Account_][kubernetes-service-account] `octopod`:
```bash
cd /tmp/octopod/charts
helm install --name octopod-job-control ./job-control
```
13. Установка сервера Octopod
```bash
@ -270,6 +276,7 @@
[kubernetes-service-account]: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account
[kubernetes-pvc]: https://kubernetes.io/docs/concepts/storage/persistent-volumes/#expanding-persistent-volumes-claims
[kubernetes-storage-classes]: https://kubernetes.io/docs/concepts/storage/storage-classes
[kubernetes-job]: https://kubernetes.io/docs/concepts/workloads/controllers/job
[minikube]: https://kubernetes.io/ru/docs/tasks/tools/install-minikube
[tiller]: https://v2.helm.sh/docs/install
[kubedog]: https://github.com/werf/kubedog