Unverified Commit f4f738c1 authored by Siyu Wang's avatar Siyu Wang Committed by GitHub
Browse files

Add docs and changelog for v0.6.1 (#388)

Signed-off-by: default avatarSiyu Wang <FillZpp.pub@gmail.com>
parent 35ed44f3
Showing with 3433 additions and 6 deletions
+3433 -6
# Change Log
## v0.6.1
### CloneSet
#### Features
- Support lifecycle hooks for pre-delete and in-place update
#### Bugs
- Fix map concurrent write
- Fix current revision during rollback
- Fix update expectation for pod deletion
### SidecarSet
#### Features
- Support initContainers definition and injection
### UnitedDeployment
#### Features
- Support to define CloneSet as UnitedDeployment's subset
### StatefulSet
#### Features
- Support minReadySeconds strategy
### Others
- Add webhook controller to optimize certs and configurations generation
- Add pprof server and flag
- Optimize discovery logic in custom resource gate
## v0.6.0
### Project
......
......@@ -12,6 +12,7 @@
|![notification](docs/img/bell-outline-badge.svg) 最新进展:|
|------------------|
|Oct 1st, 2020. Kruise v0.6.1 发布! 提供一系列增强 feature 和 bugfix 比如 CloneSet lifecycle hook 、UnitedDeployment 支持 CloneSet 等,详情参见 [CHANGELOG](CHANGELOG.md).|
|Aug 19th, 2020. Kruise v0.6.0 发布! 升级新的项目结构和依赖,并提供新的 Advanced DaemonSet 控制器,详情参见 [CHANGELOG](CHANGELOG.md).|
|May 19th, 2020. Kruise v0.5.0 发布! CloneSet 支持 `maxSurge` 策略、为 StatefulSet/SidecarSet 修复部分 bug,详情参见 [CHANGELOG](CHANGELOG.md).|
|Mar 20th, 2020. Kruise v0.4.1 发布! 为 Advanced StatefulSet 和 CloneSet 提供了 **优雅原地升级** 功能,详情参见 [CHANGELOG](CHANGELOG.md).|
......@@ -56,10 +57,14 @@ Kruise 是 OpenKruise (官网: [https://openkruise.io](https://openkruise.io))
## 快速开始
想要快速使用 OpenKruise 非常简单!
对于版本高于 v1.12+ 的 Kubernetes 集群来说,只要使用 helm v3 执行安装即可:
对于版本高于 v1.12+ 的 Kubernetes 集群来说,只要使用 helm v3.1.0+ 执行安装即可:
```
helm install kruise https://github.com/openkruise/kruise/releases/download/v0.6.0/kruise-chart.tgz
```bash
# Kubernetes 版本低于 1.14
helm install kruise https://github.com/openkruise/kruise/releases/download/v0.6.1/kruise-chart.tgz --disable-openapi-validation
# Kubernetes 版本大于等于 1.15
helm install kruise https://github.com/openkruise/kruise/releases/download/v0.6.1/kruise-chart.tgz
```
注意直接安装 chart 会使用默认的 template values,你也可以根据你的集群情况指定一些特殊配置,比如修改 resources 限制或者只启用某些特定的控制器能力。
......
......@@ -12,6 +12,7 @@ English | [简体中文](./README-zh_CN.md)
|![notification](docs/img/bell-outline-badge.svg) What is NEW!|
|------------------|
|Oct 1st, 2020. Kruise v0.6.1 is **RELEASED**! It provides various features and bugfix, such as CloneSet lifecycle hook and UnitedDeployment supported CloneSet, please check the [CHANGELOG](CHANGELOG.md) for details.|
|Aug 19th, 2020. Kruise v0.6.0 is **RELEASED**! It updates Kubernetes dependency and switches to new controller runtime framework. It also supports a new controller called Advanced DaemonSet, please check the [CHANGELOG](CHANGELOG.md) for details.|
|May 19th, 2020. Kruise v0.5.0 is **RELEASED**! It supports `maxSurge` for CloneSet and fixes bugs for StatefulSet/SidecarSet, please check the [CHANGELOG](CHANGELOG.md) for details.|
|Mar 20th, 2020. Kruise v0.4.1 is **RELEASED**! It provides **graceful in-place update** for Advanced StatefulSet and CloneSet, please check the [CHANGELOG](CHANGELOG.md) for details.|
......@@ -53,10 +54,14 @@ This [video](https://www.youtube.com/watch?v=elB7reZ6eAQ) demo by [Lachlan Evens
## Quick Start
For a Kubernetes cluster with its version higher than v1.12, you can simply install Kruise with helm v3:
For a Kubernetes cluster with its version higher than v1.12, you can simply install Kruise with helm v3.1.0+:
```
helm install kruise https://github.com/openkruise/kruise/releases/download/v0.6.0/kruise-chart.tgz
```bash
# Kubernetes 1.14 and older versions
helm install kruise https://github.com/openkruise/kruise/releases/download/v0.6.1/kruise-chart.tgz --disable-openapi-validation
# Kubernetes 1.15 and newer versions
helm install kruise https://github.com/openkruise/kruise/releases/download/v0.6.1/kruise-chart.tgz
```
Note that installing this chart directly means it will use the default template values for the kruise-manager.
......
# Patterns to ignore when building packages.
# This supports shell glob matching, relative path matching, and
# negation (prefixed with !). Only one pattern per line.
.DS_Store
# Common VCS dirs
.git/
.gitignore
.bzr/
.bzrignore
.hg/
.hgignore
.svn/
# Common backup files
*.swp
*.bak
*.tmp
*~
# Various IDEs
.project
.idea/
*.tmproj
apiVersion: v1
name: kruise
description: Helm chart for all kruise-manager components
version: 0.6.1
appVersion: 0.6.1
icon: http://openkruise.io/img/kruise_white.png
keywords:
- kubernetes
- kruise
- workload
- statefulset
- sidecar
- job
- deployment
home: https://openkruise.io
sources:
- https://github.com/openkruise/kruise
# Kruise
## Install
Install with Helm 3:
If your Kubernetes version is lower than 1.15 and you'd like to install Kruise via Helm 3, you'll need Helm v3.1.0+ that has the flag --disable-openapi-validation.
```bash
# Kubernetes 1.14 and older versions
helm install kruise https://github.com/openkruise/kruise/releases/download/v0.6.1/kruise-chart.tgz --disable-openapi-validation
# Kubernetes 1.15 and newer versions
helm install kruise https://github.com/openkruise/kruise/releases/download/v0.6.1/kruise-chart.tgz
```
you will see follow:
```
NAME: kruise
LAST DEPLOYED: Mon Jan 6 14:47:48 2020
NAMESPACE: default
STATUS: deployed
REVISION: 1
TEST SUITE: None
```
## Uninstall
```bash
$ helm delete kruise
release "kruise" uninstalled
```
## Configuration
The following table lists the configurable parameters of the kruise chart and their default values.
| Parameter | Description | Default |
| ----------------------------------------- | ------------------------------------------------------------ | ----------------------------- |
| `log.level` | Log level that kruise-manager printed | `4` |
| `revisionHistoryLimit` | Limit of revision history | `3` |
| `manager.replicas` | Replicas of kruise-controller-manager deployment | `2` |
| `manager.image.repository` | Repository for kruise-manager image | `openkruise/kruise-manager` |
| `manager.image.tag` | Tag for kruise-manager image | `v0.6.1` |
| `manager.resources.limits.cpu` | CPU resource limit of kruise-manager container | `100m` |
| `manager.resources.limits.memory` | Memory resource limit of kruise-manager container | `256Mi` |
| `manager.resources.requests.cpu` | CPU resource request of kruise-manager container | `100m` |
| `manager.resources.requests.memory` | Memory resource request of kruise-manager container | `256Mi` |
| `manager.metrics.addr` | Addr of metrics served | `localhost` |
| `manager.metrics.port` | Port of metrics served | `8080` |
| `manager.webhook.port` | Port of webhook served | `9443` |
| `manager.custom_resource_enable` | Custom resources enabled by kruise-manager | `""(empty means all enabled)` |
| `spec.nodeAffinity` | Node affinity policy for kruise-manager pod | `{}` |
| `spec.nodeSelector` | Node labels for kruise-manager pod | `{}` |
| `spec.tolerations` | Tolerations for kruise-manager pod | `[]` |
| `webhookConfiguration.failurePolicy.pods` | The failurePolicy for pods in mutating webhook configuration | `Ignore` |
Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. For example,
```bash
# helm install kruise https://github.com/openkruise/kruise/releases/download/v0.6.1/kruise-chart.tgz --set manager.log.level=5,manager.custom_resource_enable="CloneSet\,SidecarSet"
```
{{/* vim: set filetype=mustache: */}}
{{/*
Expand the name of the chart.
*/}}
{{- define "kruise.name" -}}
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{/*
Create a default fully qualified app name.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
If release name contains chart name it will be used as a full name.
*/}}
{{- define "kruise.fullname" -}}
{{- if .Values.fullnameOverride -}}
{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
{{- else -}}
{{- $name := default .Chart.Name .Values.nameOverride -}}
{{- if contains $name .Release.Name -}}
{{- .Release.Name | trunc 63 | trimSuffix "-" -}}
{{- else -}}
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{- end -}}
{{- end -}}
{{/*
Create chart name and version as used by the chart label.
*/}}
{{- define "kruise.chart" -}}
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
{{- end -}}
---
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.2.9
creationTimestamp: null
name: broadcastjobs.apps.kruise.io
spec:
additionalPrinterColumns:
- JSONPath: .status.desired
description: The desired number of pods. This is typically equal to the number
of nodes satisfied to run pods.
name: Desired
type: integer
- JSONPath: .status.active
description: The number of actively running pods.
name: Active
type: integer
- JSONPath: .status.succeeded
description: The number of pods which reached phase Succeeded.
name: Succeeded
type: integer
- JSONPath: .status.failed
description: The number of pods which reached phase Failed.
name: Failed
type: integer
- JSONPath: .metadata.creationTimestamp
description: CreationTimestamp is a timestamp representing the server time when
this object was created. It is not guaranteed to be set in happens-before order
across separate operations. Clients may not set this value. It is represented
in RFC3339 form and is in UTC.
name: AGE
type: date
group: apps.kruise.io
names:
kind: BroadcastJob
listKind: BroadcastJobList
plural: broadcastjobs
shortNames:
- bcj
singular: broadcastjob
scope: Namespaced
subresources:
status: {}
validation:
openAPIV3Schema:
description: BroadcastJob is the Schema for the broadcastjobs API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: BroadcastJobSpec defines the desired state of BroadcastJob
properties:
completionPolicy:
description: CompletionPolicy indicates the completion policy of the
job. Default is Always CompletionPolicyType
properties:
activeDeadlineSeconds:
description: ActiveDeadlineSeconds specifies the duration in seconds
relative to the startTime that the job may be active before the
system tries to terminate it; value must be positive integer.
Only works for Always type.
format: int64
type: integer
ttlSecondsAfterFinished:
description: ttlSecondsAfterFinished limits the lifetime of a Job
that has finished execution (either Complete or Failed). If this
field is set, ttlSecondsAfterFinished after the Job finishes,
it is eligible to be automatically deleted. When the Job is being
deleted, its lifecycle guarantees (e.g. finalizers) will be honored.
If this field is unset, the Job won't be automatically deleted.
If this field is set to zero, the Job becomes eligible to be deleted
immediately after it finishes. This field is alpha-level and is
only honored by servers that enable the TTLAfterFinished feature.
Only works for Always type
format: int32
type: integer
type:
description: Type indicates the type of the CompletionPolicy Default
is Always
type: string
type: object
failurePolicy:
description: FailurePolicy indicates the behavior of the job, when failed
pod is found.
properties:
restartLimit:
description: RestartLimit specifies the number of retries before
marking the pod failed.
format: int32
type: integer
type:
description: Type indicates the type of FailurePolicyType.
type: string
type: object
parallelism:
anyOf:
- type: integer
- type: string
description: Parallelism specifies the maximum desired number of pods
the job should run at any given time. The actual number of pods running
in steady state will be less than this number when the work left to
do is less than max parallelism. Not setting this value means no limit.
x-kubernetes-int-or-string: true
paused:
description: Paused will pause the job.
type: boolean
template:
description: Template describes the pod that will be created when executing
a job.
type: object
required:
- template
type: object
status:
description: BroadcastJobStatus defines the observed state of BroadcastJob
properties:
active:
description: The number of actively running pods.
format: int32
type: integer
completionTime:
description: Represents time when the job was completed. It is not guaranteed
to be set in happens-before order across separate operations. It is
represented in RFC3339 form and is in UTC.
format: date-time
type: string
conditions:
description: The latest available observations of an object's current
state.
items:
description: JobCondition describes current state of a job.
properties:
lastProbeTime:
description: Last time the condition was checked.
format: date-time
type: string
lastTransitionTime:
description: Last time the condition transit from one status to
another.
format: date-time
type: string
message:
description: Human readable message indicating details about last
transition.
type: string
reason:
description: (brief) reason for the condition's last transition.
type: string
status:
description: Status of the condition, one of True, False, Unknown.
type: string
type:
description: Type of job condition, Complete or Failed.
type: string
required:
- status
- type
type: object
type: array
desired:
description: The desired number of pods, this is typically equal to
the number of nodes satisfied to run pods.
format: int32
type: integer
failed:
description: The number of pods which reached phase Failed.
format: int32
type: integer
phase:
description: The phase of the job.
type: string
startTime:
description: Represents time when the job was acknowledged by the job
controller. It is not guaranteed to be set in happens-before order
across separate operations. It is represented in RFC3339 form and
is in UTC.
format: date-time
type: string
succeeded:
description: The number of pods which reached phase Succeeded.
format: int32
type: integer
type: object
type: object
version: v1alpha1
versions:
- name: v1alpha1
served: true
storage: true
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []
This diff is collapsed.
---
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.2.9
creationTimestamp: null
name: daemonsets.apps.kruise.io
spec:
additionalPrinterColumns:
- JSONPath: .status.desiredNumberScheduled
description: The desired number of pods.
name: DesiredNumber
type: integer
- JSONPath: .status.currentNumberScheduled
description: The current number of pods.
name: CurrentNumber
type: integer
- JSONPath: .status.updatedNumberScheduled
description: The updated number of pods.
name: UpdatedNumberScheduled
type: integer
- JSONPath: .metadata.creationTimestamp
description: CreationTimestamp is a timestamp representing the server time when
this object was created. It is not guaranteed to be set in happens-before order
across separate operations. Clients may not set this value. It is represented
in RFC3339 form and is in UTC.
name: AGE
type: date
group: apps.kruise.io
names:
kind: DaemonSet
listKind: DaemonSetList
plural: daemonsets
shortNames:
- daemon
singular: daemonset
scope: Namespaced
subresources:
status: {}
validation:
openAPIV3Schema:
description: DaemonSet is the Schema for the daemonsets API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: DaemonSetSpec defines the desired state of DaemonSet
properties:
burstReplicas:
anyOf:
- type: integer
- type: string
description: BurstReplicas is a rate limiter for booting pods on a lot
of pods. The default value is 250
x-kubernetes-int-or-string: true
minReadySeconds:
description: The minimum number of seconds for which a newly created
DaemonSet pod should be ready without any of its container crashing,
for it to be considered available. Defaults to 0 (pod will be considered
available as soon as it is ready).
format: int32
type: integer
revisionHistoryLimit:
description: The number of old history to retain to allow rollback.
This is a pointer to distinguish between explicit zero and not specified.
Defaults to 10.
format: int32
type: integer
selector:
description: 'A label query over pods that are managed by the daemon
set. Must match in order to be controlled. It must match the pod template''s
labels. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#label-selectors'
properties:
matchExpressions:
description: matchExpressions is a list of label selector requirements.
The requirements are ANDed.
items:
description: A label selector requirement is a selector that contains
values, a key, and an operator that relates the key and values.
properties:
key:
description: key is the label key that the selector applies
to.
type: string
operator:
description: operator represents a key's relationship to a
set of values. Valid operators are In, NotIn, Exists and
DoesNotExist.
type: string
values:
description: values is an array of string values. If the operator
is In or NotIn, the values array must be non-empty. If the
operator is Exists or DoesNotExist, the values array must
be empty. This array is replaced during a strategic merge
patch.
items:
type: string
type: array
required:
- key
- operator
type: object
type: array
matchLabels:
additionalProperties:
type: string
description: matchLabels is a map of {key,value} pairs. A single
{key,value} in the matchLabels map is equivalent to an element
of matchExpressions, whose key field is "key", the operator is
"In", and the values array contains only "value". The requirements
are ANDed.
type: object
type: object
template:
description: 'An object that describes the pod that will be created.
The DaemonSet will create exactly one copy of this pod on every node
that matches the template''s node selector (or on every node if no
node selector is specified). More info: https://kubernetes.io/docs/concepts/workloads/controllers/replicationcontroller#pod-template'
type: object
updateStrategy:
description: An update strategy to replace existing DaemonSet pods with
new pods.
properties:
rollingUpdate:
description: Rolling update config params. Present only if type
= "RollingUpdate".
properties:
maxSurge:
anyOf:
- type: integer
- type: string
description: 'Only when type=SurgingRollingUpdateType, it works.
The maximum number of DaemonSet pods that can be scheduled
above the desired number of pods during the update. Value
can be an absolute number (ex: 5) or a percentage of the total
number of DaemonSet pods at the start of the update (ex: 10%).
The absolute number is calculated from the percentage by rounding
up. This cannot be 0. The default value is 1. Example: when
this is set to 30%, at most 30% of the total number of nodes
that should be running the daemon pod (i.e. status.desiredNumberScheduled)
can have 2 pods running at any given time. The update starts
by starting replacements for at most 30% of those DaemonSet
pods. Once the new pods are available it then stops the existing
pods before proceeding onto other DaemonSet pods, thus ensuring
that at most 130% of the desired final number of DaemonSet pods
are running at all times during the update.'
x-kubernetes-int-or-string: true
maxUnavailable:
anyOf:
- type: integer
- type: string
description: 'The maximum number of DaemonSet pods that can
be unavailable during the update. Value can be an absolute
number (ex: 5) or a percentage of total number of DaemonSet
pods at the start of the update (ex: 10%). Absolute number
is calculated from percentage by rounding up. This cannot
be 0. Default value is 1. Example: when this is set to 30%,
at most 30% of the total number of nodes that should be running
the daemon pod (i.e. status.desiredNumberScheduled) can have
their pods stopped for an update at any given time. The update
starts by stopping at most 30% of those DaemonSet pods and
then brings up new DaemonSet pods in their place. Once the
new pods are available, it then proceeds onto other DaemonSet
pods, thus ensuring that at least 70% of original number of
DaemonSet pods are available at all times during the update.'
x-kubernetes-int-or-string: true
partition:
description: The number of DaemonSet pods remained to be old
version. Default value is 0. Maximum value is status.DesiredNumberScheduled,
which means no pod will be updated.
format: int32
type: integer
paused:
description: Indicates that the daemon set is paused and will
not be processed by the daemon set controller.
type: boolean
rollingUpdateType:
description: Type is to specify which kind of rollingUpdate.
type: string
selector:
description: A label query over nodes that are managed by the
daemon set RollingUpdate. Must match in order to be controlled.
It must match the node's labels.
properties:
matchExpressions:
description: matchExpressions is a list of label selector
requirements. The requirements are ANDed.
items:
description: A label selector requirement is a selector
that contains values, a key, and an operator that relates
the key and values.
properties:
key:
description: key is the label key that the selector
applies to.
type: string
operator:
description: operator represents a key's relationship
to a set of values. Valid operators are In, NotIn,
Exists and DoesNotExist.
type: string
values:
description: values is an array of string values.
If the operator is In or NotIn, the values array
must be non-empty. If the operator is Exists or
DoesNotExist, the values array must be empty. This
array is replaced during a strategic merge patch.
items:
type: string
type: array
required:
- key
- operator
type: object
type: array
matchLabels:
additionalProperties:
type: string
description: matchLabels is a map of {key,value} pairs.
A single {key,value} in the matchLabels map is equivalent
to an element of matchExpressions, whose key field is
"key", the operator is "In", and the values array contains
only "value". The requirements are ANDed.
type: object
type: object
type: object
type:
description: Type of daemon set update. Can be "RollingUpdate" or
"OnDelete". Default is RollingUpdate.
type: string
type: object
required:
- selector
- template
type: object
status:
description: DaemonSetStatus defines the observed state of DaemonSet
properties:
collisionCount:
description: Count of hash collisions for the DaemonSet. The DaemonSet
controller uses this field as a collision avoidance mechanism when
it needs to create the name for the newest ControllerRevision.
format: int32
type: integer
conditions:
description: Represents the latest available observations of a DaemonSet's
current state.
items:
description: DaemonSetCondition describes the state of a DaemonSet
at a certain point.
properties:
lastTransitionTime:
description: Last time the condition transitioned from one status
to another.
format: date-time
type: string
message:
description: A human readable message indicating details about
the transition.
type: string
reason:
description: The reason for the condition's last transition.
type: string
status:
description: Status of the condition, one of True, False, Unknown.
type: string
type:
description: Type of DaemonSet condition.
type: string
required:
- status
- type
type: object
type: array
currentNumberScheduled:
description: 'The number of nodes that are running at least 1 daemon
pod and are supposed to run the daemon pod. More info: https://kubernetes.io/docs/concepts/workloads/controllers/daemonset/'
format: int32
type: integer
daemonSetHash:
description: DaemonSetHash is the controller-revision-hash, which represents
the latest version of the DaemonSet.
type: string
desiredNumberScheduled:
description: 'The total number of nodes that should be running the daemon
pod (including nodes correctly running the daemon pod). More info:
https://kubernetes.io/docs/concepts/workloads/controllers/daemonset/'
format: int32
type: integer
numberAvailable:
description: The number of nodes that should be running the daemon pod
and have one or more of the daemon pod running and available (ready
for at least spec.minReadySeconds)
format: int32
type: integer
numberMisscheduled:
description: 'The number of nodes that are running the daemon pod, but
are not supposed to run the daemon pod. More info: https://kubernetes.io/docs/concepts/workloads/controllers/daemonset/'
format: int32
type: integer
numberReady:
description: The number of nodes that should be running the daemon pod
and have one or more of the daemon pod running and ready.
format: int32
type: integer
numberUnavailable:
description: The number of nodes that should be running the daemon pod
and have none of the daemon pod running and available (ready for at
least spec.minReadySeconds)
format: int32
type: integer
observedGeneration:
description: The most recent generation observed by the daemon set controller.
format: int64
type: integer
updatedNumberScheduled:
description: The total number of nodes that are running updated daemon
pod
format: int32
type: integer
required:
- currentNumberScheduled
- daemonSetHash
- desiredNumberScheduled
- numberMisscheduled
- numberReady
- updatedNumberScheduled
type: object
type: object
version: v1alpha1
versions:
- name: v1alpha1
served: true
storage: true
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []
---
apiVersion: apiextensions.k8s.io/v1beta1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.2.9
creationTimestamp: null
name: sidecarsets.apps.kruise.io
spec:
additionalPrinterColumns:
- JSONPath: .status.matchedPods
description: The number of pods matched.
name: MATCHED
type: integer
- JSONPath: .status.updatedPods
description: The number of pods matched and updated.
name: UPDATED
type: integer
- JSONPath: .status.readyPods
description: The number of pods matched and ready.
name: READY
type: integer
- JSONPath: .metadata.creationTimestamp
description: CreationTimestamp is a timestamp representing the server time when
this object was created. It is not guaranteed to be set in happens-before order
across separate operations. Clients may not set this value. It is represented
in RFC3339 form and is in UTC.
name: AGE
type: date
group: apps.kruise.io
names:
kind: SidecarSet
listKind: SidecarSetList
plural: sidecarsets
singular: sidecarset
scope: Cluster
subresources:
status: {}
validation:
openAPIV3Schema:
description: SidecarSet is the Schema for the sidecarsets API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: SidecarSetSpec defines the desired state of SidecarSet
properties:
containers:
description: Containers is the list of sidecar containers to be injected
into the selected pod
items:
description: SidecarContainer defines the container of Sidecar
type: object
type: array
initContainers:
description: Containers is the list of init containers to be injected
into the selected pod We will inject those containers by their name
in ascending order We only inject init containers when a new pod is
created, it does not apply to any existing pod
items:
description: SidecarContainer defines the container of Sidecar
type: object
type: array
paused:
description: Paused indicates that the sidecarset is paused and will
not be processed by the sidecarset controller.
type: boolean
selector:
description: selector is a label query over pods that should be injected
properties:
matchExpressions:
description: matchExpressions is a list of label selector requirements.
The requirements are ANDed.
items:
description: A label selector requirement is a selector that contains
values, a key, and an operator that relates the key and values.
properties:
key:
description: key is the label key that the selector applies
to.
type: string
operator:
description: operator represents a key's relationship to a
set of values. Valid operators are In, NotIn, Exists and
DoesNotExist.
type: string
values:
description: values is an array of string values. If the operator
is In or NotIn, the values array must be non-empty. If the
operator is Exists or DoesNotExist, the values array must
be empty. This array is replaced during a strategic merge
patch.
items:
type: string
type: array
required:
- key
- operator
type: object
type: array
matchLabels:
additionalProperties:
type: string
description: matchLabels is a map of {key,value} pairs. A single
{key,value} in the matchLabels map is equivalent to an element
of matchExpressions, whose key field is "key", the operator is
"In", and the values array contains only "value". The requirements
are ANDed.
type: object
type: object
strategy:
description: The sidecarset strategy to use to replace existing pods
with new ones.
properties:
rollingUpdate:
description: RollingUpdateSidecarSet is used to communicate parameter
properties:
maxUnavailable:
anyOf:
- type: integer
- type: string
x-kubernetes-int-or-string: true
type: object
type: object
volumes:
description: List of volumes that can be mounted by sidecar containers
items:
description: Volume represents a named volume in a pod that may be
accessed by any container in the pod.
type: object
type: array
type: object
status:
description: SidecarSetStatus defines the observed state of SidecarSet
properties:
matchedPods:
description: matchedPods is the number of Pods whose labels are matched
with this SidecarSet's selector and are created after sidecarset creates
format: int32
type: integer
observedGeneration:
description: observedGeneration is the most recent generation observed
for this SidecarSet. It corresponds to the SidecarSet's generation,
which is updated on mutation by the API Server.
format: int64
type: integer
readyPods:
description: readyPods is the number of matched Pods that have a ready
condition
format: int32
type: integer
updatedPods:
description: updatedPods is the number of matched Pods that are injected
with the latest SidecarSet's containers
format: int32
type: integer
required:
- matchedPods
- readyPods
- updatedPods
type: object
type: object
version: v1alpha1
versions:
- name: v1alpha1
served: true
storage: true
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []
This diff is collapsed.
This diff is collapsed.
apiVersion: v1
kind: Namespace
metadata:
labels:
control-plane: controller-manager
name: kruise-system
---
apiVersion: v1
kind: Service
metadata:
name: kruise-webhook-service
namespace: kruise-system
spec:
ports:
- port: 443
targetPort: {{ .Values.manager.webhook.port }}
selector:
control-plane: controller-manager
---
apiVersion: v1
kind: Secret
metadata:
name: kruise-webhook-certs
namespace: kruise-system
---
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
control-plane: controller-manager
name: kruise-controller-manager
namespace: kruise-system
spec:
replicas: {{ .Values.manager.replicas }}
selector:
matchLabels:
control-plane: controller-manager
template:
metadata:
labels:
control-plane: controller-manager
spec:
containers:
- args:
- --enable-leader-election
- --metrics-addr={{ .Values.manager.metrics.addr }}:{{ .Values.manager.metrics.port }}
- --health-probe-addr=:{{ .Values.manager.healthProbe.port }}
- --logtostderr=true
- --v={{ .Values.manager.log.level }}
command:
- /manager
image: {{ .Values.manager.image.repository }}:{{.Values.manager.image.tag}}
imagePullPolicy: Always
name: manager
env:
- name: POD_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
- name: WEBHOOK_PORT
value: "{{ .Values.manager.webhook.port }}"
- name: CUSTOM_RESOURCE_ENABLE
value: {{ .Values.manager.custom_resource_enable }}
- name: WEBHOOK_CONFIGURATION_FAILURE_POLICY_PODS
value: {{ .Values.webhookConfiguration.failurePolicy.pods }}
ports:
- containerPort: {{ .Values.manager.webhook.port }}
name: webhook-server
protocol: TCP
- containerPort: {{ .Values.manager.metrics.port }}
name: metrics
protocol: TCP
- containerPort: {{ .Values.manager.healthProbe.port }}
name: health
protocol: TCP
readinessProbe:
httpGet:
path: readyz
port: {{ .Values.manager.healthProbe.port }}
resources:
{{- toYaml .Values.manager.resources | nindent 12 }}
terminationGracePeriodSeconds: 10
affinity:
podAntiAffinity:
preferredDuringSchedulingIgnoredDuringExecution:
- podAffinityTerm:
labelSelector:
matchExpressions:
- key: control-plane
operator: In
values:
- controller-manager
topologyKey: kubernetes.io/hostname
weight: 100
{{- with .Values.spec.nodeAffinity }}
nodeAffinity:
{{ toYaml . | indent 10 }}
{{- end }}
{{- if .Values.spec.nodeSelector }}
nodeSelector:
{{ toYaml .Values.spec.nodeSelector | indent 8 }}
{{- end }}
{{- if .Values.spec.tolerations }}
tolerations:
{{ toYaml .Values.spec.tolerations | indent 8 }}
{{- end }}
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
name: kruise-leader-election-role
namespace: kruise-system
rules:
- apiGroups:
- ""
resources:
- configmaps
verbs:
- get
- list
- watch
- create
- update
- patch
- delete
- apiGroups:
- ""
resources:
- configmaps/status
verbs:
- get
- update
- patch
- apiGroups:
- ""
resources:
- events
verbs:
- create
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
creationTimestamp: null
name: kruise-manager-role
rules:
- apiGroups:
- admissionregistration.k8s.io
resources:
- mutatingwebhookconfigurations
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- admissionregistration.k8s.io
resources:
- validatingwebhookconfigurations
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- apps
resources:
- controllerrevisions
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- apps
resources:
- statefulsets
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- apps
resources:
- statefulsets/status
verbs:
- get
- patch
- update
- apiGroups:
- apps.kruise.io
resources:
- broadcastjobs
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- apps.kruise.io
resources:
- broadcastjobs/status
verbs:
- get
- patch
- update
- apiGroups:
- apps.kruise.io
resources:
- clonesets
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- apps.kruise.io
resources:
- clonesets/status
verbs:
- get
- patch
- update
- apiGroups:
- apps.kruise.io
resources:
- daemonsets
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- apps.kruise.io
resources:
- daemonsets/status
verbs:
- get
- patch
- update
- apiGroups:
- apps.kruise.io
resources:
- sidecarsets
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- apps.kruise.io
resources:
- sidecarsets/status
verbs:
- get
- patch
- update
- apiGroups:
- apps.kruise.io
resources:
- statefulsets
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- apps.kruise.io
resources:
- statefulsets/status
verbs:
- get
- patch
- update
- apiGroups:
- apps.kruise.io
resources:
- uniteddeployments
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- apps.kruise.io
resources:
- uniteddeployments/status
verbs:
- get
- patch
- update
- apiGroups:
- ""
resources:
- events
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- ""
resources:
- nodes
verbs:
- get
- list
- watch
- apiGroups:
- ""
resources:
- persistentvolumeclaims
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- ""
resources:
- pods
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
- apiGroups:
- ""
resources:
- pods/status
verbs:
- get
- patch
- update
- apiGroups:
- ""
resources:
- secrets
verbs:
- create
- delete
- get
- list
- patch
- update
- watch
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
name: kruise-leader-election-rolebinding
namespace: kruise-system
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: kruise-leader-election-role
subjects:
- kind: ServiceAccount
name: default
namespace: kruise-system
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: kruise-manager-rolebinding
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: kruise-manager-role
subjects:
- kind: ServiceAccount
name: default
namespace: kruise-system
apiVersion: admissionregistration.k8s.io/v1beta1
kind: MutatingWebhookConfiguration
metadata:
creationTimestamp: null
name: kruise-mutating-webhook-configuration
annotations:
template: ""
webhooks:
- clientConfig:
caBundle: Cg==
service:
name: kruise-webhook-service
namespace: kruise-system
path: /mutate-apps-kruise-io-v1alpha1-sidecarset
failurePolicy: Fail
name: msidecarset.kb.io
rules:
- apiGroups:
- apps.kruise.io
apiVersions:
- v1alpha1
operations:
- CREATE
- UPDATE
resources:
- sidecarsets
- clientConfig:
caBundle: Cg==
service:
name: kruise-webhook-service
namespace: kruise-system
path: /mutate-pod
failurePolicy: {{ .Values.webhookConfiguration.failurePolicy.pods }}
name: mpod.kb.io
namespaceSelector:
matchExpressions:
- key: control-plane
operator: DoesNotExist
rules:
- apiGroups:
- ""
apiVersions:
- v1
operations:
- CREATE
resources:
- pods
- clientConfig:
caBundle: Cg==
service:
name: kruise-webhook-service
namespace: kruise-system
path: /mutate-apps-kruise-io-v1alpha1-broadcastjob
failurePolicy: Fail
name: mbroadcastjob.kb.io
rules:
- apiGroups:
- apps.kruise.io
apiVersions:
- v1alpha1
operations:
- CREATE
- UPDATE
resources:
- broadcastjobs
- clientConfig:
caBundle: Cg==
service:
name: kruise-webhook-service
namespace: kruise-system
path: /mutate-apps-kruise-io-v1alpha1-cloneset
failurePolicy: Fail
name: mcloneset.kb.io
rules:
- apiGroups:
- apps.kruise.io
apiVersions:
- v1alpha1
operations:
- CREATE
- UPDATE
resources:
- clonesets
- clientConfig:
caBundle: Cg==
service:
name: kruise-webhook-service
namespace: kruise-system
path: /mutate-apps-kruise-io-v1alpha1-daemonset
failurePolicy: Fail
name: mdaemonset.kb.io
rules:
- apiGroups:
- apps.kruise.io
apiVersions:
- v1alpha1
operations:
- CREATE
- UPDATE
resources:
- daemonsets
- clientConfig:
caBundle: Cg==
service:
name: kruise-webhook-service
namespace: kruise-system
path: /mutate-apps-kruise-io-v1alpha1-statefulset
failurePolicy: Fail
name: mstatefulset.kb.io
rules:
- apiGroups:
- apps.kruise.io
apiVersions:
- v1alpha1
operations:
- CREATE
- UPDATE
resources:
- statefulsets
- clientConfig:
caBundle: Cg==
service:
name: kruise-webhook-service
namespace: kruise-system
path: /mutate-apps-kruise-io-v1alpha1-uniteddeployment
failurePolicy: Fail
name: muniteddeployment.kb.io
rules:
- apiGroups:
- apps.kruise.io
apiVersions:
- v1alpha1
operations:
- CREATE
- UPDATE
resources:
- uniteddeployments
---
apiVersion: admissionregistration.k8s.io/v1beta1
kind: ValidatingWebhookConfiguration
metadata:
creationTimestamp: null
name: kruise-validating-webhook-configuration
annotations:
template: ""
webhooks:
- clientConfig:
caBundle: Cg==
service:
name: kruise-webhook-service
namespace: kruise-system
path: /validate-apps-kruise-io-v1alpha1-broadcastjob
failurePolicy: Fail
name: vbroadcastjob.kb.io
rules:
- apiGroups:
- apps.kruise.io
apiVersions:
- v1alpha1
operations:
- CREATE
- UPDATE
resources:
- broadcastjobs
- clientConfig:
caBundle: Cg==
service:
name: kruise-webhook-service
namespace: kruise-system
path: /validate-apps-kruise-io-v1alpha1-cloneset
failurePolicy: Fail
name: vcloneset.kb.io
rules:
- apiGroups:
- apps.kruise.io
apiVersions:
- v1alpha1
operations:
- CREATE
- UPDATE
resources:
- clonesets
- clientConfig:
caBundle: Cg==
service:
name: kruise-webhook-service
namespace: kruise-system
path: /validate-apps-kruise-io-v1alpha1-sidecarset
failurePolicy: Fail
name: vsidecarset.kb.io
rules:
- apiGroups:
- apps.kruise.io
apiVersions:
- v1alpha1
operations:
- CREATE
- UPDATE
resources:
- sidecarsets
- clientConfig:
caBundle: Cg==
service:
name: kruise-webhook-service
namespace: kruise-system
path: /validate-apps-kruise-io-v1alpha1-statefulset
failurePolicy: Fail
name: vstatefulset.kb.io
rules:
- apiGroups:
- apps.kruise.io
apiVersions:
- v1alpha1
operations:
- CREATE
- UPDATE
resources:
- statefulsets
- clientConfig:
caBundle: Cg==
service:
name: kruise-webhook-service
namespace: kruise-system
path: /validate-apps-kruise-io-v1alpha1-uniteddeployment
failurePolicy: Fail
name: vuniteddeployment.kb.io
rules:
- apiGroups:
- apps.kruise.io
apiVersions:
- v1alpha1
operations:
- CREATE
- UPDATE
resources:
- uniteddeployments
# Default values for kruise.
revisionHistoryLimit: 3
spec:
nodeAffinity: {}
nodeSelector: {}
tolerations: []
manager:
# settings for log print
log:
# log level for kruise-manager
level: "4"
replicas: 2
image:
repository: openkruise/kruise-manager
tag: v0.6.1
webhook:
port: 9876
# resources of kruise-manager container
resources:
limits:
cpu: 100m
memory: 256Mi
requests:
cpu: 100m
memory: 256Mi
metrics:
addr: 0.0.0.0
port: 8080
healthProbe:
port: 8000
custom_resource_enable:
webhookConfiguration:
failurePolicy:
pods: Ignore
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment