Skip to content

Instantly share code, notes, and snippets.

@kingdonb

kingdonb/gist:53011b38a7b488aa4b4cd803c32ca4a5

Created August 24, 2017 18:56
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save kingdonb/53011b38a7b488aa4b4cd803c32ca4a5 to your computer and use it in GitHub Desktop.
Save kingdonb/53011b38a7b488aa4b4cd803c32ca4a5 to your computer and use it in GitHub Desktop.
Download ZIP
problem building deis with helm on OpenShift
Raw
gistfile1.txt
[debug] Created tunnel using local port: '58829'
[debug] SERVER: "localhost:58829"
REVISION: 7
RELEASED: Thu Aug 24 14:54:57 2017
CHART: workflow-v2.17.0
USER-SUPPLIED VALUES:
{}
COMPUTED VALUES:
azure:
accountkey: YOUR ACCOUNT KEY
accountname: YOUR ACCOUNT NAME
builder_container: your-builder-container-name
database_container: your-database-container-name
registry_container: your-registry-container-name
builder:
docker_tag: v2.12.0
global:
database_location: on-cluster
experimental_native_ingress: false
grafana_location: on-cluster
host_port: 5555
influxdb_location: on-cluster
logger_redis_location: on-cluster
registry_location: on-cluster
secret_prefix: private-registry
storage: minio
use_rbac: true
org: deis
pull_policy: IfNotPresent
controller:
app_pull_policy: IfNotPresent
deploy_hook_urls: ""
docker_tag: v2.17.1
global:
database_location: on-cluster
experimental_native_ingress: false
grafana_location: on-cluster
host_port: 5555
influxdb_location: on-cluster
logger_redis_location: on-cluster
registry_location: on-cluster
secret_prefix: private-registry
storage: minio
use_rbac: true
k8s_api_verify_tls: "true"
org: deis
platform_domain: ""
pull_policy: IfNotPresent
registration_mode: admin_only
database:
docker_tag: v2.5.4
global:
database_location: on-cluster
experimental_native_ingress: false
grafana_location: on-cluster
host_port: 5555
influxdb_location: on-cluster
logger_redis_location: on-cluster
registry_location: on-cluster
secret_prefix: private-registry
storage: minio
use_rbac: true
org: deis
password: ""
postgres:
host: database host
name: database name
password: database password
port: database port
timeout: "1200"
username: database username
pull_policy: IfNotPresent
username: ""
dockerbuilder:
docker_tag: v2.7.3
global:
database_location: on-cluster
experimental_native_ingress: false
grafana_location: on-cluster
host_port: 5555
influxdb_location: on-cluster
logger_redis_location: on-cluster
registry_location: on-cluster
secret_prefix: private-registry
storage: minio
use_rbac: true
org: deis
pull_policy: IfNotPresent
fluentd:
boot:
install_build_tools: false
docker_tag: v2.10.0
global:
database_location: on-cluster
experimental_native_ingress: false
grafana_location: on-cluster
host_port: 5555
influxdb_location: on-cluster
logger_redis_location: on-cluster
registry_location: on-cluster
secret_prefix: private-registry
storage: minio
use_rbac: true
org: deis
output:
disable_deis: false
pull_policy: IfNotPresent
sources:
controller: false
docker: false
etcd: false
kube_api: false
kubelet: false
scheduler: false
start_script: false
syslog:
host: ""
port: ""
gcs:
builder_bucket: your-builder-bucket-name
database_bucket: your-database-bucket-name
key_json: <base64-encoded JSON data>
registry_bucket: your-registry-bucket-name
global:
database_location: on-cluster
experimental_native_ingress: false
grafana_location: on-cluster
host_port: 5555
influxdb_location: on-cluster
logger_redis_location: on-cluster
registry_location: on-cluster
secret_prefix: private-registry
storage: minio
use_rbac: true
logger:
docker_tag: v2.4.4
global:
database_location: on-cluster
experimental_native_ingress: false
grafana_location: on-cluster
host_port: 5555
influxdb_location: on-cluster
logger_redis_location: on-cluster
registry_location: on-cluster
secret_prefix: private-registry
storage: minio
use_rbac: true
org: deis
pull_policy: IfNotPresent
minio:
docker_tag: v2.3.6
global:
database_location: on-cluster
experimental_native_ingress: false
grafana_location: on-cluster
host_port: 5555
influxdb_location: on-cluster
logger_redis_location: on-cluster
registry_location: on-cluster
secret_prefix: private-registry
storage: minio
use_rbac: true
org: deis
pull_policy: IfNotPresent
monitor:
global:
database_location: on-cluster
experimental_native_ingress: false
grafana_location: on-cluster
host_port: 5555
influxdb_location: on-cluster
logger_redis_location: on-cluster
registry_location: on-cluster
secret_prefix: private-registry
storage: minio
use_rbac: true
grafana:
allow_sign_up: "true"
docker_tag: v2.10.1
global:
database_location: on-cluster
experimental_native_ingress: false
grafana_location: on-cluster
host_port: 5555
influxdb_location: on-cluster
logger_redis_location: on-cluster
registry_location: on-cluster
secret_prefix: private-registry
storage: minio
use_rbac: true
org: deis
password: admin
persistence:
accessMode: ReadWriteOnce
enabled: false
size: 5Gi
pull_policy: IfNotPresent
user: admin
influxdb:
database: kubernetes
docker_tag: v2.10.1
global:
database_location: on-cluster
experimental_native_ingress: false
grafana_location: on-cluster
host_port: 5555
influxdb_location: on-cluster
logger_redis_location: on-cluster
registry_location: on-cluster
secret_prefix: private-registry
storage: minio
use_rbac: true
org: deis
password: password
persistence:
accessMode: ReadWriteOnce
enabled: false
size: 20Gi
pull_policy: IfNotPresent
url: my.influx.url
user: user
telegraf:
docker_tag: v2.10.1
global:
database_location: on-cluster
experimental_native_ingress: false
grafana_location: on-cluster
host_port: 5555
influxdb_location: on-cluster
logger_redis_location: on-cluster
registry_location: on-cluster
secret_prefix: private-registry
storage: minio
use_rbac: true
org: deis
pull_policy: IfNotPresent
nsqd:
docker_tag: v2.2.8
global:
database_location: on-cluster
experimental_native_ingress: false
grafana_location: on-cluster
host_port: 5555
influxdb_location: on-cluster
logger_redis_location: on-cluster
registry_location: on-cluster
secret_prefix: private-registry
storage: minio
use_rbac: true
org: deis
pull_policy: IfNotPresent
redis:
db: "0"
docker_tag: v2.2.7
global:
database_location: on-cluster
experimental_native_ingress: false
grafana_location: on-cluster
host_port: 5555
influxdb_location: on-cluster
logger_redis_location: on-cluster
registry_location: on-cluster
secret_prefix: private-registry
storage: minio
use_rbac: true
host: redis host
org: deis
password: redis password
port: redis port
pull_policy: IfNotPresent
registry:
docker_tag: v2.4.2
global:
database_location: on-cluster
experimental_native_ingress: false
grafana_location: on-cluster
host_port: 5555
influxdb_location: on-cluster
logger_redis_location: on-cluster
registry_location: on-cluster
secret_prefix: private-registry
storage: minio
use_rbac: true
org: deis
pull_policy: IfNotPresent
registry-proxy:
docker_tag: v1.4.0
global:
database_location: on-cluster
experimental_native_ingress: false
grafana_location: on-cluster
host_port: 5555
influxdb_location: on-cluster
logger_redis_location: on-cluster
registry_location: on-cluster
secret_prefix: private-registry
storage: minio
use_rbac: true
limits_cpu: 100m
limits_memory: 50Mi
org: deis
pull_policy: IfNotPresent
registry-token-refresher:
docker_tag: v1.1.3
ecr:
accesskey: ""
hostname: ""
region: us-west-2
registryid: ""
secretkey: ""
gcr:
hostname: ""
key_json: <base64-encoded JSON data>
global:
database_location: on-cluster
experimental_native_ingress: false
grafana_location: on-cluster
host_port: 5555
influxdb_location: on-cluster
logger_redis_location: on-cluster
registry_location: on-cluster
secret_prefix: private-registry
storage: minio
use_rbac: true
off_cluster_registry:
hostname: ""
organization: ""
password: ""
username: ""
org: deis
pull_policy: IfNotPresent
token_refresh_time: ""
router:
deployment_annotations: null
dhparam: ""
docker_tag: v2.13.1
global:
database_location: on-cluster
experimental_native_ingress: false
grafana_location: on-cluster
host_port: 5555
influxdb_location: on-cluster
logger_redis_location: on-cluster
registry_location: on-cluster
secret_prefix: private-registry
storage: minio
use_rbac: true
host_port:
enabled: false
org: deis
platform_domain: ""
pull_policy: IfNotPresent
service_annotations: null
s3:
accesskey: ""
builder_bucket: your-builder-bucket-name
database_bucket: your-database-bucket-name
region: us-west-1
registry_bucket: your-registry-bucket-name
secretkey: ""
slugbuilder:
docker_tag: v2.5.0
global:
database_location: on-cluster
experimental_native_ingress: false
grafana_location: on-cluster
host_port: 5555
influxdb_location: on-cluster
logger_redis_location: on-cluster
registry_location: on-cluster
secret_prefix: private-registry
storage: minio
use_rbac: true
org: deis
pull_policy: IfNotPresent
slugrunner:
docker_tag: v2.4.0
global:
database_location: on-cluster
experimental_native_ingress: false
grafana_location: on-cluster
host_port: 5555
influxdb_location: on-cluster
logger_redis_location: on-cluster
registry_location: on-cluster
secret_prefix: private-registry
storage: minio
use_rbac: true
org: deis
swift:
authurl: Swift auth URL for obtaining an auth token
authversion: Your OpenStack swift auth version
builder_container: your-builder-container-name
database_container: your-database-container-name
password: Your OpenStack Swift Password
registry_container: your-registry-container-name
tenant: ""
username: Your OpenStack Swift Username
workflow-manager:
docker_tag: v2.5.1
doctor_api_url: https://doctor.deis.com
global:
database_location: on-cluster
experimental_native_ingress: false
grafana_location: on-cluster
host_port: 5555
influxdb_location: on-cluster
logger_redis_location: on-cluster
registry_location: on-cluster
secret_prefix: private-registry
storage: minio
use_rbac: true
org: deis
pull_policy: IfNotPresent
versions_api_url: https://versions.deis.com
HOOKS:
---
# builder-key-auth
apiVersion: v1
kind: Secret
metadata:
name: builder-key-auth
labels:
heritage: deis
annotations:
"helm.sh/hook": pre-install
type: Opaque
data:
builder-key: UEUxWTczNTdhZ2lyZHBLVzhINzVVWUpsQ0Nhc3dzMlhOc08zVkczeUluRFhVNnpDTTJadGZiY0dnTnFINGJQYQ==
---
# database-creds
apiVersion: v1
kind: Secret
metadata:
name: database-creds
labels:
app: deis-database
heritage: deis
annotations:
"helm.sh/hook": pre-install
data:
user: MDdzNmEyeDNYWVNHRHdtbFVPbWR2TEhyR1JNU3NaZWE=
password: Z0VXR3B6T3hEQU56akQ1YVJjN284SXpCMlY1YnljMzY=
---
# deploy-hook-key
apiVersion: v1
kind: Secret
metadata:
name: deploy-hook-key
labels:
heritage: deis
annotations:
"helm.sh/hook": pre-install
type: Opaque
data:
secret-key: WCheTC9cIFcvTzdxWTVvKDl6e1BhKk1OZj1VLlx2c1FfdXB8Rnk3K2tKWn1SeDsnfFQ5R2YqSVNuVzQvOzJ8TA==
---
# django-secret-key
apiVersion: v1
kind: Secret
metadata:
name: django-secret-key
labels:
heritage: deis
annotations:
"helm.sh/hook": pre-install
type: Opaque
data:
secret-key: a0EwMDE0aDJYQ0NSSm59YjNqPCgoZ3BoXjtTSSMvc2ExOWA4IEM0ZFlZPCsua1tOQFBaY0xdUiNGangmTU8kdg==
---
# builder-ssh-private-keys
apiVersion: v1
kind: Secret
metadata:
name: builder-ssh-private-keys
labels:
heritage: deis
annotations:
"helm.sh/hook": pre-install
type: Opaque
data:
ssh-host-rsa-key: "LS0tLS1CRUdJTiBSU0EgUFJJVkFURSBLRVktLS0tLQpNSUlKS0FJQkFBS0NBZ0VBb0R2TExXK0ZKcWJSNW82NTNGYUdodUZ3NVRFRWdJTlg3bUQ5S0pKQk9Nck4zU0lpCmNaRGxRNzlLNHhyQThMazUxTWxxdVJKd3hUajEwUG1CdXBGOGZlRlAveWdjQ1dHdjBFL2x1TjMwYUNNSllyNmoKV2g0NElZdTRpSkNmdkVVdUQxbjZ1Y1NhMjhGeTNIcGIycGpXVXMyMDJJdHYwQmZkRFlEOHRFR2owanpXeFdWWgppSXpFb0JJRlFjTk9UOFcvd3dCMGVVa2pVb24ydGxVYzdYRXBZYUlhWnNKNHQ2b2JoalZiOUJOYnBUcktXS05SCkxVWVhxbmRCQ3doSjkvbjJ2alRmTXpkRjBwZ2VkYVFycHhlTGdFUEtMbDhTQ1VkUkp2Q3VTcUpWNnlUaHRBNnUKdEw2UjdRWG4vOG83TklXd2IzVlE0NVVKNGViQkw4Y2lEbmorYjNZdWNoT3NSVDZPb0F0MkhyNzFzOTdJKzFXNApaUGtOMVV4WFhLNWUwekpSYUlSZTRUMGNOTnNMY3lOV3lEaUFZa3p3Q2xENnUvVXYvUHdLdzJDQ040Y2pKL0V1Ckl2TEoveUZMbzhTTXVqeWtDZ0lYMHZPbTd5Ym9yaEE0TzJ6UThtdGVUaVBWK0ZCRXpPY2cxMUtTNVQyR3hDMUcKS2FPdWU3cXA2MC9KTkhScWlMU2lkRWMxM2xQQ2JUTGtlcDVTc2l0L1ZWbXlyOEFpalVieEd1dEpwOW5KY1F6UwpQZWtRa1JlMEtOMmpJTGdFeVdzL2FpODlqTjJDNG9VVHcxaEFsT0o3SEx5YXlRTkRlRnIvK0tibGNGeHovRlJICjhNWGZ6MmVXekRiUXlSV1JFMDhZWUVqZ1ZiVUNaeGdxb09PU0pVZDhZQ3BTQndMQ3pKYXJveFBQb1NzQ0F3RUEKQVFLQ0FnQW1nOWpsdGYyeWVielFoNVFqWTJUNHZPM1BHWVkwZ2QyNy9mSThNMU9jSEJ0NXdQKzRmcFN0UVNqMgpCL05DcWJNOTg2QkVsaXNuTFBiaFlXZ09lWFFNS2dGNW1xR0ttOEdQOS9TSENFcjhVUmVyZFpsOFN2RkJGdjJuClRlUW5kQldMT1J5c1ZKYklwZW8vRnVaSFdCK0VUYy9ma1R5eUwxcENLYlFVZkFhdHZWUCtwTXJ0cUxDR3JXNDQKRFlNZ1o2OGRaMW1YNGIyczFGN0tHeEZWL2JKdHRuSlVLd0NyWFNjNmprN3BEMUlqR0V1VkhNU2hka3l2Ky9SVgplNHVVSUxCdnJmUE1zc2VFeEczbDV5MWEvNnpYaXZQcFM0N2hUaFF5b1AyMEVPdElGMWh0V0c0a0lmNmZrNkRkCmVqWGEvUnVZM3dFdmd4NlovMGFHZm40d0xtTXg5Qy8rWjZHVXdvbTVmWFhMYXRJT0s3NDdBeDc2YWszTUlsNFYKZWxwalF3SlErYkV3V2dPcjRnQXFPa3BnTXlVdWFQYzBHak5KVGs1eGZRajAyUmVKdlRFWWVxcmdxeFFHMVRmeApqUzBySVpWNmNMMG1SV0l4dk1iZ3dNZHVaT3FDRjQzVEIrTWFVYU95eUNURnFlNXBQMjlxcW5BNW1jenJnVVhYCk1CTHVGdXRKZmhpaE1nYmVCK2FMTTJ1TTRQZDZqbW1yenhDTkRpcWxkU0dadTU4d25WS29iVGk0VlJOMEdDWmoKVTZZRXNNTHc3WktQekFoak5nZmd3UjFqTFg5WGh4Vnp5NW81RnYyM1NCdjRkWTFiVks5MnpqeDFkOE1VaC83dgpFcGRTeGNNc3ova0JNZmVMV0dHMDBRQ2IzaWJ0VDNmWllhVktpNGR2UnhTcDVqbFNJUUtDQVFFQXc0TmdDV0VvCktMRlEzMGFGb3l2SHM4N0JlWVNyYm9GdVU2NDRuM1NBZWF4akZla0ZlWDBNTnhiaHp6T1ppeEZkQXVycWN6bTgKSUNXalk5SktGSmg5OGVuckpFYS9RK2VZYmliNTMrWFFHVUtvTG5abmtzQ3htM01wM3R6QzlON0E1NjJxS05MRgpleGxXN1ZDTWx1SXVvNnpvM050azhIVm93R1J3S1YxT2g1N3F6Rmd2ZHJrQ0VFQllRajhkdFZYQmxZT01WVWxoCnk0YVZKTEc1UlNXYXN2WndWT3hmQWlmY0RVNjdEOUhZakRObWVwUitTbWVsUkY2NFhWVk1DcExRKy9kS3FxN0wKK1ZNQ1VkUVlJQXNMeVpXd3VNS0dQS3ppWUE4bFc5cTlGS3hBZ1M1SnUzS0JkTWFtUjFVQytiOW5oenhUWldVegphbkkxWmxBYzhVYmVPd0tDQVFFQTBjNUd4OGRncitZTlFZMGJpMWZqNm13bUMyMWZ5SFg0Q2tvVFpONU53aUF2CjFISzgwYlg2QmFONDNSc3g5OHFlS0tGNUY5eFhZZHU2eEYzelFqQk9Jdk03N1R5LzhLZ1lNQlZrUFc5aFgvaFIKNFl4RzR2cmtyM29yK081b2ZRQnQxaTVJWlRHSzd0QTR1cGEzM05NWTQ0V0xwNXJTVVdKYzFhOWhhUHV1NXVnTQpsZm82Z0N6R2NVc3pjWWtoVzhkRldpa09lazQ2aGlncjhmY2RzMUpRVXczL1h4bk1xL3lneEJaTHNWdExpZVp6CjRhVFdidDRUTFI3S0ErUnNYbFBWSHBTc3VZQWk2b2VPcUtNWnVLbytVWWJqNGcvWWpQNGpaMUk3Nm9HN3hZT1YKeTlJdUtsb0h6TVVtcmxPeGQ1RVFYUzZwOUxVKzFtQ1JmaUtZOUlwcDBRS0NBUUFIdGpIZWpOZUJxMlRPT2NEaApxOE5ud3pyOGFSQTkvcHIwY0FYSnZGV285dlM5azRCa3gxcm8vVjBReUM5QlBnRVdNVi9vQlpuM0JxVUlOZTQ0Ckc3KzBBQThIVWtjUERaNkVrY0wvWXRndmR1S2RXb3hCVEpwMDBEa1JrbEdhU1FNQTRHZTZ6bjE5bW9WRVBRNGUKa1hOWGYyVjcrS2RsbUt2MkVzQWQwWkZjWmhkSzBodWxLaXo3cVI0U0Z0MDhIdExRNit4b0hNbmZ0a0pCdlVUYQpobDR3dXVtNVg4MXJqMWp0cVhKVmNHaUROeS9PbS9iVFJuMU5VaE1oazFDNWhncjZOVW5icTZOZUJUa3RNeGwwCmdoc0g2NENaK1FwRWNHbEpjcTk5alFZeVA0MFh5MVNiTVN3TUNCM2M2R3lDbjFzZENYTWNwNzQ4YjU3TmwxRmMKN3ZlckFvSUJBREVBdCtGemZPNjRrY0lNdmpFMmp3SXl6bFArOE04MlZuKzR1M3prdTA2ckMrRFlCNmdIaytUNwpRSUNNR0lpaXAzd2Y4dE9TNEVuMzgxQm9EU2daZGphTmp5S2kvTVd0elRCMTNwckd4L3lOV0RxUTlBR1J6aFg2Ck9Ba0ZUaHhjSEV0Wk5nbUVuOG1Wa3BwcUYzbVpTSWZqcWpHMFpJa2pxMEV4bkZQVDdRNzdoZTBGcStKQ0V2dGwKTUJmRmlxZ1FDKys2QlNxbDJOOTZ4SURZVWZTUE5qbWYzRlNQQnhIb2lIZ2tLUHU4c2hEOFpYWi9kS0lpZG1JawpmZFNZNW9MRm05SnZzVVFHWEtGZ2xmNW5VZHVpejdsbEF4YkswcTVqc1VzeGx0TDRDQzVpeEhyOWxWREpCR2RjCmFPTndvdE9sYXlnSWZTT3RyWWFPdVl5M2NmZ3oxL0VDZ2dFQkFLOEViSU4rZzZPNUFOVDFqTXFUUU91elgyRmgKRG9hY21YT0dYQXcxQVZSYkRucExmdGxqUTVDSExEbCtXR2Y4cG5BL204TisrNzZtbHI5Zk0wQ3UyblBzNDdZMgpBU2dkVFNOSy9XNHVnSHdUY1FwVWlkcTJtTEtwRlJJbXk4VUhLUGNMQ2JSQ2JtenUrK1VxT1Bmb1pKM05PaWJ2Cm9Ycy9lOFo3dVdjdWY2eFUzTUN3aUZHV0VPMHZveGdHdnEyeEpxNTc0ai9Xd0k5dVh1NUp0NjhWblBSdEc2d04KUG95U0JBYU1MTENXSHJvNyttZnRwNGZISDFLcHJaYk1BaHdRdjBDdHFSbnRyYnlEeWxoQnBETzUyQlZvWHpuOQp5bXdvZzRDV1ZrTExCVDZmand2bUluR3VkR2ppWUpFeE9YbnhCQWRkd0w4MGJHQkNVaTRiTlVTNm11az0KLS0tLS1FTkQgUlNBIFBSSVZBVEUgS0VZLS0tLS0K"
ssh-host-ecdsa-key: "LS0tLS1CRUdJTiBFQyBQUklWQVRFIEtFWS0tLS0tCk1IY0NBUUVFSURrYUcyd3NvZUJBY2VsM290TkFZc3FwSk5GcTJocldwUHQyVnl4dWdmalhvQW9HQ0NxR1NNNDkKQXdFSG9VUURRZ0FFd2RvTVpFYzZLaXIyc0gxVlZRWmxNeUs2RFA2MGxxTlJzUzJ5VnRyT0VId2cwK2l5UnZrYQpqSEswanFnNE9pVVVJeElSeFRXWlVHVnJiUDROKzBVTmJ3PT0KLS0tLS1FTkQgRUMgUFJJVkFURSBLRVktLS0tLQo="
---
# logger-redis-creds
apiVersion: v1
kind: Secret
metadata:
name: logger-redis-creds
labels:
app: deis-logger-redis
heritage: deis
annotations:
"helm.sh/hook": pre-install
data:
password: dWcxMGZFUndMS0JUaXJyZ1JLd0NrMjJYTFdWSEk2QXQ=
MANIFEST:
---
# Source: workflow/charts/minio/templates/minio-user-secret.yaml
apiVersion: v1
kind: Secret
metadata:
name: minio-user
labels:
heritage: deis
type: Opaque
data:
accesskey: OFRaUlkySlJXTVBUNlVNWFI2STU=
secretkey: Z2JzdHJPdm90TU1jZzJzTWZHVWhBNWE2RXQvRUk1QUx0SUhzb2JZaw==
---
# Source: workflow/charts/router/templates/router-dhparam-secret.yaml
apiVersion: v1
kind: Secret
metadata:
name: deis-router-dhparam
labels:
heritage: deis
type: Opaque
data:
dhparam: LS0tLS1CRUdJTiBESCBQQVJBTUVURVJTLS0tLS0KTUlJQkNBS0NBUUVBNGJPMlpCOTRYVVh3YjlSL0QxM0xFZ2d6V1U2Y0hZSXJzakdseVhUSkZHZmdsaFl5TUtnUQpKRXFsTjd5RWs0UUNVV25iTEtDU2F4anZCTVNqbWlTR3VvajNWRDlYRTVDaGx2SzlGQVp6alFGMFZ2VzdkNDJmCnNkNmlmcUYwSUV0R2lxWDRpTzhtWmhYZVJrc3BYekZXYkhyTklaanBCdmc5VDhmczY0ZCtDU2l2SXBqWWRVQ1UKQWRhNTViRDdLeWJkTWdJMFZza21jL3RpclN5SkIwZDVmUnYraG1vMW9pOG92Rm9vUFp2cS9HWGxPOHlRRzRZTgppWXdWYmU5c29wQ3lYNzEzaUtlM0pBQ29JWnUxZXgrRjVhbU53U3E3Rk9xb2JqK3Z2cURRM0Q2WEJaanczT3NuClFRWmVhTWYyMDVwOERWbFpWLzRqQUtQeEpUQkxyejh6c3dJQkFnPT0KLS0tLS1FTkQgREggUEFSQU1FVEVSUy0tLS0tCg==
---
# Source: workflow/templates/objectstorage-secret.yaml
apiVersion: v1
kind: Secret
metadata:
name: objectstorage-keyfile
labels:
heritage: deis
annotations:
deis.io/objectstorage: "minio"
type: Opaque
data:
accesskey: OFRaUlkySlJXTVBUNlVNWFI2STU=
secretkey: Z2JzdHJPdm90TU1jZzJzTWZHVWhBNWE2RXQvRUk1QUx0SUhzb2JZaw==
---
# Source: workflow/charts/dockerbuilder/templates/dockerbuilder-configmap.yaml
apiVersion: v1
kind: ConfigMap
metadata:
name: dockerbuilder-config
labels:
heritage: deis
data:
image: "quay.io/deis/dockerbuilder:v2.7.3"
pullpolicy: IfNotPresent
---
# Source: workflow/charts/slugbuilder/templates/slugbuilder-configmap.yaml
apiVersion: v1
kind: ConfigMap
metadata:
name: slugbuilder-config
labels:
heritage: deis
data:
image: "quay.io/deis/slugbuilder:v2.5.0"
pullpolicy: IfNotPresent
---
# Source: workflow/charts/slugrunner/templates/slugrunner-configmap.yaml
apiVersion: v1
kind: ConfigMap
metadata:
name: slugrunner-config
labels:
heritage: deis
data:
image: "quay.io/deis/slugrunner:v2.4.0"
---
# Source: workflow/charts/builder/templates/builder-service-account.yaml
apiVersion: v1
kind: ServiceAccount
metadata:
name: deis-builder
labels:
heritage: deis
---
# Source: workflow/charts/controller/templates/controller-service-account.yaml
apiVersion: v1
kind: ServiceAccount
metadata:
name: deis-controller
labels:
heritage: deis
---
# Source: workflow/charts/database/templates/database-service-account.yaml
apiVersion: v1
kind: ServiceAccount
metadata:
name: deis-database
labels:
heritage: deis
---
# Source: workflow/charts/fluentd/templates/logger-fluentd-service-account.yaml
apiVersion: v1
kind: ServiceAccount
metadata:
name: deis-logger-fluentd
labels:
heritage: deis
---
# Source: workflow/charts/logger/templates/logger-service-account.yaml
apiVersion: v1
kind: ServiceAccount
metadata:
name: deis-logger
labels:
heritage: deis
---
# Source: workflow/charts/minio/templates/minio-service-account.yaml
apiVersion: v1
kind: ServiceAccount
metadata:
name: deis-minio
labels:
heritage: deis
---
# Source: workflow/charts/monitor/charts/telegraf/templates/monitor-telegraf-service-account.yaml
apiVersion: v1
kind: ServiceAccount
metadata:
name: deis-monitor-telegraf
labels:
heritage: deis
---
# Source: workflow/charts/nsqd/templates/nsqd-service-account.yaml
apiVersion: v1
kind: ServiceAccount
metadata:
name: deis-nsqd
labels:
heritage: deis
---
# Source: workflow/charts/registry/templates/registry-service-account.yaml
apiVersion: v1
kind: ServiceAccount
metadata:
name: deis-registry
labels:
heritage: deis
---
# Source: workflow/charts/router/templates/router-service-account.yaml
apiVersion: v1
kind: ServiceAccount
metadata:
name: deis-router
labels:
heritage: deis
---
# Source: workflow/charts/workflow-manager/templates/workflow-manager-service-account.yaml
apiVersion: v1
kind: ServiceAccount
metadata:
name: deis-workflow-manager
labels:
heritage: deis
---
# Source: workflow/charts/builder/templates/builder-clusterrole.yaml
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1beta1
metadata:
name: deis:deis-builder
labels:
app: deis-builder
heritage: deis
rules:
- apiGroups: [""]
resources: ["namespaces"]
verbs: ["list"]
---
# Source: workflow/charts/controller/templates/controller-clusterrole.yaml
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1beta1
metadata:
name: deis:deis-controller
labels:
app: deis-controller
heritage: deis
rules:
- apiGroups: [""]
resources: ["namespaces"]
verbs: ["get", "list", "create", "delete"]
- apiGroups: [""]
resources: ["services"]
verbs: ["get", "list", "create", "update", "delete"]
- apiGroups: [""]
resources: ["nodes"]
verbs: ["get", "list"]
- apiGroups: [""]
resources: ["events"]
verbs: ["list", "create"]
- apiGroups: [""]
resources: ["secrets"]
verbs: ["list", "get", "create", "update", "delete"]
- apiGroups: [""]
resources: ["replicationcontrollers"]
verbs: ["get", "list", "create", "update", "delete"]
- apiGroups: [""]
resources: ["replicationcontrollers/scale"]
verbs: ["get", "update"]
- apiGroups: [""]
resources: ["pods/log"]
verbs: ["get"]
- apiGroups: [""]
resources: ["pods"]
verbs: ["get", "list", "delete"]
- apiGroups: [""]
resources: ["resourcequotas"]
verbs: ["get", "create"]
- apiGroups: ["extensions"]
resources: ["replicasets"]
verbs: ["get", "list", "delete", "update"]
- apiGroups: ["extensions", "apps"]
resources: ["deployments"]
verbs: ["get", "list", "create", "update", "delete"]
- apiGroups: ["extensions"]
resources: ["deployments/scale", "replicasets/scale"]
verbs: ["get", "update"]
- apiGroups: ["extensions", "autoscaling"]
resources: ["horizontalpodautoscalers"]
verbs: ["get", "list", "create", "update", "delete"]
---
# Source: workflow/charts/fluentd/templates/logger-fluentd-clusterrole.yaml
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1beta1
metadata:
name: deis:deis-logger-fluentd
labels:
app: deis-logger-fluentd
heritage: deis
rules:
- apiGroups: [""]
resources: ["pods"]
verbs: ["list", "get", "watch"]
---
# Source: workflow/charts/router/templates/router-clusterrole.yaml
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1beta1
metadata:
name: deis:deis-router
labels:
app: deis-router
heritage: deis
rules:
- apiGroups: [""]
resources: ["services"]
verbs: ["get", "list"]
- apiGroups: [""]
resources: ["secrets"]
verbs: ["get"]
- apiGroups: [""]
resources: ["endpoints"]
verbs: ["get"]
---
# Source: workflow/charts/builder/templates/builder-clusterrolebinding.yaml
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1beta1
metadata:
name: deis:deis-builder
labels:
app: deis-builder
heritage: deis
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: deis:deis-builder
subjects:
- kind: ServiceAccount
name: deis-builder
namespace: myproject
---
# Source: workflow/charts/controller/templates/controller-clusterrolebinding.yaml
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1beta1
metadata:
name: deis:deis-controller
labels:
app: deis-controller
heritage: deis
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: deis:deis-controller
subjects:
- kind: ServiceAccount
name: deis-controller
namespace: myproject
---
# Source: workflow/charts/fluentd/templates/logger-fluentd-clusterrolebinding.yaml
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1beta1
metadata:
name: deis:deis-logger-fluentd
labels:
app: deis-logger-fluentd
heritage: deis
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: deis:deis-logger-fluentd
subjects:
- kind: ServiceAccount
name: deis-logger-fluentd
namespace: myproject
---
# Source: workflow/charts/router/templates/router-clusterrolebinding.yaml
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1beta1
metadata:
name: deis:deis-router
labels:
app: deis-router
heritage: deis
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: deis:deis-router
subjects:
- kind: ServiceAccount
name: deis-router
namespace: myproject
---
# Source: workflow/charts/builder/templates/builder-role.yaml
kind: Role
apiVersion: rbac.authorization.k8s.io/v1beta1
metadata:
name: deis-builder
labels:
app: deis-builder
heritage: deis
rules:
- apiGroups: [""]
resources: ["secrets"]
verbs: ["create", "update", "delete"]
- apiGroups: [""]
resources: ["pods"]
verbs: ["create", "get", "watch", "list"]
- apiGroups: [""]
resources: ["pods/log"]
verbs: ["get"]
---
# Source: workflow/charts/monitor/charts/telegraf/templates/monitor-telegraf-role.yaml
kind: Role
apiVersion: rbac.authorization.k8s.io/v1beta1
metadata:
name: deis-monitor-telegraf
labels:
app: deis-monitor-telegraf
heritage: deis
rules:
- apiGroups: [""]
resources: ["pods"]
verbs: ["get"]
---
# Source: workflow/charts/router/templates/router-role.yaml
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: Role
metadata:
labels:
app: deis-router
heritage: deis
name: deis-router
rules:
- apiGroups: ["extensions", "apps"]
resources: ["deployments"]
verbs: ["get"]
---
# Source: workflow/charts/builder/templates/builder-rolebinding.yaml
kind: RoleBinding
apiVersion: rbac.authorization.k8s.io/v1beta1
metadata:
name: deis-builder
labels:
app: deis-builder
heritage: deis
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: deis-builder
subjects:
- kind: ServiceAccount
name: deis-builder
---
# Source: workflow/charts/monitor/charts/telegraf/templates/monitor-telegraf-rolebinding.yaml
kind: RoleBinding
apiVersion: rbac.authorization.k8s.io/v1beta1
metadata:
name: deis-monitor-telegraf
labels:
app: deis-monitor-telegraf
heritage: deis
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: deis-monitor-telegraf
subjects:
- kind: ServiceAccount
name: deis-monitor-telegraf
---
# Source: workflow/charts/router/templates/router-rolebinding.yaml
kind: RoleBinding
apiVersion: rbac.authorization.k8s.io/v1beta1
metadata:
name: deis-router
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: deis-router
subjects:
- kind: ServiceAccount
name: deis-router
namespace: myproject
---
# Source: workflow/charts/builder/templates/builder-service.yaml
apiVersion: v1
kind: Service
metadata:
name: deis-builder
labels:
heritage: deis
spec:
ports:
- name: ssh
port: 2222
targetPort: 2223
selector:
app: deis-builder
---
# Source: workflow/charts/controller/templates/controller-service.yaml
apiVersion: v1
kind: Service
metadata:
name: deis-controller
labels:
heritage: deis
router.deis.io/routable: "true"
annotations:
router.deis.io/domains: deis
router.deis.io/connectTimeout: "10"
router.deis.io/tcpTimeout: "1200"
spec:
ports:
- name: http
port: 80
targetPort: 8000
selector:
app: deis-controller
---
# Source: workflow/charts/database/templates/database-service.yaml
apiVersion: v1
kind: Service
metadata:
name: deis-database
labels:
heritage: deis
spec:
ports:
- name: postgres
port: 5432
selector:
app: deis-database
---
# Source: workflow/charts/logger/templates/logger-svc.yaml
apiVersion: v1
kind: Service
metadata:
name: deis-logger
labels:
heritage: deis
app: deis-logger
spec:
ports:
- port: 80
name: http
targetPort: http
selector:
app: deis-logger
---
# Source: workflow/charts/minio/templates/minio-service.yaml
apiVersion: v1
kind: Service
metadata:
name: deis-minio
labels:
heritage: deis
spec:
ports:
- name: s3
port: 9000
selector:
app: deis-minio
---
# Source: workflow/charts/monitor/charts/grafana/templates/monitor-grafana-svc.yaml
apiVersion: v1
kind: Service
metadata:
name: deis-monitor-grafana
labels:
heritage: deis
app: deis-monitor-grafana
router.deis.io/routable: "true"
annotations:
router.deis.io/domains: grafana
router.deis.io/connectTimeout: "10"
router.deis.io/tcpTimeout: "1200"
spec:
ports:
- port: 80
name: ui
targetPort: ui
selector:
app: deis-monitor-grafana
---
# Source: workflow/charts/monitor/charts/influxdb/templates/monitor-influxdb-api-svc.yaml
apiVersion: v1
kind: Service
metadata:
name: deis-monitor-influxapi
labels:
heritage: deis
app: deis-monitor-influxapi
router.deis.io/routable: "true"
annotations:
router.deis.io/domains: influxapi
router.deis.io/connectTimeout: "10"
router.deis.io/tcpTimeout: "1200"
spec:
ports:
- port: 80
name: transport
targetPort: transport
selector:
app: deis-monitor-influxdb
---
# Source: workflow/charts/monitor/charts/influxdb/templates/monitor-influxdb-ui-svc.yaml
apiVersion: v1
kind: Service
metadata:
name: deis-monitor-influxui
labels:
heritage: deis
app: deis-monitor-influxui
router.deis.io/routable: "true"
annotations:
router.deis.io/domains: influx
router.deis.io/connectTimeout: "10"
router.deis.io/tcpTimeout: "1200"
spec:
ports:
- port: 80
name: admin
targetPort: admin
selector:
app: deis-monitor-influxdb
---
# Source: workflow/charts/nsqd/templates/nsqd-svc.yaml
apiVersion: v1
kind: Service
metadata:
name: deis-nsqd
labels:
heritage: deis
app: deis-nsqd
spec:
ports:
- port: 4151
name: http
targetPort: http
- port: 4150
name: transport
targetPort: transport
selector:
app: deis-nsqd
---
# Source: workflow/charts/redis/templates/logger-redis-service.yaml
apiVersion: v1
kind: Service
metadata:
name: deis-logger-redis
labels:
heritage: helm
spec:
selector:
app: deis-logger-redis
ports:
- port: 6379
---
# Source: workflow/charts/registry/templates/registry-service.yaml
apiVersion: v1
kind: Service
metadata:
name: deis-registry
labels:
heritage: deis
spec:
ports:
- name: http
port: 80
targetPort: 5000
selector:
app: deis-registry
sessionAffinity: ClientIP
---
# Source: workflow/charts/router/templates/router-service.yaml
apiVersion: v1
kind: Service
metadata:
name: deis-router
annotations:
service.beta.kubernetes.io/aws-load-balancer-connection-idle-timeout: "1200"
labels:
heritage: deis
spec:
type: LoadBalancer
selector:
app: deis-router
ports:
- name: http
port: 80
targetPort: 8080
- name: https
port: 443
targetPort: 6443
- name: builder
port: 2222
targetPort: 2222
- name: healthz
port: 9090
targetPort: 9090
---
# Source: workflow/charts/workflow-manager/templates/workflow-manager-service.yaml
apiVersion: v1
kind: Service
metadata:
name: deis-workflow-manager
labels:
heritage: deis
router.deis.io/routable: "true"
annotations:
router.deis.io/domains: deis-workflow-manager
spec:
selector:
app: deis-workflow-manager
ports:
- name: http
port: 80
targetPort: 8080
---
# Source: workflow/charts/fluentd/templates/logger-fluentd-daemon.yaml
apiVersion: extensions/v1beta1
kind: DaemonSet
metadata:
name: deis-logger-fluentd
labels:
heritage: deis
annotations:
component.deis.io/version: v2.10.0
spec:
updateStrategy:
type: RollingUpdate
selector:
matchLabels:
app: deis-logger-fluentd
heritage: deis
template:
metadata:
name: deis-logger-fluentd
labels:
heritage: deis
app: deis-logger-fluentd
spec:
serviceAccount: deis-logger-fluentd
containers:
- name: deis-logger-fluentd
image: quay.io/deis/fluentd:v2.10.0
imagePullPolicy: IfNotPresent
env:
volumeMounts:
- name: varlog
mountPath: /var/log
- name: varlibdockercontainers
mountPath: /var/lib/docker/containers
readOnly: true
volumes:
- name: varlog
hostPath:
path: /var/log
- name: varlibdockercontainers
hostPath:
path: /var/lib/docker/containers
---
# Source: workflow/charts/monitor/charts/telegraf/templates/monitor-telegraf-daemon.yaml
apiVersion: extensions/v1beta1
kind: DaemonSet
metadata:
name: deis-monitor-telegraf
labels:
heritage: deis
annotations:
component.deis.io/version: v2.10.1
spec:
updateStrategy:
type: RollingUpdate
template:
metadata:
labels:
app: deis-monitor-telegraf
spec:
serviceAccount: deis-monitor-telegraf
containers:
- name: deis-monitor-telegraf
image: quay.io/deis/telegraf:v2.10.1
imagePullPolicy: IfNotPresent
env:
- name: POD_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
- name: "INFLUXDB_URLS"
value: "\"http://$(DEIS_MONITOR_INFLUXAPI_SERVICE_HOST):$(DEIS_MONITOR_INFLUXAPI_SERVICE_PORT_TRANSPORT)\""
- name: "INFLUXDB_INPUT_URLS"
value: "\"http://$(DEIS_MONITOR_INFLUXAPI_SERVICE_HOST):$(DEIS_MONITOR_INFLUXAPI_SERVICE_PORT_TRANSPORT)/debug/vars\""
- name: "ENABLE_INFLUXDB_INPUT"
value: "true"
- name: "HOST_PROC"
value: "/rootfs/proc"
- name: "HOST_SYS"
value: "/rootfs/sys"
- name: "AGENT_QUIET"
value: "true"
- name: "AGENT_BUFFER_LIMIT"
value: "100000"
- name: "ENABLE_KUBERNETES"
value: "true"
- name: "NSQ_CONSUMER_SERVER"
value: "$(DEIS_NSQD_SERVICE_HOST):$(DEIS_NSQD_SERVICE_PORT_TRANSPORT)"
- name: "NSQ_CONSUMER_TOPIC"
value: "metrics"
- name: "NSQ_ENDPOINTS"
value: "\"http://$(DEIS_NSQD_SERVICE_HOST):$(DEIS_NSQD_SERVICE_PORT_HTTP)\""
- name: DEIS_LOGGER_REDIS_PASSWORD
valueFrom:
secretKeyRef:
name: logger-redis-creds
key: password
- name: "REDIS_SERVERS"
value: "\"tcp://:$(DEIS_LOGGER_REDIS_PASSWORD)@$(DEIS_LOGGER_REDIS_SERVICE_HOST):$(DEIS_LOGGER_REDIS_SERVICE_PORT)\""
volumeMounts:
- mountPath: /var/run/docker.sock
name: docker-socket
- name: sysro
mountPath: /rootfs/sys
readOnly: true
- name: procro
mountPath: /rootfs/proc
readOnly: true
- name: varrunutmpro
mountPath: /var/run/utmp
readOnly: true
- name: logger-redis-creds
mountPath: /var/run/secrets/deis/redis/creds
volumes:
- name: docker-socket
hostPath:
path: /var/run/docker.sock
- name: sysro
hostPath:
path: /sys
- name: procro
hostPath:
path: /proc
- name: varrunutmpro
hostPath:
path: /var/run/utmp
- name: logger-redis-creds
secret:
secretName: logger-redis-creds
---
# Source: workflow/charts/registry-proxy/templates/registry-proxy-daemon.yaml
apiVersion: extensions/v1beta1
kind: DaemonSet
metadata:
name: deis-registry-proxy
labels:
heritage: deis
annotations:
component.deis.io/version: v1.4.0
spec:
updateStrategy:
type: RollingUpdate
selector:
matchLabels:
app: deis-registry-proxy
heritage: deis
template:
metadata:
name: deis-registry-proxy
labels:
heritage: deis
app: deis-registry-proxy
spec:
containers:
- name: deis-registry-proxy
image: quay.io/deis/registry-proxy:v1.4.0
imagePullPolicy: IfNotPresent
resources:
limits:
cpu: 100m
memory: 50Mi
env:
- name: REGISTRY_HOST
value: $(DEIS_REGISTRY_SERVICE_HOST)
- name: REGISTRY_PORT
value: $(DEIS_REGISTRY_SERVICE_PORT)
- name: BIND_ADDR
value: "80"
ports:
- containerPort: 80
hostPort: 5555
---
# Source: workflow/charts/builder/templates/builder-deployment.yaml
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: deis-builder
labels:
heritage: deis
annotations:
component.deis.io/version: v2.12.0
spec:
replicas: 1
strategy:
rollingUpdate:
maxSurge: 1
maxUnavailable: 0
type: RollingUpdate
selector:
matchLabels:
app: deis-builder
template:
metadata:
labels:
app: deis-builder
spec:
serviceAccount: deis-builder
containers:
- name: deis-builder
image: quay.io/deis/builder:v2.12.0
imagePullPolicy: IfNotPresent
ports:
- containerPort: 2223
name: ssh
- containerPort: 8092
name: healthsrv
env:
# NOTE(bacongobbler): use deis/registry_proxy to work around Docker --insecure-registry requirements
- name: "DEIS_REGISTRY_SERVICE_HOST"
value: "127.0.0.1"
- name: "DEIS_REGISTRY_SERVICE_PORT"
value: "5555"
- name: "HEALTH_SERVER_PORT"
value: "8092"
- name: "EXTERNAL_PORT"
value: "2223"
- name: BUILDER_STORAGE
value: "minio"
- name: "DEIS_REGISTRY_LOCATION"
value: "on-cluster"
- name: "DEIS_REGISTRY_SECRET_PREFIX"
value: "private-registry"
# Set GIT_LOCK_TIMEOUT to number of minutes you want to wait to git push again to the same repository
- name: "GIT_LOCK_TIMEOUT"
value: "10"
- name: "SLUGBUILDER_IMAGE_NAME"
valueFrom:
configMapKeyRef:
name: slugbuilder-config
key: image
- name: SLUG_BUILDER_IMAGE_PULL_POLICY
valueFrom:
configMapKeyRef:
name: slugbuilder-config
key: pullpolicy
- name: "DOCKERBUILDER_IMAGE_NAME"
valueFrom:
configMapKeyRef:
name: dockerbuilder-config
key: image
- name: DOCKER_BUILDER_IMAGE_PULL_POLICY
valueFrom:
configMapKeyRef:
name: dockerbuilder-config
key: pullpolicy
# This var needs to be passed so that the minio client (https://github.com/minio/mc) will work in Alpine linux
- name: "DOCKERIMAGE"
value: "1"
- name: "DEIS_DEBUG"
value: "false"
- name: "POD_NAMESPACE"
valueFrom:
fieldRef:
fieldPath: metadata.namespace
- name: DEIS_BUILDER_KEY
valueFrom:
secretKeyRef:
name: builder-key-auth
key: builder-key
livenessProbe:
httpGet:
path: /healthz
port: 8092
initialDelaySeconds: 30
timeoutSeconds: 1
readinessProbe:
httpGet:
path: /readiness
port: 8092
initialDelaySeconds: 30
timeoutSeconds: 1
volumeMounts:
- name: builder-key-auth
mountPath: /var/run/secrets/api/auth
readOnly: true
- name: builder-ssh-private-keys
mountPath: /var/run/secrets/deis/builder/ssh
readOnly: true
- name: objectstore-creds
mountPath: /var/run/secrets/deis/objectstore/creds
readOnly: true
volumes:
- name: builder-key-auth
secret:
secretName: builder-key-auth
- name: builder-ssh-private-keys
secret:
secretName: builder-ssh-private-keys
- name: objectstore-creds
secret:
secretName: objectstorage-keyfile
---
# Source: workflow/charts/controller/templates/controller-deployment.yaml
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: deis-controller
labels:
heritage: deis
annotations:
component.deis.io/version: v2.17.1
spec:
replicas: 1
strategy:
rollingUpdate:
maxSurge: 1
maxUnavailable: 0
type: RollingUpdate
selector:
matchLabels:
app: deis-controller
template:
metadata:
labels:
app: deis-controller
spec:
serviceAccount: deis-controller
containers:
- name: deis-controller
image: quay.io/deis/controller:v2.17.1
imagePullPolicy: IfNotPresent
livenessProbe:
httpGet:
path: /healthz
port: 8000
initialDelaySeconds: 30
timeoutSeconds: 10
readinessProbe:
httpGet:
path: /readiness
port: 8000
initialDelaySeconds: 30
timeoutSeconds: 10
periodSeconds: 5
ports:
- containerPort: 8000
name: http
env:
- name: REGISTRATION_MODE
value: admin_only
# NOTE(bacongobbler): use deis/registry_proxy to work around Docker --insecure-registry requirements
- name: "DEIS_REGISTRY_SERVICE_HOST"
value: "127.0.0.1"
# Environmental variable value for $EXPERIMENTAL_NATIVE_INGRESS
- name: "EXPERIMENTAL_NATIVE_INGRESS"
value: "false"
- name: "EXPERIMENTAL_NATIVE_INGRESS_HOSTNAME"
value: ""
- name: "K8S_API_VERIFY_TLS"
value: "true"
- name: "DEIS_REGISTRY_SERVICE_PORT"
value: "5555"
- name: "APP_STORAGE"
value: "minio"
- name: "DEIS_REGISTRY_LOCATION"
value: "on-cluster"
- name: "DEIS_REGISTRY_SECRET_PREFIX"
value: "private-registry"
- name: "SLUGRUNNER_IMAGE_NAME"
valueFrom:
configMapKeyRef:
name: slugrunner-config
key: image
- name: "IMAGE_PULL_POLICY"
value: "IfNotPresent"
- name: "TZ"
value: "UTC"
- name: DEIS_SECRET_KEY
valueFrom:
secretKeyRef:
name: django-secret-key
key: secret-key
- name: DEIS_BUILDER_KEY
valueFrom:
secretKeyRef:
name: builder-key-auth
key: builder-key
- name: DEIS_DATABASE_USER
valueFrom:
secretKeyRef:
name: database-creds
key: user
- name: DEIS_DATABASE_PASSWORD
valueFrom:
secretKeyRef:
name: database-creds
key: password
- name: RESERVED_NAMES
value: "deis, deis-builder, deis-workflow-manager, grafana"
- name: WORKFLOW_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
volumeMounts:
- mountPath: /var/run/docker.sock
name: docker-socket
volumes:
- name: docker-socket
hostPath:
path: /var/run/docker.sock
---
# Source: workflow/charts/database/templates/database-deployment.yaml
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: deis-database
labels:
heritage: deis
annotations:
component.deis.io/version: v2.5.4
spec:
replicas: 1
strategy:
type: Recreate
selector:
matchLabels:
app: deis-database
template:
metadata:
labels:
app: deis-database
spec:
serviceAccount: deis-database
containers:
- name: deis-database
image: quay.io/deis/postgres:v2.5.4
imagePullPolicy: IfNotPresent
ports:
- containerPort: 5432
env:
- name: DATABASE_STORAGE
value: "minio"
- name: PGCTLTIMEOUT
value: "1200"
lifecycle:
preStop:
exec:
command:
- gosu
- postgres
- do_backup
readinessProbe:
exec:
command:
- is_running
initialDelaySeconds: 30
timeoutSeconds: 1
volumeMounts:
- name: database-creds
mountPath: /var/run/secrets/deis/database/creds
- name: objectstore-creds
mountPath: /var/run/secrets/deis/objectstore/creds
volumes:
- name: database-creds
secret:
secretName: database-creds
- name: objectstore-creds
secret:
secretName: objectstorage-keyfile
---
# Source: workflow/charts/logger/templates/logger-deployment.yaml
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: deis-logger
labels:
heritage: deis
annotations:
component.deis.io/version: v2.4.4
spec:
replicas: 1
strategy:
rollingUpdate:
maxSurge: 1
maxUnavailable: 0
type: RollingUpdate
selector:
matchLabels:
app: deis-logger
template:
metadata:
labels:
app: deis-logger
spec:
containers:
- name: deis-logger
image: quay.io/deis/logger:v2.4.4
imagePullPolicy: IfNotPresent
env:
- name: STORAGE_ADAPTER
value: redis
- name: DEIS_LOGGER_REDIS_PASSWORD
valueFrom:
secretKeyRef:
name: logger-redis-creds
key: password
ports:
- containerPort: 8088
name: http
livenessProbe:
httpGet:
path: /healthz
port: 8088
initialDelaySeconds: 1
timeoutSeconds: 1
readinessProbe:
httpGet:
path: /healthz
port: 8088
initialDelaySeconds: 1
timeoutSeconds: 1
---
# Source: workflow/charts/minio/templates/minio-deployment.yaml
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: deis-minio
labels:
heritage: deis
annotations:
component.deis.io/version: v2.3.6
spec:
replicas: 1
strategy:
type: Recreate
selector:
matchLabels:
app: deis-minio
template:
metadata:
labels:
app: deis-minio
spec:
serviceAccount: deis-minio
containers:
- name: deis-minio
image: quay.io/deis/minio:v2.3.6
imagePullPolicy: IfNotPresent
env:
- name: HEALTH_SERVER_PORT
value: "8082"
ports:
- containerPort: 9000
- containerPort: 8082
livenessProbe:
httpGet:
path: /healthz
port: 8082
initialDelaySeconds: 30
timeoutSeconds: 1
readinessProbe:
httpGet:
path: /healthz
port: 8082
initialDelaySeconds: 30
timeoutSeconds: 1
command:
- boot
args:
- "server /home/minio/"
volumeMounts:
- name: minio-user
mountPath: /var/run/secrets/deis/minio/user
readOnly: true
volumes:
- name: minio-user
secret:
secretName: minio-user
---
# Source: workflow/charts/monitor/charts/grafana/templates/monitor-grafana-deployment.yaml
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: deis-monitor-grafana
labels:
heritage: deis
annotations:
component.deis.io/version: v2.10.1
spec:
replicas: 1
strategy:
rollingUpdate:
maxSurge: 1
maxUnavailable: 0
type: RollingUpdate
selector:
matchLabels:
app: deis-monitor-grafana
template:
metadata:
labels:
app: deis-monitor-grafana
spec:
containers:
- name: deis-monitor-grafana
image: quay.io/deis/grafana:v2.10.1
imagePullPolicy: IfNotPresent
env:
- name: "INFLUXDB_URLS"
value: http://$(DEIS_MONITOR_INFLUXAPI_SERVICE_HOST):$(DEIS_MONITOR_INFLUXAPI_SERVICE_PORT_TRANSPORT)
- name: "BIND_PORT"
value: "3500"
- name: "DEFAULT_USER"
value: admin
- name: "DEFAULT_USER_PASSWORD"
value: admin
- name: "ALLOW_SIGN_UP"
value: "true"
ports:
- containerPort: 3500
name: ui
---
# Source: workflow/charts/monitor/charts/influxdb/templates/monitor-influxdb-deployment.yaml
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: deis-monitor-influxdb
labels:
heritage: deis
annotations:
component.deis.io/version: v2.10.1
spec:
replicas: 1
strategy:
type: Recreate
selector:
matchLabels:
app: deis-monitor-influxdb
template:
metadata:
labels:
app: deis-monitor-influxdb
spec:
containers:
- name: deis-monitor-influxdb
image: quay.io/deis/influxdb:v2.10.1
imagePullPolicy: IfNotPresent
ports:
- containerPort: 8083
name: admin
- containerPort: 8086
name: transport
protocol: TCP
- containerPort: 8084
name: ssltransport
protocol: TCP
livenessProbe:
httpGet:
path: /ping
port: 8086
initialDelaySeconds: 1
timeoutSeconds: 1
readinessProbe:
httpGet:
path: /ping
port: 8086
initialDelaySeconds: 1
timeoutSeconds: 1
---
# Source: workflow/charts/nsqd/templates/nsqd-deployment.yaml
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: deis-nsqd
labels:
heritage: deis
annotations:
component.deis.io/version: v2.2.8
spec:
replicas: 1
strategy:
type: Recreate
selector:
matchLabels:
app: deis-nsqd
template:
metadata:
labels:
app: deis-nsqd
spec:
serviceAccount: deis-nsqd
containers:
- name: deis-nsqd
image: quay.io/deis/nsq:v2.2.8
imagePullPolicy: IfNotPresent
command:
- /opt/nsq/bin/start-nsqd
ports:
- containerPort: 4151
name: http
protocol: TCP
- containerPort: 4150
name: transport
protocol: TCP
livenessProbe:
httpGet:
path: /ping
port: 4151
initialDelaySeconds: 5
timeoutSeconds: 1
readinessProbe:
httpGet:
path: /ping
port: 4151
initialDelaySeconds: 5
timeoutSeconds: 1
env:
- name: POD_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
---
# Source: workflow/charts/redis/templates/logger-redis-deployment.yaml
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: deis-logger-redis
labels:
heritage: deis
annotations:
component.deis.io/version: v2.2.7
spec:
replicas: 1
strategy:
type: Recreate
selector:
matchLabels:
app: deis-logger-redis
template:
metadata:
labels:
app: deis-logger-redis
spec:
containers:
- name: deis-logger-redis
image: quay.io/deis/redis:v2.2.7
imagePullPolicy: IfNotPresent
ports:
- containerPort: 6379
volumeMounts:
- name: logger-redis-creds
mountPath: /var/run/secrets/deis/redis/creds
volumes:
- name: logger-redis-creds
secret:
secretName: logger-redis-creds
---
# Source: workflow/charts/registry/templates/registry-deployment.yaml
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: deis-registry
labels:
heritage: deis
annotations:
component.deis.io/version: v2.4.2
spec:
replicas: 1
strategy:
rollingUpdate:
maxSurge: 1
maxUnavailable: 0
type: RollingUpdate
selector:
matchLabels:
app: deis-registry
template:
metadata:
labels:
app: deis-registry
spec:
serviceAccount: deis-registry
containers:
- name: deis-registry
image: quay.io/deis/registry:v2.4.2
imagePullPolicy: IfNotPresent
livenessProbe:
httpGet:
path: /v2/
port: 5000
initialDelaySeconds: 1
timeoutSeconds: 1
readinessProbe:
httpGet:
path: /v2/
port: 5000
initialDelaySeconds: 1
timeoutSeconds: 1
env:
- name: REGISTRY_STORAGE_DELETE_ENABLED
value: "true"
- name: REGISTRY_LOG_LEVEL
value: info
- name: REGISTRY_STORAGE
value: "minio"
ports:
- containerPort: 5000
volumeMounts:
- name: registry-storage
mountPath: /var/lib/registry
- name: objectstorage-creds
mountPath: /var/run/secrets/deis/registry/creds
volumes:
- name: registry-storage
emptyDir: {}
- name: objectstorage-creds
secret:
secretName: objectstorage-keyfile
---
# Source: workflow/charts/router/templates/router-deployment.yaml
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: deis-router
labels:
heritage: deis
annotations:
component.deis.io/version: v2.13.1
spec:
replicas: 1
strategy:
rollingUpdate:
maxSurge: 1
maxUnavailable: 0
type: RollingUpdate
selector:
matchLabels:
app: deis-router
template:
metadata:
labels:
app: deis-router
spec:
serviceAccount: deis-router
containers:
- name: deis-router
image: quay.io/deis/router:v2.13.1
imagePullPolicy: IfNotPresent
env:
- name: POD_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
ports:
- containerPort: 8080
- containerPort: 6443
- containerPort: 2222
- containerPort: 9090
livenessProbe:
httpGet:
path: /healthz
port: 9090
initialDelaySeconds: 10
timeoutSeconds: 1
readinessProbe:
httpGet:
path: /healthz
port: 9090
initialDelaySeconds: 1
timeoutSeconds: 1
---
# Source: workflow/charts/workflow-manager/templates/workflow-manager-deployment.yaml
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: deis-workflow-manager
labels:
heritage: deis
annotations:
component.deis.io/version: v2.5.1
spec:
replicas: 1
strategy:
rollingUpdate:
maxSurge: 1
maxUnavailable: 0
type: RollingUpdate
selector:
matchLabels:
app: deis-workflow-manager
template:
metadata:
labels:
app: deis-workflow-manager
spec:
serviceAccount: deis-workflow-manager
containers:
- name: deis-workflow-manager
image: quay.io/deis/workflow-manager:v2.5.1
imagePullPolicy: IfNotPresent
env:
- name: POD_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
- name: PORT
value: "8080"
- name: VERSIONS_API_URL
value: https://versions.deis.com
- name: DOCTOR_API_URL
value: https://doctor.deis.com
- name: POLL_INTERVAL_SEC
value: "43200"
- name: CHECK_VERSIONS
value: "true"
- name: API_VERSION
value: "v2"
- name: DEIS_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
ports:
- containerPort: 8080
Release "deis" has been upgraded. Happy Helming!
LAST DEPLOYED: Thu Aug 24 14:54:57 2017
NAMESPACE: myproject
STATUS: DEPLOYED
RESOURCES:
==> v1/ConfigMap
NAME DATA AGE
dockerbuilder-config 2 27m
slugbuilder-config 2 27m
slugrunner-config 1 27m
==> v1/ServiceAccount
NAME SECRETS AGE
deis-builder 2 27m
deis-controller 2 27m
deis-database 2 27m
deis-logger-fluentd 2 27m
deis-logger 2 27m
deis-minio 2 27m
deis-monitor-telegraf 2 27m
deis-nsqd 2 27m
deis-registry 2 27m
deis-router 2 27m
deis-workflow-manager 2 27m
==> v1/Service
NAME CLUSTER-IP EXTERNAL-IP PORT(S) AGE
deis-builder 172.30.121.221 <none> 2222/TCP 27m
deis-controller 172.30.203.213 <none> 80/TCP 27m
deis-database 172.30.169.180 <none> 5432/TCP 27m
deis-logger 172.30.212.190 <none> 80/TCP 27m
deis-minio 172.30.215.216 <none> 9000/TCP 27m
deis-monitor-grafana 172.30.232.98 <none> 80/TCP 27m
deis-monitor-influxapi 172.30.81.150 <none> 80/TCP 27m
deis-monitor-influxui 172.30.183.172 <none> 80/TCP 27m
deis-nsqd 172.30.31.96 <none> 4151/TCP,4150/TCP 27m
deis-logger-redis 172.30.3.63 <none> 6379/TCP 27m
deis-registry 172.30.27.12 <none> 80/TCP 27m
deis-router 172.30.173.66 172.29.129.224,172.29.129.224 80:30362/TCP,443:30741/TCP,2222:31125/TCP,9090:32633/TCP 27m
deis-workflow-manager 172.30.52.245 <none> 80/TCP 27m
==> v1beta1/DaemonSet
NAME DESIRED CURRENT READY UP-TO-DATE AVAILABLE NODE-SELECTOR AGE
deis-logger-fluentd 0 0 0 0 0 <none> 27m
deis-monitor-telegraf 0 0 0 0 0 <none> 27m
deis-registry-proxy 0 0 0 0 0 <none> 27m
==> v1beta1/Deployment
NAME DESIRED CURRENT UP-TO-DATE AVAILABLE AGE
deis-builder 1 1 1 0 27m
deis-controller 1 0 0 0 27m
deis-database 1 1 1 0 27m
deis-logger 1 1 1 0 27m
deis-minio 1 1 1 0 27m
deis-monitor-grafana 1 1 1 1 27m
deis-monitor-influxdb 1 1 1 0 27m
deis-nsqd 1 1 1 0 27m
deis-logger-redis 1 1 1 0 27m
deis-registry 1 1 1 0 27m
deis-router 1 1 1 0 27m
deis-workflow-manager 1 1 1 1 27m
==> v1/Secret
NAME TYPE DATA AGE
minio-user Opaque 2 27m
deis-router-dhparam Opaque 1 27m
objectstorage-keyfile Opaque 2 27m
==> MISSING
KIND NAME
clusterroles deis:deis-builder
clusterroles deis:deis-controller
clusterroles deis:deis-logger-fluentd
clusterroles deis:deis-router
clusterrolebindings deis:deis-builder
clusterrolebindings deis:deis-controller
clusterrolebindings deis:deis-logger-fluentd
clusterrolebindings deis:deis-router
roles deis-builder
roles deis-monitor-telegraf
roles deis-router
rolebindings deis-builder
rolebindings deis-monitor-telegraf
rolebindings deis-router
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment