From 006731c8e59a1d25c06eb0b382bd06961640bbe7 Mon Sep 17 00:00:00 2001 From: Christian Kotzbauer Date: Sat, 9 Oct 2021 10:50:42 +0200 Subject: [PATCH] doc: add README Signed-off-by: Christian Kotzbauer --- README.md | 4 +- charts/chekr/README.md | 145 +++++++++++++++++++++++++++++++++++++++++ 2 files changed, 146 insertions(+), 3 deletions(-) create mode 100644 charts/chekr/README.md diff --git a/README.md b/README.md index 5eef2bb..6a267f8 100644 --- a/README.md +++ b/README.md @@ -2,9 +2,6 @@ [![](https://github.com/ckotzbauer/helm-charts/workflows/Release%20Charts/badge.svg?branch=main)](https://github.com/ckotzbauer/helm-charts/actions) -[mergify]: https://mergify.io -[mergify-status]: https://img.shields.io/endpoint.svg?url=https://gh.mergify.io/badges/ckotzbauer/helm-charts&style=flat-square - ## Usage Add the repo: @@ -17,5 +14,6 @@ helm repo add ckotzbauer https://ckotzbauer.github.io/helm-charts - [access-manager](https://github.com/ckotzbauer/helm-charts/tree/main/charts/access-manager) - [cadvisor](https://github.com/ckotzbauer/helm-charts/tree/main/charts/cadvisor) +- [chekr](https://github.com/ckotzbauer/helm-charts/tree/main/charts/chekr) - [nfs-client-provisioner](https://github.com/ckotzbauer/helm-charts/tree/main/charts/nfs-client-provisioner) - [prometheus-blackbox-exporter](https://github.com/ckotzbauer/helm-charts/tree/main/charts/prometheus-blackbox-exporter) diff --git a/charts/chekr/README.md b/charts/chekr/README.md new file mode 100644 index 0000000..544ee8e --- /dev/null +++ b/charts/chekr/README.md @@ -0,0 +1,145 @@ +# Chekr + +A inspection utility for the maintenance of Kubernetes clusters. + +Learn more: [https://github.com/ckotzbauer/chekr](https://github.com/ckotzbauer/chekr) + +## TL;DR; + +```bash +$ helm install ckotzbauer/chekr +``` + +## Prerequisites + +- Kubernetes 1.17+ (Helm chart) + +## Installing the Chart + +To install the chart with the release name `my-release`: + +```bash +$ helm install --name my-release ckotzbauer/chekr +``` + +The command deploys the nginx-pod of this chart on the Kubernetes cluster using the default configuration. The [configuration](#configuration) section lists the parameters that can be configured during installation. + +## Uninstalling the Chart + +To uninstall/delete the `my-release` deployment: + +```bash +$ helm delete my-release +``` +The command removes all the Kubernetes components associated with the chart and deletes the release. + +## Configuration + +The following table lists the configurable parameters of the Chekr chart and their default values. + +| Parameter | Description | Default | +| -------------------------------------- | ------------------------------------------------- | ------------------------------------- | +imagePullPolicies +nameOverride +fullnameOverride + +| `webserver.image.repository` | container image repository | `nginxinc/nginx-unprivileged` | +| `webserver.image.tag` | container image tag | `mainline-alpine` | +| `webserver.image.pullPolicy` | container image pull policy | `IfNotPresent` | +| `webserver.service.type` | type of the webserver-service | `ClusterIP` | +| `webserver.service.port` | port of the webserver-service | `8080` | +| `webserver.ingress.enabled` | whether to create an Ingress | `false` | +| `webserver.ingress.className` | name of the IngressClass | `""` | +| `webserver.ingress.annotations` | Annotations for the Ingress | `{}` | +| `webserver.ingress.hosts` | List of host-objects for the Ingress | `[]` | +| `webserver.ingress.tls` | List of TLS-configs for the Ingress | `[]` | +| `webserver.resources` | webserver-pod resource requests & limits | See [values.yaml](values.yaml) | +| `webserver.nodeSelector` | node labels for webserver-pod assignment | `{}` | +| `webserver.tolerations` | node tolerations for webserver-pod assignment | `[]` | +| `webserver.affinity` | node affinity for webserver-pod assignment | `{}` | +| `job.image.repository` | container image repository | `ghcr.io/ckotzbauer/chekr` | +| `job.image.tag` | container image tag | `0.5.0` | +| `job.image.pullPolicy` | container image pull policy | `IfNotPresent` | +| `job.schedule` | cron-schedule for the job | `0 22 * * *` | +| `job.commands` | Array of commands and output-files to process | `[]` See [values.yaml](values.yaml) | +| `job.config` | Global config-values for chekr-config-file | `{}` See [values.yaml](values.yaml) | +| `job.env` | List of environment-variables | `[]` See [values.yaml](values.yaml) | +| `job.resources` | job-pod resource requests & limits | See [values.yaml](values.yaml) | +| `job.nodeSelector` | node labels for job-pod assignment | `{}` | +| `job.tolerations` | node tolerations for job-pod assignment | `[]` | +| `job.affinity` | node affinity for job-pod assignment | `{}` | +| `job.serviceAccount.create` | Should we create a ServiceAccount for the Job | `true` | +| `job.serviceAccount.name` | Name of the ServiceAccount to use | null | +| `podSecurityContext` | securityContext to add to each pod | See [values.yaml](values.yaml) | +| `securityContext` | securityContext to add to each container | See [values.yaml](values.yaml) | +| `podAnnotations` | annotations to add to each pod | `{}` | +| `persistence.storageClass` | storage class of the PVC (RWX is required) | `-` | +| `persistence.size` | size of the PVC (RWX is required) | `256Mi` | + + +Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. For example, + +```bash +$ helm install --name my-release \ + --set key_1=value_1,key_2=value_2 \ + ckotzbauer/chekr +``` + +Alternatively, a YAML file that specifies the values for the parameters can be provided while installing the chart. For example, + +```bash +# example for staging +$ helm install --name my-release -f values.yaml ckotzbauer/chekr +``` + +## Example + +```yaml +webserver: + ingress: + enabled: true + className: "nginx" + hosts: + - host: chekr.myorg.com + paths: + - path: / + pathType: ImplementationSpecific + tls: + - secretName: "" + hosts: + - chekr.myorg.com + +job: + commands: + - command: "deprecation list -o html" + outputFile: "deprecation.html" + - command: "resources -n flux-system --limits-threshold 20 -o json" + outputFile: "flux-system-resources.json" + - command: "resources -n infrastructure -o html" + outputFile: "infrastructure-resources.html" + + config: + prometheus-url: monitoring/k8s-prometheus:9090 +``` + +This will deploy the nginx-webserver pod under the Domain "chekr.myorg.com". The CronJob will be executed each night (default schedule) and will +execute the following commands on each run: + +``` +chekr deprecation list -o html --output-file deprecation.html +chekr resources -n flux-system --limits-threshold 20 -o json --output-file flux-system-resources.json +chekr resources -n infrastructure -o html --output-file infrastructure-resources.html +``` + +The output-files are served from the webserver: + +``` +https://chekr.myorg.com/deprecation.html +https://chekr.myorg.com/flux-system-resources.json +https://chekr.myorg.com/infrastructure-resources.html +``` + +Chekr will use the in-cluster Service `k8s-prometheus` in the `monitoring` namespace at port `9090` to query prometheus for the `resources` subcommand. + + +> **Tip**: You can use the default [values.yaml](values.yaml)