diff --git a/nxrm-aws-resiliency/templates/external-dns-rbac.yml b/nxrm-aws-resiliency/templates/external-dns-rbac.yml index 70edb95..5c81710 100644 --- a/nxrm-aws-resiliency/templates/external-dns-rbac.yml +++ b/nxrm-aws-resiliency/templates/external-dns-rbac.yml @@ -1,4 +1,4 @@ -# comment out sa if it was previously created +{{- if .Values.externaldns.enabled }} apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: @@ -64,3 +64,4 @@ spec: env: - name: AWS_DEFAULT_REGION value: {{ .Values.deployment.clusterRegion }} +{{- end }} diff --git a/nxrm-aws-resiliency/templates/fluent-bit.yaml b/nxrm-aws-resiliency/templates/fluent-bit.yaml index 36f93b2..e1125ff 100644 --- a/nxrm-aws-resiliency/templates/fluent-bit.yaml +++ b/nxrm-aws-resiliency/templates/fluent-bit.yaml @@ -1,3 +1,4 @@ +{{- if .Values.fluentbit.enabled -}} apiVersion: v1 kind: ServiceAccount metadata: @@ -357,4 +358,5 @@ spec: - operator: "Exists" effect: "NoExecute" - operator: "Exists" - effect: "NoSchedule" \ No newline at end of file + effect: "NoSchedule" +{{- end }} \ No newline at end of file diff --git a/nxrm-aws-resiliency/templates/ingress.yaml b/nxrm-aws-resiliency/templates/ingress.yaml index 40a6043..2f3adeb 100644 --- a/nxrm-aws-resiliency/templates/ingress.yaml +++ b/nxrm-aws-resiliency/templates/ingress.yaml @@ -24,6 +24,7 @@ spec: port: number: {{ .Values.service.nexus.port }} --- +{{- if .Values.ingress.dockerIngress.enabled -}} apiVersion: networking.k8s.io/v1 kind: Ingress metadata: @@ -49,3 +50,4 @@ spec: name: {{ .Chart.Name }}-docker-service port: number: {{ .Values.service.docker.port }} +{{- end }} \ No newline at end of file diff --git a/nxrm-aws-resiliency/templates/namespaces.yaml b/nxrm-aws-resiliency/templates/namespaces.yaml index 6c72ee7..ea3bba2 100644 --- a/nxrm-aws-resiliency/templates/namespaces.yaml +++ b/nxrm-aws-resiliency/templates/namespaces.yaml @@ -3,13 +3,16 @@ kind: Namespace metadata: name: {{ .Values.namespaces.nexusNs }} --- +{{- if .Values.fluentbit.enabled }} apiVersion: v1 kind: Namespace metadata: name: {{ .Values.namespaces.cloudwatchNs }} +{{- end }} --- +{{- if .Values.externaldns.enabled }} apiVersion: v1 kind: Namespace metadata: name: {{ .Values.namespaces.externaldnsNs }} ---- +{{- end }} diff --git a/nxrm-aws-resiliency/templates/serviceaccount.yaml b/nxrm-aws-resiliency/templates/serviceaccount.yaml index bca6cf4..d2ef703 100644 --- a/nxrm-aws-resiliency/templates/serviceaccount.yaml +++ b/nxrm-aws-resiliency/templates/serviceaccount.yaml @@ -6,6 +6,7 @@ metadata: annotations: eks.amazonaws.com/role-arn: {{ .Values.serviceAccount.role }} --- +{{- if .Values.externaldns.enabled }} apiVersion: v1 kind: ServiceAccount metadata: @@ -13,4 +14,4 @@ metadata: namespace: {{ .Values.namespaces.externaldnsNs }} annotations: eks.amazonaws.com/role-arn: {{ .Values.serviceAccount.externaldns.role }} ---- +{{- end }} diff --git a/nxrm-aws-resiliency/templates/services.yaml b/nxrm-aws-resiliency/templates/services.yaml index 5192e85..1b643ad 100644 --- a/nxrm-aws-resiliency/templates/services.yaml +++ b/nxrm-aws-resiliency/templates/services.yaml @@ -14,6 +14,7 @@ spec: port: {{ .Values.service.nexus.port }} targetPort: {{ .Values.service.nexus.targetPort }} --- +{{- if .Values.service.docker.enabled -}} apiVersion: v1 kind: Service metadata: @@ -30,3 +31,4 @@ spec: protocol: {{ .Values.service.docker.protocol }} port: {{ .Values.service.docker.port }} targetPort: {{ .Values.service.docker.targetPort }} +{{- end }} \ No newline at end of file diff --git a/nxrm-aws-resiliency/values.yaml b/nxrm-aws-resiliency/values.yaml index 89a553e..71901d9 100644 --- a/nxrm-aws-resiliency/values.yaml +++ b/nxrm-aws-resiliency/values.yaml @@ -4,8 +4,11 @@ namespaces: cloudwatchNs: amazon-cloudwatch externaldnsNs: nexus-externaldns externaldns: + enabled: false domainFilter: example.com #your root domain e.g example.com awsZoneType: private # hosted zone to look at (valid values are public, private or no value for both) +fluentbit: + enabled: false deployment: clusterRegion: us-east-1 name: nxrm.deployment @@ -54,7 +57,8 @@ ingress: alb.ingress.kubernetes.io/subnets: subnet-1,subnet-2 #comma separated list of subnet ids #alb.ingress.kubernetes.io/listen-ports: '[{"HTTPS":443}]' uncomment for https #alb.ingress.kubernetes.io/certificate-arn: arn:aws:acm:us-east-1:0000000000000:certificate/00000000-1111-2222-3333-444444444444 # Uncomment for https. The AWS Certificate Manager ARN for your HTTPS certificate - dockerIngress: #Ingress for Docker Connector - comment out if you don't use docker repositories + dockerIngress: #Ingress for Docker Connector - comment out if you don't use docker repositories + enabled: false annotations: kubernetes.io/ingress.class: alb # comment out if you don't use docker repositories alb.ingress.kubernetes.io/scheme: internal # scheme comment out if you don't use docker repositories @@ -82,21 +86,22 @@ pvc: accessModes: ReadWriteOnce storage: 100Gi -service: #Nexus Repo NodePort Service +service: #Nexus Repo NodePort Service nexus: - type: NodePort - protocol: TCP - port: 80 - targetPort: 8081 - docker: #Nodeport Service for Docker Service - type: NodePort - protocol: TCP - port: 9090 - targetPort: 8081 + type: NodePort + protocol: TCP + port: 80 + targetPort: 8081 + docker: #Nodeport Service for Docker Service + enabled: false + type: NodePort + protocol: TCP + port: 9090 + targetPort: 8081 secret: license: - arn: arn:aws:secretsmanager:us-east-1:000000000000:secret:nxrm-nexus-license - alias: nxrm-license.lic + arn: arn:aws:secretsmanager:us-east-1:000000000000:secret:nxrm-nexus-license + alias: nxrm-license.lic rds: arn: arn:aws:secretsmanager:us-east-1:000000000000:secret:nxrmrds-cred-nexus adminpassword: