make fluentbit, docker and external dns optional

2023-05-23 12:00:59 +01:00 · 2023-05-23 12:00:59 +01:00 · b46d89e078
commit b46d89e078
parent a566f84674
7 changed files with 33 additions and 17 deletions
--- a/nxrm-aws-resiliency/templates/external-dns-rbac.yml
+++ b/nxrm-aws-resiliency/templates/external-dns-rbac.yml
@ -1,4 +1,4 @@
-# comment out sa if it was previously created
+{{- if .Values.externaldns.enabled }}
 apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRole
 metadata:
@ -64,3 +64,4 @@ spec:
          env:
            - name: AWS_DEFAULT_REGION
              value: {{ .Values.deployment.clusterRegion }}
 {{- end }}
--- a/nxrm-aws-resiliency/templates/fluent-bit.yaml
+++ b/nxrm-aws-resiliency/templates/fluent-bit.yaml
@ -1,3 +1,4 @@
 {{- if .Values.fluentbit.enabled -}}
 apiVersion: v1
 kind: ServiceAccount
 metadata:
@ -357,4 +358,5 @@ spec:
        - operator: "Exists"
          effect: "NoExecute"
        - operator: "Exists"
-          effect: "NoSchedule"
+          effect: "NoSchedule"
 {{- end }}
--- a/nxrm-aws-resiliency/templates/ingress.yaml
+++ b/nxrm-aws-resiliency/templates/ingress.yaml
@ -24,6 +24,7 @@ spec:
                port:
                  number: {{ .Values.service.nexus.port }}
 ---
 {{- if .Values.ingress.dockerIngress.enabled -}}
 apiVersion: networking.k8s.io/v1
 kind: Ingress
 metadata:
@ -49,3 +50,4 @@ spec:
                name: {{ .Chart.Name }}-docker-service
                port:
                  number: {{ .Values.service.docker.port }}
 {{- end }}
--- a/nxrm-aws-resiliency/templates/namespaces.yaml
+++ b/nxrm-aws-resiliency/templates/namespaces.yaml
@ -3,13 +3,16 @@ kind: Namespace
 metadata:
  name: {{ .Values.namespaces.nexusNs }}
 ---
 {{- if .Values.fluentbit.enabled }}
 apiVersion: v1
 kind: Namespace
 metadata:
  name: {{ .Values.namespaces.cloudwatchNs }}
 {{- end }}
 ---
 {{- if .Values.externaldns.enabled }}
 apiVersion: v1
 kind: Namespace
 metadata:
  name: {{ .Values.namespaces.externaldnsNs }}
---
+{{- end }}
--- a/nxrm-aws-resiliency/templates/serviceaccount.yaml
+++ b/nxrm-aws-resiliency/templates/serviceaccount.yaml
@ -6,6 +6,7 @@ metadata:
  annotations:
    eks.amazonaws.com/role-arn: {{ .Values.serviceAccount.role }}
 ---
 {{- if .Values.externaldns.enabled }}
 apiVersion: v1
 kind: ServiceAccount
 metadata:
@ -13,4 +14,4 @@ metadata:
  namespace: {{ .Values.namespaces.externaldnsNs }}
  annotations:
    eks.amazonaws.com/role-arn: {{ .Values.serviceAccount.externaldns.role }}
---
+{{- end }}
--- a/nxrm-aws-resiliency/templates/services.yaml
+++ b/nxrm-aws-resiliency/templates/services.yaml
@ -14,6 +14,7 @@ spec:
      port: {{ .Values.service.nexus.port }}
      targetPort: {{ .Values.service.nexus.targetPort }}
 ---
 {{- if .Values.service.docker.enabled -}}
 apiVersion: v1
 kind: Service
 metadata:
@ -30,3 +31,4 @@ spec:
      protocol: {{ .Values.service.docker.protocol }}
      port: {{ .Values.service.docker.port }}
      targetPort: {{ .Values.service.docker.targetPort }}
 {{- end }}
--- a/nxrm-aws-resiliency/values.yaml
+++ b/nxrm-aws-resiliency/values.yaml
@ -4,8 +4,11 @@ namespaces:
  cloudwatchNs: amazon-cloudwatch
  externaldnsNs: nexus-externaldns
 externaldns:
  enabled: false
  domainFilter: example.com #your root domain e.g example.com
  awsZoneType: private # hosted zone to look at (valid values are public, private or no value for both)
 fluentbit:
  enabled: false
 deployment:
  clusterRegion: us-east-1
  name: nxrm.deployment
@ -54,7 +57,8 @@ ingress:
    alb.ingress.kubernetes.io/subnets: subnet-1,subnet-2 #comma separated list of subnet ids
    #alb.ingress.kubernetes.io/listen-ports: '[{"HTTPS":443}]' uncomment for https
    #alb.ingress.kubernetes.io/certificate-arn: arn:aws:acm:us-east-1:0000000000000:certificate/00000000-1111-2222-3333-444444444444  # Uncomment for https. The AWS Certificate Manager ARN for your HTTPS certificate    
-  dockerIngress:  #Ingress for Docker Connector - comment out if you don't use docker repositories
+  dockerIngress: #Ingress for Docker Connector - comment out if you don't use docker repositories
    enabled: false
    annotations:
      kubernetes.io/ingress.class: alb # comment out if you don't use docker repositories
      alb.ingress.kubernetes.io/scheme: internal # scheme comment out if you don't use docker repositories
@ -82,21 +86,22 @@ pvc:
  accessModes: ReadWriteOnce
  storage: 100Gi
-service:  #Nexus Repo NodePort Service
+service: #Nexus Repo NodePort Service
  nexus:
-   type: NodePort
+    type: NodePort
-   protocol: TCP
+    protocol: TCP
-   port: 80
+    port: 80
-   targetPort: 8081
+    targetPort: 8081
-  docker:  #Nodeport Service for Docker Service
+  docker: #Nodeport Service for Docker Service
-   type: NodePort
+    enabled: false
-   protocol: TCP
+    type: NodePort
-   port: 9090
+    protocol: TCP
-   targetPort: 8081
+    port: 9090
    targetPort: 8081
 secret:
  license:
-   arn: arn:aws:secretsmanager:us-east-1:000000000000:secret:nxrm-nexus-license
+    arn: arn:aws:secretsmanager:us-east-1:000000000000:secret:nxrm-nexus-license
-   alias: nxrm-license.lic
+    alias: nxrm-license.lic
  rds:
    arn: arn:aws:secretsmanager:us-east-1:000000000000:secret:nxrmrds-cred-nexus
  adminpassword: