diff --git a/.github/workflows/helm_ci.yml b/.github/workflows/helm_ci.yml index 6eddf7825..190f47e20 100644 --- a/.github/workflows/helm_ci.yml +++ b/.github/workflows/helm_ci.yml @@ -64,15 +64,15 @@ jobs: echo "✓ All-in-one deployment renders correctly" echo "=== Testing with security enabled ===" - helm template test $CHART_DIR --set global.enableSecurity=true > /tmp/security.yaml + helm template test $CHART_DIR --set global.seaweedfs.enableSecurity=true > /tmp/security.yaml grep -q "security-config" /tmp/security.yaml echo "✓ Security configuration renders correctly" - + echo "=== Testing with monitoring enabled ===" helm template test $CHART_DIR \ - --set global.monitoring.enabled=true \ - --set global.monitoring.gatewayHost=prometheus \ - --set global.monitoring.gatewayPort=9091 > /tmp/monitoring.yaml + --set global.seaweedfs.monitoring.enabled=true \ + --set global.seaweedfs.monitoring.gatewayHost=prometheus \ + --set global.seaweedfs.monitoring.gatewayPort=9091 > /tmp/monitoring.yaml echo "✓ Monitoring configuration renders correctly" echo "=== Testing with PVC storage ===" @@ -124,7 +124,7 @@ jobs: # --- Normal mode: master + filer-client services vs helper-produced addresses --- helm template "$LONG_RELEASE" $CHART_DIR \ --set s3.enabled=true \ - --set global.createBuckets[0].name=test > /tmp/longname.yaml + --set global.seaweedfs.createBuckets[0].name=test > /tmp/longname.yaml # Extract Service names from metadata MASTER_SVC=$(awk '/kind: Service/{found=1} found && /^ *name:/{print $2; found=0}' /tmp/longname.yaml \ @@ -161,7 +161,7 @@ jobs: # --- All-in-one mode: all-in-one service vs both helper addresses --- helm template "$LONG_RELEASE" $CHART_DIR \ --set allInOne.enabled=true \ - --set global.createBuckets[0].name=test > /tmp/longname-aio.yaml + --set global.seaweedfs.createBuckets[0].name=test > /tmp/longname-aio.yaml AIO_SVC=$(awk '/kind: Service/{found=1} found && /^ *name:/{print $2; found=0}' /tmp/longname-aio.yaml \ | grep -- '-all-in-one$') @@ -183,11 +183,11 @@ jobs: # Render the three manifests that include seaweedfs.s3.tlsArgs: # filer-statefulset, s3-deployment, all-in-one-deployment helm template test $CHART_DIR \ - --set global.enableSecurity=true \ + --set global.seaweedfs.enableSecurity=true \ --set filer.s3.enabled=true \ --set s3.enabled=true > /tmp/security-s3.yaml helm template test $CHART_DIR \ - --set global.enableSecurity=true \ + --set global.seaweedfs.enableSecurity=true \ --set allInOne.enabled=true \ --set allInOne.s3.enabled=true > /tmp/security-aio.yaml @@ -212,7 +212,7 @@ jobs: if errors: for e in errors: print(f"FAIL: {e}", file=sys.stderr) - print("Rendered with: global.enableSecurity=true, filer.s3.enabled=true, s3.enabled=true, allInOne.enabled=true", file=sys.stderr) + print("Rendered with: global.seaweedfs.enableSecurity=true, filer.s3.enabled=true, s3.enabled=true, allInOne.enabled=true", file=sys.stderr) sys.exit(1) print("✓ No blank lines in security+S3 command blocks") PYEOF diff --git a/k8s/charts/seaweedfs/templates/admin/admin-servicemonitor.yaml b/k8s/charts/seaweedfs/templates/admin/admin-servicemonitor.yaml index c49d2a398..b73a15404 100644 --- a/k8s/charts/seaweedfs/templates/admin/admin-servicemonitor.yaml +++ b/k8s/charts/seaweedfs/templates/admin/admin-servicemonitor.yaml @@ -1,5 +1,6 @@ +{{- include "seaweedfs.compat" . -}} {{- if .Values.admin.enabled }} -{{- if .Values.global.monitoring.enabled }} +{{- if .Values.global.seaweedfs.monitoring.enabled }} apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor metadata: @@ -11,7 +12,7 @@ metadata: app.kubernetes.io/managed-by: {{ .Release.Service }} app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/component: admin - {{- with .Values.global.monitoring.additionalLabels }} + {{- with .Values.global.seaweedfs.monitoring.additionalLabels }} {{- toYaml . | nindent 4 }} {{- end }} {{- with .Values.admin.serviceMonitor.annotations }} diff --git a/k8s/charts/seaweedfs/templates/admin/admin-statefulset.yaml b/k8s/charts/seaweedfs/templates/admin/admin-statefulset.yaml index c5ff29012..47f083817 100644 --- a/k8s/charts/seaweedfs/templates/admin/admin-statefulset.yaml +++ b/k8s/charts/seaweedfs/templates/admin/admin-statefulset.yaml @@ -1,9 +1,10 @@ +{{- include "seaweedfs.compat" . -}} {{- if .Values.admin.enabled }} {{- if gt (.Values.admin.replicas | int) 1 }} {{- fail "admin.replicas must be 0 or 1" -}} {{- end }} -{{- if and (not .Values.admin.masters) (not .Values.global.masterServer) (not .Values.master.enabled) }} -{{- fail "admin.masters or global.masterServer must be set if master.enabled is false" -}} +{{- if and (not .Values.admin.masters) (not .Values.global.seaweedfs.masterServer) (not .Values.master.enabled) }} +{{- fail "admin.masters or global.seaweedfs.masterServer must be set if master.enabled is false" -}} {{- end }} apiVersion: apps/v1 kind: StatefulSet @@ -50,7 +51,7 @@ spec: {{- toYaml . | nindent 8 }} {{- end }} spec: - restartPolicy: {{ default .Values.global.restartPolicy .Values.admin.restartPolicy }} + restartPolicy: {{ default .Values.global.seaweedfs.restartPolicy .Values.admin.restartPolicy }} {{- if .Values.admin.affinity }} affinity: {{ tpl .Values.admin.affinity . | nindent 8 | trim }} @@ -82,7 +83,7 @@ spec: containers: - name: seaweedfs image: {{ template "admin.image" . }} - imagePullPolicy: {{ default "IfNotPresent" .Values.global.imagePullPolicy }} + imagePullPolicy: {{ default "IfNotPresent" .Values.global.seaweedfs.imagePullPolicy }} {{- $adminAuthEnabled := or .Values.admin.secret.existingSecret .Values.admin.secret.adminPassword }} {{- $urlPrefix := .Values.admin.urlPrefix }} {{- if and (not $urlPrefix) .Values.admin.ingress.enabled (ne .Values.admin.ingress.path "/") }} @@ -123,7 +124,7 @@ spec: - name: SEAWEEDFS_FULLNAME value: "{{ include "seaweedfs.fullname" . }}" {{- $mergedExtraEnvironmentVars := dict }} - {{- include "seaweedfs.mergeExtraEnvironmentVars" (dict "global" .Values.global "component" .Values.admin "target" $mergedExtraEnvironmentVars) }} + {{- include "seaweedfs.mergeExtraEnvironmentVars" (dict "global" .Values.global.seaweedfs "component" .Values.admin "target" $mergedExtraEnvironmentVars) }} {{- range $key := keys $mergedExtraEnvironmentVars | sortAlpha }} {{- $value := index $mergedExtraEnvironmentVars $key }} - name: {{ $key }} @@ -147,7 +148,7 @@ spec: {{- if .Values.admin.loggingOverrideLevel }} -v={{ .Values.admin.loggingOverrideLevel }} \ {{- else }} - -v={{ .Values.global.loggingLevel }} \ + -v={{ .Values.global.seaweedfs.loggingLevel }} \ {{- end }} admin \ -port={{ .Values.admin.port }} \ @@ -159,8 +160,8 @@ spec: {{- end }} {{- if .Values.admin.masters }} -masters={{ .Values.admin.masters }}{{- if or $urlPrefix .Values.admin.extraArgs }} \{{ end }} - {{- else if .Values.global.masterServer }} - -masters={{ .Values.global.masterServer }}{{- if or $urlPrefix .Values.admin.extraArgs }} \{{ end }} + {{- else if .Values.global.seaweedfs.masterServer }} + -masters={{ .Values.global.seaweedfs.masterServer }}{{- if or $urlPrefix .Values.admin.extraArgs }} \{{ end }} {{- else }} -masters={{ range $index := until (.Values.master.replicas | int) }}${SEAWEEDFS_FULLNAME}-master-{{ $index }}.${SEAWEEDFS_FULLNAME}-master.{{ $.Release.Namespace }}:{{ $.Values.master.port }}{{ if lt $index (sub ($.Values.master.replicas | int) 1) }},{{ end }}{{ end }}{{- if or $urlPrefix .Values.admin.extraArgs }} \{{ end }} {{- end }} @@ -179,7 +180,7 @@ spec: - name: admin-logs mountPath: /logs {{- end }} - {{- if .Values.global.enableSecurity }} + {{- if .Values.global.seaweedfs.enableSecurity }} - name: security-config readOnly: true mountPath: /etc/seaweedfs/security.toml @@ -274,7 +275,7 @@ spec: persistentVolumeClaim: claimName: {{ .Values.admin.logs.claimName }} {{- end }} - {{- if .Values.global.enableSecurity }} + {{- if .Values.global.seaweedfs.enableSecurity }} - name: security-config configMap: name: {{ include "seaweedfs.fullname" . }}-security-config diff --git a/k8s/charts/seaweedfs/templates/all-in-one/all-in-one-deployment.yaml b/k8s/charts/seaweedfs/templates/all-in-one/all-in-one-deployment.yaml index 5a833eb3d..be9f71842 100644 --- a/k8s/charts/seaweedfs/templates/all-in-one/all-in-one-deployment.yaml +++ b/k8s/charts/seaweedfs/templates/all-in-one/all-in-one-deployment.yaml @@ -1,3 +1,4 @@ +{{- include "seaweedfs.compat" . -}} {{- if .Values.allInOne.enabled }} apiVersion: apps/v1 kind: Deployment @@ -44,7 +45,7 @@ spec: {{- toYaml . | nindent 8 }} {{- end }} spec: - restartPolicy: {{ default .Values.global.restartPolicy .Values.allInOne.restartPolicy }} + restartPolicy: {{ default .Values.global.seaweedfs.restartPolicy .Values.allInOne.restartPolicy }} {{- if .Values.allInOne.affinity }} affinity: {{ tpl .Values.allInOne.affinity . | nindent 8 | trim }} @@ -77,10 +78,10 @@ spec: containers: - name: seaweedfs image: {{ template "master.image" . }} - imagePullPolicy: {{ default "IfNotPresent" .Values.global.imagePullPolicy }} + imagePullPolicy: {{ default "IfNotPresent" .Values.global.seaweedfs.imagePullPolicy }} env: {{- /* Determine default cluster alias and the corresponding env var keys to avoid conflicts */}} - {{- $envMerged := merge (.Values.global.extraEnvironmentVars | default dict) (.Values.allInOne.extraEnvironmentVars | default dict) }} + {{- $envMerged := merge (.Values.global.seaweedfs.extraEnvironmentVars | default dict) (.Values.allInOne.extraEnvironmentVars | default dict) }} {{- $clusterDefault := default "sw" (index $envMerged "WEED_CLUSTER_DEFAULT") }} {{- $clusterUpper := upper $clusterDefault }} {{- $clusterMasterKey := printf "WEED_CLUSTER_%s_MASTER" $clusterUpper }} @@ -112,8 +113,8 @@ spec: {{- end }} {{- end }} {{- end }} - {{- if .Values.global.extraEnvironmentVars }} - {{- range $key, $value := .Values.global.extraEnvironmentVars }} + {{- if .Values.global.seaweedfs.extraEnvironmentVars }} + {{- range $key, $value := .Values.global.seaweedfs.extraEnvironmentVars }} {{- if and (ne $key $clusterMasterKey) (ne $key $clusterFilerKey) }} - name: {{ $key }} {{- if kindIs "string" $value }} @@ -145,7 +146,7 @@ spec: {{- if .Values.allInOne.loggingOverrideLevel }} -v={{ .Values.allInOne.loggingOverrideLevel }} \ {{- else }} - -v={{ .Values.global.loggingLevel }} \ + -v={{ .Values.global.seaweedfs.loggingLevel }} \ {{- end }} server \ -dir=/data \ @@ -176,8 +177,8 @@ spec: {{- end }} {{- end }} -master.port={{ .Values.master.port }} \ - {{- if .Values.global.enableReplication }} - -master.defaultReplication={{ .Values.global.replicationPlacement }} \ + {{- if .Values.global.seaweedfs.enableReplication }} + -master.defaultReplication={{ .Values.global.seaweedfs.replicationPlacement }} \ {{- else }} -master.defaultReplication={{ .Values.master.defaultReplication }} \ {{- end }} @@ -215,8 +216,8 @@ spec: -filer.disableDirListing \ {{- end }} -filer.dirListLimit={{ .Values.filer.dirListLimit }} \ - {{- if .Values.global.enableReplication }} - -filer.defaultReplicaPlacement={{ .Values.global.replicationPlacement }} \ + {{- if .Values.global.seaweedfs.enableReplication }} + -filer.defaultReplicaPlacement={{ .Values.global.seaweedfs.replicationPlacement }} \ {{- else }} -filer.defaultReplicaPlacement={{ .Values.filer.defaultReplicaPlacement }} \ {{- end }} @@ -242,7 +243,7 @@ spec: {{- if $domainName }} -s3.domainName={{ $domainName }} \ {{- end }} - {{- if .Values.global.enableSecurity }} + {{- if .Values.global.seaweedfs.enableSecurity }} {{- $httpsPort := .Values.allInOne.s3.httpsPort | default .Values.s3.httpsPort }} {{- if $httpsPort }} -s3.port.https={{ $httpsPort }} \ @@ -329,7 +330,7 @@ spec: mountPath: /etc/seaweedfs/master.toml subPath: master.toml readOnly: true - {{- if .Values.global.enableSecurity }} + {{- if .Values.global.seaweedfs.enableSecurity }} - name: security-config mountPath: /etc/seaweedfs/security.toml subPath: security.toml @@ -460,7 +461,7 @@ spec: - name: master-config configMap: name: {{ include "seaweedfs.fullname" . }}-master-config - {{- if .Values.global.enableSecurity }} + {{- if .Values.global.seaweedfs.enableSecurity }} - name: security-config configMap: name: {{ include "seaweedfs.fullname" . }}-security-config diff --git a/k8s/charts/seaweedfs/templates/all-in-one/all-in-one-servicemonitor.yaml b/k8s/charts/seaweedfs/templates/all-in-one/all-in-one-servicemonitor.yaml index 66895f213..512eca63b 100644 --- a/k8s/charts/seaweedfs/templates/all-in-one/all-in-one-servicemonitor.yaml +++ b/k8s/charts/seaweedfs/templates/all-in-one/all-in-one-servicemonitor.yaml @@ -1,5 +1,6 @@ +{{- include "seaweedfs.compat" . -}} {{- if .Values.allInOne.enabled }} -{{- if .Values.global.monitoring.enabled }} +{{- if .Values.global.seaweedfs.monitoring.enabled }} apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor metadata: @@ -11,7 +12,7 @@ metadata: app.kubernetes.io/managed-by: {{ .Release.Service }} app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/component: all-in-one - {{- with .Values.global.monitoring.additionalLabels }} + {{- with .Values.global.seaweedfs.monitoring.additionalLabels }} {{- toYaml . | nindent 4 }} {{- end }} spec: diff --git a/k8s/charts/seaweedfs/templates/cert/admin-cert.yaml b/k8s/charts/seaweedfs/templates/cert/admin-cert.yaml index 1219deec2..6ceaf01b4 100644 --- a/k8s/charts/seaweedfs/templates/cert/admin-cert.yaml +++ b/k8s/charts/seaweedfs/templates/cert/admin-cert.yaml @@ -1,5 +1,6 @@ -{{- if and .Values.global.enableSecurity (not .Values.certificates.externalCertificates.enabled)}} -apiVersion: cert-manager.io/v1{{ if .Values.global.certificates.alphacrds }}alpha1{{ end }} +{{- include "seaweedfs.compat" . -}} +{{- if and .Values.global.seaweedfs.enableSecurity (not .Values.certificates.externalCertificates.enabled)}} +apiVersion: cert-manager.io/v1{{ if .Values.global.seaweedfs.certificates.alphacrds }}alpha1{{ end }} kind: Certificate metadata: name: {{ include "seaweedfs.fullname" . }}-admin-cert diff --git a/k8s/charts/seaweedfs/templates/cert/ca-cert.yaml b/k8s/charts/seaweedfs/templates/cert/ca-cert.yaml index 68f50476b..b5bd8fda6 100644 --- a/k8s/charts/seaweedfs/templates/cert/ca-cert.yaml +++ b/k8s/charts/seaweedfs/templates/cert/ca-cert.yaml @@ -1,5 +1,6 @@ -{{- if and .Values.global.enableSecurity (not .Values.certificates.externalCertificates.enabled)}} -apiVersion: cert-manager.io/v1{{ if .Values.global.certificates.alphacrds }}alpha1{{ end }} +{{- include "seaweedfs.compat" . -}} +{{- if and .Values.global.seaweedfs.enableSecurity (not .Values.certificates.externalCertificates.enabled)}} +apiVersion: cert-manager.io/v1{{ if .Values.global.seaweedfs.certificates.alphacrds }}alpha1{{ end }} kind: Certificate metadata: name: {{ include "seaweedfs.fullname" . }}-ca-cert diff --git a/k8s/charts/seaweedfs/templates/cert/cert-caissuer.yaml b/k8s/charts/seaweedfs/templates/cert/cert-caissuer.yaml index f98461203..35a04dffd 100644 --- a/k8s/charts/seaweedfs/templates/cert/cert-caissuer.yaml +++ b/k8s/charts/seaweedfs/templates/cert/cert-caissuer.yaml @@ -1,5 +1,6 @@ -{{- if and .Values.global.enableSecurity (not .Values.certificates.externalCertificates.enabled)}} -apiVersion: cert-manager.io/v1{{ if .Values.global.certificates.alphacrds }}alpha1{{ end }} +{{- include "seaweedfs.compat" . -}} +{{- if and .Values.global.seaweedfs.enableSecurity (not .Values.certificates.externalCertificates.enabled)}} +apiVersion: cert-manager.io/v1{{ if .Values.global.seaweedfs.certificates.alphacrds }}alpha1{{ end }} kind: Issuer metadata: name: {{ include "seaweedfs.fullname" . }}-ca-issuer diff --git a/k8s/charts/seaweedfs/templates/cert/cert-issuer.yaml b/k8s/charts/seaweedfs/templates/cert/cert-issuer.yaml index 03c21b4ac..479d2f334 100644 --- a/k8s/charts/seaweedfs/templates/cert/cert-issuer.yaml +++ b/k8s/charts/seaweedfs/templates/cert/cert-issuer.yaml @@ -1,5 +1,6 @@ -{{- if and .Values.global.enableSecurity (not .Values.certificates.externalCertificates.enabled)}} -apiVersion: cert-manager.io/v1{{ if .Values.global.certificates.alphacrds }}alpha1{{ end }} +{{- include "seaweedfs.compat" . -}} +{{- if and .Values.global.seaweedfs.enableSecurity (not .Values.certificates.externalCertificates.enabled)}} +apiVersion: cert-manager.io/v1{{ if .Values.global.seaweedfs.certificates.alphacrds }}alpha1{{ end }} kind: Issuer metadata: name: {{ include "seaweedfs.fullname" . }}-issuer diff --git a/k8s/charts/seaweedfs/templates/cert/client-cert.yaml b/k8s/charts/seaweedfs/templates/cert/client-cert.yaml index 8673105fd..c3d806462 100644 --- a/k8s/charts/seaweedfs/templates/cert/client-cert.yaml +++ b/k8s/charts/seaweedfs/templates/cert/client-cert.yaml @@ -1,5 +1,6 @@ -{{- if and .Values.global.enableSecurity (not .Values.certificates.externalCertificates.enabled)}} -apiVersion: cert-manager.io/v1{{ if .Values.global.certificates.alphacrds }}alpha1{{ end }} +{{- include "seaweedfs.compat" . -}} +{{- if and .Values.global.seaweedfs.enableSecurity (not .Values.certificates.externalCertificates.enabled)}} +apiVersion: cert-manager.io/v1{{ if .Values.global.seaweedfs.certificates.alphacrds }}alpha1{{ end }} kind: Certificate metadata: name: {{ include "seaweedfs.fullname" . }}-client-cert diff --git a/k8s/charts/seaweedfs/templates/cert/filer-cert.yaml b/k8s/charts/seaweedfs/templates/cert/filer-cert.yaml index b21fb1744..18c568a3b 100644 --- a/k8s/charts/seaweedfs/templates/cert/filer-cert.yaml +++ b/k8s/charts/seaweedfs/templates/cert/filer-cert.yaml @@ -1,5 +1,6 @@ -{{- if and .Values.global.enableSecurity (not .Values.certificates.externalCertificates.enabled)}} -apiVersion: cert-manager.io/v1{{ if .Values.global.certificates.alphacrds }}alpha1{{ end }} +{{- include "seaweedfs.compat" . -}} +{{- if and .Values.global.seaweedfs.enableSecurity (not .Values.certificates.externalCertificates.enabled)}} +apiVersion: cert-manager.io/v1{{ if .Values.global.seaweedfs.certificates.alphacrds }}alpha1{{ end }} kind: Certificate metadata: name: {{ include "seaweedfs.fullname" . }}-filer-cert diff --git a/k8s/charts/seaweedfs/templates/cert/master-cert.yaml b/k8s/charts/seaweedfs/templates/cert/master-cert.yaml index 477d71ee7..be33c2ce7 100644 --- a/k8s/charts/seaweedfs/templates/cert/master-cert.yaml +++ b/k8s/charts/seaweedfs/templates/cert/master-cert.yaml @@ -1,5 +1,6 @@ -{{- if and .Values.global.enableSecurity (not .Values.certificates.externalCertificates.enabled)}} -apiVersion: cert-manager.io/v1{{ if .Values.global.certificates.alphacrds }}alpha1{{ end }} +{{- include "seaweedfs.compat" . -}} +{{- if and .Values.global.seaweedfs.enableSecurity (not .Values.certificates.externalCertificates.enabled)}} +apiVersion: cert-manager.io/v1{{ if .Values.global.seaweedfs.certificates.alphacrds }}alpha1{{ end }} kind: Certificate metadata: name: {{ include "seaweedfs.fullname" . }}-master-cert diff --git a/k8s/charts/seaweedfs/templates/cert/volume-cert.yaml b/k8s/charts/seaweedfs/templates/cert/volume-cert.yaml index 60247e93d..115b8495c 100644 --- a/k8s/charts/seaweedfs/templates/cert/volume-cert.yaml +++ b/k8s/charts/seaweedfs/templates/cert/volume-cert.yaml @@ -1,5 +1,6 @@ -{{- if and .Values.global.enableSecurity (not .Values.certificates.externalCertificates.enabled)}} -apiVersion: cert-manager.io/v1{{ if .Values.global.certificates.alphacrds }}alpha1{{ end }} +{{- include "seaweedfs.compat" . -}} +{{- if and .Values.global.seaweedfs.enableSecurity (not .Values.certificates.externalCertificates.enabled)}} +apiVersion: cert-manager.io/v1{{ if .Values.global.seaweedfs.certificates.alphacrds }}alpha1{{ end }} kind: Certificate metadata: name: {{ include "seaweedfs.fullname" . }}-volume-cert diff --git a/k8s/charts/seaweedfs/templates/cert/worker-cert.yaml b/k8s/charts/seaweedfs/templates/cert/worker-cert.yaml index c75d9abd5..8a70b7827 100644 --- a/k8s/charts/seaweedfs/templates/cert/worker-cert.yaml +++ b/k8s/charts/seaweedfs/templates/cert/worker-cert.yaml @@ -1,5 +1,6 @@ -{{- if and .Values.global.enableSecurity (not .Values.certificates.externalCertificates.enabled)}} -apiVersion: cert-manager.io/v1{{ if .Values.global.certificates.alphacrds }}alpha1{{ end }} +{{- include "seaweedfs.compat" . -}} +{{- if and .Values.global.seaweedfs.enableSecurity (not .Values.certificates.externalCertificates.enabled)}} +apiVersion: cert-manager.io/v1{{ if .Values.global.seaweedfs.certificates.alphacrds }}alpha1{{ end }} kind: Certificate metadata: name: {{ include "seaweedfs.fullname" . }}-worker-cert diff --git a/k8s/charts/seaweedfs/templates/cosi/cosi-cluster-role.yaml b/k8s/charts/seaweedfs/templates/cosi/cosi-cluster-role.yaml index 284dfac10..b5c103575 100644 --- a/k8s/charts/seaweedfs/templates/cosi/cosi-cluster-role.yaml +++ b/k8s/charts/seaweedfs/templates/cosi/cosi-cluster-role.yaml @@ -1,3 +1,4 @@ +{{- include "seaweedfs.compat" . -}} {{- if .Values.cosi.enabled }} --- kind: ClusterRole @@ -60,7 +61,7 @@ metadata: app.kubernetes.io/instance: {{ .Release.Name }} subjects: - kind: ServiceAccount - name: {{ .Values.global.serviceAccountName }}-objectstorage-provisioner + name: {{ .Values.global.seaweedfs.serviceAccountName }}-objectstorage-provisioner namespace: {{ .Release.Namespace }} roleRef: kind: ClusterRole diff --git a/k8s/charts/seaweedfs/templates/cosi/cosi-deployment.yaml b/k8s/charts/seaweedfs/templates/cosi/cosi-deployment.yaml index af9e780f2..2f29155da 100644 --- a/k8s/charts/seaweedfs/templates/cosi/cosi-deployment.yaml +++ b/k8s/charts/seaweedfs/templates/cosi/cosi-deployment.yaml @@ -1,3 +1,4 @@ +{{- include "seaweedfs.compat" . -}} {{- if .Values.cosi.enabled }} apiVersion: apps/v1 kind: Deployment @@ -38,7 +39,7 @@ spec: {{- toYaml . | nindent 8 }} {{- end }} spec: - restartPolicy: {{ default .Values.global.restartPolicy .Values.cosi.restartPolicy }} + restartPolicy: {{ default .Values.global.seaweedfs.restartPolicy .Values.cosi.restartPolicy }} {{- if .Values.cosi.affinity }} affinity: {{ tpl .Values.cosi.affinity . | nindent 8 | trim }} @@ -68,7 +69,7 @@ spec: containers: - name: seaweedfs-cosi-driver image: "{{ .Values.cosi.image }}" - imagePullPolicy: {{ default "IfNotPresent" .Values.global.imagePullPolicy }} + imagePullPolicy: {{ default "IfNotPresent" .Values.global.seaweedfs.imagePullPolicy }} env: - name: DRIVERNAME value: "{{ .Values.cosi.driverName }}" @@ -88,7 +89,7 @@ spec: {{- end }} - name: SEAWEEDFS_FILER value: "{{ include "seaweedfs.componentName" (list . "filer") }}:{{ .Values.filer.grpcPort }}" - {{- if .Values.global.enableSecurity }} + {{- if .Values.global.seaweedfs.enableSecurity }} - name: WEED_GRPC_CLIENT_KEY value: /usr/local/share/ca-certificates/client/tls.key - name: WEED_GRPC_CLIENT_CERT @@ -97,7 +98,7 @@ spec: value: /usr/local/share/ca-certificates/client/ca.crt {{- end }} {{- $mergedExtraEnvironmentVars := dict }} - {{- include "seaweedfs.mergeExtraEnvironmentVars" (dict "global" .Values.global "component" .Values.cosi "target" $mergedExtraEnvironmentVars) }} + {{- include "seaweedfs.mergeExtraEnvironmentVars" (dict "global" .Values.global.seaweedfs "component" .Values.cosi "target" $mergedExtraEnvironmentVars) }} {{- range $key := keys $mergedExtraEnvironmentVars | sortAlpha }} {{- $value := index $mergedExtraEnvironmentVars $key }} - name: {{ $key }} @@ -116,7 +117,7 @@ spec: name: config-users readOnly: true {{- end }} - {{- if .Values.global.enableSecurity }} + {{- if .Values.global.seaweedfs.enableSecurity }} - name: security-config readOnly: true mountPath: /etc/seaweedfs/security.toml @@ -144,7 +145,7 @@ spec: {{- end }} - name: seaweedfs-cosi-sidecar image: "{{ .Values.cosi.sidecar.image }}" - imagePullPolicy: {{ default "IfNotPresent" .Values.global.imagePullPolicy }} + imagePullPolicy: {{ default "IfNotPresent" .Values.global.seaweedfs.imagePullPolicy }} args: - {{ printf "--v=%s" (default "5" .Values.cosi.sidecar.logLevel) }} env: @@ -178,7 +179,7 @@ spec: secretName: {{ include "seaweedfs.fullname" . }}-s3-secret {{- end }} {{- end }} - {{- if .Values.global.enableSecurity }} + {{- if .Values.global.seaweedfs.enableSecurity }} - name: security-config configMap: name: {{ include "seaweedfs.fullname" . }}-security-config diff --git a/k8s/charts/seaweedfs/templates/cosi/cosi-service-account.yaml b/k8s/charts/seaweedfs/templates/cosi/cosi-service-account.yaml index 78227fdeb..6d0a4bc38 100644 --- a/k8s/charts/seaweedfs/templates/cosi/cosi-service-account.yaml +++ b/k8s/charts/seaweedfs/templates/cosi/cosi-service-account.yaml @@ -1,13 +1,14 @@ +{{- include "seaweedfs.compat" . -}} {{- if .Values.cosi.enabled }} apiVersion: v1 kind: ServiceAccount metadata: - name: {{ .Values.global.serviceAccountName }}-objectstorage-provisioner + name: {{ .Values.global.seaweedfs.serviceAccountName }}-objectstorage-provisioner namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: {{ template "seaweedfs.name" . }} helm.sh/chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} app.kubernetes.io/managed-by: {{ .Release.Service }} app.kubernetes.io/instance: {{ .Release.Name }} -automountServiceAccountToken: {{ .Values.global.automountServiceAccountToken }} +automountServiceAccountToken: {{ .Values.global.seaweedfs.automountServiceAccountToken }} {{- end }} diff --git a/k8s/charts/seaweedfs/templates/filer/filer-servicemonitor.yaml b/k8s/charts/seaweedfs/templates/filer/filer-servicemonitor.yaml index 3c93990be..258757266 100644 --- a/k8s/charts/seaweedfs/templates/filer/filer-servicemonitor.yaml +++ b/k8s/charts/seaweedfs/templates/filer/filer-servicemonitor.yaml @@ -1,6 +1,7 @@ +{{- include "seaweedfs.compat" . -}} {{- if .Values.filer.enabled }} {{- if .Values.filer.metricsPort }} -{{- if .Values.global.monitoring.enabled }} +{{- if .Values.global.seaweedfs.monitoring.enabled }} apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor metadata: @@ -12,7 +13,7 @@ metadata: app.kubernetes.io/managed-by: {{ .Release.Service }} app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/component: filer - {{- with .Values.global.monitoring.additionalLabels }} + {{- with .Values.global.seaweedfs.monitoring.additionalLabels }} {{- toYaml . | nindent 4 }} {{- end }} {{- if .Values.filer.annotations }} diff --git a/k8s/charts/seaweedfs/templates/filer/filer-statefulset.yaml b/k8s/charts/seaweedfs/templates/filer/filer-statefulset.yaml index 9b36f5cd4..3e8f773d2 100644 --- a/k8s/charts/seaweedfs/templates/filer/filer-statefulset.yaml +++ b/k8s/charts/seaweedfs/templates/filer/filer-statefulset.yaml @@ -1,3 +1,4 @@ +{{- include "seaweedfs.compat" . -}} {{- if .Values.filer.enabled }} apiVersion: apps/v1 kind: StatefulSet @@ -56,7 +57,7 @@ spec: checksum/s3config: {{ include (print .Template.BasePath "/s3/s3-secret.yaml") . | sha256sum }} {{- end }} spec: - restartPolicy: {{ default .Values.global.restartPolicy .Values.filer.restartPolicy }} + restartPolicy: {{ default .Values.global.seaweedfs.restartPolicy .Values.filer.restartPolicy }} {{- if .Values.filer.affinity }} affinity: {{ tpl .Values.filer.affinity . | nindent 8 | trim }} @@ -86,7 +87,7 @@ spec: containers: - name: seaweedfs image: {{ template "filer.image" . }} - imagePullPolicy: {{ default "IfNotPresent" .Values.global.imagePullPolicy }} + imagePullPolicy: {{ default "IfNotPresent" .Values.global.seaweedfs.imagePullPolicy }} env: - name: POD_IP valueFrom: @@ -115,7 +116,7 @@ spec: - name: SEAWEEDFS_FULLNAME value: "{{ include "seaweedfs.fullname" . }}" {{- $mergedExtraEnvironmentVars := dict }} - {{- include "seaweedfs.mergeExtraEnvironmentVars" (dict "global" .Values.global "component" .Values.filer "target" $mergedExtraEnvironmentVars) }} + {{- include "seaweedfs.mergeExtraEnvironmentVars" (dict "global" .Values.global.seaweedfs "component" .Values.filer "target" $mergedExtraEnvironmentVars) }} {{- range $key := keys $mergedExtraEnvironmentVars | sortAlpha }} {{- $value := index $mergedExtraEnvironmentVars $key }} - name: {{ $key }} @@ -145,7 +146,7 @@ spec: {{- if .Values.filer.loggingOverrideLevel }} -v={{ .Values.filer.loggingOverrideLevel }} \ {{- else }} - -v={{ .Values.global.loggingLevel }} \ + -v={{ .Values.global.seaweedfs.loggingLevel }} \ {{- end }} filer \ -port={{ .Values.filer.port }} \ @@ -165,8 +166,8 @@ spec: -disableDirListing \ {{- end }} -dirListLimit={{ .Values.filer.dirListLimit }} \ - {{- if .Values.global.enableReplication }} - -defaultReplicaPlacement={{ .Values.global.replicationPlacement }} \ + {{- if .Values.global.seaweedfs.enableReplication }} + -defaultReplicaPlacement={{ .Values.global.seaweedfs.replicationPlacement }} \ {{- else }} -defaultReplicaPlacement={{ .Values.filer.defaultReplicaPlacement }} \ {{- end }} @@ -196,7 +197,7 @@ spec: {{- if .Values.filer.s3.domainName }} -s3.domainName={{ .Values.filer.s3.domainName }} \ {{- end }} - {{- if .Values.global.enableSecurity }} + {{- if .Values.global.seaweedfs.enableSecurity }} {{- if .Values.filer.s3.httpsPort }} -s3.port.https={{ .Values.filer.s3.httpsPort }} \ {{- end }} @@ -233,7 +234,7 @@ spec: mountPath: /etc/seaweedfs/notification.toml subPath: notification.toml {{- end }} - {{- if .Values.global.enableSecurity }} + {{- if .Values.global.seaweedfs.enableSecurity }} - name: security-config readOnly: true mountPath: /etc/seaweedfs/security.toml @@ -273,7 +274,7 @@ spec: name: swfs-s3-tls {{- end }} {{- end }} - {{- $isJwtEnabled := or .Values.global.securityConfig.jwtSigning.filerWrite .Values.global.securityConfig.jwtSigning.filerRead }} + {{- $isJwtEnabled := or .Values.global.seaweedfs.securityConfig.jwtSigning.filerWrite .Values.global.seaweedfs.securityConfig.jwtSigning.filerRead }} {{- if .Values.filer.readinessProbe.enabled }} readinessProbe: {{- if or $isJwtEnabled .Values.filer.readinessProbe.tcpSocket }} @@ -367,7 +368,7 @@ spec: configMap: name: {{ include "seaweedfs.fullname" . }}-notification-config {{- end }} - {{- if .Values.global.enableSecurity }} + {{- if .Values.global.seaweedfs.enableSecurity }} - name: security-config configMap: name: {{ include "seaweedfs.fullname" . }}-security-config diff --git a/k8s/charts/seaweedfs/templates/master/master-servicemonitor.yaml b/k8s/charts/seaweedfs/templates/master/master-servicemonitor.yaml index 7296a810c..2ce626840 100644 --- a/k8s/charts/seaweedfs/templates/master/master-servicemonitor.yaml +++ b/k8s/charts/seaweedfs/templates/master/master-servicemonitor.yaml @@ -1,6 +1,7 @@ +{{- include "seaweedfs.compat" . -}} {{- if .Values.master.enabled }} {{- if .Values.master.metricsPort }} -{{- if .Values.global.monitoring.enabled }} +{{- if .Values.global.seaweedfs.monitoring.enabled }} apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor metadata: @@ -12,7 +13,7 @@ metadata: app.kubernetes.io/managed-by: {{ .Release.Service }} app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/component: master - {{- with .Values.global.monitoring.additionalLabels }} + {{- with .Values.global.seaweedfs.monitoring.additionalLabels }} {{- toYaml . | nindent 4 }} {{- end }} {{- if .Values.master.annotations }} diff --git a/k8s/charts/seaweedfs/templates/master/master-statefulset.yaml b/k8s/charts/seaweedfs/templates/master/master-statefulset.yaml index bc582ab70..80fbc6bf9 100644 --- a/k8s/charts/seaweedfs/templates/master/master-statefulset.yaml +++ b/k8s/charts/seaweedfs/templates/master/master-statefulset.yaml @@ -1,3 +1,4 @@ +{{- include "seaweedfs.compat" . -}} {{- if .Values.master.enabled }} apiVersion: apps/v1 kind: StatefulSet @@ -50,7 +51,7 @@ spec: {{- toYaml . | nindent 8 }} {{- end }} spec: - restartPolicy: {{ default .Values.global.restartPolicy .Values.master.restartPolicy }} + restartPolicy: {{ default .Values.global.seaweedfs.restartPolicy .Values.master.restartPolicy }} {{- if .Values.master.affinity }} affinity: {{ tpl .Values.master.affinity . | nindent 8 | trim }} @@ -80,7 +81,7 @@ spec: containers: - name: seaweedfs image: {{ template "master.image" . }} - imagePullPolicy: {{ default "IfNotPresent" .Values.global.imagePullPolicy }} + imagePullPolicy: {{ default "IfNotPresent" .Values.global.seaweedfs.imagePullPolicy }} env: - name: POD_IP valueFrom: @@ -97,7 +98,7 @@ spec: - name: SEAWEEDFS_FULLNAME value: "{{ include "seaweedfs.fullname" . }}" {{- $mergedExtraEnvironmentVars := dict }} - {{- include "seaweedfs.mergeExtraEnvironmentVars" (dict "global" .Values.global "component" .Values.master "target" $mergedExtraEnvironmentVars) }} + {{- include "seaweedfs.mergeExtraEnvironmentVars" (dict "global" .Values.global.seaweedfs "component" .Values.master "target" $mergedExtraEnvironmentVars) }} {{- range $key := keys $mergedExtraEnvironmentVars | sortAlpha }} {{- $value := index $mergedExtraEnvironmentVars $key }} - name: {{ $key }} @@ -121,23 +122,23 @@ spec: {{- if .Values.master.loggingOverrideLevel }} -v={{ .Values.master.loggingOverrideLevel }} \ {{- else }} - -v={{ .Values.global.loggingLevel }} \ + -v={{ .Values.global.seaweedfs.loggingLevel }} \ {{- end }} master \ -port={{ .Values.master.port }} \ -mdir=/data \ -ip.bind={{ .Values.master.ipBind }} \ - {{- if .Values.global.enableReplication }} - -defaultReplication={{ .Values.global.replicationPlacement }} \ + {{- if .Values.global.seaweedfs.enableReplication }} + -defaultReplication={{ .Values.global.seaweedfs.replicationPlacement }} \ {{- else }} -defaultReplication={{ .Values.master.defaultReplication }} \ {{- end }} {{- if .Values.master.volumePreallocate }} -volumePreallocate \ {{- end }} - {{- if .Values.global.monitoring.enabled }} - {{- if and .Values.global.monitoring.gatewayHost .Values.global.monitoring.gatewayPort }} - -metrics.address="{{ .Values.global.monitoring.gatewayHost }}:{{ .Values.global.monitoring.gatewayPort }}" \ + {{- if .Values.global.seaweedfs.monitoring.enabled }} + {{- if and .Values.global.seaweedfs.monitoring.gatewayHost .Values.global.seaweedfs.monitoring.gatewayPort }} + -metrics.address="{{ .Values.global.seaweedfs.monitoring.gatewayHost }}:{{ .Values.global.seaweedfs.monitoring.gatewayPort }}" \ {{- if .Values.master.metricsIntervalSec }} -metrics.intervalSeconds={{ .Values.master.metricsIntervalSec }} \ {{- end }} @@ -187,7 +188,7 @@ spec: readOnly: true mountPath: /etc/seaweedfs/master.toml subPath: master.toml - {{- if .Values.global.enableSecurity }} + {{- if .Values.global.seaweedfs.enableSecurity }} - name: security-config readOnly: true mountPath: /etc/seaweedfs/security.toml @@ -212,7 +213,7 @@ spec: ports: - containerPort: {{ .Values.master.port }} name: swfs-master - {{- if and .Values.global.monitoring.enabled .Values.master.metricsPort }} + {{- if and .Values.global.seaweedfs.monitoring.enabled .Values.master.metricsPort }} - containerPort: {{ .Values.master.metricsPort }} name: metrics {{- end }} @@ -286,7 +287,7 @@ spec: - name: master-config configMap: name: {{ include "seaweedfs.fullname" . }}-master-config - {{- if .Values.global.enableSecurity }} + {{- if .Values.global.seaweedfs.enableSecurity }} - name: security-config configMap: name: {{ include "seaweedfs.fullname" . }}-security-config diff --git a/k8s/charts/seaweedfs/templates/s3/s3-deployment.yaml b/k8s/charts/seaweedfs/templates/s3/s3-deployment.yaml index 8164c6abe..c05f8d72c 100644 --- a/k8s/charts/seaweedfs/templates/s3/s3-deployment.yaml +++ b/k8s/charts/seaweedfs/templates/s3/s3-deployment.yaml @@ -1,3 +1,4 @@ +{{- include "seaweedfs.compat" . -}} {{- if .Values.s3.enabled }} apiVersion: apps/v1 kind: Deployment @@ -42,7 +43,7 @@ spec: {{- toYaml . | nindent 8 }} {{- end }} spec: - restartPolicy: {{ default .Values.global.restartPolicy .Values.s3.restartPolicy }} + restartPolicy: {{ default .Values.global.seaweedfs.restartPolicy .Values.s3.restartPolicy }} {{- if .Values.s3.affinity }} affinity: {{ tpl .Values.s3.affinity . | nindent 8 | trim }} @@ -74,7 +75,7 @@ spec: containers: - name: seaweedfs image: {{ template "s3.image" . }} - imagePullPolicy: {{ default "IfNotPresent" .Values.global.imagePullPolicy }} + imagePullPolicy: {{ default "IfNotPresent" .Values.global.seaweedfs.imagePullPolicy }} env: - name: POD_IP valueFrom: @@ -91,7 +92,7 @@ spec: - name: SEAWEEDFS_FULLNAME value: "{{ include "seaweedfs.fullname" . }}" {{- $mergedExtraEnvironmentVars := dict }} - {{- include "seaweedfs.mergeExtraEnvironmentVars" (dict "global" .Values.global "component" .Values.s3 "target" $mergedExtraEnvironmentVars) }} + {{- include "seaweedfs.mergeExtraEnvironmentVars" (dict "global" .Values.global.seaweedfs "component" .Values.s3 "target" $mergedExtraEnvironmentVars) }} {{- range $key := keys $mergedExtraEnvironmentVars | sortAlpha }} {{- $value := index $mergedExtraEnvironmentVars $key }} - name: {{ $key }} @@ -115,7 +116,7 @@ spec: {{- if .Values.s3.loggingOverrideLevel }} -v={{ .Values.s3.loggingOverrideLevel }} \ {{- else }} - -v={{ .Values.global.loggingLevel }} \ + -v={{ .Values.global.seaweedfs.loggingLevel }} \ {{- end }} s3 \ -ip.bind={{ .Values.s3.bindAddress }} \ @@ -123,7 +124,7 @@ spec: {{- if .Values.s3.metricsPort }} -metricsPort {{ .Values.s3.metricsPort }} \ {{- end }} - {{- if .Values.global.enableSecurity }} + {{- if .Values.global.seaweedfs.enableSecurity }} {{- if .Values.s3.httpsPort }} -port.https={{ .Values.s3.httpsPort }} \ {{- end }} @@ -155,7 +156,7 @@ spec: name: config-users readOnly: true {{- end }} - {{- if .Values.global.enableSecurity }} + {{- if .Values.global.seaweedfs.enableSecurity }} - name: security-config readOnly: true mountPath: /etc/seaweedfs/security.toml @@ -248,7 +249,7 @@ spec: - name: logs emptyDir: {} {{- end }} - {{- if .Values.global.enableSecurity }} + {{- if .Values.global.seaweedfs.enableSecurity }} - name: security-config configMap: name: {{ include "seaweedfs.fullname" . }}-security-config diff --git a/k8s/charts/seaweedfs/templates/s3/s3-servicemonitor.yaml b/k8s/charts/seaweedfs/templates/s3/s3-servicemonitor.yaml index 4f5cb37ad..4ceee0f1e 100644 --- a/k8s/charts/seaweedfs/templates/s3/s3-servicemonitor.yaml +++ b/k8s/charts/seaweedfs/templates/s3/s3-servicemonitor.yaml @@ -1,6 +1,7 @@ +{{- include "seaweedfs.compat" . -}} {{- if or .Values.s3.enabled .Values.filer.s3.enabled }} {{- if .Values.s3.metricsPort }} -{{- if .Values.global.monitoring.enabled }} +{{- if .Values.global.seaweedfs.monitoring.enabled }} apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor metadata: @@ -12,7 +13,7 @@ metadata: app.kubernetes.io/managed-by: {{ .Release.Service }} app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/component: s3 - {{- with .Values.global.monitoring.additionalLabels }} + {{- with .Values.global.seaweedfs.monitoring.additionalLabels }} {{- toYaml . | nindent 4 }} {{- end }} {{- if .Values.s3.annotations }} diff --git a/k8s/charts/seaweedfs/templates/sftp/sftp-deployment.yaml b/k8s/charts/seaweedfs/templates/sftp/sftp-deployment.yaml index edea5d52b..6e7ca5fb6 100644 --- a/k8s/charts/seaweedfs/templates/sftp/sftp-deployment.yaml +++ b/k8s/charts/seaweedfs/templates/sftp/sftp-deployment.yaml @@ -1,3 +1,4 @@ +{{- include "seaweedfs.compat" . -}} {{- if .Values.sftp.enabled }} apiVersion: apps/v1 kind: Deployment @@ -42,7 +43,7 @@ spec: {{- toYaml . | nindent 8 }} {{- end }} spec: - restartPolicy: {{ default .Values.global.restartPolicy .Values.sftp.restartPolicy }} + restartPolicy: {{ default .Values.global.seaweedfs.restartPolicy .Values.sftp.restartPolicy }} {{- if .Values.sftp.affinity }} affinity: {{ tpl .Values.sftp.affinity . | nindent 8 | trim }} @@ -74,7 +75,7 @@ spec: containers: - name: seaweedfs image: {{ template "sftp.image" . }} - imagePullPolicy: {{ default "IfNotPresent" .Values.global.imagePullPolicy }} + imagePullPolicy: {{ default "IfNotPresent" .Values.global.seaweedfs.imagePullPolicy }} env: - name: POD_IP valueFrom: @@ -91,7 +92,7 @@ spec: - name: SEAWEEDFS_FULLNAME value: "{{ include "seaweedfs.fullname" . }}" {{- $mergedExtraEnvironmentVars := dict }} - {{- include "seaweedfs.mergeExtraEnvironmentVars" (dict "global" .Values.global "component" .Values.sftp "target" $mergedExtraEnvironmentVars) }} + {{- include "seaweedfs.mergeExtraEnvironmentVars" (dict "global" .Values.global.seaweedfs "component" .Values.sftp "target" $mergedExtraEnvironmentVars) }} {{- range $key := keys $mergedExtraEnvironmentVars | sortAlpha }} {{- $value := index $mergedExtraEnvironmentVars $key }} - name: {{ $key }} @@ -115,7 +116,7 @@ spec: {{- if .Values.sftp.loggingOverrideLevel }} -v={{ .Values.sftp.loggingOverrideLevel }} \ {{- else }} - -v={{ .Values.global.loggingLevel }} \ + -v={{ .Values.global.seaweedfs.loggingLevel }} \ {{- end }} sftp \ -ip.bind={{ .Values.sftp.bindAddress }} \ @@ -156,7 +157,7 @@ spec: {{- if .Values.sftp.localSocket }} -localSocket={{ .Values.sftp.localSocket }} \ {{- end }} - {{- if .Values.global.enableSecurity }} + {{- if .Values.global.seaweedfs.enableSecurity }} -cert.file=/usr/local/share/ca-certificates/client/tls.crt \ -key.file=/usr/local/share/ca-certificates/client/tls.key \ {{- end }} @@ -175,7 +176,7 @@ spec: - mountPath: /etc/sw/ssh name: config-ssh readOnly: true - {{- if .Values.global.enableSecurity }} + {{- if .Values.global.seaweedfs.enableSecurity }} - name: security-config readOnly: true mountPath: /etc/seaweedfs/security.toml @@ -263,7 +264,7 @@ spec: - name: logs emptyDir: {} {{- end }} - {{- if .Values.global.enableSecurity }} + {{- if .Values.global.seaweedfs.enableSecurity }} - name: security-config configMap: name: {{ include "seaweedfs.fullname" . }}-security-config diff --git a/k8s/charts/seaweedfs/templates/sftp/sftp-servicemonitor.yaml b/k8s/charts/seaweedfs/templates/sftp/sftp-servicemonitor.yaml index ae76969e5..1495373e7 100644 --- a/k8s/charts/seaweedfs/templates/sftp/sftp-servicemonitor.yaml +++ b/k8s/charts/seaweedfs/templates/sftp/sftp-servicemonitor.yaml @@ -1,6 +1,7 @@ +{{- include "seaweedfs.compat" . -}} {{- if .Values.sftp.enabled }} {{- if .Values.sftp.metricsPort }} -{{- if .Values.global.monitoring.enabled }} +{{- if .Values.global.seaweedfs.monitoring.enabled }} apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor metadata: @@ -12,7 +13,7 @@ metadata: app.kubernetes.io/managed-by: {{ .Release.Service }} app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/component: sftp - {{- with .Values.global.monitoring.additionalLabels }} + {{- with .Values.global.seaweedfs.monitoring.additionalLabels }} {{- toYaml . | nindent 4 }} {{- end }} {{- if .Values.sftp.annotations }} diff --git a/k8s/charts/seaweedfs/templates/shared/_compat.tpl b/k8s/charts/seaweedfs/templates/shared/_compat.tpl new file mode 100644 index 000000000..0545ea975 --- /dev/null +++ b/k8s/charts/seaweedfs/templates/shared/_compat.tpl @@ -0,0 +1,59 @@ +{{/* +Backward-compatibility shim for the global.* → global.seaweedfs.* migration. + +When the chart is used as a subchart, .Values.global is shared with sibling +charts. To avoid namespace pollution, app-specific values were moved under +global.seaweedfs.* (and global.registry was renamed to global.imageRegistry). + +If a user still passes the OLD key paths (e.g. --set global.enableSecurity=true), +those keys will no longer have defaults in values.yaml, so their mere presence in +.Values.global means the user explicitly provided them. This helper merges them +into global.seaweedfs.* so the rest of the templates see a single, canonical +location. + +The helper mutates .Values.global.seaweedfs in-place via `set` and produces no +output. It is idempotent (safe to call more than once in the same render). + +Usage: {{- include "seaweedfs.compat" . -}} +*/}} +{{- define "seaweedfs.compat" -}} +{{- $g := .Values.global -}} +{{- $sw := $g.seaweedfs | default dict -}} + +{{/* --- image-related renames --- */}} +{{- if hasKey $g "registry" -}} +{{- $_ := set $g "imageRegistry" (default $g.imageRegistry $g.registry) -}} +{{- end -}} +{{- if hasKey $g "repository" -}} +{{- $img := $sw.image | default dict -}} +{{- $_ := set $img "repository" (default $img.repository $g.repository) -}} +{{- $_ := set $sw "image" $img -}} +{{- end -}} +{{- if hasKey $g "imageName" -}} +{{- $img := $sw.image | default dict -}} +{{- $_ := set $img "name" (default $img.name $g.imageName) -}} +{{- $_ := set $sw "image" $img -}} +{{- end -}} + +{{/* --- scalar keys that moved 1:1 under global.seaweedfs --- */}} +{{- range $key := list "createClusterRole" "imagePullPolicy" "restartPolicy" "loggingLevel" "enableSecurity" "masterServer" "serviceAccountName" "automountServiceAccountToken" "enableReplication" "replicationPlacement" -}} +{{- if hasKey $g $key -}} +{{- $_ := set $sw $key (index $g $key) -}} +{{- end -}} +{{- end -}} + +{{/* --- nested dict keys: deep-merge so partial overrides work --- */}} +{{- range $key := list "securityConfig" "certificates" "monitoring" "serviceAccountAnnotations" "extraEnvironmentVars" -}} +{{- if hasKey $g $key -}} +{{- $old := index $g $key | default dict -}} +{{- $new := index $sw $key | default dict -}} +{{- if and (kindIs "map" $old) (kindIs "map" $new) -}} +{{- $_ := set $sw $key (merge $old $new) -}} +{{- else -}} +{{- $_ := set $sw $key $old -}} +{{- end -}} +{{- end -}} +{{- end -}} + +{{- $_ := set $g "seaweedfs" $sw -}} +{{- end -}} diff --git a/k8s/charts/seaweedfs/templates/shared/_helpers.tpl b/k8s/charts/seaweedfs/templates/shared/_helpers.tpl index 8056cb73c..193b3bb74 100644 --- a/k8s/charts/seaweedfs/templates/shared/_helpers.tpl +++ b/k8s/charts/seaweedfs/templates/shared/_helpers.tpl @@ -143,9 +143,9 @@ Inject extra environment vars in the format key:value, if populated {{/* Computes the container image name for all components (if they are not overridden) */}} {{- define "common.image" -}} -{{- $registryName := default .Values.image.registry .Values.global.registry | toString -}} -{{- $repositoryName := default .Values.image.repository .Values.global.repository | toString -}} -{{- $name := .Values.global.imageName | toString -}} +{{- $registryName := default .Values.image.registry .Values.global.imageRegistry | toString -}} +{{- $repositoryName := default .Values.image.repository .Values.global.seaweedfs.image.repository | toString -}} +{{- $name := .Values.global.seaweedfs.image.name | toString -}} {{- $tag := default .Chart.AppVersion .Values.image.tag | toString -}} {{- if .Values.image.repository -}} {{- $name = $repositoryName -}} @@ -318,8 +318,8 @@ Generate master server argument value, using global.masterServer if set, otherwi Usage: {{ include "seaweedfs.masterServerArg" . }} */}} {{- define "seaweedfs.masterServerArg" -}} -{{- if .Values.global.masterServer -}} -{{- .Values.global.masterServer -}} +{{- if .Values.global.seaweedfs.masterServer -}} +{{- .Values.global.seaweedfs.masterServer -}} {{- else -}} {{- include "seaweedfs.masterServers" . -}} {{- end -}} @@ -329,7 +329,7 @@ Usage: {{ include "seaweedfs.masterServerArg" . }} Create the name of the service account to use */}} {{- define "seaweedfs.serviceAccountName" -}} -{{- .Values.global.serviceAccountName | default "seaweedfs" -}} +{{- .Values.global.seaweedfs.serviceAccountName | default "seaweedfs" -}} {{- end -}} {{/* S3 TLS cert/key arguments, using custom secret if s3.tlsSecret is set */}} diff --git a/k8s/charts/seaweedfs/templates/shared/cluster-role.yaml b/k8s/charts/seaweedfs/templates/shared/cluster-role.yaml index 10089d0cd..14d09f999 100644 --- a/k8s/charts/seaweedfs/templates/shared/cluster-role.yaml +++ b/k8s/charts/seaweedfs/templates/shared/cluster-role.yaml @@ -1,4 +1,5 @@ -{{- if .Values.global.createClusterRole }} +{{- include "seaweedfs.compat" . -}} +{{- if .Values.global.seaweedfs.createClusterRole }} #hack for delete pod master after migration --- kind: ClusterRole diff --git a/k8s/charts/seaweedfs/templates/shared/post-install-bucket-hook.yaml b/k8s/charts/seaweedfs/templates/shared/post-install-bucket-hook.yaml index 1a20a293a..1f4a49a74 100644 --- a/k8s/charts/seaweedfs/templates/shared/post-install-bucket-hook.yaml +++ b/k8s/charts/seaweedfs/templates/shared/post-install-bucket-hook.yaml @@ -1,10 +1,11 @@ +{{- include "seaweedfs.compat" . -}} {{- /* Support bucket creation for both standalone filer.s3 and allInOne modes */}} {{- $createBuckets := list }} {{- $s3Enabled := false }} {{- $enableAuth := false }} {{- $existingConfigSecret := "" }} {{- $bucketsFolder := "/buckets" }} -{{- $bucketEnvVars := merge (dict) (.Values.global.extraEnvironmentVars | default dict) }} +{{- $bucketEnvVars := merge (dict) (.Values.global.seaweedfs.extraEnvironmentVars | default dict) }} {{- if .Values.allInOne.enabled }} {{- $bucketEnvVars = merge (.Values.allInOne.extraEnvironmentVars | default dict) $bucketEnvVars }} {{- else }} @@ -68,7 +69,7 @@ spec: containers: - name: post-install-job image: {{ template "master.image" . }} - imagePullPolicy: {{ $.Values.global.imagePullPolicy | default "IfNotPresent" }} + imagePullPolicy: {{ $.Values.global.seaweedfs.imagePullPolicy | default "IfNotPresent" }} env: - name: WEED_CLUSTER_DEFAULT value: "sw" @@ -183,7 +184,7 @@ spec: ports: - containerPort: {{ .Values.master.port }} name: swfs-master - {{- if and .Values.global.monitoring.enabled .Values.master.metricsPort }} + {{- if and .Values.global.seaweedfs.monitoring.enabled .Values.master.metricsPort }} - containerPort: {{ .Values.master.metricsPort }} name: metrics {{- end }} diff --git a/k8s/charts/seaweedfs/templates/shared/seaweedfs-grafana-dashboard.yaml b/k8s/charts/seaweedfs/templates/shared/seaweedfs-grafana-dashboard.yaml index c7212b6ae..3d2f0fd61 100644 --- a/k8s/charts/seaweedfs/templates/shared/seaweedfs-grafana-dashboard.yaml +++ b/k8s/charts/seaweedfs/templates/shared/seaweedfs-grafana-dashboard.yaml @@ -1,4 +1,5 @@ -{{- if .Values.global.monitoring.enabled }} +{{- include "seaweedfs.compat" . -}} +{{- if .Values.global.seaweedfs.monitoring.enabled }} {{- $files := .Files.Glob "dashboards/*.json" }} {{- if $files }} {{- range $path, $file := $files }} diff --git a/k8s/charts/seaweedfs/templates/shared/security-configmap.yaml b/k8s/charts/seaweedfs/templates/shared/security-configmap.yaml index 07e6c6dcc..667ed8533 100644 --- a/k8s/charts/seaweedfs/templates/shared/security-configmap.yaml +++ b/k8s/charts/seaweedfs/templates/shared/security-configmap.yaml @@ -1,4 +1,5 @@ -{{- if .Values.global.enableSecurity }} +{{- include "seaweedfs.compat" . -}} +{{- if .Values.global.seaweedfs.enableSecurity }} apiVersion: v1 kind: ConfigMap metadata: @@ -21,14 +22,14 @@ data: security.toml: |- # this file is read by master, volume server, and filer - {{- if .Values.global.securityConfig.jwtSigning.volumeWrite }} + {{- if .Values.global.seaweedfs.securityConfig.jwtSigning.volumeWrite }} # the jwt signing key is read by master and volume server # a jwt expires in 10 seconds [jwt.signing] key = "{{ dig "jwt" "signing" "key" (randAlphaNum 10 | b64enc) $securityConfig }}" {{- end }} - {{- if .Values.global.securityConfig.jwtSigning.volumeRead }} + {{- if .Values.global.seaweedfs.securityConfig.jwtSigning.volumeRead }} # this jwt signing key is read by master and volume server, and it is used for read operations: # - the Master server generates the JWT, which can be used to read a certain file on a volume server # - the Volume server validates the JWT on reading @@ -36,7 +37,7 @@ data: key = "{{ dig "jwt" "signing" "read" "key" (randAlphaNum 10 | b64enc) $securityConfig }}" {{- end }} - {{- if .Values.global.securityConfig.jwtSigning.filerWrite }} + {{- if .Values.global.seaweedfs.securityConfig.jwtSigning.filerWrite }} # If this JWT key is configured, Filer only accepts writes over HTTP if they are signed with this JWT: # - f.e. the S3 API Shim generates the JWT # - the Filer server validates the JWT on writing @@ -45,7 +46,7 @@ data: key = "{{ dig "jwt" "filer_signing" "key" (randAlphaNum 10 | b64enc) $securityConfig }}" {{- end }} - {{- if .Values.global.securityConfig.jwtSigning.filerRead }} + {{- if .Values.global.seaweedfs.securityConfig.jwtSigning.filerRead }} # If this JWT key is configured, Filer only accepts reads over HTTP if they are signed with this JWT: # - f.e. the S3 API Shim generates the JWT # - the Filer server validates the JWT on reading diff --git a/k8s/charts/seaweedfs/templates/shared/service-account.yaml b/k8s/charts/seaweedfs/templates/shared/service-account.yaml index efcb3dcb2..f9b67d448 100644 --- a/k8s/charts/seaweedfs/templates/shared/service-account.yaml +++ b/k8s/charts/seaweedfs/templates/shared/service-account.yaml @@ -1,9 +1,10 @@ +{{- include "seaweedfs.compat" . -}} apiVersion: v1 kind: ServiceAccount metadata: name: {{ include "seaweedfs.serviceAccountName" . }} namespace: {{ .Release.Namespace }} - {{- with .Values.global.serviceAccountAnnotations }} + {{- with .Values.global.seaweedfs.serviceAccountAnnotations }} annotations: {{- toYaml . | nindent 4 }} {{- end }} @@ -12,4 +13,4 @@ metadata: helm.sh/chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} app.kubernetes.io/managed-by: {{ .Release.Service }} app.kubernetes.io/instance: {{ .Release.Name }} -automountServiceAccountToken: {{ .Values.global.automountServiceAccountToken }} \ No newline at end of file +automountServiceAccountToken: {{ .Values.global.seaweedfs.automountServiceAccountToken }} \ No newline at end of file diff --git a/k8s/charts/seaweedfs/templates/volume/volume-servicemonitor.yaml b/k8s/charts/seaweedfs/templates/volume/volume-servicemonitor.yaml index f3a3b5a02..b3ca54ebe 100644 --- a/k8s/charts/seaweedfs/templates/volume/volume-servicemonitor.yaml +++ b/k8s/charts/seaweedfs/templates/volume/volume-servicemonitor.yaml @@ -1,3 +1,4 @@ +{{- include "seaweedfs.compat" . -}} {{ $volumes := deepCopy .Values.volumes | mergeOverwrite (dict "" .Values.volume) }} {{- range $vname, $volume := $volumes }} {{- $volumeName := trimSuffix "-" (printf "volume-%s" $vname) }} @@ -5,7 +6,7 @@ {{- if $volume.enabled }} {{- if $volume.metricsPort }} -{{- if $.Values.global.monitoring.enabled }} +{{- if $.Values.global.seaweedfs.monitoring.enabled }} --- apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor @@ -18,7 +19,7 @@ metadata: app.kubernetes.io/managed-by: {{ $.Release.Service }} app.kubernetes.io/instance: {{ $.Release.Name }} app.kubernetes.io/component: {{ $volumeName }} - {{- with $.Values.global.monitoring.additionalLabels }} + {{- with $.Values.global.seaweedfs.monitoring.additionalLabels }} {{- toYaml . | nindent 4 }} {{- end }} {{- with $volume.annotations }} diff --git a/k8s/charts/seaweedfs/templates/volume/volume-statefulset.yaml b/k8s/charts/seaweedfs/templates/volume/volume-statefulset.yaml index 1ef97088c..78b5de017 100644 --- a/k8s/charts/seaweedfs/templates/volume/volume-statefulset.yaml +++ b/k8s/charts/seaweedfs/templates/volume/volume-statefulset.yaml @@ -1,3 +1,4 @@ +{{- include "seaweedfs.compat" . -}} {{ $volumes := deepCopy .Values.volumes | mergeOverwrite (dict "" .Values.volume) }} {{- range $vname, $volume := $volumes }} {{- $volumeName := trimSuffix "-" (printf "volume-%s" $vname) }} @@ -58,7 +59,7 @@ spec: topologySpreadConstraints: {{ tpl (printf "{{ $volumeName := \"%s\" }}%s" $volumeName $volume.topologySpreadConstraints) $ | nindent 8 | trim }} {{- end }} - restartPolicy: {{ default $.Values.global.restartPolicy $volume.restartPolicy }} + restartPolicy: {{ default $.Values.global.seaweedfs.restartPolicy $volume.restartPolicy }} {{- if $volume.tolerations }} tolerations: {{ tpl (printf "{{ $volumeName := \"%s\" }}%s" $volumeName $volume.tolerations) $ | indent 8 | trim }} @@ -76,7 +77,7 @@ spec: {{- if $volume.idx }} - name: seaweedfs-vol-move-idx image: {{ template "volume.image" $ }} - imagePullPolicy: {{ $.Values.global.imagePullPolicy | default "IfNotPresent" }} + imagePullPolicy: {{ $.Values.global.seaweedfs.imagePullPolicy | default "IfNotPresent" }} command: [ '/bin/sh', '-c' ] args: [ '{{range $dir := $volume.dataDirs }}if ls /{{$dir.name}}/*.idx >/dev/null 2>&1; then mv /{{$dir.name}}/*.idx /idx/ ; fi; {{end}}' ] volumeMounts: @@ -104,7 +105,7 @@ spec: containers: - name: seaweedfs image: {{ template "volume.image" $ }} - imagePullPolicy: {{ default "IfNotPresent" $.Values.global.imagePullPolicy }} + imagePullPolicy: {{ default "IfNotPresent" $.Values.global.seaweedfs.imagePullPolicy }} env: - name: POD_NAME valueFrom: @@ -121,7 +122,7 @@ spec: - name: SEAWEEDFS_FULLNAME value: "{{ include "seaweedfs.fullname" $ }}" {{- $mergedExtraEnvironmentVars := dict }} - {{- include "seaweedfs.mergeExtraEnvironmentVars" (dict "global" $.Values.global "component" $volume "target" $mergedExtraEnvironmentVars) }} + {{- include "seaweedfs.mergeExtraEnvironmentVars" (dict "global" $.Values.global.seaweedfs "component" $volume "target" $mergedExtraEnvironmentVars) }} {{- range $key := keys $mergedExtraEnvironmentVars | sortAlpha }} {{- $value := index $mergedExtraEnvironmentVars $key }} - name: {{ $key }} @@ -145,7 +146,7 @@ spec: {{- if $volume.loggingOverrideLevel }} -v={{ $volume.loggingOverrideLevel }} \ {{- else }} - -v={{ $.Values.global.loggingLevel }} \ + -v={{ $.Values.global.seaweedfs.loggingLevel }} \ {{- end }} volume \ -port={{ $volume.port }} \ @@ -210,7 +211,7 @@ spec: - name: idx mountPath: "/idx/" {{- end }} - {{- if $.Values.global.enableSecurity }} + {{- if $.Values.global.seaweedfs.enableSecurity }} - name: security-config readOnly: true mountPath: /etc/seaweedfs/security.toml @@ -332,7 +333,7 @@ spec: emptyDir: {} {{- end }} {{- end }} - {{- if $.Values.global.enableSecurity }} + {{- if $.Values.global.seaweedfs.enableSecurity }} - name: security-config configMap: name: {{ include "seaweedfs.fullname" $ }}-security-config diff --git a/k8s/charts/seaweedfs/templates/worker/worker-deployment.yaml b/k8s/charts/seaweedfs/templates/worker/worker-deployment.yaml index 4a65f1a74..4739fa77b 100644 --- a/k8s/charts/seaweedfs/templates/worker/worker-deployment.yaml +++ b/k8s/charts/seaweedfs/templates/worker/worker-deployment.yaml @@ -1,3 +1,4 @@ +{{- include "seaweedfs.compat" . -}} {{- if .Values.worker.enabled }} {{- if and (not .Values.worker.adminServer) (not .Values.admin.enabled) }} {{- fail "worker.adminServer must be set if admin.enabled is false within the same release" -}} @@ -45,7 +46,7 @@ spec: {{- toYaml . | nindent 8 }} {{- end }} spec: - restartPolicy: {{ default .Values.global.restartPolicy .Values.worker.restartPolicy }} + restartPolicy: {{ default .Values.global.seaweedfs.restartPolicy .Values.worker.restartPolicy }} {{- if .Values.worker.affinity }} affinity: {{ tpl .Values.worker.affinity . | nindent 8 | trim }} @@ -77,7 +78,7 @@ spec: containers: - name: seaweedfs image: {{ template "worker.image" . }} - imagePullPolicy: {{ default "IfNotPresent" .Values.global.imagePullPolicy }} + imagePullPolicy: {{ default "IfNotPresent" .Values.global.seaweedfs.imagePullPolicy }} env: - name: POD_IP valueFrom: @@ -94,7 +95,7 @@ spec: - name: SEAWEEDFS_FULLNAME value: "{{ include "seaweedfs.fullname" . }}" {{- $mergedExtraEnvironmentVars := dict }} - {{- include "seaweedfs.mergeExtraEnvironmentVars" (dict "global" .Values.global "component" .Values.worker "target" $mergedExtraEnvironmentVars) }} + {{- include "seaweedfs.mergeExtraEnvironmentVars" (dict "global" .Values.global.seaweedfs "component" .Values.worker "target" $mergedExtraEnvironmentVars) }} {{- range $key := keys $mergedExtraEnvironmentVars | sortAlpha }} {{- $value := index $mergedExtraEnvironmentVars $key }} - name: {{ $key }} @@ -118,7 +119,7 @@ spec: {{- if .Values.worker.loggingOverrideLevel }} -v={{ .Values.worker.loggingOverrideLevel }} \ {{- else }} - -v={{ .Values.global.loggingLevel }} \ + -v={{ .Values.global.seaweedfs.loggingLevel }} \ {{- end }} worker \ {{- if .Values.worker.adminServer }} @@ -148,7 +149,7 @@ spec: - name: worker-logs mountPath: /logs {{- end }} - {{- if .Values.global.enableSecurity }} + {{- if .Values.global.seaweedfs.enableSecurity }} - name: security-config readOnly: true mountPath: /etc/seaweedfs/security.toml @@ -251,7 +252,7 @@ spec: persistentVolumeClaim: claimName: {{ .Values.worker.logs.claimName }} {{- end }} - {{- if .Values.global.enableSecurity }} + {{- if .Values.global.seaweedfs.enableSecurity }} - name: security-config configMap: name: {{ include "seaweedfs.fullname" . }}-security-config diff --git a/k8s/charts/seaweedfs/templates/worker/worker-servicemonitor.yaml b/k8s/charts/seaweedfs/templates/worker/worker-servicemonitor.yaml index e309b6b4a..8ec4be870 100644 --- a/k8s/charts/seaweedfs/templates/worker/worker-servicemonitor.yaml +++ b/k8s/charts/seaweedfs/templates/worker/worker-servicemonitor.yaml @@ -1,6 +1,7 @@ +{{- include "seaweedfs.compat" . -}} {{- if .Values.worker.enabled }} {{- if .Values.worker.metricsPort }} -{{- if .Values.global.monitoring.enabled }} +{{- if .Values.global.seaweedfs.monitoring.enabled }} apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor metadata: @@ -12,7 +13,7 @@ metadata: app.kubernetes.io/managed-by: {{ .Release.Service }} app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/component: worker - {{- with .Values.global.monitoring.additionalLabels }} + {{- with .Values.global.seaweedfs.monitoring.additionalLabels }} {{- toYaml . | nindent 4 }} {{- end }} {{- with .Values.worker.serviceMonitor.annotations }} diff --git a/k8s/charts/seaweedfs/values.yaml b/k8s/charts/seaweedfs/values.yaml index 9ea4649dc..2ad609f7b 100644 --- a/k8s/charts/seaweedfs/values.yaml +++ b/k8s/charts/seaweedfs/values.yaml @@ -1,51 +1,57 @@ # Available parameters and their default values for the SeaweedFS chart. global: - createClusterRole: true - registry: "" - # if repository is set, it overrides the namespace part of imageName - repository: "" - imageName: chrislusf/seaweedfs - imagePullPolicy: IfNotPresent + # global.imageRegistry and global.imagePullSecrets are standard Helm conventions + # shared across subcharts. See https://helm.sh/docs/chart_template_guide/subcharts_and_globals/ + imageRegistry: "" imagePullSecrets: "" - restartPolicy: Always - loggingLevel: 1 - enableSecurity: false - masterServer: null - securityConfig: - jwtSigning: - volumeWrite: true - volumeRead: false - filerWrite: false - filerRead: false - # we will use this serviceAccountName for all ClusterRoles/ClusterRoleBindings - serviceAccountName: "seaweedfs" - serviceAccountAnnotations: {} - automountServiceAccountToken: true - certificates: - duration: 87600h - renewBefore: 720h - alphacrds: false - monitoring: - enabled: false - gatewayHost: null - gatewayPort: null - additionalLabels: {} - # if enabled will use global.replicationPlacement and override master & filer defaultReplicaPlacement config - enableReplication: false - # replication type is XYZ: - # X number of replica in other data centers - # Y number of replica in other racks in the same data center - # Z number of replica in other servers in the same rack - replicationPlacement: "001" - extraEnvironmentVars: - WEED_CLUSTER_DEFAULT: "sw" - WEED_CLUSTER_SW_MASTER: "{{ include \"seaweedfs.cluster.masterAddress\" . }}" - WEED_CLUSTER_SW_FILER: "{{ include \"seaweedfs.cluster.filerAddress\" . }}" - # WEED_JWT_SIGNING_KEY: - # secretKeyRef: - # name: seaweedfs-signing-key - # key: signingKey + # All app-specific global values are namespaced under global.seaweedfs + # to avoid polluting the shared global namespace when used as a subchart. + seaweedfs: + createClusterRole: true + image: + # if repository is set, it overrides the namespace part of image.name + repository: "" + name: chrislusf/seaweedfs + imagePullPolicy: IfNotPresent + restartPolicy: Always + loggingLevel: 1 + enableSecurity: false + masterServer: null + securityConfig: + jwtSigning: + volumeWrite: true + volumeRead: false + filerWrite: false + filerRead: false + # we will use this serviceAccountName for all ClusterRoles/ClusterRoleBindings + serviceAccountName: "seaweedfs" + serviceAccountAnnotations: {} + automountServiceAccountToken: true + certificates: + duration: 87600h + renewBefore: 720h + alphacrds: false + monitoring: + enabled: false + gatewayHost: null + gatewayPort: null + additionalLabels: {} + # if enabled will use global.seaweedfs.replicationPlacement and override master & filer defaultReplicaPlacement config + enableReplication: false + # replication type is XYZ: + # X number of replica in other data centers + # Y number of replica in other racks in the same data center + # Z number of replica in other servers in the same rack + replicationPlacement: "001" + extraEnvironmentVars: + WEED_CLUSTER_DEFAULT: "sw" + WEED_CLUSTER_SW_MASTER: "{{ include \"seaweedfs.cluster.masterAddress\" . }}" + WEED_CLUSTER_SW_FILER: "{{ include \"seaweedfs.cluster.filerAddress\" . }}" + # WEED_JWT_SIGNING_KEY: + # secretKeyRef: + # name: seaweedfs-signing-key + # key: signingKey image: registry: "" @@ -932,7 +938,7 @@ s3: # instead of the internal self-signed client certificate generated by cert-manager. # This allows using a publicly trusted certificate (e.g., from Let's Encrypt) # so that S3 clients don't need to trust the internal CA. - # Requires global.enableSecurity to be true. + # Requires global.seaweedfs.enableSecurity to be true. tlsSecret: null metricsPort: 9327 # Iceberg catalog REST port (Apache Iceberg REST Catalog API) @@ -1203,7 +1209,7 @@ admin: dataDir: "" # If empty, configuration is kept in memory only # Master servers to connect to - # If empty, uses global.masterServer or auto-discovers from master statefulset + # If empty, uses global.seaweedfs.masterServer or auto-discovers from master statefulset masters: "" # URL path prefix when running behind a reverse proxy under a subdirectory