3 [etcd-operator](https://coreos.com/blog/introducing-the-etcd-operator.html) Simplify etcd cluster
4 configuration and management.
6 __DISCLAIMER:__ While this chart has been well-tested, the etcd-operator is still currently in beta.
7 Current project status is available [here](https://github.com/coreos/etcd-operator).
11 This chart bootstraps an etcd-operator and allows the deployment of etcd-cluster(s).
13 ## Official Documentation
15 Official project documentation found [here](https://github.com/coreos/etcd-operator)
19 - Kubernetes 1.4+ with Beta APIs enabled
20 - __Suggested:__ PV provisioner support in the underlying infrastructure to support backups
22 ## Installing the Chart
24 To install the chart with the release name `my-release`:
27 $ helm install stable/etcd-operator --name my-release
30 __Note__: If you set `cluster.enabled` on install, it will have no effect.
31 Before you create an etcd cluster, the TPR must be installed by the operator, so this option is ignored during helm installs, but can be used in upgrades.
33 ## Uninstalling the Chart
35 To uninstall/delete the `my-release` deployment:
38 $ helm delete my-release
41 The command removes all the Kubernetes components EXCEPT the persistent volume.
44 Updating the TPR resource will not result in the cluster being update until `kubectl apply` for
45 TPRs is fixed see [kubernetes/issues/29542](https://github.com/kubernetes/kubernetes/issues/29542)
46 Work around options are documented [here](https://github.com/coreos/etcd-operator#resize-an-etcd-cluster)
50 The following table lists the configurable parameters of the etcd-operator chart and their default values.
52 | Parameter | Description | Default |
53 | ------------------------------------------------- | -------------------------------------------------------------------- | ---------------------------------------------- |
54 | `rbac.create` | Install required RBAC service account, roles and rolebindings | `true` |
55 | `rbac.apiVersion` | RBAC api version `v1alpha1\|v1beta1` | `v1beta1` |
56 | `rbac.etcdOperatorServiceAccountName` | Name of the service account resource when RBAC is enabled | `etcd-operator-sa` |
57 | `rbac.backupOperatorServiceAccountName` | Name of the service account resource when RBAC is enabled | `etcd-backup-operator-sa` |
58 | `rbac.restoreOperatorServiceAccountName` | Name of the service account resource when RBAC is enabled | `etcd-restore-operator-sa` |
59 | `deployments.etcdOperator` | Deploy the etcd cluster operator | `true` |
60 | `deployments.backupOperator` | Deploy the etcd backup operator | `true` |
61 | `deployments.restoreOperator` | Deploy the etcd restore operator | `true` |
62 | `customResources.createEtcdClusterCRD` | Create a custom resource: EtcdCluster | `false` |
63 | `customResources.createBackupCRD` | Create an a custom resource: EtcdBackup | `false` |
64 | `customResources.createRestoreCRD` | Create an a custom resource: EtcdRestore | `false` |
65 | `etcdOperator.name` | Etcd Operator name | `etcd-operator` |
66 | `etcdOperator.replicaCount` | Number of operator replicas to create (only 1 is supported) | `1` |
67 | `etcdOperator.image.repository` | etcd-operator container image | `quay.io/coreos/etcd-operator` |
68 | `etcdOperator.image.tag` | etcd-operator container image tag | `v0.9.3` |
69 | `etcdOperator.image.pullpolicy` | etcd-operator container image pull policy | `Always` |
70 | `etcdOperator.resources.cpu` | CPU limit per etcd-operator pod | `100m` |
71 | `etcdOperator.resources.memory` | Memory limit per etcd-operator pod | `128Mi` |
72 | `etcdOperator.nodeSelector` | Node labels for etcd operator pod assignment | `{}` |
73 | `etcdOperator.commandArgs` | Additional command arguments | `{}` |
74 | `backupOperator.name` | Backup operator name | `etcd-backup-operator` |
75 | `backupOperator.replicaCount` | Number of operator replicas to create (only 1 is supported) | `1` |
76 | `backupOperator.image.repository` | Operator container image | `quay.io/coreos/etcd-operator` |
77 | `backupOperator.image.tag` | Operator container image tag | `v0.9.3` |
78 | `backupOperator.image.pullpolicy` | Operator container image pull policy | `Always` |
79 | `backupOperator.resources.cpu` | CPU limit per etcd-operator pod | `100m` |
80 | `backupOperator.resources.memory` | Memory limit per etcd-operator pod | `128Mi` |
81 | `backupOperator.spec.storageType` | Storage to use for backup file, currently only S3 supported | `S3` |
82 | `backupOperator.spec.s3.s3Bucket` | Bucket in S3 to store backup file | |
83 | `backupOperator.spec.s3.awsSecret` | Name of kubernetes secret containing aws credentials | |
84 | `backupOperator.nodeSelector` | Node labels for etcd operator pod assignment | `{}` |
85 | `backupOperator.commandArgs` | Additional command arguments | `{}` |
86 | `restoreOperator.name` | Restore operator name | `etcd-backup-operator` |
87 | `restoreOperator.replicaCount` | Number of operator replicas to create (only 1 is supported) | `1` |
88 | `restoreOperator.image.repository` | Operator container image | `quay.io/coreos/etcd-operator` |
89 | `restoreOperator.image.tag` | Operator container image tag | `v0.9.3` |
90 | `restoreOperator.image.pullpolicy` | Operator container image pull policy | `Always` |
91 | `restoreOperator.resources.cpu` | CPU limit per etcd-operator pod | `100m` |
92 | `restoreOperator.resources.memory` | Memory limit per etcd-operator pod | `128Mi` |
93 | `restoreOperator.spec.s3.path` | Path in S3 bucket containing the backup file | |
94 | `restoreOperator.spec.s3.awsSecret` | Name of kubernetes secret containing aws credentials | |
95 | `restoreOperator.nodeSelector` | Node labels for etcd operator pod assignment | `{}` |
96 | `restoreOperator.commandArgs` | Additional command arguments | `{}` |
97 | `etcdCluster.name` | etcd cluster name | `etcd-cluster` |
98 | `etcdCluster.size` | etcd cluster size | `3` |
99 | `etcdCluster.version` | etcd cluster version | `3.2.25` |
100 | `etcdCluster.image.repository` | etcd container image | `quay.io/coreos/etcd-operator` |
101 | `etcdCluster.image.tag` | etcd container image tag | `v3.2.25` |
102 | `etcdCluster.image.pullPolicy` | etcd container image pull policy | `Always` |
103 | `etcdCluster.enableTLS` | Enable use of TLS | `false` |
104 | `etcdCluster.tls.static.member.peerSecret` | Kubernetes secret containing TLS peer certs | `etcd-peer-tls` |
105 | `etcdCluster.tls.static.member.serverSecret` | Kubernetes secret containing TLS server certs | `etcd-server-tls` |
106 | `etcdCluster.tls.static.operatorSecret` | Kubernetes secret containing TLS client certs | `etcd-client-tls` |
107 | `etcdCluster.pod.antiAffinity` | Whether etcd cluster pods should have an antiAffinity | `false` |
108 | `etcdCluster.pod.resources.limits.cpu` | CPU limit per etcd cluster pod | `100m` |
109 | `etcdCluster.pod.resources.limits.memory` | Memory limit per etcd cluster pod | `128Mi` |
110 | `etcdCluster.pod.resources.requests.cpu` | CPU request per etcd cluster pod | `100m` |
111 | `etcdCluster.pod.resources.requests.memory` | Memory request per etcd cluster pod | `128Mi` |
112 | `etcdCluster.pod.nodeSelector` | Node labels for etcd cluster pod assignment | `{}` |
114 Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. For example:
117 $ helm install --name my-release --set image.tag=v0.2.1 stable/etcd-operator
120 Alternatively, a YAML file that specifies the values for the parameters can be provided while
121 installing the chart. For example:
124 $ helm install --name my-release --values values.yaml stable/etcd-operator
128 By default the chart will install the recommended RBAC roles and rolebindings.
130 To determine if your cluster supports this running the following:
133 $ kubectl api-versions | grep rbac
136 You also need to have the following parameter on the api server. See the following document for how to enable [RBAC](https://kubernetes.io/docs/admin/authorization/rbac/)
139 --authorization-mode=RBAC
142 If the output contains "beta" or both "alpha" and "beta" you can may install rbac by default, if not, you may turn RBAC off as described below.
144 ### RBAC role/rolebinding creation
146 RBAC resources are enabled by default. To disable RBAC do the following:
149 $ helm install --name my-release stable/etcd-operator --set rbac.create=false
152 ### Changing RBAC manifest apiVersion
154 By default the RBAC resources are generated with the "v1beta1" apiVersion. To use "v1alpha1" do the following:
157 $ helm install --name my-release stable/etcd-operator --set rbac.install=true,rbac.apiVersion=v1alpha1
Code Review / demo.git / blob