From 8551b2a4372b5d99cc8eee63fb1810fcaab5e2ca Mon Sep 17 00:00:00 2001 From: ChrisLiu Date: Wed, 9 Jul 2025 20:47:10 +0800 Subject: [PATCH 1/5] kruise-game v1.0.0 release Signed-off-by: ChrisLiu --- versions/kruise-game/1.0.0/.helmignore | 23 + versions/kruise-game/1.0.0/Chart.yaml | 11 + versions/kruise-game/1.0.0/README.md | 49 + .../kruise-game/1.0.0/templates/_helpers.tpl | 62 + .../templates/cert-manager/okg-issuer.yaml | 10 + .../cert-manager/okg-tls-certificate.yaml | 39 + .../1.0.0/templates/cert-manager/self-ca.yaml | 21 + .../templates/cert-manager/self-issuer.yaml | 13 + .../templates/controller_manager_config.yaml | 77 + .../templates/game.kruise.io_gameservers.yaml | 1411 +++++++++++++++++ .../game.kruise.io_gameserversets.yaml | 1060 +++++++++++++ .../templates/index-offset-scheduler.yaml | 298 ++++ .../kruise-game/1.0.0/templates/manager.yaml | 122 ++ .../1.0.0/templates/prometheus-monitor.yaml | 17 + .../1.0.0/templates/rbac_role.yaml | 404 +++++ .../1.0.0/templates/scaler-service.yaml | 11 + .../webhooks/mutatingconfiguration.yaml | 44 + .../1.0.0/templates/webhooks/service.yaml | 12 + .../webhooks/validatingconfiguration.yaml | 42 + versions/kruise-game/1.0.0/values.yaml | 93 ++ 20 files changed, 3819 insertions(+) create mode 100644 versions/kruise-game/1.0.0/.helmignore create mode 100644 versions/kruise-game/1.0.0/Chart.yaml create mode 100644 versions/kruise-game/1.0.0/README.md create mode 100644 versions/kruise-game/1.0.0/templates/_helpers.tpl create mode 100644 versions/kruise-game/1.0.0/templates/cert-manager/okg-issuer.yaml create mode 100644 versions/kruise-game/1.0.0/templates/cert-manager/okg-tls-certificate.yaml create mode 100644 versions/kruise-game/1.0.0/templates/cert-manager/self-ca.yaml create mode 100644 versions/kruise-game/1.0.0/templates/cert-manager/self-issuer.yaml create mode 100644 versions/kruise-game/1.0.0/templates/controller_manager_config.yaml create mode 100644 versions/kruise-game/1.0.0/templates/game.kruise.io_gameservers.yaml create mode 100644 versions/kruise-game/1.0.0/templates/game.kruise.io_gameserversets.yaml create mode 100644 versions/kruise-game/1.0.0/templates/index-offset-scheduler.yaml create mode 100644 versions/kruise-game/1.0.0/templates/manager.yaml create mode 100644 versions/kruise-game/1.0.0/templates/prometheus-monitor.yaml create mode 100644 versions/kruise-game/1.0.0/templates/rbac_role.yaml create mode 100644 versions/kruise-game/1.0.0/templates/scaler-service.yaml create mode 100644 versions/kruise-game/1.0.0/templates/webhooks/mutatingconfiguration.yaml create mode 100644 versions/kruise-game/1.0.0/templates/webhooks/service.yaml create mode 100644 versions/kruise-game/1.0.0/templates/webhooks/validatingconfiguration.yaml create mode 100644 versions/kruise-game/1.0.0/values.yaml diff --git a/versions/kruise-game/1.0.0/.helmignore b/versions/kruise-game/1.0.0/.helmignore new file mode 100644 index 0000000..0e8a0eb --- /dev/null +++ b/versions/kruise-game/1.0.0/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/versions/kruise-game/1.0.0/Chart.yaml b/versions/kruise-game/1.0.0/Chart.yaml new file mode 100644 index 0000000..acd3ad5 --- /dev/null +++ b/versions/kruise-game/1.0.0/Chart.yaml @@ -0,0 +1,11 @@ +apiVersion: v1 +name: kruise-game +description: Helm chart for kruise-game components +version: 1.0.0 +appVersion: 1.0.0 +kubeVersion: ">= 1.18.0-0" +sources: + - https://github.com/openkruise/kruise-game +annotations: + artifacthub.io/changes: | + - "[Changed]: https://github.com/openkruise/kruise-game/blob/master/CHANGELOG.md" \ No newline at end of file diff --git a/versions/kruise-game/1.0.0/README.md b/versions/kruise-game/1.0.0/README.md new file mode 100644 index 0000000..e25006d --- /dev/null +++ b/versions/kruise-game/1.0.0/README.md @@ -0,0 +1,49 @@ +# Kruise Game v1.0.0 + +## Configuration + +The following table lists the configurable parameters of the kruise-game chart and their default values. + +| Parameter | Description | Default | +|-----------------------------------|-----------------------------------------------------------------------------|----------------------------------| +| `installation.namespace` | Namespace for kruise-game operation installation | `kruise-game-system` | +| `installation.createNamespace` | Whether to create the installation.namespace | `true` | +| `kruiseGame.fullname` | Nick name for kruise-game deployment and other configurations | `kruise-game-controller-manager` | +| `kruiseGame.healthBindPort` | Port for checking health of kruise-game container | `8082` | +| `kruiseGame.webhook.port` | Port of webhook served by kruise-game container | `443` | +| `kruiseGame.webhook.targetPort` | ObjectSelector for workloads in MutatingWebhookConfigurations | `9876` | +| `kruiseGame.apiServerQps` | Indicates the maximum QPS to the master from kruise-game-controller-manager | `5` | +| `kruiseGame.apiServerQpsBurst` | Maximum burst for throttle of kruise-game-controller-manager | `10` | +| `kruiseGame.gameserverWorkers` | Max concurrent workers for GameServer controller | `10` | +| `kruiseGame.gameserversetWorkers` | Max concurrent workers for GameServerSet controller | `10` | +| `replicaCount` | Replicas of kruise-game deployment | `1` | +| `image.repository` | Repository for kruise-game image | `openkruise/kruise-game-manager` | +| `image.tag` | Tag for kruise-game image | `v1.0.0` | +| `image.pullPolicy` | ImagePullPolicy for kruise-game container | `Always` | +| `serviceAccount.annotations` | The annotations for serviceAccount of kruise-game | ` ` | +| `service.port` | Port of kruise-game service | `8443` | +| `resources.limits.cpu` | CPU resource limit of kruise-game container | `500m` | +| `resources.limits.memory` | Memory resource limit of kruise-game container | `1Gi` | +| `resources.requests.cpu` | CPU resource request of kruise-game container | `10m` | +| `resources.requests.memory` | Memory resource request of kruise-game container | `64Mi` | +| `prometheus.enabled` | Whether to bind metric endpoint | `true` | +| `prometheus.monitorService.port` | Port of the monitorservice bind to | `8080` | +| `scale.service.port` | Port of the external scaler server binds to | `6000` | +| `scale.service.targetPort` | TargetPort of the external scaler server binds to | `6000` | +| `network.totalWaitTime` | Maximum time to wait for network ready, the unit is seconds | `60` | +| `network.probeIntervalTime` | Time interval for detecting network status, the unit is seconds | `5` | +| `cloudProvider.installCRD` | Whether to install CloudProvider CRD | `true` | +| `indexOffsetScheduler.enabled` | Whether to install index-offset-scheduler | `false` | + + + +Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. For example, + +### Optional: the local image for China + +If you are in China and have problem to pull image from official DockerHub, you can use the registry hosted on Alibaba Cloud: + +```bash +$ helm install kruise-game https://... --set image.repository=registry.cn-hangzhou.aliyuncs.com/acs/kruise-game-manager +... +``` \ No newline at end of file diff --git a/versions/kruise-game/1.0.0/templates/_helpers.tpl b/versions/kruise-game/1.0.0/templates/_helpers.tpl new file mode 100644 index 0000000..f41cfbb --- /dev/null +++ b/versions/kruise-game/1.0.0/templates/_helpers.tpl @@ -0,0 +1,62 @@ +{{/* +Expand the name of the chart. +*/}} +{{- define "kruise-game.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "kruise-game.fullname" -}} +{{- if .Values.fullnameOverride }} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "kruise-game.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "kruise-game.labels" -}} +helm.sh/chart: {{ include "kruise-game.chart" . }} +{{ include "kruise-game.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "kruise-game.selectorLabels" -}} +app.kubernetes.io/name: {{ include "kruise-game.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "kruise-game.serviceAccountName" -}} +{{- if .Values.serviceAccount.create }} +{{- default (include "kruise-game.fullname" .) .Values.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.serviceAccount.name }} +{{- end }} +{{- end }} diff --git a/versions/kruise-game/1.0.0/templates/cert-manager/okg-issuer.yaml b/versions/kruise-game/1.0.0/templates/cert-manager/okg-issuer.yaml new file mode 100644 index 0000000..efeb542 --- /dev/null +++ b/versions/kruise-game/1.0.0/templates/cert-manager/okg-issuer.yaml @@ -0,0 +1,10 @@ +{{- if and .Values.certificates.certManager.enabled .Values.certificates.certManager.issuer.generate }} +apiVersion: cert-manager.io/v1 +kind: Issuer +metadata: + name: {{ .Values.kruiseGame.fullname }}-issuer + namespace: {{ .Values.installation.namespace }} +spec: + ca: + secretName: {{ .Values.certificates.certManager.caSecretName }} +{{- end }} diff --git a/versions/kruise-game/1.0.0/templates/cert-manager/okg-tls-certificate.yaml b/versions/kruise-game/1.0.0/templates/cert-manager/okg-tls-certificate.yaml new file mode 100644 index 0000000..cb441ff --- /dev/null +++ b/versions/kruise-game/1.0.0/templates/cert-manager/okg-tls-certificate.yaml @@ -0,0 +1,39 @@ +{{- if .Values.certificates.certManager.enabled }} +apiVersion: cert-manager.io/v1 +kind: Certificate +metadata: + name: {{ .Values.kruiseGame.fullname }}-cert + namespace: {{ .Values.installation.namespace }} +spec: + commonName: {{ .Values.kruiseGame.fullname }} + dnsNames: + - {{ .Values.kruiseGame.webhook.serviceName }}.{{ .Values.installation.namespace }} + - {{ .Values.kruiseGame.webhook.serviceName }}.{{ .Values.installation.namespace }}.svc + - {{ .Values.kruiseGame.webhook.serviceName }}.{{ .Values.installation.namespace }}.svc.{{ .Values.clusterDomain }} + secretName: {{ .Values.certificates.secretName }} + usages: + - server auth + - client auth + privateKey: + rotationPolicy: Always + algorithm: RSA + size: 2048 + duration: {{ .Values.certificates.certManager.duration }} + renewBefore: {{ .Values.certificates.certManager.renewBefore }} + issuerRef: + {{- if .Values.certificates.certManager.issuer.generate }} + name: {{ .Values.kruiseGame.fullname }}-issuer + kind: Issuer + group: cert-manager.io + {{- else }} + {{- if .Values.certificates.certManager.issuer.name }} + name: {{ .Values.certificates.certManager.issuer.name }} + {{- end }} + {{- if .Values.certificates.certManager.issuer.kind }} + kind: {{ .Values.certificates.certManager.issuer.kind }} + {{- end }} + {{- if .Values.certificates.certManager.issuer.group }} + group: {{ .Values.certificates.certManager.issuer.group }} + {{- end }} + {{- end }} +{{- end }} diff --git a/versions/kruise-game/1.0.0/templates/cert-manager/self-ca.yaml b/versions/kruise-game/1.0.0/templates/cert-manager/self-ca.yaml new file mode 100644 index 0000000..82fc605 --- /dev/null +++ b/versions/kruise-game/1.0.0/templates/cert-manager/self-ca.yaml @@ -0,0 +1,21 @@ +{{- if and .Values.certificates.certManager.enabled .Values.certificates.certManager.generateCA .Values.certificates.certManager.issuer.generate }} +apiVersion: cert-manager.io/v1 +kind: Certificate +metadata: + name: {{ .Values.kruiseGame.fullname }}-ca + namespace: {{ .Values.installation.namespace }} +spec: + isCA: true + commonName: {{ .Values.kruiseGame.fullname }} + secretName: {{ .Values.certificates.certManager.caSecretName }} + privateKey: + rotationPolicy: Always + algorithm: RSA + size: 2048 + duration: 8760h0m0s # 1 year + renewBefore: 720h0m0s # 1 month + issuerRef: + name: {{ .Values.kruiseGame.fullname }}-selfsigned-issuer + kind: Issuer + group: cert-manager.io +{{- end }} diff --git a/versions/kruise-game/1.0.0/templates/cert-manager/self-issuer.yaml b/versions/kruise-game/1.0.0/templates/cert-manager/self-issuer.yaml new file mode 100644 index 0000000..d6e1904 --- /dev/null +++ b/versions/kruise-game/1.0.0/templates/cert-manager/self-issuer.yaml @@ -0,0 +1,13 @@ +{{- if and .Values.certificates.certManager.enabled .Values.certificates.certManager.generateCA .Values.certificates.certManager.issuer.generate }} +apiVersion: cert-manager.io/v1 +kind: Issuer +metadata: + {{- with .Values.additionalAnnotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} + name: {{ .Values.kruiseGame.fullname }}-selfsigned-issuer + namespace: {{ .Values.installation.namespace }} +spec: + selfSigned: {} +{{- end }} diff --git a/versions/kruise-game/1.0.0/templates/controller_manager_config.yaml b/versions/kruise-game/1.0.0/templates/controller_manager_config.yaml new file mode 100644 index 0000000..cd4d5dd --- /dev/null +++ b/versions/kruise-game/1.0.0/templates/controller_manager_config.yaml @@ -0,0 +1,77 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: kruise-game-manager-config + namespace: {{ .Values.installation.namespace }} +data: + config.toml: | + [kubernetes] + enable = true + [kubernetes.hostPort] + max_port = 9000 + min_port = 8000 + + [alibabacloud] + enable = true + [alibabacloud.slb] + max_port = 700 + min_port = 500 + block_ports = [593] + [alibabacloud.nlb] + max_port = 1502 + min_port = 1000 + block_ports = [1025, 1434, 1068] + + [volcengine] + enable = true + [volcengine.clb] + max_port = 600 + min_port = 550 + block_ports = [593] + + [aws] + enable = false + [aws.nlb] + max_port = 30050 + min_port = 30001 + + [jdcloud] + enable = false + [jdcloud.nlb] + max_port = 700 + min_port = 500 + + [tencentcloud] + enable = true + + [hwcloud] + enable = false + [hwcloud.elb] + max_port = 700 + min_port = 500 + block_ports = [] + + controller_manager_config.yaml: | + apiVersion: controller-runtime.sigs.k8s.io/v1alpha1 + kind: ControllerManagerConfig + health: + healthProbeBindAddress: :8081 + metrics: + bindAddress: 127.0.0.1:8080 + webhook: + port: 9443 + leaderElection: + leaderElect: true + resourceName: c637bb1e.my.domain +# leaderElectionReleaseOnCancel defines if the leader should step down volume +# when the Manager ends. This requires the binary to immediately end when the +# Manager is stopped, otherwise, this setting is unsafe. Setting this significantly +# speeds up voluntary leader transitions as the new leader don't have to wait +# LeaseDuration time first. +# In the default scaffold provided, the program ends immediately after +# the manager stops, so would be fine to enable this option. However, +# if you are doing or is intended to do any operation such as perform cleanups +# after the manager stops then its usage might be unsafe. +# leaderElectionReleaseOnCancel: true + + diff --git a/versions/kruise-game/1.0.0/templates/game.kruise.io_gameservers.yaml b/versions/kruise-game/1.0.0/templates/game.kruise.io_gameservers.yaml new file mode 100644 index 0000000..aace3ff --- /dev/null +++ b/versions/kruise-game/1.0.0/templates/game.kruise.io_gameservers.yaml @@ -0,0 +1,1411 @@ +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.16.5 + name: gameservers.game.kruise.io +spec: + group: game.kruise.io + names: + kind: GameServer + listKind: GameServerList + plural: gameservers + shortNames: + - gs + singular: gameserver + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: The current state of GameServer + jsonPath: .status.currentState + name: STATE + type: string + - description: The operations state of GameServer + jsonPath: .spec.opsState + name: OPSSTATE + type: string + - description: The current deletionPriority of GameServer + jsonPath: .status.deletionPriority + name: DP + type: string + - description: The current updatePriority of GameServer + jsonPath: .status.updatePriority + name: UP + type: string + - description: The age of GameServer + jsonPath: .metadata.creationTimestamp + name: AGE + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + description: GameServer is the Schema for the gameservers API + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: GameServerSpec defines the desired state of GameServer + properties: + containers: + description: |- + Containers can be used to make the corresponding GameServer container fields + different from the fields defined by GameServerTemplate in GameServerSetSpec. + items: + properties: + image: + description: |- + Image indicates the image of the container to update. + When Image updated, pod.spec.containers[*].image will be updated immediately. + type: string + name: + description: Name indicates the name of the container to update. + type: string + resources: + description: |- + Resources indicates the resources of the container to update. + When Resources updated, pod.spec.containers[*].Resources will be not updated immediately, + which will be updated when pod recreate. + properties: + claims: + description: |- + Claims lists the names of resources, defined in spec.resourceClaims, + that are used by this container. + + This is an alpha field and requires enabling the + DynamicResourceAllocation feature gate. + + This field is immutable. It can only be set for containers. + items: + description: ResourceClaim references one entry in PodSpec.ResourceClaims. + properties: + name: + description: |- + Name must match the name of one entry in pod.spec.resourceClaims of + the Pod where this field is used. It makes that resource available + inside a container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + type: object + required: + - name + type: object + type: array + deletionPriority: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + networkDisabled: + type: boolean + opsState: + type: string + updatePriority: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + type: object + status: + description: GameServerStatus defines the observed state of GameServer + properties: + conditions: + description: Conditions is an array of current observed GameServer + conditions. + items: + properties: + lastProbeTime: + description: Last time we probed the condition. + format: date-time + type: string + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + format: date-time + type: string + message: + description: Human-readable message indicating details about + last transition. + type: string + reason: + description: Unique, one-word, CamelCase reason for the condition's + last transition. + type: string + status: + description: |- + Status is the status of the condition. + Can be True, False, Unknown. + type: string + type: + description: Type is the type of the condition. + type: string + required: + - status + - type + type: object + type: array + currentState: + type: string + deletionPriority: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + desiredState: + description: |- + INSERT ADDITIONAL STATUS FIELD - define observed state of cluster + Important: Run "make" to regenerate code after modifying this file + type: string + lastTransitionTime: + format: date-time + type: string + networkStatus: + properties: + createTime: + format: date-time + type: string + currentNetworkState: + type: string + desiredNetworkState: + type: string + externalAddresses: + items: + properties: + endPoint: + type: string + ip: + type: string + portRange: + properties: + portRange: + type: string + protocol: + description: Protocol defines network protocols supported + for things like container ports. + type: string + type: object + ports: + items: + properties: + name: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + protocol: + description: Protocol defines network protocols supported + for things like container ports. + type: string + required: + - name + type: object + type: array + required: + - ip + type: object + type: array + internalAddresses: + items: + properties: + endPoint: + type: string + ip: + type: string + portRange: + properties: + portRange: + type: string + protocol: + description: Protocol defines network protocols supported + for things like container ports. + type: string + type: object + ports: + items: + properties: + name: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + protocol: + description: Protocol defines network protocols supported + for things like container ports. + type: string + required: + - name + type: object + type: array + required: + - ip + type: object + type: array + lastTransitionTime: + format: date-time + type: string + networkType: + type: string + type: object + podStatus: + description: |- + PodStatus represents information about the status of a pod. Status may trail the actual + state of a system, especially if the node that hosts the pod cannot contact the control + plane. + properties: + conditions: + description: |- + Current service state of pod. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-conditions + items: + description: PodCondition contains details for the current condition + of this pod. + properties: + lastProbeTime: + description: Last time we probed the condition. + format: date-time + type: string + lastTransitionTime: + description: Last time the condition transitioned from one + status to another. + format: date-time + type: string + message: + description: Human-readable message indicating details about + last transition. + type: string + reason: + description: Unique, one-word, CamelCase reason for the + condition's last transition. + type: string + status: + description: |- + Status is the status of the condition. + Can be True, False, Unknown. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-conditions + type: string + type: + description: |- + Type is the type of the condition. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-conditions + type: string + required: + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + containerStatuses: + description: |- + The list has one entry per container in the manifest. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-and-container-status + items: + description: ContainerStatus contains details for the current + status of this container. + properties: + allocatedResources: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + AllocatedResources represents the compute resources allocated for this container by the + node. Kubelet sets this value to Container.Resources.Requests upon successful pod admission + and after successfully admitting desired pod resize. + type: object + containerID: + description: |- + ContainerID is the ID of the container in the format '://'. + Where type is a container runtime identifier, returned from Version call of CRI API + (for example "containerd"). + type: string + image: + description: |- + Image is the name of container image that the container is running. + The container image may not match the image used in the PodSpec, + as it may have been resolved by the runtime. + More info: https://kubernetes.io/docs/concepts/containers/images. + type: string + imageID: + description: |- + ImageID is the image ID of the container's image. The image ID may not + match the image ID of the image used in the PodSpec, as it may have been + resolved by the runtime. + type: string + lastState: + description: |- + LastTerminationState holds the last termination state of the container to + help debug container crashes and restarts. This field is not + populated if the container is still running and RestartCount is 0. + properties: + running: + description: Details about a running container + properties: + startedAt: + description: Time at which the container was last + (re-)started + format: date-time + type: string + type: object + terminated: + description: Details about a terminated container + properties: + containerID: + description: Container's ID in the format '://' + type: string + exitCode: + description: Exit status from the last termination + of the container + format: int32 + type: integer + finishedAt: + description: Time at which the container last terminated + format: date-time + type: string + message: + description: Message regarding the last termination + of the container + type: string + reason: + description: (brief) reason from the last termination + of the container + type: string + signal: + description: Signal from the last termination of + the container + format: int32 + type: integer + startedAt: + description: Time at which previous execution of + the container started + format: date-time + type: string + required: + - exitCode + type: object + waiting: + description: Details about a waiting container + properties: + message: + description: Message regarding why the container + is not yet running. + type: string + reason: + description: (brief) reason the container is not + yet running. + type: string + type: object + type: object + name: + description: |- + Name is a DNS_LABEL representing the unique name of the container. + Each container in a pod must have a unique name across all container types. + Cannot be updated. + type: string + ready: + description: |- + Ready specifies whether the container is currently passing its readiness check. + The value will change as readiness probes keep executing. If no readiness + probes are specified, this field defaults to true once the container is + fully started (see Started field). + + The value is typically used to determine whether a container is ready to + accept traffic. + type: boolean + resources: + description: |- + Resources represents the compute resource requests and limits that have been successfully + enacted on the running container after it has been started or has been successfully resized. + properties: + claims: + description: |- + Claims lists the names of resources, defined in spec.resourceClaims, + that are used by this container. + + This is an alpha field and requires enabling the + DynamicResourceAllocation feature gate. + + This field is immutable. It can only be set for containers. + items: + description: ResourceClaim references one entry in + PodSpec.ResourceClaims. + properties: + name: + description: |- + Name must match the name of one entry in pod.spec.resourceClaims of + the Pod where this field is used. It makes that resource available + inside a container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + type: object + restartCount: + description: |- + RestartCount holds the number of times the container has been restarted. + Kubelet makes an effort to always increment the value, but there + are cases when the state may be lost due to node restarts and then the value + may be reset to 0. The value is never negative. + format: int32 + type: integer + started: + description: |- + Started indicates whether the container has finished its postStart lifecycle hook + and passed its startup probe. + Initialized as false, becomes true after startupProbe is considered + successful. Resets to false when the container is restarted, or if kubelet + loses state temporarily. In both cases, startup probes will run again. + Is always true when no startupProbe is defined and container is running and + has passed the postStart lifecycle hook. The null value must be treated the + same as false. + type: boolean + state: + description: State holds details about the container's current + condition. + properties: + running: + description: Details about a running container + properties: + startedAt: + description: Time at which the container was last + (re-)started + format: date-time + type: string + type: object + terminated: + description: Details about a terminated container + properties: + containerID: + description: Container's ID in the format '://' + type: string + exitCode: + description: Exit status from the last termination + of the container + format: int32 + type: integer + finishedAt: + description: Time at which the container last terminated + format: date-time + type: string + message: + description: Message regarding the last termination + of the container + type: string + reason: + description: (brief) reason from the last termination + of the container + type: string + signal: + description: Signal from the last termination of + the container + format: int32 + type: integer + startedAt: + description: Time at which previous execution of + the container started + format: date-time + type: string + required: + - exitCode + type: object + waiting: + description: Details about a waiting container + properties: + message: + description: Message regarding why the container + is not yet running. + type: string + reason: + description: (brief) reason the container is not + yet running. + type: string + type: object + type: object + volumeMounts: + description: Status of volume mounts. + items: + description: VolumeMountStatus shows status of volume + mounts. + properties: + mountPath: + description: MountPath corresponds to the original + VolumeMount. + type: string + name: + description: Name corresponds to the name of the original + VolumeMount. + type: string + readOnly: + description: ReadOnly corresponds to the original + VolumeMount. + type: boolean + recursiveReadOnly: + description: |- + RecursiveReadOnly must be set to Disabled, Enabled, or unspecified (for non-readonly mounts). + An IfPossible value in the original VolumeMount must be translated to Disabled or Enabled, + depending on the mount result. + type: string + required: + - mountPath + - name + type: object + type: array + x-kubernetes-list-map-keys: + - mountPath + x-kubernetes-list-type: map + required: + - image + - imageID + - name + - ready + - restartCount + type: object + type: array + x-kubernetes-list-type: atomic + ephemeralContainerStatuses: + description: Status for any ephemeral containers that have run + in this pod. + items: + description: ContainerStatus contains details for the current + status of this container. + properties: + allocatedResources: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + AllocatedResources represents the compute resources allocated for this container by the + node. Kubelet sets this value to Container.Resources.Requests upon successful pod admission + and after successfully admitting desired pod resize. + type: object + containerID: + description: |- + ContainerID is the ID of the container in the format '://'. + Where type is a container runtime identifier, returned from Version call of CRI API + (for example "containerd"). + type: string + image: + description: |- + Image is the name of container image that the container is running. + The container image may not match the image used in the PodSpec, + as it may have been resolved by the runtime. + More info: https://kubernetes.io/docs/concepts/containers/images. + type: string + imageID: + description: |- + ImageID is the image ID of the container's image. The image ID may not + match the image ID of the image used in the PodSpec, as it may have been + resolved by the runtime. + type: string + lastState: + description: |- + LastTerminationState holds the last termination state of the container to + help debug container crashes and restarts. This field is not + populated if the container is still running and RestartCount is 0. + properties: + running: + description: Details about a running container + properties: + startedAt: + description: Time at which the container was last + (re-)started + format: date-time + type: string + type: object + terminated: + description: Details about a terminated container + properties: + containerID: + description: Container's ID in the format '://' + type: string + exitCode: + description: Exit status from the last termination + of the container + format: int32 + type: integer + finishedAt: + description: Time at which the container last terminated + format: date-time + type: string + message: + description: Message regarding the last termination + of the container + type: string + reason: + description: (brief) reason from the last termination + of the container + type: string + signal: + description: Signal from the last termination of + the container + format: int32 + type: integer + startedAt: + description: Time at which previous execution of + the container started + format: date-time + type: string + required: + - exitCode + type: object + waiting: + description: Details about a waiting container + properties: + message: + description: Message regarding why the container + is not yet running. + type: string + reason: + description: (brief) reason the container is not + yet running. + type: string + type: object + type: object + name: + description: |- + Name is a DNS_LABEL representing the unique name of the container. + Each container in a pod must have a unique name across all container types. + Cannot be updated. + type: string + ready: + description: |- + Ready specifies whether the container is currently passing its readiness check. + The value will change as readiness probes keep executing. If no readiness + probes are specified, this field defaults to true once the container is + fully started (see Started field). + + The value is typically used to determine whether a container is ready to + accept traffic. + type: boolean + resources: + description: |- + Resources represents the compute resource requests and limits that have been successfully + enacted on the running container after it has been started or has been successfully resized. + properties: + claims: + description: |- + Claims lists the names of resources, defined in spec.resourceClaims, + that are used by this container. + + This is an alpha field and requires enabling the + DynamicResourceAllocation feature gate. + + This field is immutable. It can only be set for containers. + items: + description: ResourceClaim references one entry in + PodSpec.ResourceClaims. + properties: + name: + description: |- + Name must match the name of one entry in pod.spec.resourceClaims of + the Pod where this field is used. It makes that resource available + inside a container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + type: object + restartCount: + description: |- + RestartCount holds the number of times the container has been restarted. + Kubelet makes an effort to always increment the value, but there + are cases when the state may be lost due to node restarts and then the value + may be reset to 0. The value is never negative. + format: int32 + type: integer + started: + description: |- + Started indicates whether the container has finished its postStart lifecycle hook + and passed its startup probe. + Initialized as false, becomes true after startupProbe is considered + successful. Resets to false when the container is restarted, or if kubelet + loses state temporarily. In both cases, startup probes will run again. + Is always true when no startupProbe is defined and container is running and + has passed the postStart lifecycle hook. The null value must be treated the + same as false. + type: boolean + state: + description: State holds details about the container's current + condition. + properties: + running: + description: Details about a running container + properties: + startedAt: + description: Time at which the container was last + (re-)started + format: date-time + type: string + type: object + terminated: + description: Details about a terminated container + properties: + containerID: + description: Container's ID in the format '://' + type: string + exitCode: + description: Exit status from the last termination + of the container + format: int32 + type: integer + finishedAt: + description: Time at which the container last terminated + format: date-time + type: string + message: + description: Message regarding the last termination + of the container + type: string + reason: + description: (brief) reason from the last termination + of the container + type: string + signal: + description: Signal from the last termination of + the container + format: int32 + type: integer + startedAt: + description: Time at which previous execution of + the container started + format: date-time + type: string + required: + - exitCode + type: object + waiting: + description: Details about a waiting container + properties: + message: + description: Message regarding why the container + is not yet running. + type: string + reason: + description: (brief) reason the container is not + yet running. + type: string + type: object + type: object + volumeMounts: + description: Status of volume mounts. + items: + description: VolumeMountStatus shows status of volume + mounts. + properties: + mountPath: + description: MountPath corresponds to the original + VolumeMount. + type: string + name: + description: Name corresponds to the name of the original + VolumeMount. + type: string + readOnly: + description: ReadOnly corresponds to the original + VolumeMount. + type: boolean + recursiveReadOnly: + description: |- + RecursiveReadOnly must be set to Disabled, Enabled, or unspecified (for non-readonly mounts). + An IfPossible value in the original VolumeMount must be translated to Disabled or Enabled, + depending on the mount result. + type: string + required: + - mountPath + - name + type: object + type: array + x-kubernetes-list-map-keys: + - mountPath + x-kubernetes-list-type: map + required: + - image + - imageID + - name + - ready + - restartCount + type: object + type: array + x-kubernetes-list-type: atomic + hostIP: + description: |- + hostIP holds the IP address of the host to which the pod is assigned. Empty if the pod has not started yet. + A pod can be assigned to a node that has a problem in kubelet which in turns mean that HostIP will + not be updated even if there is a node is assigned to pod + type: string + hostIPs: + description: |- + hostIPs holds the IP addresses allocated to the host. If this field is specified, the first entry must + match the hostIP field. This list is empty if the pod has not started yet. + A pod can be assigned to a node that has a problem in kubelet which in turns means that HostIPs will + not be updated even if there is a node is assigned to this pod. + items: + description: HostIP represents a single IP address allocated + to the host. + properties: + ip: + description: IP is the IP address assigned to the host + type: string + required: + - ip + type: object + type: array + x-kubernetes-list-type: atomic + initContainerStatuses: + description: |- + The list has one entry per init container in the manifest. The most recent successful + init container will have ready = true, the most recently started container will have + startTime set. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-and-container-status + items: + description: ContainerStatus contains details for the current + status of this container. + properties: + allocatedResources: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + AllocatedResources represents the compute resources allocated for this container by the + node. Kubelet sets this value to Container.Resources.Requests upon successful pod admission + and after successfully admitting desired pod resize. + type: object + containerID: + description: |- + ContainerID is the ID of the container in the format '://'. + Where type is a container runtime identifier, returned from Version call of CRI API + (for example "containerd"). + type: string + image: + description: |- + Image is the name of container image that the container is running. + The container image may not match the image used in the PodSpec, + as it may have been resolved by the runtime. + More info: https://kubernetes.io/docs/concepts/containers/images. + type: string + imageID: + description: |- + ImageID is the image ID of the container's image. The image ID may not + match the image ID of the image used in the PodSpec, as it may have been + resolved by the runtime. + type: string + lastState: + description: |- + LastTerminationState holds the last termination state of the container to + help debug container crashes and restarts. This field is not + populated if the container is still running and RestartCount is 0. + properties: + running: + description: Details about a running container + properties: + startedAt: + description: Time at which the container was last + (re-)started + format: date-time + type: string + type: object + terminated: + description: Details about a terminated container + properties: + containerID: + description: Container's ID in the format '://' + type: string + exitCode: + description: Exit status from the last termination + of the container + format: int32 + type: integer + finishedAt: + description: Time at which the container last terminated + format: date-time + type: string + message: + description: Message regarding the last termination + of the container + type: string + reason: + description: (brief) reason from the last termination + of the container + type: string + signal: + description: Signal from the last termination of + the container + format: int32 + type: integer + startedAt: + description: Time at which previous execution of + the container started + format: date-time + type: string + required: + - exitCode + type: object + waiting: + description: Details about a waiting container + properties: + message: + description: Message regarding why the container + is not yet running. + type: string + reason: + description: (brief) reason the container is not + yet running. + type: string + type: object + type: object + name: + description: |- + Name is a DNS_LABEL representing the unique name of the container. + Each container in a pod must have a unique name across all container types. + Cannot be updated. + type: string + ready: + description: |- + Ready specifies whether the container is currently passing its readiness check. + The value will change as readiness probes keep executing. If no readiness + probes are specified, this field defaults to true once the container is + fully started (see Started field). + + The value is typically used to determine whether a container is ready to + accept traffic. + type: boolean + resources: + description: |- + Resources represents the compute resource requests and limits that have been successfully + enacted on the running container after it has been started or has been successfully resized. + properties: + claims: + description: |- + Claims lists the names of resources, defined in spec.resourceClaims, + that are used by this container. + + This is an alpha field and requires enabling the + DynamicResourceAllocation feature gate. + + This field is immutable. It can only be set for containers. + items: + description: ResourceClaim references one entry in + PodSpec.ResourceClaims. + properties: + name: + description: |- + Name must match the name of one entry in pod.spec.resourceClaims of + the Pod where this field is used. It makes that resource available + inside a container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + type: object + restartCount: + description: |- + RestartCount holds the number of times the container has been restarted. + Kubelet makes an effort to always increment the value, but there + are cases when the state may be lost due to node restarts and then the value + may be reset to 0. The value is never negative. + format: int32 + type: integer + started: + description: |- + Started indicates whether the container has finished its postStart lifecycle hook + and passed its startup probe. + Initialized as false, becomes true after startupProbe is considered + successful. Resets to false when the container is restarted, or if kubelet + loses state temporarily. In both cases, startup probes will run again. + Is always true when no startupProbe is defined and container is running and + has passed the postStart lifecycle hook. The null value must be treated the + same as false. + type: boolean + state: + description: State holds details about the container's current + condition. + properties: + running: + description: Details about a running container + properties: + startedAt: + description: Time at which the container was last + (re-)started + format: date-time + type: string + type: object + terminated: + description: Details about a terminated container + properties: + containerID: + description: Container's ID in the format '://' + type: string + exitCode: + description: Exit status from the last termination + of the container + format: int32 + type: integer + finishedAt: + description: Time at which the container last terminated + format: date-time + type: string + message: + description: Message regarding the last termination + of the container + type: string + reason: + description: (brief) reason from the last termination + of the container + type: string + signal: + description: Signal from the last termination of + the container + format: int32 + type: integer + startedAt: + description: Time at which previous execution of + the container started + format: date-time + type: string + required: + - exitCode + type: object + waiting: + description: Details about a waiting container + properties: + message: + description: Message regarding why the container + is not yet running. + type: string + reason: + description: (brief) reason the container is not + yet running. + type: string + type: object + type: object + volumeMounts: + description: Status of volume mounts. + items: + description: VolumeMountStatus shows status of volume + mounts. + properties: + mountPath: + description: MountPath corresponds to the original + VolumeMount. + type: string + name: + description: Name corresponds to the name of the original + VolumeMount. + type: string + readOnly: + description: ReadOnly corresponds to the original + VolumeMount. + type: boolean + recursiveReadOnly: + description: |- + RecursiveReadOnly must be set to Disabled, Enabled, or unspecified (for non-readonly mounts). + An IfPossible value in the original VolumeMount must be translated to Disabled or Enabled, + depending on the mount result. + type: string + required: + - mountPath + - name + type: object + type: array + x-kubernetes-list-map-keys: + - mountPath + x-kubernetes-list-type: map + required: + - image + - imageID + - name + - ready + - restartCount + type: object + type: array + x-kubernetes-list-type: atomic + message: + description: A human readable message indicating details about + why the pod is in this condition. + type: string + nominatedNodeName: + description: |- + nominatedNodeName is set only when this pod preempts other pods on the node, but it cannot be + scheduled right away as preemption victims receive their graceful termination periods. + This field does not guarantee that the pod will be scheduled on this node. Scheduler may decide + to place the pod elsewhere if other nodes become available sooner. Scheduler may also decide to + give the resources on this node to a higher priority pod that is created after preemption. + As a result, this field may be different than PodSpec.nodeName when the pod is + scheduled. + type: string + phase: + description: |- + The phase of a Pod is a simple, high-level summary of where the Pod is in its lifecycle. + The conditions array, the reason and message fields, and the individual container status + arrays contain more detail about the pod's status. + There are five possible phase values: + + Pending: The pod has been accepted by the Kubernetes system, but one or more of the + container images has not been created. This includes time before being scheduled as + well as time spent downloading images over the network, which could take a while. + Running: The pod has been bound to a node, and all of the containers have been created. + At least one container is still running, or is in the process of starting or restarting. + Succeeded: All containers in the pod have terminated in success, and will not be restarted. + Failed: All containers in the pod have terminated, and at least one container has + terminated in failure. The container either exited with non-zero status or was terminated + by the system. + Unknown: For some reason the state of the pod could not be obtained, typically due to an + error in communicating with the host of the pod. + + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-phase + type: string + podIP: + description: |- + podIP address allocated to the pod. Routable at least within the cluster. + Empty if not yet allocated. + type: string + podIPs: + description: |- + podIPs holds the IP addresses allocated to the pod. If this field is specified, the 0th entry must + match the podIP field. Pods may be allocated at most 1 value for each of IPv4 and IPv6. This list + is empty if no IPs have been allocated yet. + items: + description: PodIP represents a single IP address allocated + to the pod. + properties: + ip: + description: IP is the IP address assigned to the pod + type: string + required: + - ip + type: object + type: array + x-kubernetes-list-map-keys: + - ip + x-kubernetes-list-type: map + qosClass: + description: |- + The Quality of Service (QOS) classification assigned to the pod based on resource requirements + See PodQOSClass type for available QOS classes + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-qos/#quality-of-service-classes + type: string + reason: + description: |- + A brief CamelCase message indicating details about why the pod is in this state. + e.g. 'Evicted' + type: string + resize: + description: |- + Status of resources resize desired for pod's containers. + It is empty if no resources resize is pending. + Any changes to container resources will automatically set this to "Proposed" + type: string + resourceClaimStatuses: + description: Status of resource claims. + items: + description: |- + PodResourceClaimStatus is stored in the PodStatus for each PodResourceClaim + which references a ResourceClaimTemplate. It stores the generated name for + the corresponding ResourceClaim. + properties: + name: + description: |- + Name uniquely identifies this resource claim inside the pod. + This must match the name of an entry in pod.spec.resourceClaims, + which implies that the string must be a DNS_LABEL. + type: string + resourceClaimName: + description: |- + ResourceClaimName is the name of the ResourceClaim that was + generated for the Pod in the namespace of the Pod. It this is + unset, then generating a ResourceClaim was not necessary. The + pod.spec.resourceClaims entry can be ignored in this case. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + startTime: + description: |- + RFC 3339 date and time at which the object was acknowledged by the Kubelet. + This is before the Kubelet pulled the container image(s) for the pod. + format: date-time + type: string + type: object + serviceQualitiesConditions: + items: + properties: + lastActionTransitionTime: + format: date-time + type: string + lastProbeTime: + format: date-time + type: string + lastTransitionTime: + format: date-time + type: string + name: + type: string + result: + description: Result indicate the probe message returned by the + script + type: string + status: + type: string + required: + - name + type: object + type: array + updatePriority: + anyOf: + - type: integer + - type: string + description: Lifecycle defines the lifecycle hooks for Pods pre-delete, + in-place update. + x-kubernetes-int-or-string: true + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/versions/kruise-game/1.0.0/templates/game.kruise.io_gameserversets.yaml b/versions/kruise-game/1.0.0/templates/game.kruise.io_gameserversets.yaml new file mode 100644 index 0000000..a8d0f6a --- /dev/null +++ b/versions/kruise-game/1.0.0/templates/game.kruise.io_gameserversets.yaml @@ -0,0 +1,1060 @@ +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.16.5 + name: gameserversets.game.kruise.io +spec: + group: game.kruise.io + names: + kind: GameServerSet + listKind: GameServerSetList + plural: gameserversets + shortNames: + - gss + singular: gameserverset + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: The desired number of GameServers. + jsonPath: .spec.replicas + name: DESIRED + type: integer + - description: The number of currently all GameServers. + jsonPath: .status.currentReplicas + name: CURRENT + type: integer + - description: The number of GameServers updated. + jsonPath: .status.updatedReplicas + name: UPDATED + type: integer + - description: The number of GameServers ready. + jsonPath: .status.readyReplicas + name: READY + type: integer + - description: The number of GameServers Maintaining. + jsonPath: .status.maintainingReplicas + name: Maintaining + type: integer + - description: The number of GameServers WaitToBeDeleted. + jsonPath: .status.waitToBeDeletedReplicas + name: WaitToBeDeleted + type: integer + - description: The number of GameServers PreDelete. + jsonPath: .status.preDeleteReplicas + name: PreDelete + type: integer + - description: The age of GameServerSet. + jsonPath: .metadata.creationTimestamp + name: AGE + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + description: GameServerSet is the Schema for the gameserversets API + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: GameServerSetSpec defines the desired state of GameServerSet + properties: + gameServerTemplate: + description: |- + INSERT ADDITIONAL SPEC FIELDS - desired state of cluster + Important: Run "make" to regenerate code after modifying this file + properties: + reclaimPolicy: + description: |- + ReclaimPolicy indicates the reclaim policy for GameServer. + Default is Cascade. + type: string + volumeClaimTemplates: + items: + description: PersistentVolumeClaim is a user's request for and + claim to a persistent volume + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + description: |- + Standard object's metadata. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata + properties: + annotations: + additionalProperties: + type: string + type: object + finalizers: + items: + type: string + type: array + labels: + additionalProperties: + type: string + type: object + name: + type: string + namespace: + type: string + type: object + spec: + description: |- + spec defines the desired characteristics of a volume requested by a pod author. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims + properties: + accessModes: + description: |- + accessModes contains the desired access modes the volume should have. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 + items: + type: string + type: array + x-kubernetes-list-type: atomic + dataSource: + description: |- + dataSource field can be used to specify either: + * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) + * An existing PVC (PersistentVolumeClaim) + If the provisioner or an external controller can support the specified data source, + it will create a new volume based on the contents of the specified data source. + When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, + and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. + If the namespace is specified, then dataSourceRef will not be copied to dataSource. + properties: + apiGroup: + description: |- + APIGroup is the group for the resource being referenced. + If APIGroup is not specified, the specified Kind must be in the core API group. + For any other third-party types, APIGroup is required. + type: string + kind: + description: Kind is the type of resource being + referenced + type: string + name: + description: Name is the name of resource being + referenced + type: string + required: + - kind + - name + type: object + x-kubernetes-map-type: atomic + dataSourceRef: + description: |- + dataSourceRef specifies the object from which to populate the volume with data, if a non-empty + volume is desired. This may be any object from a non-empty API group (non + core object) or a PersistentVolumeClaim object. + When this field is specified, volume binding will only succeed if the type of + the specified object matches some installed volume populator or dynamic + provisioner. + This field will replace the functionality of the dataSource field and as such + if both fields are non-empty, they must have the same value. For backwards + compatibility, when namespace isn't specified in dataSourceRef, + both fields (dataSource and dataSourceRef) will be set to the same + value automatically if one of them is empty and the other is non-empty. + When namespace is specified in dataSourceRef, + dataSource isn't set to the same value and must be empty. + There are three important differences between dataSource and dataSourceRef: + * While dataSource only allows two specific types of objects, dataSourceRef + allows any non-core object, as well as PersistentVolumeClaim objects. + * While dataSource ignores disallowed values (dropping them), dataSourceRef + preserves all values, and generates an error if a disallowed value is + specified. + * While dataSource only allows local objects, dataSourceRef allows objects + in any namespaces. + (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. + (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. + properties: + apiGroup: + description: |- + APIGroup is the group for the resource being referenced. + If APIGroup is not specified, the specified Kind must be in the core API group. + For any other third-party types, APIGroup is required. + type: string + kind: + description: Kind is the type of resource being + referenced + type: string + name: + description: Name is the name of resource being + referenced + type: string + namespace: + description: |- + Namespace is the namespace of resource being referenced + Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. + (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled. + type: string + required: + - kind + - name + type: object + resources: + description: |- + resources represents the minimum resources the volume should have. + If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements + that are lower than previous value but must still be higher than capacity recorded in the + status field of the claim. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources + properties: + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + type: object + selector: + description: selector is a label query over volumes + to consider for binding. + properties: + matchExpressions: + description: matchExpressions is a list of label + selector requirements. The requirements are ANDed. + items: + description: |- + A label selector requirement is a selector that contains values, a key, and an operator that + relates the key and values. + properties: + key: + description: key is the label key that the + selector applies to. + type: string + operator: + description: |- + operator represents a key's relationship to a set of values. + Valid operators are In, NotIn, Exists and DoesNotExist. + type: string + values: + description: |- + values is an array of string values. If the operator is In or NotIn, + the values array must be non-empty. If the operator is Exists or DoesNotExist, + the values array must be empty. This array is replaced during a strategic + merge patch. + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + map is equivalent to an element of matchExpressions, whose key field is "key", the + operator is "In", and the values array contains only "value". The requirements are ANDed. + type: object + type: object + x-kubernetes-map-type: atomic + storageClassName: + description: |- + storageClassName is the name of the StorageClass required by the claim. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 + type: string + volumeAttributesClassName: + description: |- + volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. + If specified, the CSI driver will create or update the volume with the attributes defined + in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, + it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass + will be applied to the claim but it's not allowed to reset this field to empty string once it is set. + If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass + will be set by the persistentvolume controller if it exists. + If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be + set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource + exists. + More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ + (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled. + type: string + volumeMode: + description: |- + volumeMode defines what type of volume is required by the claim. + Value of Filesystem is implied when not included in claim spec. + type: string + volumeName: + description: volumeName is the binding reference to + the PersistentVolume backing this claim. + type: string + type: object + status: + description: |- + status represents the current information/status of a persistent volume claim. + Read-only. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims + properties: + accessModes: + description: |- + accessModes contains the actual access modes the volume backing the PVC has. + More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 + items: + type: string + type: array + x-kubernetes-list-type: atomic + allocatedResourceStatuses: + additionalProperties: + description: |- + When a controller receives persistentvolume claim update with ClaimResourceStatus for a resource + that it does not recognizes, then it should ignore that update and let other controllers + handle it. + type: string + description: "allocatedResourceStatuses stores status + of resource being resized for the given PVC.\nKey + names follow standard Kubernetes label syntax. Valid + values are either:\n\t* Un-prefixed keys:\n\t\t- storage + - the capacity of the volume.\n\t* Custom resources + must use implementation-defined prefixed names such + as \"example.com/my-custom-resource\"\nApart from + above values - keys that are unprefixed or have kubernetes.io + prefix are considered\nreserved and hence may not + be used.\n\nClaimResourceStatus can be in any of following + states:\n\t- ControllerResizeInProgress:\n\t\tState + set when resize controller starts resizing the volume + in control-plane.\n\t- ControllerResizeFailed:\n\t\tState + set when resize has failed in resize controller with + a terminal error.\n\t- NodeResizePending:\n\t\tState + set when resize controller has finished resizing the + volume but further resizing of\n\t\tvolume is needed + on the node.\n\t- NodeResizeInProgress:\n\t\tState + set when kubelet starts resizing the volume.\n\t- + NodeResizeFailed:\n\t\tState set when resizing has + failed in kubelet with a terminal error. Transient + errors don't set\n\t\tNodeResizeFailed.\nFor example: + if expanding a PVC for more capacity - this field + can be one of the following states:\n\t- pvc.status.allocatedResourceStatus['storage'] + = \"ControllerResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] + = \"ControllerResizeFailed\"\n - pvc.status.allocatedResourceStatus['storage'] + = \"NodeResizePending\"\n - pvc.status.allocatedResourceStatus['storage'] + = \"NodeResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] + = \"NodeResizeFailed\"\nWhen this field is not set, + it means that no resize operation is in progress for + the given PVC.\n\nA controller that receives PVC update + with previously unknown resourceName or ClaimResourceStatus\nshould + ignore the update for the purpose it was designed. + For example - a controller that\nonly is responsible + for resizing capacity of the volume, should ignore + PVC updates that change other valid\nresources associated + with PVC.\n\nThis is an alpha field and requires enabling + RecoverVolumeExpansionFailure feature." + type: object + x-kubernetes-map-type: granular + allocatedResources: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: "allocatedResources tracks the resources + allocated to a PVC including its capacity.\nKey names + follow standard Kubernetes label syntax. Valid values + are either:\n\t* Un-prefixed keys:\n\t\t- storage + - the capacity of the volume.\n\t* Custom resources + must use implementation-defined prefixed names such + as \"example.com/my-custom-resource\"\nApart from + above values - keys that are unprefixed or have kubernetes.io + prefix are considered\nreserved and hence may not + be used.\n\nCapacity reported here may be larger than + the actual capacity when a volume expansion operation\nis + requested.\nFor storage quota, the larger value from + allocatedResources and PVC.spec.resources is used.\nIf + allocatedResources is not set, PVC.spec.resources + alone is used for quota calculation.\nIf a volume + expansion capacity request is lowered, allocatedResources + is only\nlowered if there are no expansion operations + in progress and if the actual volume capacity\nis + equal or lower than the requested capacity.\n\nA controller + that receives PVC update with previously unknown resourceName\nshould + ignore the update for the purpose it was designed. + For example - a controller that\nonly is responsible + for resizing capacity of the volume, should ignore + PVC updates that change other valid\nresources associated + with PVC.\n\nThis is an alpha field and requires enabling + RecoverVolumeExpansionFailure feature." + type: object + capacity: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: capacity represents the actual resources + of the underlying volume. + type: object + conditions: + description: |- + conditions is the current Condition of persistent volume claim. If underlying persistent volume is being + resized then the Condition will be set to 'Resizing'. + items: + description: PersistentVolumeClaimCondition contains + details about state of pvc + properties: + lastProbeTime: + description: lastProbeTime is the time we probed + the condition. + format: date-time + type: string + lastTransitionTime: + description: lastTransitionTime is the time the + condition transitioned from one status to another. + format: date-time + type: string + message: + description: message is the human-readable message + indicating details about last transition. + type: string + reason: + description: |- + reason is a unique, this should be a short, machine understandable string that gives the reason + for condition's last transition. If it reports "Resizing" that means the underlying + persistent volume is being resized. + type: string + status: + type: string + type: + description: PersistentVolumeClaimConditionType + is a valid value of PersistentVolumeClaimCondition.Type + type: string + required: + - status + - type + type: object + type: array + x-kubernetes-list-map-keys: + - type + x-kubernetes-list-type: map + currentVolumeAttributesClassName: + description: |- + currentVolumeAttributesClassName is the current name of the VolumeAttributesClass the PVC is using. + When unset, there is no VolumeAttributeClass applied to this PersistentVolumeClaim + This is an alpha field and requires enabling VolumeAttributesClass feature. + type: string + modifyVolumeStatus: + description: |- + ModifyVolumeStatus represents the status object of ControllerModifyVolume operation. + When this is unset, there is no ModifyVolume operation being attempted. + This is an alpha field and requires enabling VolumeAttributesClass feature. + properties: + status: + description: "status is the status of the ControllerModifyVolume + operation. It can be in any of following states:\n + - Pending\n Pending indicates that the PersistentVolumeClaim + cannot be modified due to unmet requirements, + such as\n the specified VolumeAttributesClass + not existing.\n - InProgress\n InProgress indicates + that the volume is being modified.\n - Infeasible\n + \ Infeasible indicates that the request has been + rejected as invalid by the CSI driver. To\n\t + \ resolve the error, a valid VolumeAttributesClass + needs to be specified.\nNote: New statuses can + be added in the future. Consumers should check + for unknown statuses and fail appropriately." + type: string + targetVolumeAttributesClassName: + description: targetVolumeAttributesClassName is + the name of the VolumeAttributesClass the PVC + currently being reconciled + type: string + required: + - status + type: object + phase: + description: phase represents the current phase of PersistentVolumeClaim. + type: string + type: object + type: object + type: array + type: object + x-kubernetes-preserve-unknown-fields: true + lifecycle: + description: Lifecycle contains the hooks for Pod lifecycle. + properties: + inPlaceUpdate: + description: InPlaceUpdate is the hook before Pod to update and + after Pod has been updated. + properties: + finalizersHandler: + items: + type: string + type: array + labelsHandler: + additionalProperties: + type: string + type: object + markPodNotReady: + description: |- + MarkPodNotReady = true means: + - Pod will be set to 'NotReady' at preparingDelete/preparingUpdate state. + - Pod will be restored to 'Ready' at Updated state if it was set to 'NotReady' at preparingUpdate state. + Currently, MarkPodNotReady only takes effect on InPlaceUpdate & PreDelete hook. + Default to false. + type: boolean + type: object + preDelete: + description: PreDelete is the hook before Pod to be deleted. + properties: + finalizersHandler: + items: + type: string + type: array + labelsHandler: + additionalProperties: + type: string + type: object + markPodNotReady: + description: |- + MarkPodNotReady = true means: + - Pod will be set to 'NotReady' at preparingDelete/preparingUpdate state. + - Pod will be restored to 'Ready' at Updated state if it was set to 'NotReady' at preparingUpdate state. + Currently, MarkPodNotReady only takes effect on InPlaceUpdate & PreDelete hook. + Default to false. + type: boolean + type: object + preNormal: + description: PreNormal is the hook after Pod to be created and + ready to be Normal. + properties: + finalizersHandler: + items: + type: string + type: array + labelsHandler: + additionalProperties: + type: string + type: object + markPodNotReady: + description: |- + MarkPodNotReady = true means: + - Pod will be set to 'NotReady' at preparingDelete/preparingUpdate state. + - Pod will be restored to 'Ready' at Updated state if it was set to 'NotReady' at preparingUpdate state. + Currently, MarkPodNotReady only takes effect on InPlaceUpdate & PreDelete hook. + Default to false. + type: boolean + type: object + type: object + network: + properties: + networkConf: + items: + properties: + name: + type: string + value: + type: string + type: object + type: array + networkType: + type: string + type: object + persistentVolumeClaimRetentionPolicy: + description: |- + PersistentVolumeClaimRetentionPolicy describes the policy used for PVCs created from + the StatefulSet VolumeClaimTemplates. This requires the + StatefulSetAutoDeletePVC feature gate to be enabled, which is alpha. + properties: + whenDeleted: + description: |- + WhenDeleted specifies what happens to PVCs created from StatefulSet + VolumeClaimTemplates when the StatefulSet is deleted. The default policy + of `Retain` causes PVCs to not be affected by StatefulSet deletion. The + `Delete` policy causes those PVCs to be deleted. + type: string + whenScaled: + description: |- + WhenScaled specifies what happens to PVCs created from StatefulSet + VolumeClaimTemplates when the StatefulSet is scaled down. The default + policy of `Retain` causes PVCs to not be affected by a scaledown. The + `Delete` policy causes the associated PVCs for any excess pods above + the replica count to be deleted. + type: string + type: object + replicas: + description: |- + replicas is the desired number of replicas of the given Template. + These are replicas in the sense that they are instantiations of the + same Template, but individual replicas also have a consistent identity. + format: int32 + minimum: 0 + type: integer + reserveGameServerIds: + items: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + type: array + scaleStrategy: + properties: + maxUnavailable: + anyOf: + - type: integer + - type: string + description: |- + The maximum number of pods that can be unavailable during scaling. + Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). + Absolute number is calculated from percentage by rounding down. + It can just be allowed to work with Parallel podManagementPolicy. + x-kubernetes-int-or-string: true + scaleDownStrategyType: + description: |- + ScaleDownStrategyType indicates the scaling down strategy. + Default is GeneralScaleDownStrategyType + type: string + type: object + serviceName: + type: string + serviceQualities: + items: + properties: + containerName: + type: string + exec: + description: Exec specifies the action to take. + properties: + command: + description: |- + Command is the command line to execute inside the container, the working directory for the + command is root ('/') in the container's filesystem. The command is simply exec'd, it is + not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use + a shell, you need to explicitly call out to that shell. + Exit status of 0 is treated as live/healthy and non-zero is unhealthy. + items: + type: string + type: array + x-kubernetes-list-type: atomic + type: object + failureThreshold: + description: |- + Minimum consecutive failures for the probe to be considered failed after having succeeded. + Defaults to 3. Minimum value is 1. + format: int32 + type: integer + grpc: + description: GRPC specifies an action involving a GRPC port. + properties: + port: + description: Port number of the gRPC service. Number must + be in the range 1 to 65535. + format: int32 + type: integer + service: + default: "" + description: |- + Service is the name of the service to place in the gRPC HealthCheckRequest + (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). + + If this is not specified, the default behavior is defined by gRPC. + type: string + required: + - port + type: object + httpGet: + description: HTTPGet specifies the http request to perform. + properties: + host: + description: |- + Host name to connect to, defaults to the pod IP. You probably want to set + "Host" in httpHeaders instead. + type: string + httpHeaders: + description: Custom headers to set in the request. HTTP + allows repeated headers. + items: + description: HTTPHeader describes a custom header to be + used in HTTP probes + properties: + name: + description: |- + The header field name. + This will be canonicalized upon output, so case-variant names will be understood as the same header. + type: string + value: + description: The header field value + type: string + required: + - name + - value + type: object + type: array + x-kubernetes-list-type: atomic + path: + description: Path to access on the HTTP server. + type: string + port: + anyOf: + - type: integer + - type: string + description: |- + Name or number of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + scheme: + description: |- + Scheme to use for connecting to the host. + Defaults to HTTP. + type: string + required: + - port + type: object + initialDelaySeconds: + description: |- + Number of seconds after the container has started before liveness probes are initiated. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + format: int32 + type: integer + name: + type: string + periodSeconds: + description: |- + How often (in seconds) to perform the probe. + Default to 10 seconds. Minimum value is 1. + format: int32 + type: integer + permanent: + description: |- + Whether to make GameServerSpec not change after the ServiceQualityAction is executed. + When Permanent is true, regardless of the detection results, ServiceQualityAction will only be executed once. + When Permanent is false, ServiceQualityAction can be executed again even though ServiceQualityAction has been executed. + type: boolean + serviceQualityAction: + items: + properties: + annotations: + additionalProperties: + type: string + type: object + containers: + description: |- + Containers can be used to make the corresponding GameServer container fields + different from the fields defined by GameServerTemplate in GameServerSetSpec. + items: + properties: + image: + description: |- + Image indicates the image of the container to update. + When Image updated, pod.spec.containers[*].image will be updated immediately. + type: string + name: + description: Name indicates the name of the container + to update. + type: string + resources: + description: |- + Resources indicates the resources of the container to update. + When Resources updated, pod.spec.containers[*].Resources will be not updated immediately, + which will be updated when pod recreate. + properties: + claims: + description: |- + Claims lists the names of resources, defined in spec.resourceClaims, + that are used by this container. + + This is an alpha field and requires enabling the + DynamicResourceAllocation feature gate. + + This field is immutable. It can only be set for containers. + items: + description: ResourceClaim references one + entry in PodSpec.ResourceClaims. + properties: + name: + description: |- + Name must match the name of one entry in pod.spec.resourceClaims of + the Pod where this field is used. It makes that resource available + inside a container. + type: string + required: + - name + type: object + type: array + x-kubernetes-list-map-keys: + - name + x-kubernetes-list-type: map + limits: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Limits describes the maximum amount of compute resources allowed. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + requests: + additionalProperties: + anyOf: + - type: integer + - type: string + pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ + x-kubernetes-int-or-string: true + description: |- + Requests describes the minimum amount of compute resources required. + If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, + otherwise to an implementation-defined value. Requests cannot exceed Limits. + More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + type: object + type: object + required: + - name + type: object + type: array + deletionPriority: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + labels: + additionalProperties: + type: string + type: object + networkDisabled: + type: boolean + opsState: + type: string + result: + description: |- + Result indicate the probe message returned by the script. + When Result is defined, it would exec action only when the according Result is actually returns. + type: string + state: + type: boolean + updatePriority: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - state + type: object + type: array + successThreshold: + description: |- + Minimum consecutive successes for the probe to be considered successful after having failed. + Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. + format: int32 + type: integer + tcpSocket: + description: TCPSocket specifies an action involving a TCP port. + properties: + host: + description: 'Optional: Host name to connect to, defaults + to the pod IP.' + type: string + port: + anyOf: + - type: integer + - type: string + description: |- + Number or name of the port to access on the container. + Number must be in the range 1 to 65535. + Name must be an IANA_SVC_NAME. + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + description: |- + Optional duration in seconds the pod needs to terminate gracefully upon probe failure. + The grace period is the duration in seconds after the processes running in the pod are sent + a termination signal and the time when the processes are forcibly halted with a kill signal. + Set this value longer than the expected cleanup time for your process. + If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this + value overrides the value provided by the pod spec. + Value must be non-negative integer. The value zero indicates stop immediately via + the kill signal (no opportunity to shut down). + This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. + Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. + format: int64 + type: integer + timeoutSeconds: + description: |- + Number of seconds after which the probe times out. + Defaults to 1 second. Minimum value is 1. + More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes + format: int32 + type: integer + required: + - name + - permanent + type: object + type: array + updateStrategy: + properties: + rollingUpdate: + description: RollingUpdate is used to communicate parameters when + Type is RollingUpdateStatefulSetStrategyType. + properties: + inPlaceUpdateStrategy: + description: |- + UnorderedUpdate contains strategies for non-ordered update. + If it is not nil, pods will be updated with non-ordered sequence. + Noted that UnorderedUpdate can only be allowed to work with Parallel podManagementPolicy + UnorderedUpdate *kruiseV1beta1.UnorderedUpdateStrategy `json:"unorderedUpdate,omitempty"` + InPlaceUpdateStrategy contains strategies for in-place update. + properties: + gracePeriodSeconds: + description: |- + GracePeriodSeconds is the timespan between set Pod status to not-ready and update images in Pod spec + when in-place update a Pod. + format: int32 + type: integer + type: object + maxUnavailable: + anyOf: + - type: integer + - type: string + description: |- + The maximum number of pods that can be unavailable during the update. + Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). + Absolute number is calculated from percentage by rounding down. + Also, maxUnavailable can just be allowed to work with Parallel podManagementPolicy. + Defaults to 1. + x-kubernetes-int-or-string: true + minReadySeconds: + description: |- + MinReadySeconds indicates how long will the pod be considered ready after it's updated. + MinReadySeconds works with both OrderedReady and Parallel podManagementPolicy. + It affects the pod scale up speed when the podManagementPolicy is set to be OrderedReady. + Combined with MaxUnavailable, it affects the pod update speed regardless of podManagementPolicy. + Default value is 0, max is 300. + format: int32 + type: integer + partition: + description: |- + Partition indicates the ordinal at which the StatefulSet should be partitioned by default. + But if unorderedUpdate has been set: + - Partition indicates the number of pods with non-updated revisions when rolling update. + - It means controller will update $(replicas - partition) number of pod. + Default value is 0. + format: int32 + type: integer + paused: + description: |- + Paused indicates that the StatefulSet is paused. + Default value is false + type: boolean + podUpdatePolicy: + description: |- + PodUpdatePolicy indicates how pods should be updated + Default value is "ReCreate" + type: string + type: object + type: + description: |- + Type indicates the type of the StatefulSetUpdateStrategy. + Default is RollingUpdate. + type: string + type: object + required: + - replicas + type: object + status: + description: GameServerSetStatus defines the observed state of GameServerSet + properties: + availableReplicas: + format: int32 + type: integer + currentReplicas: + format: int32 + type: integer + labelSelector: + description: LabelSelector is label selectors for query over pods + that should match the replica count used by HPA. + type: string + maintainingReplicas: + format: int32 + type: integer + observedGeneration: + description: The generation observed by the controller. + format: int64 + type: integer + preDeleteReplicas: + format: int32 + type: integer + readyReplicas: + format: int32 + type: integer + replicas: + description: replicas from advancedStatefulSet + format: int32 + type: integer + updatedReadyReplicas: + format: int32 + type: integer + updatedReplicas: + format: int32 + type: integer + waitToBeDeletedReplicas: + format: int32 + type: integer + required: + - availableReplicas + - currentReplicas + - readyReplicas + - replicas + - updatedReplicas + type: object + type: object + served: true + storage: true + subresources: + scale: + labelSelectorPath: .status.labelSelector + specReplicasPath: .spec.replicas + statusReplicasPath: .status.replicas + status: {} diff --git a/versions/kruise-game/1.0.0/templates/index-offset-scheduler.yaml b/versions/kruise-game/1.0.0/templates/index-offset-scheduler.yaml new file mode 100644 index 0000000..b4f47c5 --- /dev/null +++ b/versions/kruise-game/1.0.0/templates/index-offset-scheduler.yaml @@ -0,0 +1,298 @@ +{{- if .Values.indexOffsetScheduler.enabled }} +# service account +apiVersion: v1 +kind: ServiceAccount +metadata: + name: index-offset-scheduler + namespace: kruise-game-system +--- +# clusterRole +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + annotations: + rbac.authorization.kubernetes.io/autoupdate: 'true' + name: index-offset-scheduler +rules: + - apiGroups: + - '' + - events.k8s.io + resources: + - events + verbs: + - create + - patch + - update + - apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - create + - apiGroups: + - coordination.k8s.io + resourceNames: + - kube-scheduler + - index-offset-scheduler + resources: + - leases + verbs: + - get + - list + - update + - watch + - apiGroups: + - coordination.k8s.io + resources: + - leasecandidates + verbs: + - create + - delete + - deletecollection + - get + - list + - patch + - update + - watch + - apiGroups: + - '' + resources: + - nodes + verbs: + - get + - list + - watch + - apiGroups: + - '' + resources: + - pods + verbs: + - delete + - get + - list + - watch + - apiGroups: + - '' + resources: + - bindings + - pods/binding + verbs: + - create + - apiGroups: + - '' + resources: + - pods/status + verbs: + - patch + - update + - apiGroups: + - '' + resources: + - replicationcontrollers + - services + verbs: + - get + - list + - watch + - apiGroups: + - apps + - extensions + resources: + - replicasets + verbs: + - get + - list + - watch + - apiGroups: + - apps + resources: + - statefulsets + verbs: + - get + - list + - watch + - apiGroups: + - policy + resources: + - poddisruptionbudgets + verbs: + - get + - list + - watch + - apiGroups: + - '' + resources: + - persistentvolumeclaims + - persistentvolumes + verbs: + - get + - list + - watch + - apiGroups: + - authentication.k8s.io + resources: + - tokenreviews + verbs: + - create + - apiGroups: + - authorization.k8s.io + resources: + - subjectaccessreviews + verbs: + - create + - apiGroups: + - storage.k8s.io + resources: + - csinodes + verbs: + - get + - list + - watch + - apiGroups: + - '' + resources: + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - storage.k8s.io + resources: + - csidrivers + verbs: + - get + - list + - watch + - apiGroups: + - storage.k8s.io + resources: + - csistoragecapacities + verbs: + - get + - list + - watch + - apiGroups: + - "" + resourceNames: + - kube-scheduler + - index-offset-scheduler + resources: + - endpoints + verbs: + - delete + - get + - patch + - update + +--- +# ClusterRoleBinding: index-offset-scheduler +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: index-offset-scheduler-as-kube-scheduler +subjects: + - kind: ServiceAccount + name: index-offset-scheduler + namespace: kruise-game-system +roleRef: + kind: ClusterRole + name: index-offset-scheduler + apiGroup: rbac.authorization.k8s.io +--- +# ClusterRoleBinding: system:volume-scheduler +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: index-offset-scheduler-as-volume-scheduler +subjects: + - kind: ServiceAccount + name: index-offset-scheduler + namespace: kruise-game-system +roleRef: + kind: ClusterRole + name: system:volume-scheduler + apiGroup: rbac.authorization.k8s.io +--- +# RoleBinding: apiserver +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: index-offset-scheduler-extension-apiserver-authentication-reader + namespace: kube-system +roleRef: + kind: Role + name: extension-apiserver-authentication-reader + apiGroup: rbac.authorization.k8s.io +subjects: + - kind: ServiceAccount + name: index-offset-scheduler + namespace: kruise-game-system +--- +# configmap +apiVersion: v1 +kind: ConfigMap +metadata: + name: index-offset-scheduler-config + namespace: kruise-game-system +data: + scheduler-config.yaml: | + # stable v1 after version 1.25 + apiVersion: kubescheduler.config.k8s.io/v1 + kind: KubeSchedulerConfiguration + leaderElection: + leaderElect: false + resourceNamespace: kruise-game-system + resourceName: index-offset-scheduler + profiles: + - schedulerName: index-offset-scheduler + plugins: + score: + enabled: + - name: index-offset-scheduler +--- +# deployment +apiVersion: apps/v1 +kind: Deployment +metadata: + name: index-offset-scheduler + namespace: kruise-game-system + labels: + app: index-offset-scheduler +spec: + replicas: 1 + selector: + matchLabels: + app: index-offset-scheduler + template: + metadata: + labels: + app: index-offset-scheduler + spec: + serviceAccountName: index-offset-scheduler + containers: + - name: scheduler + # change your image + image: openkruise/kruise-game-scheduler-index-offset:v1.0 + imagePullPolicy: Always + command: + - /app/index-offset-scheduler + - --config=/etc/kubernetes/scheduler-config.yaml + - --v=5 + resources: + requests: + cpu: 100m + memory: 50Mi + limits: + cpu: 500m + memory: 512Mi + volumeMounts: + - name: config + mountPath: /etc/kubernetes + # imagePullSecrets: + # - name: + volumes: + - name: config + configMap: + name: index-offset-scheduler-config +{{- end }} \ No newline at end of file diff --git a/versions/kruise-game/1.0.0/templates/manager.yaml b/versions/kruise-game/1.0.0/templates/manager.yaml new file mode 100644 index 0000000..3469cdd --- /dev/null +++ b/versions/kruise-game/1.0.0/templates/manager.yaml @@ -0,0 +1,122 @@ +{{- if .Values.installation.createNamespace }} +apiVersion: v1 +kind: Namespace +metadata: + labels: + control-plane: {{ .Values.kruiseGame.fullname }} + name: {{ .Values.installation.namespace }} + {{- end }} +--- +apiVersion: v1 +kind: Service +metadata: + name: kruise-game-controller-manager-metrics-service + namespace: {{ .Values.installation.namespace }} + labels: + control-plane: {{ .Values.kruiseGame.fullname }} +spec: + ports: + - name: https + port: {{ .Values.service.port }} + protocol: TCP + targetPort: https + selector: + control-plane: {{ .Values.kruiseGame.fullname }} +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ .Values.kruiseGame.fullname }} + namespace: {{ .Values.installation.namespace }} + labels: + control-plane: {{ .Values.kruiseGame.fullname }} +spec: + selector: + matchLabels: + control-plane: {{ .Values.kruiseGame.fullname }} + replicas: {{ .Values.replicaCount }} + template: + metadata: + annotations: + kubectl.kubernetes.io/default-container: manager + labels: + control-plane: {{ .Values.kruiseGame.fullname }} + spec: + # securityContext: + # runAsNonRoot: true + # TODO(user): For common cases that do not require escalating privileges + # it is recommended to ensure that all your Pods/Containers are restrictive. + # More info: https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted + # Please uncomment the following code if your project does NOT have to work on old Kubernetes + # versions < 1.19 or on vendors versions which do NOT support this field by default (i.e. Openshift < 4.11 ). + # seccompProfile: + # type: RuntimeDefault + containers: + - command: + - /manager + args: + - --leader-elect=false + - --provider-config=/etc/kruise-game/config.toml + - --api-server-qps={{ .Values.kruiseGame.apiServerQps }} + - --api-server-qps-burst={{ .Values.kruiseGame.apiServerQpsBurst }} + - --gameserver-workers={{ .Values.kruiseGame.gameserverWorkers }} + - --gameserverset-workers={{ .Values.kruiseGame.gameserversetWorkers }} + - --scale-server-bind-address=:{{ .Values.scale.service.targetPort }} + {{- if .Values.prometheus.enabled }} + - --metrics-bind-address=:{{ .Values.prometheus.monitorService.port }} + {{- end }} + {{- if not .Values.certificates.autoGenerated }} + - --enable-cert-generation={{ .Values.certificates.autoGenerated }} + {{- end }} + image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + name: manager + env: + - name: "NETWORK_TOTAL_WAIT_TIME" + value: {{ .Values.network.totalWaitTime | quote }} + - name: "NETWORK_PROBE_INTERVAL_TIME" + value: {{ .Values.network.probeIntervalTime | quote }} + ports: + - name: https + containerPort: {{ .Values.prometheus.monitorService.port }} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - "ALL" + livenessProbe: + httpGet: + path: /healthz + port: {{ .Values.kruiseGame.healthBindPort }} + initialDelaySeconds: 5 + periodSeconds: 5 + readinessProbe: + httpGet: + path: /readyz + port: {{ .Values.kruiseGame.healthBindPort }} + initialDelaySeconds: 5 + periodSeconds: 5 + # TODO(user): Configure the resources accordingly based on the project requirements. + # More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ + resources: + {{- toYaml .Values.resources | nindent 12 }} + volumeMounts: + - mountPath: /etc/kruise-game + name: provider-config + - mountPath: {{ .Values.certificates.mountPath }} + name: certificates + serviceAccountName: {{ .Values.kruiseGame.fullname }} + terminationGracePeriodSeconds: 10 + volumes: + - configMap: + defaultMode: 420 + items: + - key: config.toml + path: config.toml + name: kruise-game-manager-config + name: provider-config + - name: certificates + secret: + defaultMode: 420 + secretName: {{ .Values.certificates.secretName}} + optional: {{ and .Values.certificates.autoGenerated ( not .Values.certificates.certManager.enabled ) }} diff --git a/versions/kruise-game/1.0.0/templates/prometheus-monitor.yaml b/versions/kruise-game/1.0.0/templates/prometheus-monitor.yaml new file mode 100644 index 0000000..1acc8b3 --- /dev/null +++ b/versions/kruise-game/1.0.0/templates/prometheus-monitor.yaml @@ -0,0 +1,17 @@ +{{- if .Values.prometheus.enabled }} +# Prometheus Monitor Service (Metrics) +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + labels: + control-plane: {{ .Values.kruiseGame.fullname }} + name: kruise-game-controller-manager-metrics-monitor + namespace: {{ .Values.installation.namespace }} +spec: + endpoints: + - path: /metrics + port: https + selector: + matchLabels: + control-plane: {{ .Values.kruiseGame.fullname }} +{{- end }} \ No newline at end of file diff --git a/versions/kruise-game/1.0.0/templates/rbac_role.yaml b/versions/kruise-game/1.0.0/templates/rbac_role.yaml new file mode 100644 index 0000000..5e30db5 --- /dev/null +++ b/versions/kruise-game/1.0.0/templates/rbac_role.yaml @@ -0,0 +1,404 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ .Values.kruiseGame.fullname }} + namespace: {{ .Values.installation.namespace }} +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: kruise-game-leader-election-role + namespace: {{ .Values.installation.namespace }} +rules: + - apiGroups: + - "" + resources: + - configmaps + verbs: + - get + - list + - watch + - create + - update + - patch + - delete + - apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - get + - list + - watch + - create + - update + - patch + - delete + - apiGroups: + - "" + resources: + - events + verbs: + - create + - patch +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + creationTimestamp: null + name: kruise-game-manager-role +rules: + - apiGroups: + - "" + resources: + - events + verbs: + - create + - patch + - apiGroups: + - admissionregistration.k8s.io + resources: + - mutatingwebhookconfigurations + verbs: + - create + - get + - list + - patch + - update + - watch + - apiGroups: + - admissionregistration.k8s.io + resources: + - validatingwebhookconfigurations + verbs: + - create + - get + - list + - patch + - update + - watch + - apiGroups: + - alibabacloud.com + resources: + - poddnats + verbs: + - get + - list + - watch + - apiGroups: + - alibabacloud.com + resources: + - poddnats/status + verbs: + - get + - apiGroups: + - alibabacloud.com + resources: + - podeips + verbs: + - get + - list + - watch + - apiGroups: + - alibabacloud.com + resources: + - podeips/status + verbs: + - get + - apiGroups: + - apiextensions.k8s.io + resources: + - customresourcedefinitions + verbs: + - get + - list + - patch + - update + - watch + - apiGroups: + - apps.kruise.io + resources: + - podprobemarkers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - apps.kruise.io + resources: + - statefulsets + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - apps.kruise.io + resources: + - statefulsets/status + verbs: + - get + - patch + - update + - apiGroups: + - "" + resources: + - nodes + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - nodes/status + verbs: + - get + - apiGroups: + - "" + resources: + - persistentvolumeclaims + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - persistentvolumeclaims/status + verbs: + - get + - apiGroups: + - "" + resources: + - persistentvolumes + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - persistentvolumes/status + verbs: + - get + - apiGroups: + - "" + resources: + - pods + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - "" + resources: + - pods/status + verbs: + - get + - patch + - update + - apiGroups: + - "" + resources: + - services + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - "" + resources: + - services/status + verbs: + - get + - patch + - update + - apiGroups: + - elbv2.k8s.aws + resources: + - targetgroupbindings + verbs: + - create + - get + - list + - patch + - update + - watch + - apiGroups: + - elbv2.services.k8s.aws + resources: + - listeners + verbs: + - create + - get + - list + - patch + - update + - watch + - apiGroups: + - elbv2.services.k8s.aws + resources: + - targetgroups + verbs: + - create + - get + - list + - patch + - update + - watch + - apiGroups: + - game.kruise.io + resources: + - gameservers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - game.kruise.io + resources: + - gameservers/finalizers + verbs: + - update + - apiGroups: + - game.kruise.io + resources: + - gameservers/status + verbs: + - get + - patch + - update + - apiGroups: + - game.kruise.io + resources: + - gameserversets + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - game.kruise.io + resources: + - gameserversets/finalizers + verbs: + - update + - apiGroups: + - game.kruise.io + resources: + - gameserversets/status + verbs: + - get + - patch + - update + - apiGroups: + - networking.k8s.io + resources: + - ingresses + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - networking.k8s.io + resources: + - ingresses/status + verbs: + - get + - patch + - update +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: kruise-game-metrics-reader +rules: + - nonResourceURLs: + - "/metrics" + verbs: + - get +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: kruise-game-proxy-role +rules: + - apiGroups: + - authentication.k8s.io + resources: + - tokenreviews + verbs: + - create + - apiGroups: + - authorization.k8s.io + resources: + - subjectaccessreviews + verbs: + - create +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: kruise-game-leader-election-rolebinding + namespace: {{ .Values.installation.namespace }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: kruise-game-leader-election-role +subjects: + - kind: ServiceAccount + name: {{ .Values.kruiseGame.fullname }} + namespace: {{ .Values.installation.namespace }} +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: kruise-game-manager-rolebinding +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: kruise-game-manager-role +subjects: + - kind: ServiceAccount + name: {{ .Values.kruiseGame.fullname }} + namespace: {{ .Values.installation.namespace }} +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: kruise-game-proxy-rolebinding +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: proxy-role +subjects: + - kind: ServiceAccount + name: {{ .Values.kruiseGame.fullname }} + namespace: {{ .Values.installation.namespace }} \ No newline at end of file diff --git a/versions/kruise-game/1.0.0/templates/scaler-service.yaml b/versions/kruise-game/1.0.0/templates/scaler-service.yaml new file mode 100644 index 0000000..3551606 --- /dev/null +++ b/versions/kruise-game/1.0.0/templates/scaler-service.yaml @@ -0,0 +1,11 @@ +apiVersion: v1 +kind: Service +metadata: + name: kruise-game-external-scaler + namespace: {{ .Values.installation.namespace }} +spec: + ports: + - port: {{ .Values.scale.service.port }} + targetPort: {{ .Values.scale.service.targetPort }} + selector: + control-plane: {{ .Values.kruiseGame.fullname }} \ No newline at end of file diff --git a/versions/kruise-game/1.0.0/templates/webhooks/mutatingconfiguration.yaml b/versions/kruise-game/1.0.0/templates/webhooks/mutatingconfiguration.yaml new file mode 100644 index 0000000..cd5428b --- /dev/null +++ b/versions/kruise-game/1.0.0/templates/webhooks/mutatingconfiguration.yaml @@ -0,0 +1,44 @@ +{{- if not .Values.certificates.autoGenerated }} +apiVersion: admissionregistration.k8s.io/v1 +kind: MutatingWebhookConfiguration +metadata: + annotations: + {{- if .Values.certificates.certManager.enabled }} + {{- if and (not .Values.certificates.certManager.generateCA) .Values.certificates.certManager.issuer.generate }} + cert-manager.io/inject-ca-from-secret: {{ .Values.installation.namespace }}/{{ .Values.certificates.certManager.caSecretName }} + {{- else }} + cert-manager.io/inject-ca-from: {{ .Values.installation.namespace }}/{{ .Values.kruiseGame.fullname }}-cert + {{- end }} + {{- end }} + labels: + app.kubernetes.io/name: {{ .Values.kruiseGame.fullname }} + name: kruise-game-mutating-webhook +webhooks: +- admissionReviewVersions: + - v1 + - v1beta1 + clientConfig: + service: + name: {{ .Values.kruiseGame.webhook.serviceName }} + namespace: {{ .Values.installation.namespace }} + path: /mutate-v1-pod + failurePolicy: {{ .Values.kruiseGame.webhook.failurePolicy }} + matchPolicy: Equivalent + name: mgameserverset.kb.io + rules: + - operations: + - CREATE + - UPDATE + - DELETE + apiGroups: + - "" + apiVersions: + - v1 + resources: + - pods + objectSelector: + matchExpressions: + - key: game.kruise.io/owner-gss + operator: Exists + sideEffects: None +{{- end }} \ No newline at end of file diff --git a/versions/kruise-game/1.0.0/templates/webhooks/service.yaml b/versions/kruise-game/1.0.0/templates/webhooks/service.yaml new file mode 100644 index 0000000..9a334f6 --- /dev/null +++ b/versions/kruise-game/1.0.0/templates/webhooks/service.yaml @@ -0,0 +1,12 @@ +--- +apiVersion: v1 +kind: Service +metadata: + name: {{ .Values.kruiseGame.webhook.serviceName }} + namespace: {{ .Values.installation.namespace }} +spec: + ports: + - port: {{ .Values.kruiseGame.webhook.port }} + targetPort: {{ .Values.kruiseGame.webhook.targetPort }} + selector: + control-plane: {{ .Values.kruiseGame.fullname }} \ No newline at end of file diff --git a/versions/kruise-game/1.0.0/templates/webhooks/validatingconfiguration.yaml b/versions/kruise-game/1.0.0/templates/webhooks/validatingconfiguration.yaml new file mode 100644 index 0000000..ec42e37 --- /dev/null +++ b/versions/kruise-game/1.0.0/templates/webhooks/validatingconfiguration.yaml @@ -0,0 +1,42 @@ +{{- if not .Values.certificates.autoGenerated }} +apiVersion: admissionregistration.k8s.io/v1 +kind: ValidatingWebhookConfiguration +metadata: + annotations: + {{- if .Values.certificates.certManager.enabled }} + {{- if and (not .Values.certificates.certManager.generateCA) .Values.certificates.certManager.issuer.generate }} + cert-manager.io/inject-ca-from-secret: {{ .Values.installation.namespace }}/{{ .Values.certificates.certManager.caSecretName }} + {{- else }} + cert-manager.io/inject-ca-from: {{ .Values.installation.namespace }}/{{ .Values.kruiseGame.fullname }}-cert + {{- end }} + {{- end }} + labels: + app.kubernetes.io/name: {{ .Values.kruiseGame.fullname }} + name: kruise-game-validating-webhook +webhooks: +- admissionReviewVersions: + - v1 + - v1beta1 + clientConfig: + service: + name: {{ .Values.kruiseGame.webhook.serviceName }} + namespace: {{ .Values.installation.namespace }} + path: /validate-v1alpha1-gss + failurePolicy: {{ .Values.kruiseGame.webhook.failurePolicy }} + matchPolicy: Equivalent + name: vgameserverset.kb.io + namespaceSelector: {} + objectSelector: {} + rules: + - apiGroups: + - game.kruise.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - gameserversets + sideEffects: None + timeoutSeconds: 10 +{{- end }} \ No newline at end of file diff --git a/versions/kruise-game/1.0.0/values.yaml b/versions/kruise-game/1.0.0/values.yaml new file mode 100644 index 0000000..06a9ce9 --- /dev/null +++ b/versions/kruise-game/1.0.0/values.yaml @@ -0,0 +1,93 @@ +# Default values for kruise-game. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + +# values for kruise-game installation +installation: + namespace: kruise-game-system + createNamespace: true + +kruiseGame: + fullname: kruise-game-controller-manager + healthBindPort: "8082" + webhook: + serviceName: kruise-game-webhook-service + port: 443 + targetPort: 9876 + failurePolicy: Fail + apiServerQps: 5 + apiServerQpsBurst: 10 + gameserverWorkers: 10 + gameserversetWorkers: 10 + +replicaCount: 1 + +image: + repository: openkruise/kruise-game-manager + tag: v1.0.0 + pullPolicy: Always + # Overrides the image tag whose default is the chart appVersion. + +serviceAccount: + # Annotations to add to the service account + annotations: {} + +service: + port: 8443 + +resources: + limits: + cpu: 500m + memory: 1024Mi + requests: + cpu: 10m + memory: 64Mi + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # limits: + # cpu: 100m + # memory: 128Mi + # requests: + # cpu: 100m + # memory: 128Mi + +prometheus: + enabled: false + monitorService: + port: 8080 +scale: + service: + port: 6000 + targetPort: 6000 + +network: + totalWaitTime: 60 + probeIntervalTime: 5 + +cloudProvider: + installCRD: true + +indexOffsetScheduler: + enabled: false + +# Kubernetes cluster domain +clusterDomain: cluster.local + +certificates: + autoGenerated: false + secretName: kruise-game-certs + mountPath: /tmp/webhook-certs/ + certManager: + enabled: true + duration: 8760h0m0s # 1 year + renewBefore: 5840h0m0s # 8 months + generateCA: true + caSecretName: "kruise-game-ca" + # -- Reference to custom Issuer. If issuer.generate is false, then issuer.group, issuer.kind and issuer.name are required + issuer: + generate: true + name: kruise-ca + kind: ClusterIssuer + group: cert-manager.io \ No newline at end of file From a5c5255ab6402c4b276092f04169e62b24b67ce2 Mon Sep 17 00:00:00 2001 From: Kagaya Date: Wed, 18 Jun 2025 18:04:55 +0800 Subject: [PATCH 2/5] add cert-manager manifests Signed-off-by: Kagaya --- .../templates/cert-manager/okg-issuer.yaml | 10 +++++ .../cert-manager/okg-tls-certificate.yaml | 38 +++++++++++++++++++ .../next/templates/cert-manager/self-ca.yaml | 20 ++++++++++ .../templates/cert-manager/self-issuer.yaml | 13 +++++++ .../next/templates/webhook_service.yaml | 2 +- versions/kruise-game/next/values.yaml | 30 ++++++++++++++- 6 files changed, 111 insertions(+), 2 deletions(-) create mode 100644 versions/kruise-game/next/templates/cert-manager/okg-issuer.yaml create mode 100644 versions/kruise-game/next/templates/cert-manager/okg-tls-certificate.yaml create mode 100644 versions/kruise-game/next/templates/cert-manager/self-ca.yaml create mode 100644 versions/kruise-game/next/templates/cert-manager/self-issuer.yaml diff --git a/versions/kruise-game/next/templates/cert-manager/okg-issuer.yaml b/versions/kruise-game/next/templates/cert-manager/okg-issuer.yaml new file mode 100644 index 0000000..efeb542 --- /dev/null +++ b/versions/kruise-game/next/templates/cert-manager/okg-issuer.yaml @@ -0,0 +1,10 @@ +{{- if and .Values.certificates.certManager.enabled .Values.certificates.certManager.issuer.generate }} +apiVersion: cert-manager.io/v1 +kind: Issuer +metadata: + name: {{ .Values.kruiseGame.fullname }}-issuer + namespace: {{ .Values.installation.namespace }} +spec: + ca: + secretName: {{ .Values.certificates.certManager.caSecretName }} +{{- end }} diff --git a/versions/kruise-game/next/templates/cert-manager/okg-tls-certificate.yaml b/versions/kruise-game/next/templates/cert-manager/okg-tls-certificate.yaml new file mode 100644 index 0000000..1a84754 --- /dev/null +++ b/versions/kruise-game/next/templates/cert-manager/okg-tls-certificate.yaml @@ -0,0 +1,38 @@ +{{- if .Values.certificates.certManager.enabled }} +apiVersion: cert-manager.io/v1 +kind: Certificate +metadata: + name: {{ .Values.kruiseGame.fullname }}-tls-certificates + namespace: {{ .Values.installation.namespace }} +spec: + commonName: {{ .Values.kruiseGame.fullname }} + dnsNames: + - {{ ..Values.kruiseGame.webhook.serviceName }}.{{ .Values.installation.namespace }} + - {{ ..Values.kruiseGame.webhook.serviceName }}.{{ .Values.installation.namespace }}.svc + - {{ ..Values.kruiseGame.webhook.serviceName }}.{{ .Values.installation.namespace }}.svc.{{ .Values.clusterDomain }} + secretName: {{ .Values.certificates.secretName }} + usages: + - server auth + - client auth + privateKey: + algorithm: RSA + size: 2048 + duration: {{ .Values.certificates.certManager.duration }} + renewBefore: {{ .Values.certificates.certManager.renewBefore }} + issuerRef: + {{- if .Values.certificates.certManager.issuer.generate }} + name: {{ .Values.kruiseGame.fullname }}-issuer + kind: Issuer + group: cert-manager.io + {{- else }} + {{- if .Values.certificates.certManager.issuer.name }} + name: {{ .Values.certificates.certManager.issuer.name }} + {{- end }} + {{- if .Values.certificates.certManager.issuer.kind }} + kind: {{ .Values.certificates.certManager.issuer.kind }} + {{- end }} + {{- if .Values.certificates.certManager.issuer.group }} + group: {{ .Values.certificates.certManager.issuer.group }} + {{- end }} + {{- end }} +{{- end }} diff --git a/versions/kruise-game/next/templates/cert-manager/self-ca.yaml b/versions/kruise-game/next/templates/cert-manager/self-ca.yaml new file mode 100644 index 0000000..4639ab9 --- /dev/null +++ b/versions/kruise-game/next/templates/cert-manager/self-ca.yaml @@ -0,0 +1,20 @@ +{{- if and .Values.certificates.certManager.enabled .Values.certificates.certManager.generateCA .Values.certificates.certManager.issuer.generate }} +apiVersion: cert-manager.io/v1 +kind: Certificate +metadata: + name: {{ .Values.kruiseGame.fullname }}-ca + namespace: {{ .Values.installation.namespace }} +spec: + isCA: true + commonName: {{ .Values.kruiseGame.fullname }} + secretName: {{ .Values.certificates.certManager.caSecretName }} + privateKey: + algorithm: RSA + size: 2048 + duration: 8760h0m0s # 1 year + renewBefore: 720h0m0s # 1 month + issuerRef: + name: {{ .Values.operator.name }}-selfsigned-issuer + kind: Issuer + group: cert-manager.io +{{- end }} diff --git a/versions/kruise-game/next/templates/cert-manager/self-issuer.yaml b/versions/kruise-game/next/templates/cert-manager/self-issuer.yaml new file mode 100644 index 0000000..d6e1904 --- /dev/null +++ b/versions/kruise-game/next/templates/cert-manager/self-issuer.yaml @@ -0,0 +1,13 @@ +{{- if and .Values.certificates.certManager.enabled .Values.certificates.certManager.generateCA .Values.certificates.certManager.issuer.generate }} +apiVersion: cert-manager.io/v1 +kind: Issuer +metadata: + {{- with .Values.additionalAnnotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} + name: {{ .Values.kruiseGame.fullname }}-selfsigned-issuer + namespace: {{ .Values.installation.namespace }} +spec: + selfSigned: {} +{{- end }} diff --git a/versions/kruise-game/next/templates/webhook_service.yaml b/versions/kruise-game/next/templates/webhook_service.yaml index c8d6178..9a334f6 100644 --- a/versions/kruise-game/next/templates/webhook_service.yaml +++ b/versions/kruise-game/next/templates/webhook_service.yaml @@ -2,7 +2,7 @@ apiVersion: v1 kind: Service metadata: - name: kruise-game-webhook-service + name: {{ .Values.kruiseGame.webhook.serviceName }} namespace: {{ .Values.installation.namespace }} spec: ports: diff --git a/versions/kruise-game/next/values.yaml b/versions/kruise-game/next/values.yaml index 296c01a..9537c91 100644 --- a/versions/kruise-game/next/values.yaml +++ b/versions/kruise-game/next/values.yaml @@ -11,6 +11,7 @@ kruiseGame: fullname: kruise-game-controller-manager healthBindPort: "8082" webhook: + serviceName: kruise-game-webhook-service port: 443 targetPort: 9876 apiServerQps: 5 @@ -28,6 +29,9 @@ serviceAccount: # Annotations to add to the service account annotations: {} +# Kubernetes cluster domain +clusterDomain: cluster.local + service: port: 8443 @@ -53,6 +57,7 @@ prometheus: enabled: false monitorService: port: 8080 + scale: service: port: 6000 @@ -63,4 +68,27 @@ network: probeIntervalTime: 5 cloudProvider: - installCRD: true \ No newline at end of file + installCRD: true + +certificates: + autoGenerated: true + secretName: kruise-game-certs + mountPath: /tmp/webhook-certs/ + certManager: + enabled: false + duration: 8760h0m0s # 1 year + renewBefore: 5840h0m0s # 8 months + generateCA: true + caSecretName: "kruise-game-ca" + secretTemplate: {} + # annotations: + # my-secret-annotation-1: "foo" + # my-secret-annotation-2: "bar" + # labels: + # my-secret-label: foo + # -- Reference to custom Issuer. If issuer.generate is false, then issuer.group, issuer.kind and issuer.name are required + issuer: + generate: true + name: kruise-ca + kind: ClusterIssuer + group: cert-manager.io \ No newline at end of file From b5b835cf3ed1885e2fdca84330b320300a56424d Mon Sep 17 00:00:00 2001 From: Kagaya Date: Sun, 22 Jun 2025 14:39:54 +0800 Subject: [PATCH 3/5] update cert manifests Signed-off-by: Kagaya --- versions/kruise-game/next/Chart.yaml | 3 +- .../cert-manager/okg-tls-certificate.yaml | 9 ++-- .../next/templates/cert-manager/self-ca.yaml | 3 +- .../kruise-game/next/templates/manager.yaml | 12 +++++- .../webhooks/mutatingconfiguration.yaml | 42 +++++++++++++++++++ .../service.yaml} | 0 .../webhooks/validatingconfiguration.yaml | 40 ++++++++++++++++++ versions/kruise-game/next/values.yaml | 7 +--- 8 files changed, 103 insertions(+), 13 deletions(-) create mode 100644 versions/kruise-game/next/templates/webhooks/mutatingconfiguration.yaml rename versions/kruise-game/next/templates/{webhook_service.yaml => webhooks/service.yaml} (100%) create mode 100644 versions/kruise-game/next/templates/webhooks/validatingconfiguration.yaml diff --git a/versions/kruise-game/next/Chart.yaml b/versions/kruise-game/next/Chart.yaml index 533c6cd..a5f9fb3 100644 --- a/versions/kruise-game/next/Chart.yaml +++ b/versions/kruise-game/next/Chart.yaml @@ -8,4 +8,5 @@ sources: - https://github.com/openkruise/kruise-game annotations: artifacthub.io/changes: | - - "[Changed]: https://github.com/openkruise/kruise-game/blob/master/CHANGELOG.md" \ No newline at end of file + - "[Changed]: https://github.com/openkruise/kruise-game/blob/master/CHANGELOG.md" + - "[Added]: Support for cert-manager with CA injection" \ No newline at end of file diff --git a/versions/kruise-game/next/templates/cert-manager/okg-tls-certificate.yaml b/versions/kruise-game/next/templates/cert-manager/okg-tls-certificate.yaml index 1a84754..cb441ff 100644 --- a/versions/kruise-game/next/templates/cert-manager/okg-tls-certificate.yaml +++ b/versions/kruise-game/next/templates/cert-manager/okg-tls-certificate.yaml @@ -2,19 +2,20 @@ apiVersion: cert-manager.io/v1 kind: Certificate metadata: - name: {{ .Values.kruiseGame.fullname }}-tls-certificates + name: {{ .Values.kruiseGame.fullname }}-cert namespace: {{ .Values.installation.namespace }} spec: commonName: {{ .Values.kruiseGame.fullname }} dnsNames: - - {{ ..Values.kruiseGame.webhook.serviceName }}.{{ .Values.installation.namespace }} - - {{ ..Values.kruiseGame.webhook.serviceName }}.{{ .Values.installation.namespace }}.svc - - {{ ..Values.kruiseGame.webhook.serviceName }}.{{ .Values.installation.namespace }}.svc.{{ .Values.clusterDomain }} + - {{ .Values.kruiseGame.webhook.serviceName }}.{{ .Values.installation.namespace }} + - {{ .Values.kruiseGame.webhook.serviceName }}.{{ .Values.installation.namespace }}.svc + - {{ .Values.kruiseGame.webhook.serviceName }}.{{ .Values.installation.namespace }}.svc.{{ .Values.clusterDomain }} secretName: {{ .Values.certificates.secretName }} usages: - server auth - client auth privateKey: + rotationPolicy: Always algorithm: RSA size: 2048 duration: {{ .Values.certificates.certManager.duration }} diff --git a/versions/kruise-game/next/templates/cert-manager/self-ca.yaml b/versions/kruise-game/next/templates/cert-manager/self-ca.yaml index 4639ab9..82fc605 100644 --- a/versions/kruise-game/next/templates/cert-manager/self-ca.yaml +++ b/versions/kruise-game/next/templates/cert-manager/self-ca.yaml @@ -9,12 +9,13 @@ spec: commonName: {{ .Values.kruiseGame.fullname }} secretName: {{ .Values.certificates.certManager.caSecretName }} privateKey: + rotationPolicy: Always algorithm: RSA size: 2048 duration: 8760h0m0s # 1 year renewBefore: 720h0m0s # 1 month issuerRef: - name: {{ .Values.operator.name }}-selfsigned-issuer + name: {{ .Values.kruiseGame.fullname }}-selfsigned-issuer kind: Issuer group: cert-manager.io {{- end }} diff --git a/versions/kruise-game/next/templates/manager.yaml b/versions/kruise-game/next/templates/manager.yaml index 6e56313..c5abd29 100644 --- a/versions/kruise-game/next/templates/manager.yaml +++ b/versions/kruise-game/next/templates/manager.yaml @@ -60,6 +60,9 @@ spec: - --api-server-qps={{ .Values.kruiseGame.apiServerQps }} - --api-server-qps-burst={{ .Values.kruiseGame.apiServerQpsBurst }} - --scale-server-bind-address=:{{ .Values.scale.service.targetPort }} + {{- if not .Values.certificates.autoGenerated }} + - --enable-cert-generation={{ .Values.certificates.autoGenerated }} + {{- end }} {{- if .Values.prometheus.enabled }} - --metrics-bind-address=:{{ .Values.prometheus.monitorService.port }} {{- end }} @@ -98,6 +101,8 @@ spec: volumeMounts: - mountPath: /etc/kruise-game name: provider-config + - mountPath: {{ .Values.certificates.mountPath }} + name: certificates topologySpreadConstraints: - labelSelector: matchLabels: @@ -108,7 +113,7 @@ spec: {{- end }} maxSkew: 1 topologyKey: topology.kubernetes.io/zone - whenUnsatisfiable: ScheduleAnyway + whenUnsatisfiable: ScheduleAnyway serviceAccountName: {{ .Values.kruiseGame.fullname }} terminationGracePeriodSeconds: 10 volumes: @@ -119,3 +124,8 @@ spec: path: config.toml name: kruise-game-manager-config name: provider-config + - name: certificates + secret: + defaultMode: 420 + secretName: {{ .Values.certificates.secretName}} + optional: {{ and .Values.certificates.autoGenerated ( not .Values.certificates.certManager.enabled ) }} diff --git a/versions/kruise-game/next/templates/webhooks/mutatingconfiguration.yaml b/versions/kruise-game/next/templates/webhooks/mutatingconfiguration.yaml new file mode 100644 index 0000000..9568cc1 --- /dev/null +++ b/versions/kruise-game/next/templates/webhooks/mutatingconfiguration.yaml @@ -0,0 +1,42 @@ +apiVersion: admissionregistration.k8s.io/v1 +kind: MutatingWebhookConfiguration +metadata: + annotations: + {{- if .Values.certificates.certManager.enabled }} + {{- if and (not .Values.certificates.certManager.generateCA) .Values.certificates.certManager.issuer.generate }} + cert-manager.io/inject-ca-from-secret: {{ .Values.installation.namespace }}/{{ .Values.certificates.certManager.caSecretName }} + {{- else }} + cert-manager.io/inject-ca-from: {{ .Values.installation.namespace }}/{{ .Values.kruiseGame.fullname }}-cert + {{- end }} + {{- end }} + labels: + app.kubernetes.io/name: {{ .Values.kruiseGame.fullname }} + name: kruise-game-mutating-webhook +webhooks: +- admissionReviewVersions: + - v1 + - v1beta1 + clientConfig: + service: + name: {{ .Values.kruiseGame.webhook.serviceName }} + namespace: {{ .Values.installation.namespace }} + path: /mutate-v1-pod + failurePolicy: {{ .Values.kruiseGame.webhook.failurePolicy }} + matchPolicy: Equivalent + name: mgameserverset.kb.io + rules: + - operations: + - CREATE + - UPDATE + - DELETE + apiGroups: + - "" + apiVersions: + - v1 + resources: + - pods + objectSelector: + matchExpressions: + - key: game.kruise.io/owner-gss + operator: Exists + sideEffects: None \ No newline at end of file diff --git a/versions/kruise-game/next/templates/webhook_service.yaml b/versions/kruise-game/next/templates/webhooks/service.yaml similarity index 100% rename from versions/kruise-game/next/templates/webhook_service.yaml rename to versions/kruise-game/next/templates/webhooks/service.yaml diff --git a/versions/kruise-game/next/templates/webhooks/validatingconfiguration.yaml b/versions/kruise-game/next/templates/webhooks/validatingconfiguration.yaml new file mode 100644 index 0000000..00c6b52 --- /dev/null +++ b/versions/kruise-game/next/templates/webhooks/validatingconfiguration.yaml @@ -0,0 +1,40 @@ +apiVersion: admissionregistration.k8s.io/v1 +kind: ValidatingWebhookConfiguration +metadata: + annotations: + {{- if .Values.certificates.certManager.enabled }} + {{- if and (not .Values.certificates.certManager.generateCA) .Values.certificates.certManager.issuer.generate }} + cert-manager.io/inject-ca-from-secret: {{ .Values.installation.namespace }}/{{ .Values.certificates.certManager.caSecretName }} + {{- else }} + cert-manager.io/inject-ca-from: {{ .Values.installation.namespace }}/{{ .Values.kruiseGame.fullname }}-cert + {{- end }} + {{- end }} + labels: + app.kubernetes.io/name: {{ .Values.kruiseGame.fullname }} + name: kruise-game-validating-webhook +webhooks: +- admissionReviewVersions: + - v1 + - v1beta1 + clientConfig: + service: + name: {{ .Values.kruiseGame.webhook.serviceName }} + namespace: {{ .Values.installation.namespace }} + path: /validate-v1alpha1-gss + failurePolicy: {{ .Values.kruiseGame.webhook.failurePolicy }} + matchPolicy: Equivalent + name: vgameserverset.kb.io + namespaceSelector: {} + objectSelector: {} + rules: + - apiGroups: + - game.kruise.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - gameserversets + sideEffects: None + timeoutSeconds: 10 \ No newline at end of file diff --git a/versions/kruise-game/next/values.yaml b/versions/kruise-game/next/values.yaml index 9537c91..9075842 100644 --- a/versions/kruise-game/next/values.yaml +++ b/versions/kruise-game/next/values.yaml @@ -14,6 +14,7 @@ kruiseGame: serviceName: kruise-game-webhook-service port: 443 targetPort: 9876 + failurePolicy: Fail apiServerQps: 5 apiServerQpsBurst: 10 @@ -80,12 +81,6 @@ certificates: renewBefore: 5840h0m0s # 8 months generateCA: true caSecretName: "kruise-game-ca" - secretTemplate: {} - # annotations: - # my-secret-annotation-1: "foo" - # my-secret-annotation-2: "bar" - # labels: - # my-secret-label: foo # -- Reference to custom Issuer. If issuer.generate is false, then issuer.group, issuer.kind and issuer.name are required issuer: generate: true From 4523b413c34b0037cfac743eb0d1fd9d38df378f Mon Sep 17 00:00:00 2001 From: Kagaya Date: Wed, 9 Jul 2025 21:06:45 +0800 Subject: [PATCH 4/5] update doc --- versions/kruise-game/next/README.md | 46 +++++++++++++++++++ .../kruise-game/next/templates/manager.yaml | 4 ++ .../webhooks/mutatingconfiguration.yaml | 4 +- .../webhooks/validatingconfiguration.yaml | 4 +- 4 files changed, 56 insertions(+), 2 deletions(-) diff --git a/versions/kruise-game/next/README.md b/versions/kruise-game/next/README.md index 5d95275..c6ee716 100644 --- a/versions/kruise-game/next/README.md +++ b/versions/kruise-game/next/README.md @@ -31,10 +31,56 @@ The following table lists the configurable parameters of the kruise-game chart a | `network.totalWaitTime` | Maximum time to wait for network ready, the unit is seconds | `60` | | `network.probeIntervalTime` | Time interval for detecting network status, the unit is seconds | `5` | | `cloudProvider.installCRD` | Whether to install CloudProvider CRD | `true` | +| `certificates.autoGenerated` | Whether to auto-generate webhook certificates | `true` | +| `certificates.secretName` | Name of the secret containing webhook certificates | `kruise-game-certs` | +| `certificates.mountPath` | Path to mount webhook certificates in container | `/tmp/webhook-certs/` | +| `certificates.certManager.enabled` | Whether to use cert-manager for certificate management | `false` | +| `certificates.certManager.duration` | Certificate validity duration | `8760h0m0s` | +| `certificates.certManager.renewBefore` | Time before expiry to renew certificate | `5840h0m0s` | +| `certificates.certManager.generateCA` | Whether to generate a Certificate Authority | `true` | +| `certificates.certManager.caSecretName` | Name of the secret containing the CA certificate | `kruise-game-ca` | +| `certificates.certManager.issuer.generate` | Whether to generate the issuer automatically | `true` | +| `certificates.certManager.issuer.name` | Name of the certificate issuer | `kruise-ca` | +| `certificates.certManager.issuer.kind` | Type of the certificate issuer | `ClusterIssuer` | +| `certificates.certManager.issuer.group` | API group of the certificate issuer | `cert-manager.io` | Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. For example, +### Certificate Management + +> **Important**: Kruise Game webhook requires TLS certificates for secure communication. Regardless of which certificate management method you choose, you must ensure that the webhook certificate is signed by a trusted CA certificate, and that the CA certificate is properly configured in the Kubernetes cluster so that the API Server can verify the webhook's identity. + +Kruise Game supports two methods for webhook certificate management: + +#### Auto-generated Certificates (Default) + +By default, kruise-game uses auto-generated certificates for webhook TLS: + +```bash +$ helm install kruise-game https://... --set certificates.autoGenerated=true +``` + +#### cert-manager Integration + +For production environments, you can use cert-manager to manage webhook certificates: + +```bash +$ helm install kruise-game https://... \ + --set certificates.autoGenerated=false \ + --set certificates.certManager.enabled=true \ +``` + +You can also use a custom issuer instead of generating one: + +```bash +$ helm install kruise-game https://... \ + --set certificates.certManager.enabled=true \ + --set certificates.certManager.issuer.generate=false \ + --set certificates.certManager.issuer.name=my-custom-issuer \ + --set certificates.certManager.issuer.kind=Issuer +``` + ### Optional: the local image for China If you are in China and have problem to pull image from official DockerHub, you can use the registry hosted on Alibaba Cloud: diff --git a/versions/kruise-game/next/templates/manager.yaml b/versions/kruise-game/next/templates/manager.yaml index c5abd29..4a93781 100644 --- a/versions/kruise-game/next/templates/manager.yaml +++ b/versions/kruise-game/next/templates/manager.yaml @@ -101,8 +101,10 @@ spec: volumeMounts: - mountPath: /etc/kruise-game name: provider-config + {{- if not .Values.certificates.autoGenerated}} - mountPath: {{ .Values.certificates.mountPath }} name: certificates + {{- end }} topologySpreadConstraints: - labelSelector: matchLabels: @@ -124,8 +126,10 @@ spec: path: config.toml name: kruise-game-manager-config name: provider-config + {{- if not .Values.certificates.autoGenerated }} - name: certificates secret: defaultMode: 420 secretName: {{ .Values.certificates.secretName}} optional: {{ and .Values.certificates.autoGenerated ( not .Values.certificates.certManager.enabled ) }} + {{- end }} diff --git a/versions/kruise-game/next/templates/webhooks/mutatingconfiguration.yaml b/versions/kruise-game/next/templates/webhooks/mutatingconfiguration.yaml index 9568cc1..3cbacb9 100644 --- a/versions/kruise-game/next/templates/webhooks/mutatingconfiguration.yaml +++ b/versions/kruise-game/next/templates/webhooks/mutatingconfiguration.yaml @@ -1,3 +1,4 @@ +{{- if not .Values.certificates.autoGenerated }} apiVersion: admissionregistration.k8s.io/v1 kind: MutatingWebhookConfiguration metadata: @@ -39,4 +40,5 @@ webhooks: matchExpressions: - key: game.kruise.io/owner-gss operator: Exists - sideEffects: None \ No newline at end of file + sideEffects: None +{{- end}} \ No newline at end of file diff --git a/versions/kruise-game/next/templates/webhooks/validatingconfiguration.yaml b/versions/kruise-game/next/templates/webhooks/validatingconfiguration.yaml index 00c6b52..daed2da 100644 --- a/versions/kruise-game/next/templates/webhooks/validatingconfiguration.yaml +++ b/versions/kruise-game/next/templates/webhooks/validatingconfiguration.yaml @@ -1,3 +1,4 @@ +{{- if not .Values.certificates.autoGenerated }} apiVersion: admissionregistration.k8s.io/v1 kind: ValidatingWebhookConfiguration metadata: @@ -37,4 +38,5 @@ webhooks: resources: - gameserversets sideEffects: None - timeoutSeconds: 10 \ No newline at end of file + timeoutSeconds: 10 +{{- end}} \ No newline at end of file From 354c80cb693614f56d788f9b95e2f86111621fcc Mon Sep 17 00:00:00 2001 From: Kagaya Date: Wed, 9 Jul 2025 21:11:52 +0800 Subject: [PATCH 5/5] install cert-manager in ci-workflow Signed-off-by: Kagaya --- .github/workflows/e2e-kruise.yaml | 9 + versions/kruise-game/1.0.0/.helmignore | 23 - versions/kruise-game/1.0.0/Chart.yaml | 11 - versions/kruise-game/1.0.0/README.md | 49 - .../kruise-game/1.0.0/templates/_helpers.tpl | 62 - .../templates/cert-manager/okg-issuer.yaml | 10 - .../cert-manager/okg-tls-certificate.yaml | 39 - .../1.0.0/templates/cert-manager/self-ca.yaml | 21 - .../templates/cert-manager/self-issuer.yaml | 13 - .../templates/controller_manager_config.yaml | 77 - .../templates/game.kruise.io_gameservers.yaml | 1411 ----------------- .../game.kruise.io_gameserversets.yaml | 1060 ------------- .../templates/index-offset-scheduler.yaml | 298 ---- .../kruise-game/1.0.0/templates/manager.yaml | 122 -- .../1.0.0/templates/prometheus-monitor.yaml | 17 - .../1.0.0/templates/rbac_role.yaml | 404 ----- .../1.0.0/templates/scaler-service.yaml | 11 - .../webhooks/mutatingconfiguration.yaml | 44 - .../1.0.0/templates/webhooks/service.yaml | 12 - .../webhooks/validatingconfiguration.yaml | 42 - versions/kruise-game/1.0.0/values.yaml | 93 -- .../kruise-game/next/templates/manager.yaml | 23 +- versions/kruise-game/next/values.yaml | 16 +- 23 files changed, 26 insertions(+), 3841 deletions(-) delete mode 100644 versions/kruise-game/1.0.0/.helmignore delete mode 100644 versions/kruise-game/1.0.0/Chart.yaml delete mode 100644 versions/kruise-game/1.0.0/README.md delete mode 100644 versions/kruise-game/1.0.0/templates/_helpers.tpl delete mode 100644 versions/kruise-game/1.0.0/templates/cert-manager/okg-issuer.yaml delete mode 100644 versions/kruise-game/1.0.0/templates/cert-manager/okg-tls-certificate.yaml delete mode 100644 versions/kruise-game/1.0.0/templates/cert-manager/self-ca.yaml delete mode 100644 versions/kruise-game/1.0.0/templates/cert-manager/self-issuer.yaml delete mode 100644 versions/kruise-game/1.0.0/templates/controller_manager_config.yaml delete mode 100644 versions/kruise-game/1.0.0/templates/game.kruise.io_gameservers.yaml delete mode 100644 versions/kruise-game/1.0.0/templates/game.kruise.io_gameserversets.yaml delete mode 100644 versions/kruise-game/1.0.0/templates/index-offset-scheduler.yaml delete mode 100644 versions/kruise-game/1.0.0/templates/manager.yaml delete mode 100644 versions/kruise-game/1.0.0/templates/prometheus-monitor.yaml delete mode 100644 versions/kruise-game/1.0.0/templates/rbac_role.yaml delete mode 100644 versions/kruise-game/1.0.0/templates/scaler-service.yaml delete mode 100644 versions/kruise-game/1.0.0/templates/webhooks/mutatingconfiguration.yaml delete mode 100644 versions/kruise-game/1.0.0/templates/webhooks/service.yaml delete mode 100644 versions/kruise-game/1.0.0/templates/webhooks/validatingconfiguration.yaml delete mode 100644 versions/kruise-game/1.0.0/values.yaml diff --git a/.github/workflows/e2e-kruise.yaml b/.github/workflows/e2e-kruise.yaml index e14a1df..321ebef 100644 --- a/.github/workflows/e2e-kruise.yaml +++ b/.github/workflows/e2e-kruise.yaml @@ -17,6 +17,7 @@ env: KIND_VERSION: 'v0.18.0' KIND_VERSION_FOR_HIGHER: 'v0.22.0' KIND_CLUSTER_NAME: 'ci-testing' + CERT_MANAGER_VERSION: 'v1.18.2' # todo: add kruise e2e here jobs: # 1.27- @@ -36,6 +37,10 @@ jobs: cluster_name: ${{ env.KIND_CLUSTER_NAME }} config: ./test/kind-conf.yaml version: ${{ env.KIND_VERSION }} + - name: Install Cert-Manager + run: | + kubectl apply -f https://github.com/cert-manager/cert-manager/releases/download/${{ env.CERT_MANAGER_VERSION }}/cert-manager.yaml + kubectl -n cert-manager rollout status deploy/cert-manager-webhook --timeout=180s - name: Install Kruise run: | make install-kruise-from-local @@ -67,6 +72,10 @@ jobs: cluster_name: ${{ env.KIND_CLUSTER_NAME }} config: ./test/kind-conf-with-vpa.yaml version: ${{ env.KIND_VERSION_FOR_HIGHER }} + - name: Install Cert-Manager + run: | + kubectl apply -f https://github.com/cert-manager/cert-manager/releases/download/${{ env.CERT_MANAGER_VERSION }}/cert-manager.yaml + kubectl -n cert-manager rollout status deploy/cert-manager-webhook --timeout=180s - name: Install Kruise run: | make install-kruise-from-local diff --git a/versions/kruise-game/1.0.0/.helmignore b/versions/kruise-game/1.0.0/.helmignore deleted file mode 100644 index 0e8a0eb..0000000 --- a/versions/kruise-game/1.0.0/.helmignore +++ /dev/null @@ -1,23 +0,0 @@ -# Patterns to ignore when building packages. -# This supports shell glob matching, relative path matching, and -# negation (prefixed with !). Only one pattern per line. -.DS_Store -# Common VCS dirs -.git/ -.gitignore -.bzr/ -.bzrignore -.hg/ -.hgignore -.svn/ -# Common backup files -*.swp -*.bak -*.tmp -*.orig -*~ -# Various IDEs -.project -.idea/ -*.tmproj -.vscode/ diff --git a/versions/kruise-game/1.0.0/Chart.yaml b/versions/kruise-game/1.0.0/Chart.yaml deleted file mode 100644 index acd3ad5..0000000 --- a/versions/kruise-game/1.0.0/Chart.yaml +++ /dev/null @@ -1,11 +0,0 @@ -apiVersion: v1 -name: kruise-game -description: Helm chart for kruise-game components -version: 1.0.0 -appVersion: 1.0.0 -kubeVersion: ">= 1.18.0-0" -sources: - - https://github.com/openkruise/kruise-game -annotations: - artifacthub.io/changes: | - - "[Changed]: https://github.com/openkruise/kruise-game/blob/master/CHANGELOG.md" \ No newline at end of file diff --git a/versions/kruise-game/1.0.0/README.md b/versions/kruise-game/1.0.0/README.md deleted file mode 100644 index e25006d..0000000 --- a/versions/kruise-game/1.0.0/README.md +++ /dev/null @@ -1,49 +0,0 @@ -# Kruise Game v1.0.0 - -## Configuration - -The following table lists the configurable parameters of the kruise-game chart and their default values. - -| Parameter | Description | Default | -|-----------------------------------|-----------------------------------------------------------------------------|----------------------------------| -| `installation.namespace` | Namespace for kruise-game operation installation | `kruise-game-system` | -| `installation.createNamespace` | Whether to create the installation.namespace | `true` | -| `kruiseGame.fullname` | Nick name for kruise-game deployment and other configurations | `kruise-game-controller-manager` | -| `kruiseGame.healthBindPort` | Port for checking health of kruise-game container | `8082` | -| `kruiseGame.webhook.port` | Port of webhook served by kruise-game container | `443` | -| `kruiseGame.webhook.targetPort` | ObjectSelector for workloads in MutatingWebhookConfigurations | `9876` | -| `kruiseGame.apiServerQps` | Indicates the maximum QPS to the master from kruise-game-controller-manager | `5` | -| `kruiseGame.apiServerQpsBurst` | Maximum burst for throttle of kruise-game-controller-manager | `10` | -| `kruiseGame.gameserverWorkers` | Max concurrent workers for GameServer controller | `10` | -| `kruiseGame.gameserversetWorkers` | Max concurrent workers for GameServerSet controller | `10` | -| `replicaCount` | Replicas of kruise-game deployment | `1` | -| `image.repository` | Repository for kruise-game image | `openkruise/kruise-game-manager` | -| `image.tag` | Tag for kruise-game image | `v1.0.0` | -| `image.pullPolicy` | ImagePullPolicy for kruise-game container | `Always` | -| `serviceAccount.annotations` | The annotations for serviceAccount of kruise-game | ` ` | -| `service.port` | Port of kruise-game service | `8443` | -| `resources.limits.cpu` | CPU resource limit of kruise-game container | `500m` | -| `resources.limits.memory` | Memory resource limit of kruise-game container | `1Gi` | -| `resources.requests.cpu` | CPU resource request of kruise-game container | `10m` | -| `resources.requests.memory` | Memory resource request of kruise-game container | `64Mi` | -| `prometheus.enabled` | Whether to bind metric endpoint | `true` | -| `prometheus.monitorService.port` | Port of the monitorservice bind to | `8080` | -| `scale.service.port` | Port of the external scaler server binds to | `6000` | -| `scale.service.targetPort` | TargetPort of the external scaler server binds to | `6000` | -| `network.totalWaitTime` | Maximum time to wait for network ready, the unit is seconds | `60` | -| `network.probeIntervalTime` | Time interval for detecting network status, the unit is seconds | `5` | -| `cloudProvider.installCRD` | Whether to install CloudProvider CRD | `true` | -| `indexOffsetScheduler.enabled` | Whether to install index-offset-scheduler | `false` | - - - -Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. For example, - -### Optional: the local image for China - -If you are in China and have problem to pull image from official DockerHub, you can use the registry hosted on Alibaba Cloud: - -```bash -$ helm install kruise-game https://... --set image.repository=registry.cn-hangzhou.aliyuncs.com/acs/kruise-game-manager -... -``` \ No newline at end of file diff --git a/versions/kruise-game/1.0.0/templates/_helpers.tpl b/versions/kruise-game/1.0.0/templates/_helpers.tpl deleted file mode 100644 index f41cfbb..0000000 --- a/versions/kruise-game/1.0.0/templates/_helpers.tpl +++ /dev/null @@ -1,62 +0,0 @@ -{{/* -Expand the name of the chart. -*/}} -{{- define "kruise-game.name" -}} -{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} -{{- end }} - -{{/* -Create a default fully qualified app name. -We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). -If release name contains chart name it will be used as a full name. -*/}} -{{- define "kruise-game.fullname" -}} -{{- if .Values.fullnameOverride }} -{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} -{{- else }} -{{- $name := default .Chart.Name .Values.nameOverride }} -{{- if contains $name .Release.Name }} -{{- .Release.Name | trunc 63 | trimSuffix "-" }} -{{- else }} -{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} -{{- end }} -{{- end }} -{{- end }} - -{{/* -Create chart name and version as used by the chart label. -*/}} -{{- define "kruise-game.chart" -}} -{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} -{{- end }} - -{{/* -Common labels -*/}} -{{- define "kruise-game.labels" -}} -helm.sh/chart: {{ include "kruise-game.chart" . }} -{{ include "kruise-game.selectorLabels" . }} -{{- if .Chart.AppVersion }} -app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} -{{- end }} -app.kubernetes.io/managed-by: {{ .Release.Service }} -{{- end }} - -{{/* -Selector labels -*/}} -{{- define "kruise-game.selectorLabels" -}} -app.kubernetes.io/name: {{ include "kruise-game.name" . }} -app.kubernetes.io/instance: {{ .Release.Name }} -{{- end }} - -{{/* -Create the name of the service account to use -*/}} -{{- define "kruise-game.serviceAccountName" -}} -{{- if .Values.serviceAccount.create }} -{{- default (include "kruise-game.fullname" .) .Values.serviceAccount.name }} -{{- else }} -{{- default "default" .Values.serviceAccount.name }} -{{- end }} -{{- end }} diff --git a/versions/kruise-game/1.0.0/templates/cert-manager/okg-issuer.yaml b/versions/kruise-game/1.0.0/templates/cert-manager/okg-issuer.yaml deleted file mode 100644 index efeb542..0000000 --- a/versions/kruise-game/1.0.0/templates/cert-manager/okg-issuer.yaml +++ /dev/null @@ -1,10 +0,0 @@ -{{- if and .Values.certificates.certManager.enabled .Values.certificates.certManager.issuer.generate }} -apiVersion: cert-manager.io/v1 -kind: Issuer -metadata: - name: {{ .Values.kruiseGame.fullname }}-issuer - namespace: {{ .Values.installation.namespace }} -spec: - ca: - secretName: {{ .Values.certificates.certManager.caSecretName }} -{{- end }} diff --git a/versions/kruise-game/1.0.0/templates/cert-manager/okg-tls-certificate.yaml b/versions/kruise-game/1.0.0/templates/cert-manager/okg-tls-certificate.yaml deleted file mode 100644 index cb441ff..0000000 --- a/versions/kruise-game/1.0.0/templates/cert-manager/okg-tls-certificate.yaml +++ /dev/null @@ -1,39 +0,0 @@ -{{- if .Values.certificates.certManager.enabled }} -apiVersion: cert-manager.io/v1 -kind: Certificate -metadata: - name: {{ .Values.kruiseGame.fullname }}-cert - namespace: {{ .Values.installation.namespace }} -spec: - commonName: {{ .Values.kruiseGame.fullname }} - dnsNames: - - {{ .Values.kruiseGame.webhook.serviceName }}.{{ .Values.installation.namespace }} - - {{ .Values.kruiseGame.webhook.serviceName }}.{{ .Values.installation.namespace }}.svc - - {{ .Values.kruiseGame.webhook.serviceName }}.{{ .Values.installation.namespace }}.svc.{{ .Values.clusterDomain }} - secretName: {{ .Values.certificates.secretName }} - usages: - - server auth - - client auth - privateKey: - rotationPolicy: Always - algorithm: RSA - size: 2048 - duration: {{ .Values.certificates.certManager.duration }} - renewBefore: {{ .Values.certificates.certManager.renewBefore }} - issuerRef: - {{- if .Values.certificates.certManager.issuer.generate }} - name: {{ .Values.kruiseGame.fullname }}-issuer - kind: Issuer - group: cert-manager.io - {{- else }} - {{- if .Values.certificates.certManager.issuer.name }} - name: {{ .Values.certificates.certManager.issuer.name }} - {{- end }} - {{- if .Values.certificates.certManager.issuer.kind }} - kind: {{ .Values.certificates.certManager.issuer.kind }} - {{- end }} - {{- if .Values.certificates.certManager.issuer.group }} - group: {{ .Values.certificates.certManager.issuer.group }} - {{- end }} - {{- end }} -{{- end }} diff --git a/versions/kruise-game/1.0.0/templates/cert-manager/self-ca.yaml b/versions/kruise-game/1.0.0/templates/cert-manager/self-ca.yaml deleted file mode 100644 index 82fc605..0000000 --- a/versions/kruise-game/1.0.0/templates/cert-manager/self-ca.yaml +++ /dev/null @@ -1,21 +0,0 @@ -{{- if and .Values.certificates.certManager.enabled .Values.certificates.certManager.generateCA .Values.certificates.certManager.issuer.generate }} -apiVersion: cert-manager.io/v1 -kind: Certificate -metadata: - name: {{ .Values.kruiseGame.fullname }}-ca - namespace: {{ .Values.installation.namespace }} -spec: - isCA: true - commonName: {{ .Values.kruiseGame.fullname }} - secretName: {{ .Values.certificates.certManager.caSecretName }} - privateKey: - rotationPolicy: Always - algorithm: RSA - size: 2048 - duration: 8760h0m0s # 1 year - renewBefore: 720h0m0s # 1 month - issuerRef: - name: {{ .Values.kruiseGame.fullname }}-selfsigned-issuer - kind: Issuer - group: cert-manager.io -{{- end }} diff --git a/versions/kruise-game/1.0.0/templates/cert-manager/self-issuer.yaml b/versions/kruise-game/1.0.0/templates/cert-manager/self-issuer.yaml deleted file mode 100644 index d6e1904..0000000 --- a/versions/kruise-game/1.0.0/templates/cert-manager/self-issuer.yaml +++ /dev/null @@ -1,13 +0,0 @@ -{{- if and .Values.certificates.certManager.enabled .Values.certificates.certManager.generateCA .Values.certificates.certManager.issuer.generate }} -apiVersion: cert-manager.io/v1 -kind: Issuer -metadata: - {{- with .Values.additionalAnnotations }} - annotations: - {{- toYaml . | nindent 4 }} - {{- end }} - name: {{ .Values.kruiseGame.fullname }}-selfsigned-issuer - namespace: {{ .Values.installation.namespace }} -spec: - selfSigned: {} -{{- end }} diff --git a/versions/kruise-game/1.0.0/templates/controller_manager_config.yaml b/versions/kruise-game/1.0.0/templates/controller_manager_config.yaml deleted file mode 100644 index cd4d5dd..0000000 --- a/versions/kruise-game/1.0.0/templates/controller_manager_config.yaml +++ /dev/null @@ -1,77 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: - name: kruise-game-manager-config - namespace: {{ .Values.installation.namespace }} -data: - config.toml: | - [kubernetes] - enable = true - [kubernetes.hostPort] - max_port = 9000 - min_port = 8000 - - [alibabacloud] - enable = true - [alibabacloud.slb] - max_port = 700 - min_port = 500 - block_ports = [593] - [alibabacloud.nlb] - max_port = 1502 - min_port = 1000 - block_ports = [1025, 1434, 1068] - - [volcengine] - enable = true - [volcengine.clb] - max_port = 600 - min_port = 550 - block_ports = [593] - - [aws] - enable = false - [aws.nlb] - max_port = 30050 - min_port = 30001 - - [jdcloud] - enable = false - [jdcloud.nlb] - max_port = 700 - min_port = 500 - - [tencentcloud] - enable = true - - [hwcloud] - enable = false - [hwcloud.elb] - max_port = 700 - min_port = 500 - block_ports = [] - - controller_manager_config.yaml: | - apiVersion: controller-runtime.sigs.k8s.io/v1alpha1 - kind: ControllerManagerConfig - health: - healthProbeBindAddress: :8081 - metrics: - bindAddress: 127.0.0.1:8080 - webhook: - port: 9443 - leaderElection: - leaderElect: true - resourceName: c637bb1e.my.domain -# leaderElectionReleaseOnCancel defines if the leader should step down volume -# when the Manager ends. This requires the binary to immediately end when the -# Manager is stopped, otherwise, this setting is unsafe. Setting this significantly -# speeds up voluntary leader transitions as the new leader don't have to wait -# LeaseDuration time first. -# In the default scaffold provided, the program ends immediately after -# the manager stops, so would be fine to enable this option. However, -# if you are doing or is intended to do any operation such as perform cleanups -# after the manager stops then its usage might be unsafe. -# leaderElectionReleaseOnCancel: true - - diff --git a/versions/kruise-game/1.0.0/templates/game.kruise.io_gameservers.yaml b/versions/kruise-game/1.0.0/templates/game.kruise.io_gameservers.yaml deleted file mode 100644 index aace3ff..0000000 --- a/versions/kruise-game/1.0.0/templates/game.kruise.io_gameservers.yaml +++ /dev/null @@ -1,1411 +0,0 @@ ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.16.5 - name: gameservers.game.kruise.io -spec: - group: game.kruise.io - names: - kind: GameServer - listKind: GameServerList - plural: gameservers - shortNames: - - gs - singular: gameserver - scope: Namespaced - versions: - - additionalPrinterColumns: - - description: The current state of GameServer - jsonPath: .status.currentState - name: STATE - type: string - - description: The operations state of GameServer - jsonPath: .spec.opsState - name: OPSSTATE - type: string - - description: The current deletionPriority of GameServer - jsonPath: .status.deletionPriority - name: DP - type: string - - description: The current updatePriority of GameServer - jsonPath: .status.updatePriority - name: UP - type: string - - description: The age of GameServer - jsonPath: .metadata.creationTimestamp - name: AGE - type: date - name: v1alpha1 - schema: - openAPIV3Schema: - description: GameServer is the Schema for the gameservers API - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: GameServerSpec defines the desired state of GameServer - properties: - containers: - description: |- - Containers can be used to make the corresponding GameServer container fields - different from the fields defined by GameServerTemplate in GameServerSetSpec. - items: - properties: - image: - description: |- - Image indicates the image of the container to update. - When Image updated, pod.spec.containers[*].image will be updated immediately. - type: string - name: - description: Name indicates the name of the container to update. - type: string - resources: - description: |- - Resources indicates the resources of the container to update. - When Resources updated, pod.spec.containers[*].Resources will be not updated immediately, - which will be updated when pod recreate. - properties: - claims: - description: |- - Claims lists the names of resources, defined in spec.resourceClaims, - that are used by this container. - - This is an alpha field and requires enabling the - DynamicResourceAllocation feature gate. - - This field is immutable. It can only be set for containers. - items: - description: ResourceClaim references one entry in PodSpec.ResourceClaims. - properties: - name: - description: |- - Name must match the name of one entry in pod.spec.resourceClaims of - the Pod where this field is used. It makes that resource available - inside a container. - type: string - required: - - name - type: object - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: |- - Limits describes the maximum amount of compute resources allowed. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: |- - Requests describes the minimum amount of compute resources required. - If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, - otherwise to an implementation-defined value. Requests cannot exceed Limits. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - type: object - type: object - required: - - name - type: object - type: array - deletionPriority: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - networkDisabled: - type: boolean - opsState: - type: string - updatePriority: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - type: object - status: - description: GameServerStatus defines the observed state of GameServer - properties: - conditions: - description: Conditions is an array of current observed GameServer - conditions. - items: - properties: - lastProbeTime: - description: Last time we probed the condition. - format: date-time - type: string - lastTransitionTime: - description: Last time the condition transitioned from one status - to another. - format: date-time - type: string - message: - description: Human-readable message indicating details about - last transition. - type: string - reason: - description: Unique, one-word, CamelCase reason for the condition's - last transition. - type: string - status: - description: |- - Status is the status of the condition. - Can be True, False, Unknown. - type: string - type: - description: Type is the type of the condition. - type: string - required: - - status - - type - type: object - type: array - currentState: - type: string - deletionPriority: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - desiredState: - description: |- - INSERT ADDITIONAL STATUS FIELD - define observed state of cluster - Important: Run "make" to regenerate code after modifying this file - type: string - lastTransitionTime: - format: date-time - type: string - networkStatus: - properties: - createTime: - format: date-time - type: string - currentNetworkState: - type: string - desiredNetworkState: - type: string - externalAddresses: - items: - properties: - endPoint: - type: string - ip: - type: string - portRange: - properties: - portRange: - type: string - protocol: - description: Protocol defines network protocols supported - for things like container ports. - type: string - type: object - ports: - items: - properties: - name: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - protocol: - description: Protocol defines network protocols supported - for things like container ports. - type: string - required: - - name - type: object - type: array - required: - - ip - type: object - type: array - internalAddresses: - items: - properties: - endPoint: - type: string - ip: - type: string - portRange: - properties: - portRange: - type: string - protocol: - description: Protocol defines network protocols supported - for things like container ports. - type: string - type: object - ports: - items: - properties: - name: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - protocol: - description: Protocol defines network protocols supported - for things like container ports. - type: string - required: - - name - type: object - type: array - required: - - ip - type: object - type: array - lastTransitionTime: - format: date-time - type: string - networkType: - type: string - type: object - podStatus: - description: |- - PodStatus represents information about the status of a pod. Status may trail the actual - state of a system, especially if the node that hosts the pod cannot contact the control - plane. - properties: - conditions: - description: |- - Current service state of pod. - More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-conditions - items: - description: PodCondition contains details for the current condition - of this pod. - properties: - lastProbeTime: - description: Last time we probed the condition. - format: date-time - type: string - lastTransitionTime: - description: Last time the condition transitioned from one - status to another. - format: date-time - type: string - message: - description: Human-readable message indicating details about - last transition. - type: string - reason: - description: Unique, one-word, CamelCase reason for the - condition's last transition. - type: string - status: - description: |- - Status is the status of the condition. - Can be True, False, Unknown. - More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-conditions - type: string - type: - description: |- - Type is the type of the condition. - More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-conditions - type: string - required: - - status - - type - type: object - type: array - x-kubernetes-list-map-keys: - - type - x-kubernetes-list-type: map - containerStatuses: - description: |- - The list has one entry per container in the manifest. - More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-and-container-status - items: - description: ContainerStatus contains details for the current - status of this container. - properties: - allocatedResources: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: |- - AllocatedResources represents the compute resources allocated for this container by the - node. Kubelet sets this value to Container.Resources.Requests upon successful pod admission - and after successfully admitting desired pod resize. - type: object - containerID: - description: |- - ContainerID is the ID of the container in the format '://'. - Where type is a container runtime identifier, returned from Version call of CRI API - (for example "containerd"). - type: string - image: - description: |- - Image is the name of container image that the container is running. - The container image may not match the image used in the PodSpec, - as it may have been resolved by the runtime. - More info: https://kubernetes.io/docs/concepts/containers/images. - type: string - imageID: - description: |- - ImageID is the image ID of the container's image. The image ID may not - match the image ID of the image used in the PodSpec, as it may have been - resolved by the runtime. - type: string - lastState: - description: |- - LastTerminationState holds the last termination state of the container to - help debug container crashes and restarts. This field is not - populated if the container is still running and RestartCount is 0. - properties: - running: - description: Details about a running container - properties: - startedAt: - description: Time at which the container was last - (re-)started - format: date-time - type: string - type: object - terminated: - description: Details about a terminated container - properties: - containerID: - description: Container's ID in the format '://' - type: string - exitCode: - description: Exit status from the last termination - of the container - format: int32 - type: integer - finishedAt: - description: Time at which the container last terminated - format: date-time - type: string - message: - description: Message regarding the last termination - of the container - type: string - reason: - description: (brief) reason from the last termination - of the container - type: string - signal: - description: Signal from the last termination of - the container - format: int32 - type: integer - startedAt: - description: Time at which previous execution of - the container started - format: date-time - type: string - required: - - exitCode - type: object - waiting: - description: Details about a waiting container - properties: - message: - description: Message regarding why the container - is not yet running. - type: string - reason: - description: (brief) reason the container is not - yet running. - type: string - type: object - type: object - name: - description: |- - Name is a DNS_LABEL representing the unique name of the container. - Each container in a pod must have a unique name across all container types. - Cannot be updated. - type: string - ready: - description: |- - Ready specifies whether the container is currently passing its readiness check. - The value will change as readiness probes keep executing. If no readiness - probes are specified, this field defaults to true once the container is - fully started (see Started field). - - The value is typically used to determine whether a container is ready to - accept traffic. - type: boolean - resources: - description: |- - Resources represents the compute resource requests and limits that have been successfully - enacted on the running container after it has been started or has been successfully resized. - properties: - claims: - description: |- - Claims lists the names of resources, defined in spec.resourceClaims, - that are used by this container. - - This is an alpha field and requires enabling the - DynamicResourceAllocation feature gate. - - This field is immutable. It can only be set for containers. - items: - description: ResourceClaim references one entry in - PodSpec.ResourceClaims. - properties: - name: - description: |- - Name must match the name of one entry in pod.spec.resourceClaims of - the Pod where this field is used. It makes that resource available - inside a container. - type: string - required: - - name - type: object - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: |- - Limits describes the maximum amount of compute resources allowed. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: |- - Requests describes the minimum amount of compute resources required. - If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, - otherwise to an implementation-defined value. Requests cannot exceed Limits. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - type: object - type: object - restartCount: - description: |- - RestartCount holds the number of times the container has been restarted. - Kubelet makes an effort to always increment the value, but there - are cases when the state may be lost due to node restarts and then the value - may be reset to 0. The value is never negative. - format: int32 - type: integer - started: - description: |- - Started indicates whether the container has finished its postStart lifecycle hook - and passed its startup probe. - Initialized as false, becomes true after startupProbe is considered - successful. Resets to false when the container is restarted, or if kubelet - loses state temporarily. In both cases, startup probes will run again. - Is always true when no startupProbe is defined and container is running and - has passed the postStart lifecycle hook. The null value must be treated the - same as false. - type: boolean - state: - description: State holds details about the container's current - condition. - properties: - running: - description: Details about a running container - properties: - startedAt: - description: Time at which the container was last - (re-)started - format: date-time - type: string - type: object - terminated: - description: Details about a terminated container - properties: - containerID: - description: Container's ID in the format '://' - type: string - exitCode: - description: Exit status from the last termination - of the container - format: int32 - type: integer - finishedAt: - description: Time at which the container last terminated - format: date-time - type: string - message: - description: Message regarding the last termination - of the container - type: string - reason: - description: (brief) reason from the last termination - of the container - type: string - signal: - description: Signal from the last termination of - the container - format: int32 - type: integer - startedAt: - description: Time at which previous execution of - the container started - format: date-time - type: string - required: - - exitCode - type: object - waiting: - description: Details about a waiting container - properties: - message: - description: Message regarding why the container - is not yet running. - type: string - reason: - description: (brief) reason the container is not - yet running. - type: string - type: object - type: object - volumeMounts: - description: Status of volume mounts. - items: - description: VolumeMountStatus shows status of volume - mounts. - properties: - mountPath: - description: MountPath corresponds to the original - VolumeMount. - type: string - name: - description: Name corresponds to the name of the original - VolumeMount. - type: string - readOnly: - description: ReadOnly corresponds to the original - VolumeMount. - type: boolean - recursiveReadOnly: - description: |- - RecursiveReadOnly must be set to Disabled, Enabled, or unspecified (for non-readonly mounts). - An IfPossible value in the original VolumeMount must be translated to Disabled or Enabled, - depending on the mount result. - type: string - required: - - mountPath - - name - type: object - type: array - x-kubernetes-list-map-keys: - - mountPath - x-kubernetes-list-type: map - required: - - image - - imageID - - name - - ready - - restartCount - type: object - type: array - x-kubernetes-list-type: atomic - ephemeralContainerStatuses: - description: Status for any ephemeral containers that have run - in this pod. - items: - description: ContainerStatus contains details for the current - status of this container. - properties: - allocatedResources: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: |- - AllocatedResources represents the compute resources allocated for this container by the - node. Kubelet sets this value to Container.Resources.Requests upon successful pod admission - and after successfully admitting desired pod resize. - type: object - containerID: - description: |- - ContainerID is the ID of the container in the format '://'. - Where type is a container runtime identifier, returned from Version call of CRI API - (for example "containerd"). - type: string - image: - description: |- - Image is the name of container image that the container is running. - The container image may not match the image used in the PodSpec, - as it may have been resolved by the runtime. - More info: https://kubernetes.io/docs/concepts/containers/images. - type: string - imageID: - description: |- - ImageID is the image ID of the container's image. The image ID may not - match the image ID of the image used in the PodSpec, as it may have been - resolved by the runtime. - type: string - lastState: - description: |- - LastTerminationState holds the last termination state of the container to - help debug container crashes and restarts. This field is not - populated if the container is still running and RestartCount is 0. - properties: - running: - description: Details about a running container - properties: - startedAt: - description: Time at which the container was last - (re-)started - format: date-time - type: string - type: object - terminated: - description: Details about a terminated container - properties: - containerID: - description: Container's ID in the format '://' - type: string - exitCode: - description: Exit status from the last termination - of the container - format: int32 - type: integer - finishedAt: - description: Time at which the container last terminated - format: date-time - type: string - message: - description: Message regarding the last termination - of the container - type: string - reason: - description: (brief) reason from the last termination - of the container - type: string - signal: - description: Signal from the last termination of - the container - format: int32 - type: integer - startedAt: - description: Time at which previous execution of - the container started - format: date-time - type: string - required: - - exitCode - type: object - waiting: - description: Details about a waiting container - properties: - message: - description: Message regarding why the container - is not yet running. - type: string - reason: - description: (brief) reason the container is not - yet running. - type: string - type: object - type: object - name: - description: |- - Name is a DNS_LABEL representing the unique name of the container. - Each container in a pod must have a unique name across all container types. - Cannot be updated. - type: string - ready: - description: |- - Ready specifies whether the container is currently passing its readiness check. - The value will change as readiness probes keep executing. If no readiness - probes are specified, this field defaults to true once the container is - fully started (see Started field). - - The value is typically used to determine whether a container is ready to - accept traffic. - type: boolean - resources: - description: |- - Resources represents the compute resource requests and limits that have been successfully - enacted on the running container after it has been started or has been successfully resized. - properties: - claims: - description: |- - Claims lists the names of resources, defined in spec.resourceClaims, - that are used by this container. - - This is an alpha field and requires enabling the - DynamicResourceAllocation feature gate. - - This field is immutable. It can only be set for containers. - items: - description: ResourceClaim references one entry in - PodSpec.ResourceClaims. - properties: - name: - description: |- - Name must match the name of one entry in pod.spec.resourceClaims of - the Pod where this field is used. It makes that resource available - inside a container. - type: string - required: - - name - type: object - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: |- - Limits describes the maximum amount of compute resources allowed. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: |- - Requests describes the minimum amount of compute resources required. - If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, - otherwise to an implementation-defined value. Requests cannot exceed Limits. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - type: object - type: object - restartCount: - description: |- - RestartCount holds the number of times the container has been restarted. - Kubelet makes an effort to always increment the value, but there - are cases when the state may be lost due to node restarts and then the value - may be reset to 0. The value is never negative. - format: int32 - type: integer - started: - description: |- - Started indicates whether the container has finished its postStart lifecycle hook - and passed its startup probe. - Initialized as false, becomes true after startupProbe is considered - successful. Resets to false when the container is restarted, or if kubelet - loses state temporarily. In both cases, startup probes will run again. - Is always true when no startupProbe is defined and container is running and - has passed the postStart lifecycle hook. The null value must be treated the - same as false. - type: boolean - state: - description: State holds details about the container's current - condition. - properties: - running: - description: Details about a running container - properties: - startedAt: - description: Time at which the container was last - (re-)started - format: date-time - type: string - type: object - terminated: - description: Details about a terminated container - properties: - containerID: - description: Container's ID in the format '://' - type: string - exitCode: - description: Exit status from the last termination - of the container - format: int32 - type: integer - finishedAt: - description: Time at which the container last terminated - format: date-time - type: string - message: - description: Message regarding the last termination - of the container - type: string - reason: - description: (brief) reason from the last termination - of the container - type: string - signal: - description: Signal from the last termination of - the container - format: int32 - type: integer - startedAt: - description: Time at which previous execution of - the container started - format: date-time - type: string - required: - - exitCode - type: object - waiting: - description: Details about a waiting container - properties: - message: - description: Message regarding why the container - is not yet running. - type: string - reason: - description: (brief) reason the container is not - yet running. - type: string - type: object - type: object - volumeMounts: - description: Status of volume mounts. - items: - description: VolumeMountStatus shows status of volume - mounts. - properties: - mountPath: - description: MountPath corresponds to the original - VolumeMount. - type: string - name: - description: Name corresponds to the name of the original - VolumeMount. - type: string - readOnly: - description: ReadOnly corresponds to the original - VolumeMount. - type: boolean - recursiveReadOnly: - description: |- - RecursiveReadOnly must be set to Disabled, Enabled, or unspecified (for non-readonly mounts). - An IfPossible value in the original VolumeMount must be translated to Disabled or Enabled, - depending on the mount result. - type: string - required: - - mountPath - - name - type: object - type: array - x-kubernetes-list-map-keys: - - mountPath - x-kubernetes-list-type: map - required: - - image - - imageID - - name - - ready - - restartCount - type: object - type: array - x-kubernetes-list-type: atomic - hostIP: - description: |- - hostIP holds the IP address of the host to which the pod is assigned. Empty if the pod has not started yet. - A pod can be assigned to a node that has a problem in kubelet which in turns mean that HostIP will - not be updated even if there is a node is assigned to pod - type: string - hostIPs: - description: |- - hostIPs holds the IP addresses allocated to the host. If this field is specified, the first entry must - match the hostIP field. This list is empty if the pod has not started yet. - A pod can be assigned to a node that has a problem in kubelet which in turns means that HostIPs will - not be updated even if there is a node is assigned to this pod. - items: - description: HostIP represents a single IP address allocated - to the host. - properties: - ip: - description: IP is the IP address assigned to the host - type: string - required: - - ip - type: object - type: array - x-kubernetes-list-type: atomic - initContainerStatuses: - description: |- - The list has one entry per init container in the manifest. The most recent successful - init container will have ready = true, the most recently started container will have - startTime set. - More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-and-container-status - items: - description: ContainerStatus contains details for the current - status of this container. - properties: - allocatedResources: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: |- - AllocatedResources represents the compute resources allocated for this container by the - node. Kubelet sets this value to Container.Resources.Requests upon successful pod admission - and after successfully admitting desired pod resize. - type: object - containerID: - description: |- - ContainerID is the ID of the container in the format '://'. - Where type is a container runtime identifier, returned from Version call of CRI API - (for example "containerd"). - type: string - image: - description: |- - Image is the name of container image that the container is running. - The container image may not match the image used in the PodSpec, - as it may have been resolved by the runtime. - More info: https://kubernetes.io/docs/concepts/containers/images. - type: string - imageID: - description: |- - ImageID is the image ID of the container's image. The image ID may not - match the image ID of the image used in the PodSpec, as it may have been - resolved by the runtime. - type: string - lastState: - description: |- - LastTerminationState holds the last termination state of the container to - help debug container crashes and restarts. This field is not - populated if the container is still running and RestartCount is 0. - properties: - running: - description: Details about a running container - properties: - startedAt: - description: Time at which the container was last - (re-)started - format: date-time - type: string - type: object - terminated: - description: Details about a terminated container - properties: - containerID: - description: Container's ID in the format '://' - type: string - exitCode: - description: Exit status from the last termination - of the container - format: int32 - type: integer - finishedAt: - description: Time at which the container last terminated - format: date-time - type: string - message: - description: Message regarding the last termination - of the container - type: string - reason: - description: (brief) reason from the last termination - of the container - type: string - signal: - description: Signal from the last termination of - the container - format: int32 - type: integer - startedAt: - description: Time at which previous execution of - the container started - format: date-time - type: string - required: - - exitCode - type: object - waiting: - description: Details about a waiting container - properties: - message: - description: Message regarding why the container - is not yet running. - type: string - reason: - description: (brief) reason the container is not - yet running. - type: string - type: object - type: object - name: - description: |- - Name is a DNS_LABEL representing the unique name of the container. - Each container in a pod must have a unique name across all container types. - Cannot be updated. - type: string - ready: - description: |- - Ready specifies whether the container is currently passing its readiness check. - The value will change as readiness probes keep executing. If no readiness - probes are specified, this field defaults to true once the container is - fully started (see Started field). - - The value is typically used to determine whether a container is ready to - accept traffic. - type: boolean - resources: - description: |- - Resources represents the compute resource requests and limits that have been successfully - enacted on the running container after it has been started or has been successfully resized. - properties: - claims: - description: |- - Claims lists the names of resources, defined in spec.resourceClaims, - that are used by this container. - - This is an alpha field and requires enabling the - DynamicResourceAllocation feature gate. - - This field is immutable. It can only be set for containers. - items: - description: ResourceClaim references one entry in - PodSpec.ResourceClaims. - properties: - name: - description: |- - Name must match the name of one entry in pod.spec.resourceClaims of - the Pod where this field is used. It makes that resource available - inside a container. - type: string - required: - - name - type: object - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: |- - Limits describes the maximum amount of compute resources allowed. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: |- - Requests describes the minimum amount of compute resources required. - If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, - otherwise to an implementation-defined value. Requests cannot exceed Limits. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - type: object - type: object - restartCount: - description: |- - RestartCount holds the number of times the container has been restarted. - Kubelet makes an effort to always increment the value, but there - are cases when the state may be lost due to node restarts and then the value - may be reset to 0. The value is never negative. - format: int32 - type: integer - started: - description: |- - Started indicates whether the container has finished its postStart lifecycle hook - and passed its startup probe. - Initialized as false, becomes true after startupProbe is considered - successful. Resets to false when the container is restarted, or if kubelet - loses state temporarily. In both cases, startup probes will run again. - Is always true when no startupProbe is defined and container is running and - has passed the postStart lifecycle hook. The null value must be treated the - same as false. - type: boolean - state: - description: State holds details about the container's current - condition. - properties: - running: - description: Details about a running container - properties: - startedAt: - description: Time at which the container was last - (re-)started - format: date-time - type: string - type: object - terminated: - description: Details about a terminated container - properties: - containerID: - description: Container's ID in the format '://' - type: string - exitCode: - description: Exit status from the last termination - of the container - format: int32 - type: integer - finishedAt: - description: Time at which the container last terminated - format: date-time - type: string - message: - description: Message regarding the last termination - of the container - type: string - reason: - description: (brief) reason from the last termination - of the container - type: string - signal: - description: Signal from the last termination of - the container - format: int32 - type: integer - startedAt: - description: Time at which previous execution of - the container started - format: date-time - type: string - required: - - exitCode - type: object - waiting: - description: Details about a waiting container - properties: - message: - description: Message regarding why the container - is not yet running. - type: string - reason: - description: (brief) reason the container is not - yet running. - type: string - type: object - type: object - volumeMounts: - description: Status of volume mounts. - items: - description: VolumeMountStatus shows status of volume - mounts. - properties: - mountPath: - description: MountPath corresponds to the original - VolumeMount. - type: string - name: - description: Name corresponds to the name of the original - VolumeMount. - type: string - readOnly: - description: ReadOnly corresponds to the original - VolumeMount. - type: boolean - recursiveReadOnly: - description: |- - RecursiveReadOnly must be set to Disabled, Enabled, or unspecified (for non-readonly mounts). - An IfPossible value in the original VolumeMount must be translated to Disabled or Enabled, - depending on the mount result. - type: string - required: - - mountPath - - name - type: object - type: array - x-kubernetes-list-map-keys: - - mountPath - x-kubernetes-list-type: map - required: - - image - - imageID - - name - - ready - - restartCount - type: object - type: array - x-kubernetes-list-type: atomic - message: - description: A human readable message indicating details about - why the pod is in this condition. - type: string - nominatedNodeName: - description: |- - nominatedNodeName is set only when this pod preempts other pods on the node, but it cannot be - scheduled right away as preemption victims receive their graceful termination periods. - This field does not guarantee that the pod will be scheduled on this node. Scheduler may decide - to place the pod elsewhere if other nodes become available sooner. Scheduler may also decide to - give the resources on this node to a higher priority pod that is created after preemption. - As a result, this field may be different than PodSpec.nodeName when the pod is - scheduled. - type: string - phase: - description: |- - The phase of a Pod is a simple, high-level summary of where the Pod is in its lifecycle. - The conditions array, the reason and message fields, and the individual container status - arrays contain more detail about the pod's status. - There are five possible phase values: - - Pending: The pod has been accepted by the Kubernetes system, but one or more of the - container images has not been created. This includes time before being scheduled as - well as time spent downloading images over the network, which could take a while. - Running: The pod has been bound to a node, and all of the containers have been created. - At least one container is still running, or is in the process of starting or restarting. - Succeeded: All containers in the pod have terminated in success, and will not be restarted. - Failed: All containers in the pod have terminated, and at least one container has - terminated in failure. The container either exited with non-zero status or was terminated - by the system. - Unknown: For some reason the state of the pod could not be obtained, typically due to an - error in communicating with the host of the pod. - - More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-phase - type: string - podIP: - description: |- - podIP address allocated to the pod. Routable at least within the cluster. - Empty if not yet allocated. - type: string - podIPs: - description: |- - podIPs holds the IP addresses allocated to the pod. If this field is specified, the 0th entry must - match the podIP field. Pods may be allocated at most 1 value for each of IPv4 and IPv6. This list - is empty if no IPs have been allocated yet. - items: - description: PodIP represents a single IP address allocated - to the pod. - properties: - ip: - description: IP is the IP address assigned to the pod - type: string - required: - - ip - type: object - type: array - x-kubernetes-list-map-keys: - - ip - x-kubernetes-list-type: map - qosClass: - description: |- - The Quality of Service (QOS) classification assigned to the pod based on resource requirements - See PodQOSClass type for available QOS classes - More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-qos/#quality-of-service-classes - type: string - reason: - description: |- - A brief CamelCase message indicating details about why the pod is in this state. - e.g. 'Evicted' - type: string - resize: - description: |- - Status of resources resize desired for pod's containers. - It is empty if no resources resize is pending. - Any changes to container resources will automatically set this to "Proposed" - type: string - resourceClaimStatuses: - description: Status of resource claims. - items: - description: |- - PodResourceClaimStatus is stored in the PodStatus for each PodResourceClaim - which references a ResourceClaimTemplate. It stores the generated name for - the corresponding ResourceClaim. - properties: - name: - description: |- - Name uniquely identifies this resource claim inside the pod. - This must match the name of an entry in pod.spec.resourceClaims, - which implies that the string must be a DNS_LABEL. - type: string - resourceClaimName: - description: |- - ResourceClaimName is the name of the ResourceClaim that was - generated for the Pod in the namespace of the Pod. It this is - unset, then generating a ResourceClaim was not necessary. The - pod.spec.resourceClaims entry can be ignored in this case. - type: string - required: - - name - type: object - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - startTime: - description: |- - RFC 3339 date and time at which the object was acknowledged by the Kubelet. - This is before the Kubelet pulled the container image(s) for the pod. - format: date-time - type: string - type: object - serviceQualitiesConditions: - items: - properties: - lastActionTransitionTime: - format: date-time - type: string - lastProbeTime: - format: date-time - type: string - lastTransitionTime: - format: date-time - type: string - name: - type: string - result: - description: Result indicate the probe message returned by the - script - type: string - status: - type: string - required: - - name - type: object - type: array - updatePriority: - anyOf: - - type: integer - - type: string - description: Lifecycle defines the lifecycle hooks for Pods pre-delete, - in-place update. - x-kubernetes-int-or-string: true - type: object - type: object - served: true - storage: true - subresources: - status: {} diff --git a/versions/kruise-game/1.0.0/templates/game.kruise.io_gameserversets.yaml b/versions/kruise-game/1.0.0/templates/game.kruise.io_gameserversets.yaml deleted file mode 100644 index a8d0f6a..0000000 --- a/versions/kruise-game/1.0.0/templates/game.kruise.io_gameserversets.yaml +++ /dev/null @@ -1,1060 +0,0 @@ ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.16.5 - name: gameserversets.game.kruise.io -spec: - group: game.kruise.io - names: - kind: GameServerSet - listKind: GameServerSetList - plural: gameserversets - shortNames: - - gss - singular: gameserverset - scope: Namespaced - versions: - - additionalPrinterColumns: - - description: The desired number of GameServers. - jsonPath: .spec.replicas - name: DESIRED - type: integer - - description: The number of currently all GameServers. - jsonPath: .status.currentReplicas - name: CURRENT - type: integer - - description: The number of GameServers updated. - jsonPath: .status.updatedReplicas - name: UPDATED - type: integer - - description: The number of GameServers ready. - jsonPath: .status.readyReplicas - name: READY - type: integer - - description: The number of GameServers Maintaining. - jsonPath: .status.maintainingReplicas - name: Maintaining - type: integer - - description: The number of GameServers WaitToBeDeleted. - jsonPath: .status.waitToBeDeletedReplicas - name: WaitToBeDeleted - type: integer - - description: The number of GameServers PreDelete. - jsonPath: .status.preDeleteReplicas - name: PreDelete - type: integer - - description: The age of GameServerSet. - jsonPath: .metadata.creationTimestamp - name: AGE - type: date - name: v1alpha1 - schema: - openAPIV3Schema: - description: GameServerSet is the Schema for the gameserversets API - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: GameServerSetSpec defines the desired state of GameServerSet - properties: - gameServerTemplate: - description: |- - INSERT ADDITIONAL SPEC FIELDS - desired state of cluster - Important: Run "make" to regenerate code after modifying this file - properties: - reclaimPolicy: - description: |- - ReclaimPolicy indicates the reclaim policy for GameServer. - Default is Cascade. - type: string - volumeClaimTemplates: - items: - description: PersistentVolumeClaim is a user's request for and - claim to a persistent volume - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - description: |- - Standard object's metadata. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata - properties: - annotations: - additionalProperties: - type: string - type: object - finalizers: - items: - type: string - type: array - labels: - additionalProperties: - type: string - type: object - name: - type: string - namespace: - type: string - type: object - spec: - description: |- - spec defines the desired characteristics of a volume requested by a pod author. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims - properties: - accessModes: - description: |- - accessModes contains the desired access modes the volume should have. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 - items: - type: string - type: array - x-kubernetes-list-type: atomic - dataSource: - description: |- - dataSource field can be used to specify either: - * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) - * An existing PVC (PersistentVolumeClaim) - If the provisioner or an external controller can support the specified data source, - it will create a new volume based on the contents of the specified data source. - When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, - and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. - If the namespace is specified, then dataSourceRef will not be copied to dataSource. - properties: - apiGroup: - description: |- - APIGroup is the group for the resource being referenced. - If APIGroup is not specified, the specified Kind must be in the core API group. - For any other third-party types, APIGroup is required. - type: string - kind: - description: Kind is the type of resource being - referenced - type: string - name: - description: Name is the name of resource being - referenced - type: string - required: - - kind - - name - type: object - x-kubernetes-map-type: atomic - dataSourceRef: - description: |- - dataSourceRef specifies the object from which to populate the volume with data, if a non-empty - volume is desired. This may be any object from a non-empty API group (non - core object) or a PersistentVolumeClaim object. - When this field is specified, volume binding will only succeed if the type of - the specified object matches some installed volume populator or dynamic - provisioner. - This field will replace the functionality of the dataSource field and as such - if both fields are non-empty, they must have the same value. For backwards - compatibility, when namespace isn't specified in dataSourceRef, - both fields (dataSource and dataSourceRef) will be set to the same - value automatically if one of them is empty and the other is non-empty. - When namespace is specified in dataSourceRef, - dataSource isn't set to the same value and must be empty. - There are three important differences between dataSource and dataSourceRef: - * While dataSource only allows two specific types of objects, dataSourceRef - allows any non-core object, as well as PersistentVolumeClaim objects. - * While dataSource ignores disallowed values (dropping them), dataSourceRef - preserves all values, and generates an error if a disallowed value is - specified. - * While dataSource only allows local objects, dataSourceRef allows objects - in any namespaces. - (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. - (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. - properties: - apiGroup: - description: |- - APIGroup is the group for the resource being referenced. - If APIGroup is not specified, the specified Kind must be in the core API group. - For any other third-party types, APIGroup is required. - type: string - kind: - description: Kind is the type of resource being - referenced - type: string - name: - description: Name is the name of resource being - referenced - type: string - namespace: - description: |- - Namespace is the namespace of resource being referenced - Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. - (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled. - type: string - required: - - kind - - name - type: object - resources: - description: |- - resources represents the minimum resources the volume should have. - If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements - that are lower than previous value but must still be higher than capacity recorded in the - status field of the claim. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources - properties: - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: |- - Limits describes the maximum amount of compute resources allowed. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: |- - Requests describes the minimum amount of compute resources required. - If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, - otherwise to an implementation-defined value. Requests cannot exceed Limits. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - type: object - type: object - selector: - description: selector is a label query over volumes - to consider for binding. - properties: - matchExpressions: - description: matchExpressions is a list of label - selector requirements. The requirements are ANDed. - items: - description: |- - A label selector requirement is a selector that contains values, a key, and an operator that - relates the key and values. - properties: - key: - description: key is the label key that the - selector applies to. - type: string - operator: - description: |- - operator represents a key's relationship to a set of values. - Valid operators are In, NotIn, Exists and DoesNotExist. - type: string - values: - description: |- - values is an array of string values. If the operator is In or NotIn, - the values array must be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced during a strategic - merge patch. - items: - type: string - type: array - x-kubernetes-list-type: atomic - required: - - key - - operator - type: object - type: array - x-kubernetes-list-type: atomic - matchLabels: - additionalProperties: - type: string - description: |- - matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, whose key field is "key", the - operator is "In", and the values array contains only "value". The requirements are ANDed. - type: object - type: object - x-kubernetes-map-type: atomic - storageClassName: - description: |- - storageClassName is the name of the StorageClass required by the claim. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 - type: string - volumeAttributesClassName: - description: |- - volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. - If specified, the CSI driver will create or update the volume with the attributes defined - in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, - it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass - will be applied to the claim but it's not allowed to reset this field to empty string once it is set. - If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass - will be set by the persistentvolume controller if it exists. - If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be - set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource - exists. - More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ - (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled. - type: string - volumeMode: - description: |- - volumeMode defines what type of volume is required by the claim. - Value of Filesystem is implied when not included in claim spec. - type: string - volumeName: - description: volumeName is the binding reference to - the PersistentVolume backing this claim. - type: string - type: object - status: - description: |- - status represents the current information/status of a persistent volume claim. - Read-only. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims - properties: - accessModes: - description: |- - accessModes contains the actual access modes the volume backing the PVC has. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 - items: - type: string - type: array - x-kubernetes-list-type: atomic - allocatedResourceStatuses: - additionalProperties: - description: |- - When a controller receives persistentvolume claim update with ClaimResourceStatus for a resource - that it does not recognizes, then it should ignore that update and let other controllers - handle it. - type: string - description: "allocatedResourceStatuses stores status - of resource being resized for the given PVC.\nKey - names follow standard Kubernetes label syntax. Valid - values are either:\n\t* Un-prefixed keys:\n\t\t- storage - - the capacity of the volume.\n\t* Custom resources - must use implementation-defined prefixed names such - as \"example.com/my-custom-resource\"\nApart from - above values - keys that are unprefixed or have kubernetes.io - prefix are considered\nreserved and hence may not - be used.\n\nClaimResourceStatus can be in any of following - states:\n\t- ControllerResizeInProgress:\n\t\tState - set when resize controller starts resizing the volume - in control-plane.\n\t- ControllerResizeFailed:\n\t\tState - set when resize has failed in resize controller with - a terminal error.\n\t- NodeResizePending:\n\t\tState - set when resize controller has finished resizing the - volume but further resizing of\n\t\tvolume is needed - on the node.\n\t- NodeResizeInProgress:\n\t\tState - set when kubelet starts resizing the volume.\n\t- - NodeResizeFailed:\n\t\tState set when resizing has - failed in kubelet with a terminal error. Transient - errors don't set\n\t\tNodeResizeFailed.\nFor example: - if expanding a PVC for more capacity - this field - can be one of the following states:\n\t- pvc.status.allocatedResourceStatus['storage'] - = \"ControllerResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] - = \"ControllerResizeFailed\"\n - pvc.status.allocatedResourceStatus['storage'] - = \"NodeResizePending\"\n - pvc.status.allocatedResourceStatus['storage'] - = \"NodeResizeInProgress\"\n - pvc.status.allocatedResourceStatus['storage'] - = \"NodeResizeFailed\"\nWhen this field is not set, - it means that no resize operation is in progress for - the given PVC.\n\nA controller that receives PVC update - with previously unknown resourceName or ClaimResourceStatus\nshould - ignore the update for the purpose it was designed. - For example - a controller that\nonly is responsible - for resizing capacity of the volume, should ignore - PVC updates that change other valid\nresources associated - with PVC.\n\nThis is an alpha field and requires enabling - RecoverVolumeExpansionFailure feature." - type: object - x-kubernetes-map-type: granular - allocatedResources: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: "allocatedResources tracks the resources - allocated to a PVC including its capacity.\nKey names - follow standard Kubernetes label syntax. Valid values - are either:\n\t* Un-prefixed keys:\n\t\t- storage - - the capacity of the volume.\n\t* Custom resources - must use implementation-defined prefixed names such - as \"example.com/my-custom-resource\"\nApart from - above values - keys that are unprefixed or have kubernetes.io - prefix are considered\nreserved and hence may not - be used.\n\nCapacity reported here may be larger than - the actual capacity when a volume expansion operation\nis - requested.\nFor storage quota, the larger value from - allocatedResources and PVC.spec.resources is used.\nIf - allocatedResources is not set, PVC.spec.resources - alone is used for quota calculation.\nIf a volume - expansion capacity request is lowered, allocatedResources - is only\nlowered if there are no expansion operations - in progress and if the actual volume capacity\nis - equal or lower than the requested capacity.\n\nA controller - that receives PVC update with previously unknown resourceName\nshould - ignore the update for the purpose it was designed. - For example - a controller that\nonly is responsible - for resizing capacity of the volume, should ignore - PVC updates that change other valid\nresources associated - with PVC.\n\nThis is an alpha field and requires enabling - RecoverVolumeExpansionFailure feature." - type: object - capacity: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: capacity represents the actual resources - of the underlying volume. - type: object - conditions: - description: |- - conditions is the current Condition of persistent volume claim. If underlying persistent volume is being - resized then the Condition will be set to 'Resizing'. - items: - description: PersistentVolumeClaimCondition contains - details about state of pvc - properties: - lastProbeTime: - description: lastProbeTime is the time we probed - the condition. - format: date-time - type: string - lastTransitionTime: - description: lastTransitionTime is the time the - condition transitioned from one status to another. - format: date-time - type: string - message: - description: message is the human-readable message - indicating details about last transition. - type: string - reason: - description: |- - reason is a unique, this should be a short, machine understandable string that gives the reason - for condition's last transition. If it reports "Resizing" that means the underlying - persistent volume is being resized. - type: string - status: - type: string - type: - description: PersistentVolumeClaimConditionType - is a valid value of PersistentVolumeClaimCondition.Type - type: string - required: - - status - - type - type: object - type: array - x-kubernetes-list-map-keys: - - type - x-kubernetes-list-type: map - currentVolumeAttributesClassName: - description: |- - currentVolumeAttributesClassName is the current name of the VolumeAttributesClass the PVC is using. - When unset, there is no VolumeAttributeClass applied to this PersistentVolumeClaim - This is an alpha field and requires enabling VolumeAttributesClass feature. - type: string - modifyVolumeStatus: - description: |- - ModifyVolumeStatus represents the status object of ControllerModifyVolume operation. - When this is unset, there is no ModifyVolume operation being attempted. - This is an alpha field and requires enabling VolumeAttributesClass feature. - properties: - status: - description: "status is the status of the ControllerModifyVolume - operation. It can be in any of following states:\n - - Pending\n Pending indicates that the PersistentVolumeClaim - cannot be modified due to unmet requirements, - such as\n the specified VolumeAttributesClass - not existing.\n - InProgress\n InProgress indicates - that the volume is being modified.\n - Infeasible\n - \ Infeasible indicates that the request has been - rejected as invalid by the CSI driver. To\n\t - \ resolve the error, a valid VolumeAttributesClass - needs to be specified.\nNote: New statuses can - be added in the future. Consumers should check - for unknown statuses and fail appropriately." - type: string - targetVolumeAttributesClassName: - description: targetVolumeAttributesClassName is - the name of the VolumeAttributesClass the PVC - currently being reconciled - type: string - required: - - status - type: object - phase: - description: phase represents the current phase of PersistentVolumeClaim. - type: string - type: object - type: object - type: array - type: object - x-kubernetes-preserve-unknown-fields: true - lifecycle: - description: Lifecycle contains the hooks for Pod lifecycle. - properties: - inPlaceUpdate: - description: InPlaceUpdate is the hook before Pod to update and - after Pod has been updated. - properties: - finalizersHandler: - items: - type: string - type: array - labelsHandler: - additionalProperties: - type: string - type: object - markPodNotReady: - description: |- - MarkPodNotReady = true means: - - Pod will be set to 'NotReady' at preparingDelete/preparingUpdate state. - - Pod will be restored to 'Ready' at Updated state if it was set to 'NotReady' at preparingUpdate state. - Currently, MarkPodNotReady only takes effect on InPlaceUpdate & PreDelete hook. - Default to false. - type: boolean - type: object - preDelete: - description: PreDelete is the hook before Pod to be deleted. - properties: - finalizersHandler: - items: - type: string - type: array - labelsHandler: - additionalProperties: - type: string - type: object - markPodNotReady: - description: |- - MarkPodNotReady = true means: - - Pod will be set to 'NotReady' at preparingDelete/preparingUpdate state. - - Pod will be restored to 'Ready' at Updated state if it was set to 'NotReady' at preparingUpdate state. - Currently, MarkPodNotReady only takes effect on InPlaceUpdate & PreDelete hook. - Default to false. - type: boolean - type: object - preNormal: - description: PreNormal is the hook after Pod to be created and - ready to be Normal. - properties: - finalizersHandler: - items: - type: string - type: array - labelsHandler: - additionalProperties: - type: string - type: object - markPodNotReady: - description: |- - MarkPodNotReady = true means: - - Pod will be set to 'NotReady' at preparingDelete/preparingUpdate state. - - Pod will be restored to 'Ready' at Updated state if it was set to 'NotReady' at preparingUpdate state. - Currently, MarkPodNotReady only takes effect on InPlaceUpdate & PreDelete hook. - Default to false. - type: boolean - type: object - type: object - network: - properties: - networkConf: - items: - properties: - name: - type: string - value: - type: string - type: object - type: array - networkType: - type: string - type: object - persistentVolumeClaimRetentionPolicy: - description: |- - PersistentVolumeClaimRetentionPolicy describes the policy used for PVCs created from - the StatefulSet VolumeClaimTemplates. This requires the - StatefulSetAutoDeletePVC feature gate to be enabled, which is alpha. - properties: - whenDeleted: - description: |- - WhenDeleted specifies what happens to PVCs created from StatefulSet - VolumeClaimTemplates when the StatefulSet is deleted. The default policy - of `Retain` causes PVCs to not be affected by StatefulSet deletion. The - `Delete` policy causes those PVCs to be deleted. - type: string - whenScaled: - description: |- - WhenScaled specifies what happens to PVCs created from StatefulSet - VolumeClaimTemplates when the StatefulSet is scaled down. The default - policy of `Retain` causes PVCs to not be affected by a scaledown. The - `Delete` policy causes the associated PVCs for any excess pods above - the replica count to be deleted. - type: string - type: object - replicas: - description: |- - replicas is the desired number of replicas of the given Template. - These are replicas in the sense that they are instantiations of the - same Template, but individual replicas also have a consistent identity. - format: int32 - minimum: 0 - type: integer - reserveGameServerIds: - items: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - type: array - scaleStrategy: - properties: - maxUnavailable: - anyOf: - - type: integer - - type: string - description: |- - The maximum number of pods that can be unavailable during scaling. - Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). - Absolute number is calculated from percentage by rounding down. - It can just be allowed to work with Parallel podManagementPolicy. - x-kubernetes-int-or-string: true - scaleDownStrategyType: - description: |- - ScaleDownStrategyType indicates the scaling down strategy. - Default is GeneralScaleDownStrategyType - type: string - type: object - serviceName: - type: string - serviceQualities: - items: - properties: - containerName: - type: string - exec: - description: Exec specifies the action to take. - properties: - command: - description: |- - Command is the command line to execute inside the container, the working directory for the - command is root ('/') in the container's filesystem. The command is simply exec'd, it is - not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use - a shell, you need to explicitly call out to that shell. - Exit status of 0 is treated as live/healthy and non-zero is unhealthy. - items: - type: string - type: array - x-kubernetes-list-type: atomic - type: object - failureThreshold: - description: |- - Minimum consecutive failures for the probe to be considered failed after having succeeded. - Defaults to 3. Minimum value is 1. - format: int32 - type: integer - grpc: - description: GRPC specifies an action involving a GRPC port. - properties: - port: - description: Port number of the gRPC service. Number must - be in the range 1 to 65535. - format: int32 - type: integer - service: - default: "" - description: |- - Service is the name of the service to place in the gRPC HealthCheckRequest - (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - - If this is not specified, the default behavior is defined by gRPC. - type: string - required: - - port - type: object - httpGet: - description: HTTPGet specifies the http request to perform. - properties: - host: - description: |- - Host name to connect to, defaults to the pod IP. You probably want to set - "Host" in httpHeaders instead. - type: string - httpHeaders: - description: Custom headers to set in the request. HTTP - allows repeated headers. - items: - description: HTTPHeader describes a custom header to be - used in HTTP probes - properties: - name: - description: |- - The header field name. - This will be canonicalized upon output, so case-variant names will be understood as the same header. - type: string - value: - description: The header field value - type: string - required: - - name - - value - type: object - type: array - x-kubernetes-list-type: atomic - path: - description: Path to access on the HTTP server. - type: string - port: - anyOf: - - type: integer - - type: string - description: |- - Name or number of the port to access on the container. - Number must be in the range 1 to 65535. - Name must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true - scheme: - description: |- - Scheme to use for connecting to the host. - Defaults to HTTP. - type: string - required: - - port - type: object - initialDelaySeconds: - description: |- - Number of seconds after the container has started before liveness probes are initiated. - More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes - format: int32 - type: integer - name: - type: string - periodSeconds: - description: |- - How often (in seconds) to perform the probe. - Default to 10 seconds. Minimum value is 1. - format: int32 - type: integer - permanent: - description: |- - Whether to make GameServerSpec not change after the ServiceQualityAction is executed. - When Permanent is true, regardless of the detection results, ServiceQualityAction will only be executed once. - When Permanent is false, ServiceQualityAction can be executed again even though ServiceQualityAction has been executed. - type: boolean - serviceQualityAction: - items: - properties: - annotations: - additionalProperties: - type: string - type: object - containers: - description: |- - Containers can be used to make the corresponding GameServer container fields - different from the fields defined by GameServerTemplate in GameServerSetSpec. - items: - properties: - image: - description: |- - Image indicates the image of the container to update. - When Image updated, pod.spec.containers[*].image will be updated immediately. - type: string - name: - description: Name indicates the name of the container - to update. - type: string - resources: - description: |- - Resources indicates the resources of the container to update. - When Resources updated, pod.spec.containers[*].Resources will be not updated immediately, - which will be updated when pod recreate. - properties: - claims: - description: |- - Claims lists the names of resources, defined in spec.resourceClaims, - that are used by this container. - - This is an alpha field and requires enabling the - DynamicResourceAllocation feature gate. - - This field is immutable. It can only be set for containers. - items: - description: ResourceClaim references one - entry in PodSpec.ResourceClaims. - properties: - name: - description: |- - Name must match the name of one entry in pod.spec.resourceClaims of - the Pod where this field is used. It makes that resource available - inside a container. - type: string - required: - - name - type: object - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: |- - Limits describes the maximum amount of compute resources allowed. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: |- - Requests describes the minimum amount of compute resources required. - If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, - otherwise to an implementation-defined value. Requests cannot exceed Limits. - More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - type: object - type: object - required: - - name - type: object - type: array - deletionPriority: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - labels: - additionalProperties: - type: string - type: object - networkDisabled: - type: boolean - opsState: - type: string - result: - description: |- - Result indicate the probe message returned by the script. - When Result is defined, it would exec action only when the according Result is actually returns. - type: string - state: - type: boolean - updatePriority: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - required: - - state - type: object - type: array - successThreshold: - description: |- - Minimum consecutive successes for the probe to be considered successful after having failed. - Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. - format: int32 - type: integer - tcpSocket: - description: TCPSocket specifies an action involving a TCP port. - properties: - host: - description: 'Optional: Host name to connect to, defaults - to the pod IP.' - type: string - port: - anyOf: - - type: integer - - type: string - description: |- - Number or name of the port to access on the container. - Number must be in the range 1 to 65535. - Name must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true - required: - - port - type: object - terminationGracePeriodSeconds: - description: |- - Optional duration in seconds the pod needs to terminate gracefully upon probe failure. - The grace period is the duration in seconds after the processes running in the pod are sent - a termination signal and the time when the processes are forcibly halted with a kill signal. - Set this value longer than the expected cleanup time for your process. - If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this - value overrides the value provided by the pod spec. - Value must be non-negative integer. The value zero indicates stop immediately via - the kill signal (no opportunity to shut down). - This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. - Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. - format: int64 - type: integer - timeoutSeconds: - description: |- - Number of seconds after which the probe times out. - Defaults to 1 second. Minimum value is 1. - More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes - format: int32 - type: integer - required: - - name - - permanent - type: object - type: array - updateStrategy: - properties: - rollingUpdate: - description: RollingUpdate is used to communicate parameters when - Type is RollingUpdateStatefulSetStrategyType. - properties: - inPlaceUpdateStrategy: - description: |- - UnorderedUpdate contains strategies for non-ordered update. - If it is not nil, pods will be updated with non-ordered sequence. - Noted that UnorderedUpdate can only be allowed to work with Parallel podManagementPolicy - UnorderedUpdate *kruiseV1beta1.UnorderedUpdateStrategy `json:"unorderedUpdate,omitempty"` - InPlaceUpdateStrategy contains strategies for in-place update. - properties: - gracePeriodSeconds: - description: |- - GracePeriodSeconds is the timespan between set Pod status to not-ready and update images in Pod spec - when in-place update a Pod. - format: int32 - type: integer - type: object - maxUnavailable: - anyOf: - - type: integer - - type: string - description: |- - The maximum number of pods that can be unavailable during the update. - Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). - Absolute number is calculated from percentage by rounding down. - Also, maxUnavailable can just be allowed to work with Parallel podManagementPolicy. - Defaults to 1. - x-kubernetes-int-or-string: true - minReadySeconds: - description: |- - MinReadySeconds indicates how long will the pod be considered ready after it's updated. - MinReadySeconds works with both OrderedReady and Parallel podManagementPolicy. - It affects the pod scale up speed when the podManagementPolicy is set to be OrderedReady. - Combined with MaxUnavailable, it affects the pod update speed regardless of podManagementPolicy. - Default value is 0, max is 300. - format: int32 - type: integer - partition: - description: |- - Partition indicates the ordinal at which the StatefulSet should be partitioned by default. - But if unorderedUpdate has been set: - - Partition indicates the number of pods with non-updated revisions when rolling update. - - It means controller will update $(replicas - partition) number of pod. - Default value is 0. - format: int32 - type: integer - paused: - description: |- - Paused indicates that the StatefulSet is paused. - Default value is false - type: boolean - podUpdatePolicy: - description: |- - PodUpdatePolicy indicates how pods should be updated - Default value is "ReCreate" - type: string - type: object - type: - description: |- - Type indicates the type of the StatefulSetUpdateStrategy. - Default is RollingUpdate. - type: string - type: object - required: - - replicas - type: object - status: - description: GameServerSetStatus defines the observed state of GameServerSet - properties: - availableReplicas: - format: int32 - type: integer - currentReplicas: - format: int32 - type: integer - labelSelector: - description: LabelSelector is label selectors for query over pods - that should match the replica count used by HPA. - type: string - maintainingReplicas: - format: int32 - type: integer - observedGeneration: - description: The generation observed by the controller. - format: int64 - type: integer - preDeleteReplicas: - format: int32 - type: integer - readyReplicas: - format: int32 - type: integer - replicas: - description: replicas from advancedStatefulSet - format: int32 - type: integer - updatedReadyReplicas: - format: int32 - type: integer - updatedReplicas: - format: int32 - type: integer - waitToBeDeletedReplicas: - format: int32 - type: integer - required: - - availableReplicas - - currentReplicas - - readyReplicas - - replicas - - updatedReplicas - type: object - type: object - served: true - storage: true - subresources: - scale: - labelSelectorPath: .status.labelSelector - specReplicasPath: .spec.replicas - statusReplicasPath: .status.replicas - status: {} diff --git a/versions/kruise-game/1.0.0/templates/index-offset-scheduler.yaml b/versions/kruise-game/1.0.0/templates/index-offset-scheduler.yaml deleted file mode 100644 index b4f47c5..0000000 --- a/versions/kruise-game/1.0.0/templates/index-offset-scheduler.yaml +++ /dev/null @@ -1,298 +0,0 @@ -{{- if .Values.indexOffsetScheduler.enabled }} -# service account -apiVersion: v1 -kind: ServiceAccount -metadata: - name: index-offset-scheduler - namespace: kruise-game-system ---- -# clusterRole -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - annotations: - rbac.authorization.kubernetes.io/autoupdate: 'true' - name: index-offset-scheduler -rules: - - apiGroups: - - '' - - events.k8s.io - resources: - - events - verbs: - - create - - patch - - update - - apiGroups: - - coordination.k8s.io - resources: - - leases - verbs: - - create - - apiGroups: - - coordination.k8s.io - resourceNames: - - kube-scheduler - - index-offset-scheduler - resources: - - leases - verbs: - - get - - list - - update - - watch - - apiGroups: - - coordination.k8s.io - resources: - - leasecandidates - verbs: - - create - - delete - - deletecollection - - get - - list - - patch - - update - - watch - - apiGroups: - - '' - resources: - - nodes - verbs: - - get - - list - - watch - - apiGroups: - - '' - resources: - - pods - verbs: - - delete - - get - - list - - watch - - apiGroups: - - '' - resources: - - bindings - - pods/binding - verbs: - - create - - apiGroups: - - '' - resources: - - pods/status - verbs: - - patch - - update - - apiGroups: - - '' - resources: - - replicationcontrollers - - services - verbs: - - get - - list - - watch - - apiGroups: - - apps - - extensions - resources: - - replicasets - verbs: - - get - - list - - watch - - apiGroups: - - apps - resources: - - statefulsets - verbs: - - get - - list - - watch - - apiGroups: - - policy - resources: - - poddisruptionbudgets - verbs: - - get - - list - - watch - - apiGroups: - - '' - resources: - - persistentvolumeclaims - - persistentvolumes - verbs: - - get - - list - - watch - - apiGroups: - - authentication.k8s.io - resources: - - tokenreviews - verbs: - - create - - apiGroups: - - authorization.k8s.io - resources: - - subjectaccessreviews - verbs: - - create - - apiGroups: - - storage.k8s.io - resources: - - csinodes - verbs: - - get - - list - - watch - - apiGroups: - - '' - resources: - - namespaces - verbs: - - get - - list - - watch - - apiGroups: - - storage.k8s.io - resources: - - csidrivers - verbs: - - get - - list - - watch - - apiGroups: - - storage.k8s.io - resources: - - csistoragecapacities - verbs: - - get - - list - - watch - - apiGroups: - - "" - resourceNames: - - kube-scheduler - - index-offset-scheduler - resources: - - endpoints - verbs: - - delete - - get - - patch - - update - ---- -# ClusterRoleBinding: index-offset-scheduler -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: index-offset-scheduler-as-kube-scheduler -subjects: - - kind: ServiceAccount - name: index-offset-scheduler - namespace: kruise-game-system -roleRef: - kind: ClusterRole - name: index-offset-scheduler - apiGroup: rbac.authorization.k8s.io ---- -# ClusterRoleBinding: system:volume-scheduler -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: index-offset-scheduler-as-volume-scheduler -subjects: - - kind: ServiceAccount - name: index-offset-scheduler - namespace: kruise-game-system -roleRef: - kind: ClusterRole - name: system:volume-scheduler - apiGroup: rbac.authorization.k8s.io ---- -# RoleBinding: apiserver -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: index-offset-scheduler-extension-apiserver-authentication-reader - namespace: kube-system -roleRef: - kind: Role - name: extension-apiserver-authentication-reader - apiGroup: rbac.authorization.k8s.io -subjects: - - kind: ServiceAccount - name: index-offset-scheduler - namespace: kruise-game-system ---- -# configmap -apiVersion: v1 -kind: ConfigMap -metadata: - name: index-offset-scheduler-config - namespace: kruise-game-system -data: - scheduler-config.yaml: | - # stable v1 after version 1.25 - apiVersion: kubescheduler.config.k8s.io/v1 - kind: KubeSchedulerConfiguration - leaderElection: - leaderElect: false - resourceNamespace: kruise-game-system - resourceName: index-offset-scheduler - profiles: - - schedulerName: index-offset-scheduler - plugins: - score: - enabled: - - name: index-offset-scheduler ---- -# deployment -apiVersion: apps/v1 -kind: Deployment -metadata: - name: index-offset-scheduler - namespace: kruise-game-system - labels: - app: index-offset-scheduler -spec: - replicas: 1 - selector: - matchLabels: - app: index-offset-scheduler - template: - metadata: - labels: - app: index-offset-scheduler - spec: - serviceAccountName: index-offset-scheduler - containers: - - name: scheduler - # change your image - image: openkruise/kruise-game-scheduler-index-offset:v1.0 - imagePullPolicy: Always - command: - - /app/index-offset-scheduler - - --config=/etc/kubernetes/scheduler-config.yaml - - --v=5 - resources: - requests: - cpu: 100m - memory: 50Mi - limits: - cpu: 500m - memory: 512Mi - volumeMounts: - - name: config - mountPath: /etc/kubernetes - # imagePullSecrets: - # - name: - volumes: - - name: config - configMap: - name: index-offset-scheduler-config -{{- end }} \ No newline at end of file diff --git a/versions/kruise-game/1.0.0/templates/manager.yaml b/versions/kruise-game/1.0.0/templates/manager.yaml deleted file mode 100644 index 3469cdd..0000000 --- a/versions/kruise-game/1.0.0/templates/manager.yaml +++ /dev/null @@ -1,122 +0,0 @@ -{{- if .Values.installation.createNamespace }} -apiVersion: v1 -kind: Namespace -metadata: - labels: - control-plane: {{ .Values.kruiseGame.fullname }} - name: {{ .Values.installation.namespace }} - {{- end }} ---- -apiVersion: v1 -kind: Service -metadata: - name: kruise-game-controller-manager-metrics-service - namespace: {{ .Values.installation.namespace }} - labels: - control-plane: {{ .Values.kruiseGame.fullname }} -spec: - ports: - - name: https - port: {{ .Values.service.port }} - protocol: TCP - targetPort: https - selector: - control-plane: {{ .Values.kruiseGame.fullname }} ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: {{ .Values.kruiseGame.fullname }} - namespace: {{ .Values.installation.namespace }} - labels: - control-plane: {{ .Values.kruiseGame.fullname }} -spec: - selector: - matchLabels: - control-plane: {{ .Values.kruiseGame.fullname }} - replicas: {{ .Values.replicaCount }} - template: - metadata: - annotations: - kubectl.kubernetes.io/default-container: manager - labels: - control-plane: {{ .Values.kruiseGame.fullname }} - spec: - # securityContext: - # runAsNonRoot: true - # TODO(user): For common cases that do not require escalating privileges - # it is recommended to ensure that all your Pods/Containers are restrictive. - # More info: https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted - # Please uncomment the following code if your project does NOT have to work on old Kubernetes - # versions < 1.19 or on vendors versions which do NOT support this field by default (i.e. Openshift < 4.11 ). - # seccompProfile: - # type: RuntimeDefault - containers: - - command: - - /manager - args: - - --leader-elect=false - - --provider-config=/etc/kruise-game/config.toml - - --api-server-qps={{ .Values.kruiseGame.apiServerQps }} - - --api-server-qps-burst={{ .Values.kruiseGame.apiServerQpsBurst }} - - --gameserver-workers={{ .Values.kruiseGame.gameserverWorkers }} - - --gameserverset-workers={{ .Values.kruiseGame.gameserversetWorkers }} - - --scale-server-bind-address=:{{ .Values.scale.service.targetPort }} - {{- if .Values.prometheus.enabled }} - - --metrics-bind-address=:{{ .Values.prometheus.monitorService.port }} - {{- end }} - {{- if not .Values.certificates.autoGenerated }} - - --enable-cert-generation={{ .Values.certificates.autoGenerated }} - {{- end }} - image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" - imagePullPolicy: {{ .Values.image.pullPolicy }} - name: manager - env: - - name: "NETWORK_TOTAL_WAIT_TIME" - value: {{ .Values.network.totalWaitTime | quote }} - - name: "NETWORK_PROBE_INTERVAL_TIME" - value: {{ .Values.network.probeIntervalTime | quote }} - ports: - - name: https - containerPort: {{ .Values.prometheus.monitorService.port }} - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - "ALL" - livenessProbe: - httpGet: - path: /healthz - port: {{ .Values.kruiseGame.healthBindPort }} - initialDelaySeconds: 5 - periodSeconds: 5 - readinessProbe: - httpGet: - path: /readyz - port: {{ .Values.kruiseGame.healthBindPort }} - initialDelaySeconds: 5 - periodSeconds: 5 - # TODO(user): Configure the resources accordingly based on the project requirements. - # More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - resources: - {{- toYaml .Values.resources | nindent 12 }} - volumeMounts: - - mountPath: /etc/kruise-game - name: provider-config - - mountPath: {{ .Values.certificates.mountPath }} - name: certificates - serviceAccountName: {{ .Values.kruiseGame.fullname }} - terminationGracePeriodSeconds: 10 - volumes: - - configMap: - defaultMode: 420 - items: - - key: config.toml - path: config.toml - name: kruise-game-manager-config - name: provider-config - - name: certificates - secret: - defaultMode: 420 - secretName: {{ .Values.certificates.secretName}} - optional: {{ and .Values.certificates.autoGenerated ( not .Values.certificates.certManager.enabled ) }} diff --git a/versions/kruise-game/1.0.0/templates/prometheus-monitor.yaml b/versions/kruise-game/1.0.0/templates/prometheus-monitor.yaml deleted file mode 100644 index 1acc8b3..0000000 --- a/versions/kruise-game/1.0.0/templates/prometheus-monitor.yaml +++ /dev/null @@ -1,17 +0,0 @@ -{{- if .Values.prometheus.enabled }} -# Prometheus Monitor Service (Metrics) -apiVersion: monitoring.coreos.com/v1 -kind: ServiceMonitor -metadata: - labels: - control-plane: {{ .Values.kruiseGame.fullname }} - name: kruise-game-controller-manager-metrics-monitor - namespace: {{ .Values.installation.namespace }} -spec: - endpoints: - - path: /metrics - port: https - selector: - matchLabels: - control-plane: {{ .Values.kruiseGame.fullname }} -{{- end }} \ No newline at end of file diff --git a/versions/kruise-game/1.0.0/templates/rbac_role.yaml b/versions/kruise-game/1.0.0/templates/rbac_role.yaml deleted file mode 100644 index 5e30db5..0000000 --- a/versions/kruise-game/1.0.0/templates/rbac_role.yaml +++ /dev/null @@ -1,404 +0,0 @@ -apiVersion: v1 -kind: ServiceAccount -metadata: - name: {{ .Values.kruiseGame.fullname }} - namespace: {{ .Values.installation.namespace }} ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - name: kruise-game-leader-election-role - namespace: {{ .Values.installation.namespace }} -rules: - - apiGroups: - - "" - resources: - - configmaps - verbs: - - get - - list - - watch - - create - - update - - patch - - delete - - apiGroups: - - coordination.k8s.io - resources: - - leases - verbs: - - get - - list - - watch - - create - - update - - patch - - delete - - apiGroups: - - "" - resources: - - events - verbs: - - create - - patch ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - creationTimestamp: null - name: kruise-game-manager-role -rules: - - apiGroups: - - "" - resources: - - events - verbs: - - create - - patch - - apiGroups: - - admissionregistration.k8s.io - resources: - - mutatingwebhookconfigurations - verbs: - - create - - get - - list - - patch - - update - - watch - - apiGroups: - - admissionregistration.k8s.io - resources: - - validatingwebhookconfigurations - verbs: - - create - - get - - list - - patch - - update - - watch - - apiGroups: - - alibabacloud.com - resources: - - poddnats - verbs: - - get - - list - - watch - - apiGroups: - - alibabacloud.com - resources: - - poddnats/status - verbs: - - get - - apiGroups: - - alibabacloud.com - resources: - - podeips - verbs: - - get - - list - - watch - - apiGroups: - - alibabacloud.com - resources: - - podeips/status - verbs: - - get - - apiGroups: - - apiextensions.k8s.io - resources: - - customresourcedefinitions - verbs: - - get - - list - - patch - - update - - watch - - apiGroups: - - apps.kruise.io - resources: - - podprobemarkers - verbs: - - create - - delete - - get - - list - - patch - - update - - watch - - apiGroups: - - apps.kruise.io - resources: - - statefulsets - verbs: - - create - - delete - - get - - list - - patch - - update - - watch - - apiGroups: - - apps.kruise.io - resources: - - statefulsets/status - verbs: - - get - - patch - - update - - apiGroups: - - "" - resources: - - nodes - verbs: - - get - - list - - watch - - apiGroups: - - "" - resources: - - nodes/status - verbs: - - get - - apiGroups: - - "" - resources: - - persistentvolumeclaims - verbs: - - get - - list - - watch - - apiGroups: - - "" - resources: - - persistentvolumeclaims/status - verbs: - - get - - apiGroups: - - "" - resources: - - persistentvolumes - verbs: - - get - - list - - watch - - apiGroups: - - "" - resources: - - persistentvolumes/status - verbs: - - get - - apiGroups: - - "" - resources: - - pods - verbs: - - create - - delete - - get - - list - - patch - - update - - watch - - apiGroups: - - "" - resources: - - pods/status - verbs: - - get - - patch - - update - - apiGroups: - - "" - resources: - - services - verbs: - - create - - delete - - get - - list - - patch - - update - - watch - - apiGroups: - - "" - resources: - - services/status - verbs: - - get - - patch - - update - - apiGroups: - - elbv2.k8s.aws - resources: - - targetgroupbindings - verbs: - - create - - get - - list - - patch - - update - - watch - - apiGroups: - - elbv2.services.k8s.aws - resources: - - listeners - verbs: - - create - - get - - list - - patch - - update - - watch - - apiGroups: - - elbv2.services.k8s.aws - resources: - - targetgroups - verbs: - - create - - get - - list - - patch - - update - - watch - - apiGroups: - - game.kruise.io - resources: - - gameservers - verbs: - - create - - delete - - get - - list - - patch - - update - - watch - - apiGroups: - - game.kruise.io - resources: - - gameservers/finalizers - verbs: - - update - - apiGroups: - - game.kruise.io - resources: - - gameservers/status - verbs: - - get - - patch - - update - - apiGroups: - - game.kruise.io - resources: - - gameserversets - verbs: - - create - - delete - - get - - list - - patch - - update - - watch - - apiGroups: - - game.kruise.io - resources: - - gameserversets/finalizers - verbs: - - update - - apiGroups: - - game.kruise.io - resources: - - gameserversets/status - verbs: - - get - - patch - - update - - apiGroups: - - networking.k8s.io - resources: - - ingresses - verbs: - - create - - delete - - get - - list - - patch - - update - - watch - - apiGroups: - - networking.k8s.io - resources: - - ingresses/status - verbs: - - get - - patch - - update ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: kruise-game-metrics-reader -rules: - - nonResourceURLs: - - "/metrics" - verbs: - - get ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: kruise-game-proxy-role -rules: - - apiGroups: - - authentication.k8s.io - resources: - - tokenreviews - verbs: - - create - - apiGroups: - - authorization.k8s.io - resources: - - subjectaccessreviews - verbs: - - create ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: kruise-game-leader-election-rolebinding - namespace: {{ .Values.installation.namespace }} -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: kruise-game-leader-election-role -subjects: - - kind: ServiceAccount - name: {{ .Values.kruiseGame.fullname }} - namespace: {{ .Values.installation.namespace }} ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: kruise-game-manager-rolebinding -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: kruise-game-manager-role -subjects: - - kind: ServiceAccount - name: {{ .Values.kruiseGame.fullname }} - namespace: {{ .Values.installation.namespace }} ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: kruise-game-proxy-rolebinding -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: proxy-role -subjects: - - kind: ServiceAccount - name: {{ .Values.kruiseGame.fullname }} - namespace: {{ .Values.installation.namespace }} \ No newline at end of file diff --git a/versions/kruise-game/1.0.0/templates/scaler-service.yaml b/versions/kruise-game/1.0.0/templates/scaler-service.yaml deleted file mode 100644 index 3551606..0000000 --- a/versions/kruise-game/1.0.0/templates/scaler-service.yaml +++ /dev/null @@ -1,11 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: kruise-game-external-scaler - namespace: {{ .Values.installation.namespace }} -spec: - ports: - - port: {{ .Values.scale.service.port }} - targetPort: {{ .Values.scale.service.targetPort }} - selector: - control-plane: {{ .Values.kruiseGame.fullname }} \ No newline at end of file diff --git a/versions/kruise-game/1.0.0/templates/webhooks/mutatingconfiguration.yaml b/versions/kruise-game/1.0.0/templates/webhooks/mutatingconfiguration.yaml deleted file mode 100644 index cd5428b..0000000 --- a/versions/kruise-game/1.0.0/templates/webhooks/mutatingconfiguration.yaml +++ /dev/null @@ -1,44 +0,0 @@ -{{- if not .Values.certificates.autoGenerated }} -apiVersion: admissionregistration.k8s.io/v1 -kind: MutatingWebhookConfiguration -metadata: - annotations: - {{- if .Values.certificates.certManager.enabled }} - {{- if and (not .Values.certificates.certManager.generateCA) .Values.certificates.certManager.issuer.generate }} - cert-manager.io/inject-ca-from-secret: {{ .Values.installation.namespace }}/{{ .Values.certificates.certManager.caSecretName }} - {{- else }} - cert-manager.io/inject-ca-from: {{ .Values.installation.namespace }}/{{ .Values.kruiseGame.fullname }}-cert - {{- end }} - {{- end }} - labels: - app.kubernetes.io/name: {{ .Values.kruiseGame.fullname }} - name: kruise-game-mutating-webhook -webhooks: -- admissionReviewVersions: - - v1 - - v1beta1 - clientConfig: - service: - name: {{ .Values.kruiseGame.webhook.serviceName }} - namespace: {{ .Values.installation.namespace }} - path: /mutate-v1-pod - failurePolicy: {{ .Values.kruiseGame.webhook.failurePolicy }} - matchPolicy: Equivalent - name: mgameserverset.kb.io - rules: - - operations: - - CREATE - - UPDATE - - DELETE - apiGroups: - - "" - apiVersions: - - v1 - resources: - - pods - objectSelector: - matchExpressions: - - key: game.kruise.io/owner-gss - operator: Exists - sideEffects: None -{{- end }} \ No newline at end of file diff --git a/versions/kruise-game/1.0.0/templates/webhooks/service.yaml b/versions/kruise-game/1.0.0/templates/webhooks/service.yaml deleted file mode 100644 index 9a334f6..0000000 --- a/versions/kruise-game/1.0.0/templates/webhooks/service.yaml +++ /dev/null @@ -1,12 +0,0 @@ ---- -apiVersion: v1 -kind: Service -metadata: - name: {{ .Values.kruiseGame.webhook.serviceName }} - namespace: {{ .Values.installation.namespace }} -spec: - ports: - - port: {{ .Values.kruiseGame.webhook.port }} - targetPort: {{ .Values.kruiseGame.webhook.targetPort }} - selector: - control-plane: {{ .Values.kruiseGame.fullname }} \ No newline at end of file diff --git a/versions/kruise-game/1.0.0/templates/webhooks/validatingconfiguration.yaml b/versions/kruise-game/1.0.0/templates/webhooks/validatingconfiguration.yaml deleted file mode 100644 index ec42e37..0000000 --- a/versions/kruise-game/1.0.0/templates/webhooks/validatingconfiguration.yaml +++ /dev/null @@ -1,42 +0,0 @@ -{{- if not .Values.certificates.autoGenerated }} -apiVersion: admissionregistration.k8s.io/v1 -kind: ValidatingWebhookConfiguration -metadata: - annotations: - {{- if .Values.certificates.certManager.enabled }} - {{- if and (not .Values.certificates.certManager.generateCA) .Values.certificates.certManager.issuer.generate }} - cert-manager.io/inject-ca-from-secret: {{ .Values.installation.namespace }}/{{ .Values.certificates.certManager.caSecretName }} - {{- else }} - cert-manager.io/inject-ca-from: {{ .Values.installation.namespace }}/{{ .Values.kruiseGame.fullname }}-cert - {{- end }} - {{- end }} - labels: - app.kubernetes.io/name: {{ .Values.kruiseGame.fullname }} - name: kruise-game-validating-webhook -webhooks: -- admissionReviewVersions: - - v1 - - v1beta1 - clientConfig: - service: - name: {{ .Values.kruiseGame.webhook.serviceName }} - namespace: {{ .Values.installation.namespace }} - path: /validate-v1alpha1-gss - failurePolicy: {{ .Values.kruiseGame.webhook.failurePolicy }} - matchPolicy: Equivalent - name: vgameserverset.kb.io - namespaceSelector: {} - objectSelector: {} - rules: - - apiGroups: - - game.kruise.io - apiVersions: - - v1alpha1 - operations: - - CREATE - - UPDATE - resources: - - gameserversets - sideEffects: None - timeoutSeconds: 10 -{{- end }} \ No newline at end of file diff --git a/versions/kruise-game/1.0.0/values.yaml b/versions/kruise-game/1.0.0/values.yaml deleted file mode 100644 index 06a9ce9..0000000 --- a/versions/kruise-game/1.0.0/values.yaml +++ /dev/null @@ -1,93 +0,0 @@ -# Default values for kruise-game. -# This is a YAML-formatted file. -# Declare variables to be passed into your templates. - -# values for kruise-game installation -installation: - namespace: kruise-game-system - createNamespace: true - -kruiseGame: - fullname: kruise-game-controller-manager - healthBindPort: "8082" - webhook: - serviceName: kruise-game-webhook-service - port: 443 - targetPort: 9876 - failurePolicy: Fail - apiServerQps: 5 - apiServerQpsBurst: 10 - gameserverWorkers: 10 - gameserversetWorkers: 10 - -replicaCount: 1 - -image: - repository: openkruise/kruise-game-manager - tag: v1.0.0 - pullPolicy: Always - # Overrides the image tag whose default is the chart appVersion. - -serviceAccount: - # Annotations to add to the service account - annotations: {} - -service: - port: 8443 - -resources: - limits: - cpu: 500m - memory: 1024Mi - requests: - cpu: 10m - memory: 64Mi - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - # limits: - # cpu: 100m - # memory: 128Mi - # requests: - # cpu: 100m - # memory: 128Mi - -prometheus: - enabled: false - monitorService: - port: 8080 -scale: - service: - port: 6000 - targetPort: 6000 - -network: - totalWaitTime: 60 - probeIntervalTime: 5 - -cloudProvider: - installCRD: true - -indexOffsetScheduler: - enabled: false - -# Kubernetes cluster domain -clusterDomain: cluster.local - -certificates: - autoGenerated: false - secretName: kruise-game-certs - mountPath: /tmp/webhook-certs/ - certManager: - enabled: true - duration: 8760h0m0s # 1 year - renewBefore: 5840h0m0s # 8 months - generateCA: true - caSecretName: "kruise-game-ca" - # -- Reference to custom Issuer. If issuer.generate is false, then issuer.group, issuer.kind and issuer.name are required - issuer: - generate: true - name: kruise-ca - kind: ClusterIssuer - group: cert-manager.io \ No newline at end of file diff --git a/versions/kruise-game/next/templates/manager.yaml b/versions/kruise-game/next/templates/manager.yaml index 4a93781..9495145 100644 --- a/versions/kruise-game/next/templates/manager.yaml +++ b/versions/kruise-game/next/templates/manager.yaml @@ -59,13 +59,15 @@ spec: - --provider-config=/etc/kruise-game/config.toml - --api-server-qps={{ .Values.kruiseGame.apiServerQps }} - --api-server-qps-burst={{ .Values.kruiseGame.apiServerQpsBurst }} + - --gameserver-workers={{ .Values.kruiseGame.gameserverWorkers }} + - --gameserverset-workers={{ .Values.kruiseGame.gameserversetWorkers }} - --scale-server-bind-address=:{{ .Values.scale.service.targetPort }} - {{- if not .Values.certificates.autoGenerated }} - - --enable-cert-generation={{ .Values.certificates.autoGenerated }} - {{- end }} {{- if .Values.prometheus.enabled }} - --metrics-bind-address=:{{ .Values.prometheus.monitorService.port }} {{- end }} + {{- if not .Values.certificates.autoGenerated }} + - --enable-cert-generation={{ .Values.certificates.autoGenerated }} + {{- end }} image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" imagePullPolicy: {{ .Values.image.pullPolicy }} name: manager @@ -101,21 +103,10 @@ spec: volumeMounts: - mountPath: /etc/kruise-game name: provider-config - {{- if not .Values.certificates.autoGenerated}} + {{- if not .Values.certificates.autoGenerated }} - mountPath: {{ .Values.certificates.mountPath }} name: certificates {{- end }} - topologySpreadConstraints: - - labelSelector: - matchLabels: - control-plane: {{ .Values.kruiseGame.fullname }} -{{- if and ( eq (int .Capabilities.KubeVersion.Major) 1) ( gt (int .Capabilities.KubeVersion.Minor) 26 ) }} - matchLabelKeys: - - pod-template-hash -{{- end }} - maxSkew: 1 - topologyKey: topology.kubernetes.io/zone - whenUnsatisfiable: ScheduleAnyway serviceAccountName: {{ .Values.kruiseGame.fullname }} terminationGracePeriodSeconds: 10 volumes: @@ -132,4 +123,4 @@ spec: defaultMode: 420 secretName: {{ .Values.certificates.secretName}} optional: {{ and .Values.certificates.autoGenerated ( not .Values.certificates.certManager.enabled ) }} - {{- end }} + {{- end }} \ No newline at end of file diff --git a/versions/kruise-game/next/values.yaml b/versions/kruise-game/next/values.yaml index 9075842..35a5196 100644 --- a/versions/kruise-game/next/values.yaml +++ b/versions/kruise-game/next/values.yaml @@ -17,12 +17,14 @@ kruiseGame: failurePolicy: Fail apiServerQps: 5 apiServerQpsBurst: 10 + gameserverWorkers: 10 + gameserversetWorkers: 10 replicaCount: 1 image: repository: openkruise/kruise-game-manager - tag: v0.9.0 + tag: v1.0.0 pullPolicy: Always # Overrides the image tag whose default is the chart appVersion. @@ -30,9 +32,6 @@ serviceAccount: # Annotations to add to the service account annotations: {} -# Kubernetes cluster domain -clusterDomain: cluster.local - service: port: 8443 @@ -58,7 +57,6 @@ prometheus: enabled: false monitorService: port: 8080 - scale: service: port: 6000 @@ -70,7 +68,13 @@ network: cloudProvider: installCRD: true - + +indexOffsetScheduler: + enabled: false + +# Kubernetes cluster domain +clusterDomain: cluster.local + certificates: autoGenerated: true secretName: kruise-game-certs