rancher / rio

Application Deployment Engine for Kubernetes
https://rio.io
Apache License 2.0
2.27k stars 228 forks source link

Use helm chart to install rio #339

Open guri-s opened 5 years ago

guri-s commented 5 years ago

Hi,

I wanted to know whether if there is a helm chart available to install Rio? I got the yaml by using the command rio install --disable-features grafana,istio,kiali,letsencrypt,mixer,prometheus,rdns --yaml And then I created the helm chart as below:

Chart.yaml

appVersion: "1.0"
description: A Helm chart for Kubernetes
name: rio-install
version: 0.1.0

Values.yaml

# Default values for rio-install.
# This is a YAML-formatted file.
# Declare variables to be passed into your templates.

replicaCount: 1

image:
  repository: nginx
  tag: stable
  pullPolicy: IfNotPresent

nameOverride: ""
fullnameOverride: ""

service:
  type: ClusterIP
  port: 80

ingress:
  enabled: false
  annotations: {}

  path: /
  hosts:
    - chart-example.local
  tls: []

resources: {}

nodeSelector: {}

tolerations: []

affinity: {}

clusterrole.yaml

apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
  name: rio-cluster-admin
rules:
- apiGroups:
  - ""
  resources:
  - '*'
  verbs:
  - '*'
- nonResourceURLs:
  - '*'
  verbs:
  - '*'
- apiGroups:
  - extensions
  - apps
  resources:
  - deployments
  - daemonsets
  verbs:
  - '*'
- apiGroups:
  - autoscale.rio.cattle.io
  resources:
  - '*'
  verbs:
  - '*'
- apiGroups:
  - build.knative.dev
  - caching.internal.knative.dev
  resources:
  - '*'
  verbs:
  - '*'
- apiGroups:
  - certmanager.k8s.io
  resources:
  - '*'
  verbs:
  - '*'
- apiGroups:
  - extensions
  resources:
  - ingresses
  - ingresses/status
  verbs:
  - '*'
- apiGroups:
  - batch
  resources:
  - '*'
  verbs:
  - '*'
- apiGroups:
  - autoscaling
  resources:
  - '*'
  verbs:
  - '*'
- apiGroups:
  - rbac.authorization.k8s.io
  resources:
  - '*'
  verbs:
  - '*'
- apiGroups:
  - admin.rio.cattle.io
  resources:
  - '*'
  verbs:
  - '*'
- apiGroups:
  - rio.cattle.io
  resources:
  - '*'
  verbs:
  - '*'
- apiGroups:
  - gitwatcher.cattle.io
  resources:
  - '*'
  verbs:
  - '*'
- apiGroups:
  - apiextensions.k8s.io
  resources:
  - customresourcedefinitions
  verbs:
  - '*'
- apiGroups:
  - authentication.istio.io
  resources:
  - '*'
  verbs:
  - '*'
- apiGroups:
  - networking.istio.io
  resources:
  - '*'
  verbs:
  - '*'
- apiGroups:
  - admissionregistration.k8s.io
  resources:
  - validatingwebhookconfigurations
  verbs:
  - get
- apiGroups:
  - config.istio.io
  resources:
  - '*'
  verbs:
  - '*'
- apiGroups:
  - rbac.istio.io
  resources:
  - '*'
  verbs:
  - get
  - watch
  - list
- apiGroups:
  - autoscaling.internal.knative.dev
  resources:
  - '*'
  verbs:
  - '*'
- apiGroups:
  - serving.knative.dev
  - autoscaling.internal.knative.dev
  - networking.internal.knative.dev
  resources:
  - '*'
  - '*/status'
  - '*/finalizers'
  verbs:
  - get
  - list
  - create
  - update
  - delete
  - deletecollection
  - patch
  - watch
- apiGroups:
  - tekton.dev
  resources:
  - tasks
  - clustertasks
  - taskruns
  - pipelines
  - pipelineruns
  - pipelineresources
  verbs:
  - get
  - list
  - create
  - update
  - delete
  - patch
  - watch
- apiGroups:
  - tekton.dev
  resources:
  - taskruns/finalizers
  - pipelineruns/finalizers
  verbs:
  - get
  - list
  - create
  - update
  - delete
  - patch
  - watch
- apiGroups:
  - tekton.dev
  resources:
  - tasks/status
  - clustertasks/status
  - taskruns/status
  - pipelines/status
  - pipelineruns/status
  - pipelineresources/status
  verbs:
  - get
  - list
  - create
  - update
  - delete
  - patch
  - watch
- apiGroups:
  - policy
  resourceNames:
  - tekton-pipelines
  resources:
  - podsecuritypolicies
  verbs:
  - use

clusterrolebinding.yaml

apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  name: rio-controller-binding
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: rio-cluster-admin
subjects:
- kind: ServiceAccount
  name: rio-controller-serviceaccount
  namespace: rio-system

deployment.yaml

apiVersion: extensions/v1beta1
kind: Deployment
metadata:
  name: rio-controller
  namespace: rio-system
spec:
  selector:
    matchLabels:
      rio-controller: "true"
  template:
    metadata:
      labels:
        rio-controller: "true"
    spec:
      containers:
      - args:
        - rio-controller
        env:
        - name: RIO_NAMESPACE
          value: rio-system
        - name: RIO_DEBUG
          value: null
        - name: HTTPS_PORT
          value: "9443"
        - name: HTTP_PORT
          value: "9080"
        - name: USE_HOSTPORT
          value: "true"
        - name: IP_ADDRESSES
          value: 192.168.99.102
        - name: SERVICE_CIDR
          value: 10.96.0.1/16
        - name: DISABLE_FEATURES
          value: grafana,istio,kiali,letsencrypt,mixer,prometheus,rdns
        - name: HTTP_PROXY
          value: null
        image: rancher/rio-controller:v0.2.0-amd64
        imagePullPolicy: Always
        name: rio-controller
      serviceAccountName: rio-controller-serviceaccount

namespace.yaml

apiVersion: v1
kind: Namespace
metadata:
  name: rio-system

service.yaml

apiVersion: v1
kind: Service
metadata:
  name: {{ include "rio-install.fullname" . }}
  labels:
    app.kubernetes.io/name: {{ include "rio-install.name" . }}
    helm.sh/chart: {{ include "rio-install.chart" . }}
    app.kubernetes.io/instance: {{ .Release.Name }}
    app.kubernetes.io/managed-by: {{ .Release.Service }}
spec:
  type: {{ .Values.service.type }}
  ports:
    - port: {{ .Values.service.port }}
      targetPort: http
      protocol: TCP
      name: http
  selector:
    app.kubernetes.io/name: {{ include "rio-install.name" . }}
    app.kubernetes.io/instance: {{ .Release.Name }}

serviceaccount.yaml

apiVersion: v1
kind: ServiceAccount
metadata:
  name: rio-controller-serviceaccount
  namespace: rio-system

This does install Rio without grafana,istio,kiali,letsencrypt,mixer,prometheus,rdns and I can run services on top of it. But I wanted to check if this is a recommended way to install rio?

I have tested this on minikube only for test and wanted to check if there are any possible concerns if I use this on GKE for our workloads?.

Thanks

StrongMonkey commented 5 years ago

@guri-s We don't have an official helm chart release(will be in the future). But yes rio install --yaml is the intended way to install rio using kubernetes manifest.

davidnuzik commented 4 years ago

To standby for now (need UI) then needs testing then merge before Rancher 2.4.0