kuma/kong-mesh

Chart version: 0.2.2
Api version: v2
App version: 1.1.1
A Helm chart for Kong Mesh
application
Chart Type
Active
Status
Unknown
License
84
Downloads
https://kumahq.github.io/charts
Set me up:
helm repo add center https://repo.chartcenter.io
Install Chart:
helm install kong-mesh center/kuma/kong-mesh
Versions (0)

Kong Mesh

The Kong Mesh chart supports all the features and options provided by kumactl install control-plane. The chart supports Helm v3+.

License

Please verify that a secret named kong-mesh-license is created in the Kong Mesh Control plane namespace.

Example:

kubectl create namespace kong-mesh-system
kubectl create secret generic kong-mesh-license -n kong-mesh-system --from-file=/path/to/kong-mesh/license/license.json

Where kong-mesh-system is the namespace where Kong Mesh control plane is installed and /path/to/kong-mesh/license/license.json is the path to the license file. Note that the file name should be license.json unless otherwise specified in values.yaml.

Values

Parameter Description Default
kuma.global.image.registry Default registry for all Kuma images kong-docker-kuma-docker.bintray.io
kuma.global.image.tag Default tag for all Kuma images nil, defaults to Chart.AppVersion
kuma.patchSystemNamespace Patch the release namespace with the Kuma system label true
kuma.controlPlane.logLevel Kuma CP log level: one of off|info|debug info
kuma.controlPlane.mode Kuma CP modes: one of standalone|remote|global standalone
kuma.controlPlane.zone Kuma zone name nil
kuma.controlPlane.kdsGlobalAddress URL of Global Kuma CP
kuma.controlPlane.nodeSelector Node Selector for the Kuma Control Plane pods { kubernetes.io/os: linux, kubernetes.io/arch: amd64 }
kuma.controlPlane.replicas Number of replicas of the Kuma CP 1
kuma.controlPlane.injectorFailurePolicy Failure policy of the mutating webhook implemented by the Kuma Injector component Ignore
kuma.controlPlane.service.name Service name of the Kuma Control Plane nil
kuma.controlPlane.service.type Service type of the Kuma Control Plane ClusterIP
kuma.controlPlane.service.annotations Additional annotations to put on the Kuma Control Plane service {}
kuma.controlPlane.globalRemoteSyncService.name Service name of the Global-Remote Sync nil
kuma.controlPlane.globalRemoteSyncService.type Service type of the Global-Remote Sync LoadBalancer
kuma.controlPlane.globalRemoteSyncService.port Port on which Global-Remote Sync is exposed 5685
kuma.controlPlane.globalRemoteSyncService.annotations Additional annotations to put on the Global-Remote Sync service {}
kuma.controlPlane.defaults.skipMeshCreation Whether or not to skip creating the default Mesh true
kuma.controlPlane.resources The K8s resources spec for Kuma CP nil, differs based on mode
kuma.controlPlane.tls.general.secretName Secret that contains tls.crt, key.crt and ca.crt for protecting Kuma in-cluster communication nil, generated and self-signed
kuma.controlPlane.tls.general.caBundle Base64 encoded CA certificate (the same as in controlPlane.tls.general.secret#ca.crt) nil, generated and self-signed
kuma.controlPlane.tls.apiServer.secretName Secret that contains tls.crt, key.crt for protecting Kuma API on HTTPS nil, autoconfigured from tls.general.secret
kuma.controlPlane.tls.apiServer.clientCertsSecretName Secret that contains list of .pem certificates that can access admin endpoints of Kuma API on HTTPS nil
kuma.controlPlane.tls.kdsGlobalServer.secretName Secret that contains tls.crt, key.crt for protecting cross cluster communication nil, autoconfigured from tls.general.secret
kuma.controlPlane.tls.kdsRemoteClient.secretName Secret that contains ca.crt which was used to sign KDS Global server. Used for CP verification nil
kuma.controlPlane.image.pullPolicy Kuma CP ImagePullPolicy IfNotPresent
kuma.controlPlane.image.registry Kuma CP image registry nil, uses global
kuma.controlPlane.image.repository Kuma CP image repository kuma-cp
kuma.controlPlane.image.tag Kuma CP image tag nil, uses global
kuma.controlPlane.envVars Additional environment variables that will be passed to the control plane {}
kuma.controlPlane.config Config overrides for Kuma CP (YAML encoded as string)
kuma.cni.enabled Install Kuma with CNI instead of proxy init container false
kuma.cni.chained Install CNI in chained mode false
kuma.cni.netDir Set the CNI install directory /etc/cni/multus/net.d
kuma.cni.binDir Set the CNI binary directory /var/lib/cni/bin
kuma.cni.confName Set the CNI configuration name kuma-cni.conf
kuma.cni.logLevel CNI log level: one of off|info|debug info
kuma.cni.nodeSelector Node Selector for the CNI pods { kubernetes.io/os: linux, kubernetes.io/arch: amd64 }
kuma.cni.image.registry CNI image registry docker.io
kuma.cni.image.repository CNI image repository lobkovilya/install-cni
kuma.cni.image.tag The CNI image tag 0.0.2
kuma.dataPlane.image.registry The Kuma DP image registry nil, uses global
kuma.dataPlane.image.repository The Kuma DP image repository kuma-cp
kuma.dataPlane.image.tag The Kuma DP image tag nil, uses global
kuma.dataPlane.initImage.registry The Kuma DP init image registry nil, uses global
kuma.dataPlane.initImage.repository The Kuma DP init image repository kuma-init
kuma.dataPlane.initImage.tag The Kuma DP init image tag nil, uses global
kuma.ingress.enabled If true, it deploys Ingress for cross cluster communication false
kuma.ingress.replicas Number of replicas of the Ingress 1
kuma.ingress.drainTime Time for which old listener will still be active as draining 30s
kuma.ingress.service.name Service name of the Ingress nil
kuma.ingress.service.type Service type of the Ingress LoadBalancer
kuma.ingress.service.port Port on which Ingress is exposed 10001
kuma.ingress.service.annotations Additional annotations to put on the Ingress service {}
kuma.ingress.mesh Mesh to which Dataplane Ingress belongs to default

Custom Resource Definitions

All Kong Mesh CRDs are loaded via the crds directory. For more detailed information on CRDs and Helm, please refer to the Helm documentation.

Deleting

As part of Helm’s limitations, CRDs will not be deleted when the kong-mesh chart is deleted and must be deleted manually. When a CRD is deleted Kubernetes deletes all resources of that kind as well, so this should be done carefully.

To do this with kubectl on *nix platforms, run:

kubectl get crds | grep kuma.io | tr -s " " | cut -d " " -f1 | xargs kubectl delete crd

# or with jq
kubectl get crds -o json | jq '.items[].metadata.name | select(.|test(".*kuma\\.io"))' | xargs kubectl delete crd

Note to Chart developers

The charts are used internally in kumactl install, therefore the following rules apply when developing new chat features: * use make generate/kumactl/install/k8s/control-plane to sync the Helm Chart and kumactl install templates * all templates that start with pre- and post- are omitted when processing in kumactl install