feat: 更新 v3.5.0

charts/jumpserver/Chart.yaml

@@ -1,5 +1,5 @@
 apiVersion: v1
-appVersion: "v3.4.3"
+appVersion: "v3.5.0"
 description: A Helm chart for Deploying Jumpserver on Kubernetes
 engine: gotpl
 home: https://jumpserver.org
@@ -10,4 +10,4 @@ maintainers:
 sources:
 - https://github.com/jumpserver/
 name: jumpserver
-version: 3.4.3
+version: 3.5.0

charts/jumpserver/README.md

@@ -30,7 +30,7 @@ helm repo add jumpserver https://jumpserver.github.io/helm-charts
 | `nameOveride`             | name override      | `nil`       |
 | `fullNameOveride`         | full name override | `nil`       |
 | `global.imageRegistry`    | 仓库地址           | `docker.io` |
-| `global.imageTag`         | 版本号             | `v3.4.3  ` |
+| `global.imageTag`         | 版本号             | `v3.5.0  ` |
 | `global.imagePullSecrets` | 私有仓库认证凭据    | `nil`       |
 | `global.storageClass`     | 存储 sc            | `nil`       |
 | `ingress.enabled`         | 开启 ingress       | `true`      |
@@ -38,6 +38,8 @@ helm repo add jumpserver https://jumpserver.github.io/helm-charts
 | `koko.enabled`            | 开启 koko          | `true`      |
 | `lion.enabled`            | 开启 lion          | `true`      |
 | `magnus.enabled`          | 开启 magnus        | `true`      |
+| `chen.enabled`            | 开启 chen          | `true`      |
+| `kael.enabled`            | 开启 kael          | `true`      |
 | `web.enabled`             | 开启 web           | `true`      |
 | `xpack.enable`            | 开启 xpack         | `false`     |
 

charts/jumpserver/configs/jms-web/default.conf

@@ -1,7 +1,8 @@
 {{ $koko := printf "http://%s-%s:%s" (include "jumpserver.fullname" $) "jms-koko" ($.Values.koko.service.web.port | toString) }}
 {{ $lion := printf "http://%s-%s:%s" (include "jumpserver.fullname" $) "jms-lion" ($.Values.lion.service.web.port | toString) }}
 {{ $core := printf "http://%s-%s:%s" (include "jumpserver.fullname" $) "jms-core" ($.Values.core.service.web.port | toString) }}
-{{ $omnidb := printf "http://%s-%s:%s" (include "jumpserver.fullname" $) "jms-omnidb" ($.Values.omnidb.service.web.port | toString) }}
+{{ $chen := printf "http://%s-%s:%s" (include "jumpserver.fullname" $) "jms-chen" ($.Values.chen.service.web.port | toString) }}
+{{ $kael := printf "http://%s-%s:%s" (include "jumpserver.fullname" $) "jms-kael" ($.Values.kael.service.web.port | toString) }}
 server {
     listen {{ $.Values.web.service.web.port }};
     server_name  _;
@@ -59,9 +60,8 @@ server {
         proxy_read_timeout 600;
         send_timeout 6000;
     }
-    {{- if .Values.xpack.enabled }}
+    location /chen/ {
-    location /omnidb/ {
+        proxy_pass {{ $chen }};
-        proxy_pass {{ $omnidb }};
         proxy_buffering off;
         proxy_http_version 1.1;
         proxy_set_header Upgrade $http_upgrade;
@@ -69,8 +69,27 @@ server {
         proxy_set_header X-Real-IP $remote_addr;
         proxy_set_header Host $host;
         proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_ignore_client_abort on;
+        proxy_connect_timeout 600;
+        proxy_send_timeout 600;
+        proxy_read_timeout 600;
+        send_timeout 6000;
+    }
+    location /kael/ {
+        proxy_pass {{ $kael }};
+        proxy_buffering off;
+        proxy_http_version 1.1;
+        proxy_set_header Upgrade $http_upgrade;
+        proxy_set_header Connection $http_connection;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header Host $host;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_ignore_client_abort on;
+        proxy_connect_timeout 600;
+        proxy_send_timeout 600;
+        proxy_read_timeout 600;
+        send_timeout 6000;
     }
-    {{- end }}
     location /ws/ {
         proxy_pass {{ $core }};
         proxy_buffering off;

charts/jumpserver/templates/_helpers.tpl

@@ -145,11 +145,19 @@ Define JumpServer StorageClass.
 {{- end -}}
 {{- end -}}
 
-{{- define "jumpserver.omnidb.storageClass" -}}
+{{- define "jumpserver.chen.storageClass" -}}
 {{- if .Values.global.storageClass }}
 {{- .Values.global.storageClass }}
 {{- else -}}
-{{- .Values.omnidb.persistence.storageClassName -}}
+{{- .Values.chen.persistence.storageClassName -}}
+{{- end -}}
+{{- end -}}
+
+{{- define "jumpserver.kael.storageClass" -}}
+{{- if .Values.global.storageClass }}
+{{- .Values.global.storageClass }}
+{{- else -}}
+{{- .Values.kael.persistence.storageClassName -}}
 {{- end -}}
 {{- end -}}
 
@@ -161,6 +169,14 @@ Define JumpServer StorageClass.
 {{- end -}}
 {{- end -}}
 
+{{- define "jumpserver.xrdp.storageClass" -}}
+{{- if .Values.global.storageClass }}
+{{- .Values.global.storageClass }}
+{{- else -}}
+{{- .Values.xrdp.persistence.storageClassName -}}
+{{- end -}}
+{{- end -}}
+
 {{- define "jumpserver.video.storageClass" -}}
 {{- if .Values.global.storageClass }}
 {{- .Values.global.storageClass }}

charts/jumpserver/templates/_images.tpl

@@ -57,6 +57,20 @@ Return the proper JumpServer magnus image name
 {{- include "common.images.image" ( dict "imageRoot" .Values.magnus.image "global" .Values.global ) -}}
 {{- end -}}
 
+{{/*
+Return the proper JumpServer chen image name
+*/}}
+{{- define "jumpserver.chenImage" -}}
+{{- include "common.images.image" ( dict "imageRoot" .Values.chen.image "global" .Values.global ) -}}
+{{- end -}}
+
+{{/*
+Return the proper JumpServer kael image name
+*/}}
+{{- define "jumpserver.kaelImage" -}}
+{{- include "common.images.image" ( dict "imageRoot" .Values.kael.image "global" .Values.global ) -}}
+{{- end -}}
+
 {{/*
 Return the proper JumpServer razor image name
 */}}
@@ -65,10 +79,10 @@ Return the proper JumpServer razor image name
 {{- end -}}
 
 {{/*
-Return the proper JumpServer omnidb image name
+Return the proper JumpServer xrdp image name
 */}}
-{{- define "jumpserver.omnidbImage" -}}
+{{- define "jumpserver.xrdpImage" -}}
-{{- include "common.images.image" ( dict "imageRoot" .Values.omnidb.image "global" .Values.global ) -}}
+{{- include "common.images.image" ( dict "imageRoot" .Values.xrdp.image "global" .Values.global ) -}}
 {{- end -}}
 
 {{/*

charts/jumpserver/templates/celery/deployment-celery.yaml

@@ -105,11 +105,6 @@ spec:
               {{- if .persistence.subPath }}
               subPath: {{ .persistence.subPath | quote }}
               {{- end }}
-            - mountPath: "/opt/jumpserver/logs"
-              name: "jms-core-logs"
-              {{- if .persistence.subPath }}
-              subPath: {{ .persistence.subPath | quote }}
-              {{- end }}
           {{- with .volumeMounts }}
             {{- toYaml . | nindent 12 }}
           {{- end }}
@@ -125,9 +120,6 @@ spec:
             claimName: '{{ include "jumpserver.fullname" $ }}-jms-core-data'
             {{- end }}
           name: "jms-core-data"
-        - persistentVolumeClaim:
-            claimName: '{{ include "jumpserver.fullname" $ }}-jms-core-logs'
-          name: "jms-core-logs"
       {{- with .volumes }}
         {{- tpl (toYaml .) $ | nindent 8 }}
       {{- end }}

charts/jumpserver/templates/chen/deployment-chen.yaml

@@ -1,8 +1,8 @@
-{{- if .Values.xpack.enabled }}
+{{- if .Values.chen.enabled }}
-{{- with .Values.omnidb }}
+{{- with .Values.chen }}
-{{- $fullName := printf "%s-%s" (include "jumpserver.fullname" $) "jms-omnidb" }}
+{{- $fullName := printf "%s-%s" (include "jumpserver.fullname" $) "jms-chen" }}
-{{- $containerName := "jms-omnidb" }}
+{{- $containerName := "jms-chen" }}
-{{- $image := printf "%s" (include "jumpserver.omnidbImage" $) }}
+{{- $image := printf "%s" (include "jumpserver.chenImage" $) }}
 apiVersion: apps/v1
 kind: Deployment
 metadata:
@@ -65,8 +65,8 @@ spec:
           resources:
             {{- toYaml .resources | nindent 12 }}
           volumeMounts:
-            - mountPath: "/opt/omnidb/data"
+            - mountPath: "/opt/chen/data"
-              name: "jms-omnidb-data"
+              name: "jms-chen-data"
               {{- if .persistence.subPath }}
               subPath: {{ .persistence.subPath | quote }}
               {{- end }}
@@ -79,9 +79,9 @@ spec:
             {{- if .persistence.existingClaim }}
             claimName: {{ .persistence.existingClaim | quote }}
             {{- else }}
-            claimName: '{{ include "jumpserver.fullname" $ }}-jms-omnidb-data'
+            claimName: '{{ include "jumpserver.fullname" $ }}-jms-chen-data'
             {{- end }}
-          name: "jms-omnidb-data"
+          name: "jms-chen-data"
       {{- with .volumes }}
         {{- tpl (toYaml .) $ | nindent 8 }}
       {{- end }}

charts/jumpserver/templates/chen/pvc-chen-data.yaml

@@ -1,6 +1,6 @@
-{{- if and .Values.xpack.enabled (not .Values.omnidb.persistence.existingClaim)}}
+{{- if and .Values.xpack.enabled (not .Values.chen.persistence.existingClaim)}}
-{{- with .Values.omnidb }}
+{{- with .Values.chen }}
-{{- $fullName := printf "%s-%s" (include "jumpserver.fullname" $) "jms-omnidb-data" }}
+{{- $fullName := printf "%s-%s" (include "jumpserver.fullname" $) "jms-chen-data" }}
 apiVersion: v1
 kind: PersistentVolumeClaim
 metadata:
@@ -25,5 +25,5 @@ spec:
     requests:
       storage: {{ .persistence.size | quote }}
       {{- end }}
-  storageClassName: {{ include "jumpserver.omnidb.storageClass" . }}
+  storageClassName: {{ include "jumpserver.chen.storageClass" . }}
 {{- end }}

charts/jumpserver/templates/chen/service-chen.yaml

@@ -1,6 +1,6 @@
 {{- if .Values.xpack.enabled }}
-{{- with .Values.omnidb }}
+{{- with .Values.chen }}
-{{- $fullName := printf "%s-%s" (include "jumpserver.fullname" $) "jms-omnidb" }}
+{{- $fullName := printf "%s-%s" (include "jumpserver.fullname" $) "jms-chen" }}
 apiVersion: v1
 kind: Service
 metadata:

charts/jumpserver/templates/core/deployment-core.yaml

@@ -109,11 +109,6 @@ spec:
               {{- if .persistence.subPath }}
               subPath: {{ .persistence.subPath | quote }}
               {{- end }}
-            - mountPath: "/opt/jumpserver/logs"
-              name: "jms-core-logs"
-              {{- if .persistence.subPath }}
-              subPath: {{ .persistence.subPath | quote }}
-              {{- end }}
           {{- with .volumeMounts }}
             {{- toYaml . | nindent 12 }}
           {{- end }}
@@ -129,9 +124,6 @@ spec:
             claimName: '{{ include "jumpserver.fullname" $ }}-jms-core-data'
             {{- end }}
           name: "jms-core-data"
-        - persistentVolumeClaim:
-            claimName: '{{ include "jumpserver.fullname" $ }}-jms-core-logs'
-          name: "jms-core-logs"
       {{- with .volumes }}
         {{- tpl (toYaml .) $ | nindent 8 }}
       {{- end }}

charts/jumpserver/templates/kael/deployment-kael.yaml

@@ -0,0 +1,109 @@
+{{- if .Values.kael.enabled }}
+{{- with .Values.kael }}
+{{- $fullName := printf "%s-%s" (include "jumpserver.fullname" $) "jms-kael" }}
+{{- $containerName := "jms-kael" }}
+{{- $image := printf "%s" (include "jumpserver.kaelImage" $) }}
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ $fullName }}
+  labels:
+    {{- include "jumpserver.labels" $ | nindent 4 }}
+    {{- toYaml .labels | nindent 4 }}
+spec:
+  replicas: {{ .replicaCount }}
+  selector:
+    matchLabels:
+      app.kubernetes.io/name: {{ include "jumpserver.name" $ }}
+      app.kubernetes.io/instance: {{ $.Release.Name }}
+      {{- toYaml .labels | nindent 6 }}
+  template:
+    metadata:
+      labels:
+        app.kubernetes.io/name: {{ include "jumpserver.name" $ }}
+        app.kubernetes.io/instance: {{ $.Release.Name }}
+        {{- toYaml .labels | nindent 8 }}
+    spec:
+      {{- if $.Values.global.imagePullSecrets }}
+      imagePullSecrets:
+        {{ toYaml $.Values.global.imagePullSecrets }}
+      {{- end }}
+      serviceAccountName: {{ template "jumpserver.serviceAccountName" $ }}
+      securityContext:
+        {{- toYaml .podSecurityContext | nindent 8 }}
+      containers:
+        - name: {{ $containerName }}
+          securityContext:
+            {{- toYaml .securityContext | nindent 12 }}
+          image: {{ $image }}
+          imagePullPolicy: {{ .image.pullPolicy }}
+          {{- with .command }}
+          command:
+            {{- tpl (toYaml .) $ | nindent 12 }}
+          {{- end }}
+          ports:
+            - name: web
+              containerPort: {{ .service.web.port }}
+              protocol: TCP
+          env:
+            - name: CORE_HOST
+              value: "http://{{ include "jumpserver.fullname" $ }}-jms-core:{{ $.Values.core.service.web.port }}"
+            - name: BOOTSTRAP_TOKEN
+              value: {{ $.Values.core.config.bootstrapToken | quote }}
+            - name: LOG_LEVEL
+              value: {{ .config.log.level | quote }}
+            - name: HTTPD_PORT
+              value: {{ .service.web.port | quote }}
+            - name: SHARE_ROOM_TYPE
+              value: "redis"
+            - name: REDIS_HOST
+              value: {{ include "jumpserver.redis.host" $ | quote }}
+            - name: REDIS_PORT
+              value: {{ include "jumpserver.redis.port" $ | quote }}
+            - name: REDIS_PASSWORD
+              value: {{ include "jumpserver.redis.password" $ | quote }}
+            {{- range $key, $val := .env }}
+            - name: {{ $key }}
+              value: {{ $val | quote }}
+            {{- end }}
+          livenessProbe:
+            {{- toYaml .livenessProbe | nindent 12 }}
+          readinessProbe:
+            {{- toYaml .readinessProbe | nindent 12 }}
+          resources:
+            {{- toYaml .resources | nindent 12 }}
+          volumeMounts:
+            - mountPath: "/opt/kael/data"
+              name: "jms-kael-data"
+              {{- if .persistence.subPath }}
+              subPath: {{ .persistence.subPath | quote }}
+              {{- end }}
+          {{- with .volumeMounts }}
+            {{- toYaml . | nindent 12 }}
+          {{- end }}
+      restartPolicy: Always
+      volumes:
+        - persistentVolumeClaim:
+            {{- if .persistence.existingClaim }}
+            claimName: {{ .persistence.existingClaim | quote }}
+            {{- else }}
+            claimName: '{{ include "jumpserver.fullname" $ }}-jms-kael-data'
+            {{- end }}
+          name: "jms-kael-data"
+      {{- with .volumes }}
+        {{- tpl (toYaml .) $ | nindent 8 }}
+      {{- end }}
+      {{- with .nodeSelector }}
+      nodeSelector:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+    {{- with .affinity }}
+      affinity:
+        {{- toYaml . | nindent 8 }}
+    {{- end }}
+    {{- with .tolerations }}
+      tolerations:
+        {{- toYaml . | nindent 8 }}
+    {{- end }}
+{{- end }}
+{{- end }}

charts/jumpserver/templates/kael/pvc-kael-data.yaml

@@ -1,6 +1,6 @@
-{{- if .Values.core.enabled }}
+{{- if and .Values.kael.enabled (not .Values.kael.persistence.existingClaim)}}
-{{- with .Values.core }}
+{{- with .Values.kael }}
-{{- $fullName := printf "%s-%s" (include "jumpserver.fullname" $) "jms-core-logs" }}
+{{- $fullName := printf "%s-%s" (include "jumpserver.fullname" $) "jms-kael-data" }}
 apiVersion: v1
 kind: PersistentVolumeClaim
 metadata:
@@ -25,5 +25,5 @@ spec:
     requests:
       storage: {{ .persistence.size | quote }}
       {{- end }}
-  storageClassName: {{ include "jumpserver.core.storageClass" . }}
+  storageClassName: {{ include "jumpserver.kael.storageClass" . }}
 {{- end }}

charts/jumpserver/templates/kael/service-kael.yaml

@@ -0,0 +1,29 @@
+{{- if .Values.kael.enabled }}
+{{- with .Values.kael }}
+{{- $fullName := printf "%s-%s" (include "jumpserver.fullname" $) "jms-kael" }}
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ $fullName }}
+  labels:
+    {{- include "jumpserver.labels" $ | nindent 4 }}
+    {{- toYaml .labels | nindent 4 }}
+  annotations:
+    {{- toYaml .service.annotations | nindent 4 }}
+spec:
+  type: {{ .service.type }}
+  ports:
+    - port: {{ .service.web.port }}
+      targetPort: web
+      protocol: TCP
+      name: web
+  sessionAffinity: ClientIP
+  sessionAffinityConfig:
+    clientIP:
+      timeoutSeconds: 10800
+  selector:
+    app.kubernetes.io/name: {{ include "jumpserver.name" $ }}
+    app.kubernetes.io/instance: {{ $.Release.Name }}
+    {{- toYaml .labels | nindent 4 }}
+{{- end }}
+{{- end }}

charts/jumpserver/templates/xrdp/deployment-xrdp.yaml

@@ -0,0 +1,99 @@
+{{- if .Values.xpack.enabled }}
+{{- with .Values.xrdp }}
+{{- $fullName := printf "%s-%s" (include "jumpserver.fullname" $) "jms-xrdp" }}
+{{- $containerName := "jms-xrdp" }}
+{{- $image := printf "%s" (include "jumpserver.xrdpImage" $) }}
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ $fullName }}
+  labels:
+    {{- include "jumpserver.labels" $ | nindent 4 }}
+    {{- toYaml .labels | nindent 4 }}
+spec:
+  replicas: {{ .replicaCount }}
+  selector:
+    matchLabels:
+      app.kubernetes.io/name: {{ include "jumpserver.name" $ }}
+      app.kubernetes.io/instance: {{ $.Release.Name }}
+      {{- toYaml .labels | nindent 6 }}
+  template:
+    metadata:
+      labels:
+        app.kubernetes.io/name: {{ include "jumpserver.name" $ }}
+        app.kubernetes.io/instance: {{ $.Release.Name }}
+        {{- toYaml .labels | nindent 8 }}
+    spec:
+      {{- if $.Values.global.imagePullSecrets }}
+      imagePullSecrets:
+        {{ toYaml $.Values.global.imagePullSecrets }}
+      {{- end }}
+      serviceAccountName: {{ template "jumpserver.serviceAccountName" $ }}
+      securityContext:
+        {{- toYaml .podSecurityContext | nindent 8 }}
+      containers:
+        - name: {{ $containerName }}
+          securityContext:
+            {{- toYaml .securityContext | nindent 12 }}
+          image: {{ $image }}
+          imagePullPolicy: {{ .image.pullPolicy }}
+          {{- with .command }}
+          command:
+            {{- tpl (toYaml .) $ | nindent 12 }}
+          {{- end }}
+          env:
+            - name: CORE_HOST
+              value: "http://{{ include "jumpserver.fullname" $ }}-jms-core:{{ $.Values.core.service.web.port }}"
+            - name: BOOTSTRAP_TOKEN
+              value: {{ $.Values.core.config.bootstrapToken | quote }}
+            - name: LOG_LEVEL
+              value: {{ .config.log.level | quote }}
+            {{- range $key, $val := .env }}
+            - name: {{ $key }}
+              value: {{ $val | quote }}
+            {{- end }}
+          ports:
+            - name: rdp
+              containerPort: {{ .service.rdp.port }}
+              protocol: TCP
+          livenessProbe:
+            {{- toYaml .livenessProbe | nindent 12}}
+          readinessProbe:
+            {{- toYaml .readinessProbe | nindent 12}}
+          resources:
+            {{- toYaml .resources | nindent 12 }}
+          volumeMounts:
+            - mountPath: "/opt/xrdp/data"
+              name: "jms-xrdp-data"
+              {{- if .persistence.subPath }}
+              subPath: {{ .persistence.subPath | quote }}
+              {{- end }}
+          {{- with .volumeMounts }}
+            {{- toYaml . | nindent 12 }}
+          {{- end }}
+      restartPolicy: Always
+      volumes:
+        - persistentVolumeClaim:
+            {{- if .persistence.existingClaim }}
+            claimName: {{ .persistence.existingClaim | quote }}
+            {{- else }}
+            claimName: '{{ include "jumpserver.fullname" $ }}-jms-xrdp-data'
+            {{- end }}
+          name: "jms-xrdp-data"
+      {{- with .volumes }}
+        {{- tpl (toYaml .) $ | nindent 8 }}
+      {{- end }}
+      {{- with .nodeSelector }}
+      nodeSelector:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+    {{- with .affinity }}
+      affinity:
+        {{- toYaml . | nindent 8 }}
+    {{- end }}
+    {{- with .tolerations }}
+      tolerations:
+        {{- toYaml . | nindent 8 }}
+    {{- end }}
+{{- end }}
+{{- end }}

charts/jumpserver/templates/xrdp/pvc-xrdp-data.yaml

@@ -0,0 +1,29 @@
+{{- if and .Values.xpack.enabled (not .Values.xrdp.persistence.existingClaim)}}
+{{- with .Values.xrdp }}
+{{- $fullName := printf "%s-%s" (include "jumpserver.fullname" $) "jms-xrdp-data" }}
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: {{ $fullName }}
+  labels:
+    {{- include "jumpserver.labels" $ | nindent 4 }}
+    {{- toYaml .labels | nindent 4 }}
+  {{- with .persistence.annotations }}
+  annotations:
+{{ toYaml . | indent 4 }}
+  {{- end }}
+  {{- with .persistence.finalizers }}
+  finalizers:
+{{ toYaml . | indent 4 }}
+  {{- end }}
+spec:
+  accessModes:
+    {{- range .persistence.accessModes }}
+    - {{ . | quote }}
+    {{- end }}
+  resources:
+    requests:
+      storage: {{ .persistence.size | quote }}
+      {{- end }}
+  storageClassName: {{ include "jumpserver.xrdp.storageClass" . }}
+{{- end }}

charts/jumpserver/templates/xrdp/service-xrdp.yaml

@@ -0,0 +1,32 @@
+{{- if .Values.xpack.enabled }}
+{{- with .Values.xrdp }}
+{{- $fullName := printf "%s-%s" (include "jumpserver.fullname" $) "jms-xrdp" }}
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ $fullName }}
+  labels:
+    {{- include "jumpserver.labels" $ | nindent 4 }}
+    {{- toYaml .labels | nindent 4 }}
+  annotations:
+    {{- toYaml .service.annotations | nindent 4 }}
+spec:
+  type: {{ .service.type }}
+  ports:
+    - port: {{ .service.rdp.port }}
+      targetPort: rdp
+      {{- if eq .service.type "NodePort" }}
+      nodePort: {{ .service.rdp.port }}
+      {{- end }}
+      protocol: TCP
+      name: rdp
+  sessionAffinity: ClientIP
+  sessionAffinityConfig:
+    clientIP:
+      timeoutSeconds: 10800
+  selector:
+    app.kubernetes.io/name: {{ include "jumpserver.name" $ }}
+    app.kubernetes.io/instance: {{ $.Release.Name }}
+    {{- toYaml .labels | nindent 4 }}
+{{- end }}
+{{- end }}

charts/jumpserver/values.yaml

@@ -12,7 +12,7 @@ fullnameOverride: ""
 ##
 global:
   imageRegistry: "ghcr.io"
-  imageTag: v3.4.3
+  imageTag: v3.5.0
   ## E.g.
   #  imagePullSecrets:
   #  - myRegistryKeySecretName
@@ -85,7 +85,7 @@ core:
   image:
     registry: docker.io
     repository: jumpserver/core
-    tag: v3.4.3
+    tag: v3.5.0
     pullPolicy: IfNotPresent
 
   command: []
@@ -173,7 +173,7 @@ koko:
   image:
     registry: docker.io
     repository: jumpserver/koko
-    tag: v3.4.3
+    tag: v3.5.0
     pullPolicy: IfNotPresent
 
   command: []
@@ -265,7 +265,7 @@ lion:
   image:
     registry: docker.io
     repository: jumpserver/lion
-    tag: v3.4.3
+    tag: v3.5.0
     pullPolicy: IfNotPresent
 
   command: []
@@ -357,7 +357,7 @@ magnus:
   image:
     registry: docker.io
     repository: jumpserver/magnus
-    tag: v3.4.3
+    tag: v3.5.0
     pullPolicy: IfNotPresent
 
   command: []
@@ -432,12 +432,11 @@ magnus:
 
   affinity: {}
 
-xpack:
+chen:
-  enabled: false
+  enabled: true
 
-omnidb:
   labels:
-    app.jumpserver.org/name: jms-omnidb
+    app.jumpserver.org/name: jms-chen
 
   config:
     log:
@@ -446,9 +445,9 @@ omnidb:
   replicaCount: 1
 
   image:
-    registry: registry.fit2cloud.com
+    registry: docker.io
-    repository: jumpserver/omnidb
+    repository: jumpserver/chen
-    tag: v3.4.3
+    tag: v3.5.0
     pullPolicy: IfNotPresent
 
   command: []
@@ -515,6 +514,171 @@ omnidb:
 
   affinity: {}
 
+kael:
+  enabled: true
+  
+  labels:
+    app.jumpserver.org/name: jms-kael
+
+  config:
+    log:
+      level: ERROR
+
+  replicaCount: 1
+
+  image:
+    registry: docker.io
+    repository: jumpserver/kael
+    tag: v3.5.0
+    pullPolicy: IfNotPresent
+
+  command: []
+
+  env: []
+
+  livenessProbe:
+    failureThreshold: 30
+    tcpSocket:
+      port: web
+
+  readinessProbe:
+    failureThreshold: 30
+    tcpSocket:
+      port: web
+
+  podSecurityContext: {}
+    # fsGroup: 2000
+
+  securityContext: {}
+    # capabilities:
+    #   drop:
+    #   - ALL
+    # readOnlyRootFilesystem: true
+    # runAsNonRoot: true
+    # runAsUser: 1000
+
+  service:
+    type: ClusterIP
+    web:
+      port: 8083
+
+  resources: {}
+    # We usually recommend not to specify default resources and to leave this as a conscious
+    # choice for the user. This also increases chances charts run on environments with little
+    # resources, such as Minikube. If you do want to specify resources, uncomment the following
+    # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
+    # limits:
+    #   cpu: 100m
+    #   memory: 128Mi
+    # requests:
+    #   cpu: 100m
+    #   memory: 128Mi
+
+  persistence:
+    storageClassName: jumpserver-data
+    accessModes:
+      - ReadWriteMany
+    size: 10Gi
+    annotations:
+      "helm.sh/resource-policy": keep
+    finalizers:
+      - kubernetes.io/pvc-protection
+    # subPath: ""
+    # existingClaim: ""
+
+  volumeMounts: []
+
+  volumes: []
+
+  nodeSelector: {}
+
+  tolerations: []
+
+  affinity: {}
+
+xpack:
+  enabled: false
+
+xrdp:
+  labels:
+    app.jumpserver.org/name: jms-xrdp
+
+  config:
+    log:
+      level: ERROR
+
+  replicaCount: 1
+
+  image:
+    registry: registry.fit2cloud.com
+    repository: jumpserver/xrdp
+    tag: v3.5.0
+    pullPolicy: IfNotPresent
+
+  command: []
+
+  env: []
+
+  livenessProbe:
+    failureThreshold: 30
+    tcpSocket:
+      port: rdp
+
+  readinessProbe:
+    failureThreshold: 30
+    tcpSocket:
+      port: rdp
+
+  podSecurityContext: {}
+    # fsGroup: 2000
+
+  securityContext: {}
+    # capabilities:
+    #   drop:
+    #   - ALL
+    # readOnlyRootFilesystem: true
+    # runAsNonRoot: true
+    # runAsUser: 1000
+
+  service:
+    type: ClusterIP
+    rdp:
+      port: 3390
+
+  resources: {}
+    # We usually recommend not to specify default resources and to leave this as a conscious
+    # choice for the user. This also increases chances charts run on environments with little
+    # resources, such as Minikube. If you do want to specify resources, uncomment the following
+    # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
+    # limits:
+    #   cpu: 100m
+    #   memory: 128Mi
+    # requests:
+    #   cpu: 100m
+    #   memory: 128Mi
+
+  persistence:
+    storageClassName: jumpserver-data
+    accessModes:
+      - ReadWriteMany
+    size: 50Gi
+    annotations:
+      "helm.sh/resource-policy": keep
+    finalizers:
+      - kubernetes.io/pvc-protection
+    # subPath: ""
+    # existingClaim: ""
+
+  volumeMounts: []
+
+  volumes: []
+
+  nodeSelector: {}
+
+  tolerations: []
+
+  affinity: {}
+
 razor:
   labels:
     app.jumpserver.org/name: jms-razor
@@ -528,7 +692,7 @@ razor:
   image:
     registry: registry.fit2cloud.com
     repository: jumpserver/razor
-    tag: v3.4.3
+    tag: v3.5.0
     pullPolicy: IfNotPresent
 
   command: []
@@ -608,7 +772,7 @@ video:
   image:
     registry: registry.fit2cloud.com
     repository: jumpserver/video-worker
-    tag: v3.4.3
+    tag: v3.5.0
     pullPolicy: IfNotPresent
 
   command: []
@@ -689,7 +853,7 @@ web:
   image:
     registry: docker.io
     repository: jumpserver/web
-    tag: v3.4.3
+    tag: v3.5.0
     pullPolicy: IfNotPresent
 
   command: []